
M. TALAMO ET AL.
258
6. Conclusion and Outlook
We have extended OpenSC 0.12.0 to include secure
messaging so that the digital signature functionality of
SCs can be supported in OpenSC. This will enable us to
run extensive test on the interoperability of a wide class
of digital signature SCs which are connected with their
software applications via a single middleware [7]. We
have identified several important security issues that
must be addressed in future work. Part of this effort will
include combining the OpenSC middleware with a model
checker as a “watch-dog” to identify and prevent anoma-
lies. The ultimate goal is to certify the secure in teropera-
bility of all SCs integrated into such an environment.
7. Acknowledgements
This project has been supported in part by MIUR under
contract PRIN 2008ZE493H.
REFERENCES
[1] International Organization for Sta ndardization (I SO) “Iden-
tification Cards—Integrated Circuit Cards Part 4: Or-
ganization, Security and Commands for Interchange,” In-
ternational Organization for Standardization Std., Geneva,
2005.
[2] International Organization for Sta ndardization (I SO) “Iden-
tification Cards—Integrated Circuit Cards Programming
Interfaces—Part 3: Application Programming Interface,”
International Organization for Standardization Std., Ge-
neva, 2008.
[3] The Common Criteria, “Common Criteria for Information
Technology Security Evaluation,” Common Criteria Std.,
2009. http://www.commoncriteriaportal.org/cc/
[4] The European Committee for Standardization (CEN),
“Secure Signature-Creation Devices ‘EAL 4+’,” Euro-
pean Committee for Standardization (CEN) Std., Brussels,
2004.
[5] M. Talamo, et al., “Robustness and Interoperability Pro-
blems in Security Devices,” Proceedings of 4th Interna-
tional Conferences on Information Security and Cryptol-
ogy, Beijing, 14-17 December 2008.
[6] M. Talamo, et al., “Verifying Extended Criteria for In-
teroperability of Security Devices,” Proceedings of 3rd
International Symposium on Information Security, Mon-
terrey, 10-11 November 2008, pp. 1131-1139.
[7] M. Talamo, M. Galinium, C. H. Schunck and F. Arcieri,
“Interleaving Command Sequences: A Thread to Secure
Smartcard Interoperability,” Proceedings of the 10th In-
ternational Conference on Information Security and Pri-
vacy, Jakarta, 1-3 December 2011, pp. 102-107.
[8] OpenSC, “OpenSC Tools and Libraries for Smartcard,”
2001. http://www.opensc-project.org/opensc
[9] W. Rankl and W. Effing, “Smart Card Handbook,” 4th
Edition, Wiley, West Sussex, 2010.
doi:10.1002/9780470660911
[10] M. Talamo, M. Galinium, C. H. Schunck and F. Arcieri,
“Interleaving Commands: A Threat to the Interoperability
of Smartcard Based Security Applications,” International
Journal of Computer and Communication, Vol. 6, No. 1,
2012, pp. 76-83.
[11] M. Talamo, M. Galinium, C. H. Schunck and F. Arcieri,
“Integrating Secure Messaging into OpenSC,” Proceed-
ings of the 2nd International Conference on Computer
and Management, Wuhan, 9-11 March 2012, pp. 1222-
1227.
[12] E. Pucciarelli, “Implementation of Secure Messaging,”
2008.
http://www.mail-archive.com/opensc-devel@lists.opensc-
project.org/msg03034.html
[13] A. Villani, “Incrypto34v2 User and Administrator Guid-
ance,” ST. Incard, Marcianese, 2004.
[14] OpenSC. “Supported Hardware (Smart Cards and Usb
tokens),” 2011.
http://www.opensc-project.org/opensc/wiki/SupportedHar
dware
[15] O. Kirch and A. Iacono, “pkcs15-Postecert.c,” 2004.
http://www.opensc-project.org/opensc/browser/OpenSC/s
rc/libopensc/pkcs15-postecert.c
[16] E. Pucciarelli, “pkcs15-Itacns.c,” 2008.
http://www.opensc-project.org/opensc/browser/OpenSC/s
rc/libopensc/pkcs15-itacns.c
[17] Agencia per L’Italia Digitale, “Certificatori Firma Digi-
tale. Ente Nazionale per la Digitalizzazione della Pubblica
Amministrazione,” 2011.
http://www.digitpa.gov.it/certificatori_firma_digitale
Copyright © 2012 SciRes. JIS