Virtualization targets single-core PIN-entry devices
May 2, 2007 — by LinuxDevices Staff — from the LinuxDevices Archive — viewsTwo companies have partnered on a virtualization approach for single-core PEDs (PIN entry devices) that is claimed capable of supporting PCI-PED (payment card industry PED) certification. Running on Innova Card's USIP chip, Trango's single-core Hypervisor architecture is “at least as secure and ready for certification” as multi-chip or multi-core designs, Trango said.
The Trango Hypervisor enables secure PIN entry processes to run in their own execution environment, “fully partitioned” from a non-secure OS such as Linux or Windows CE. Presumably, the rich OS could be used to deliver multimedia ads, weather reports, or other messaging. The Hypervisor “protects against physical and software attacks, secures the access to peripherals and memories, and guarantees the critical code's integrity,” according to Trango.
Trango said that an independent PCI-PED lab assessed its Hypervisor technology running on Innova Card's USIP chip, and concluded that “the combination inherently assists vendors in meeting many of the security requirements for PCI-PED approval.”
DAndY Pad (Click for details) |
Innova Card's USIP chip is based on a MIPS32 4KSd CPU core clocked at 96MHz. It integrates controllers for smart cards, LCD panels, and keypads, along with cryptographic hardware. It was ported to Linux in Sept. of 2005, and was previously used in a DA Sistemi Group DAndY Pad product (pictured at right) that passed PCI-PED requirements.
InnovaCard USIP chip diagram
Gregory Rome, security project leader at Innova Card, stated, “Innova Card and Trango Systems share the same strategic vision: security is not a patch or an add-on; it has been fully integrated into USIP and the Trango Hypervisor from the very beginning.”
Bruno Zoppis, product manager at Trango, stated, “Terminal manufacturers can now run secure applications and open operating dystems and reach high certification levels through the use of a singlechip/single-core platform, without resorting to a costly additional security chip or dedicated core.”
Neither availability nor pricing details were disclosed.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.