How to Make Operating Systems for Smart Cards Open
                    P.Blaskiewicz, P.Kubiak, M.Kutylowski
                        Wroclaw University of Technology

Development of widespread dissemination and intensive use of  electronic ID-cards
is blocked by business reasons: while native cards are relatively easy for security 
inspection and need not to implement many features for operating system,they yield 
a technical monopoly for the card provider. This is unacceptable in many cases 
for business reasons.

On the other hand, Java cards provide a flexible platform forthird party software 
providers that may develop applications. A Java card admits uploading such software 
to the card provided that it has appropriate certificate of the card manufacturer.
Consequently, in this business model, the card software once certified can be uploaded 
to any card of a given type.

In this paper we propose a new business model for smart cards' OS developers,
namely: ``earn on the service'' instead of ``earning on the product''.
We show that such an approach is feasible from the technical point of view --
we present an appropriate solution using  hash based signatures and hash trees.
By applying signature scheme described in the paper a developer of card's operating system
will have a business motivation to  publish at least a partial specification of internal, 
low level API of their native OS system. In turn, this will ease developing applications as well.


What is more, the solution proposed may be applied to any embedded system and its OS developer.
This refers especially to applications in which transparency of the development and maintenance 
processes is essential, like for example e-voting. In general, the protocol below enables
public scrutiny of software for embedded environment and at the same time preserves, in a very long 
period of time, interests of that environment creator.