| Nowadays, the figure of the smart card can be seen everywhere. Everyone have the second generation id card, social security card. At home, smart card will be used for electric, water and gas. On the road, we will use it pay for bus and ETC. When purchasing, we can use debit card or credit card (part of them is the smart card). In the company, our entrance card, staff card, rice card, are all smart card. It has been with every aspect of our lives is closely linked.With the popularity of the smart card, the applications carrierd to smart cards are more and more complex, which make higher claims for the safety, function, efficiency, convenient of the smart card. The original products have no longer met the requirements, gradually. Especially in safety, demanding more security, more agile and more general, more perfect guarantee. Therefore, the ISO/IEC7816specification was updated in2004. Readjust the structure of chapters, and emphasizes the security mechanism in the smart card design. In part4, part8and part9, there is a set of relatively complete design ideas.SCOSTA (Smart Card Operating System for Transport Application) is the first Card Application standards in India, which mainly used for traffic areas. Its main content refer the ISO/IEC7816-4/-8/-9. It is a smart card application which is very close to the ISO/IEC7816standard released in2004. In this paper, using the SCOSTA application as the background, we will discusses the present situation of the domestic smart card industry, and put forward a set of COS design which will be more close to the ISO/IEC7816specification.In the project, the main research of this project is described as following:1. Analysis the security system proposed in the ISO/IEC7816. In this system, the isolated encryption algorithm, encryption process, key passwords, object attribute and the special content, are combined into a "security environment". Following this change, there are more projects can be protected. Besides files, the records, data objects and talbes are all in the same security environment. With more contents appears in the security environment, the security attributes of the protected objects are more diversified.2. After study the SCOSTA standand and SCOSTA-CL standard, we summarize the consistency and the differences betewwn them and ISO/IEC7816. The main body of these two standand is quoted in the ISO/IEC7816, and some contents simplified and custom designed. SCOSTA-CL published in2007is applicable to the contact scenario. Relative to SCOSTA standard, Asymmetric Cryptography was appended and the improper descriptionthe was corrected.3. Based on TimeCOS, we designed and realized SCOSTA-COS. TimeCOS is a mature COS, which intellectual property rights is belong to Watchdata System Co. Ltd. With TimeCOS’s architecture, SCOSTA-COS expand the file system, rewrite the security system and reserve other function;4. We imagine the possible of the ISO/IEC7816security mechanism be used in future smart card. |
PDF Full Text Request