IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

Similar documents
The Gemalto offer for PKI market in Russia

FAMILY BROCHURE. Gemalto SafeNet Authenticators. Diverse Form Factors for Convenient Strong Authentication

PRODUCT INFORMATION BULLETIN

1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

CREDENTSYS CARD FAMILY

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

PKI Credentialing Handbook

1. Product Overview 2. Product Features 3. Product Value 4. Comparison Chart 5. Product Applications 6. Q & A

1. Product Overview 2. Product Features 3. Comparison Chart 5. Q & A

BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module

Secure Elements 101. Sree Swaminathan Director Product Development, First Data

Moser Baer Group 25 years of excellence

hidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL

HARDWARE SECURITY MODULES (HSMs)

Interface. Circuit. CryptoMate

END OF SALE ANNOUNCEMENT

Single Secure Credential to Access Facilities and IT Resources

Design and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet

Smart Card ICs. Dr. Kaushik Saha. STMicroelectronics. CSME 2002 (Chandigarh, India) STMicroelectronics

iclass SE Platform Solutions The New Standard in Access Control

ID-One Cosmo V7-a Smart Card Cryptographic Module

ID-One PIV (Type A) FIPS Security Policy. (PIV Applet Suite on ID-One Cosmo V7-n) Public Version

Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Security for Wireless Handhelds

Java Card Technology-based Corporate Card Solutions

Overview of cryptovision's eid Product Offering. Presentation & Demo

MultiApp ID V2.1 Platform FIPS Cryptographic Module Security Policy

Expert 3.2

Sphinx Feature List. Summary. Windows Logon Features. Card-secured logon to Windows. End-user managed Windows logon data

The Future of Smart Cards: Bigger, Faster and More Secure

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

The Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are critical components

A Multi-Application Smart-Card ID System for George Mason University. - Suraj Ravichandran.

Identity and Authentication PKI Portfolio

Security in NFC Readers

The Open Application Platform for Secure Elements.

ACOS5-64. Functional Specifications V1.04. Subject to change without prior notice.

Security Requirements for Crypto Devices

CardOS Secure Elements for Smart Home Applications

Expert 3.2

NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit

SETECS OneCARD PIV II Java Card Applet. on Gemalto GemCombi'Xpresso R4 E72K PK card

ALIKE: Authenticated Lightweight Key Exchange. Sandrine Agagliate, GEMALTO Security Labs

Smartcards. ISO 7816 & smartcard operating systems. Erik Poll Digital Security Radboud University Nijmegen

Architecture 1 3. SecureToken. 32-bit microprocessor smart chip. Support onboard RSA key pair generation. Built-in advanced cryptographic functions

Connecting Securely to the Cloud

Smart Cards. José Costa. Software for Embedded Systems. Departamento de Engenharia Informática (DEI) Instituto Superior Técnico

SecureDoc Disk Encryption Cryptographic Engine

NXP Semiconductors JCOP 3 SecID P60 OSA FIPS Cryptographic Module Non Proprietary Security Policy

Getting to Grips with Public Key Infrastructure (PKI)

GemXpresso R4 E36/E72 PK. Security Policy

AT90SDC10X Summary Datasheet

The Next Generation of Credential Technology

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

SC-1 Smart Card Token. QUICK Reference. Copyright 2007 CRYPTOCard Corporation All Rights Reserved

Secure Government Computing Initiatives & SecureZIP

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

August, Actividentity CTO Office

PKI Knowledge Dissemination Program. PKI Standards. Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore

Strategies for the Implementation of PIV I Secure Identity Credentials

IDGo Middleware and SDK for Mobile Devices

white paper SMS Authentication: 10 Things to Know Before You Buy

Secure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories

Certicom Security for Government Suppliers developing products to meet the US Government FIPS security requirement

Who s Protecting Your Keys? August 2018

Authentication Technology for a Smart eid Infrastructure.

IBM Tivoli Directory Server

Power LogOn s Features - Check List

Introduction to Electronic Identity Documents

FIPS Level 3. Security Policy of Java Card Platform Implementation for Infineon on SLE 78 (SLJ 52GxxyyyzR) V1.0f. August Version 2.

Security Solutions. End-to-end security. Protecting your physical access control system.

Security Policy for. DAL C3 2 Applet Suite on Axalto Cyberflex Access 64Kv1 Smart Card Chip. FIPS Level 2. Version 1.03 January 31, 2005

PKI BLADE Applet and Protiva PIV DL Card Security Policy

g6 Authentication Platform

ARM Security Solutions and Numonyx Authenticated Flash

The Open Protocol for Access Control Identification and Ticketing with PrivacY

2 nd ETSI Security Workshop: Future Security. Smart Cards. Dr. Klaus Vedder. Chairman ETSI TC SCP Group Senior VP, Giesecke & Devrient

IDPrime MD 830-revB FIPS Cryptographic Module Non-Proprietary Security Policy Level 3

Spoofing iclass and iclass SE

Entrust IdentityGuard PIV Credential FIPS Cryptographic Module Security Policy Version: 1.0 Date: January 24, 2013

Expert Embedded Security

SLE66CX322P or SLE66CX642P / CardOS V4.3B Re_Cert with Application for Digital Signature

Security Policy for Schlumberger Cyberflex Access 32K Smart Card with ActivCard Applets

iclass Seos July 2014 Introducing the HID Global iclass Seos Card

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

The SafeNet Security System Version 3 Overview

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017

BEYOND TRADITIONAL PASSWORD AUTHENTICATION: PKI & BLOCKCHAIN

Overview. DigitalPersona Logon for Windows Data Sheet. DigitalPersona s Composite Authentication transforms

Date: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.

Jrsys Mobile Banking Solutions

CRESCENDO SERIES Smart Cards. Smart Card Solutions

Intel and Symantec: Improving performance, security, manageability and data protection

E-guide Getting your CISSP Certification

Axway Validation Authority Suite

Leveraging the full potential of NFC to reinvent physical access control. Friday seminar,

Satisfying CC Cryptography Requirements through CAVP/CMVP Certifications. International Crypto Module Conference May 19, 2017

SMART CARDS. Miguel Monteiro FEUP / DEI

Transcription:

IDCore Flexible, Trusted Open Platform financial services & retail enterprise > SOLUTION Government telecommunications transport Trusted Open Platform Java Card Alexandra Miller >network identity >smart card security >cryptographic capability www.gemalto.com

IDCore Flexible, Trusted Open Platform The heart of problem Modular and flexible architecture An increasing number of businesses and government agencies are coming to the realization that single authentication solutions using simple user names and passwords are not enough to keep today s cyber criminals at bay. And even though implementing stronger password solutions are better, they are simply not enough. Requiring long, cumbersome passwords with multiple characters, letters and numbers, typically results in users writing down their passwords and placing them near their computer. Scary to think the walls of an entire network could crumble because of what was jotted down on a single sticky note. Strong authentication, combining something you know (PIN) with something you have (smart card or token) is the best method to ensure your networks are protected and cannot be compromised by the actions of a careless user. Gemalto, the world leader in digital security, offers a wide array of strong authentication solutions to help address this critical issue. IDCore is a flexible open platform solution that can be easily customized to fit into any corporate or public sector environment. With a full range of multipurpose smart cards, IDCore solutions support applications such as logical and physical access, PKI services and digital transactions and are available in credit card or USB key form factors for maximum use case support. Integrate physical & logical access control IDCore smart cards are a flexible platform give you the option to combine contact and contactless technologies so the same card can be used for access to both physical facilities and logical information assets throughout the organization. These hybrid cards use separate chips to control the contact and contactless IDCore is a flexible open platform solution that can be easily customized to fit into any corporate or public sector environment. interfaces which makes integrating legacy applications straightforward and efficient. It can be integrated with contactless technologies such as Mifare, DESFire, Legic Advant and HID Prox / Indala / iclass. In addition, this open platform can be customized to provides dual functionality to manage both contact and contactless interfaces and associated applications with a single chip. No compromise on security IDCore smart cards using a Java Operating System incorporate advanced microcontrollers with strong security certification. The IDCore Java Card OSwas developed by an industryleading security team that designed it to implement counter measures against various threats, including side channel, invasive, advanced fault, and other types of attacks. The IDCore Java Card OS meets the industry s most stringent security certifications, such as FIPS 140-2 level 3, FIPS 201, and CC EAL4+ / PP SSCD. IDCore solutions are easy and fast to update through an open OS architecture that separates the platform from the application. This partitioning also reduces migration constraints, even after initial card issuance. Compliant applications can be loaded and cards that are compatible with existing ones can be produced quickly. Java Card technology offers fast deployment cycles for application development with rapid prototyping and implementation. No long and expensive re-masking is necessary; new applets are simply loaded in the Java Card memory. In addition, this technology enables various business models between issuer, application providers and operators, thanks to multiple security domains and dynamic application partitioning. The IDCore s virtual machine has been highly optimized to maximize software performance without compromising security. Combined with the latest generation of high performance microcontrollers, it provides one of the fastest Java Open Platforms available. A strong foundation for any environment Complete solutions can be built using IDCore products with other Gemalto digital security solutions including smart card readers, strong authentication and digital signature software, as well as smart card management systems. To allow you to get the solution that best fits your needs, several applets can be pre-loaded to provide a flexible multi-application platform for current requirements and future needs during the card lifecycle. With the most secure, flexible platform on the market, Gemalto offers a series of IDCore applets for authentication, access control, identification, digital signature, e-purse, data storage, customer loyalty, and other services. 2012 Gemalto. All rights reserved. Gemalto, the Gemalto logo are trademarks and service marks of Gemalto NV and are registered in certain countries. May 2012 CC www.gemalto.com

IDCore 10 Java Card Platform The IDCore 10 smartcard benefits from the latest release of Java Card technology standards. This Java Card platform is available from Gemalto as an open, multi-application card and is ideally suited for markets such as Identity or Security/Access. It is a Public Key Java Card (supporting both RSA and elliptic curves) that meets the most advanced security requirements of long-term, multi-application programs, including those being deployed by large global organizations. IDCore 10 complies with the latest international standards: Java Card 2.2.2 (& 3.0.1 for the elliptic curves algorithms) Global Platform 2.1.1 (amendment A) ISO 7816 Key Benefits Easy application deployment thanks to the Gemalto applets that can optionally be installed: - MPCOS applet is fully compatible with the high performance native MPCOS Operating System and can be used for secure data management and e-purse applications. - OATH OTP applet offers One Time Password services Optimized memory (with MPCOS applet code stored in ROM area) extends multi-application capability, large data capacity and lifetime. Real Garbage Collector Memory can be released to the platform in real-time upon object deletion and made available to the applets. Performance IDCore 10 Virtual machine has been highly optimized to offer maximum software performance without compromising security. Combined with the latest generation of high performance silicon, this provides one of the fastest Java Open Platforms available. Part of a full range of product and services Additional benefits from Gemalto s proven Java Card experience and product offer include support, personalization services and integration to Card Management systems. Flexibility and Modularity The open platform principle and interoperability enable the separation of application development (Applet) from the platform. This also supports aggressive time-to-market for introduction of new applications. Existing third-party applets from most vendors can be loaded and cards that are compatible with existing ones can be generated quickly. No compromise on security The IDCore 10 platform implements the most advanced security countermeasures for enforcing protection of all sensitive data and functions in the card. non binding information Aug 12

IDCore 10 Product characteristics EEPROM Memory Standards Cryptographic algos Communication protocols Other OS features 80 KB JC2.2.2 (and JC3.0.1 for ECC algos) GP2.1.1 (with SCP01 and SCP02) Symmetric: 3DES (ECB, CBC), AES (128, 192, 256) Hash: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512. RSA: up to RSA 2048 bits Elliptic curves: P-224, P-256, P-384, P-521 bits On-card asymmetric key pair generation T=0, T=1, PPS, with baud rate up to 230 Kbps PK-based DAP (to control the applets that can be loaded on the card) Delegated Management Support of Extended Length APDU Multiple Logical Channels Real Garbage collector (memory space can be recovered after individual object deletion) Gemalto applets (optional) MPCOS OATH OTP Chip characteristics Technology Lifetime Certification E-purse & secure data management application One Time Password application 80K EEPROM area Embedded crypto engine for symmetric and asymmetric cryptography Minimum 500,000 write/erase cycles Data retention minimum 25 years CC EAL5+ Security The IDCore 10 includes multiple hardware and software countermeasures against various attacks: side channel attacks, invasive attacks, advanced fault attacks and other types of attacks. non binding information Aug 12

IDCore 30 Java Card Platform The IDCore 30 smartcard benefits from the latest release of Java Card technology standards. This Java Card platform is available from Gemalto as an open, multi-application card and is ideally suited for markets such as Identity or Security/Access. It is a Public Key Java Card (supporting both RSA and elliptic curves) that meets the most advanced security requirements of long-term, multi-application programs, including those being deployed by large global organizations. IDCore 30 complies with the latest international standards: Java Card 2.2.2 (& 3.0.1 for the elliptic curves algorithms) Global Platform 2.1.1 (amendment A) ISO 7816 The IDCore 30 is FIPS 140-2 Level 3 certified (pending) Key Benefits Flash memory ensures optimization of the memory allocation, extended multi-application capability, large data capacity and lifetime. Easy application deployment thanks to the Gemalto applets that can optionally be loaded in the flash memory: - MPCOS applet is fully compatible with the high performance native MPCOS Operating System and can be used for secure data management and e-purse applications. - OATH OTP applet offers One Time Password services. Real Garbage Collector Memory can be released to the platform in real-time upon object deletion and made available to the applets. Performance IDCore 30 Virtual machine has been highly optimized to offer maximum software performance without compromising security. Combined with the latest generation of high performance silicon, this provides one of the fastest Java Open Platforms available. Part of a full range of product and services Additional benefits from Gemalto s proven Java Card experience and product offer include support, personalization services and integration to Card Management systems. Flexibility and Modularity The open platform principle and interoperability enable the separation of application development (Applet) from the platform. This also supports aggressive time-to-market for introduction of new applications. Existing third-party applets from most vendors can be loaded and cards that are compatible with existing ones can be generated quickly. No compromise on security As reflected by the FIPS 140-2 Level 3 certification of its java card Operating System, the IDCore 30 platform implements the most advanced security countermeasures for enforcing protection of all sensitive data and functions in the card. Preliminary - non binding information Dec 12

IDCore 30 Product characteristics Flash Memory Standards Cryptographic algos Communication protocols Other OS features 122 KB Flash memory available for applications and data JC2.2.2 (and JC3.0.1 for ECC algos) GP2.1.1 (with SCP01 and SCP03) Symmetric: 3DES (ECB, CBC), AES (128, 192, 256) Hash: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512. RSA: up to RSA 2048 bits Elliptic curves: P-224, P-256, P-384, P-521 bits On-card asymmetric key pair generation T=0, T=1, PPS, with baud rate up to 460Kbps PK-based DAP (to control the applets that can be loaded on the card) Delegated Management Support of Extended Length APDU Multiple Logical Channels Real Garbage collector (memory space can be recovered after individual object deletion) Gemalto applets (optional) OATH OTP MPCOS Chip characteristics Technology Lifetime Certification One Time Password application E-purse & secure data management application Flash memory 16-bit microcontroller Embedded crypto engine for symmetric and asymmetric cryptography Minimum 500,000 write/erase cycles Data retention for minimum 25 years CC EAL6+ Security The IDCore 30 includes multiple hardware and software countermeasures against various attacks: side channel attacks, invasive attacks, advanced fault attacks and other types of attacks. The IDCore 30 is FIPS 140-2 Level 3 certified (pending) Preliminary - non binding information Dec 12

IDCore 40 Java Card Platform The IDCore 40 smartcard benefits from the latest release of Java Card technology standards. This Java Card platform is available from Gemalto as an open, multi-application card and is ideally suited for markets such as Identity or Security/Access. It is a Public Key Java Card (supporting both RSA and elliptic curves) that meets the most advanced security requirements of long-term, multi-application programs, including those being deployed by large global organizations. IDCore 40 complies with the latest international standards: Java Card 2.2.2 (& 3.0.1 for the elliptic curves algorithms) Global Platform 2.1.1 (amendment A) ISO 7816 The IDCore 40 is CC EAL5+ / PP Javacard certified and is also currently being FIPS 140-2 Level 3 certified. Key Benefits Easy application deployment thanks to the Gemalto applet that can optionally be installed: - MPCOS applet is fully compatible with the high performance native MPCOS Operating System and can be used for secure data management and e-purse applications. Optimized memory (with MPCOS applet code stored in ROM area) extends multi-application capability, large data capacity and lifetime. Real Garbage Collector Memory can be released to the platform in real-time upon object deletion and made available to the applets. Performance IDCore 40 Virtual machine has been highly optimized to offer maximum software performance without compromising security. Combined with the latest generation of high performance silicon, this provides one of the fastest Java Open Platforms available. Part of a full range of product and services Additional benefits from Gemalto s proven Java Card experience and product offer include support, personalization services and integration to Card Management systems. Flexibility and Modularity The open platform principle and interoperability enable the separation of application development (Applet) from the platform. This also supports aggressive time-to-market for introduction of new applications. Existing third-party applets from most vendors can be loaded and cards that are compatible with existing ones can be generated quickly. No compromise on security As reflected by the CC EAL5+ / PP Javacard certification and the FIPS 140-2 Level 3 certification of its java card Operating System, the IDCore 40 platform implements the most advanced security countermeasures for enforcing protection of all sensitive data and functions in the card. non binding information Sept 12

IDCore 40 Product characteristics EEPROM Memory Standards Cryptographic algos Communication protocols Other OS features 80 KB JC2.2.2 (and JC3.0.1 for ECC algos) GP2.1.1 (with SCP01 and SCP02) Symmetric: 3DES (ECB, CBC), AES (128, 192, 256) Hash: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512. RSA: up to RSA 2048 bits Elliptic curves: P-224, P-256, P-384, P-521 bits On-card asymmetric key pair generation T=0, T=1, PPS, with baud rate up to 230 Kbps PK-based DAP (to control the applets that can be loaded on the card) Delegated Management Support of Extended Length APDU Multiple Logical Channels Real Garbage collector (memory space can be recovered after individual object deletion) Gemalto applets (optional) MPCOS E-purse & secure data management application Chip characteristics Technology Lifetime Certification 80K EEPROM area Embedded crypto engine for symmetric and asymmetric cryptography Minimum 500,000 write/erase cycles Data retention minimum 25 years CC EAL5+ Security The IDCore 40 includes multiple hardware and software countermeasures against various attacks: side channel attacks, invasive attacks, advanced fault attacks and other types of attacks. The IDCore 40 is CC EAL5+ / PP Javacard certified, and is also currently being FIPS 140-2 Level 3 certified non binding information Sept 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback