Asad Ali, Karen Lu, Mehdi Asnaashari, and Phong Manh
Secure USB token, Smart card, Secure browser, MITM
While smart cards and other tamper resistant modules have been used in a wide range of security services in controlled environments, their adoption in the uncontrolled consumer market has so far been relatively less successful. This is partly due to the dependence of smart card solutions on external reader hardware, their proprietary communication protocol, and their limited storage capacity; and partly due to consumers’ reluctance to carry a separate hardware token for each of their security needs. This paper presents a solution to this “token fatigue” through a unique hardware and software architecture that addresses both mass storage data protection and online browsing needs. It combines the copious storage capacity of USB mass storage tokens with the proven security features of smart cards without requiring any smart card specific infrastructure. The resulting USB composite token can be used as a secure flexible platform to build multiple advanced security applications that reside on a single token.
Important Links:
Go Back
