From Smart Card to Trusted Personal Device - RESET
Download as PPT, PDF0 likes1,045 views
This document summarizes a seminar on the RESET project, which aimed to develop a technology roadmap for smart cards and trusted personal devices. The seminar agenda included welcome addresses, presentations on RESET working group deliverables, challenges and lessons learned. RESET brought together 105 experts to identify priority technologies like cryptography, security, networking and memory. The project sought to help smart cards consolidate their position and address new areas by focusing R&D on migrating from current smart cards to innovative trusted personal devices with more processing power, memory and connectivity. The seminar concluded by addressing RESET's concrete outcomes so far and inviting further discussion.
From Smart Card to Trusted Personal Device - RESET
- 1. R E S E T Roadmap for European research on Smartcard Technologies FROM SMART CARD TO TRUSTED PERSONAL DEVICE RESET Seminar 3 April 2003 Brussels
- 2. RESET Seminar Agenda 09h30 welcome address Lutz Martiny 09h30 09h45 introduction to Reset Olivier Trébucq 09h45 10h45 Reset WGs deliverables Reset WG leaders 10h45 11h00 Coffee break 11h00 12h45 Challenges for technology Pieter Hartel RESET IST-2001- 39046 Ulrich Büker Jean-Paul Thomasson Albert Mödl 12h45 13h00 Lessons from Reset Bruno Le Dantec Q&A session 13h00 14h00 Lunch break 14h00 15h45 Discussion (other roadmaps and audience)Lutz Martiny 15h45 16h00 Conclusions from discussions 16h00 16h15 FP6 orientations on trust & security Gérard Galler 16h15 16h30 an IP for trusted personal devices Bruno Cucinelli 16h30 Wrap-up and seminar closing
- 3. RESET public seminar Brussels, 03 / 04 / 2003 R E S E T : a technology roadmap for smart cards & trusted personal devices Olivier TREBUCQ RESET Technology advisor
- 4. RESET : WHAT is it ? The first ever made attempt of both smart card industry and academic stakeholders to assess R&D priorities for technologies and standards A concerted approach on technology exploitation, implementation scenarios, market requirements and application environments 105 experts involved : suppliers of SC systems components research & technology institutions Cards and accepting devices issuing organisations RESET IST-2001- 39046
- 5. RESET : WHY is it ? A strong background: smart card is now acknowledged worldwide as a major component of trust & security systems, within the global information and communication society A major requirement for enhancing business: to overcome identified technology bottlenecks which prevent smart card to consolidate its current position and to address new application areas A tremendous opportunity: to focus on common R&D priorities at an early stage of the FP6, for consolidating and sharing expertise of European industry and academic players A key challenge: to achieve the successful migration from current generation of smart cards to innovative trusted personal devices RESET IST-2001- 39046
- 6. RESET : WHY is it (cont’d)? A specific complexity: smart card is the resulting combination of a wide range of HW and SW technologies, with related management features, which require being specified, developed and integrated through a quite interactive process, especially for designing secure and tamper resistant systems A technology supported by a large community of developers: through evolution towards open platforms and systems, an increasing number of people have access to high level language and programming tools, for enriching the scope of middleware and applications RESET IST-2001- 39046
- 7. RESET : WHY is it (cont’d)? A never ending arms race between hackers and security providers: security, which is by nature the first asset of smart card systems, is a continuous challenge for information systems providers, especially when transactions such as payment or electronic signature are performed An activity increasingly mixing technology, marketing and legal requirements: to address detailed specifications of issuing organisations, suppliers must comply to quite extended sets of requirements, which often refer to legal frameworks, as for identification, protection of personal data, trusted e-commerce procedures,… RESET IST-2001- 39046
- 8. RESET : which target(s) ? Communication and networking Systems and S/W platforms Smart card accepting devices, interfaces and biometry Card embedded peripherals, subsystems and micro-systems packaging High-end cryptography, tamper resistant and security technologies Micro-electronics and system on chip RESET IST-2001- 39046
- 9. RESET : which target(s) ? Technologies for Security and Trust : secure chip design physical/logical attacks secure SW and protocols and high-end cryptography Security certification Technologies for improved integration of trusted personal devices in networked systems & environments : High speed communication protocols middle-ware components multi-interfaces protocols (USB, BT, W-LAN) high level programming languages & tools Networked managed objects RESET IST-2001- 39046
- 10. RESET : which target(s) ? Technologies for safe management of trusted personal devices : real time open OS platforms for secure applet loading & maintenance multi-tasking OS evaluation and test of HW and SW components distributed systems (peer to peer VS client/server) Technologies for System on Chip / on Card (smart objects): Non Volatile Memories = Fe RAM, Flash, MRAM,… memory management / partitioning assembly / embedding techniques power supply and management Chip re-configurability RESET IST-2001- 39046
- 11. Market requirements for smart cards & trusted personal devices: Strengthening current positions Telecom : new ecosystem featuring extended data rates (UMTS), increased trust requirements and strong interface with Internet V2 for addressing added value services (locate, instantiate, operate) Management of complex operated services Customer Relationship management user identification and profiling protection of personal data Safe and dynamic management of applications (OTA) Strong authentication and consent management into heterogeneous communication systems (GSM, W-LAN) Enhanced man-machine interface (contact-less…) RESET IST-2001- 39046
- 12. Market requirements for smart cards & trusted personal devices: strengthening current positions (cont’d) 2) Financial services: in the context of the worldwide migration of bank cards towards chip embedding, requirements for enhanced security and multi-application schemes Interoperable multi-application platforms Improved authentication mechanisms (biometry) Improved communication services for e-transactions (TCPIP, USB, MMC, XML,…) Distributed applications model and evolution towards open infrastructures (internet) RESET IST-2001- 39046
- 13. Market requirements for smart cards & trusted personal devices: featuring new opportunities 1) Global digital ID and data management into heterogeneous networks: Complex algorithm matching (PK, biometry,…) Full speed online encryption (DRM) Repository services (unified way to access any type of data) 2) Generic technology drivers : JavaCard standard (V2.2, V3.0) Improved security level (EAL 5+, 6, 7, over 7) Card interface with external networks / systems: dynamic memory management low power compliance (GSM/3G) increased computing power on-board multi-browsers Interactive & secure links within ambient intelligent environments RESET IST-2001- 39046
- 14. RESET : from smart card to trusted personal devices Smart card: a piece of plastic, with a standardized body format, embedding an electronic system packaged into a μmodule, made of either a single memory chip or a microcontroller one (ROM + RAM + EEPROM), connected to a card accepting device which provides interface to the network Trusted personal device: a small and portable object, which can take the form of a standard plastic card, and which is featuring several of the main following characteristics: - increased autonomy: no master/slave relationship with reader - user-friendly interface, with holder’s control on device - direct interactivity with e-environment - extended data processing capability - huge memory capacity (up to Gigabytes) - fully networked object - extended embedded components (screen, keyboard, biometric sensor,…) - holding, protecting and managing owner’s specific data (identity/credentials) RESET IST-2001- 39046
- 15. Conclusion / Introduction: RESET is… …a fantastic community of experts experienced in strategic domains of the information society …an unprecedented forum for addressing technology requirements for new trusted devices …a tool for continuously supporting the dialogue between players of the e-society, on both supply and demand sides …a strong commitment of the smart card industry and academic players to migrate from the smart card generation to the “trusted personal device” era …a beginning, not at all an end… RESET IST-2001- 39046
- 16. Reset public Seminar Brussels 03 / 04 / 2003 And now, let us address the concrete outcome of the work performed at this stage in Reset ! Thank you for listening ! RESET Web site : http://www.ercim.org/reset