General informations about the Smart Sign Project
Security, today, is becoming more and more a central
issue for web producers, developers and users. The "open" nature
of the Internet has caused a growing interest in authenticating
users, documents and data over the web.
Nowdays Public Key Infrastructures are being widely
adopted as "The" solution for network security. However, the level
of trust of such architectures depends completely on the security
of some private keys. Smartcard technology is being
actually used to achieve the maximum security level for private
The need for data security has been being widely confirmed by the
growing number of cryptograpic tools that are starting to populate
the Internet today, both in the commercial and the freeware or
OpenSource worlds. These tools are still lacking a smart card
support, because of the intrinsic complexity of the smart card
world that discourages developers.
Main aim of this project is to integrate Open Source cryptography
based security tools publicly available over the Internet with
smartcard technology, to obtain a system for smartcard based
Digital Signature and Authentication services.
A secondary aim of this project is developing all the open source
building blocks needed by developers to integrate smart
card technology into their applications in a uniform, card
independent, way. Differences among different kind of cards, both
in supported features and in communication protocols, have always
discouraged developers to go through such an integration
path. Development of a common API that allows host
applications to talk to almost equivalent (even if different)
cards and a reference open source implementation are surely two
steps towards this integration.