The lecture is devoted to security in smart technologies. The lecture covers the principal information security instruments, encryption/decription methods, applied in smart technologies:
- DES and 3DES;
- RSA;
- hash.
Types of keys used in the smart card industry are discussed in detail:
- card keys; (including CMK, KMC, transport keys)
- application keys (including Visa DMKac, DMKmac, DMKenc, KEK, MasterCard IMKdac, IMKssm, IMKsme, KEK, American Express DEAac, DEAmac, DEApin keys);
- data keys (including KEK, ZCMK/ZMK, Session Key).
Purpose and peculiarities of each of these keys, keys hierarchy and interdependence are discussed. Issuer and Certification Authority certificates purpose and peculiarities are discussed as well.
The lecture covers a detailed schema of keys usage in terms of interaction between varios role clusters and systems:
- issuer;
- card manufacturer;
- personalization bureau;
- payment system;
- authorization, data preparation and personalization systems;
- smart card and POS terminal.
The list, purpose and interconnection os keys applied in each transaction are discussed.
Finally, the responsibilities of each role of key management process are discussed (including security officers responsibilities).