Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  ETSI TS 102 221   PDF version:  17.1.0

Top   Top   Up   Prev   Next
0…   4…   5…   6…   7…   7.3…   8…   9…   10…   10.2…   11…   11.1.2…   11.1.9…   11.1.14…   11.1.19…   11.1.20…   11.1.21…   11.2…   11.3…   12…   13…   14…   15   A   B   C…   D   E…   F…   G…   H…   I   J…   K…   L…   M…

 

E  Security attributes mechanisms and examplesp. 164

E.1  Codingp. 164

Two codings are defined:
  • a compact coding based on bitmaps;
  • an expanded coding which is an extension of the compact coding with intermediate scope containing bitmap and TLV list management.
The security conditions for bits not set to '1' in the AM byte are set to NEVer by default.

E.2  Compact formatp. 164

E.2.0  Codingp. 164

The compact format access rule is indicated by tag '8C' in the FCP. An access rule in this format is encoded with:

E.2.1  AM bytep. 164

The AM byte conveys two types of information:
  • interpretation of the AM byte itself;
  • number of SC bytes in the access rule.
If b8 in the AM byte is set to '0' the AM byte is followed by a number of SC bytes equal to the number of bits set to '1' in the AM byte (excluding b8). Each SC bytes codes the conditions relevant to a set of commands, in the same order (b7 to b1) as in the AM byte. When b8 is set to '1' the usage of b7 to b4 is proprietary.
When multiple sets of an AM byte and one or more corresponding SC bytes are present in the value field of the DO, tag '8C', they represent an OR condition.
Up

E.2.2  SC bytep. 164

The SC byte specifies which security mechanisms are necessary to conform to the access rules, see ISO/IEC 7816-4 [12]. The 4 most significant bits (b8 to b5) indicate the required security condition. An SE may be specified in bits b4 to b1. If an SE is specified, the mechanisms that may be defined in it for external authentication, user authentication and command protection are used, if indicated by bits b4 to b1.
If bit b8 is set to '1' all conditions in bits b7 to b5 need to be satisfied. If bit b8 is set to '0' at least one of the conditions set in bits b7 to b5 need to be satisfied. If b7 is set to '1', the CRT of the SE indicated in bits b4 to b1 describes whether secure messaging applies to the command APDU, the response APDU or both.
Up

E.2.3  Examplesp. 165

For EFs with the access condition ALW for READ and UPDATE the security attribute would look as follows:
Tag L AM SC SC
'8C''03''03''00''00'
For EFs with the access condition ALW for READ and NEV for all other access conditions the security attribute would look as follows:
Tag L AM SC
'8C''02''01''00'
For EFDIR and EF ICC the access rule would be as follows. READ is set to ALW and UPDATE, DEACTIVATE and ACTIVATE is set to ADM. The ADM condition is indicated as a user authentication. The key reference is implicitly known.
Tag L AM SC SC SC SC
'8C''05''1B''90''90''90''00'
Up

E.3  Expanded formatp. 165

E.3.0  Codingp. 165

In the expanded format AM_DOs and SC_DOs are used to create the access rules. The expanded format access rule is indicated by tag 'AB' in the FCP. An access rule in this format is encoded with an AM_DO followed by a sequence of SC_DOs.

E.3.1  AM_DOp. 165

The AM_DO is defined in ISO/IEC 7816-4 [12]. The content of the AM_DO is defined by the tag value. Tag '80' indicates that the AM_DO contains an AM byte. Tags '81' to '8F' indicates that the AM_DO contains a command description. The content of the command description is dependent upon the tag value as defined in ISO/IEC 7816-4 [12]. Tag '9C' indicates that the AM_DO contains a proprietary state machine description.
When multiple sets of an AM_DO and one or more corresponding SC_DOs are present in the value field of the DO, tag 'AB', they represent an OR condition.
Up

E.3.2  SC_DOp. 165

The SC_DO is defined in ISO/IEC 7816-4 [12]. The SC_DO definition contains an OR and an AND template. Several SC_DOs may be attached to a particular operation:
  • If the SC_DOs are encapsulated in an OR template, then only one of the security conditions has to be fulfilled for the operation to be allowed.
  • If the SC_DOs are not to be encapsulated in an OR template or if the SC_DOs are encapsulated in an AND template, then all security conditions have to be fulfilled before the operation is allowed.
Up

E.3.3  Access rule referencingp. 166

Access rules in expanded format (AM_DOs and SC_DOs) may be stored in a linear fixed EF, each record contain one or more rules, as defined in ISO/IEC 7816-4 [12]. The access rule file may be an internal file, referenced implicitly, or may be referenced explicitly, e.g. by a file ID. The access rule stored in a file is indicated by tag '8B' in the FCP. The value of this DO contains at least one record number, called ARR. The DO can contain:
  • A single byte containing the record number of the rule, valid if the access rule file is (implicitly) known.
  • Three bytes containing two bytes with the File ID of the access rule file followed by one byte with the record number for the access rule.
  • If the value filed is coded with a length of 2 + n x 2, for n > 1, it contains one or more SEID/ARR pairs, where the SEID codes the SE number on one byte. For each SE number, the access rules indicated in the ARR following its SE number are valid.
Up

E.3.4  Examplesp. 166

The access rule for EFPL would look as follows. The READ and SEARCH access condition is ALWays. The UPDATE access condition is application1 PIN or application2 PIN.
Tag
'AB'
L
'1A'
AM_DO Tag
'80'
L
'01'
V
'02'
OR Tag
'A0'
L
'10'
SC_DO Tag
'A4'
L
'06'
Key Ref Tag
'83'
L
'01'
V
'01'
Usage Qualifier Tag
'95'
L
'01'
V
'08'
SC_DO Tag
'A4'
L
'06'
Key Ref Tag
'83'
L
'01'
V
'02'
Usage Qualifier Tag
'95'
L
'01'
V
'08'
AM_DO Tag
'80'
L
'01'
V
'01'
SC_DO Tag
'90'
L
'00'

Up   Top   ToC