Using ISO/IEC for mobile devices
|
|
- Branden Fitzgerald
- 8 years ago
- Views:
Transcription
1 Using ISO/IEC for mobile devices Jan Eichholz, Giesecke & Devrient GmbH Dr. Detlef Hühnlein, secunet Security Networks AG Manuel Bach, Bundesamt für Sicherheit in der Informationstechnik Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 1
2 ISO/IEC for mobile devices Agenda ISO/IEC Using ISO/IEC for mobile devices with Mobile Signature Service in a Java Micro Edition environment Summary Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 2
3 ISO/IEC for mobile devices Agenda ISO/IEC Using ISO/IEC for mobile devices with Mobile Signature Service in a Java Micro Edition environment Summary Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 3
4 ISO/IEC architecture Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 4
5 Functions of the ISO Interface Card-application-service Access Initialize Terminate CardApplicationPath Connection-service CardApplicationConnect CardApplicationDisconnect CardApplicationStartSession CardApplicationEndSession Card-application service CardApplicationList CardApplicationCreate CardAppicationDelete CardApplicationServiceList CardApplicationServiceCreate CardApplicationServiceLoad CardApplicationServiceDelete CardApplicationServiceDescribe ExecuteAction Named data service DataSetList DataSetCreate DataSetSelect DataSetDelete DSIList DSICreate DSIDelete DSIRead DSIWrite Cryptographic service Encipher Decipher GetRandom Hash Sign VerifySignature VerifyCertificate Differential-identity service DIDList DIDCreate DIDGet DIDUpdate DIDDelete DIDAuthenticate Authorization service ACLList ACLModify Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 5
6 First ISO/IEC deployments e.g. Personal Identity Verification (PIV) e.g. European Citizen Card (ECC) e.g. Australian Drivers License Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 6
7 ecard-api-framework (BSI TR 03112, eid Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 7
8 ISO/IEC OASIS DSS (-X) eid OASIS OASIS DSS DSS (-X) (-X) ISO/IEC (CEN (CEN 15480) 15480) Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 8
9 Loyal Stack HBA egk HBA Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 9
10 Remote Loyal Stack (Internet Pharmacy) egk egk Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 10
11 Remote Loyal & ICC Stack (Citizen Services with meac) Browser Citizen Service Service-Access-Layer Service-Access-Layer Terminal-Layer Terminal-Layer meac Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 11
12 ISO/IEC for mobile devices Agenda ISO/IEC Using ISO/IEC for mobile devices with Mobile Signature Service in a Java Micro Edition environment Summary Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 12
13 Mobile Signature Service MSSP Specifies Web Service Interfaces between Application Providers (AP) and Mobile Signature Service Providers (MSSP) which allow to create digital signatures with mobile devices Standardized by ETSI TR (Business & Functional Requirements) TS (Web Service Interface) TR (Security Framework) TS (Specifications for Roaming in M-signature Services) Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 13
14 Mobile Signature Services Integration Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 14
15 Mapping ISO/IEC to ETSI [ISO24727] Part 3 CardApplication Path CardApplication StartSession DIDCreate / DIDUpdate DIDGet / [ETSI ] MSS_HandshakeReq MSS_RegistrationReq MSS_ProfileReq / MSS_StatusReq Note Besides path-information of regular cardapplications, CardApplication Path will also return a path to the virtual card-application for [ETSI ]. Using this function the AP and the MSSP agree on security mechanisms for further requests and responses. The keys of the mobile users are represented as Differential-Identites (DID). Consequently the creation of a DID corresponds to the registration of a user. DIDGet will be used to obtain information about a user profile and the status of a current transaction. DIDAuthenticate Sign MSS_SignatureReq MSS_SignatureReq Using the signing capability of the mobile device it is possible to design a challenge-response protocol for authentication. The signing capability of the mobile device may be also be used via the Sign function. As in [BSI-TR03112] the low level Sign function may be wrapped by a SignatureRequest according to [OASIS-DSS]. Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 15
16 ISO/IEC for mobile devices Agenda ISO/IEC Using ISO/IEC for mobile devices with Mobile Signature Services in a Java Micro Edition environment Summary Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 16
17 Java TM Micro Edition (JME) Started in Japan in 1999 Basic Standards (MIDP 1.0 and CLDC 1.0) available since 2000 First MIDP cell phones available since 2000 (e.g. Siemens SL45i) The Mobile Service Architecture defines a powerful platform Lot s of additional API s (SVG, M3G, MMAPI, BT, PIM, CHAPI, SIP, LOCATION, ) Deployed in over 2.1 billion mobile devices Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 17
18 JME Architecture Mobile Service Architecture (MSA) Umbrella JSR SIM access, Crypto, PKI XML, WebServices UI, pers. data, network, permissions, VM and basic APIs Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 18
19 Additional JSR s JSR 257 Contacless NFC, ISO/IEC Communication Service Connection communication SIP AMS I18N Paymnt. JSR 279 MSA Subset MSA WS SATSA CHAPI LBS PIM/FC 3D BT/ Obex SVG WMA MMAPI enhanced Web Services, SOAP, REST, Atom Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 19
20 The complete picture Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 20
21 MIDlet Integration of ISO/IEC Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 21
22 ISO/IEC for mobile devices Agenda ISO/IEC Using ISO/IEC for mobile devices with Mobile Signature Service in a Java Micro Edition environment Summary Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 22
23 Summary ISO/IEC about to become the global eid-standard MSS-based integration possible with arbitrary mobile devices, but requires additional infrastructure services (MSSP) JME offers the necessary functionality to integrate mobile devices into the ISO/IEC infrastructure NFC will push forward to integrate contactless communications into mobile devices In the mid-term, a JSR for a standardised JME interface to ISO/IEC would be beneficial Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 23
24 Deadline: Call for Papers - BIOSIG 2008 Biometric Border Control & Federated Identity Management September 11/12, 2008, Darmstadt Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 24
25 Thank you very much for your kind attention! Contact: Dr. Detlef Hühnlein secunet Security Networks AG Eichholz/Hühnlein/Bach Sicherheit 2008 Slide 25
ISO/IEC 24727 for secure mobile web applications
ISO/IEC 24727 for secure mobile web applications Jan Eichholz 1 Detlef Houdeau 2 Detlef Hühnlein 3 Manuel Bach 4 1 Giesecke & Devrient GmbH, jan.eichholz@gi-de.com 2 Infineon Technologies AG, detlef.houdeau@infineon.com
More informationTechnical Guideline TR-03112-1 ecard-api-framework Overview. Version 1.1.5 draft
Technical Guideline TR-03112-1 ecard-api-framework Overview Version 1.1.5 draft 7. April 2015 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63 53133 Bonn E-Mail: ecard.api@bsi.bund.de
More informationHow to Use ISO/IEC 24727-3 with Arbitrary Smart Cards
How to Use ISO/IEC 24727-3 with Arbitrary Smart Cards Detlef Hühnlein 1 and Manuel Bach 2 1 secunet Security Networks AG, Sudetenstraße 16, 96247 Michelau, Germany detlef.huehnlein@secunet.com 2 Federal
More informationJava ME & NetBeans Mobility. Petr Suchomel Architect, NetBeans Mobility Sun Microsystems
Java ME & NetBeans Mobility Petr Suchomel Architect, NetBeans Mobility Sun Microsystems Agenda Java ME introduction Java ME applications NetBeans Mobility Edition Power of advanced features Demos, demos,
More informationTechnical Guideline TR-03112-7 ecard-api-framework Protocols. Version 1.1.5
Technical Guideline TR-03112-7 ecard-api-framework Protocols Version 1.1.5 7. April 2015 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63 53133 Bonn E-Mail: ecard.api@bsi.bund.de Internet:
More informationTechnical Guideline TR-03112-2 ecard-api-framework ecard-interface. Version 1.1.5
Technical Guideline TR-03112-2 ecard-api-framework ecard-interface Version 1.1.5 7. April 2015 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63 53133 Bonn E-Mail: ecard.api@bsi.bund.de
More informationSmartcards with Webservice Interface
Smartcards with Webservice Interface 22. SIT-SmartCard Workshop 8./9. February 2012 Jan Eichholz Agenda Benefits of a Webservice Interface for Smartcards The Service Access Layer out of ISO/IEC 24727 The
More informationServer based signature service. Overview
1(11) Server based signature service Overview Based on federated identity Swedish e-identification infrastructure 2(11) Table of contents 1 INTRODUCTION... 3 2 FUNCTIONAL... 4 3 SIGN SUPPORT SERVICE...
More informationAn Open ecard Plug-in for accessing the German national Personal Health Record
An Open ecard Plug-in for accessing the German national Personal Health Record Raik Kuhlisch 1 Dirk Petrautzki 2 Johannes Schmölz 3 Ben Kraufmann 1 Florian Thiemer 1 Tobias Wich 3 Detlef Hühnlein 3 Thomas
More informationBiSPI Conformance Testing
Technical Guideline TR-03122-2 Conformance test specification for BSI-TR 03121 Biometrics for public sector applications Part 2: Software Architecture - BioAPI conformance testing Version 3.0 Bundesamt
More informationUsing mobile phones to access Web Services in a secure way. Dan Marinescu
Using mobile phones to access Web Services in a secure way Dan Marinescu March 7, 2007 Abstract Web Services is a technology that has gained in acceptance and popularity over the past years. The promise
More informationSicherheitsaspekte des neuen deutschen Personalausweises
Sicherheitsaspekte des neuen deutschen Personalausweises Dennis Kügler Bundesamt für Sicherheit in der Informationstechnik egov Fokus 2/2013: Identity- und Access Management im E-Government Rethinking
More informationAn Open Source eid Simulator Open Identity Summit 9th -11th September 2013
An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community
More informationIdentity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy
Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy November 18, 2008 Teresa Schwarzhoff Computer Security Division Information
More informationOVERCOMING CHANNEL BANDWIDTH CONSTRAINTS IN SECURE SIM APPLICATIONS
OVERCOMING CHANNEL BANDWIDTH CONSTRAINTS IN SECURE SIM APPLICATIONS John A. MacDonald 1, William Sirett 2 and Chris J. Mitchell 1 1 Information Security Group, Royal Holloway, University of London, Egham,
More informationDynamic Bluetooth File Sharing With Cellular Devices. Project Goals
Dynamic Bluetooth File Sharing With Cellular Devices Steve Brar George Chen Michael Hair Jon Wagoner Project Goals Establishing a Bluetooth connection Download application software to client Look up existing
More informationDraft SR 019 020 V0.0.4 (2013-11)
SPECIAL REPORT Rationalised Framework of Standards for Advanced Electronic Signatures in Mobile Environment STABLE DRAFT FOR PUBLIC REVIEW UNTIL 15 JANUARY 2014 Download the template for comments: http://docbox.etsi.org/esi/open/latest_drafts/templatefor-comments.doc
More informationA Survey of Electronic Signature Development in Mobile Devices
A Survey of Electronic Signature Development in Devices 1, 2, 3 and 4 1 University of Murcia, Department of Information and Communications Engineering, maria@dif.um.es 2 University of Murcia, Department
More informationBiometrics for Public Sector Applications
Technical Guideline TR-03121-2 Biometrics for Public Sector Applications Part 2: Software Architecture and Application Profiles Version 2.3 Bundesamt für Sicherheit in der Informationstechnik Postfach
More informationQuality Management in Open Source Projects
Quality Management in Open Source Projects Experiences from the Open ecard Project Daniel Nemmert, Hans-Martin Haase, Detlef Hühnlein, Tobias Wich >> 1 Agenda The Open ecard App Open Source Projects Success
More informationConformance test specification for BSI-TR 03121 Biometrics for public sector applications
Technical Guideline TR-03122-1 Conformance test specification for BSI-TR 03121 Biometrics for public sector applications Part 1: Framework Version 3.0 Bundesamt für Sicherheit in der Informationstechnik
More informationJava Card TM Open Platform for Smart Cards
Java Card TM Open Platform for Smart Cards Wolfgang Effing Giesecke & Devrient GmbH C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 1 What happened in the past? Every company created
More informationCaught in the Maze of Security Standards
Caught in the Maze of ΓΝΩΘΙΣ Know Thyself ΑΥΤΟΝ Security Standards Dieter Gollmann Hamburg University of Technology What this talk is not about 1. Designing security protocols is difficult and error prone
More informationeidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke
eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke Agenda eidas Regulation TR-03110 V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas
More informationTouch & Travel a SIM-based eticketing System
Touch & Travel a SIM-based eticketing System NFC Congress Austria 08 Dr. Stephan Spitz G&D stephan.spitz@gi-de.com Agenda Project Overview System Overview Applied New Technologies and Standards Seite 2
More informationGlobal eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa
Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationCOMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES
COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES BSI TR-03139 Version 2.1 27 May 2013 Foreword The present document
More informationHungarian Electronic Public Administration Interoperability Framework (MEKIK) Technical Standards Catalogue
Hungarian Electronic Public Administration Interoperability Framework (MEKIK) Technical Standards Catalogue Zsolt Sikolya Ministry of Informatics and Communications (IHM) Tel: +3614613366, Fax: +3614613548
More informationThe German eid-card. Jens Bender. Federal Office for Information Security Bundesamt für Sicherheit in der Informationstechnik
The German eid-card Federal Office for Information Security Bundesamt für Sicherheit in der Informationstechnik eid Workshop KU Leuven / The German Electronic ID-Card (Elektronischer Personalausweis) Motivation
More informationNFC Mobile Handset High Level Requirements V2
NFC Mobile Handset High Level Requirements V2 Release 2.0 Date : 28/09/2011 Reference: 110928 - AFSCM TECH - LIVBL - NFC Mobile Handset High Level Requirements - v2.0.doc AFSCM NFC Mobile Handset High
More informationBanking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions.
Smart IC Banking Banking Extending Value to Customers KONA Banking product matrix Contact - SDA Product EEPROM Java Card Type KONA Products KONA@I is leading the next generation of payment solutions Banks,
More informationBiometrics for public sector applications
Technical Guideline TR-03121-1 Biometrics for public sector applications Part 1: Framework Version 3.0 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63, 53133 Bonn, Germany Email:
More informationDevelopment of Java ME
Y39PDA Development of Java ME application České vysoké učení technické v Praze Fakulta Elektrotechnická Content What is Java ME Low Level a High Level API What is JSR LBS Java ME app. life-cycle 2/29 Is
More informationETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance. ETSI 2015. All rights reserved
ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance esignature Standards Framework Certificate Authority Time-stamping Signing Servers Validation
More informationMobility Solutions in IBM
Mobility Solutions in IBM Cecelia Yu yuyc@tw.ibm.com Mobile Collaboration, CDL, IBM 2007 IBM Corporation Agenda 1. Introduction 2. Mobility Strategy 2.1 Connectivity 2.2 E-Mail 2.3 Social Network 2.4 Instant
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationOn the design and implementation of the Open ecard App
On the design and implementation of the Open ecard App Detlef Hühnlein 1 Dirk Petrautzki 2 Johannes Schmölz 1 Tobias Wich 1 Moritz Horsch 1,3 Thomas Wieland 2 Jan Eichholz 4 Alexander Wiesmaier 5 Johannes
More informatione- Estonia - 10 years of experience
e- Estonia - 10 years of experience Lessons learned Jüri Voore, Estonian Cer;fica;on Centre PROJECT MILESTONES o First ideas in 1997 o Law on personal iden;fica;on documents: Feb, 1999 o Digital Signature
More informationA KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL
A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL Wangjian, Xu Guoai, Zhangmiao National Engineering Laboratory for Disaster Backup and Recovery, Beijing University
More informationStandards for Identity & Authentication. Catherine J. Tilton 17 September 2014
Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent
More informationStrong Authentication in details
Strong Authentication in details Kuznetsov Alexander Technical Account Manager VASCO Core Activities Overview DIGIPASS DIGIPASS Go Range DIGIPASS E-signature DIGIPASS Reader DIGIPASS for Mobile DIGIPASS
More informationWeb Services Standards: obix in the wider XML Web Services context
www.oasis-open.org Web Services Standards: obix in the wider XML Web Services context Pim van der Eijk OASIS European Representative OASIS Mission OASIS drives the development, convergence and adoption
More informationMaking Digital Signatures Work across National Borders
Making Digital Signatures Work across National Borders Jon Ølnes, Anette Andresen, Leif Buene, Olga Cerrato, Håvard Grindheim DNV (Det Norske Veritas), Norway DNV trusted third party for 140 years Det
More information<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008
Oracle Security Developer Tools (OSDT) August 2008 Items Introduction OSDT 10g Architecture Business Benefits Oracle Products Currently Using OSDT 10g OSDT 10g APIs Description OSDT
More informationBiometrics for public sector applications
Technical Guideline TR-03121-2 Biometrics for public sector applications Part 2: Software Architecture Version 3.0 Bundesamt für Sicherheit in der Informationstechnik Postfach 20 03 63, 53133 Bonn, Germany
More informationEmbedding digital signature technology to other systems - Estonian practice. Urmo Keskel SK, DigiDoc Product Manager
Embedding digital signature technology to other systems - Estonian practice Urmo Keskel SK, DigiDoc Product Manager E-stonia? Population: 1.35M Internet usage: 54% Internet banking: 72% Mobile penetration:
More informationOOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH
OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main
More informationElectronic Identity Cards for User Authentication Promise and Practice
Electronic Identity Cards for User Authentication Promise and Practice Andreas Poller Ulrich Waldmann Sven Vowé Sven Türpe Fraunhofer Institute for Secure Information Technology (SIT) Rheinstraße 75, 64295
More informationMobile-PC Suite: Using Mobile Phone as Remote to Control PC Operations
Mobile-PC Suite: Using Mobile Phone as Remote to Control PC Operations R.S.S.Vishnu Priya, P.Panini Sai, K.Ruth Ramya, N.Chandra Sekhar, K.Venkata Prasad, P.D.Nageswara Rao Dept. of CSE, KLCE Vaddeswaram,
More informationOverview of the key figures for the first half of the year
Half-Year Report 2015 Q2 Revenues increase in the first half of the year by 23% EBIT increased by 1.5 million euros compared to the previous year Order book is growing Overall annual forecast remains unchanged
More informationPKI - current and future
PKI - current and future Workshop for Japan Germany Information security Yuichi Suzuki yuich-suzuki@secom.co.jp SECOM IS Laboratory Yuichi Suzuki (SECOM IS Lab) 1 Current Status of PKI in Japan Yuichi
More informationOverview of the key figures for the first nine months
Continued revenue growth: up 12% on previous year Results impacted by revenue structure and one-off effects High volume of orders: outlook remains optimistic Q3 Overview of the key figures for the first
More informationPosition Paper European Citizen Card: One Pillar of Interoperable eid Success
Position Paper European Citizen Card: One Pillar of Interoperable eid Success October 2008 Disclaimer Eurosmart takes reasonable measures to ensure the quality of the information contained in this document.
More informationIntroduction to Oracle WebLogic. Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson
Introduction to Oracle WebLogic Presented by: Fatna Belqasmi, PhD, Researcher at Ericsson Agenda Overview Download and installation A concrete scenario using the real product Hints for the project Overview
More informationElectronic Citizen Identities and Strong Authentication
Electronic Citizen Identities and Strong Authentication Sanna Suoranta, Lari Haataja, Tuomas Aura Department of Computer Science Aalto University Finland Sanna Suoranta sanna.suoranta@aalto.fi Content
More informationSmart Card Technology Capabilities
Smart Card Technology Capabilities Won J. Jun Giesecke & Devrient (G&D) July 8, 2003 Smart Card Technology Capabilities 1 Table of Contents Smart Card Basics Current Technology Requirements and Standards
More informationTransaction Security. Training Academy
Transaction Security Training Academy Your independent, trusted partner for transaction security technology Welcome to UL UL is a world leader in advancing safety with over a hundred years of history.
More informationA Guide to EMV. Version 1.0 May 2011. Copyright 2011 EMVCo, LLC. All rights reserved.
A Guide to EMV Version 1.0 May 2011 Objective Provide an overview of the EMV specifications and processes What is EMV? Why EMV? Position EMV in the context of the wider payments industry Define the role
More informationOracle Java Micro Edition Software Development Kit
Oracle Java Micro Edition Software Development Kit Release Notes Release 3.0.5 for Windows E25309-04 April 2012 Contents Release Highlights Prerequisites Installation Installation and Runtime Security
More informationDatasheet FUJITSU Security Solution Compliant Archiving SecDocs V2.3
Datasheet FUJITSU Security Solution Compliant Archiving SecDocs V2.3 An archiving middleware based on open standards which preserves the evidentiary value powered by OpenLimit Digital Long-Term Archiving
More informationChytré karty opět o rok dál...
Chytré karty opět o rok dál... SmartCardForum 2010 Jan Němec Product expert, Gemalto Květen 2010 Agenda Chytré karty včera, dnes a zítra Úvod do problematiky NFC Integrace NFC do mobilních zařízení Java
More informationExploring ADSS Server Signing Services
ADSS Server is a multi-function server providing digital signature creation and signature verification services, as well as supporting other infrastructure services including Time Stamp Authority (TSA)
More informationExtreme Java G22.3033-006. Session 3 Main Theme Java Core Technologies (Part I) Dr. Jean-Claude Franchitti
Extreme Java G22.3033-006 Session 3 Main Theme Java Core Technologies (Part I) Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical Sciences Agenda
More informationMobile Certificate Based Network Services
Issues in Informing Science and Information Technology Volume 10, 2013 Mobile Certificate Based Network Services Göran Pulkkis and Farzan Yazdani Arcada University of Applied Sciences, Helsinki, Finland
More informationMicrosoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007
Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions Jan 23 rd, 2007 Microsoft ILM is a comprehensive, integrated, identity and access solution within the Microsoft system architecture. It includes
More informationMobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies. White Paper November 2015
Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies White Paper November 2015 secretariat@globalplatform.org www.globalplatform.org 2015 GlobalPlatform Inc. Table of Contents
More informationEuropean Electronic Identity Practices Country Update of Portugal
European Electronic Identity Practices Country Update of Portugal Speaker: Anabela Pedroso anabela.pedroso@umic.pt Date: 3 November 2006 1. Status of National legislation on eid Are eid specific regulations
More informationPart 2: ICT security standards and guidance documents
Part 2: ICT security standards and guidance documents Version 3.0 April, 2007 Introduction The purpose of this part of the Security Standards Roadmap is to provide a summary of existing, approved ICT security
More informationFuture of Mobile Java and Mobility Middleware
Future of Mobile Java and Mobility Middleware Jon Bostrom CTO okia Java Platform copyright 2004 by OSGi Alliance All rights reserved. The Mobile Application Ecosystem >100 operators deployed Java >300
More informationDe-Mail. A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information: www.de-mail.de
De-Mail A reliable and secure online communication platform Armin Wappenschmidt (secunet) More information: www.de-mail.de 1 Agenda Overview of De-Mail Implementation aspects Current status and outlook
More informationDigital Signatures in Reality. Tarvi Martens SK
Digital Signatures in Reality Tarvi Martens SK Free-flowing digital documents Estonia has deployed digitally signed documents which are recognised universally. These are: Perfectly legal For use in arbitrary
More informationDigital Signature Service. e-contract.be BVBA info@e-contract.be 2 september 2015
Digital Signature Service e-contract.be BVBA info@e-contract.be 2 september 2015 About e-contract.be BVBA Consultancy Projects: eid/security related only SOA security From analysis to operational hosting
More informationA Comparison of Mobile Peer-to-peer File-sharing Clients
1. ABSTRACT A Comparison of Mobile Peer-to-peer File-sharing Clients Imre Kelényi 1, Péter Ekler 1, Bertalan Forstner 2 PHD Students 1, Assistant Professor 2 Budapest University of Technology and Economics
More informationSecurity Evaluation of J2ME CLDC Embedded Java Platform
Vol. 5, No. 2, March April 2006 Security Evaluation of J2ME CLDC Embedded Java Platform Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi and Sami Zhioua Computer Security Laboratory Concordia Institute
More informationFOR A PAPERLESS FUTURE. Petr DOLEJŠÍ Senior Solution Consultant SEFIRA Czech Republic
FOR A PAPERLESS FUTURE Petr DOLEJŠÍ Senior Solution Consultant SEFIRA Czech Republic PAPER IS EVERYWHERE WHY IS THAT? Please no more! Every large organization is typically large paper producer Banks, insurance,
More informationThis Working Paper provides an introduction to the web services security standards.
International Civil Aviation Organization ATNICG WG/8-WP/12 AERONAUTICAL TELECOMMUNICATION NETWORK IMPLEMENTATION COORDINATION GROUP EIGHTH WORKING GROUP MEETING (ATNICG WG/8) Christchurch New Zealand
More informationDigital Signing without the Headaches
Digital Signing without the Headaches Nick Pope 1 Juan Carlos Cruellas 2 1 Security & Standards Associates Grays, Essex, United Kingdom nickpope@secstan.com 2 Universitat Politècnica de Catalunya Barcelona,
More informationSmart Card Application Development Using Java
Uwe Hansmann Martin S. Nicklous Thomas Schack Frank Seliger Smart Card Application Development Using Java With 98 Figures, 16 Tables and a Multi Function Smart Card Springer Table of Contents Preface 1
More informationA Survey of Electronic Signature Solutions in Mobile Devices
Antonio Ruiz-Martínez 1, Daniel Sánchez-Martínez 2, María Martínez-Montesinos 3 and 4 University of Murcia, Department of Information and Communications Engineering, 1 arm@dif.um.es, 2 dsm@dif.um.es, 3
More informationPractical Challenges in Adopting PIV/PIV-I
UNCLASSIFIED Practical Challenges in Adopting PIV/PIV-I Hank Morris UNCLASSIFIED 2 UNCLASSIFIED // FOUO Purpose and Agenda Purpose: Explore the policy, process, and mechanisms to securely leverage biometrics
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationTraining. MIFARE4Mobile. Public. MobileKnowledge April 2015
MIFARE4Mobile Public MobileKnowledge April 2015 Agenda Why MIFARE4Mobile? MIFARE in Mobile related technologies MIFARE technology NFC technology MIFARE4Mobile technology High level system architecture
More informationGUI/Custom GUI, SIP Stack, Telephony, DB, Sockets, Bluetooth, QT.
OVERVIEW FOR SYNERGY ISG: Mobile development ScienceSoft in quick facts 250 full-time IT experts and a network of 100+ developers 200+ successfully completed large outsourcing projects Experience in software
More informationIntroduction to SunOne Development Tools by Mr. Mickey Fan, Java Architect, Sun Microsystems. Good morning. Ladies and Gentlemen.
Introduction to SunOne Development Tools by Mr. Mickey Fan, Java Architect, Sun Microsystems Good morning. Ladies and Gentlemen. the mobile edition. I am glad to be invited to be here. Today my topic is
More informationCloud up to business processes
Chris Francis IBM Technical Relations and Regulatory Affairs Cloud up to business processes Chris Francis Existing state of play Conventional solutions Software as a Service Platform as a Service Infrastructure
More informationNokia 9210i/9290 Communicators and PersonalJava TM Application Development
Nokia 9210i/9290 Communicators and Personal TM Application Development 05-03-2002 Nokia 9210i/9290 Communicators and PersonalTM Application Development Table of contents 1. DIFFERENT JAVA TECHNOLOGIES...
More informationThe Study on Mobile Phone-oriented Application Integration Technology of Web Services 1
The Study on Mobile Phone-oriented Application Integration Technology of Web Services 1 Li Luqun 1, 2 Li Minglu 1 Cui Xianguo 2 1. Department of Computer Science of Shanghai Jiaotong University, 1954 Huashan
More informationLocation-Based Information Systems
Location-Based Information Systems Developing Real-Time Tracking Applications Miguel A Labrador Alfredo J Perez Pedro M Wightman CRC Press Taylor & Francis Group Boca Raton London New York CRC Press Is
More informationSpoof Detection and the Common Criteria
Spoof Detection and the Common Criteria Ralph Breithaupt (BSI) Nils Tekampe (TÜViT) Content Today s situation The BSI projects LifeFinger I & II Spoofing The definition Spoof Detection in Common Criteria
More informationCartão de Cidadão: Autenticação de Papéis do Cidadão
Cartão de Cidadão: Autenticação de Papéis do Cidadão by João Pedro Bernardo Gonçalves Universidade Técnica de Lisboa Instituto Superior Técnico Abstract: In this work, a solution to the problem: How to
More informationTest plan for eid and esign compliant terminal software with EACv2
Technical Guideline BSI TR-03105 Part 5.3 Test plan for eid and esign compliant terminal software with EACv2 Version: 2.0 Date: 2015-05-22 Bundesamt für Sicherheit in der Informationstechnik Postfach 20
More informationUpdate on the German Scheme
Update on the German Scheme Dipl.-Math. Irmela Ruhrmann Head of Certification Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik - BSI) Folie 1 BSI CERTIFICATION
More informationSecure Card based Voice over Internet Protocol Authentication
Secure Card based Voice over Internet Protocol Authentication By GOWSALYA.S HARINI.R CSE-B II YEAR (IFET COLLEGE OF ENGG.) Approach to Identity Card-based Voiceover-IP Authentication Abstract Voice-over-IP
More informationJava Card. Smartcards. Demos. . p.1/30
. p.1/30 Java Card Smartcards Java Card Demos Smart Cards. p.2/30 . p.3/30 Smartcards Credit-card size piece of plastic with embedded chip, for storing & processing data Standard applications bank cards
More informationMobile Operating Systems. Week I
Mobile Operating Systems Week I Overview Introduction Mobile Operating System Structure Mobile Operating System Platforms Java ME Platform Palm OS Symbian OS Linux OS Windows Mobile OS BlackBerry OS iphone
More informationLoyalty Systems over Near Field Communication (NFC)
Loyalty Systems over Near Field Communication (NFC) Diogo Simões IST - Technical University of Lisbon Av. Prof. Cavaco Silva Tagus Park 2780-990 Porto Salvo, Portugal diogo.simoes@tagus.ist.utl.pt Abstract.
More informationUser s Guide. Sun Java TM Wireless Toolkit for CLDC Version 2.5.2. Sun Microsystems, Inc. www.sun.com
User s Guide Sun Java TM Wireless Toolkit for CLDC Version 2.5.2 Sun Microsystems, Inc. www.sun.com v252 September 2007 Copyright 2007 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California
More informationDevice Implementation Guidelines
Device Implementation Guidelines June 2013 Secure element architects for today s generation Device Implementation Guidelines 2 Document History Version Date Editor Remarks 1.1 07/06/2013 Handset Task Force
More informationDigital Signature Verification using Historic Data
Digital Signature Verification using Historic Data Digital signatures are now relatively common; however historic verification of digitally signed data is not so widely understood. As more data is held
More information