Smart cards are used extensively for data security and authentication purposes in various id card based applications. The data security in smart card is provided by access control based on passwords and cryptographic techniques.
The smart card chip carries an operating system which implements cryptography and provides secure storage of data for application for interacting with the smart card.
IIT Kanpur along with Government of India developed an application-independent smart card operating system standard known as SCOSTA-CL. SCOSTA-CL provides inter-operable command set for interaction between smart card data and applications.
In this thesis, we focus on the implementation of a SCOSTA-CL based Smart Card Operating System known as (SCSOS). The SCSOS implements contact and contact-less mode of communication with the smart card reader. The communication can be protected against eavesdropping through secure messaging. SCSOS implements symmetric key cryptography and has its own security architecture for the protection of resources such as data and commands.
Along with resource protection, it also allows applications to perform cryptographic operations such as encryption, decryption, checksum computation and verification etc. The SCSOS has been developed in a generic manner so as to support multiple applications on a single smart card.
The modular design of SCSOS allows development and integration of new features with little effort. The developed operating system has been ported to the various existing smart card processors and rigorously tested for reliability and robustness.
Author: Deepak Nagawade