Breaking Up Is Hard to Do: Modeling Security Threats for Smart Cards
USENIX Workshop on Smart Card Technology, USENIX Press, 1999, pp. 175-185.
ABSTRACT: Smart card systems differ from conventional computer systems in that different aspects of the system are not under a single trust boundary. The processor, I/O, data, programs, and network may be controlled by different, and hostile, parties. We discuss the security ramifications of these “splits” in trust, showing that they are fundamental to a proper understanding of the security of systems that include smart cards.
Categories: Smart Cards