Internet card, a smart card as a true Internet node
Introduction
Since 1998, Bull CP8 has worked on a smart card specifically dedicated to the Internet network [20]. The basic idea is to consider this smart card as a network computer, which is able to share the resources of the terminal to which it is connected (keyboard-screen-mouse-navigator-Internet access). Our goal is to transform a smart card into a true node of the Internet network; a smart card implements applications of the Internet world (http, electronic mail). In short, a smart card is a web server, it can be accessed from a web browser, and is able to manage several TCP connections (as a client or a server), for example the smart card will work like a trusted proxy.
A first generation (Java) Internet smart card has been developed. Our objective is to integrate these cards into the Internet community and to improve the security (authentication, integrity, privacy, and non-repudiation) required by the new services that appear in Internet networks, especially for nomad users.
We enter in the era of the ubiquitous computing. This means that more and more objects integrate a microprocessor, and have the capacity to be connected to the Internet (according to Frost and Sullivan 40% of the devices connected to Internet in 2001 will not be personal computers). A user (sometimes a mobile one) will use several types of terminals connected to the Internet: a mobile phone — the GPRS network will enable access to the Internet from GSM mobile equipment in Europe in early 2000; a game console; a TV set associated to a set top box; an organizer; a laptop.
In this context, the Internet card is used to authenticate a (mobile) user at an anonymous terminal. If necessary it manages the configuration of this terminal, which is required for the setting of a particular service. This technology constitutes a revolution of the ergonomics of the smart card and of its use through the Internet network.
Section snippets
Classical smart card
A smart card (SPOM-Self-Programmable One-chip Microcomputer) is a tamper-resistant device and was invented, at the end of the seventies by Michel Ugon [8]. The French group of bankcards CB (Carte Bancaire) was created in 1985 and has allowed the diffusion of 24 million devices (banking card [12]). Nowadays, smart cards are used as an electronic purse, in transport applications (contactless card [2]); in mobile phones (SIM card [3], [4]); in the field of Health (French Vital Card); and for
Using the classical smart card in a network
The traditional vision of the card can be seen in network applications, maybe because these devices are not specifically designed for such an environment [17], [18]. As an example, a card is introduced in the security architecture working with SSL [16], thanks to software modifications (DLLs.) in the host system (including a web browser), and also in the server. The card knows nothing about network protocols, on the host side a specific piece of software plays with the card in order to
Smart card for networks
The fat client model does not meet the requirements needed by network applications, in which a mobile customer uses several terminals (laptop, mobile phone, Internet kiosk.) to access the Internet. For example, it seems obvious that an electronic subscription to a newspaper can be used at the home, office, hotel or from a mobile phone.
Our new approach to the network card consists of adapting it to each terminal by means of a unique protocol, which we wish to standardize. This protocol is,
Network card architecture
Our network card architecture is illustrated by Fig. 2. We have defined a new layer (Smart Layer), which uses the services of the AMUX entity. One layer is located in the host (HSL-Host Smart Layer) and the other in the card (CSL-Card Smart Layer).
The HSL layer has access to the network libraries and to the card reader APIs. It allows the transfer of the network packets from/to the card. It establishes a logical path between existing host applications, such as the web browser or electronic
Pascal Urien is currently in charge of research on smartcard integration in networks, at the Bull Smart Cards and Terminals R&D Division. He is also teaching networks and IP technologies at the French University of Paris Dauphine. Pascal graduated from French Ecole Centrale Lyon; he wrote a thesis in solid state physics, and received a PhD in Computer Science.
References (25)
Smart access: strong authentication on the web
Computer Networks and ISDN Systems
(1998)- International Organization for Standardization, Identification Cards-Integrated Circuits(s) Cards with Contacts, ISO...
- International Organization for Standardization, Contactless integrated circuit(s) cards-Proximity Cards, ISO...
- European Telecommunication Standards Institute, Digital cellular telecommunications system (Phase 2+) Specification of...
- European Telecommunications Standards Institute, Digital cellular telecommunications system (Phase 2+) Specification of...
- Interoperability Specification for ICCs and Personal Computer Systems, PC/SC, © 1996 CP8 Transac, HP, Microsoft,...
- International Organization for Standardization, Information Processing Systems-Open Systems Interconnection-Basic...
- J. Postel, Transmission Control Protocol, Request For Comment RFC 793, September...
- et al.
The smart card: a standardized security device dedicated to public cryptology
- R. Merckling, A. Anderson, Smart Card Introduction, Request For Comment RFC 57, March...
Locking the e-safe
IEEE Spectrum
Cited by (41)
Network smart card review and analysis
2007, Computer NetworksCitation Excerpt :Network smart cards are smart cards that communicate with host computers and remote computers using standard Internet protocols [29,33]. There are other names for them, such as network card [33], Internet smart card [25,45], WebCard [39], TCP/IP card, and IP card. To include all these cards for review and comparison and for convenience, in this paper we use the name network smart card.
Advances in network smart cards authentication
2007, Computer NetworksCitation Excerpt :Its implementation does not correspond entirely to that established in the standard HTTP protocol, but the result is functional and effective for certain applications. The aim in [7] is to obtain a TCP-type protocol. This protocol did not fulfil all of the requirements established in the standard [8] but it included the concept of agent-based Internet card.
Towards self-authenticable smart cards
2006, Computer CommunicationsESIV: an end-to-end secure internet voting system
2017, Electronic Commerce ResearchLLCPS and SISO: A TLS-based framework with RFID for NFC P2P retail transaction processing
2013, 2013 IEEE International Conference on RFID, RFID 2013Framework and authentication protocols for smartphone, NFC, and RFID in retail transactions
2013, Proceedings of the 2013 IEEE 8th International Conference on Intelligent Sensors, Sensor Networks and Information Processing: Sensing the Future, ISSNIP 2013
Pascal Urien is currently in charge of research on smartcard integration in networks, at the Bull Smart Cards and Terminals R&D Division. He is also teaching networks and IP technologies at the French University of Paris Dauphine. Pascal graduated from French Ecole Centrale Lyon; he wrote a thesis in solid state physics, and received a PhD in Computer Science.