Muscle Flexes Smart Cards into Linux

The newest kind of card for your pocketbook offers better security for the information it holds.
Smarter Cards, Bigger Muscles

As smart cards work their way into our lives through cellular phones, stored-value and authentication systems, they will also make their way into our general computing environment. Linux provides a secure multi-tasking environment perfect for smart cards. Project MUSCLE (Movement for the Use of Smart Cards in a Linux Environment) is a virtual team of developers working to integrate smart cards, readers and security in an open fashion for the Linux environment. As the acronym implies, the MUSCLE team is trying to integrate all necessary smart-card hooks into the Linux world. See sidebar for contact information.

Figure 3. Muscle Logo

Several different MUSCLE projects are underway, such as an effort to integrate smart-card tokens with Pluggable Authentication Modules (PAM), interfaces for scripting languages such as Perl, and creating drivers and implementing APIs for different cards and readers. MUSCLE expects the following benefits from these activities:

  • Integrating smart cards into PAM will allow cross-platform authentication between an array of different operating systems.

  • Perl integration provides another environment for smart card use, in particular for those accustomed to the ease of string manipulation in Perl.

  • Standardizing card and reader APIs under Linux gives developers a common interface for integrating a wide variety of smart cards and readers with a wider variety of host computers.

  • Creating a Linux cryptographic API will handle cryptography for other PKCS-11 type devices as well as for smart cards.

  • Virtualization of the smart-card file system would allow a smart-card to be mounted as any other file system under Linux. This might allow the manipulation of the smart-card file system in an easy-to-use, familiar fashion.

Developing a means of using different biometric sensors with smart cards under Linux is another interest. Biometric fingerprint scanners such as American Biometric's hot new BioMouse and BioMouse Plus could easily make Linux the operating system of choice for high security applications such as banking.

MUSCLE posts all source code under the GPL on the web site http://www.linuxnet.com/smartcard/index.html, along with the author name, date and purpose. All code posted is covered under the GNU public license, allowing it to be freely distributed as long as the rules are followed. This is where open development occurs. For more information on the GNU public license, visit http://www.gnu.org/.

MUSCLE currently has support for the Schlumberger Reflex 62 and 64 card readers. These readers rely on the serial port for data communication and get their power from the keyboard or mouse port. The current drivers support all of the necessary functionality of the Reflex 62 and 64 readers, including PIN verification (Reflex 64 only). These drivers rely on the termios library for serial functionality and can be placed on any Com port. Currently, all Schlumberger CryptoFlex card functionality is supported, including ISO-7816 functionality and cryptographic functions (file reading and management, RSA signing, key and PIN verification, authentication, seek and other administrative functions).

Public interest in smart cards will spur technology growth and increase the need for a better user interface. An embedded operating system such as Linux can offer the ease of a UNIX-style operating system along with full functionality of the card. For example, to retrieve information about the file system directory structure, embedded Linux would allow a simple ls command to be used instead of the hex command 0xF0 0xA8 0x00 0x00 0x00. Currently, smart cards are not capable of an embedded operating system. Until they can, familiar shell commands such as ls could be accomplished on the smart card by virtualizing the shell—interpreting shell commands into their smart card hexadecimal counterparts. This would provide an easy way to personalize the card to fit customer needs.

What will customer needs be in the next millennium? Some people predict less emphasis on materialism. Exercise machines might be as prolific as ATMs, and the gold card may be less attractive than one with more brains. Securing the future always involves flexibility and change. Smart cards appear to combine it all.

Resources

Dave Corcoran is an undergraduate at Purdue University, where he studies Computer Sciences, and is also a Knowledge Worker at Schlumberger Limited. His latest project includes the integration of smart card security tokens into the Linux operating system. He can be reached at corcoran@slb.com.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Amazing how the technology

gold price today's picture

Amazing how the technology on Smart Cards keeps getting better. Next thing you'll know, every important thing you need may be stored in one Smart Card (from multiple credit cards, as your vehicle's keyless entry and ignition key, as your passport, etc.)

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState