1、American National StandardDeveloped byfor Information Technology Generic Identity Command Set Part 4: Card ApplicationProfile TemplateINCITS 504-4-2013INCITS 504-4-2013Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking
2、permitted without license from IHS-,-,-Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013American National Standardfor Information Technology Generic Identity Com
3、mand Set Part 4: Card Application Profile TemplateSecretariatInformation Technology Industry CouncilApproved September 26, 2013American National Standards Institute, Inc.Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networkin
4、g permitted without license from IHS-,-,-Approval of an American National Standard requires review by ANSI that therequirements for due process, consensus, and other criteria for approval havebeen met by the standards developer.Consensus is established when, in the judgement of the ANSI Board ofStan
5、dards Review, substantial agreement has been reached by directly andmaterially affected interests. Substantial agreement means much more thana simple majority, but not necessarily unanimity. Consensus requires that allviews and objections be considered, and that a concerted effort be madetowards the
6、ir resolution.The use of American National Standards is completely voluntary; theirexistence does not in any respect preclude anyone, whether he has approvedthe standards or not, from manufacturing, marketing, purchasing, or usingproducts, processes, or procedures not conforming to the standards.The
7、 American National Standards Institute does not develop standards andwill in no circumstances give an interpretation of any American NationalStandard. Moreover, no person shall have the right or authority to issue aninterpretation of an American National Standard in the name of the AmericanNational
8、Standards Institute. Requests for interpretations should beaddressed to the secretariat or sponsor whose name appears on the titlepage of this standard.CAUTION NOTICE: This American National Standard may be revised orwithdrawn at any time. The procedures of the American National StandardsInstitute r
9、equire that action be taken periodically to reaffirm, revise, orwithdraw this standard. Purchasers of American National Standards mayreceive current information on all standards by calling or writing the AmericanNational Standards Institute.American National StandardPublished byAmerican National Sta
10、ndards Institute, Inc.25 West 43rd Street, New York, NY 10036Copyright 2013 by Information Technology Industry Council (ITI)All rights reserved.No part of this publication may be reproduced in anyform, in an electronic retrieval system or otherwise,without prior written permission of ITI, 1101 K Str
11、eet NW, Suite 610, Washington, DC 20005. Printed in the United States of AmericaCAUTION: The developers of this standard have requested that holders of patents that may berequired for the implementation of the standard disclose such patents to the publisher. However,neither the developers nor the pu
12、blisher have undertaken a patent search in order to identifywhich, if any, patents may apply to this standard. As of the date of publication of this standardand following calls for the identification of patents that may be required for the implementation ofthe standard, no such claims have been made
13、. No further patent search is conducted by the de-veloper or publisher in respect to any standard it processes. No representation is made or impliedthat licenses are not required to avoid infringement in the use of this standard.Copyright American National Standards Institute Provided by IHS under l
14、icense with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-iContents 1. Overview 1 1.1 Scope 2 1.2 Purpose . 2 1.3 Normative References 2 2. Definitions, abbreviations and conventions . 3 2.1 Terms and Definitions . 3 2.2 Acronyms, Abbreviations and Symbols 3
15、 2.3 Conventions 3 3. Card Application Profile Template . 3 3.1 Card Application Profile Template Name 4 3.2 Card Profile Description 4 3.3 Global Objects Description 4 3.3.1 EF ATR/INFO File . 4 3.3.2 EF DIR File 4 3.3.3 Card Capability Description . 4 3.4 Data Structures for Identity Credentials 5
16、 3.4.1 Application Dedicated Files . 5 3.4.2 Application Capability Description . 5 3.4.3 Elementary Files 5 3.4.4 Data Objects 6 3.5 Keys and Certificates association . 6 3.6 Optional Files and objects . 6 3.7 Security Architecture . 7 3.8 Security Environment 7 3.9 Life Cycle Management 8 3.10 Ass
17、igned Values . 8 3.11 Additional Requirements . 8 3.12 Annexes 8 3.12.1 Annex 1 . 8 3.13 References 8 Tables Table 1: Profile Dependencies 4 Table 2: Application Dedicated File 5 Table 3: ADF File Control Parameter Template 5 Table 4: Elementary Files Associations 5 Table 5 : Data Object Association
18、s . 6 Table 6 : Keys and Certificates Associations 6 Table 7: File Control Parameters Data Objects 7 Table 8 : File Control Parameters . 7 Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license fro
19、m IHS-,-,-Foreword (This foreword is not part of American National Standard INCITS 504-4-2013.)This American National Standard describes the administration (as opposed to appli-cation) commands of the Generic Identity Command Set.Requests for interpretation, suggestions for improvement or addenda, o
20、r defect re-ports are welcome. They should be sent to the InterNational Committee for Informa-tion Technology Standards, 1101 K Street NW, Suite 610, Washington, DC 20005.This standard was processed and approved for submittal to ANSI by INCITS. Com-mittee approval of this standard does not necessari
21、ly imply that all committee mem-bers voted for its approval. At the time it approved this standard, INCITS had thefollowing members:Philip Wennblom, ChairJennifer Garner, SecretaryOrganization Represented Name of RepresentativeAdobe Systems, Inc Scott Foshee Steve Zilles (Alt.)AIM Global, Inc. . Ste
22、ve HallidayChuck Evanhoe (Alt.)Dan Kimball (Alt.)Apple . Helene WorkmanMarc Braner (Alt.)David Singer (Alt.)Distributed Management Task Force John Crandall Jeff Hilland (Alt.)Lawrence Lamers (Alt.)EMC Corporation . Gary RobinsonStephen Diamond (Alt.)Farance, Inc Frank FaranceTimothy Schoechle (Alt.)
23、Futurewei Technologies, Inc. Yi ZhaoTimothy Jeffries (Alt.)Wilbert Adams (Alt.)GS1GO. Frank SharkeyCharles Biss (Alt.)Hewlett-Packard Company Karen Higginbottom Paul Jeran (Alt.)IBM Corporation Alexander TarpinianRobert Weir (Alt.)Arnaud Le Hors (Alt.)Steve Holbrook (Alt.)Gerald Lane (Alt.)IEEE . Jo
24、die HaaszTerry deCourcelle (Alt.)Bob Labelle (Alt.)Tina Alston (Alt)Intel Philip Wennblom Grace Wei (Alt.)Stephen Balogh (Alt.)Microsoft Corporation . Jim Hughes Dick Brackney (Alt.)John Calhoon (Alt.)National Institute of Standards card issuers will manage a simple platform based on a successful an
25、d largely adopted schema; middleware and operating system providers will be able to adapt to different identity applications that are based on a single GICS standard. The Card Application profile template defines the template that is used to describe the data model of the GICS card application. 1.2
26、Purpose The purpose of this part of the Generic Identity Command Set standard is to define the card profile template to use to describe the set of data elements and architecture required for GICS applications resident on a single platform. The use of such card profile template to describe a Card pro
27、file application should help relying parties to have a detailed and consistent card data model for all GICS applications. 1.3 Normative References The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For unda
28、ted references, the latest edition of the referenced document (including any amendments) applies. The following standards contain provisions that, through reference in the text, constitute provisions of this standard. At the time of publication, the editions indicated were valid. All standards are s
29、ubject to revision, and parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent editions of the standards listed below. Copies of the following documents can be obtained from ANSI: 1) approved ANSI standards, 2) approved international st
30、andards (ISO, IEC), and 3) approved and draft foreign standards (including JIS and DIN). For further information, contact ANSI Customer Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from I
31、HS-,-,-INCITS 504-4-2013 3 Service Department at 212-642-4900 (phone), 212-302-1286 (fax), or via the World Wide Web at http:/www.ansi.org. ANSI INCITS 504-1, Generic Identity Command Set Part 1: Card Application Command Set ANSI INCITS 504-2, Generic Identity Command Set Part 2: Card Administration
32、 Command Set ISO/IEC 8825-1:2002, Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). 2 Definitions, abbreviations and conventions 2.1 Terms and Definitions For the purposes of this documen
33、t, the terms and definitions used in this document are defined in GICS Part 1 and GICS Part 2 section 2.1. 2.2 Acronyms, Abbreviations and Symbols For the purposes of this document, the acronyms, abbreviations and symbols used in this document are defined in GICS Part 1 and GICS Part 2 section 2.2.
34、2.3 Conventions For the purposes of this document, the conventions used in this document are defined in GICS Part 1 and GICS Part 2 Section 2.3. 3. Card Application Profile Template The Card Application Profile template is used to describe the electrical profile of the Smart card applications. This
35、template could be used to describe the card configuration required for your GICS applications. The template could be used to describe the configuration for each of the card life states when it is necessary. Copyright American National Standards Institute Provided by IHS under license with ANSI Not f
36、or ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013 4 3.1 Card Application Profile Name Profile Name: Application Profile Template Version: 1.0 Profiles on which this profile is dependent are listed in Table 1. Profile Name Version Application AID Table 1
37、Profile Dependencies 3.2 Card Profile Description Describe the purpose of the profile and provide general information about the application. 3.3 Global Objects Description Describe the mandatory Global objects always accessible from the card-manager application and accessible from other GICS applica
38、tions. 3.3.1 EF ATR/INFO File Describe the EF ATR/Info data file. 3.3.2 EF DIR File Describe the EF DIR file data file. 3.3.3 Card Capability Description Describe the Card Capability Description (CCD) object. Copyright American National Standards Institute Provided by IHS under license with ANSI Not
39、 for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013 5 3.4 Data Structures for Identity Credentials 3.4.1 Application Dedicated File Describe Application Dedicated File (ADF) used in the profile, including which Data Objects, EFs, and DFs are contained in
40、 the application. ADF AID Description Table 2 Application Dedicated File Describe ADF File Control Parameter Template: Tag Length Value Description Table 3 ADF File Control Parameter Template 3.4.2 Application Capability Description Describe Application Capability Description (ACD) data object for e
41、ach card application. 3.4.3 Elementary Files Describe Elementary Files used in the Application profile, including which Data Objects are contained in each EF and which ADFs the EFs will belong to (if any). EF type File ID BER-TLV Tag Child data object Parent ADFs Table 4 - Elementary Files Associati
42、ons Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013 6 3.4.4 Data Objects Describe Data Objects used in the Application profile, and their relationships with EF
43、s. Object Name Tag Length Value EF/DF Associations Table 5 Data Object Associations 3.5 Keys and Certificates association Declare dependencies between keys and certificates used in this profile. Key Reference Key EF Certificate EF Description Table 6 Keys and Certificates Associations 3.6 Optional F
44、iles and objects Declare optional files and objects for this Application profile. Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013 7 3.7 Security Architecture D
45、escribe the FCP for each file and the associated security attributes for each Data Object. Tag Length Value 82 1 File descriptor byte 83 2 File identifier 84 Var. Application dedicated file name 87 2 File identifier of an EF containing FCI data object (tag 6F) 8A 1 Life cycle status byte. Descriptio
46、n of the initial state at least 8C Var. Security attribute in compact format ACR A0 Var. Security attribute template for data objects to be removed. Not applicable. AB Var. Security attribute template in expanded format used to describe the logical combination of rules or to protect commands other t
47、han read/write/activate AC Var. Cryptographic mechanism identifier template CRT list Table 7 File Control Parameters Data Objects This section should describe the Access Control rules, Security Status and Security Attributes associated to each file or security data object. 3.8 Security Environment D
48、escribe which Control Reference Templates shall be present in the security environment for the application. FCP type Tag Val Description Table 8 File Control Parameters Copyright American National Standards Institute Provided by IHS under license with ANSI Not for ResaleNo reproduction or networking permitted without license from IHS-,-,-INCITS 504-4-2013 8 3.9 Life Cycle Management Describe life cycle states associated with the application, and conditions and mechanisms for transitioning between states. Refer to the lif