secure messaging implementation in opensc实现在opensc安全消息.pdf

Journal of Information Security, 2012, 3, 251-258 /10.4236/jis.2012.34032 Published Online October 2012 (http://www.SciRP.org/journal/jis) Secure Messaging Implementation in OpenSC 1,2 3 2 2 Maurizio Talamo , Maulahikmah Galinium , Christian H. Schunck , Franco Arcieri 1Department of Engineering, University of Rome Tor Vergata, Rome, Italy 2Nestor Laboratory, University of Rome Tor Vergata, Rome, Italy 3Department of Information Science, University of Rome Tor Vergata, Rome, Italy Email: talamo@nestor.uniroma2.it, galinium@nestor.uniroma2.it, schunck@nestor.uniroma2.it, arcieri@nestor.uniroma2.it Received July 15, 2012; revised August 27, 2012; accepted September 8, 2012 ABSTRACT Smartcards are used for a rapidly increasing number of applications including electronic identity, driving licenses, physical access, health care, digital signature, and electronic payments. The use of a specific smartcard in a “closed” environment generally provides a high level of security. In a closed environment no other smartcards are employed and the card use is restricted to the smartcard’s own firmware, approved software applications, and approved card reader. However, the same level of security cannot be claimed for open environments where smartcards from different manu- facturers might interact with various smartcard applications. The reason is that despite a number of existing standards and certification protocols like Common Criteria and CWA 14169, secure and convenient smartcard interoperability has remained a challenge. Ideally, just one middleware would handle the interactions between various software applications and different smartcards