• No results found

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "An Open Source eid Simulator Open Identity Summit 9th -11th September 2013"

Copied!
27
0
0

Loading.... (view fulltext now)

Download now ( 27 Page )

Full text

(1)

An Open Source eID Simulator

Open Identity Summit

9th -11th September 2013

HJP Consulting

Holger Funke

BSI

(2)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 2 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(3)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 3 2013-09-10

Requirements: Actual state and target state

(4)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 4 2013-09-10

(5)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 5 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(6)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 6 2013-09-10

Current state: Developing new smart card protocols

Time consuming:

 Several stakeholder:

 Chip developer / manufacturer

 COS developer

 Application developer

 Integrator

 Chip must be produced to work with

 Life cycle during development very short, „living“ specifications

 Handling of various configurations (data groups, keys, etc)

 Handling of certificates (Extended Access Control, EAC)

 Need of „fresh“ test certificates

Expensive:

 Sample cards are expensive

 Several stakeholders

(7)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 7 2013-09-10

Current state: GlobalTester test tool

GlobalTester

 Open Source test tool for smart cards and inspection systems

 Eclipse framework

 Rhino Engine

 Bouncy castle crypto lib

 Smart Card Shell

 Started in 2005 (www.globaltester.org)

 Open community (test manager, sample scripts)

 Closed community (commercial: test scripts, simulator)

GlobalTester Prove IS / ePA-R:

 To test the inspection system, chip must be simulated

 Currently implementation of BSI TR-03110 V2

(8)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 8 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(9)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 9 2013-09-10

Current state: Software-Simulator (I)

Implementation (close to Java Card)

 All protocols, algorithms of BSI-TR-03110 V2 ready

 EACv1:

» Basic Access Control » Chip Authentication v1 » Terminal Authentication v2 » Active / Passive Authentication

 EACv2:

» PACE / SAC

» Chip Authentication v2 » Terminal Authentication v2 » Restricted Identification

» (Qualified electronic signature)

(10)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 10 2013-09-10

(11)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 11 2013-09-10

Current state: Software-Simulator (II)

Missing link between Software-Simulator and Terminal (IS) Current solution needs piece of hardware

 Comprion CLT one (commercial)

 Handling of ISO 14443 communication (transfer speed,

modulation type, etc.)

(12)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 12 2013-09-10

Simulator: Architecture

Protocols

BAC EACv1 EACv2

ISO 7816

SM

Keys

Files

AR

GP

Crypto

Admin

(13)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 13 2013-09-10

Benefits of Open Source eID Simulator

Use simulator for testing

 eID stakeholder like

 eID Client developers, like Open eCard

 eID Server developers

 Solution developers, like eCommerce

Use simulator to analyze protocols

 Adapt protocols and test consequences

 “Experimental platform”

Easy to configure your eID card

 In future: CardInfo files (?)

Easy to understand protocols

(14)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 14 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(15)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 15 2013-09-10

Open Source eID Simulator: Virtual Driver

Code is implemented and tested yet

 Experience in several tests (e.g. interoperability tests)

 Simulator can be addressed via TCP/IP-Socket

Hardware must be substituted:

 Solution: Virtual Smart Card Reader

 Runs in operating system as typical physical reader

 Runs as PC/SC device

 Can be addressed by typical clients (like eID clients)

 Handles communication between client and simulator

 Will be implemented by HJP for operating systems:

» Microsoft Windows 7 (32 and 64 bit) » Linux (Ubuntu) (32 and 64 bit)

(16)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 16 2013-09-10

Virtual Driver in ISO-OSI layer model

Presentation Session Transport Network Data Link Application SIM Application Presentation Session Transport Network Data Link Physical Physical CLT One

(17)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 17 2013-09-10

Simulator: Virtual Reader Driver

Simulation of basic reader

 Only APDU handling: receive APDU and send result

Standard / Comfort Reader

 Simulation of PIN-Pad

 Simulation of TR-03119 functions:

 EstablishPACEChannel()

(18)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 18 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(19)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 19 2013-09-10

Community

Web site

 Basic information, URL is not defined yet 

Code versioning system (repository)

 First implementation (basic reader) for MS Windows

 First version of simulator code

Support for interested users / developers

 Access to source code

 Forum

 Mailing list

 Wiki

 Manuals

 FAQ

 Bug / Issue tracking

(20)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 20 2013-09-10

Community: Possible structure

Contributor Contributor Contributor Contributor

Users

Leadership BSI / HJP

Maintainer

Contributor

Maintainer

Maintainer

Committer

Committer Committer

(21)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 21 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

Next steps

(22)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 22 2013-09-10

NFC Device

Some uses cases need physical device (smart card)

Hardware to simulate also physical characteristics: NFC device Use NFC interface to access simulator on smartphone / tablet Migration of simulator to NFC device

Possible platforms

 Windows Phone

 Apple iOS

 Android -> several NFC device, support, established libraries

BSI has experience in Android applications with NFC:

 androsmex

(23)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 23 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

(24)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 24 2013-09-10

Roadmap

Project is planned for two years (at least)

 Lead

 BSI: Tobias Senger

 HJP Consulting: Holger Funke

 Start September 2013

 First results will be published in 2013

Virtual Driver

 First implementation (basic reader) for MS Windows

Simulator

 Code adaptions for launching needed

Community

 Web site with basic information in 2013, Hoster for Sources

NFC Device

(25)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 25 2013-09-10

Agenda

Requirements of BSI

Current state

Simulator

Virtual Smart Card Reader

Community

NFC Device

Planned Roadmap

(26)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 26 2013-09-10

Next steps, Call for Participation

Simulation of German ID card

Not only focussing on eID but also on smart card in general

 Simulation of other applications:

 eSign

 Health

 SIM

 ….

JOIN OUR

(27)

Open Identity Summit 2013, An Open Source eID Simulator, Tobias Senger, Holger Funke Slide 27 2013-09-10

Questions?

HJP Consulting GmbH

Holger Funke

Hauptstraße 35

33178 Borchen, Germany

tel:

+49 5251 41 77 633

fax:

+49 5251 41 77 666

e-mail: [email protected]

References

Download now ( PDF - 27 Page - 781.69 KB )

Related documents

Shakespeare and His England

Exclusions: Quoted Tour prices exclude: trip insurance; airfares between points on the Tour; international airfare, including airfare and other transportation to and from the Tour

Deutsche Wohnen AG.» Full year results Conference Call, 26 March 2015

This presentation contains forward-looking statements including assumptions, opinions and views of Deutsche Wohnen or quoted from third party sources. Various known and unknown

Visual Impact Cardio

When trying to burn maximum calories, you will want this number to be close to your lactate threshold intensity level of steady state cardio.. This will all make more sense

Contemporary Methods for Graph Coloring as an Example of Discrete Optimization

The essence of IS algorithms is based on successive determination of the maximal independent sets in a graph and assignment of different colors to vertices of particular IS..

PARTICIPATION IS RECOGNIZED as an important outcome

However, only parents of children with disabilities described that a key focus of their efforts was on preparing the child at home (eg, through skill building, previewing

Development of the BIRD: a metadata modelling approach for the purpose of harmonising supervisory reporting at the European Central Bank - Directorate of general statistics: master and metadata

In this report, I will provide a basis for understanding the work undertaken in the team, focussing of the technical aspect of relational database modelling and metadata

User Manual. PCIe to PCIe Expansion MODELS EB3600-P

EB3600 | Chapter 2 Hardware Installation 20 Install the two Magma PCIe host interface cards into the host computer.. Use available x16 PCIe slot for both Host

Consequences of Service Recovery: Evidences from Public Sector of Pakistan

It is concluded that service recovery is very important and valuable variable and service recovery has positive impact on customer satisfaction, customer trust, customer loyalty