Open source software driver developed to improve PDA security

Nov. 22, 2004
The National Institute of Standards and Technology (NIST), working with Renesas Technology America Inc., has developed a software driver that will help improve the security of personal digital assistants—commonly known as PDAs. According to NIST, the new driver will enable PDAs to use special postage stamp-sized multimedia cards, which have all the security functions of a smart card and more storage capacity built-in, but are reportedly easier and less cumbersome to use than traditional credit card-sized smart cards. PDAs are highly portable and can store documents, spreadsheets, databases and many other resources usually associated with a laptop or desktop computer. One problem has been that if they are lost or stolen, it is relatively easy to bypass security mechanisms and gain access to their contents. Smart cards, which have an embedded computer chip with its own protected operating system, programs and data, can provide formidable PDA security. However, they also require a card reader, which can be nearly the size of the PDA, as well as the means to connect the reader to the PDA, such as a device expansion sleeve or a communications cord. As a result, traditional smart cards are seldom used as a security device for PDAs or other handheld devices. Most current PDAs have multimedia card slots. The new software driver controls the functions of the card when it is inserted into the slot, following standard specifications for secure multimedia cards recently drafted by the MultiMediaCard Association. NIST worked with Renesas, a member of the MMC Association, to develop the driver which is now available to researchers and others at www.musclecard.com/sourcedrivers.html, an open source repository of Linux and Unix smart card development tools.