Security Stack

Details on the Security Stack

Since release 4.3.0, Open NFC includes a Security Stack designed to protect the access from applications to the secure elements (UICC, eSE). This is needed because NFC hardware provides a new channel to communicate with these elements. A buggy application (or malware application) could therefore potentially send destructive commands to the secure elements — for example failing several authentication attempts, resulting in locking the secure element.

Important: the security of the secure elements itself is not at all based on this security stack. The security stack simply enforces an access policy to the secure element.

Components of the Security Stack

About the internal design of this security stack, the Open NFC stack attempts to load a specific PKCS#15 applet from the secure element(s) it finds. If the applet is not available in the secure element, the former behavior is used as fallback, as if no Security Stack was available. If the applet is found, its contents is verified and used. The PKCS#15 applet expected by Open NFC contains schematically a white list of applications (on the phone) that can access applets and specific commands in the secure element. The Open NFC stack enforces this policy and rejects commands from unauthorized applications.

Here is the sequence of events:

  1. The Open NFC stack reads the PKCS#15 applet (if available) from the Secure Element and builds an internal representation of the access control list (ACL) it contains. Note that in order to exchange data with the Secure Element, some porting function may be required.
  2. When an application wants to “talk” with the Secure Element, it must first call the WSecurityAuthenticate() function. This allows the Open NFC stack to map the application with its ACL entries.
  3. When the application opens afterwards a connection to the SE or exchanges data, the Open NFC stack enforces the policy read from the PKCS#15 and blocks the calls that are not allowed in that file.

A Java application called AC File Generator Tool is included in the Core Edition delivery to ease the creation of the contents file for the PKCS#15 applet. Please refer to this application documentation for more information.

You can also refer to documents FRS_NFC_1104-241 and STS_NFC_1104-242 found in the /core/security folder of the Core Edition for more information.

Back to top

Except as noted otherwise, this content is licensed under the terms of the Apache 2.0 License. For details and restrictions, see the Content License.
Open NFC is a registered trademark of Inside Secure, All logos and graphics are copyrighted.