Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sony Smart Cards and International Evaluation 2 nd Common Criteria Conference London, UK 18-19 July 2001 i-Card System Solutions Division Broadband Network.

Similar presentations


Presentation on theme: "Sony Smart Cards and International Evaluation 2 nd Common Criteria Conference London, UK 18-19 July 2001 i-Card System Solutions Division Broadband Network."— Presentation transcript:

1 Sony Smart Cards and International Evaluation 2 nd Common Criteria Conference London, UK July 2001 i-Card System Solutions Division Broadband Network Center Sony Corporation

2 18-19 July 2001Copyright 2001 Sony Corporation2 Japanese Culture Historically, Japan is a single nation in a single land People are united The same people all around Feeling of safety Security is like the air, it is natural and free

3 18-19 July 2001Copyright 2001 Sony Corporation3 Change is in the air Increased number of foreigners, travelling abroad is a norm Communication constantly improves, Internet is omnipresent The borders between Japan and the world are disappearing Security is deteriorating

4 18-19 July 2001Copyright 2001 Sony Corporation4 e-Japan Recognition of the IT importance Target the vision for ideal IT society Establish priority policy areas Develop new nation-wide IT infrastructure Become one of the most developed IT nations in 2005

5 18-19 July 2001Copyright 2001 Sony Corporation5 IT strategy of Japan High-speed network infrastructure Competition policies Electronic commerce E-government Human Resources

6 18-19 July 2001Copyright 2001 Sony Corporation6 Information Security

7 18-19 July 2001Copyright 2001 Sony Corporation7 Japan’s security efforts adopted as JIS X Commercial Evaluation Facility and Certification Authority will be established has become one of requirements for the government procurement

8 18-19 July 2001Copyright 2001 Sony Corporation8 e-Commerce Security Technology Research Association (ECSEC) R&D related to products and services in the areas of e-Commerce and IT security Improve the technology level in the area ISO 15408: –Introduction courses –PP and ST development courses –Evaluation facility

9 18-19 July 2001Copyright 2001 Sony Corporation9 Collaboration with ECSEC ECSEC helped us to start the evaluation from scratch Introduction to the ISO Recommendations of evaluation facilities Provision of technical courses

10 18-19 July 2001Copyright 2001 Sony Corporation10 Sony philosophy The pioneering spirit of Sony Philosophy of caring for and protecting the customers Security policy for protecting the business and customer privacy Common Criteria as a way to implement the policy

11 18-19 July 2001Copyright 2001 Sony Corporation11 Current target The current certification effort targets: –to verify that CC provides what our security policy calls for –to confirm that our security measures are sufficient under CC –to be first to certify a contactless smart card –to prepare for the future market requirements

12 18-19 July 2001Copyright 2001 Sony Corporation12 FeliCa Contactless Smart Card Card Chip Antenna Control board Reader Writer Antenna Power Transmit 13.56MHz Base Band Data Communication R/W -> Card 10%ASK Manchester Coding Data Communication Card -> R/W Manchester Coding by Load Switching

13 18-19 July 2001Copyright 2001 Sony Corporation13 Major Features of FeliCa High system security Strong encryption algorithm Fully encrypted data communication High speed transactions with anti-tear Simultaneous multiple file access for high speed Multiple file transaction automatic rollback Flexible hierarchical file system management Separate access keys for different users of one service file Different authorization for different access level operations New service registration in the field by encapsulated package

14 18-19 July 2001Copyright 2001 Sony Corporation14 Progress Step-by-step approach to verify the suitability of the concept EAL 3 evaluation is finished EAL 4 evaluation is in progress now i-Card plans to evaluate all smart card products against ISO 15408

15 18-19 July 2001Copyright 2001 Sony Corporation15 Surprising things Result of hardware evaluation is not subject to the Recognition Agreement EAL 5-7 are not subject to CCRA either Although ISO is available, many companies still certify to ITSEC criteria

16 18-19 July 2001Copyright 2001 Sony Corporation16 What can be improved? Cost of the evaluation is very high Evaluation process is very long No support system for developers –tools, templates, courses, demos, examples More initiative from the CB and CLEF would be appreciated

17 18-19 July 2001Copyright 2001 Sony Corporation17 ISO standards relationship ISO 9000 ISO ISO Environment A common definition of the parts shared between the ISO standards is necessary to improve the reuse of evaluation and certification results

18 18-19 July 2001Copyright 2001 Sony Corporation18 Software vs. Hardware Product vs. Environment ISO is product- and software- oriented –SFR = Software Firewall Requirements? There is very little to relate to the hardware The requirements towards a secure environment are not sufficiently clear

19 18-19 July 2001Copyright 2001 Sony Corporation19 Acknowledgements CB and CLEF support us from the very beginning The consultation services we received from CLEF were most helpful The coaching attitude of CLEF, suggestions and recommendations are very useful

20 Thank you! For more information: i-Card Security Assurance FeliCa information on the Internet:


Download ppt "Sony Smart Cards and International Evaluation 2 nd Common Criteria Conference London, UK 18-19 July 2001 i-Card System Solutions Division Broadband Network."

Similar presentations


Ads by Google