Smart Card Solutions Limited - Smart Solutions for Smart Cards


JavaCard
OS development
smartcard apps
financial
transport
ID and security
consultancy
home company solutions news
SCS Identity and Security

Domain Expertise
Chip Architectures
Security
Encryption
Code Optimisation
Security
JavaCard
Multos

 

ICAO

Smart Card Solutions has developed ICAO compliant LDS applets for the emerging e-Passport market along with the associated reader software required to access and display the data held by the applet. The ICAO components implement the following:

  • Full support for the ICAO Logical Data Structure (LDS) specification
  • Full support for the Basic Access Control (BAC)
  • Support for RSA PKI. The platform for the ICAO application was JCOP41 passport inlay. These components have been tested successfully with the ICAO Golden Reader and the Orchid and Silver Datasets. The reader component has been tested against a variety of live, issued passports (including UK and Australian).
 

Cardholder Database

Smart Card Solutions has implemented an ISO7816 compliant file based application that is designed to hold cardholder information. The Cardholder Database application provides the following:

  • Support for a flexible and efficient tag based mechanism for data access
  • The capability to add and delete data items
  • The facility to provide an index of the data items held by the application, together with display information
  • Enhanced privacy/security mechanisms – the cardholder can choose which items are visible and which can be read or updated, according to a hierarchy of access controls.

Smart Card Solution's Cardholder Database application provides the flexibility and security required for citizen cards, and can be configured to support the eURI initiative:

(http://www.cenorm.be/cenorm/businessdomains/businessdomains/isss/cwa/euri.asp).

PKI

Smart Card Solutions has developed two basic components required to support smart card based PKI initiatives – namely the on-card application, compliant with PKCS#15, and the Windows Cryptographic Service Provider (CSP). The PKI System provides the capability to secure transmissions, most usually via an email application or a browser, and to secure logon.

The on-card PKI application has the following attributes:

  • Compliance with PKCS#15
  • The ability to hold multiple keys (decided upon at compile time), each with an associated certificate)
  • The capability to support the secure load of keys and certificates as well as to perform on-card key generation and to delete keys
  • Support for private key operations – data signing and decryption
  • Cardholder authentication, via PIN, is required prior to any private key operation
  • Cryptographic commands are ISO7816-8 compliant; application personalization is via Global Platform. The CSP is responsible for providing the functionality supporting the CryptoAPI interface between PC-based applications and PKI functionality provided by the card application.

The CSP is responsible for providing the functionality supporting the CryptoAPI interface between PC-based applications and PKI functionality provided by the card application:

  • The CSP provides functionality for the full CryptoAPI interface, including the SSL extensions.
  • The CSP provides the dialogue for certificate navigation and cardholder authentication.
  • Where appropriate, the CSP complies with PKCS#15.

These components can be provided as off-the-shelf products, or can be tailored to individual customer's needs. Smart Card Solutions can also provide consultancy and support for integrating the components with the customer's current PKI systems.

 
 
Contact SCS now for a free and impartial discussion of your requirements