| With the applications of smart cards becoming more and more popular, the number of cards we hold will increase quickly and then we can not ignore the portability problem of smart cards any longer. To improve the portability of smart cards, a new design model of UCard is put forward. Many issuers can add their own COSes and correspondent applications that have the same instruction set into a UCard so as to implement the particular architecture of UCard with multi COS. This technology is called"Multi-issue technology".Nowadays, trusted computing is an important branch of information security area and it is also an important issue relating to the national and personal information security. Trusted computing base (TCB) is a resource set including hardware, firmware and software, which is responsible for enforcing a security policy and plays an extremely important role in a trusted operation system. In the form of seven-tuple, the mathematic model of a secured and trusted system is established. Then, on the basis of the mathematic model, the mathematical definition of TCB is given. Meanwhile, some security models and evaluation criterias are presented, which will be a reference for modeling the architecture and evaluating the security of UCard with multi-trusted computing base.Smart card security can be summarized as physical security and logical security. The formal security system model of conventional smart cards with a single COS is established. Then the composition of its TCB is analyzed and the security is evaluated on the probability theory. At last, it is proved that being more widely used, the architecture of smart card with single COS and multiple applications exists hidden security dangers.By analyzing the security policy restrictions of UCard, the system resources are abstracted on the set theory. Finally, at different configurable state the composition of UCard's TCB is obtained. UCard's TCB has the configurable character. The security and protection installations inside different COSes together with UCard kernel by time-sharing realize the multi-trusted computing base of UCard.The memory isolation ensures that each COS of UCard has its own separate memory resources. And the address mapping from one logical address to the different corresponding physical address of every COS is achieved. The issuing state of UCard is a process of establishing the reconfiguration and the using state is a process of implementing the reconfiguration. These two states are separately responsible for enforcing different security policies. Compared with traditional smart cards with a single COS and from the point of view of a reconfigurable and trusted system, the particular architecture of UCard with multi-trusted computing base can improve the portability of smart cards and at the same time UCard has the superiority in security. |
PDF Full Text Request