Smart Card Applications: Design models for using and programming smart cards (Hardcover)

Description

A practical guide to the specification, design, and programming of smart card systems for working applications.

More than 3 billion smartcards are produced every year. Generally defined as any pocket-sized card with embedded integrated circuits or chips, they have a huge number of applications including travel cards, chip and pin cards, pet tags, mobile phone SIMs and pallet trackers. Now with modern Smart Card technology such as Java Card and Basic Card it is possible for everyone to create his or her own applications on a smart card.

This book provides generic solutions for programming smart cards, enabling the creation of working applications and systems.

Key features:

• Presents a comprehensive introduction to the topic of smart cards, explaining component elements and the smart card microcontrollers.
• Sets out information on operating systems with case studies of a range of applications including credit card security, mobile phones and transport payment cards.
• Gives detailed advice on the monitoring of smart card applications, recognizing potential attacks on security and improving system integrity.
• Provides modules and examples so that all types of systems can be built up from a small number of individual components.
• Offers guidelines on avoiding and overcoming design errors.

Ideal for practising engineers and designers looking to implement smart cards in their business, it is also a valuable reference for postgraduate students taking courses on embedded system and smart card design.

 

Foreword.

Symbols and Notation.

Abbreviations.

1 Overview of Smart Cards.

1.1 Card Classification.

1.2 Card Formats.

1.3 Card Elements.

1.3.1 Printing and labelling.

1.3.2 Embossing.

1.3.3 Hologram.

1.3.4 Signature panel.

1.3.5 Tactile elements.

1.3.6 Magnetic stripe.

1.3.7 Chip module.

1.3.8 Antenna.

1.4 Smart Card Microcontrollers.

1.4.1 Processor.

1.4.2 Memory.

1.4.3 Supplementary hardware.

1.4.4 Electrical characteristics.

2 Smart Card Operating Systems.

2.1 FileManagement.

2.1.1 File types.

2.1.2 File names.

2.1.3 File structures.

2.1.4 File attributes.

2.1.5 File selection.

2.1.6 Access conditions.

2.1.6.1 State-based access conditions.

2.1.6.2 Rule-based access conditions.

2.1.7 File life cycle.

2.2 Commands.

2.3 Data Transmission.

2.3.1 Answer to Reset (ATR).

2.3.2 Protocol Parameter Selection (PPS).

2.3.3 Transmission protocols.

2.3.3.1 T=0 transmission protocol for contact cards.

2.3.3.2 T=1 transmission protocol for contact cards.

2.3.3.3 USB transmission protocol for contact cards.

2.3.3.4 Contactless transmission protocols.

2.3.4 SecureMessaging.

2.3.5 Logical channels.

2.4 Special Operating System Functions.

2.4.1 Cryptographic functions.

2.4.2 Atomic processes.

2.4.3 Interpreter.

2.4.4 Application management.

3 Application Areas.

3.1 Smart Card Systems.

3.2 Potential Uses.

3.3 Application Types.

3.3.1 Memory-based applications.

3.3.2 File-based applications.

3.3.3 Code-based applications.

4 Basic Patterns.

4.1 Data Protection.

4.1.1 Definition of terms.

4.1.2 General principles.

4.1.3 Recommendations for smart card systems.

4.1.4 Summary.

4.2 Export Control.

4.3 Cryptographic Regulation.

4.4 Standards.

4.4.1 Standards for card bodies.

4.4.2 Standards for operating systems.

4.4.3 Standards for data and data structuring.

4.4.4 Standards for computer interfaces.

4.4.5 Standards for applications.

4.5 Documents for Smart Card Systems.

4.5.1 Specification partitioning.

4.5.1.1 System specification.

4.5.1.2 Background system specification.

4.5.1.3 Smart card specification.

4.5.1.4 Terminal specification.

4.5.2 Elements of a typical card specification.

4.5.2.1 General information.

4.5.2.2 Smart card.

4.5.2.3 Smart card operating system.

4.5.2.4 Application.

4.5.3 Document distribution.

4.5.4 Document version numbering.

5 Architecture Patterns.

5.1 Data.

5.2 Data Coding.

5.3 Files.

5.3.1 Access conditions.

5.3.2 File names.

5.4 Log Files.

5.4.1 Data storage.

5.4.2 Assigning data to log files.

5.4.3 Invoking logging.

5.4.4 Access conditions for log files.

5.4.5 Logged data.

5.4.6 Consistency and authenticity of log data.

5.4.7 Log file size.

5.4.8 Logging process.

5.5 Pairing.

5.6 Protecting Transaction Data.

5.7 Reset-proof Counters.

5.8 Proactivity.

5.9 Authentication Counter.

5.10 Manual Authentication of a Terminal.

5.11 PIN Management.

5.12 One-time Passwords.

5.13 Key Management.

5.14 StateMachines for Command Sequences.

5.15 Speed Optimization.

5.15.1 Computing power.

5.15.2 Communication.

5.15.3 Commands.

5.15.4 Data and files.

6 Implementation Patterns.

6.1 Application Principles.

6.1.1 Programcode.

6.1.2 Commands.

6.1.3 Data.

6.1.4 Security.

6.1.5 Application architecture.

6.1.6 System.

6.2 Testing.

6.3 User–Terminal Interface.

6.4 Smart Card Commands.

6.4.1 Command structure.

6.4.2 Interruption of commands.

6.4.3 Command coding.

6.4.4 Parameterization.

6.4.5 Test commands.

6.4.6 Secret commands.

6.5 Java Card.

6.5.1 Data types.

6.5.2 Arithmetic operations.

6.5.3 Control structures.

6.5.4 Methods.

6.5.5 Applets.

7 Operation Patterns.

7.1 Initialization and Personalization.

7.2 Migration.

7.3 Monitoring.

7.3.1 System integrity.

7.3.2 Attack detection.

8 Practical Aspects of Smart Cards.

8.1 Acceptance.

8.2 Tell-tale Signs of Difficult Smart Card Systems.

8.2.1 Inappropriate use of smart cards.

8.2.2 Unclear specifications.

8.2.3 Abundant options.

8.2.4 Piggyback applications.

8.2.5 Economizing on testing.

8.2.6 Downloading applications.

8.2.7 Offline systems.

8.2.8 Intolerant smart cards and terminals.

8.2.9 Strict compatibility requirements.

8.2.10 Excessively stringent security requirements.

8.2.11 Exaggerated future-proofing.

8.3 Prerequisites for Easy Smart Card Systems.

8.3.1 Expert advice.

8.3.2 Foresighted design.

8.3.3 Prototyping.

8.3.4 Single-application smart cards.

8.3.5 Simple structures.

8.3.6 Robust design.

8.3.7 Centralized systems.

8.3.8 Staged deployment.

8.4 In-field Faults.

8.4.1 Fault classification.

8.4.2 Fault impact.

8.4.3 Actions in response to a fault.

8.4.4 Fault search procedure.

8.4.5 Fault remedies.

9 Illustrative Use Cases.

9.1 Monastery Card.

9.2 Access Card.

9.3 Telemetry Module.

9.4 Business Card.

9.5 Theft Protection Card.

9.6 Admission Pass.

9.7 PKI Card.

9.8 SIMCard.

Bibliography.

Index.

描述

這本書是一本關於智能卡系統的規格、設計和編程的實用指南，適用於實際應用。

每年生產超過30億張智能卡。智能卡通常被定義為帶有嵌入式集成電路或芯片的口袋大小卡片，應用範圍廣泛，包括交通卡、芯片和PIN卡、寵物標籤、手機SIM卡和貨物追蹤器。現在，隨著Java Card和Basic Card等現代智能卡技術的出現，每個人都可以在智能卡上創建自己的應用。

本書提供了編程智能卡的通用解決方案，使得可以創建工作應用和系統。

主要特點：
- 全面介紹智能卡的主題，解釋組件元素和智能卡微控制器。
- 提供有關操作系統的信息，並以信用卡安全、手機和交通支付卡等應用的案例研究。
- 提供關於監控智能卡應用的詳細建議，識別安全攻擊並改善系統完整性。
- 提供模塊和示例，使得可以從少量個別組件構建各種類型的系統。
- 提供避免和克服設計錯誤的指南。

這本書非常適合希望在業務中實施智能卡的工程師和設計師，也是攻讀嵌入式系統和智能卡設計課程的研究生的有價值的參考資料。

目錄

前言
符號和標記
縮寫
第1章 智能卡概述
1.1 卡片分類
1.2 卡片格式
1.3 卡片元素
1.3.1 印刷和標籤
1.3.2 壓花
1.3.3 全息圖
1.3.4 簽名板
1.3.5 觸感元素
1.3.6 磁條
1.3.7 芯片模塊
1.3.8 天線
1.4 智能卡微控制器
1.4.1 處理器
1.4.2 存儲器
1.4.3 附加硬件
1.4.4 電氣特性
第2章 智能卡操作系統
2.1 文件管理
2.1.1 文件類型
2.1.2 文件名稱
2.1.3 文件結構
2.1.4 文件屬性
2.1.5 文件選擇
2.1.6 訪問條件
2.1.6.1 基於狀態的訪問條件
2.1.6.2 基於規則的訪問條件
2.1.7 文件生命周期
2.2 命令
2.3 數據傳輸
2.3.1 复位回答（ATR）
2.3.2 協議參數選擇（PPS）
2.3.3 傳輸協議
2.3.3.1 T=0接觸式卡的傳輸協議
2.3.3.2 T=1接觸式卡的傳輸協議
2.3.3.3 USB接觸式卡的傳輸協議
2.3.3.4 非接觸式卡的傳輸協議
2.3.4 安全傳輸
2.3.5 邏輯通道