The IC card operating system (COS) shall support multiple Directory Files and Elementary Files under the Master File. The following file structure is an outline of how the TravelContract is stored on the card, see Figure 8: File structure for NORTIC application on the next page. The TravelContract is stored alone in a file (EF-TravelCard) while the log file is on a separate file (EF-Log).
The definitions of Master File, Directory File and Elementary File are found in ISO 7816-4.
5.6.1 Security Keys
There exists several security keys on the IC card, and they have different origins and use.
Card Owner Keys: These keys are stored in the key file in the Master File and are the full
responsibility of the Card Owner. These keys control the access to creating and deleting elementary-files (EF) and directory-elementary-files (DF) under the Master File. They are designated with Card Owner-KeyN and they must exist in a certain number.
NORTIC Transport Key: This key is used when the Card Owner have made the NORTIC-DF ready to use by the Application Owner.
NORTIC Application Keys:
The Application Owner generates and writes the secret keys that are used by the NORTIC application to the card during application issuance using the NORTIC Masterkeys:
• ICCkeyN-App
• ICCkeyN-Prod
• ICCkeyN-MAC
5.6.2 Detailed specification of application file structure for general ISO 7816 cards.
The figure below shows a fully created NORTIC Application in the IC card file structure.
MF
DF NORTIC DF
Another Applicatio
EF-Key (NORTIC Application keys)
EF-TravelContract
EF-Log EF-Key
(card owner)
EF-Local EF App Dir
Figure 8: File structure for NORTIC application
5.6.3 Master File (MF)
The master file and its parameters have usually nothing to do with the NORTIC application, but an example is presented for completeness.
Name: 0x3F00
Type: MF
Size: 2k/4k/8k Bytes (Dependant on card type)
Right Permission Key
DIR Authentication Card Owner-KeyN
Access Rights: DELETE Authentication Card Owner-KeyN
CREATE Authentication Card Owner-KeyN
5.6.4 EF-AppDir
The EF-AppDir is an application directory based on ISO7816-5. If the name of the NORTIC-DF should be variable then the MAD must use the application directory to locate the correct DF.
The format of EF-AppDir is defined in ISO7816-5.
5.6.5 DF-NORTIC
The DF-NORTIC directory file must be big enough to contain the other files that make the application, but extra space is taken up by the COS so the exact space needed will change for different brands of IC cards.
Name: 0x071C
Type: DF
Size: >300 bytes
Right Permission Key
Access Rights: DIR Authentication ICCkeyN-Prod
DELETE Authentication ICCkeyN-App
CREATE Authentication ICCkeyN-App
5.6.6 EF-TRAVELCARD
The file will be the container for both information about the NORTIC application and the
TravelContract. Only the NORTIC Application Owner and Product Owner (TravelContract) has the rights to alter the information stored here.
Name: 0x0C7A
Type: Fixed
Format: 1 record 32 bytes
Right Permission Key
READ Always N/A
Access Rights: UPDATE Authenticate ICCkeyN-Prod
REHABILITATE Authenticate ICCkeyN-Prod
INVALIDATE Authenticate ICCkeyN-Prod
Contents of file:
• The ASN.1 data structure NorTicRecord
5.6.7 EF-LOG
The LOG file will contain information of the last transactions done with the TravelContract, The LOG-file is made of a number of records that is assumed to behave in a “First in, First out” manner. The last record written to will be the first one accessed when reading. Any writings will replace the oldest record. This file is considered UNSECURE (meaning that anyone can write to it) and the information here must be treated accordingly. The number of records will be dependant on available card memory, but minimum number of records should be 3.
Name: 0x0106
Type: Cyclic
Format: >3 records 32 bytes
Right Permission Key
Access Rights: READ Always N/A
UPDATE Always N/A
REHAB Authenticate ICCkeyN-Prod
INVAL Authenticate ICCkeyN-Prod
Contents of file:
• All Records - EventRecord
5.6.8 EF-LOCAL
This file is created to have a place to store products or travel rights bought with the TravelContract.
The use of this file is optional since the RetailerLP can choose other methods to transfer the product to the customer, e.g. a paper ticket. This file requires authentication before it can be written to, so it is considered secure enough for storage of the intended information. Since the file has limited space there must be a way to discern if the products already stored in the file can be overwritten by new ones.
Name: 0x010C
Type: Cyclic
Format: >3 records 32 bytes
Right Permission Key
Access Rights: READ Always N/A
UPDATE Authenticate ICCkeyN-MAC
REHAB Authenticate ICCkeyN-Prod
INVAL Authenticate ICCkeyN-Prod
Contents of file:
• All Records - LocalProduct 5.6.9 EF-KEY
The content of this file, and even its existence, is mainly dependent on the COS. From the
requirements one can say that this file must include at least three different 8 bytes keys and that one of those keys also is used when the key file is updated. The Card Owner or Application Owner only updates the file.
Name: COS dependant
Type: COS dependant
Format: COS dependant
Right Permission Key
Access Rights: READ Never N/A
UPDATE Authenticate ICCkeyN-App
REHAB Authenticate ICCkeyN-App
INVAL Authenticate ICCkeyN-App
Contents of file:
• COS dependant.