ic card v s rfid n.
Skip this Video
Loading SlideShow in 5 Seconds..
IC Card v.s. RFID PowerPoint Presentation
Download Presentation
IC Card v.s. RFID

IC Card v.s. RFID

401 Views Download Presentation
Download Presentation

IC Card v.s. RFID

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. IC Card v.s. RFID 資訊科技一 P9374717 李駿達 P9374711 顏世坤

  2. Agenda • Smart Cards Technology • Radio Frequency Identification (RFID) • Q&A

  3. Smart Cards Technology CD Lee, Sam Yen

  4. IC Card (Smart Card) • 是在塑膠卡片上裝置積體電路(IC),並在卡上外接接點,使讀寫裝置可以傳輸資料。IC卡內的積體電路可包含微處理器(MCU) 和記憶體,只有記憶體的稱為記憶卡(Memory Card),只能儲存資料;具微處理器的則有運算和資料處理能力,被稱為智慧卡(Smart Card)。 • IC卡的特色有:記憶容量大,資料可重複多次寫入或更新;資料控管功能;安全性高不易偽造,防止卡片犯罪的損失;可採離線(off-line)作業,減少通訊成本。國內目前在金融、醫療、電信方面,已陸續導入IC卡的應用。

  5. Plastic Cards • Visual identity application • Plain plastic card is enough • Magnetic strip (e.g. credit cards) • Visual data also available in machine readable form • No security of data • Electronic memory cards • Machine readable data • Some security (vendor specific)

  6. Smart Cards • Processor cards (and therefore memory too) • Credit card size • With or without contacts. • Cards have an operating system too. • The OS provides • A standard way of interchanging information • An interpretation of the commands and data. • Cards must interface to a computer or terminal through a standard card reader. • Loosely defined, a smart card is any card with a capability to relate information to a particular application such as: • Magnetic Stripe Cards • Optical Cards • Memory Cards • Microprocessor Cards

  7. Magnetic Stripe Cards Standard technology for bank cards, driver’s licenses, library cards, and so on……

  8. Uses a laser to read and write the card CANPASS Contains: Photo ID Fingerprint Optical Cards

  9. Can store: Financial Info Personal Info Specialized Info Cannot process Info Memory Cards

  10. Has an integrated circuit chip Has the ability to: Store information Carry out local processing Perform Complex Calculations Microprocessor Cards

  11. GND VCC VPP Reset I/O Clock Reserved Microprocessor CardsContact Smart Card

  12. Microprocessor CardsContactless Smart Card

  13. Microprocessor CardsCombi / Hybrid Cards • Hybrid Card • Has two chips: contact and contactless interface. • The two chips are not connected. • Combi Card • Has a single chip with a contact and contactless interface. • Can access the same chip via a contact or contactless interface, with a very high level of security.

  14. GND VCC VPP Reset I/O Clock Reserved Smart Cards devices

  15. What’s in a Card? • Typical Smartcard at time of our research • 8-bit CPU, 384 bytes RAM, 3–5 Mhz clock rate • Upcoming • 32-bit RISC CPU, 4 Kbytes RAM, 50 Mhz clock CLK RST Vcc RFU GND RFU Vpp I/O

  16. Typical Configurations • 256 bytes to 4KB RAM. • 8KB to 32KB ROM. • 1KB to 32KB EEPROM. • Crypto-coprocessors (implementing 3DES, RSA etc., in hardware) are optional. • 8-bit to 16-bit CPU. 8051 based designs are common. The price of a mid-level chip when produced in bulk is less than US$1.

  17. Smart Card Readers • Dedicated terminals Usually with a small screen, keypad, printer, often alsohave biometric devices such as thumb print scanner. • Computer based readers Connect through USB or COM (Serial) ports

  18. Communication mechanisms • Communication between smart card and reader is standardized • ISO 7816-4 standard • Commands are initiated by the terminal • Interpreted by the card OS • Card state is updated • Response is given by the card. • Commands have the following structure • Response from the card include 1..Le bytes followed by Response Code

  19. Security Mechanisms • Password • Card holder’s protection • Cryptographic challenge Response • Entity authentication • Biometric information • Person’s identification • A combination of one or more

  20. MF EF DF DF EF EF DF EF EF Data storage • Data is stored in smart cards in E2PROM • Card OS provides a file structure mechanism File types Binary file (unstructured) Fixed size record file Variable size record file

  21. Access control on the files • Applications may specify the access controls • A password (PIN) on the MF selection • For example SIM password in mobiles • Multiple passwords can be used and levels of security access may be given • Applications may also use cryptographic authentication

  22. How does it all work? Card is inserted in the terminal Card gets power. OS boots up. Sends ATR (Answer to reset) ATR negotiations take place to set up data transfer speeds, capability negotiations etc. Terminal sends first command to select MF Card responds with an error (because MF selection is only on password presentation) Terminal prompts the user to provide password Card verifies P2. Stores a status “P2 Verified”. Responds “OK” Terminal sends password for verification Card responds “OK” Terminal sends command to select MF again Card supplies personal data and responds “OK” Terminal sends command to read EF1

  23. application protocol 03.48 security layer CAT_TP Server CAT_TP and BIP BIP* • *Mechanism originally specified by 3GPP T3 by which the ME provides the UICC with access to the data bearers supported by the ME and the network

  24. How are Smart Cards Used? • Commercial Applications • Banking/payment • Identification • Parking and toll collection • Universities use smart cards for ID purposes and at the the library, vending machines, copy machines, and other services on campus. • By 2007 end all credit cards will be smart. • EMV standard • Mobile Telecommunications • SIM cards used on cell phones • Over 300,000,000 GSM phones with smart cards • Contains mobile phone security, subscription information, phone number on the network, billing information, and frequently called numbers.

  25. How are Smart Cards Used? • Information Technology • Secure logon and authentication of users to PCs and networks • Encryption of sensitive data • Other Applications • Over 4 million small dish TV satellite receivers in the US use a smart card as its removable security element and subscription information. • Pre-paid, reloadable telephone cards • Health Care, stores the history of a patient • Fast ticketing in public transport, parking, and road tolling in many countries • JAVA cards

  26. Digital Photo, Biometrics, Finger Print, Voice Print, Hand Geometry, Iris Scan, Digital Photo Smart Card Chip * Keyboard Dynamics, Digitized Signature, Signature Dynamics, Personal ID, Electronic Signature Mag Stripe on back Public/Private Key, Digital Signature (DSS), RSA for Off-line, Wireless, Telephony Hardware/Software Based, Crypto Co-Processor Barcode What is Smart Card for Government? A Multi-Application, Multi-Tech Proximity Smart CardA Hybrid / Composite Card Authen tication Architecture Encryption, Compression Uses Pre-paid Money, Credit, Debit, Authorizations, ID, Certificate Secure eMail, eForms, Digital signature * Proximity / Combi Chip are imminent - combining smart card and radio frequency into one chip * RF indicates Radio Frequency Chip Source: John G Moore, GSA, 1994

  27. E-Government Smart Card Specification • ISO 7816, 1,2,3 compliant • • FIPS 140-2, level 3 • • Java Applications – PKI Applet – ID PIN Verification and Management Applet – GCA Applet – Authentication Applet – Biometric Authentication Applet – Stake Holder applets (future) • • JavaCard 2.1 • • Global Platform 2 Compliant • • 64 K RAM (42K available for applets) • • DES/3DES/AES(when available) • • RSA asymmetric 1024 / 2048 • • PTS speed in access of 9600 bps • • EEPROM endurance > 250,000 r/w cycles • • MIFARE Proximity (contactless) chip – DESFire (ISO 14443-A) – 4 k NV memory

  28. Mary Carver Mary Carver Smart Card Applications Identity Management Mobile Communications Ticketless Travel Loyalty Programs Building Security/Area Access Time and Attendance Administration Debit/Credit Card Electronic Purse Mass Transit Training Management Qualification Certification Distance Learning Secure Network Access Information Security Drivers License Work/Entry Permits Parking Healthcare

  29. Advantages In comparison to it’s predecessor, the magnetic strip card, smart cards have many advantages including: • Life of a smart card is longer • A single smart card can house multiple applications. Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc. • Smart cards cannot be easily replicated and are, as a general rule much more secure than magnetic stripe cards. it has relatively powerful processing capabilities that allow it to do more than a magnetic stripe card (e.g., data encryption). • Data on a smart card can be protected against unauthorized viewing. As a result of this confidential data, PINs and passwords can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a transaction.

  30. Disadvantages • NOT tamper proof • Can be lost/stolen • Lack of user mobility – only possible if user has smart card reader every he goes • Has to use the same reader technology • Can be expensive • Working from PC – software based token will be better • No benefits to using a token on multiple PCs to using a smart card • Still working on bugs

  31. Over 20 programs world-wide • Over 20 programs world-wide across the financial, id/security, government, mobile telecom, public healthcare, retail, and transit markets 􀂉 Mobile OTA application management for USIM/SIM cards (SIMToolKit, CAT) 􀂉 US DoD CAC card 􀂉 Taiwan Health Card 􀂉 Moscow Social Card 􀂉 Finnish National Smart Card Program 􀂉 Smart Visa Card 􀂉 Amex Blue Card 􀂉 Etc..

  32. OS Based Classification • Smart cards are also classified on the basis of their Operating System. There are many Smart Card Operating Systems available in the market, the main ones being:1. MultOS 2. JavaCard3. Cyberflex4. StarCOS5. MFCSmart Card Operating Systems or SCOS as they are commonly called, are placed on the ROM and usually occupy lesser than 16 KB. SCOS handle:• File Handling and Manipulation.• Memory Management• Data Transmission Protocols.

  33. International Standardization • Mobile Telecom Standards 􀂉 ETSI: GSM 03.48, TS 23.048 􀂉 ETSI & 3G Smart Card Platform (SCP): TS 102.225, 102.226 • Government Standards 􀂉 US Federal Government: GSC-IS 􀂉 Under review (US): FIPS 201, PIV • ISO: new part 13 of 7816 series 􀂉 New Work Item from Japan: approved by ISO SC17 􀂉 Work assigned to ISO SC17/WG4, editor: Japan 􀂉 Scope: commands for application management in multi application environment 􀂉 Contribution: a subset of GlobalPlatform Card Specification, endorsed by ANSI 􀂉 US official contribution to ISO

  34. Global Deployment • Over 70 million GlobalPlatform cards deployed worldwide • Additional 450+ million GSM cards globally use GlobalPlatform technology for over-the-air (OTA) application download • Over 30 implementations across the financial, ID/security, government, mobile telecom, healthcare, retail, and transit markets • Estimates predict these figures to increase dramatically in 2005 and 2006

  35. Worldwide Industry

  36. Radio FrequencyIdentification (RFID) CD Lee, Sam Yen

  37. Internet of THIINGS

  38. RFID Overview(1) • What is RFID? • Radio Frequency IDentifier • RFID combines the features of traditional IDs • Barcodes : used to identify and track objects • OCR and biometrics : enables automatic ID and verification • Smart cards/IC card : store information and provide interactive processing • How RFID different? • Used to identify objects and store information about the object • Used to locate and identify objects from a distance using RF signals • Used to detect and read things that are not in line of sight • Data can be interactively managed and processed by the RFID chip and RFID system

  39. The RFID Tag Components • The RFID tag is made up of several parts: • A microchip that stores data and modulates and demodulates analog radio waves • An antenna that gathers RF energy from a reader and reflects back a signal • A protective layer that can be used to create a label or other type of transponder

  40. How it works • The reader emits radio waves • The tag coverts the radio waves into electricity to power up the microchip • The microchip modulates and demodulates the antenna and sends backs long and short waves or waves of different amplitude • The reader converts these waves into a string of ones and zeros • A computer turns the ones and zeros into digital information

  41. DNS RFID ODS RFID Overview(3) • Web service vs RFID service Web Service RFID Service object information server’s domain name object info server’s IP address object info Homepage (HTML) object info server Web server ODS: Object Directory System

  42. RFID Operation (Passive Tags) APPLICATION INTERROGATOR RF TAG Tag Physical Memory Decoder AIR INTERFACE Logical Memory Map Encoder DEVICECOMMANDS Tag Driver and Mapping Rules COMMANDS APPLICATIONCOMMANDS Command / Response Unit Application Program Interface APPLICATIONRESPONSES RESPONSES DEVICERESPONSES Logical Memory Note: The Logical Memory Map in the Tag Physical Memory is given by the Tag architecture and the mapping rules in the Tag Driver. All the information in the Logical Memory is represented in the Logical Memory Map DATA PROTOCOL PROCESSOR PHYSICAL INTERROGATOR ISO/IEC 15961 ISO/IEC 15962 ISO/IEC 15962 Annexes ISO/IEC 18000

  43. The RFID reader also has several parts: • A digital signal processor and a microcontroller • An internal or external antenna • A network or serial port connection • Input/output ports for linking to other devices

  44. RFID’s Unique Capabilities • No “line of sight” required to read tags • Simultaneous communication with multiple tags • Each Item is unique; prevents double counting • Bulk reading capability • Can store information directly on tags • High memory capacity • Long read ranges • Performance not limited by harsh environments versus bar codes

  45. Are All Tags The Same? Basic Types: • Active • Tag transmits radio signal • Internally powered memory, radio & circuitry • High Read Range (300 feet) • Passive • Tag reflects radio signal from reader • Reader powered • Shorter Read Range (4 inches - 15 feet)

  46. Active RFID • Active tags transmit an RF signal (instead of reflecting the signal) • Active tags have longer range than passive tags • Most active tags have batteries, though emerging technology may provide active transmission WITHOUT batteries.

  47. Passive RFID • Passive tags (also referred to as “field disturbance devices”) reflect and modulate radio waves received by the tag from the interrogator. • Passive devices have ranges of 1 to 4 meters depending upon national regulations • Passive tags do not require an on-board power source, but some do have batteries to support sensors and faster response times.

  48. RFID Operation (Passive Tags) Sequence of Communication • Host Manages Reader(s) and Issues Commands • Reader and tag communicate via RF signal • Carrier signal generated by the reader (upon request from the host application) • Carrier signal sent out through the antennas • Carrier signal hits tag(s) • Tag receives and modifies carrier signal • “sends back” modulated signal (Passive Backscatter - FCC and ITU refer to as “field disturbance device”) • Antennas receive the modulated signal and send them to the Reader • Reader decodes the data • Results returned to the host application