CardTech/SecureTech 2002 Government Smart Card Government Smart Card Smart Card Standards and the Government Smart Card Interoperability Specification.

Slides:

Advertisements

Similar presentations

NIST Interoperability Framework for the Smart Grid

Advertisements

Overview: Guide for applying RM-ODP with UML Profile for EDOC

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Post-Processing Workflow Sanjay Jain Co-Chair, Radiology Planning.

Service Oriented Architecture Reference Model

Putting the Pieces Together Grace Agnew Slide User Description Rights Holder Authentication Rights Video Object Permission Administration.

Doc.: IEEE /064r0 Submission March 2000 Mårten Mattsson, EricssonSlide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.

Cerner Presentation to S&I esMD Workgroup – Industry Scan

1 Service Oriented Architectures (SOA): What Users Need to Know. OGF 19: January 31, 2007 Charlotte, NC John Salasin, Ph.D, Visiting Researcher National.

Photo by Karl Steinbrenner Purchase & Travel Card Programs Current Status and Future Trends Presented By Valerie J Smith, CPCP.

1 U.S. General Services Administration E-Government Procurement: Standard Transactions and Interoperability David Temoshok Director, Federal Identity Management.

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.

Treasury Board of Canada Secretariat Secrétariat du Conseil du Trésor du Canada IM Standards for E-government The Canadian Experience Managing Information.

Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI)

Fostering worldwide interoperabilityGeneva, July 2009 Use of cdma2000 ® Femto Cells for Home Network Applications Home Networking Global Standards.

|epcc| NeSC Workshop Open Issues in Grid Scheduling Ali Anjomshoaa EPCC, University of Edinburgh Tuesday, 21 October 2003 Overview of a Grid Scheduling.

DICOM Structured Reporting Workshop - March 2000 Structured Reporting and the IHE Year 2 Technical Framework Simon Wail, PhD Marconi Medical Systems.

Privacy By Design Sample Use Case

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

1 Java Card Technology Prepared by:Ali Toyserkani Adopted from: Introduction to Java Card Technology C. Enrique Ortiz.

© Copyrights 1998 Algorithmic Research Ltd. All rights Reserved D a t a S e c u r i t y A c r o s s t h e E n t e r p r i s e Algorithmic Research a company.

Current Technology and the TWIC Program Walter Hamilton Chairman, International Biometric Industry Association Sr. Consultant, Identification Technology.

PC/SC Applications and New Developments Boris Balacheff Member of PC/SC Technical Workgroup CTST 2000 Miami.

Smart Card Digital Security Initiative Charles Cagliostro Executive Director of Digital Security Initiative

FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.

Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.

Mobile Devices in the DoD

Chapter 5 – Enterprise Analysis

Multi-Application in Smart Card-based Devices Christophe Colas, Chief Software Architect August 2002.

Device Evolution Greg Pelton Chief Technology Officer

Global Need of Standard I/O Connection Interface for Cellular Phone Presented to GSC Ottawa, Canada April 29, 2003 Jindam Mok TTA, Korea April 28 ~May.

GSA Federal Supply Service DOING BUSINESS WITH GSA.

Professional Services Overview

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

The National Institute Of Standards And Technology(NIST) Identity Management Program Jim Dray, IDMS Program Manager Identity Solutions Workshop & Symposium.

YES New Mexico Enterprise Eligibility System

Component-Based Software Engineering Main issues: assemble systems out of (reusable) components compatibility of components.

PRODUCT MODELLING. Eastman C (1999). Building Product Models, CRC Press, Boca Raton Smithers T (1989). AI-based design versus geometry-based design or.

PROF. MAULIK PATEL CED, GPERI Mobile Computing Gujarat Power Engineering and Research Institute 1 Prepared By: Prof. Maulik Patel Mobile Technologies.

LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study.

Brian Epley, VA PIV Program Manager

PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

© 2012 Presented by: Preparation For EMV Chip Technology Keith Swiat.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

PIV Data Model Testing Ketan Mehta March 3, 2006.

Philip is a subject matter expert in Accenture’s Payment practice with more than 30 years experience across payments, transaction processing, networks,

Biometric Access Control in TWIC Read Hardware and Card Application Specification Roger Roehr.

Smartcard Evaluation TM8104 – IT Security Evaluation Linda Ariani Gunawan.

UICC UICC is a smart card used in mobile terminals in GSM and UMTS networks It provides the authentication with the networks secure storage crypto algorithms.

Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.

1 1 Update: ISO/IEC Identification Cards - Integrated circuit cards programming interfaces Teresa Schwarzhoff, U.S. Department of Commerce Porvoo-12:

Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.

HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.

Ivo Rosol, OKsystem Middleware.

April 20023CSG11 Electronic Commerce Smartcards John Wordsworth Department of Computer Science The University of Reading Room.

NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.

United States Department of Justice Achieving Information Interoperability and Business Agility The Justice Reference Architecture:

Enhanced Storage Architecture

COAG AUSTRALIA The Prime Minister, Premiers and Chief Ministers signed the IGA at the COAG meeting on 13 April The key objectives of the Strategy,

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Securing SSH Admin Access

Document Management Alliance (DMA)

WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.

1 NPIVP Workshop March 3, 2006 Red Auditorium, NIST, Gaithersburg PIV Test Guidelines Revisions Dr. R. Chandramouli (Mouli) (Director NPIVP)

Electronic Commerce Smartcards

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

PC/SC Applications and New Developments

Presentation transcript:

CardTech/SecureTech 2002 Government Smart Card Government Smart Card Smart Card Standards and the Government Smart Card Interoperability Specification (GSC-IS) April 24, 2002Presenter: T.Schwarzhoff/NIST

2 GSC-IS Goals Government Smart Card Interoperability Specification (GSC-IS) Provides a standard, high level smart card services interface for applications Card vendor neutral Works with any reader driver layer

3 GSC-IS Components Card Edge Interface (CEI) Card Capabilities Container (CCC) Data Models Mandatory Data Elements Basic Services Interface (BSI) Extended Services Interface (XSI)

4 Card Edge Interface (CEI) Default set of interoperable commands at card level layer (APDUs) Abstracts differences between heterogeneous card-level command sets Card Capabilities Container(CCC) Maps differences from GSC-IS CEI Grammar that maps card native APDU set to CEI Data Models (GSC-IS Appendix C) GSC-IS Model DoD Common Access Card

5 Card Edge Interface (CEI) cont. Mandatory data elements General information: FN, MI, LN, Suffix, Govt Agency, Error Detection Code (EDC) Access control: PIN, EDC Card information:Issue Date, Expiration Date, EDC Bottom Line: Any card, Any reader Card A and Card B using GSC-IS CEI can work on same or different SPMs

6 Basic Service Interface (BSI) Provides services needed by client applications Accomplished with 21 BSI functions 3 categories Utility: establishes physical environment General Container: provides for data manipulation Cryptographic: key discovery mechanisms, authentication Must implement all 21 functions to be GSC-IS conformant BSI provides interoperability at the client layer and across clients … not trivial

7 Extended Services Interface (XSI) Augments BSI: BSI is not operational interface XSI supports application specification requirements GSC-IS architecture accommodates XSI but goes no further…to do so breaks the GSC-IS architectural model and interoperability

8 What doesnt the GSC-IS provide??? Interoperability not addressed for: Smart card initialization Cryptographic Key Management Communication between card and CADs Other Proximity and contactless cards Biometrics: mechanism provided for storing template It isnt perfect … but its a start …

9 Whos using the GSC-IS? Federal Agencies DoT, DoD*, Treasury Dept FAA, GSA, VA Interest from: Air Line Pilots Association American Association of Motor Vehicle Administrators (AAMVA)

10 Where to next? Implementation guidelines Security testing and certification ISO standard, international collaboration SDKs and workshops Next version….

11 The release of the Government Smart Card Interoperability Specification is a significant event in the smart card world as it is the first comprehensive effort to address the interoperability requirements of the enterprise market. It will become as important as Europay/Mastercard/Visa (EMV) specification is to the Payment market and Global System Mobile (GSM) specification is to the mobile telephony market. Smart Card Alliance Abstract (Feb 2002)

12 Contact Information Terry Schwarzhoff voice: NIST Information Technology Laboratory, Computer Security Division NIST GSC Project Leader: Jim Dray,

13 Additional Information

14 GSC-IS Architectural Overview Client Applications Basic Services InterfaceExtended Services Interface Service Provider Software Reader Driver Layer* Smart Card Card Capabilities Container Data Model * GSC-IS does not specify a particular reader driver layer, can use PC/SC, OCF, proprietary, etc.

15 Background GSA awarded smart card contract May 2000 Five Primes (EDS, KPMG, Litton-PRC, Logicon, Maximus) Base yr + 9 option years Post award requirement: Development of Government Smart Card Interoperability Specification (GSC-IS): Collaborative effort with Federal agencies and Industry, led by GSA and NIST DoD major contributor