CSS 150 term paper

advertisement
Donald J. Wood
Winter 08
CSS 150
The Smart Card
The smart card has many applications in today’s world of computers and technology. The
technology behind the smart card has been in use since 1983, and was, before introduced into a
U.S. military application, primarily used in Europe. In the below paragraphs, the smart card’s
history, application, and technology will be defined.
A smart card is a card which is embedded with either a microprocessor and a memory chip or
only a memory chip with non-programmable logic. The microprocessor card can add, delete,
and otherwise manipulate information on the card, while a memory-chip card can only undertake
a pre-defined operation. (http://java.sun.com/products/javacard/smartcards.html) The smart card
was first developed by German rocket scientist, Helmut Gröttrup and his colleague Jürgen
Dethloff in 1968. The patent for the smart card was not issued until 1982, and the first mass use
of the cards was for payment in French pay telephones, which started in 1983. Even before
1983, smart card applications were being invented. For example, Roland Moreno patented his
first concept of the memory card in 1974, and in 1977, Michel Ugon from Honeywell Bull
invented the first microprocessor smart card. In 1978, Bull patented the SPOM (Self
Programmable One-chip Microcomputer) that defines the necessary architecture to auto-program
the chip. (http://en.wikipedia.org/wiki/Smart_card) Today, there are three categories of smart
cards, which are primarily in use for information and computer security.
1
The first is the Integrated Circuit Microprocessor Cards. Integrated Circuit Microprocessor
cards offer greater memory storage and security of data than a traditional magnetic stripe card.
Integrated Circuit Microprocessor cards have cryptography built in and have been the main
platform for cards which hold a secure digital identity, and can function in a variety of different
elements. Just a few applications of this type of smart card provides is secure access to a
network, or cards that secure cellular phones from fraud.
The second is the Integrated Circuit Memory Cards. Integrated Circuit Memory Cards have
no processor on the card with which to manipulate data. Integrated Circuit Memory Cards are
dependent on a card reader for their processing, which is suitable for uses where the card
performs a fixed operation. Integrated Circuit Memory Cards are used primarily for pre-paid,
disposable-card applications like pre-paid phone cards, and are popular as high-security
alternatives to magnetic stripe cards.
The third is the Optical Memory Cards. Optical Memory Cards look like a card with a piece
of a CD glued on top. The data stored on the Optical Memory Cards cannot be changed or
removed. Therefore, this type of card is ideal for record keeping, for example medical files,
driving records, or travel histories. (http://java.sun.com/products/javacard/smartcards.html)
Now that I have discussed the different types of the smart card and a few of its applications, let’s
discuss how this interprets into security of an operating system, specifically the security of the
Department of Defense’s (DoD) computer operating systems. Let’s first discuss the use of the
smart card.
The smart card is the growing application in digital identification cards, which are used to
authenticate the identity of an individual providing a more secure environment for computer
operating systems. The most common example is in conjunction with a public key
2
infrastructure. The smart card will store an encrypted digital certificate issued from the public
key infrastructure along with any other relevant or needed information about the card holder.
Examples of this use include the U.S. Department of Defense Common Access Card (CAC),
which is an Integrated Circuit Microprocessor Card. (http://en.wikipedia.org/wiki/Smart_card)
The CAC not only stores an encrypted digital certificate issued from the public key
infrastructure, which is used in relation to computer access, but also serves as the standard DoD
identification card for active duty military personnel, reserve and guard personnel, civilian
employees, and eligible contractor personnel. When combined with biometrics, the smart card
can provide a two - or three - factor authentication. smart cards are privacy - enhancing
technology, but this can also be problematic being as information of the card holder can also be
stored on the CAC, which is can be incriminating to the card holder. (http://en.wikipedia.org/
wiki/Common_Access_Card) Before I can discuss the actual application in which DoD uses the
smart card in relation to computer access and operating system security, associated terms (public
key infrastructure and certifying authority) with the CAC and its application need to be defined.
In cryptography, a public key infrastructure is an arrangement that binds public keys with
respective to the user’s identity by means of a certificate authority. The certifying authority
issues digital certificates which contain a public key and the identity of the owner. The
3
certificate authority also attests that the public key contained in the certificate belongs to the
person, organization, server or other entity noted in the certificate via the verifying authority. A
certificate authority's obligation in such schemes is to verify an applicant's credentials, so that
users and relying parties can trust the information in the certificate authority's certificates.
(http://en.wikipedia.org/wiki/ Certificate_authority)
The user’s identity must be unique for each certificate authority. The binding is established
through the registration and issuance process. Depending on the level of assurance the binding
has, it may be carried out by software by a certificate authority or under human supervision.
DoD usually controls this aspect under human supervision. The public key infrastructure role
that assures this binding is called the registration authority. For each user, the user identity, the
public key, their binding, validity conditions and other attributes are made un-forgeable in public
key certificates issued by the certificate authority. The term trusted third party (TTP) may also
be used for certificate authority. The term public key infrastructure is sometimes erroneously
used to denote public key algorithms which, however, do not require the use of a certificate
authority. (http://en.wikipedia.org/wiki/Public_key_infrastructure)
Figure 1
4
As you can see in Figure 1, the user can gain access to particular information electronically
using his CAC (whether to purchase goods or access a computer system). The user uses his
smart card which his public key infrastructure/private or public key is verified by the registering
authority, sent to the registration or certified authority, then sent to the verifying authority, and
the user is allowed access to the information he wishes to gain access to because the user’s
public key infrastructure/identity is authorized. Now that there is a clear establishment of terms
associated with the use of the CAC, and how the entire process works, we can move on to the
DoD computer and operating systems security and CAC applications.
Though the CAC has many objectives, this new DoD identification (ID) card (CAC) is being
issued to DoD personnel who need access to DoD facilities or computer network systems. DoD
primarily uses the CAC in relation to network security by enabling encryption and
cryptographically signing of email, facilitating the use of public key infrastructure authentication
tools, and to establish an authoritative process for the use of identity credentials. Now let’s
discuss the process on access to the DoD computer systems.
The smart card interacts with different technologies associated with the smart card itself. Of
course this means in order for the technology to work the user, in this case DoD, has to purchase
not only the software, but also the hardware associated with smart card. The smart card interacts
with the host computer and card reader, which actually "talk" to the microprocessor on the smart
card itself. The microprocessor enforces access to the data on the card, and uses a limited
instruction set for applications such as cryptography to authenticate the user attempting to gain
access to the computer itself. This process requires a power source for the smart card to operate.
Therefore, the smart card uses a serial interface and receives its power from an external source,
the card reader. (http://computer.howstuffworks.com/microprocessor.htm)
5
Essentially the smart card reader is attached to the PC via USB, or the smart card reader is
built into the PC keyboard, which is also connected to the PC via USB. The smart card or CAC
is inserted into the smart card reader and then the computer/software and card reader “talk” to the
smart card and authenticate the user’s identity and if the encrypted digital certificate issued from
the public key infrastructure is valid through the certifying authority, the user is allowed access
to the computer. With DoD, a Personal Identification Number (PIN) is programmed into the
microprocessor, which is what the smart card software uses to authenticate the user. Figure 2 is
an illustration of a card reader which is connected to the computer via USB and an illustration of
a card reader which is built into a keyboard. Now let’s discuss some objectives of the CAC.
Figure 2
There are several objections to the use of this smart card, including mission capability,
and scalability. The CAC offers great computer security, which works well with mission
capability because information can be stored on a computer increasing information security.
There also problems with the CAC in relation to mission capability. Most CAC users remain at
the same workstation, but an ever-increasing number of government websites are requiring the
use of the CAC for authentication. The problem with this approach is many people who have a
legitimate requirement to access these websites are required to access those sites from non-CAC
enabled workstations, often while on a temporarily duty assignment or deployed, and at
6
workstations over which they have no administrative control, and of course, as with most
government computer systems, they are prohibited from installing a CAC reader. Therefore, the
username/password approach must be kept as a backup to CAC employment for these personnel.
(http://en.wikipedia.org/wiki/Common_Access_Card)
The U.S. Army has enjoyed username/password scalability, or single point access to many
SSL-secured websites, through its Army Knowledge Online program for several years. The U.S.
Air Force also enjoyed the same username/password scalability through the Air Force Portal.
Both of these online sites now offer either username/password access or require a user to log-in
using a CAC to perform certain functions that require stronger credential authentication than a
traditional HTTP Basic access authentication. However, some authorities believe that passwordbased logins are obsolete: “Passwords are a flawed technology,” according to Tom Gilbert, CTO
of Blue Ridge Networks, "They aggravate the users who have to remember them and the
administrators who rely on them to secure their systems.” Similarly, “Passwords don’t scale,”
said Mary Dixon, director of the Common Access Card Office in the Defense Manpower Data
Center. (http://en.wikipedia.org/wiki/Common_Access_Card) However, with DoD and its
mission capability and necessity for access to SSL-secured websites, it is important to keep the
username/password access as a backup.
The CAC card is far from perfect due to design flaws. A few of the common problems are the
microchip can be damaged easily from foreign objects scratches such as sand. Looking at the
card at a more technical level, the cards have certificate issues where users can't log on even
though their computers are set up correctly. Also different brands of cards have posed problems
with different systems, but as with any computer system, it would seem everything is a work in
progress.
7
There are also problems with Non-Windows Support. The CAC is based on X.509 certificates
with software middleware enabling an operating system to interface with the card via a hardware
card reader. Although card manufacturers such as Schlumberger provided a suite of smartcard,
hardware card reader and middleware for both Linux and Windows, not all other CAC systems
integrators did likewise. In an attempt to correct this situation, Apple has done work for adding
support for CACs to their operating system right out of the box using the MUSCLE (Movement
for the Use of Smartcards in a Linux Environment) project. Some work has also been done in
the Linux realm. Some users are using the MUSCLE project combined with Apple's Apple
Public Source Licensed CAC software. Another approach to solve this problem, which is now
well documented, involves the use of a new project, CoolKey, to gain CAC functionality.
(http://en.wikipedia.org/wiki/Common_Access_Card) One of the problem resolutions to help
solve these problems is CoolKey, so let’s discuss what CoolKey is and how it can actually
improve CAC functionality.
CoolKeys are part of complete public key infrastructure solution that provides smart card
login, single sign-on, secure messaging, and secure email access. In the complete solution, users
are issued CoolKeys by their employer. When the user plugs in the keys for the first time, they
are automatically provisioned with certificates, keys, and a PIN unique to that user by the Red
Hat Certificate System. Once the CoolKey is provisioned, the user can take the key to any
system and use it to login (authenticate), send and receive signed and encrypted email, or
participate in secure messaging or IRC communication. To accomplish that vision Fedora is
focusing on building complete support for CoolKey on exactly one token. As the system is built
out, they can add token support. CoolKeys are based on Java Card 1.2, but Fedora is testing with
Aalto Egate Cyberflex cards, which are available in both smart card and USB Fob form factors.
8
(http://directory.fedoraproject.org/wiki/CoolKey) So as you can see CoolKeys can function in
the same capacity as the current programs supporting the smart cards, and can also improve the
smart card. I have discussed how the smart card can benefit DoD, and also addressed some
common problems in relation to the smart card. But with any program used for accessing
computer systems it has to be controlled.
DoD considers the CAC a controlled item, and as of 2007, DoD has issued over 13 million
smart cards. As of the same date, approximately 3 million un-terminated or active CACs are in
circulation. DoD has deployed an issuance infrastructure at over 930 sites in more than 25
countries around the world and is rolling out more than 1 million card readers and associated
middleware. The program that is currently used to issue CAC IDs is called the Real-Time
Automated Personnel Identification System (RAPIDS). The system is secure and monitored by
the DOD at all times. Users have to go through a special course and be certified to issue CAC
Cards. Different RAPIDS sites have been setup throughout military installations in and out of
combat theater to issue new IDs. (http://en.wikipedia.org/wiki/Common_Access_Card)
The Real-Time Automated Personnel Identification System (RAPIDS) is the U. S. Department
of Defense system used to issue the definitive credential within DoD. RAPIDS uses information
stored in the DoD Defense Enrollment and Eligibility Reporting System (DEERS) when
providing these credentials. Used together, these two systems are commonly referred to as a
DEERS/RAPIDS system or DEERS/RAPIDS infrastructure. RAPIDS ensures that DoD
identification credentials are provided only to personnel with a current and appropriate affiliation
with the DoD. RAPIDS captures identifying characteristics that are unique and are used to bind
an individual to the information maintained in DEERS and in line with the identifying
credentials issued by RAPIDS. These include, but are not limited to: Photographs and
9
Fingerprints. The information is stored solely in the DEERS System. RAPIDS provides distinct
identification that is used as proof of identity and DoD affiliation. The CAC is not only used as a
Geneva Convention Card in accordance with DoD Instruction 1000.13. It may also act as an
authorization card for Uniformed Service member's benefits and privileges. These privileges
include the usage of the commissary on military installations or use of Army and Air Force
Exchange Services. (http://en.wikipedia.org/wiki/RAPIDS)
In conclusion without smart card technology the Department of Defense (DoD) could not
implement the use of the CAC. Smart card technology allows for DoD provide secure access to
computer systems and internet based data bases. The CAC replaces username/password access
to secure internet sites or computer systems. The computer access process, common problems
with the CAC, and how DoD issues the CAC to DoD personnel have been discussed. The CAC
is a secure way to access DoD’s different data based systems, and ensures the individual
requesting access is authorized to do so.
10
References
Sun Developer Network. Documentation, smart card overview.
Retrieved March 13, 2008 from http://java.sun.com/products/javacard/smartcards.html
Wikipedia, the free encyclopedia. Documentation, Smart Card.
Retrieved March 13, 2008 from http://en.wikipedia.org/wiki/Smart_card
Wikipedia, the free encyclopedia. Documentation, Common Access Card.
Retrieved March 13, 2008 from http://en.wikipedia.org/wiki/Common_Access_Card
Wikipedia, the free encyclopedia. Documentation, Certificate Authority.
Retrieved March 17, 2008 from http://en.wikipedia.org/wiki/Certificate_authority
Wikipedia, the free encyclopedia. Documentation, Public key infrastructure.
Retrieved March 17, 2008 from http://en.wikipedia.org/wiki/Public_key_infrastructure
How Stuff Works, It’s good to know. Documentation, How Microprocessors Work.
Retrieved March 17, 2008 from http://computer.howstuffworks.com/microprocessor.htm
Fedora, directory server. CoolKey.
Retrieved March 19, 2008 from http://directory.fedoraproject.org/wiki/CoolKey
Wikipedia, the free encyclopedia. Documentation, Real-Time Automated Personnel
Identification System.
Retrieved March 19, 2008 from http://en.wikipedia.org/wiki/RAPIDS
11
Download