TrustSec Smart card Operating System
(TrustSec Operating System) is a sequence of instructions permanently embedded in the ROM of the smart card. Smart card operating system is the principle component in the security chain; it protects the personal identity and provides the required security services to the citizens. It also allows third-party vendors to build embedded applications without affecting the security.
- It manages the internal file system, I/O and the interactions between these components and various applications. Usually, this operating system also contains most of the security services – handling encryption/decryption and managing security certificates.
- It sets the latest technology in smart card operating system and secure device technology. offering an open platform that combines the best in security, flexibility and ease to use.
Smart Card OS Operations
This system is responsible for providing the following operations:
- Manages the smart chip hardware and perform chip initialization, configuration while startup and self-test
- Manages single or multiple applications. Application management includes, secure download, loading, installation, selection, communication and deletion
- Optionally allows multiple vendors per card using multiple security domains
- Secure application execution in multi-applications environment using either software firewalls or hardware MMU
- Executes high level applications through internal virtual machine
- Provides software level implementation for cryptographic operations like RSA, ECC, DSA, DES, 3DES, AES, SHA, PRNG and DH
- Provides software level implementation of communication protocols like T0, T1, TCL and optional USB/CCID
- Provides system level interface for different hardware modules like communication, security, storage, memory, transaction, file system, timers and random number generator
Smart Card OS Applications
- Personal IdentificationNational ID, Driving License and Employee Cards. It holds personal information and allows other security services like authentication, digital signing and data encryption
- TelecommunicationRequired for all phone systems under the Global System for Mobile Communication (GSM) standard
- Electronic CommerceDigital wallet. The applications are numerous, such as transportation, parking, laundry, gaming, retail, and entertainment
- Securing Digital ContentSecure the access to digital contents and perform data encryption or signing of very sensitive data
- Healthcare InformaticsIdentify patients, facilitate the insurance systems, and carry patient status and sensitive data
- Embedded Device ControlAuthenticate users who are responsible to operate equipment like medical systems, machines, vehicles and so on
- Physical AccessGranted access to certain data, equipment, and departments according to their status. Multi function, microprocessor-based smart cards incorporate identity with access privileges
- Enterprise and Network SecurityDeploy smart cards as a replacement for user name and passwords