Belgium was the first country to introduce Electronic ID cards (eID) at a large scale a couple of years ago, and the hype progressively expands to other european countries as a means to simplify access to public services throughout EU countries. Today, around 30 million people in europe have their eID card.
eID can be used for many other things than just e-Gouvernement Services, as they provide a means for secure authentication, and electronic signature. All this is very interesting for web application developers, and we want to use this at Imexis for our own applications.
Yesterday I received a pack from certipost with an eID reader, several test cards and a software package. Today I will be trying to see how I can develop a small application that would access information on a card through the reader.
Here are some interesting reads:
http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html
http://en.wikipedia.org/wiki/Public_key_cryptography
http://en.wikipedia.org/wiki/RSA
http://en.wikipedia.org/wiki/SHA
http://ec.europa.eu/information_society/activities/egovernment/policy/key_enablers/eid/index_en.htm
The Cryptographic Token Interface Standard
RSA Security, produces the Public Key Cryptography Standards, amongst which a specific standard: PKCS#11 adresses the Cryptographic Token Interface. This standard consists in an API called CRYPTOKI (pronounce Crypto-Key). The goal is to provide an isolation between the application that uses a cryptographic device, allowing for multiple applications to access multiple devices without worrying about the specifications of that device.
Any such device (as is the eID card) is refered to as a Token.
By next week wednesday, I should have understood how exactly an application can use Cryptoki to work with a token, and what kind of operations we can do with the token, as well as the limitations.
Articles
Aucun commentaire:
Enregistrer un commentaire