Risk analysis of over-the-air transactions in an NFC ecosystem

Proceedings - 2009 1st International Workshop on Near Field Communication, NFC 2009

Volumn , Issue , 2009, Pages 87-92

  Madlmayr, Gerald ^a   Langer, Josef ^a   Kantner, Christian ^b   Scharinger, Josef ^c   Schaumüller Bichl, Ingrid ^d  

^a FH OOe   (Austria)

^b E Commerce and NFC   (Austria)

^c JOHANNES KEPLER UNIVERSITY LINZ   (Austria)

^d Secure Information Systems (SEC)   (Austria)

Author keywords

[No Author keywords available]

Indexed keywords

APPLETS; CREDIT CARDS; NEAR FIELD COMMUNICATIONS; PROTECTION PROFILE; SECURITY POINT; SECURITY STANDARDS; SERVICE MANAGERS; SMART-CARD APPLICATION;

MANAGERS; RISK ASSESSMENT; SAFETY FACTOR; SMART CARDS;

RISK ANALYSIS;

EID: 70449373265     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/NFC.2009.17     Document Type: Conference Paper

References (16)

1. G. Madlmayr, J. Langer, and J. Scharinger, "Managing an nfc ecosystem," in Proceedings of the 7th Conference on Management of mobile Business, ESADE Business School. IEEE Computer Society, 07 2008.
2. G. Madlmayr, J. Ecker, J. Langer, and J. Scharinger, "Sichere Infrastruktur zur Fernverwaltung von Smartcard-Chips in einem NFC-Ökosystem," in Proceedings of DACH Security, TU Berlin. Deutsche Gesellschaft für Informatik, Fachgruppe für Sicherheit, 06 2008.
3. H. Malleck, "It-sicherheitsexpertine ingrid schaumüller-bichl, " OCG Journal, vol. 02, pp. 18 - 19, 2008.
4. S. Tjoa, S. Jakoubi, and G. Quirchmayr, "Enhacning business impact analysis and risk assessment applying a risk-aware business process model and simulation methodology," in Proceedings of the 3rd International Conference on Availability, Reliability and Security, S. Jakoubi, S. Tjoa, and E. R. Weippl, Eds., vol. 03, DEXA Society. IEEE Computer Society, 03 2008, p. 6.
5. Common Criteria Protection Profile Mobile Synchronisation Services (MSS PP), Bundesamt für Sicherheit in der Informationstechnik (BSI), Godesberger Allee 185-189 D-53175 Bonn, Germany.
6. Security IC Platform Protection Profile, 1st ed., Atmel, Infineon Technologies AG, NXP Semiconductors, Renesas Technology Europe Ltd. and STMicroelectronics, June 2007.
7. Baroc & FIsc, Smart Card Protection Profile, 1st ed., April 2007.
8. Österreichisches Informationssicherheitshandbuch, Österreichische Computer Gesellschaft, April 2007, version 2.3.
9. H. Krcmar, Informationsmanagement, 4th ed. Springer Berlin, 2007.
10. A. Gowdiak, "Java 2 micro edition (j2me) security vulnerabilities," in Proceedings of the Hack in the Box Security Conference, 2004.
11. G. Madlmayr, J. Langer, C. Schaffer, and J. Scharinger, "Nfc devices: Security and privacy," in Proceedings of the 3rd International Conference on Availability, Reliability and Security, S. Jakoubi, S. Tjoa, and E. R. Weippl, Eds., vol. 03, DEXA Society. IEEE Computer Society, 03 2008, p. 6.
12. Österreichische Nationalbank, "Report: 2,4 Mio. Kreditkarten in Österreich im Umlauf," URL, http://www.oenb.at/, September 2008.
13. Internet Security Threat Report, 13rd ed., Symantec, April 2008.
14. G. Madlmayr, "A mobile trusted computing architecture for a near field communication ecosystem," in Proceedings for the 6th International Conference on Advances in Mobile Computing and Multimedia. ACM, 2008.
15. Application of Attack Potential to Smartcards, 2nd ed., Joint Interpretation Library, April 2006.
16. J. Meier, A. Mackman, M. Dunner, S. Vasireddy, R. Escamilla, and A. Murukan, "Improving web application security: Threats and countermeasures," URL, http://msdn.microsoft.com/enus/library/ms994921. aspx, June 2003.