Next: 7.3 Smart Card Technology
Up: 7 Appendix 7: Smart
Previous: 7.1 Introduction
-
Account
- A security database entry associating a principal with a key and other
security-related information such as privileges.
-
Issuer
- In this RFC series, an organization that purchases smart cards and issues
them to its users for use in accessing the issuer's services or systems.
-
Dedicated file
- A smart card file containing file control information and, optionally,
memory available for allocation. It may be the parent of elementary files
and/or dedicated files ISO 7816-4; roughly, a smart card ``file
directory''.
-
EEPROM
- Electrically Erasable Programmable Read-Only Memory.
-
Elementary file
- A set of data units or records in the smart card that share the same
identifier ISO 7816-4; roughly, a smart card ``file''.
-
File control information (FCI)
- Logical, structural and security attributes of a file; a string of data
bytes available in response to a SELECT FILE command ISO 7816-4.
-
FRAM
- Ferro-Electric Random Access Memory.
-
GSM
- Groupe Special Mobile; European digital cellular telephone standard,
providing security services such as user authentication, traffic
confidentiality, and key distribution.
-
IC
- Integrated Circuit. A single circuit containing multiple transistors.
-
Interactive principal
- A human user of a system. See ``principal''.
-
Key
- A parameter used in conjunction with a cryptographic algorithm that
determines:
- The transformation of plaintext data into ciphertext data,
- The transformation of ciphertext data into plaintext data,
- A digital signature, or
- A message authentication code.
-
Long-term key
- A key that is used over a relatively long period of time. Compare with
``session key''. Each principal can have a unique long-term key that is
used in authenticating a user or server claiming to be that principal.
For interactive principals, the long-term key is derived from the user's
password.
-
Master file
- The mandatory unique dedicated file representing the root of the smart
card file structure ISO 7816-4.
-
Message authentication code (MAC)
- A cryptographic checksum, based on DES.
-
Noninteractive principal
- A principal that is an instance of a company server, an instance of a
company application server, a computer in a company cell, or a cell (more
correctly, ``an Authentication Service surrogate''). See ``principal''.
-
Passivation layer
- A layer of dielectric material covering the circuitry on a smart card
that protects the chip from impurities and dust and prevents passage of
radiation associated with probes, such as electron-beam microscopy. Often
referred to as a ``seal''.
-
Password
- A sequence of alphanumeric and punctuation characters entered by a user
to authenticate to a computer system (including to a smart card).
-
PIN
- Personal Identification Number; a 4 to 12 character alphanumeric code or
password used to authenticate a person's identity, commonly used in
banking applications. In connection with smart cards, this document uses
the more general term ``password'' rather than ``PIN''.
-
Principal
- An entity that is capable of believing that it can communicate securely
with another entity. In a company Security, principals are represented as
entries in the Registry database. See ``interactive principal'' and
``noninteractive principal''.
-
Session key
- A random number generated to serve as a key for a specific transaction or
set of transactions.
-
Smart card
- A credit card-sized, tamper-resistant security device that relies on VLSI
chip technology for information storage and information processing.
-
User
- A person who attempts to access a computer system; a person who has been
issued a smart card.
-
VLSI
- Very Large Scale Integration; integration of thousands or more transitors
on a single chip, enabling single-chip implementations of CPU, RAM, ROM,
etc.
Next: 7.3 Smart Card Technology
Up: 7 Appendix 7: Smart
Previous: 7.1 Introduction
Denis Arnaud
12/19/1997