KS X ISO IEC 24727-1-2008 Identification cards－Integrated circuit card programming interfaces－Part 1：Architecture《识别卡 集成电路卡程序设计接口 第1部分 结构》.pdf

1、 KSKSKSKSKSKSKSK KSKSKS KSKSK KSKS KSK KS KS X ISO/IEC 24727 1ID IC 1： KS X ISO/IEC 24727 1:2008 2008 12 19 http:/www.kats.go.krKS X ISO/IEC 24727 1:2008 : e- ( ) ( ) () () ( ) : (http:/www.standard.go.kr) ： ： 2008 12 19 2008-0936 ： e- ： ( 02-509-7262) (http:/www.kats.go.kr). 10 5 , . KS X ISO/IEC 2

2、4727 1:2008 i . ii 1 1 2 1 3 .1 4 3 5 .3 6 (Architecture)4 6.1 (General) 4 6.2 (Architectural attributes)4 6.3 4 6.4 .5 6.5 5 6.6 (Capability description).6 6.7 6 6.8 .6 6.9 (Connectivity interface)6 6.10 7 7 (Security rationale) 7 A( ) .8 18 KS X ISO/IEC 24727 1:2008 ii 2007 1 ISO/IEC 24727 1, Iden

3、tification cards Integrated circuit card programming interfaces Part 1： Architecture , . ISO/IEC 24717 (multi-sector) IC (ICCs) . ICC KS X ISO/IEC 7816 4_2001 . ISO/IEC 24727 ICC . ISO/IEC 24727 (ISO/IEC 24727 defines interfaces such that independent implementations are interoperable). ISO/IEC 24727

4、 , ISO/IEC 24727 . ICC , (background) . ISO/IEC 24727 ISO/IEC 24727 . . ISO/IEC 24727 2 , ISO/IEC 24727 3 (information structures) . ISO/IEC 24727 3 . ISO/IEC 24727 4 . ISO/IEC 24727 5 . ISO/IEC 24727 3 ICC , ISO/IEC 24727 2 ICC . KS X ISO/IEC 24727 1:2008 ID IC ： 1： Identification cards Integrated

5、circuit card programming interfaces Part 1： Architecture 1 ISO/IEC 24727 IC (interface set) (multi-sector) . ICC KS X ISO/IEC 7816 4_2001 . . . 2 . . ( ) . KS X ISO/IEC 7816 4_2001： 2002, ID IC 4： 3 . 3.1 (authentication) 3.2 (authentication protocol) 3.3 IC (card) (integrated circuit card) KS X ISO

6、/IEC 24727 1:2008 2 3.4 (card-application) ICC 3.5 (client-application) 3.6 (data element) , , , KS X ISO/IEC 7816 4_2001 3.7 (data set) 3.8 (data structure for interoperability) KS X ISO/IEC 7816 4_2001 2-byte , KS X ISO/IEC 8825 BER-TLV ASN.1 8 . 3.9 (differential-identity) , (maker), 3.10 (generi

7、c card access layer) ISO/IEC 24727 2 3.11 (identification) . 3.12 (interface) , 3.13 (interoperability) ISO/IEC 24727 ISO/IEC 24727 3.14 (marker) 3.15 (middleware) KS X ISO/IEC 24707:2008 3 3.16 (service) 3.17 (service access layer) ISO/IEC 24727 3 API 4 AID application identifier ACD application ca

8、pability description APDU application protocol data unit API application programming interface BER basic encoding rules CCD card capability description DSI data structure for interoperability GCAL generic card access layer GCI generic card interface IAS identity, authentication, and (digital) signat

9、ure services ICC integrated circuit card IFD interface device OID object identifier PKI public key infrastructure RFU reserved for future use by ISO/IEC SAL service access layer TLV tag-length-value URL uniform resource locator 5 ISO/IEC 24727 ISO/IEC 24727 . ISO/IEC 24727 . ISO/IEC 24727 . ISO/IEC

10、24727 . ISO/IEC 24727 capability description ICC . capability description 6.6 . , capability description ICC . KS X ISO/IEC 24727 1:2008 4 6 (Architecture) 6.1 (General) ISO/IEC 24727 . ICC , , . 6.2 (Architectural attributes) 6.5, 6.8, 6.9, 6.10 . . , . . . . ISO/IEC 24727 3 , , . ICC . AID . 6.3 1

11、 ISO/IEC 24727 , , ICC . . , . KS X ISO/IEC 24707:2008 5 * . 1 ISO/IEC 24727 ISO/IEC 24727 . 6.4 ISO/IEC 24727 . 1 . (proxy) . , 1 . A 6.5 ISO/IEC 24727 3 . . . ISO/IEC 24727 3 * * ICC ISO/IEC 24727 2 ( )KS X ISO/IEC 24727 1:2008 6 . 6.6 (Capability description) ICC . capability description . capabi

12、lity description ISO/IEC 24727 . Card Capability Description(CCD) ICC . CCD . CCD APDU . Application Capability Description(ACD) . ACD CCD (capability) entity . ISO/IEC 24727 2 capability description . capability description . capability description . ISO/IEC 24727 2 ICC , , , capability description

13、 . 6.7 . . . 6.8 ISO/IEC 24727 2 ICC . ISO/IEC 24727 2 . . (generic confirmation) . ISO/IEC 24727 2 , (security management), (administration) . 6.9 (Connectivity interface) KS X ISO/IEC 24707:2008 7 (ISO/IEC 24727 4) . . 6.10 (ISO/IEC 24727 4) . . 7 (Security rationale) ISO/IEC 24727 KS X ISO/IEC 78

14、16 4_2001： 2002 5.4 . ISO/IEC 24727 KS X ISO/IEC 7816 4_2001 . ISO/IEC 24727 ICC KS X ISO/IEC 7816 4_2001 . . capability description KS X ISO/IEC 7816 15 ISO/IEC 24727 3 . KS X ISO/IEC 24727 1:2008 8 A ( ) A.1 , . IFD , IFD ISO/IEC 24727 . APDU , . A.1 , . / . A.1 6. 1 A.1 . A.1 , 1 . / . Non-ICC IC

15、C KS X ISO/IEC 24707:2008 9 A.1 . a) ICC ICC b) ICC ICC . ICC . c) non-ICC ICC . ICC . d) (Electrical Signals) ICC “Electrical Signals” . ： ISO/IEC 7816 3(T=0, T=1), ISO/IEC 7816 12 USB, KS X ISO/IEC 14443 ISO/IEC 24727 . e) ICC I/O ICC . “Electrical Signals” , , “Electrical Signals” . ICC I/O ISO/I

16、EC 24727 . f) IFD I/O non-ICC ICC I/O . IFD I/O ISO/IEC 24727 . g) 3. h) 3. A.2 A.2 , ISO/IEC 24727 2 ISO/IEC 24727 3 . , ICC ICC . Non-ICC GCI GCI ICC KS X ISO/IEC 24727 1:2008 10 A.3 A.3 , APDU . ISO/IEC 24727 2 ISO/IEC 24727 3 . ICC Non-ICC KS X ISO/IEC 24707:2008 11 A.4 ICC A.4 ICC ICC , APDU .

17、GCI Non-ICC GCI GCIICC GCI KS X ISO/IEC 24727 1:2008 12 A.5 ICC A.5 ICC KS X ISO/IEC 7816 4_2001 APDU . GCI( ) Non-ICC GCI ICC KS X ISO/IEC 24707:2008 13 A.6 Loadable/fixed non-ICC components hosting of capability description A.6 capability description ICC . CCD ACD . capability description ICC , IC

18、C . capability description (： API). , CCD/ ACD Part 2 . ICC Non-ICC GCI GCI KS X ISO/IEC 24727 1:2008 14 A.7 A.7 . ISO/IEC 24727 3 ( ) . ICC Non-ICC ( )WS WS KS X ISO/IEC 24707:2008 15 A.8 A.8 ISO/IEC 7816 ICC ISO/IEC 24727 . ISO/IEC 24727 ISO/IEC 24727 Non-ICC GCI ISO/IEC 7816 APDU ISO/IEC 7816 APD

19、U ISO/IEC 7816 GCI ISO/IEC 7816 7816APDU 7816APDU KS X ISO/IEC 24727 1:2008 16 A.9 A.9 API ( ) (common calls, bold bottom line of a box) . (： , ) , , (common calls) . “ ” . , . (machine) . ICC ICC KS X ISO/IEC 24707:2008 17 A.10 A.10 . (The server-side generic card access layer sends a request to the server-side genneric interface indicating the need to use the tru