CEN CWA 15264-1
WORKSHOP April 2005
AGREEMENT
ICS 35.240.15
English version
Architecture for a European interoperable eID system within a smart card infrastructure
This CEN Workshop Agreement has been drafted and approved by a Workshop of representatives of interested parties, the constitution of which is indicated in the foreword of this Workshop Agreement.
The formal process followed by the Workshop in the development of this Workshop Agreement has been endorsed by the National Members of CEN but neither the National Members of CEN nor the CEN Management Centre can be held accountable for the technical content of this CEN Workshop Agreement or possible conflicts with standards or legislation.
This CEN Workshop Agreement can in no way be held as being an official standard developed by CEN and its Members.
This CEN Workshop Agreement is publicly available as a reference document from the CEN Members National Standard Bodies.
CEN members are the national standards bodies of Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre: rue de Stassart, 36 B-1050 Brussels
© 2005 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members.
Ref. No.:CWA 15264-1:2005 E CWA 15264-1:2005 (E)
Table of Content
Foreword ...... 4 1 Introduction ...... 5 1.1 Scope and objectives ...... 5 1.2 Informative References ...... 5 1.3 Concepts and definitions ...... 6 1.4 Abbreviation ...... 12 2 Contextual Model for IAS interoperability...... 17 2.1 Trust models ...... 17 2.2 Interoperability of IAS between schemes...... 18 3 Conceptual model for IAS interoperability...... 18 3.1 Roles ...... 19 3.2 Processes...... 21 3.3 SCMF and generic trust model ...... 24 3.4 Smart card communities and eService communities...... 24 4 The IAS functional model ...... 25 4.1 The IAS platform function ...... 25 4.2 The platform function ...... 26 4.3 The crypto function...... 26 4.4 The application function...... 26 4.5 The connectivity function...... 26 4.6 The Human Interface function...... 26 5 IAS system architecture ...... 27 5.1 The Smart Card layer ...... 27 5.2 The Infrastructure layer ...... 27 5.2 The eService layer...... 28 5.4 The layer interfaces ...... 28 6 The functional model in the IAS system architecture ...... 29 6.1 The functional model in the Smart Card Layer ...... 30 6.2 The functional model in the User Access Point sub-layer...... 31 6.3 The functional model in the eService Access Point sub-layer ...... 31 6.4 The functional model in the eService Layer...... 31 6.5 The functional model in the PKI service sub-layer...... 32 7 High level description of the primary processes - formal description...... 32 7.1 UC 1.0.: Card activation...... 32 7.2 UC.1.1.: Securing of the terminal-card link ...... 33 7.3 UC.1.2.: Component Authentication ...... 33 7.4 UC.N.3.: Certificate validation ...... 34 7.5 UC.2.0.: Connection to eService ...... 35 2 CWA 15264-1:2005 (E)
7.6 UC.2.1.: Securing of the eService link...... 35 7.7 UC.2.2.: Cardholder authentication by PKI ...... 36 7.8 UC.3.2.: Cardholder authentication by PIN/BioCode...... 36 7.9 UC.3.0.: Interaction with the eService ...... 37 7.10 UC.3.1.: Signing of a data object ...... 37 7.11 UC.4.0.: Closing of the eService Connection...... 38 7.12 UC.5.0.: Card deactivation...... 38 8 IAS interoperability ...... 39 8.1 IAS interoperability scenarios...... 39 8.2 IAS Interoperability architecture...... 39 8.3 IAS interoperability processes...... 45 9 Securing interoperability...... 45 9.1 Introduction...... 45 9.2 Securing the Card-Terminal interface (IOP#1) ...... 45 9.3 Securing the User Access Point - eService Access Point link (IOP#2)...... 46 9.4 Securing the access to PKI services (IOP#3)...... 46 9.5 Securing the eService Access Point - eService link (IOP#4) ...... 46 9.6 Securing the on-card applications – IAS function interface (IOP#5)...... 46 10 Common requirements for IAS interoperability...... 48 10.1 Requirements related to the execution of the primary processes ...... 48 10.2 Requirements on secondary processes ...... 55 Annex A Mandatory field in certificates ...... 59
Table of Figures Figure 1: Towards a smart card infrastructure based on a common eID...... 5 Figure 2: Simple 3-entity Trust model ...... 17 Figure 3: 4-entity Trust model ...... 17 Figure 4: Role modelling ...... 20 Figure 5: eAuthentication primary process high-level use cases...... 22 Figure 6: Generic trust model...... 24 Figure 7: The trust model in the SCMF ...... 24 Figure 8: Interoperability of IAS services...... 24 Figure 9: The functional box model...... 25 Figure 10: Smart card information system architecture...... 27 Figure 11: eAuthentication system architecture ...... 28 Figure 12: The functional model in the IAS system architecture ...... 30 Figure 13: Primary processes model ...... 32 Figure 14: The Card Activation use case (UC 1.0.)...... 32 Figure 15: The Connection to eService use case...... 35 Figure 16: The interaction with the eService use case...... 37 Figure 17: Summary of interoperability scenarios and levels ...... 39 Figure 18: eService IOP...... 40 Figure 19: Card IOP - case 1 ...... 41 Figure 20: Card IOP - case 2 ...... 42 Figure 21: Card IOP - case 3 ...... 42 Figure 22: On-card IOP - case 1...... 43 Figure 23: On-card IOP - case 2...... 43 Figure 24: On-card IOP - case 3...... 44
3 CWA 15264-1:2005 (E)
Foreword
The production of this CWA (CEN Workshop Agreement) was formally accepted at the e-authentication Workshop's kick-off meeting on 2003-09-16.
The document has been developed through the collaboration of a number of contributing partners in WS-e- authentication, representing smart card interests.
This CWA has received the support of representatives of each of these sectors. A list of company experts who have supported the document's contents may be obtained from the CEN/ISSS Secretariat.
This CWA consists of the following parts, under the general title CWA 15264:
• Part 1: Architecture for a European interoperable eID system within a smart card infrastructure
• Part 2: Best Practice Manual for card scheme operators exploiting a multi-application card scheme incorporating interoperable IAS services
• Part 3: User Requirements for a European interoperable eID system within a smart card infrastructure
4 CWA 15264-1:2005 (E)
1 Introduction
1.1 Scope and objectives
This part of the CWA defines the interoperability architecture for the implementation of a smart-card based interoperable public eAuthentication/eID infrastructure across Europe to be primarily used in the eGovernment domain.
The workshop considers smart cards as being Integrated Circuits contact cards, Integrated Circuits contactless cards and combined cards with either 2 or more chips on board or 1 chip with both contact and contactless communication capabilities.
Although the use of SIM cards is not considered explicitly in this document, this does not exclude the use of SIM card based eID, especially when used for authentication and digital signature purposes.
This document models the Interoperability (IOP) problematic from different perspectives in the following order:
• Context, concluding requirements • Concepts o functional ‘view’ o technical architecture for a smart card based eID system using on-line eGovernment applications o dataflows ‘view’ (description independent from technical solutions) o interoperability issues • Specifications / common requirements for interoperability
The CWA eAuthentication intends to support migration from situation 1 (see below) where each eID-card has its own infrastructure and trust services into a situation 2 where card body, microprocessor, smart card infrastructure as well as trust services may be shared between different eService providers.
ePassport eDriving license eLogical access eGov. / eBus. eHealth 1 2 on-card / on-line eSocial security services
CardCard InfrastructureInfrastructure eServiceeService eServiceeService
CardCard InfrastructureInfrastructure eServiceeService eServiceeService
CardCard CardCard InfrastructureInfrastructure eServiceeService CardCard InfrastructureInfrastructure eServiceeService
CardCard InfrastructureInfrastructure eServiceeService eServiceeService
CardCard InfrastructureInfrastructure eServiceeService eServiceeService
Figure 1: Towards a smart card infrastructure based on a common eID The CWA considers the Identification, Authentication and electronic Signature function (IAS) as a generic one to be used for accessing online eGovernment services with smart cards.
Issues regarding the content and internal way of function of an application are out of scope. The CWA does however describe the relevant interface between the generic function and the application.
1.2 Informative References
Open Smart Card Infrastructure for Europe v2, (March 2003) eESC Common Specifications for interoperable multi-application secure smart cards v2.0
5 CWA 15264-1:2005 (E)
ITU-T Recommendation X.811 (1995) Information Technology -Open Systems Interconnection - Security Frameworks For Open Systems: Authentication Framework
ITU-T Recommendation X.813 (1996) Information_Technology- Open Systems Interconnection - Security Frameworks In Open Systems: Non-Repudiation Framework
ISO/IEC 7816 – 4 (FCD 2003) Identification cards – Integrated circuit(s) cards with contacts – Part 4: Organization, security and commands for interchange
ISO/IEC 7816 -15 (2002) Identification cards – Integrated circuit(s) cards with contacts – Part 15: Cryptograpic information application
CEN/ISSS WS/E-Sign CWA 14890 1,2 Group K eEPOCH project, Deliverable D4.2IOP Demonstrator "Safelayer Secure Communications"
NICSS-Framework Scheme, NICSS Prerequisites, First Edition, Version 1.20, April 24, 2001
NIST Special Publication 800-63 (2004) – Draft Recommendation for Electronic Authentication
ISO/IEC JTC 1/SC 37 Standing Document 2, Vocabulary on Biometrics
1.3 Concepts and definitions
Abort To abnormally terminate a process
Acceptor An entity whose primary role is to provide business services/goods to a person using the smart card for accessing e-Services or receiving goods. Also known as Service Provider.
Access Provider An entity in charge of managing the infrastructure (i.e. the card readers, terminals and (AP) necessary drivers, communication network and servers) used by card holders accessing the offered services.
Accessibility Usability of a product, service, environment or facility by people with the widest range of capabilities
In the context of this CWA, "accessibility" typically addresses users who have a disability, but the concept is not limited to disability issues.
Advanced electronic An electronic signature which meets the following requirements signature Chapter 1 It is uniquely linked to the signatory;
Chapter 2 It is capable of identifying the signatory;
Chapter 3 It is created using means that the signatory can maintain under his/her sole control; and
Chapter 4 It is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable.
Under certain conditions, an advanced electronic signature may be considered as a qualified digital signature (q.v.)1 according to Directive 1999/93/EC
1 q.v. stands for “Quo vide” - Which see 6 CWA 15264-1:2005 (E)
Application Identifier Data element that is used to uniquely identify an application in a card. It consists of a relative identifier (RID) and a proprietary identifier extension (PIX).
Application Provider Entity that owns or is responsible for a card application offered by a Service Provider. (AP)
Authentication The provision of assurance of the claimed identity of a person. (of a person) The identity is claimed by using a user identifier or a token and the level of verification assurance achieved is determined by validation of one or more of the following elements:
- A PIN or a Password known only by the valid claimant
- A set of biometric data related to the valid claimant
- A private key under the sole control of the valid claimant
- Verification by an appropriate relying party of the validity of the certificate to which the secret key is related.
Authorisation The process by which entitlement of a requester, to access or use a given service, is determined.
Biometric matching The algorithm that compares the biometric reference template with a live biometric template (q.v.), resulting in a determination of match or non-match.
Biometric data Information extracted from a biometric sample and used either to build a biometric reference template on enrolment, or to compare against a previously stored biometric reference template.
Biometric reference A data set which defines a biometric measurement of a person which is used as a basis template for comparison against a subsequently submitted biometric sample(s).
Biometric Template See Live biometric template
Biometric system Automated ICT system capable of
• Capturing a biometric sample from an applicant or from other biometric sources
• Extracting biometric data from that sample,
• Creating biometric template from biometric data,
• Comparing the biometric template with that contained in one or more biometric reference templates,
• Deciding how well they match or do not match,
• Indicating whether or not an authentication of identity or identification has been achieved
• Storing and managing the information dedicated to the biometric applications.
7 CWA 15264-1:2005 (E)
BioCode A set of biometric data used as a mechanisms for local one-to-one verification with the purpose to ascertain whether the card holder is in fact the natural person authorised to access or use a specific service such as the right to unlock certain information on the card.
Card holder A physical person (in the legal sense, i.e. an individual human being not a company/legal structure) who has been issued a smart card by a card issuer.
Card issuance The process by which a card is personalised and ultimately delivered to the card holder. process In the context of this CWA, this process presupposes the manufacture of unpersonalised cards and is more concentrated on their subsequent
Chapter 5 personalisation with
5.1 identification data and possibly biometrics as provided/verified by the registration authority (RA) as well as
5.2 the certificates and key pairs provided by the certification authority (CA)
5.3 the PIN code and, optionally, the biometric verification data
Chapter 6 and finally, delivery to the card holder.
Card Issuer (CI) An entity whose primary responsibility is the management of personal identities and issuance of smart cards containing the appropriate data, certificates and key pairs to the rightful card holders. Its primary task is identity management and it may subcontract or delegate some of the card/certificate issuance tasks as well as the certificate verification tasks2.
Card Scheme An entity comprising a single card issuer, and possibly other partner organizations, responsible for provision of access by registered card holders’ to contractually specified eService(s). Also known as Smart Card Community.
Card Scheme An entity that operationally manages a card scheme in support of the Card Issuer. Also Operator (CSO) known as Smart Card Community Administrator.
Card supplier The person or organisation that manufactures smart cards and provides the card issuer with such smart cards. Card suppliers include chip makers, OS manufacturers, card producers and manufacturers of common software (including libraries).
Certificate The public key of a user, together with some other information rendered unforgeable by encipherment with the private key of the issuing certification authority
Certificate A list of certificates cancelled before their periods of validity have expired. Once placed on Revocation List the certificate revocation list a certificate cannot be re-activated for use. (CRL)
Certification A trusted entity that creates and assigns certificates. Optionally the certification authority Authority (CA) may create the users keys.
Certification Service An entity or a legal or natural person who issues certificates or provides other services
2 It has to be noted that in the current state of the art, the ultimate responsibilities for the tasks of managing identities and issuing cards is to be supported by the same organisation. This may change however in the future. 8 CWA 15264-1:2005 (E)
Provider (CSP) related to electronic signatures such as registration services, certificate generation services, revocation management and revocation status services.
Challenge response A method for checking whether the party an entity is communicating with on a network is a duly authenticated entity. This method is used by a "verifier" as follows:
Chapter 7 Send random numbers to the party to be "verified,"
Chapter 8 Receive same random numbers encrypted with the other party's private key,
Chapter 9 Decrypt them with the other party's public key, and
Chapter 10 Verify result against the original random numbers.
Digital signature Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery, e.g. by the recipient. Digital signature is a special case of the more general concept of electronic signature.
Electronic identity Identity data (of a person) usable in an electronic environment. (of a person)
Electronic signature Data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication of that other data. Digital signature is a special case of the more general concept of electronic signature.
End-user access Component of an ICT system which includes a smart card reader such as a terminal point eService Community All natural persons authorised to access and use a specific eService. In the context of this CWA, the community comprises those registered card holders whose IAS functions are recognised by a given Service Provider. eService Communities can be contained within, or span one or more smart card communities. eServices Off line or online electronic services accessible to a person through an ICT system eServices Access Component of an ICT system which acts as a front end system for including Point eServices within a smart card Information system
IAS Set of processes, data and technology agreements required in a given environment to provide Identification, Authentication and electronic Signature services
Icon A graphic image designating an entity, state, action or input control as part of a Graphical User Interface. Also known as a Pictogram.
Identification The process of obtaining information about whom the requester claims to be without considering the “trustability” of this information.
Identification card Card identifying its holder and issuer, which may carry data required as input for the intended use of the card and for transactions based thereon [ISO/IEC 7810].
In the context of this CWA, only identification cards supporting authentication and qualified digital signature are considered.
9 CWA 15264-1:2005 (E)
Identity (of a person) The common sense notion of personal identity. A person’s name, personality, physical body and history, including such personal attributes as address etc, of an individual person.
In the context of this CWA, the concepts of identity, legal identity and electronic identity are used interchangeably.
Inclusivity Ensuring the inclusion of or taking into account the widest range of person types relating to social inclusion, physical or mental disabilities, ethnic and language differences
Interface A standardized technical component facilitating interoperability within and between systems and sub-systems
Interoperability The ability of several independent systems or sub-system components to work together.
In the context of this CWA, the ability of several systems or sub-system components to enable a cardholder to access eServices from different service providers and through different infrastructures.
Legal identity (of a Identity awarded by the relevant administration in a country. person) Since the legal names of persons (family names and given name(s)) are not necessarily unique, the identity of a person must include sufficient additional information (for example a unique identifier) to make the combination unique.
Live and wellness The process of determining if a biometric characteristic is being submitted by a living check person and if this characteristic is authentic and genuine (i.e. originating from the biometric sensor, not derived from a picture, silicon fingerprint copy or other spoofed characteristic).
Matching3 The process of comparing a biometric sample against a previously stored template (i.e. biometric reference template) and scoring the level of similarity. An accept or reject decision is then based upon whether this score exceeds the given threshold.
Match-on-card The situation where the biometric matching is performed in the chip of the card and where the biometric reference template does not leave the chip.
Multi-Application A smart card allowing the Card Issuer to host different applications that can be selected Card independently of each other. Once selected, an application can be run as if the card was mono-application with the data access restrictions imposed by the multi-application OS.
Multi-Application a contractual/legal partnership of different organizations, each possibly playing several Card Scheme roles, as defined by the multi-application scheme model.
Multi-Application a model for the operation of the multi-application scheme usually designed by the Card Card Scheme Model Issuer. It includes the roles to operate the system, the functions provided by each role, and the interfaces linking the different functional blocks of the system.
Multi-Application Any legal entity playing a role in a multi-application scheme. Card Scheme
3 This definition is only applicable in a biometric system context. 10 CWA 15264-1:2005 (E)
Partner
Multi-Application The hardware and software infrastructure which enables the management and operation Card System of the multi-application card scheme. It is made up inter alia of Server Computers, Telecommunication Networks, Terminals accepting cards and the multi-application cards themselves.
Non-repudiation The provision of assurance that a document signer cannot deny having signed it.
On-Line Certificate An on-line protocol (RFC 2560) used to determine the status of a certificate. Status Protocol (OCSP)
Personal A numeric security code used as a mechanism for local one-to-one verification with the Identification purpose to ascertain whether the card holder is in fact the natural person authorised to Number (PIN) access or use a specific service such as the right to unlock certain information on the card.
Pictogram See Icon
Proof of Possession A protocol where a claimant proves to a verifier that he/she possesses and controls a key (PoP) protocol or password.
Qualified certificate Certificate which meets the requirements laid down in annex I of the Directive 1999/93/EC on electronic signature and is provided by a certification-service-provider (CSP) who fulfils the requirements laid down in annex II of the same Directive.
Qualified digital Digital signature which meets the requirements laid down in annex I of the Directive signature 1999/93/EC and is based on a digital certificate provided by a certification-service- provider who fulfils the requirements laid down in annex II of the same Directive.
Registration A trusted entity that establishes and vouches for the identity of a subscriber to a CSP or a authority (RA) CI. The RA may be an integral part of a CSP/CI, or it may be independent of a CSP, but it has a relationship to the CSP(s) and CI.
Registered card Holders of cards issued in accordance with the rules established by a Card Scheme holder
Relying Party An entity which relies upon the data in a certificate, possibly after the verification of their validity, typically to process a transaction or grant access to information or a system. Also known as Verifier or SP
Role A set of predefined functions required to provide a service to either the cardholder or the other stakeholders. A role will consume services from the other roles of the system and combine the consumed services with its own service function in order to offer other services.
Scheme An organised set of operations and procedures in the exchange between stakeholders of a smart card information system.
Security domain A set of elements, a security policy, a security authority and a set of security-relevant activities.
This set of elements is, for specified activities, subject to a security policy administered by the security authority for the security domain]
11 CWA 15264-1:2005 (E)
Security Policy The conditions for trust relationships agreed between the card scheme’s stakeholders.
Security token A physical object that a person possesses and controls and which can be used for authenticating the person. or Token
Service Provider An entity whose primary role is to provide business services/goods to a person using the (SP) smart card for accessing eServices or receiving goods. Also known as Relying Party in a PKI context and Acceptor in the banking one.
Signature A mark uniquely and strongly linked to the bearer’s identity and which, if applied to a contract and subject to certain other criteria specified by the applicable legal system, commits the bearer to its terms.
Smart Card An electronic trusted token compliant to ISO/IEC 7810 and to either ISO/IEC 7816 (for contact cards) or ISO/IEC 14443 (for contactless cards)
Smart Card An entity comprising a single card issuer, and possibly other partner organizations, Community (SCC) responsible for provision of access by registered card holders’ to contractually specified eService(s). Also known as Card Scheme.
Smart Card A technical infrastructure including all components which enable the use of smart cards Information System for accessing eServices through an ICT system.
Smart Card A system constituted of a set of roles and functions fulfilled by entities which enable and Management make use of smart cards within a smart card information system. Framework
Smart Card Reader Component of an ICT system which is capable of electronically reading the content of a contact/contactless smart card.
Smart Card Terminal Component of an ICT system which includes a smart card reader and is capable of interpreting the data read by the reader
Symbol An icon in the context of this CWA
System Integration The degree to which cardholder-facing, internal and partner-facing systems and applications are integrated with each other.
Token A physical object under the sole control of an individual person.
Trusted Third Party A security authority or its agent that is trusted with respect to some security-relevant activities in the context of a security policy
Validation Authority An entity which validates and checks the status of credentials linking a smart card to the (VA) identity of the card holder.
Verifier An entity which relies upon the data in a certificate, possibly after the verification of their validity, typically to process an eService transaction or grant access to information or an ICT system. See also related terms Relying Party and SP 1.4 Abbreviation
AES Advanced Encryption Standard.
AFIS Automated Fingerprint Identification System
12 CWA 15264-1:2005 (E)
ANSI American National Standardization Institute
AI Application Identifier
AP Application Provider
APP On-card Application (or applet)
APDU Application Protocol Data Units
API Application Programming Interface
ATM Automated Teller Machine
BDPP Biometric Device Protection Profile
BSP Biometric Service Provider
CA Certification Authority
CBEFF Common Biometric Exchange File Format
CC Common Criteria
CEN « Comité Européen de Normalisation ». Also known as European Committee for Standardization
CEN/ISSS Comité Européen de Normalisation / Information Society Standardization System
CI Card Issuer
CID Card Identifier
CMOS Complementary Metal Oxide Semiconductor
CMP Certificate Management Protocol
CP Certificate Policy
CPS Certificate Practice Statement
CPU Central Processing Unit
CRL Certificate Revocation List
CS0 Card Scheme Operator
CSP Certificate Service Provider
CUG Closed User Group
13 CWA 15264-1:2005 (E)
CWA CEN Workshop Agreement
DES Data Encryption Standard (with symmetric keys pairs)
DIR Directory
DIS Draft International Standard
DLL Dynamic Link Library
DPI dots per inch
DS Digital Signature
DSA Digital Signature Algorithm
EAL Evaluation Assurance Level
ECDSA Elliptic Curve Digital Signature Algorithm
EC European Commission
ECC Elliptic Curve Cryptography
EEPROM Electrically Erasable Programmable Read-Only Memory e-ID and eID Electronic ID
EMV Europay Mastercard VISA chip card specification
EPROM Erasable Programmable Read Only Memory
ETSI European Telecommunications Standards Institute
HTTP Hypertext Transport Protocol
IAS Identification, Authentication, Electronic Signature
IBIA International Biometric Industry Association
ICAO International Civil Aviation Organization
ICC Integrated Circuit(s) Card
ICT Information and Communication Technology
ID Identity
ID Identification number
IEC International Electrotechnical Commission
14 CWA 15264-1:2005 (E)
IOP Interoperability
IP Internet Protocol
IPSEC IP Security
ISO International Organization for Standardization
ISP Internet Service Provider
ISSS Information Society Standardisation System
ITSO Integrated Transport Smart card Organisation
ITU International Telecommunications Union
LDAP Lightweight Directory Access Protocol
MAMS Multi-Application Management System
MAS Multi-Application System
MAP Mobile Application Part
MCU MicroController Unit
MMI Man-Machine Interface
MOC Match-on-card
MS Member State
MTBF Mean-Time Between Failure
OCR Optical Character Recognition
OCSP Online Certificate Status Protocol
OID Object Identifier
OLTP Online transaction processing
OS Operating System
OSI Open Systems Interconnection
OTBS Object to be signed
PC/SC PC Smart Card Workgroup
PIN Personal Identification Number
15 CWA 15264-1:2005 (E)
PIX Proprietary Identifier eXtension
PKCS Public Key Cryptographic Standard / Public Key Cryptographic System
PKI Public Key Infrastructure
PoP Proof of Possession
PP Protection Profile
QC Qualified Certificate
QCP Qualified Certificate Policy q.v. “quo vide” in Latin; “which see” in English
RA Registration Authority
RFC Request for Comment
RFU Reserved for Future Use
RID Relative IDentifier
ROM Read Only Memory
RSA Encryption standard with asymmetric key pairs, named after Rivest, Shamir, and Adleman
S/MIME Secure Multipurpose Internet Mail Extensions
SAM Secure Application Module
SAML Secure Assertions Markup Language
SCAD Smartcard Accepting Device
SCC Smart Card Community
SHA-1 Secure Hash Algorithm-1
SIM Subscriber Identification Module
SLA Service Level Agreement
SMS Short Message Service
SP Service Provider
SSCD Secure Signature Creation Device
SSL Secure Sockets Layer
16 CWA 15264-1:2005 (E)
TTP Trusted Third Party
UID Unique Identifier
URI Uniform Resource Identifier
URL Uniform Resource Locator
USB Universal Serial Bus
VA Validation Authority
VLA Vulnerability Level Assurance
VPN Virtual Private Network
W3C World Wide Web consortium
2 Contextual Model for IAS interoperability
The contextual model is an informal description of the systems and other relevant background context in which the model is being designed. It represents the “raw material” of the formal modelling process, similar to the “requirements gathering” phase in software engineering methodologies.
Since IAS interoperability is mostly articulated on the concept of trust, this model begins with trust scheme principles from a global perspective, and moves to focus on organised societies.
2.1 Trust models
The framework takes as its base model a 3-entity configuration for trust decisions (Figure 2), within a single security domain (single scheme). It then develops models for interoperability between security domains (schemes), which may be the 4-entity configuration (Figure 3).
In addition, reduced configurations need to be considered – these are where one or more of the on-line links are unavailable at the time that a trust decision is requested.
As defined in the figures below, interoperability of trust – and therefore IAS – is the “corner-stone” of interactions between security domains.
Trusted Third TTP in Society TTP in Society Party #2 #1 Is Referenced Asks for reference
Asks for service
Requester Decider Requester Decider Grants/denies service
Previously established relationship Current transaction
Figure 2: Simple 3-entity Trust model Figure 3: 4-entity Trust model
In the 3-entity Trust model (Figure 2), trust between the requester and decider is achieved by reference to a common third party who as a minimum:
• already trusts the requester • is already trusted by the decider
17 CWA 15264-1:2005 (E)
The third party may also:
• already trust the decider • be already trusted by the requester
The 4-entity Trust model (Figure 3) deals with interactions between 2 different security domains that have developped trust in isolation. This model is based on two trusted third parties who are described as operating in different schemes having their own security domain, with their own rules for creating and managing trust, and that have previously established some relationships e.g. at technical, administrative and legal levels.
2.2 Interoperability of IAS between schemes
As already mentioned here above, IAS stands for Identification, Authentication and electronic Signature and is used here to mean the set of digital electronic processes, data and technology agreements required in an ICT environment to provide an interoperable nucleus of trust services and enable the development of further services using this nucleus.
The scope of the interoperable IAS nucleus covers therefore:
• The creation, provision and maintenance of Identification, Authentication and digital/electronic Signature services using secure smart cards • The registration of real persons and organisations to use and provide services (including issuing them with the necessary tokens, tools and digital data in a secure manner)
For interoperability to be possible between two schemes:
• First the security policies and processes of the two schemes have to be compared. This allows the limits of trust to be established. • Then the different entities participating to the schemes must be identified and their respective role in the Trust model (and more specifically in the IOP framework) must be defined. • Performing the roles is based upon the processes they are supporting for the delivery of common IAS services and establish the trust between them. These processes are classified as primary (i.e. operational), secondary (i.e. supportive) and tertiary (i.e. business), depending from the relationship they have with the core IAS functions. They are defined below under section 3.2. • Finally, the system architecture for IOP IAS services must be built, which includes the different components contributing to the delivery of IAS services to eServices and the IOP interfaces enabling to carry out transactions across scheme boundaries in a manner which allows authentication and signature functions to be trusted according to the requirements.
Some assumptions have been made in the definition of the IAS IOP framework:
• Digital identity, attributes and signatures will be issued to natural persons by trusted organisations, and will be held in certificates which also contain public security keys • An electronic trusted (secure) token will be used to store certificates and support IAS functions • The Trusted token will contribute to the realisation of the required assurance level for Legal recognition. The most usual physical form of the trusted token is a credit-card sized smart card (but the type of electrical interface to the token – contact and/or contactless – is not considered at this stage) • On-line transaction methods must be securely implemented (including being capable of secure operation across insecure networks such as the Internet) • For the European Union, the Electronic Signature Directive 1999/93/EC (E-sign) applies, as well as the European Union Directive 1995/46/EC for personal data privacy.
3 Conceptual model for IAS interoperability
The conceptual model is the first semi-formal description of the system. It is a very high level and abstract description of the system which answers the question “What” (What is the described system supposed to do?).
The conceptual model is described using the following elements:
18 CWA 15264-1:2005 (E)
• Entities: which are conceptual units of the model • Roles: which comprise the rules and processes used both to prepare for and during interactions between entities.
From here on, the CWA restricts its scope to:
• High level (strong) security functions, using asymmetric cryptography and a Public Key Infrastructure (PKI) (although the possibility of other methods is acknowledged), and • eID smart cards issued under the control of a central administration which combines or is the ultimate responsible towards the card holder for several roles i.e. the roles of card issuer, card manufacturer, IAS function issuer (an on-card application), certificate issuer and validation authority for certificates attesting the official identity of real persons (including key pair generation).
In this context, included on the smart card as a minimum are:
• Authentication information for the card; • Identification information (name, etc) for the card holder; • Security objects, such as a PIN and/or biometric authentication information (i.e. BioCode) for the card holder, security keys; and possibly a software to perform IAS services using the card4
3.1 Roles
Preliminary remarks:
• It is important to understand that the model developed here is oriented towards schemes developed in the e-government context, where the primary purpose is to provide e-government related services to the citizen. Some of these services will be government centric (meeting requirements of local and central administrations), and others will be citizen centric (assisting them to access citizen services and information services). Third party services (such as professional services) are also expected to benefit from deployment of smart card schemes based on the model, and the model is also open for additional stakeholders to join. • One organisation (entity) may assume more than one stakeholder role. While this may seem to be an implementation issue which does not impact the roles model, merging of roles has an important consequence of the security policy recommended for adoption by central administrations for e- government schemes. • Some roles may be duplicated. Particularly important here is that it is expected that one application issuer (AI) per scheme will be authorised to issue the IAS service application on the card, but other AIs may provide other on-card applications. • Implementation of roles may be delegated, but those implementers act as agents of the stakeholder entity; the model shows only the stakeholders.
4 On-card software for performing IAS services is not always needed. Depending from the specifications of the card, a card issuer may create appropriate applicative files onto the card and populates them with data. In that context, IAS handles and protects these data for the purpose of a given electronic service. Softwares are only loaded onto the card whenever the nested IAS functions are not enough to execute the required services. 19 CWA 15264-1:2005 (E)
Card Community processes side • Issuing, identification management • Life cycle management (cards, infrastructure) • Business issues
Card Card Scheme Card Issuer Operator Holder
Access Certif. provider Provider
Content provider Service provider E-Community processes side • Daily use / delivery / interaction • Content management •Creative challenges
Figure 4: Role modelling Some of these roles are “content” oriented and others “issuer” oriented.
The basic roles within a Smart Card Management Framework are exercised by the following stakeholders:
• The card holder (e.g. consumer, user) (CH) is a real person (in the legal sense, i.e. an individual human being, not a company or other legal structure) who has been issued with a smart card by a card issuer. The issued smart card is associated with and issued to the specific card holder and to him/her only. This association enables the card to be used by the card holder for IAS purposes and thus to enable him/her to access services provided by service providers. • The card provider role (CP) is to supply smart cards certified to the security profile required to satisfy the security policy of the card issuer, and to make that supply in a secure manner. • The registration authority (RA) registers card holders: i.e. obtains sufficient proof of the identity of the card holder by traditional means. Additional RA functionality (such as attributes of a real person, as required to implement the advanced electronic signature provision of E-sign) may be provided within the SCC, possibly supplied by other RAs. • The card issuer (CI) roles are to manage personal identities and issue smart cards to card holders according to scheme policies and rules, and manage the issued cards throughout their lives (card population life cycle management).Independently from its issuance policy (which is an implementation level issue), the card issuer in the present model has also the responsibility to: o Define and maintain scheme security policies and rules o At least ensure that the card holder has been registered o Physically issue the smart card (personalise with on-card IAS application, generate security objects (i.e. PIN key pairs) install certificates, enable for use) o Securely deliver the smart card and authentication mechanism (PIN or enrolment of biometrics) to the card holder o Operationally manage card security (including authorising application download/activation in the case of multi-application frameworks, monitoring the scheme for security breaches, administrating cards by authorising post-issuance upload and activation of applications, blocking applications and cards, authorising card unlocking) o Operationally manage the scheme’s card population (including maintaining a database of cards and their contents, providing a single point of contact for the card holder, and arranging for card and card content replacement in cases of lost/stolen/faulty cards) • The roles of the certificate service provider (CSP) or the certificate authority (CA) are to: o Issue certificates under the responsibility of the stakeholder who ordered them: IAS certificates related to the card holder (including certificates containing attributes of the card holder) Any other certificates used for the functioning of the smart card information system (the scheme) Any other certificates required by a service provider for the functioning of its business service.
20 CWA 15264-1:2005 (E)
o Create and maintain a Certificate Revocation List or CRL, including creating and managing a repudiation policy in case of lost or stolen cards or misuse of cards o Provide a service to validate certificates (in the present framework, this must be an on-line service). This service may be delegated to a Validation Authority (VA) • The roles of the card application issuer (AI) are to: o Issue on-card applications o Arrange with the card operator (CO) and card issuer (CI) for on-card applications to be registered and for downloads to the card to be authorised o Provide a mechanism for loading applications onto cards (this mechanism will usually be defined by the card issuer) o Manage security of the applications o Maintain (if required) backup accounts for the contents of the application on the cards, unless this is a function of the card management system o Provide recovery services for data when applications on the cards are replaced • The role of the eService provider (SP) within the model is to provide business services to the card holder using the smart card as an IAS token and/or in conjunction with one or more other specific on- card applications. It must register with the card scheme operator and comply with scheme policies and rules. It concludes all the necessary contractual arrangements with the access provider and it also defines who may have access to the provided services and under which conditions. Beyond that, the content of services is outside the scope of this CWA. Card holders may be required to sign up (register) with service providers in order to use their services. The set of card holders signed up for a service is known as an eService community. The service provider may offer services to more than one smart card community (smart card scheme), and therefore an eService community expects to take advantage of the interoperability between smart card schemes in order to provide seamless services. • The role of the card scheme operator (CSO) is to administer, monitor and support the relationships between the card issuer, the access provider(s) and service provider(s) in order to ensure the integrity of the smart card community. This management and operational responsibility are performed in support of the card issuer and may include: o Definition, maintenance and enforcement of internal smart card community interoperability specifications and rules of access (e.g. interoperability between the card issuer and a service provider, rules for using available space on the card for additional applications). o Registration of the different stakeholders in the smart card community and verification of their compliance to the smart card community specifications and rules of access (e.g. certification of the smart card readers towards the security specifications). o Definition, maintenance and enforcement of external interoperability specifications, and organisation of interoperability with other schemes. o Support of card holders (e.g. Help-Desk), access provider(s) and service provider(s) • The access provider (AP) is the entity in charge of managing the infrastructure to be used by the card holder for accessing the offered services and managing card content. The infrastructure includes: o Terminals directly associated with card handling (e.g. card readers and necessary driver software); o Other terminal functions and equipment (e.g. where PCs are used as clients on the network); o Communication networks; and o Server systems (but note that, in the case of servers hosting service provider applications, only interfacing to those applications is included here, as service content is outside the scope of the framework). • The content provider (CP) is the entity in charge of keeping the content of the service provider up-to- date. This will be in accordance with content service requirements and agreements. Note that the content provider does not play any role in IAS interoperability.
3.2 Processes
Performing the roles is based upon the processes required for the delivery of common and trusted IAS services. These processes are classified as primary (i.e. operational), secondary (i.e. supportive) and tertiary (i.e. business), depending on the relationship that they have with the core IAS functions:
• Primary IAS processes are those which enable interactions between the IAS services and the eServices requiring them (see section 3.2.1). • Secondary (supportive) IAS processes are the pre-requisites which create the Trust required to operate the primary processes (see section 3.2.2).
21 CWA 15264-1:2005 (E)
• Tertiary IAS processes are those which are part of the eService delivery to the card holder. They justify the need for primary and secondary processes. Tertiary processes are not detailed in this CWA.
3.2.1 Primary IAS processes
Five different primary processes are needed for an eService to interact with IAS services. They are identified below and further detailed, in a formal manner, in section 7.
1.0. Card activation
2.0. Connection to e-Service
User 3.0. Interaction with e-Service
4.0. Closing of the e-Service Connection
5.0. Card deactivation
Figure 5: eAuthentication primary process high-level use cases • By the card activation process (primary process 1.0), a smart card communicates with a terminal: o A physical connection between the card and the reader, is established, based on the type of card used (e.g. contact/ contactless) o The reader and/or the terminal accept or reject the connected card. o The terminal initiates a secure communication channel with the card. 5 o Based on the security rules in place, this communication might require a one-side or a two-side authentication between the card and the terminal and the establishment of an encrypted communication between them. When PKI is used in this process, some certificate validation is required. • By the connection to an eService process (primary process 2.0), the terminal initiates a communication to the eService. o Based on the security rules in place, this communication might require a one-side or a mutual authentication between the terminal and the eService and the establishment of an encrypted communication between them. When PKI is used in this process, some certificate validation is required. • During the interaction process with an eService (primary process 3.0), the user initiates a session with the IAS services, for identification, authentication or electronic signature services, according to the security policy rules defined by the card issuer and as required by the business rules applicable to the eService he/she want to interact with. o The identification data required for accessing the eService are provided by the user as loaded in the smart card. The file containing personal data is (optionally) PIN/Biometric protected. o If some assurance of the provided identification data is required, the claimed identity of a person is to be authenticated by one or several of the following elements: A PIN or a Password known only by the user A set of biometric data related to the user A private key under the sole control of the user
5 The private key dedicated to the authentication of the card may be used for a device authentication protocol without necessarily requiring the cardholder to type his PIN code. 22 CWA 15264-1:2005 (E)