By Topic

Infrastructure Standards for Smart ID Card Deployment

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Ramaswamy Chandramouli ; US National Institute of Standards & Technology ; Philip Lee

Smart card deployment is increasing thanks to the addition of security features and improvements in computing power to support cryptographic algorithms with bigger footprints (for digitally signing and encrypting) in the smart card chips in the past five or six years. Typical applications include subscriber identification module (SIM) cards (in telecommunications), micropayments (in financial transactions), commuter cards (in urban transportation systems), and identification (ID) cards. Although the share of cards used for identification applications (which we'll call smart ID cards) is relatively small within the overall smart card market, it's one of the fastest growing segments. Smart ID cards control physical access to secure facilities and logical access to IT systems (Web servers, database servers, and workstations) and applications. Authentication of the card and holder takes place using a set of credentials. An organization deploying such cards must have an infrastructure for generating, collecting, storing, provisioning, and maintaining credentials. The components involved in these credential life-cycle management activities constitute what we'll call the smart ID card system infrastructure, which supports smart ID card deployment. Not all components involved in this infrastructure have standardized interfaces. Moreover, no robust messaging standards exist for information exchange among the components. Yet, some efforts are under way to partially address the standards gap in this area

Published in:

IEEE Security & Privacy  (Volume:5 ,  Issue: 2 )