Radio Frequency Identification (RFID) is used in many daily applications.
Easily handled, the technology offers a popular alternative to traditional
communication channels. From simple access-control mechanisms to complex
data storages, it can be used to realize many different applications.
Near Field Communication (NFC), a technology for the fast and simple
exchange of small data, opens new perspectives concerning application development
on mobile devices like cell phones. Because of the communication
over insecure channels suitable safety precautions must be established. This
relates both to the integrity and authenticity of the transmitted data. Suitable
authorization mechanisms are needed to prevent unauthorized queries.
Most of the communication protocols do not meet these requirements,
therefore applications must be developed to achieve this.
This diploma thesis shows how NFC terminal equipment can be used
for admission controls. As a demonstration, a ticketing system based on the
Hypertext Transfer Protocol (HTTP) has been realized. It shows the direct
communication between a local web browser and NFC terminal equipment.
Created by web services, a local application obtains a ticket over a secured
channel. Using NFC they can be placed into a secure storage of the cell
phone and used for authentication.
The main focus of this document is the realization of a controlled
procedure in order to fit the security requirements of secure token exchange
in a Public Key Infrastructure (PKI).