14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Multifunctional Smartcards for Electronic Commerce - Application of the Role and Task Based Security Model

Kathrin Schier
University of Hamburg, Faculty of Informatics
Vogt-Koelln-Str. 30, D-22527 Hamburg
Phone: +49-40-5494-2224
Fax: +49-40-5494-2226
email: schier@informatik.uni-hamburg.de

Electronic commerce demands different security requirements for its many different applications. In the near future one smartcard may be used for many electronic commerce applications, such as payment systems, access to banking services and financial transactions over the Internet. A role and task based security model (R&T model) can ensure a secure access to many different services through an application based security framework. It can be used and implemented in a multifunctional smartcard in order to ensure both the users personal need for application based security and his right to informational self determination - as the fundamental right of privacy is defined in the German legal system. A successful application of the model can help the user navigate a secure way through the jungle of electronic commerce.