SMART CARD SECURITY
The essential characteristic of a smart card is that it provides a secure environment for data and programs. If the amount of effort needed to read data from a smart card were not so large, it would essentially be nothing more than a diskette with a different interface. It is naturally practically impossible to configure a complete system, or even a smart card, such that it has perfect security that is proof against everything and everybody. If the effort expended on the attack is raised to a high enough level, it is possible to gain access to any system or manipulate it. However, every potential attacker makes a conscious or unconscious cost/benefit analysis for himself and his targets. The rewards of breaking into a system must be worth the time, money and effort that the potential attacker must expend to attain his objective. Regardless of whether the reward is money or prestige within a peer group, if it is not worth the effort, no one will invest much energy in breaking a system or a smart card. The security of a smart card is ensured by four components. The first component is the card body, in which the microcontroller is embedded. Many of the security features used for the card body are not only machine-readable, but can also be visually checked by humans. The techniques used for these features are not specific to smart cards, but are also used with other types of cards. The remaining components – the chip hardware, the operating system and the application – protect the data and programs in the smart card microcontroller. The security of a smart card is assured only when all of these components are present and their defense mechanisms are working properly. If the card is used exclusively within an environment where it is not subject to human verification, the card body component is not necessary. The three components that are independent of the card body, however, are indispensable for the physical and logical security of a smart card with respect to attacks. If any of these components fails, or if any one of them does not meet the applicable requirements, the smart card is no longer secure, since these components are coupled to each other in a logical AND relationship. The useful life of a smart card is generally three years. The challenge to manufacturers of smart card microcontrollers and producers of smart card operating systems is to maintain a lead on all attackers that is at least this long. This allows the consequences of possible attacks to be minimized or avoided by employing suitable countermeasures. However, it is not always possible to maintain such a lead, which is why it is always important in the design and development of application architectures to pay strict attention to preventing a successful attack on a single smart card from compromising the entire system.

.

.

.

.

.

.

.