March 3rd, 2003 Site update : Public Reports updated

Smart.IS AM - General Overview

The Smart IS project is a support project resulting from an initiative undertaken by the European IT and Smart Card Industries for accelerating electronic business, new Transactional systems (TIS) and elctronic commerce.

Launched in June 2000, the initial Smart IS Accompanying measure was initiated to develop cross-sector co-operative studies between users, network operators and manufacturers on key issues of interoperability and security of smart card based e-commerce solutions, and specifically to define an authentification module - NAME - within a smart card.

In November 2001, the project was reshaped with new objectives and a new duration, up to the end of 2002. It now also includes the specification of a standard smart card solution that can be used in the implementation of the European directive for electronic signatures ("NAME.ES" module), in addition to the initial objectives in terms of authentification of Internet en users.

 

Smart.IS AM - OBJECTIVES

The Smart.IS AM project aims at developing and promoting standard specifications of authentication and advanced electronic signature functions for interoperable and secure smart card systems to accelerate electronic business and new TIS in Europe. This results in the following project objectives :

  • To ensure interoperability of Smart Card Systems architectures
  • To define a set of user requirements for a reference Smart Card and Security architecture suitable for the development of electronic business and electronic commerce.

    This integrated business architecture covers business-to-consumers, business-to-business and business-to-administration applications.
  • To co-operate with other bodies in Europe and worldwide in order to foster the emergence of standards rapidly accepted by the business community and the end users
  • To provide an interface with public authorities in order to identify critical obstacles to the development of smart-cased based applications and to formulate recommendations to regulatory authorities

Smart.IS AM final objectives are to promote a standard smart card solution to authenticate end uers and provide usable electronic signature functions.

Smart.IS AM added value

  • Smart.IS AM provides a unique industrial and pre-standardisation co-operative framework to promote standards and guarantee interoperability of Smart Cards security systems to be used for e-business and new TIS. It stimulates and promotes co-operative actions and the development of secure Smart Cards systems solutions and projects in these fields.
  • Smart.IS AM activity is now directly linked to the eEurope Smart Cards Initiative, via the Trailblazer 12. The project also includes a strong participation of Telecom operators and of terminal manufacturers, which will give a better view of business requirements.

Smart IS & eEUROPE

The eEurope smart Cards Initiative (link) aims to accelerate and harmonise the development and use of smart cards across Europe. This political initiative was launched by the European Commission in December 1999. Twelve working areas (called "Trailblazer") have been defined such as public identification, e-government, security, etc. a two-year industry driven Common Requirements work plan identifies the deliverables expected by the end of 2002.

The Smart IS AM project is strongly linked to this initiative as its scope covers a part of the Smart Card Chapter, designed by the eESC participants.

see eeurope-smartcards.org

It has become clear, through joint meetingd with ETSI and other European initiatives, that the security issues, for which there are already are (more or less) proprietary solutions, require a certain interoperability between operators for both Authentication and Electronic Signature functions.

There is a string similitude in terme sof the cryptographic mechanisms to be implemented, and the material constraints to be respected, for the security functions of signature and authentication. In fact both functions call for a secure zone in which to store a private key to be used for the signature, and an asymetric algorithm that will be used to encrypt a given set of data. The main difference between the two functions therefore is the nature of the data to be encrypted.

It is therefore useful to pursue a convergence and interaction with TB12 which is focused on Advanced electronic Signatures as per the European directive and Qualified electronic Signatures as defined by ETSI/EESSI.

Open working groups have been established in liaison with TB12 and others TBs in order to access and specify common requirements for authentication and advanced electronic signature functions for individuals and entities accessing the Internet.

Following the ETSI/GSM model with SIM cards :

SMARTIS AM will Promote standards smart card systems for e-business applications for the first phase (18 months contract) and e-EUROPE should help to extend this work to e-commerce and new Internet applications

see http://www.etsi.org/