Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Smart Card Platform Gaby Lenhart Project leader ETSI Technical Committee Smart Card Platform (TB SCP)

Similar presentations

Presentation on theme: "The Smart Card Platform Gaby Lenhart Project leader ETSI Technical Committee Smart Card Platform (TB SCP)"— Presentation transcript:

1 The Smart Card Platform Gaby Lenhart Project leader ETSI Technical Committee Smart Card Platform (TB SCP)

2 2 ETSI Technical Committee Smart Card Platform 16 Years of dedication and real-life experience founded in March 2000 as the successor of SMG9, the SIM-people, who specified the most successful smart card application with currently more than 1 billion subscribers and +2 billion SIMs deployed mission to create a series of specifications for a smart card platform, based on real-life (outside) requirements, on which other committees can base their system specific work to achieve basic compatibility

3 3 TC SCP Terms of Reference to develop the physical and the logical IC card platform to develop advanced security methods for applications such as financial transactions (mobile commerce) to develop a card-side toolkit to allow the creation of terminal independent value added services to develop supporting specifications and technical reports

4 4 TC SCP Working Structure* SCP Technical Group SCP Requirement GroupSCP Plenary *as of April 2006

5 5 TC SCP - Who Does What Plenary strategy and other general topics approval of requirements for technical solutions approval of new work items and specifications/reports approval of Change Requests (CRs) to specifications/reports liaisons with other committees and organizations Requirement Working Group analysis of requirements coming from outside and inside SCP elaboration of requirements for the technical work development of requirement specifications Technical Working Group enhancements to the core platform specifications development of the next generation UICC use of PKI, security between applications on the card secure messaging, administrative commands Card Application Toolkit (CAT) Application Programming Interfaces (APIs) development of card interfaces

6 6 From Mono-" to Multi-Application To provide interoperability in a multi-application environment a split was made in GSM (GERAN): SIM = physical card + GSM application (GSM 11.11) in 3G (UMTS/UTRAN): UICC*=physical card and physical, logical interface the multi-application platform USIM**=UMTS application on a UICC the application implementation * TS owned by TC SCP ** TS owned by 3GPP T3

7 7 The UICC System TETRA USIM SIM CDMA2000 GAIT *Scope similar to EMV2000 as used by financial sector TS The multi-application platform* Additional commands, features, security, PKI

8 8 From Mono-" to Multi-Application SIM SIM Application Toolkit (SAT) BankingLocationBrowser SIM- WIM The UICC - the multi-application platform separation of layers and applications logical channels to run applications in parallel The SIM - a "mono-application" card SIM according to GSM applications based on SIM Application Toolkit WIM as exception (own command set and triggered by WAP browser) UICC WIM Ticketing EMV USIM SIM Electronic Purse Phonebook (U)SAT GSM Purse

9 9 Multi-application card Supports multiple applications which can run simultaneously using logical channels New PIN protection concept Hierarchical PIN management Universal PIN, Application PIN, Local PIN Mutual authentication Authentication and Key Agreement (AKA) involves authentication of the 3G network to the USIM as well Powerful phonebook Store entries with , second name, groups Intelligent linking to the GSM application allows data sharing in a GSM phone New Features of the USIM/UICC USIM/UICC

10 10 Published (1) - The Platform TS Physical and logical characteristics of the card / terminal interface the core specification which provides a multi- application platform with logical channels for smart cards based on this platform a smart card application can be defined for any system specifies the lower layers of a smart card including the electrical and mechanical interface, the logical structure, the basic commands and the intrinsic security system Related test specification published as TS

11 11 Published (2) - Core Documents Administrative commands (TS ) allows standardized personalization and standardized remote administration, e.g. over-the-air (OTA) Card Application Toolkit (TS / 227) based on the successful GSM specification "SIM Application Toolkit" which was stripped of all the GSM specific features allows the card issuer to create value added services independent from the terminal application writers benefit by using CAT for different systems Transport protocol for CAT applications between a UICC application and a remote entity to ensure acknowledgement, segmentation/fragmentation, retransmission of messages ETSI numbering system for telecommunication application providers (TS ) the ETSI offering of managing Application Identifiers (AIDs) for UICC based applications

12 12 Published (3) - Derivatives Generalization of well-known GSM specifications (GSM Secure messaging; GSM Java Card TM API) Secure messaging defines end-to-end (smart card to application server) secure messaging over a variety of bearers (e.g. enciphered and integrity protected messages between the smart card and a banking server) TS Security mechanisms for UICC based Applications TS Secured packet structure for UICC based applications TS Remote APDU Structure for UICC based Applications Application Programming Interface (API) allows applications to be developed independently of the underlying card operating system TS Application Programming Interface and Loader, Requirements TS Java Card TM Application Programming Interface for the UICC; Stage 2 (Java Card TM 2.2)

13 13 Published (4) - EMC Technical Reports on interference topics Measurement of Electromagnetic Emission of SIM Cards (TR ) definition of a standard hardware equipment for electromagnetic measurements of smart cards and a common electromagnetic measurement procedure Terminal - card interface; Considerations on robustness improvements (TR ) describes failure mechanisms that could potentially generate major operating issues between the terminal and the card, the countermeasures that should be applied within the current specifications and the enhancements that may further increase the interface robustness

14 14 Published (5) - The Toolkit Transport Protocol CAT_TP provides the following functionality as underlying layer for application protocols (TS and TS ) reliability of the data communication (not necessarily security, security can be handled by an independent GSM layer) segmentation and concatenation of data retransmission of messages addressing for different physical bearers (GPRS uses IP, SMS uses telephone numbers, Bluetooth has its own addressing scheme...) access to BIP channels (up to 8 channels may be open the same time) possible multiplexing of BIP channels standardised opening a BIP channel from the server side

15 15 CAT_TP and BIP Server CAT_TP security layer application protocol * Mechanism originally specified by 3GPP T3 by which the ME provides the UICC with access to the data bearers supported by the ME and the network BIP *

16 16 How Small Is Small? 3 rd Form Factor (3FF) specification of a new smaller card size providing backward compatibility i.e. to utilize the same silicon / device for both the current plug-in and the new card size. The new card size may enable the use of devices currently not feasible for Plug-in cards. Reduce Plug-in Card from 15 x 25 mm to 15 x 16.3 mm (375 mm 2 to mm 2 ) 8 x 8 mm 12 x 13 mm

17 17 The New Mini UICC 12 mm x 15 mm The solution: IC Card Plug-in Card Mini Plug-in Card Too big

18 18 Co-operation SCP is co-operating on both technical and service aspects with a number of other committees both within and outside the telecommunications sector. These include 3GPP (UTRAN/GERAN), 3GPP2 (CDMA2000), ARIB and some ETSI Technical Bodies provision of requirements, referencing SCP specifications GSMAssociaton (GSMA SCaG and GSMNA) provision and alignment of requirements GlobalPlatform close co-operation in the advancement of, in particular, OTA specifications all specifications updated to and aligned with GlobalPlatform 2.1 Liberty Alliance close co-operation on identity issues Open Mobile Alliance (OMA) connectivity to the Smart Card Web Server, developed in OMA close co-operation regarding Digital Rights Management (DRM) … and many others

19 19 Current Topics (1) High speed interface evolution of the smart card communication channel with respect to transfer rate, size and protocol considering issues such as: performance and power consumption value to applications and scalability to allow for large memory on the USIM ease of implementation (in both terminal and UICC) candidates MMC (Multi Media Card protocol) USB (Universal Serial Bus) To be finalized soon UICC external peripherals data-exchange (near field communication providing an interface for the UICC to access contactless technology in the terminal, which would allow e.g. for: communicating patient data accessing public transport micro-payments using an electronic purse on the UICC

20 20 Current Topics (2) Support for Large Files on the UICC Multimedia and PKI applications among others need to exceed the current maximum file size of 65,535 bytes. The aim is to increase the maximum file size beyond this limit providing backward compatibility (for existing implementations) Environmental conditions temperature range and humidity vibration and acceleration shocks To be finalized soon Sensitive data creation and initialization The USSM (UICC Security Service Module) container for security related topics such as keys, certificates, PINs and management of algorithms utilized by UICC based applications

21 21 The Future - UICC ng The scope of the next generation Work Item includes: possible role of memory management units 32-bit processors and ASIC co-processors proof-carrying code new memory architectures multi-tasking operating systems embedded electrical sources alternative form factors (not restricted by backward compatibility) free-running oscillators on the chip integrated biometric sensors, universal byte codes, new chip carriers, and high-speed communication channels

22 22 Success =+ Equation of Success

23 23 How to Get More Information ETSI all (>12 000!) published specifications are available free of charge !! but, can only be downloaded one at a time … but, not so many smart card specifications, so no problem ! ETSI SCP website Next SCP Requirement WG / Plenary meeting Toulouse, / July 2006

24 24 Current Technical Specifications/Reports (1) TS ETSI numbering system for telecommunication application providers TS Transport protocol for CAT applications; Service description; Stage 1 TS Transport protocol for CAT applications; Stage TR Measurement of Electromagnetic Emission of SIM Cards TR Vocabulary for Smart Card Platform Specifications TS UICC-Terminal interface; Physical and logical characteristics TS Administrative commands for telecommunications applications TS Card Application Toolkit (CAT) Annex

25 25 Current Technical Specifications/Reports (2) TS Security mechanisms for UICC based Applications - Functional requirements TS Secured packet structure for UICC based applications TS Remote APDU Structure for UICC based Applications TS UICC-Terminal interface; Physical, electrical and logical test specification TS UICC Application Programming Interface and Loader Requirements; Service description TS Java CardTM Application Programming Interface for the UICC TR Terminal - card interface; Considerations on robustness improvements Annex

26 26 Current Technical Specifications/Reports (3) Annex TS USSM: UICC Security Service Module TS EAP Support in UICC TS Identity files and procedures on a UICC: Stage 1 TS Card Application Toolkit (CAT) conformance specification TS Smart Card Platform Requirements

Download ppt "The Smart Card Platform Gaby Lenhart Project leader ETSI Technical Committee Smart Card Platform (TB SCP)"

Similar presentations

Ads by Google