© 2011 ecsec gmbh>>1 ecard-api-framework. © 2011 ecsec gmbh>>2 iso/iec...
TRANSCRIPT
![Page 1: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/1.jpg)
© 2011 ecsec GmbH >>
1
Service-Access-Layer
Identity-Layer
Terminal-Layer
Application-Layer
eCard-Interface
GRTool, Border
Control ...
eHealth-Application
ePA-Application
JobCard ELSTER ...
ISO24727-3-Interface
ePassport CardInfo
ePA CardInfo
eGK/HBA CardInfo
ePassportConvenience
Support Services
Support-Interface
Generic Card Services
...
Management Services
Mgmt-Interface
Encryption Services
Signature ServicesIdentity Services
IFD-Interface
SCARD-Interface
PC/SC 2.0 IFD-Handler
IFD-Handler
IFDSICCT
CT-API-Interface
MKT, B1 etc.
SICCT-Interface
ePAConvenience
eHealthConvenience
JobCardConvenience
eID
Manage-ment
ManagementConvenience
ELSTERConvenience ...
eCard-API-Framework
![Page 2: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/2.jpg)
© 2011 ecsec GmbH >>
2
ISO/IEC 24727-Architecture
![Page 3: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/3.jpg)
© 2011 ecsec GmbH >>
3
Example: MSE for Signature Generation
![Page 4: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/4.jpg)
© 2011 ecsec GmbH >>
4
CardInfo
![Page 5: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/5.jpg)
© 2011 ecsec GmbH >>
5
Signaturen mit dem eCard-API-Framework
![Page 6: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/6.jpg)
© 2011 ecsec GmbH
Signature
App eSign SAL
SignRequest(DIDName,Doc) Hash(DIDName,Doc)
SignResponse(SigObject)
1
ACLList(DIDName)
CardInfo
h
<HashGenerationInfo>
IFD
possibly Transmit(...)
<DIDACL>
DIDAuthenticate(PIN)
2
<ACL>
3
evaluate <ACL>
<PinCompareMarker>
VerifyUser (...)
4
Sign(DIDName,h)<CryptoMarker>
Sequ. of Transmit(...)
5
6
possibly create AdES
7
9
TV
ShowViewer(VID,Doc)
8
>>
6
![Page 7: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/7.jpg)
© 2011 ecsec GmbH
dss:SignRequest
>>
7
1
![Page 8: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/8.jpg)
© 2011 ecsec GmbH
Hash / HashResponse
>>
8
2
![Page 9: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/9.jpg)
© 2011 ecsec GmbH
HashGenerationInfo@CardInfo
>>
9
2
![Page 10: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/10.jpg)
© 2011 ecsec GmbH
HashGenerationInfo
>>
10
2
![Page 11: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/11.jpg)
© 2011 ecsec GmbH
ACLList
>>
11
3
![Page 12: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/12.jpg)
© 2011 ecsec GmbH
DIDACL@CardInfo
>>
12
3
![Page 13: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/13.jpg)
© 2011 ecsec GmbH
AccessRule
>>
13
3
![Page 14: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/14.jpg)
© 2011 ecsec GmbH >>
14
ACL auswerten
>>
14
4
1. Determine available DIDs with CardApplicationPath and ACLList, CardApplicationConnect, DIDList od CardInfo-Access
2. Normalisation of ACL3. Perform appropriate Authentication Steps
![Page 15: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/15.jpg)
© 2011 ecsec GmbH >>
15
ShowViewer
>>
15
5
![Page 16: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/16.jpg)
© 2011 ecsec GmbH >>
16
DIDAuthenticate
>>
16
6
![Page 17: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/17.jpg)
© 2011 ecsec GmbH >>
17
CardInfo-Ausschnitt für PinCompareMarker 6
![Page 18: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/18.jpg)
© 2011 ecsec GmbH
VerifyUser
>>
18
6
![Page 19: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/19.jpg)
© 2011 ecsec GmbH
iso:Sign / iso:SignResponse
>>
19
7
![Page 20: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/20.jpg)
© 2011 ecsec GmbH
SignatureGenerationInfo@CardInfo
>>
20
7
![Page 21: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/21.jpg)
© 2011 ecsec GmbH
SignatureGenerationInfo
>>
21
7
![Page 22: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/22.jpg)
© 2011 ecsec GmbH
StateInfo@CardInfo
>>
22
7
![Page 23: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/23.jpg)
© 2011 ecsec GmbH >>
23
StateInfo
>>
23
7
![Page 24: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/24.jpg)
© 2011 ecsec GmbH >>
24
State
>>
24
7
![Page 25: © 2011 ecsec GmbH>>1 eCard-API-Framework. © 2011 ecsec GmbH>>2 ISO/IEC 24727-Architecture](https://reader035.vdocuments.pub/reader035/viewer/2022062721/56649f265503460f94c3cf08/html5/thumbnails/25.jpg)
© 2011 ecsec GmbH
dss:SignResponse
>>
25
9