User:Vayamevabhukta/IEEE 1667 Smartcard Transport Silo

= IEEE 1667 Smart Card Transport Silo = DRAFT

Use IEEE 1667 to communicate with a secure module

What does it bring to IEEE 1667?
 * Leverage Smart Cards use cases and standards
 * Potential extension to an authentication silo

What does it bring to Smart Card systems?
 * Leverage IEEE 1667 new transports
 * Improves discovery mechanisms and integration in OS

Use cases: examples & standards
 * Automatic login (PIV)
 * Biometry / Fingerprint matching (ISO 19794-2& ISO 7816-11)
 * PKI Cryptographic Services (PKCS#11 & CAPI)

Simple encapsulation transport
 * Command / response nature of Smart Card exchanges maps well on P_OUT / P_IN pairs
 * One command to encapsulate an existing command protocol: Message Exchange
 * For flexibility, the silo supports different encapsulation protocols
 * Additional commands to detect & manage silo capabilities: GetSCTS Transport Mode Description, Set SCTS Transport Mode
 * Three transports encapsulation supported for now:
 * ICCD
 * CCID
 * “Raw” APDUs (An APDU is encapsulated in a transport protocol, itself encapsulated in an IEEE 1667 command)