 |
 |
 |
     |
||
 |
The “Open Smart Card Infrastructure for Europe” (OSCIE) defines the common specifications necessary to accelerate and harmonise the development and usage of smart cards across Europe. It is the result of the eEurope Smart Card (eESC) Charter industry and government driven initiative launched by the European Commission in December 1999 following announcement of the eEurope 2002 Action Plan. OSCIE presents the overall architecture, business models, social and legal pre-requisites, and technology implementation guidelines for an interoperable European smart card infrastructure together with identified solutions to the technical, business and legal barriers and has initiated demonstrators as boosters to smart card deployment. It makes extensive use of the following concepts:
The principal purpose is to promote the establishment of an Open end-to-end Smart Card Infrastructure which enables interoperability between different smart card communities at the level of smart cards, information systems and data. The objective is to build user’s trust and confidence by encouraging Smart Card and smart card systems interoperability, supporting innovative applications and services for secure multi-application cards technology. Structure of OSCIE The Open Smart Card Infrastructure for Europe is the result of public review and consensus development by the 250 active participants in the twelve eESC Trailblazer working groups and the ad-hoc Task Forces. It is a single specification organized into the following modules: Vol 1 Application white papers provides background analytic and survey documents describing the current status and deployment of smart cards in eGovernment, ePayment, Public transport and Healthcare. It provides the information necessary to understand the rationale for and benefits available from application of interoperable smart cards. Vol 2 User Requirements defines the User Requirements Best Practices Manual, and includes guidelines for cost transparency and for a user oriented privacy code of conduct for multi-application IAS. Vol 3 Global IAS Interoperability Framework (Parts 1-5) provides smart card communities and e-service communities with the necessary concepts and guidance on the tools required for access to e services and for security of transactions over the Internet. It is fine-tuned and detailed to fulfil the special “high-end” requirements concerning identification, authentication (tokens and persons), non-repudiation (by electronic signature), and integration with other applications. Part 5 is a novel about the mayor of an e-city and includes a summary of GIF1-4. Vol 4 Public Electronic Identity, Electronic Signature and PKI defines the Public Electronic Identity implementation specifications for e-Authentication in Europe and includes guidelines for cross border data flows in relation to interoperable IAS functions, a white-book on electronic signature and PKI issues, specifications for advanced Electronic Signature using smart cards via the internet as well as supporting analysis and details of the underlying telecommunication and terminal manufacturer requirements for multi-platform access to services. Vol 5 Multi-applications defines the legal framework for multi-application cards and systems, provides guidelines on current and future business models together with a basic general multi-application system architecture, prerequisites for core cross sectorial interoperability, and an outline of the mechanisms for integration of multi-application systems. Vol 6 Contactless Technology provides guidelines for interoperability and successful implementation of Contactless Technology. It includes documents on security threat evaluation, future roadmap, certification and field trial implementation issues. Vol 7 Card Reader identifies FINREAD and Embedded FINREAD as eESC recommended smart card readers. Vol 8 Security and protection profiles defines the elements required for international implementation and mutual recognition of smart card systems security and attack potential evaluation testing methodology according to levels of trust and confidence required for generic and specific application areas. Vol 9 Referenced standards provides information and executive summaries on key standards directly required for implementation of the eESC Common Specifications. In addition information is included on related and equivalent work in other regions (Japan, US). Vol 10 Implementation and deployment demonstrators provides information on the objectives and work of two specific eESC approved implementation and deployment demonstrators in the area of public identity (eEpoch) and in the area of trans-national healthcare entitlements (Netc@rds). Annexes provide additional information on the Open Smart Card Infrastructure for Europe common specifications, its development, related work and general tutorial documentation. OSCIE and updates are available from www.eeurope-smartcards.org. OSCIE has been submitted to the European Standardization organizations and specific parts are being progressed within CEN/ISSS into CEN Workshop Agreements. Contact Information
|
