Abstract
This paper presents an open and modular middleware for smart cards, interoperable across multiple card devices, and portable across various open platforms. The architectural design is centred around the definition of a smart card API that allows protected access to the storage and cryptographic facilities of a smart card. The proposed API allows partitioning of a smart card driver architecture into a lower card-dependent level, that formats and exchanges APDUs with the external device, and a higher card-independent level, that uses the API for implementing more sophisticated interfaces. The proposed architecture, along with a set of pilot applications such as secure remote shell, secure web services, local login and digital signature, has been developed and tested on various platforms, proving effectiveness of the new approach.
This work has been partially supported by the European Commission within the IST project 2001-34820 ARTIST, and by the MIUR within the 2002 I4002 PA Project.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
RSA Laboratories: PKCS-11 version 2.1.1 Final Draft: Cryptographic Token Interface Standard (2001)
PCSC Workgroup: Interoperability Specification for ICCs and Personal Computer Systems (1997)
International Standard Organization: ISO/IEC 7816-4/7/8/9: Information technology - Identification cards - Integrated circuit(s) cards with contacts - Parts 4, 7, 8, 9 (1995)
GSA: Government Smart Card Interoperability Specification: Contract Modification (2000)
International Standard Organization: ISO/IEC 7816-3: Information technology - Identification cards - Integrated circuit(s) cards with contacts - Part 3 (1989)
Kirch, O.: OpenSC - smart cards on linux. In: Proc. of the 10th International Linux System Technology Conference, Saarbruecken, Germany (2003)
RSA Laboratories: PKCS-15: A Cryptographic Token Information Format Standard (1999)
Center for Information Technology Integration (CITI), University of Michigan: Sectok library and applications (2001)
OpenCard Consortium: OpenCard Framework General Information Web Document. second edn. (1998)
TrustCenter: gpkcs11 - GNU PKCS#11 implementation (2000)
The Open Group: Common Security: CDSA and CSSM, Version 2.3 (2000)
Cucinotta, T., Natale, M.D., Corcoran, D.: A protocol for programmable smart cards. In: Proc. of DEXA 2003, Prague, Czech Republic (2003)
Samar, V., Schemers, R.: Request for comments 86.0: Unified login with pluggable authentication modules (PAM) (1995)
Corcoran, D., Cucinotta, T.: MUSCLE Card API, version 1.3.0 (2001)
Brigo, R.: Protecting smart card access by on-board biometrics verification. Computer Engineering Thesis. University of Pisa (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cucinotta, T., Di Natale, M., Corcoran, D. (2004). Breaking Down Architectural Gaps in Smart-Card Middleware Design. In: Katsikas, S., Lopez, J., Pernul, G. (eds) Trust and Privacy in Digital Business. TrustBus 2004. Lecture Notes in Computer Science, vol 3184. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30079-3_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-30079-3_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22919-3
Online ISBN: 978-3-540-30079-3
eBook Packages: Springer Book Archive