INTERNATIONAL ISO/IEC STANDARD 24727-4 First edition 2008-11-01 Identification cards Integrated circuit card programming interfaces - Part 4: Application programming interface (APl) administration Cartes d'identification - Interfaces programmables de cartes a puce - Partie 4: Administration d'interface de programmation (APl) Reference number ISO/IEC 24727-4:2008(E) Iso IEC @ISO/IEC2008 HS under ted without license from IHS Not for Resale ISO/IEC 24727-4:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by IsO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below COPYRIGHTPROTECTEDDOCUMENT @ ISO/IEC2008 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, IsO's member body in the country of the requester. ISO copyright office Case postale 56. CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail [email protected] Web www.iso.org Published in Switzerland @ ISO/IEc 2008 - All rights reserved ed without license from IHS Not for Resale ISO/IEC 24727-4:2008(E) Contents Page Foreword. Introduction .. vi 1 Scope 2 Normative references . 3 Terms and definitions.. 4 Abbreviated terms ..... 3 5 Architecture specialization. 5.1 Full-network-stack 5.2 Loyalstack.......... 5.3 OpaqueIcc-stack.. 5.4 Remote-loyal-stack. 10 5.5 ICC-resident-stack 11 5.6 Remote-ICC-stack.. 12 6 Security architecture..... 12 6.1 Path-protection-policy.... 12 6.2 ACL - ACR mapping... 14 6.3 Secure messaging 14 6.4 Trusted-channel key administration, 15 7 Connection components..... 15 7.1 Actionrequestandresponsesemantics 15 7.2 Proxy - Agent Architecture 15 7.3 Trusted-channel Interface.. 16 7.3.1 TC_API_Open request... 17 7.3.2 TC_API_Close request . 18 7.3.3 TC_API_Read request , 19 7.3.4 TC_API_Write request ... 20 7.3.5 TC_API_Reset request 21 7.3.6 TC_API_GetStatus request. 22 7.4 Interface Device API 23 7.4.1 Establish Context..... 7.4.2 ReleaseContext. 25 7.4.3 ListIFDs 26 7.4.4 GetIFDCapabilities 27 7.4.5 GetStatus 7.4.6 Wait.. 32 7.4.7 Cancel 33 7.4.8 ControiiFD 7.4.9 Connect 35 7.4.10 Disconnect 36 7.4.11 BeginTransaction. 37 7.4.12 EndTransaction.... 7.4.13 Transmit.. 39 7.4.14 VerifyUser. 40 7.4.15 ModifyVerificationData.. 43 7.4.16 Output ... 7.4.17 SignalEvent 47 Copyrght International Organizaion for standardization All rights reserved ili ted without license from IHS Not for Resale