Alliance Activities : LEAP : CSCIP/G Body of Knowledge

CSCIP/G Body of Knowledge


Smart Card Fundamentals

  • Basic smart card components, structure, functions
  • IC types (memory, protected memory, microcontroller, RF)
  • Card design and card body
  • Formats (card, USB token, SIM, embedded, other)
  • Communications interfaces (contact, contactless, dual interface)
  • Memory size and types
  • Operating systems (native, Java, Multos, other)
  • Smart card system design features
  • Manufacturing process
  • Readers (POS, PC, access control)
  • Relevant smart card standards (ISO, ANSI)
  • Smart cards and biometrics
  • Specifications

Security

  • Certifications (FIPS, Common Criteria)
  • IC level (anti-tampering, masking)
  • Card edge interface
  • Encryption algorithms
  • Security at system level
  • Physical
  • Logical

Smart Card Application and Data Management

  • Single application cards
  • Multi-application cards
  • Chip initialization
  • Key management (symmetric, asymmetric)
  • Issuance
  • Card life cycle management
  • Relevant standards

Smart Card Usage Models: Mobile and Near Field Communication

  • Smart card drivers and benefits
  • SIMs
  • UICCs
  • Near Field Communication
  • Sample smart card mobile and subscriber models

Smart Card Usage Models: Identity and Security

  • Smart card drivers and benefits
  • Identity cards and tokens
  • ePassports
  • Physical/logical access
  • Smart cards and biometrics
  • Smart cards and digital certificates
  • Sample smart card identity and security models
  • Relevant standards
  • Identity and security application examples
  • Privacy

FIPS 201, the PIV Card and Federal Identity Management

  • FIPS 201 common identity, security and privacy requirements
  • The PIV system and PIV card
  • PIV card issuance and lifecycle
  • FIPS 201 and biometrics
  • Federal levels of assurance
  • FIPS 201/PIV card physical and logical access use cases
  • FIPS 201/PIV card certification, testing and acquisition
  • PIV-I interoperability beyond the Federal government
  • Federal public key infrastructure
  • Federal identity, credential and access management guidelines