EAP Smartcard Services Network interface. EAP messages processing (requests, notifications). A session key (PMK …) may be computed. EAP profile. A guideline for a particular EAP protocol (MD5, EAP-TLS, EAP-SIM, …). Operating System/Terminal interface. Identity Management. Multiple triplets (EAP-ID, EAP-Type, cryptographic keys) are stored in the smartcard and pointed by an identity parameter. User Profile. An information (ASN.1 encoded) meaningful for the terminal or the network. Preferred SSIDs X509 Certificates. Management/Personalization interface. Identities & User Profiles setting. User/Issuer Interface EAP smartcard is logically protected by two Personal Identification Number User PIN code (user protection). Issuer PIN code (service protection). |