1、BRITISH STANDARD BS EN 726-1:1995 Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 1: System overview The European Standard EN 726-1:1994 has the status of a British StandardBSEN 726-1:1995 This British Standard, having been prepared under the directionof
2、 the Information Systems Technology Assembly, was published under the authorityof the Standards Boardand comes into effect on 15August 1995 BSI 11-1999 The following BSI references relate to the work on this standard: Committee reference IST/17 Draft for comment 92/62270 DC ISBN 0 580 24242 0 Commit
3、tees responsible for this British Standard The preparation of this British Standard was entrusted to Technical Committee IST/17, upon which the following bodies were represented: Ailec Associates APACS (Barclaycard) APACS (Barclays Bank) APACS (Girobank) APACS (Lloyds Bank) APACS (Midland Bank) APAC
4、S (Nat West Bank) Association for Payment Clearing Services (APACS) BT Laboratories Cellnet Consumer Policy Committee of BSI Electricity Association GEC Card Technology HMSO News Datacom Ltd. Rochford Thompson Equipment Shell UK Thorn Transit Systems International Vodafone Ltd. Westinghouse Cubic Lt
5、d. Amendments issued since publication Amd. No. Date CommentsBSEN 726-1:1995 BSI 11-1999 i Contents Page Committees responsible Inside front cover National foreword ii Foreword 2 Text of EN 726-1 3BSEN 726-1:1995 ii BSI 11-1999 National foreword This Part of BS EN726 has been prepared by Technical C
6、ommittee IST/17 and is the English language version of EN726-1:1994 Identification card systems Telecommunications integrated circuit(s) cards and terminals Part1: System Overview published by the European Committee for Standardization (CEN) This British Standard is the English language version of E
7、N726-1:1994 and implements it as the UK national standard. This British Standard is published under the direction of the Information Systems Technology Assembly whose Technical Committee IST/17 has the responsibility to: aid enquirers to understand the text; present to the responsible international
8、committee any enquiries on interpretation, or proposals for change, and keep UK interests informed; monitor related international and European developments and promulgate them in the UK. NOTEInternational and European Standards, as well as overseas standards, are available from Customer Services, BS
9、I,389Chiswick High Road, London W4 4AL. A British Standard does not purport to include all the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. C
10、ross references International Standard Corresponding British Standard EN 726-3:1994 a BS EN 726-3:1995 Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 3: Application independent card requirements EN 726-4:1994 a BS EN 726-4:1995 Identification card syste
11、ms Telecommunications integrated circuit(s) cards and terminals Part 4: Application independent card related terminal requirements a Part 2, Part 5, Part 6 and Part 7 of BS EN 726 are in preparation. Summary of pages This document comprises a front cover, an inside front cover, pages i and ii, theEN
12、 title page, pages 2 to 8 and a back cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on the inside front cover.EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 726-1 December 1994 ICS 33.120.00; 35
13、.240.60 Descriptors: Telecommunications, IC cards, telecommunication terminals, specifications English version Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 1: System overview Systmes de cartes didentification Cartes circuit intgr et terminaux pour les
14、 tlcommunications Partie1: Gnralits Identifikationskartensysteme Anforderungen an Chipkarten und Endgerte fr Telekommunikationszwecke Teil1: Systemberblick This European Standard was approved by CEN on1994-12-05. CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipula
15、te the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the Central Secretariat or to any CEN member. This European Standard exis
16、ts in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the official versions. CEN members are the national standards bod
17、ies of Austria, Belgium, Denmark, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland and United Kingdom. CEN European Committee for Standardization Comit Europen de Normalisation Europisches Komitee fr Normung Central Secr
18、etariat: rue de Stassart 36, B-1050 Brussels 1994 Copyright reserved to CEN members Ref. No. EN 726-1:1994 EEN 726-1:1994 BSI 11-1999 2 Foreword This European standard was prepared by ETSI STC TE9 and adopted by CEN/TC224Machine-readable cards, related device interfaces and operations, the secretari
19、at of which is held by AFNOR. This document was submitted to the formal vote and the result was positive. This European standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by June1995, and conflicting national standar
20、ds shall be withdrawn at the latest by June1995. According to CEN/CENELEC Internal Regulations, the following countries are bound to implement this European Standard: Austria, Belgium, Denmark, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spai
21、n, Sweden, Switzerland and United Kingdom. This European standard consists of the following parts, under the general title Identification card systems Telecommunications integrated circuit(s) cards and terminals: Part 1: Systems overview; Part 2: Security framework; Part 3: Application independent c
22、ard requirements; Part 4: Application independent card related terminal requirements; Part 5: Payment methods; Part 6: Telecommunication features; Part 7: Security module. Contents Page Foreword 2 1 Scope 3 2 Normative references 3 3 Definitions and abbreviations 3 3.1 Definitions 3 3.2 Abbreviation
23、s 4 4 Organization 4 4.1 Part 1: System Overview 4 4.2 Part 2: Security framework 4 4.3 Part 3: Application independent card requirements 4 4.4 Part 4: Application independent card related terminal requirements 5 4.5 Part 5: Payment methods 5 4.6 Part 6: Telecommunication features 5 4.7 Part 7: Secu
24、rity module 5 5 General concepts 5 5.1 System overview 5 5.2 Phases in the card life-cycle 6 5.2.1 IC- and card- manufacturing phase (phase 1) 6 5.2.2 Card preparation (issuing) phase (phase 2) 8 5.2.3 Application preparation (phase 3) 8 5.2.4 Usage phase (phase 4) 8 5.2.5 Termination of use (phase
25、5) 8 Figure 1 An application working in an off-line system 7 Figure 2 An application working in an on-line system 7 Figure 3 Reference model 8EN 726-1:1994 BSI 11-1999 3 1 Scope EN 726 defines the requirements for integrated circuit (IC) cards and card terminals for telecommunication use in Europe.
26、These requirements are to be used as a European standard to cover multi-application cards to be used for services available on the public telecommunications networks via card operated terminals provided by the telecommunication industry. EN 726 specifies a security framework for cards and card termi
27、nals for telecommunication use. EN 726 also specifies the application independent characteristics of multi-service IC cards, and the application independent, card related characteristics of card terminals for telecommunication use. EN 726 also covers payment methods specifically for telecommunicatio
28、ns use, namely auto-billing cards (i.e.cards which enable the personal or business telephone account of card users to be automatically billed for calls made anywhere in Europe) and pre-payment cards. The purpose of EN 726 is to provide the necessary requirements and facilities for the introduction o
29、f card systems by Administrations and Network Operators. This standard aims to permit the inter-operability of cards and card systems in Europe. This Part of EN 726: describes the general overview and the organization of the complete standard; defines the general concepts including the system overvi
30、ew, the involved entities and the five different phases in the life-cycle of a card and a card system. 2 Normative references This Part of EN 726 incorporates by dated or undated reference, provisions from other publications. These normative references are cited at the appropriate places in the text
31、 and the publications are listed hereafter. For dated references, subsequent amendments to, or revisions of any of these publications apply to this Part of EN726 only when incorporated in it by amendments or revision. For undated references the latest edition of the publication referred to applies.
32、EN 726-2, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 2: Security framework 1) . EN 726-3, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 3: Application independent card requirements. EN 726-4, Identific
33、ation card systems Telecommunications integrated circuit(s) cards and terminals Part 4: Application independent card related terminal requirements. EN 726-5, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 5: Payment methods 1) . EN 726-6, Identification
34、 card systems Telecommunications integrated circuit(s) cards and terminals Part 6: Telecommunication features 1) . EN 726-7, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 7: Security module 1) . 3 Definitions and abbreviations 3.1 Definitions For the p
35、urpose of this Part of EN726, the following definitions apply. 3.1.1 application an application consists of a set of security mechanisms, files, data, protocols (excluding transmission protocols), which are located and used in the IC card (card application) and outside of the IC card (external appli
36、cation) 3.1.2 application-provider the entity which is responsible for the application after its allocation. One application-provider may have several applications in one card 3.1.3 card a multi-application card can be considered as a set of files, some of them shared by the different application-pr
37、oviders and/or the card issuer, other files owned exclusively by the different application-providers or the card issuer. Files can, e.g, be read, written or executed. The files allocated in the card, corresponding to one application, are called a card application. There may be several applications o
38、n a given card from the same application provider 3.1.4 card application the card related part of one application 1) At, present at the stage of draft.EN 726-1:1994 4 BSI 11-1999 3.1.5 card issuer the card issuer is responsible for the common data of the card, the allocation of memory space for the
39、applications and supplies the application provider with the necessary tools for loading the required application 3.1.6 card manufacturer the card manufacturer is the entity which fabricates the card and which performs the IC embedding 3.1.7 external application entity, located in the external world,
40、 which communicates with the related card application during the session 3.1.8 external world all application-related entities outside the card (in the case of an off-line system: terminal, in the case of an on-line system: terminal, network, host, etc.) 3.1.9 operating system that which is required
41、 to manage the logical resources of a system, including process scheduling and file management 3.1.10 kernel part of the card, or the external world, which contains application independent data/code. For the card, this includes both the master file (MF) and the operating system 3.1.11 trusted author
42、ity independent authority in charge of approving, imposing and monitoring the system from the security point of view 3.2 Abbreviations For the purpose of this Part of EN726, the following abbreviations apply: 4 Organization 4.1 Part 1: System Overview This Part of EN726. 4.2 Part 2: Security framewo
43、rk In Part 2 of EN726, a security framework is specified for telecommunications use of IC cards. This specification does not describe any implementation details. It describes: a general security approach resulting in a methodology, different card phases for identifying security requirements and a de
44、scription of security services which can be offered by the IC card; the implementation of the general security approach to the application independent IC card, resulting in a list of application independent security requirements, a selection of needed security services and a description of a common
45、set of application independent security mechanisms; implementation of the general security approach to applications using IC-cards, resulting in a methodology to come to the set of security mechanisms for specific applications. 4.3 Part 3: Application independent card requirements In Part 3 of EN726
46、, the application independent characteristics of multi-application IC-cards and plug-in modules for telecommunication applications are specified in order to ensure inter-operability for telecommunication cards with the various systems and terminals. Mono-application cards are considered to be a subs
47、et of multi-application cards. All common characteristics, necessary for the interactions between card and the external world, are defined. This Part of the standard does not preclude cards from other sectors from containing telecommunication application(s) based on this Part of the standard. The ap
48、plication specific characteristics are not defined in Part3 of the standard. They are defined and described in the relevant application requirements. Part 3 of the standard does not specify any internal technical implementation. It describes: the requirements for the physical characteristics of the
49、card, the electronic signals and the transmission protocols; the application independent logical model which should be used as a basis for the design of the logical structure of, optionally, several applications in the card; the security facilities concerning the access to the different parts within the card and the possible interactions between these parts. Also the description of security functions which should be needed generally by the various applications. The
