NIST partners with NSA to validate smart card security requirements. (News Briefs).Smart cards--credit card-sized plastic cards with a small embedded computer chip that can process or store information--just got smarter and safer, thanks to a NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. collaboration with the National Security Agency (NSA NSA abbr. National Security Agency Noun 1. NSA - the United States cryptologic organization that coordinates and directs highly specialized activities to protect United States information systems and to produce foreign ), in which the two agencies formally recognized a major advance in the security of smart card technology. Through their joint National Information Assurance Partnership (NIAP See Common Criteria. ), the agencies issued an evaluation certificate on a formal set of smart card security requirements. These specifications will allow manufacturers to have their smart cards Example of widely used contactless smart cards are Hong Kong's Octopus card, Paris' Calypso/Navigo card and Lisbon' LisboaViva card, which predate the ISO/IEC 14443 standard. The following tables list smart cards used for public transportation and other electronic purse applications. tested to ensure they meet certain security standards. Smart cards have to be protected against hackers because they contain computerized information. NIST and NSA worked with an international consortium of leading financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. companies to develop security standards for smart cards. The consortium, known as the Smart Card Security Users Group (SCSUG), developed the security specifications using the new international security standard ISO/IEC ISO/IEC International Organization for Standardization/International Electrotechnical Commission (ITU-T M 3000) 15408, which is known as the Common Criteria. A commercial testing laboratory evaluated the specifications, which then were validated by NIST and NSA under the NIAP Common Criteria Evaluation and Validation Scheme. These results will be recognized by the 13 other nations who are signatories of the International Common Criteria Recognition Agreement. The development and evaluation of SCSUG smart card security requirements represents a successful industry-government partnership contributing to the security of information systems and networks in the United States and around the world. For more information on the Common Criteria Project, including the completed smart card evaluation and validation, see http://csrc.nist.gov/cc/sc/sclist.htm. CONTACT: Ron Ross, (301) 975-5390; ronald.ross@nist.gov. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion