Mobile Computing, Applications, and Services. 5th International Conference, MobiCASE 2013, Paris, France, November 7-8, 2013, Revised Selected Papers

Research Article

Securing NFC Mobile Services with Cloud of Secure Elements (CoSE)

Download48 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-05452-0_30,
        author={Pascal Urien and Selwyn Piramuthu},
        title={Securing NFC Mobile Services with Cloud of Secure Elements (CoSE)},
        proceedings={Mobile Computing, Applications, and Services. 5th International Conference, MobiCASE 2013, Paris, France, November 7-8, 2013, Revised Selected Papers},
        proceedings_a={MOBICASE},
        year={2014},
        month={6},
        keywords={Cloud of Secure Elements Secure Element NFC Security Mobile Services},
        doi={10.1007/978-3-319-05452-0_30}
    }
    
  • Pascal Urien
    Selwyn Piramuthu
    Year: 2014
    Securing NFC Mobile Services with Cloud of Secure Elements (CoSE)
    MOBICASE
    Springer
    DOI: 10.1007/978-3-319-05452-0_30
Pascal Urien1,*, Selwyn Piramuthu2,*
  • 1: Telecom ParisTech, UMR 5141
  • 2: University of Florida
*Contact email: pascal.urien@telecom-paristech.fr, selwyn@ufl.edu

Abstract

The availability of NFC smartphones has facilitated the development of a large number of related applications. Some of these NFC applications necessitate communication with other systems, which may not necessarily be secure, through communication channels and mechanisms that may be open to vulnerabilities. Security is therefore paramount to the success of these NFC mobile services. While Peer-to-Peer (P2P) communication mode is common in mobile NFC applications, it is vulnerable to security-related issues that arise from the use of untrusted devices for storage and to process applications. We propose the concept of a Cloud of Secure Elements (CoSE) where the secure services are hosted by servers rather than by smartphone Secure Elements. We discuss the use of CoSE for mobile payments. We also illustrate how an NFC smartphone may be efficiently used as a bridge between an NFC reader and an Internet server of secure microcontroller that hosts EMV applications.