On Sat, Sep 22, 2012 at 1:41 PM, Andreas Jellinghaus <[email protected]> wrote: >> In my mind keys could optionally contain application-oriented ACL telling >> which >> applications they trust so that even if you install a "bad" App, it would >> for >> example not be able to use your bank or eID-key in the background. > > > I must admit I don't know how many apps are managed and seperated. given the > restricted resources a smart > card has, I assume there is a master key that creates contain of specific > sizes/dimensions/... and the app is > loaded into such a container, limiting it and reserving the unallocated > space for further applications/containers? > > Is there a standard on doing this, or is it all JCOP magic under NDA?
Are you referring to GlobalPlatform? That's public, with docs and API references (when applicable) available on globalplatform.org. I bet there are probably vendors who tweak/amend/change/molest the spec, but the general principles should be there and followed by many vendors. There is an interesting thing called Trusted Execution Environment that might come to existence some time in the future, called TEE: http://www.globalplatform.org/documents/GlobalPlatform_TEE_White_Paper_Feb2011.pdf But for a mobile solutions and experiences, I think the time now is as good as pre-CCID for smart card readers: wild-wild-west and with a *much* tougher competition situation. Who needs standards if you have an iPhone :) Martin _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
