1. Field of the Invention
The present invention relates generally to Near Field Communication (NFC) technology, and more particularly, to methods of identifying records that are to be secured in an NFC security Record Type Definition (RTD).
2. Description of the Related Art
NFC technology is currently being used with various handheld devices such as mobile terminals, mainly for sharing information, payment, and ticketing and travel. Accordingly, information related to these services can be exchanged over NFC using predefined NFC tags as per the NFC RTD.
The Security Work Group (WG) in the NFC Forum™ has defined a record type called the Signature RTD that can be included as a record in a Near Field Communication Data Exchange Format (NDEF) message. The signature RTD provides a way to verify the authenticity and integrity of some, or all, of the records in an NDEF message. The Signature RTD contains a digital signature that can be verified using pre-established credentials such as certificates.
A wide range of applications can be supported over an NFC link. Typically, modes of operation of NFC devices can be classified as Reader/Writer mode, Peer-to-Peer mode, and Card Emulation mode. In the Peer-to-Peer mode of communication both NFC devices can have similar capabilities and there is no distinction between the devices. In Reader/Writer mode of communication, one of the devices has the capability of the Reader/Writer and the other device stores a simple tag. In the Card Emulation mode of communication, one of the devices is a reader and the other device could be a tag or an NFC device that stores the details of a smart card or a credit card.
Data used in NFC communication can be stored is several formats. A NDEF message is a collection of one or more individual records that can have specific definitions called Record Type Definitions (RTDs). The NFC Forum™ defines several well-known RTDs. For some typical applications of NFC, like Smart Poster, Handover of Configuration information, Web Access, etc., RTDs are defined by the NFC Standards body and published as recommendations. These RTDs can be used individually or as a part of an NDEF message. The record includes a few header fields that list the control information for the record, for example, type, payload length, and an optional ID field. The data specific to the application are stored in payload field of the record. The details of the NDEF message format are provided in the NFC Data Exchange Format (NDEF), Technical Specification—NFC Forum™ NDEF 1.0 NFCForum-TS-NDEF—1.0-2006 Jul. 24.
Some of the typical applications of NFC are Smart Posters, e-ticketing, coupons, loyalty points, and Peer-to-Peer applications like vcard exchange, image transfer, and the like.
For the above-mentioned applications, application data can be formatted in a single record or in multiple records.
An NDEF message is a collection of individual records following some predefined RTD. Data in the NDEF record can be secured for integrity protection and to authenticate the creator of the record by adding NFC Signature RTD records. The Signature RTD creator uses algorithms to create a digital signature field that provides integrity protection. Keys that are used to generate a digital signature for a message are provided in certificates that are also listed in the Signature RTD.
The NFC Forum™ document that explains the specification for the Signature RTD, which will be referred to herein, is NFC Forum-TS-RTD_Signature—0.99-Technical Specification NFC Forum™ RTD-Signature 0.99-NFC Forum-TS-RTD_Signature—0.99-2008 Jun. 10, DRAFT.
One or more Signature RTD records can be added to an NDEF message to provide security features such as integrity and authentication for one or more records in the NDEF message. In the Signature RTD specification there is a need to explicitly identify the records for which the signature field in the Signature RTD provides security. The Signature RTD specification, before version 0.99, defines that a given Signature RTD record can provide security to all the records preceding this Signature RTD record or it can protect the records that are between a previous Signature RTD in the same NDEF message and the present Signature RTD record.
However, the above referenced definitions for specifying the records that are secured by a Signature RTD record are not flexible enough as it is not possible to exclude some records in the beginning of an NDEF message that do not need to be secured. That is, there is no method to identify a block of records in an NDEF message that are secured by a Signature RTD.