Smart Cards
Aired January 15 and 16, 2000
Listen to the show.
You must have RealAudio installed to listen to the show. Download RealAudio here.
This is Internet on the Air. I'm Joan Silvi. The world's smallest Web
Server fits in your wallet. Details coming up.
Funding Credit: Internet On The Air is a production of the University of Michigan School
of Information and Michigan radio, made possible by a grant from the W.K. Kellogg
Foundation.
Most Americans carry several plastic cards in their wallets. These cards may be deducting
money from bank accounts, providing discounts on groceries, or giving access to buildings
and parking lots. Some of these cards are considered "smart" because they
contain small computers that store information.
The Center for Information Technology Integration, or CITI, developed a Smart Card that
acts as a Web Server. When the card is inserted into a reader and connected to a network,
it provides the program and files that make up a Web site. Although the Web site itself is
not very big, Smart Card technology does offer security features. Because there is a gap
between the physical card and the computer, hackers can't access files stored on a card in
your wallet.
According to Peter Honeyman, Director of CITI, Smart Cards may give consumers more control
over access to their personal information, because information can only be read when the
consumer puts the card in a reader. For example, the German government distributes smart
cards to citizens that contain personal medical information, but doctors' offices can only
read that information when the patient provides the card.
Honeyman says this data exchange process could eventually take place on the Internet. The
consumer would insert the card into a reader at home, and the recipient could access that
data over the Web. As organizations collect more and more consumer information, Smart
Cards may provide security to make sure that personal information stays private.
Find out more about Smart Cards on our Web site, www.iota.org. For Internet on the Air,
I'm Joan Silvi.
Top of Page
Related Links
For further information, try these Web sites:
 Visit the Web site for The Center for Information Technology Integration to
learn more about their research.
On the Smart
Card page you'll find links to other Smart Card resources, CITI Smart Card projects,
and Smart Card vendors.
Delve deeper and go to the Web Card page.
You can learn about the Web Card's capabilities or take a test drive to see how it works.
- PrivacyExchange.org
maintains a list of privacy advocate
organizations and their Web sites. Some of these organizations are listed below:
- TRUSTe wants to raise users'
confidence in the Internet. Participating members must meet TRUSTe's privacy standards to
earn the TRUSTe seal on their homepage.
- The American Civil Liberties Union is
well known for its defense of individual rights. Look on their site for U.S. cryptography
and privacy-related issues in the "Workplace Rights," "National
Security," and "Cyber-liberties" sections.
- Americans for Computer Privacy
is a group of 40 trade associations, over 100 companies from a range of industries, and a
number of liberal and conservative organizations interested in protecting the privacy of
Americans' confidential files and communications.
- The Center for Democracy and
Technology "works for public policies that advance civil liberties and democratic
values in new computer and communications technologies."
- The Computers, Freedom, and Privacy
Conference is an annual "forum and gathering place for the key members of the
legal, technical, government, hacker, computer security, business, law enforcement,
national security, and journalistic communities to meet, discuss, and debate developments
relating to computers, freedom and privacy."
- Electronic Privacy Information Center is a
research center in Washington, D.C. At their site you can find privacy news from around
the world, as well as information about privacy legislation in the United States.
Top of Page
The Interview
IOTA interviewed Peter Honeyman in January 2000.
How does the Smart Card function as a Web
server?
A Smart Card is just like a credit card except that it contains a computer. It's a
general purpose computer that's kind of limited –it's basically is a 20 year old
computer, but nonetheless it is a computer and you can run a Web server on any computer.
This is probably the smallest computer you could run a Web server on. Not in terms of
its physical size, but in terms of the resources available. It has very little memory
available to it so there's not much space for storing programs (of course a Web server is
a program). And there's not much space for storing content. In fact, half of the space
available for content on our Web server is taken up by an image of the Web server itself.
So this doesn't allow for a very big Web page.
No, it's a really small collection of Web pages, but that's a fundamental limitation in
Smart Cards. They just happen to be very small – well, the cheap ones are. There are
some more capable ones but they're really expensive and nobody issues them.
How do Smart Cards enhance security?
Any computer that is on the Internet is subject to attack. Most computers on the
Internet, in fact, are being probed. Most users are unaware of this but probes are
happening all the time. A computer that's in your wallet is not being probed and has
fundamental security that is lacking in any other computer. It's what we call "air
gap" technology. There's an air gap between the computer and the network.
What is the intended audience or use for this
type of Smart Card?
Our perspective on the use of Smart Cards is a little bit different from that
prevailing in the industry. The Smart Card industry has focused on banking and other sorts
of e-commerce applications. The kinds of applications that they run are sort of stovepipe
applications – they're self-contained and they don't interoperate with anything else.
If you want to use your Smart Card, you plug it in and you run their application and you
do stuff with it. For example, the merchants on campus have card readers, but you can't
access information on the card from another program on your computer. The only application
that runs is the merchant's card reader application. In fact it doesn't even run on the
computer. It runs on the card reader itself.
We're trying to use Smart Cards in a more general environment. We're trying to use them
as an adjunct to the existing systems that we use. Smart Cards are interesting and cool
because they have some nice security properties. That's because the access to the
information on the card is very restricted by the programming interface that is defined by
the card manufacturer. So that for example, you can't access the memory in a Smart Card
the way you can in a normal computer. In a normal computer you can simply read the entire
contents of memory…any clever programmer can write a small application and dump the
entire contents out…but you can't do that on a Smart Card. There just is no way to
say "Dump the contents of memory".
How are Smart Cards immune to hackers?
There's a little operating system that runs on the computer that's in the Smart Card,
and that operating system does not have a command that says "Dump Memory". It's
just not there. So while there's a file system and you can get access to the contents of
files, you can't get access to other protected objects on the card. Objects that are
protected include the permanent storage on the card, and in fact many of the files on the
card can be marked in a way that the operating system will refuse to dump their contents.
Was this design intentional?
That's what they had in mind. In order to use [Smart Cards] as a security instrument
they imbued it with some security properties. Because it has those security properties and
because it's tamper resistant in very strong ways it's a great token for doing secure
kinds of operations. The kind of security that we're looking for on campus is Web-access
control and access to e-mail accounts, the ability to indelibly mark a file or a mail
message with the owner's identity. Those sorts of things – the ability to log in
securely. Those are things that we do all the time and they can be made much more secure
than they are. We're trying to make them more secure by adding Smart Cards into the mix
and using the Smart Card security as leverage for enhancing the security of the other
systems that we use. So it's kind of a toehold on secure systems on which you can build
secure fortresses.
What types of general public uses will we see
for Smart Cards?
Smart Cards do have the ability to offer secure storage. It can be extremely secure
because often it's not even powered up. It's sitting in your wallet, and nobody's breaking
into your Smart Card when it's not powered up and sitting in your wallet. But even when
it's plugged in to a card reader and attached to a computer it has certain security
properties. The Smart Card industry is looking for the "killer app". They're
looking for applications that will make people want to use Smart Cards. One example
application aside from the "M-Card" application which has a stored value
application on it, there are other kinds of applications.
In Germany there is a very large program to issue health cards to the populace that
stores your critical health information. Now that's pretty clearly some personal and
private stuff, and you would like to have the ability to store it in a secure way. A Smart
Card is a sensible way to store that. It's better than a piece of paper which can get
lost. It's better than a floppy disk that anyone can read and modify in any way.
But then the question is how do you access the information that's on it. The Smart Card
industry offers a way to access that information, which again, is this stovepipe
application. You use their application, and you can get at the information.
Our feeling is if you want to get access to information, especially information over
the Internet, the best way to do that is to make it accessible to anyone who has Internet
access and a Web browser. That's really what we're trying to do here. We're looking at new
ways of interacting with Smart Cards – ways that are far beyond the kinds of MS-DOS
style command line interfaces that are offered by the industry. We're trying to integrate
them into the Internet access modes that we have today.
So if you want to store information securely, a Smart Card is a great way to do it. If
you want to access that information, the Web is a great way to get at it. We have to do a
couple more things to make it secure enough so that I could put my private, confidential,
personal information into a card reader attached to my computer, and restrict access to
others through the Web.
Hypothetically, a doctor's office could read
your health information over the Web.
They would have all the applications they need to get at it. In fact, the card can be
sitting in a card reader in your home, and you simply tell the physician's assistant what
your Internet URL is, and now they can get access to it. Or you can stick it into a card
reader anywhere.
Tell us about other Smart Card projects that
CITI is working on.
We're building interfaces so that you can use Smart Cards from a Palm Pilot. One of the
applications we've developed is a value-checker for the M-Card that also works for the
Visa cash store value card. And, we're building security into the Palm Pilot using the
cryptographic functionality of a Smart Card. The Palm Pilot, although it has a button
called "Security", has no security. You can dump the contents of the Palm
Pilot's memory and even though you've marked your secret girlfriend's address as private,
it's not private. Anyone who knows anything about a Pilot will be able to get access to
it. Even though it's password protected it simply does not have security. We're building
an adjunct to the Palm Pilot security that uses the functionality of a Smart Card.
But what we're finding is that that's actually not the best solution either because we
have to manufacture these [Palm Pilot Smart Card readers]. We really want to write
software for the Palm Pilot that offers Pilot security but we don't want to be in the
business of building these readers. We build them with solder and hot glue and it's kind
of messy and very grungy.
Is there a market for Palm Pilot security?
We're trying to build a market, basically. We're researchers so we know nothing about
markets, but we're trying to start a ground swell of demand for real security on the Palm
Pilot. So the Palm Reader is one approach.
Of late, though, we're looking at something that's even cooler. If you ever look at a
European cell phone, you find that (these are GSM phones) if you open up the back, there's
a Smart Card in there, and it's an ordinary Smart Card. This, in fact, is really the
biggest market for Smart Cards today – the fastest growing market for Smart Cards is
in GSM phones. They are used for security here -- they're called Subscriber Identification
Modules. When you order up service you go buy any phone you want and they give you one of
these. You stick it in your phone and all of a sudden, you're on the air.
Well, this phone also has infrared, and the Pilot has infrared. So now we're thinking
if I want Smart Card functionality, instead of clipping a card reader onto the Pilot, why
don't I simply use infrared and talk to the Smart Card that I'm already carrying that's
sitting in my cell phone. We haven't made much progress on this yet but this is really
where we want to go. We want to be able to beam information between the Pilot and the cell
phone to get at access to the Smart Card and then use the cryptographic functionality that
is available from the card and maybe even encrypt the beam itself for additional security.
That's what we're trying to do right now.
How do Smart Cards fit into the larger context
of the privacy debate?
Privacy is a really important issue and in fact I think people are kind of
schizophrenic about it. On the one hand, they want as much privacy as possible. On the
other hand they want the kinds of services that the commercial sector makes available
based on deep, detailed knowledge of a consumer's habits. There's a lot of controversy
over maintaining privacy over the Web or even at Kroger's. A lot of people are concerned
that if entities in the commercial sector know everything about you, they might be able to
exploit you.
I'm also schizophrenic about this. Yeah, I'm not really crazy about Kroger knowing that
I prefer Wheat Chex to Rice Chex, and targeting me with advertising based upon their
knowledge of my preference. It makes me kind of uncomfortable. On the other hand, I prefer
Wheat Chex over Rice Chex and if they never send me a Rice Chex coupon and send me a lot
of Wheat Chex coupons, this would be a good thing.
As it relates to Smart Cards, the choice here is between centralized databases of the
sort DoubleClick and other Web advertising companies are maintaining on you versus
centralizing all that information onto a card that you hold and carry around. I think that
most privacy advocates would agree that maintaining control over that information offers
you more privacy. So actually it's a good thing with respect to personal privacy.
On the other hand, there are distinct advantages in this directed, targeted marketing
program that commerce is trying to accomplish these days. There are real advantages for
consumers. Marketing costs will be cut to the bone when you can really have a market of
one target your marketing toward an individual based upon your knowledge of her actual
preferences – what kinds of marketing really does work. If you add up the amount of
junk mail that you get in a year, if all of the junk mail that you didn't care about
– in my case sporting equipment – never came to me, then I would be a winner and
I would be a winner. Everyone would win. So the more they know about me, the better off I
am, in some sense, and the better off they are.
It sounds like the key will be consumers
trusting corporations.
That really is the question – to what extent are you willing to trust commercial
America. The Smart Card itself is a trust platform. It's a place where you can have a lot
of trust because you have personal, direct control over it. Furthermore, if you can access
the information on it using applications that you already have, then if your credit
history is stored on there you can access it anytime without having to pay three bucks.
This would be a win. But it takes away the advantages of the market of one which Internet
commerce companies are trying to accomplish. So there's a real tension.
I believe that there will be legislation that regulates what kind of information can be
collected about individuals and how that information can be shared. I suspect that the
regulations will be really weak. That it will just be the sort of voluntary privacy
advocacy of e-commerce sites, in which they simply state their privacy policy. That may be
a horrible privacy policy but stating the policy gives them this badge of e-privacy, or
whatever it's called. I suspect that there will be weak legislation that requires
e-commerce sites to post their privacy policy but I'm pessimistic about whether Congress
is willing to really clamp down on the way that information is shared. The reality is, you
don't have a right to privacy.
Please direct questions or comments to iota.webmaster@umich.edu.
Last Updated January 14, 2000
| 
