With the development of IC card from a simple synchronous card to an asynchronous card, from a simple EPROM card to the internal microprocessor-based smart card (also known as CPU card), the requirements of the IC card is more and more high. The management of the card itself is more and more complex, so there is an urgent need to have a tool to solve this contradiction, and the emergence of the internal microprocessor-enabled smart card, so that the realization of this tool has become a reality. Using its internal microprocessor chip, people have developed a variety of operating systems that are used within the smart card. The advent of Cos not only greatly improves the interface of smart card, makes the management of smart card easy; Moreover, it is more important to make the smart card itself in the direction of personal computerization to take a big step forward for the development of smart card to open up a very broad prospects.
COS overview
The full name of the COS is the chip Operating system (on-chip operating system), which is typically developed around the characteristics of the smart card it serves. Because of the inherent performance of the microprocessor chip and the memory capacity of the smart card, the Cos is largely different from the operating system (such as DOS, UNIX, etc.) that we usually see on the microcomputer.
First, COS is a dedicated system, not a universal one. That is, a cos generally applies only to certain (or some) smart cards, and the Cos in different cards is generally not the same. Because COS is typically developed based on the characteristics of a smart card and its scope of application, although they may be most likely to follow the same international standard in their actual function. Second, the COS is inherently closer to the pro-control program than a commonly-known operating system, at least for the time being, compared to the usual operating system on the microcomputer. Because in the current phase, COS needs to solve the problem of how to deal with the external command, which generally does not involve the sharing, concurrency management and processing, and for the smart card in the current application of the blind, concurrent and shared work is really no need for music. COS is generally designed to tightly combine the memory partitioning of the smartcard and is designed and developed in accordance with some of the features specified in the International Standard (iso/iec7816 series). However, due to the rapid development of smart cards, and international standards for the formulation of a relatively long period of time, resulting in the current standard of smart card is not too perfect situation, according to many manufacturers and their own development of the Cos has made an expansion.
For now, no one company's Cos product can form an industry standard. Therefore, this article will focus on the basic principles of COS and its fundamental functions in the context of the existing international standards (l994 years ago), where they are properly enumerated as examples of how they are implemented in certain products.
The main function of COS is to control the information exchange between the smart card and the outside world, manage the memory inside the card and complete the processing of various commands inside the card. Among them, the exchange of information with the outside world is the most basic requirement of Cos. During the exchange process, the information exchange protocol followed by COS currently includes two types: the T=0 protocol for asynchronous character transmission and the T=L protocol for asynchronous packet transmission. The specific content and realization mechanism of these two information exchange agreements are stipulated in the is0/iec78l6-3 and IS0/IEC7816-3A3 standards, while the base function of the management and control that the COS should complete is stipulated in the ISO/IEC78L6-4 standard. In this international standard, the data structure of the smart card and the basic command set of the Cos are also described in more detail. As for Is0/iec78l6-l and 2, the physical parameters and dimensions of the smart card are defined, and they are not closely related to the Cos.
The system of Cos
Depending on the hardware environment of the smart card described in the previous section, a variety of cos can be designed. However, all Cos must be able to solve at least three problems, namely: file operation, authentication and verification, security mechanism. In fact, authentication and verification and security mechanisms are all part of the security system of smart cards, so the two most important aspects of the Cos of smart cards are file and security. But in a more specific analysis, we can actually divide the command from the read-write device (that is, the interface device IFD) into a complete process of four stages, or four function modules: Transfer Manager (TM), Security Manager (SM), Application Manager (AM), and File Manager (FM). The transfer Manager is used to check that the information is being transmitted correctly. This part is mainly related to the communication protocol used by the smart card; The security manager is mainly the security of the transmitted information to check or deal with, to prevent illegal eavesdropping or intrusion; The application Manager is used to determine the likelihood of command execution, and the file Manager completes the processing of the command by verifying the operation permissions of the command. For a specific COS command, these four phases are not necessarily necessary, some stages can be omitted, or are in another phase, but generally speaking, having these four stages of the COS is more common. Below we will discuss the Cos in more detail according to these four stages.
It is important to note here that the "file" concept in a smart card is different from what we usually call "files". Although data units or records are stored within the files in a smart card, they are directly related to the specific application of the smart card. In general, a specific application must correspond to a file in a smart card, so the files in the smart card do not exist in what is commonly known as file sharing. Moreover, such documents must be complete not only in logic, but also in the physical organization. In addition, files on a smart card can also have filenames, but the identity of the file depends on the file identifier that corresponds to the file in the card-not the filename. Because a file name in a smart card is allowed to be duplicated, it is essentially a mnemonic of a file and does not represent the entire file entirely.
Transfer management (transmission manager)
Transfer management is mainly based on the information Transfer protocol used by the smart card, the command issued by the read-write device to receive. At the same time, the response to the command is sent in the format of the transmission co-Han. This shows that this part is mainly related to the communication protocol used by the smart card, and the more complex the communication protocol is, the more difficult and complex it is to realize this part.
We mentioned earlier that the current smart card Residence Transfer Protocol is generally the T=0 protocol and the T=1 protocol, if the cos of the two types of protocol is different in the implementation of the function, mainly in the implementation of the transfer manager is different. However, the use of the T=0 protocol and the T=1 protocol, the smart card in the exchange of information is asynchronous communication mode, and because the data port of the smart card only one, this information exchange can only be half-duplex, that is, at any one time, the data port can only have a party (smart card or read-write device) in the sending of data. The difference between the t=0 and T=1 protocols is that the units and formats of the data transmission are different, the T=0 protocol is the basic unit of the single-byte characters, and the T=1 protocol is the basic unit of the transmission with a certain length of data block.
If the transfer Manager believes that the command is received correctly, it generally passes the information part of the received command to the next function module, the security manager, and filters out additional information such as the start bit, stop bit, and so on. Accordingly, when the Transfer Manager sends an answer to the read-write device, each transmission unit should be accompanied by the necessary ancillary information provided in the Information exchange protocol.
Safety System (Security Structure)
The security system of smart card is a very important part of the smart card Cos, it relates to the choice of card authentication and verification, including the control mechanism of COS in accessing the card files, and the secrecy mechanism of the information in the card. It can be argued that smart cards are able to develop quickly and get popular. One of the important reasons is that it can provide users with a high security ttributes and security mechanism (SECURITYMACHINAMS) through the Cos security system. Where the security state refers to a smart card in the current state, the state is the smart card after the reset answer or after it has finished processing a command. In fact, we can fully assume that the smart card is always in one or the same state throughout the entire working process, and that the security state can often be represented by a smart card in a collection that currently satisfies the condition. The security attribute actually defines what is needed to execute a command ... Conditions, the command is available only if the smart card satisfies these conditions. Therefore, if the current security state of the smart card is compared with the security properties of an operation, then it is easy to determine whether a command is allowed to execute in the current state according to the results of the comparison, thus achieving the security control's purpose and security state is related to security property. Security mechanism can be considered as the transfer method and means of security state implementation, usually including: pass word authentication, password identification, data authentication and data encryption. A security state can be transferred to another State by these means, comparing this state with a security attribute, if it is consistent, it indicates the ability to execute the command corresponding to the attribute, which is the basic principle of the Cos security system.
From the above description of how the Cos security system works, we can see that the implementation of security mechanism is an extremely important aspect in security system, relative to security attribute and security state. Without a security mechanism, COS cannot do anything. From the above introduction to the security mechanism, we can see that the Cos security mechanism is implemented by the following three functions: Authentication and verification, data encryption and decryption, file access security control. Therefore, we will describe them separately below. In this regard, the security control of file access, because it is closely related to the file manager, so we put it into the file system to discuss.
Identification and verification: identification and verification are actually two different concepts, but since they are very similar in terms of the functions they achieve, we discuss them at the same time, which also facilitates the mastery of these two concepts in comparison.
Usually the so-called identification (authentication) refers to the verification of the legality of a smart card (or a read-write device), that is, how to determine whether a smart card (or read-write device) is not a forged card (or read-write device), and verification (Verlfy) refers to the card holder of the legitimacy of the verification , that is, the question of how to determine that a cardholder is legally authorized. Thus, both of them are essentially a kind of verification of legitimacy, which is very similar to the function they have accomplished. However, in the specific way of implementation, because of the two objects to be validated by the different, the means used are not the same. Specifically, in the implementation of the principle, verification is by the user to the smart card only he knows the pass word, and by the smart card to the correctness of the word to achieve the purpose of verification. In the transmission of the pass word, sometimes in order to ensure that people are not eavesdropping can also be transmitted to the information encryption/decryption operation, this process is often referred to as the pass word authentication.
Authentication is through a smart card and read and write devices at the same time to any one of the same random number of the same cryptographic operation (currently used DES algorithm), and then judge the consistency of the results of the two sides to achieve the purpose of verification. According to the different objects identified, COS also divides the identification into internal identification (Internal authentlcation) and external identification (EXternal authentication) two categories. The "internal" and "external" are all based on smart cards as reference points, so the internal identification is the verification of the validity of the smart card by the read-write device; External check is the verification of the legitimacy of the read-write device by the smart card.
Smart card through identification and verification method can effectively prevent the use of pseudo-card, prevent illegal user intrusion, but also can not prevent the information exchange process may occur in the eavesdropping. Therefore, the encryption of important data during the communication between the card and the reading and writing equipment is an effective means of anti-eavesdropping. The following is a description of the management and storage principles of a key part cipher in the Cos.
Password Management: The current data encryption algorithm used in smart card is des algorithm. The reason of using DES algorithm is that the algorithm has been proved to be a very successful encryption algorithm, and the arithmetic complexity is relatively small, the comparison is suitable for the smart card so the computational ability is not very strong situation. The password (or key) length of the DES algorithm is 64 bits. Cos the passwords used to encrypt data are organized together and stored in the form of files called password files. The simplest password file is a collection of 8-byte records, each of which corresponds to a des password, and a more complex password file may contain various attributes of the password for that record and additional checksum information to ensure the integrity of each record. The Record header section stores the property information of the password, such as the password that can be applied to all application files, or only the password that is available for the application file, whether it can be modified or read only, and so on. However, no matter what kind of password file, as a file itself, COS is through the file access security control mechanism to ensure the security of the password file.
When a data encryption operation is required, the COS selects the password join operation from the password file. When you read a password from a password file, just as you would read the application data, simply give the address of the password. Of course, the simplest way to generate a password is to randomly read a password directly from the password file as the password for encryption. However, such a mechanism may select the same password multiple times, thus providing the eavesdroppers with the opportunity to decipher, and the security is not too high. Therefore, a better approach is to randomly extract a password and then do some processing of the password itself to minimize the chance of repetition.
For example, in the PCOS product, the method used is to first perform a DES encryption operation on the password selected from the password file, and then use the result as a password to encrypt the data. The formula is as follows: in Key=des (Ctc,k (a)), K is a randomly selected password from the password file; CTC is a counter that records the number of times a smart card is traded, and the counter is incremented by one trade per transaction; Key is the last password to be supplied to the data encryption operation. Using this method can improve the security of the smart card, but it reduces the efficiency of execution. Therefore, the specific use of the method to generate the password should be based on the application of smart card and security requirements of the high and low level and specific decision.
Application Manager (Appiication Manager)
The main task of the application manager is to judge the enforceability of the commands received by the smart card. As to how to determine the enforceability of a command, we have explained in the Security System section, so we can think that the implementation of Application Manager is mainly the implementation of the security mechanism of smart card application software. Because each application of the smart card exists as a file, the essence of the application Manager is the security control of the file access that we will discuss in the next section. Based on this, we can also think of the application manager as a part of the file manager.
File Manager
As with security, files are also a very important concept in the Cos. A file refers to an organized collection of records in a data unit or card. COS enables it to store and manage individual applications by creating a corresponding file for each application. Therefore, the application file for COS stores all kinds of data or records related to the application. In addition, the Cos of some smart cards may also contain application control files that control the application files. In the Cos, all files have a unique file identifier (Filel Identifier), so the file identifier allows you to directly find the file you want. In addition, each file can have a filename as a mnemonic, which differs from the file identifier in that it can be duplicated. Each file in the Cos is created by the publisher (is Suer) based on the card's application during personalization of the smart card, which is usually not created or deleted by the user of the card. However, the user can modify the contents of the file according to the situation, and can add and delete the records or data units in the file.
(1) file system: Cos's file can be divided into three categories according to its logic level, master file, private file (dedicated files) and basic file (elementary files). wherein, the master file is necessary for any COS, it is a unique file containing the file control information and the assignable storage area, which acts as the root file of the Cos file system, at the highest level of the Cos file system, and the basic file is a necessary part. It is actually used to store the application of data units or records of the file, at the lowest level of the file system, and the private file is optional, it is mainly stored in the file control information, file location, size and other data information. We can use the tree structure to graphically describe the basic structure of a COS file system.
Of course, for a specific COS product, it is likely that the actual classification of the file will be different due to the application. But careful analysis can be attributed to the above three logical levels. For example, the previously mentioned PCOS product. It does not classify the files according to the logical hierarchy, but is based on the purpose of the document. Its files are divided into three categories: Cos file (cos files), Password files (key file), and wallet files (purses file). The so-called Cos file holds basic application data, and the password file stores the password used to encrypt the data, and the wallet file acts like a wallet in our daily life. Thus, its three types of files are essentially in the basic file (EF) class. In PCOS, the concept of proprietary files is not very obvious, but in fact, if you pay attention to, then from the previous discussion, it should be easy to find that the product memory partition in the fat region of the role of the file is similar to a dedicated file, and the whole card itself is the nature of a master file. COS file has four kinds of logical structure: transparent structure, linear fixed-length structure, linear variable-length structure, fixed-length cyclic structure. Their definitions and features can be found in the relevant sections of the ISO/IEC78L 6-4 protocol, which are not detailed here. However, whatever logical structure is taken, the files in the Cos are physically stored in the memory of the smart card. Advant data access mode, record numbering method, data unit size and so on as the characteristics of the file system, in the smart card reset response process by the card.
In general, the most important method of data access in the smart card is the random access mode, that is, the card users can be authorized to directly access to a data unit or record in the file. As to what the Cos specifically can do to the file. We will discuss it in the command system of the Cos.
(2) File access security: Security control over file access is a very important part of the COS system, as the current international standard (1s0/iec78l 6-4) does not substantially provide any substantive provisions in this regard, Existing security control mechanisms for file access are implemented in a variety of ways. Here we are going to introduce two typical implementations: the identification register and the state machine mode. Among them, the use of Identification register method has PCOS, ME2000 and other products: the use of State machine mode products have starcos. When using the authentication register, it is usually a 8-bit (or 16-bit) long area in memory ram as the discriminator register. The identification here refers to the identification of the security control password. The authentication register reflects the security status of the smart card in its current location. In this way, the file header (or file descriptor) of each file of a smart card usually stores the condition that the file can be accessed, generally including reading and writing two conditions, respectively, with CR, Cu, which constitutes the security attribute of the file. The user enters a secure password by entering the smart card. Can change the security status of the card, which we often call the production, this is the identification register-based security mechanism. By combining the above two aspects, you can control the read and write permissions of the files in the card. The specific operation mechanism we use PCOS as an example to describe.
First, the identification register in PCOS is 8-bit word length, the 8-bit length of each of you and the PCOS memory in the secret word area of the 7 security password ordinal one by one corresponds. The initial value of each bit in the register is set to "O". If a user presents a secure password to the smart card and is judged to be correct, the system writes "L" to the corresponding bit of the authentication register. For example, if the 2nd secure password in the secret section is correctly presented by the user, PCOS will write "L" on the 2nd bit of the register. At the same time, the read, write conditions in the file descriptor CR, cu are stored in a number between O and 7, its value corresponds to the file for the read (or write) operation required to produce a password in the secret word area of a small number. Before the read (or write) operation of a file, the system first determines whether the corresponding CR (or CU) bit in the authentication register has been set to "L" (if CR equals O, it means that the file can be read by the user at will, and the same for Cu), only if the bit is "L", it is read (or write) Permissions have been met. To read (or write) the file. This means that if the user wants to operate on a piece, it must first show the security attribute corresponding to the file as the correct security password. The system achieves the purpose of security control of access to files. Unlike the authentication register, the state machine approach more clearly represents the concept of security states, security attributes, and security mechanisms, as well as the relationship between them (the knowledge about state machines is not part of this article, and interested readers should consult their own information). Taking Starcos as an example, it uses a mechanism that determines the state machine, which is implemented through the application control file (application control FILE,ACF) within the system. ACF is a linear variable-length structure of the file, its RH record 0l includes all commands controlled by the ACP can be allowed by the command code (INS), the rest of the records with the record ol in the instruction code one by one, which is stored in the corresponding command variant (varient) record. The so-called variant record refers to a number of records: The record is stored in the control information, the initial state, the possible next state and some additional instruction information combination, the use of these variations in the ACF can form a state transition diagram. In the variation record, the control Information section is essential. Different variations of the records are mainly in two different aspects: first, the command is allowed to differ in the state, and the second is the CLA byte beginning of the instruction information part is not the same. This is primarily determined by the different objects of the application to which the command is to be manipulated.
The security control of file access can be achieved by using the Acf,cos system. When the system receives a command for an application to operate, it first verifies that its script is in record 01 of the corresponding ACF file. If not, the system considers the command to be incorrect. After the corresponding instruction code is found, the system compares the command information in the order with that of the command in the corresponding variation record in the order, and then checks the initial state information in the variant record if the comparison result is consistent. If all of these tests pass successfully, the system enters the next state indicated in the strain gauge record; otherwise, the next variation record will continue to be found until the corresponding variant is discovered or all variation records corresponding to the command are checked. If the corresponding variation record is not found, the command is illegal, otherwise it will proceed to the next step of processing the command, that is, by the COS call the actual processing process to perform the processing of the command. And only when the process is finished, the system enters a new state and starts waiting for the next command to be received.
From the Gold Card project, 2003, issue 2nd
Transferred from: http://www.williamlong.info/archives/1857.html
Smart card operating System COS overview