Multi-Application Smart cards

Memory
1. RAM
  1. 128b -3kb
2. EEPROM
  1. 4b-64kb
  2. 1000x slower than RAM to write to
  3. App Data & OS extensions
3. ROM
  1. 3kb - 128kb
  2. Smallest physical space required
Standards
1. ISO7816
  1. Part 1 - Physical Characteristics
  2. Part 2 - Dimonetions
  3. Part 3 - Electronic Signals / Transmission
  4. Part 4 -Commands for interchage
    1. Application Protocol Data Units (APDUs)
      1. Smart Card APDU Handler
before multi application
1. Various smart card operating systems (SCOS)
  1. Gemplus
    1. MCOS
    2. MPCOS
  2. OSCAR
  3. programmed lots of different langs
  4. apps had to be installed in advance
  5. designed for specific sprocessors
  6. functions embedded in the SCOS
  7. Monolithic
    1. close coupling of apps and OS
seperation of OS and Applications
1. EEPROM
  1. Applications
2. Rom
  1. OS
platforms
1. MULTOS
  1. SCOS
  2. I/O
  3. Cyrpto
  4. File Management
  5. App Load/Delete
  6. write standard lang
    1. C Code
    2. Java
    3. VB
    4. OUTPUT: MEL compiler
      1. Optimizer/Linker
        Off card loader
  7. Certification of Apps
2. Global Platform
  1. Developed by VISA
  2. Runtime Environment (RTE)
    1. Virtual Machine (VM)
    2. Developer API
    3. SCOS
  3. Card Manager
    1. Federating access control to the card
    2. Registery
      1. card state
      2. command dispatching
      3. instalation/removing apps
      4. security manaagement
    3. managing security domains
      1. asign some privileges to apps
      2. crypto for apps
    4. PIN management
    5. Event Logging
  4. card issuer responsibilities
    1. Load Card Manager keys
    2. set policies for card life cycle
    3. authorize load files
  5. Security Domains
    1. Issuer Security Domain
      1. Rep issuer
    2. Supplementary Security Domains
      1. Rep Apps
    3. Controlling Authority Security Domain
      1. applying policy
3. Javacard
  1. Java Card API
    1. objects
    2. byte and short types
    3. boolean
    4. single d arrays
  2. Portability
  3. security architecture
    1. Applet sandbox
    2. no pointer use
  4. subset of java language
  5. subset JVM
  6. subset API
  7. API V.10
    1. 1996
    2. 12kb, 4kb EEPROM, 512b ram
    3. uni-dimensional arrays
    4. operators
    5. boolean
    6. bytes and short types
  8. API V2
    1. 1997
    2. introduced crypto
    3. Portability and interop was a issue
    4. class file conversion was vendor specific
    5. 4 main packages
      1. javacard.framework
      2. javacardx.framework
        ISO7816-4 compatible file system
      3. javacardx.crypto
  9. API V2.1
    1. 1999
    2. new applet firewall and restrictive
    3. Interoperable/re sueable
    4. better error handling (exception hierarchy)
    5. supported
      1. packages
      2. virtual methords
      3. objectives
      4. arrays
    6. unsupported
      1. no intergers
      2. no char or string
      3. no dynamic class loading
      4. no garbage collection
  10. Remote Method Invocation (RMI)
    1. Client Application proxied to reader driver
    2. no need for APDU
  11. lifetimes
    1. java card starts at ROM burn in
    2. JCVM Forever
    3. applets start when installed and registered in the registry table
  12. JCVM
    1. Enforces Security Policy
  13. has gone up to EAL5+
    1. PP already set
  14. java code -> std compiler - > class file (byte code) -> coverter tool -> java card byte code - > off card installer
    1. on card installer - > JCVM
  15. dyanamic (apps installed after card issue)
4. windows for smart card
  1. SCOS
  2. .NET Cards
    1. Sits on top of SCOS
5. sits on top of OS
6. liencing costs
  1. java card has significant costs
smart cards types
1. Contact smart card
2. contactless smart card
All Communication Through APDU messages

Nächster

Multi-Application Smart cards

Beschreibung

Zusammenfassung der Ressource

ähnlicher Inhalt

	Erstellt von MattSmith129 vor mehr als 9 Jahre