Open Platfom Security

Kekicheff, Marc; Kashef, Forough; Brewer, David

doi:10.1007/3-540-45165-X_8

Open Platfom Security

Marc Kekicheff⁶,
Forough Kashef⁶ &
David Brewer⁷

Conference paper
First Online: 01 January 2001

432 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2041))

Abstract

The Java CardTM2.1.1 Runtime Environment (JCRE) Specification [1] describes a secure virtualmachine environment for smart cards that facilitates the post-issuance loading and installation of applets, via an optional “Installer”. The Open Platform (OP) Card Specification [2] provides a robust specification for that installer. It identifies the oncard security features necessary to safeguard the various actors that are involved in a smart card system, including card issuers, application providers as well as cardholders.

Such is the nature of information security these days it is necessary to demonstrate the trustworthiness of the OP approach. The Common Criteria (ISO 15408:1999) [3] presents an obvious course of action. A “Protection Profile”, termed OP3 [4] has therefore been produced in order to ensure the benefit of Common Criteria evaluation of the OP installer, and by virtue of specifying the security requirements of the underlying operating system and integrated circuitry, of Java CardTMand the chipcard platform itself.

Evaluation will demonstrate that the OP security requirements are correctly implemented and cannot be bypassed, deactivated, corrupted or otherwise circumvented - at least to a given level of confidence (an EAL in Common Criteria terms). This is an amazingly useful first step. However, there are important off-card assets that the smart card does not protect. Common Criteria evaluation does nothing to mitigate the risks to those assets. A Common Criteria evaluation will make assumptions about the environment of the target of evaluation. Evaluation does nothing to validate those assumptions. The assumptions usually concern the compromise of security data held off-card. It therefore makes little sense to rely just on the CC evaluation of just the smart card in order to establish and maintain the security of the overall system. Other steps are necessary.

The paper describes what is being done to progress the Common Criteria evaluation of OP and what else is necessary to ensure confidence in the security of the overall system. Researches indicate that Common Criteria evaluation at a modest level of evaluation (e.g. EAL 4) together with an “Information Security Management System” (ISMS), as specified in BS 7799:1999 Part 2 [5] -particularly to address the off-card security issues- reduces the need for smart card evaluation at higher EALs.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Java Card TM2.1.1 Runtime Environment (JCRE) Specification, Sun Microsystems Inc, May18, 2000, http://www.java.sun.com/products/javacard
The Open Platform Specification, Version 2.0.1’ issued May 2000, http://www.globalplatform.org
The Common Criteria for Information Technology Security Evaluation Version 2.1, August 1999 (ISO 15408:1999)
Google Scholar
The Open Platform Protection Profile, Version 0.5.0.1 issued May 2000, http://www.visa.com/nt/suppliers/open/protectform.html
British Standard BS 7799:1999 “Information Security Management”
Google Scholar
The Smart Card Security User Group Smart Card Protection Profile, Draft Version 2.0, 1 May 2000, http://www.csrc.nist.gov/cc/sc/sclist.htm
Protection Profile 9806-Smartcard Integrated Circuit (revision of PP 9704-Smartcard Integrated Circuit), Protection Profile 9810-Smartcard Embedded Software, Protection Profile 9911-Smart Card Integrated Circuit with Embedded Software (supersedes PP9809-Smart Card Integrated Circuit with Embedded Software), Protection Profile PP0001-Smart Card IC with Multi-Application Secure Platform http://www.eurosmart.com and http://www.scssi.gouv.fr

Download references

Author information

Authors and Affiliations

Visa International Services Association, Post Office Box 8299, San Francisco, CA, 94128-8999
Marc Kekicheff & Forough Kashef
Gamma Secure Systems Limited Diamond House, 149 Frimley Rd Camberley, Surrey, GU15 2PS, UK
David Brewer

Authors

Marc Kekicheff
View author publications
You can also search for this author in PubMed Google Scholar
Forough Kashef
View author publications
You can also search for this author in PubMed Google Scholar
David Brewer
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

INRIA Sophia Antipolis, 06902, Sophia Antipolis, Cedex, France
Isabelle Attali
IRISA/CNRS, Campus de Beaulieu, 35042, Rennes, France
Thomas Jensen

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kekicheff, M., Kashef, F., Brewer, D. (2001). Open Platfom Security. In: Attali, I., Jensen, T. (eds) Java on Smart Cards:Programming and Security. JavaCard 2000. Lecture Notes in Computer Science, vol 2041. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45165-X_8

Download citation

DOI: https://doi.org/10.1007/3-540-45165-X_8
Published: 18 June 2001
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42167-2
Online ISBN: 978-3-540-45165-5
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics