Secure access module
{{more citations needed|date=February 2022}}
A Secure Access Module (SAM), also known as a Secure Application Module, is a piece of cryptographic hardware typically used by smart card card readers to perform mutual key authentication.{{Cite book |last=Al-Khouri |first=Ali M. |url=https://books.google.com/books?id=MgIvy_GJwPoC |title=Critical Insights from a Practitioner Mindset |date=2013 |publisher=Chartridge Books Oxford |isbn=978-1-909287-59-4 |pages=243 |language=en}}{{Cite web |title=Fare Collection Systems - Secure application modules |url=https://www.ssatp.org/sites/ssatp/files/publications/Toolkits/Fares%20Toolkit%20content/fare-collection-technologies/smart-card-transactions/secure-application-modules.html |access-date=2024-05-02 |website=www.ssatp.org}}{{Cite web |date=2023-12-05 |title=What is a Secure Access Module (SAM)? |url=https://community.infineon.com/t5/Blogs/What-is-a-Secure-Access-Module-SAM/ba-p/653148 |access-date=2024-05-02 |website=community.infineon.com |language=en}} SAMs can be used to manage access in a variety of contexts, such as public transport fare collection and point of sale devices.
Formats
- Removable SAM: This form factor resembles a standard Subscriber Identification Module (SIM) card. It plugs into a dedicated SAM slot within the smart card reader.
- Embedded SAM: This form factor integrates the SAM functionality directly onto the printed circuit board (PCB) of the reader system. The SAM component is typically housed within a secure enclosure soldered onto the PCB.
Components
A typical smart card reader system generally consists of the following key components:
- Microcontroller (MCU): This acts as the central processing unit (CPU) of the reader system. It manages various tasks such as protocol handling, data flow control, and data interpretation.
- Reader Integrated Circuit (Reader IC): This specialized chip facilitates communication between the SAM and the contactless smart card using radio frequency (RF) interface protocols.
Integration and functionality
By integrating a SAM into the reader system, the security functionalities are centralized and offloaded from the MCU. The SAM assumes responsibility for:{{Cite book |last=Bragdon |first=Clifford |url=https://books.google.com/books?id=BagR-hUNmuoC&dq=Secure+Access+Module+%28SAM%29&pg=PA372 |title=Transportation Security |date=2011-08-19 |publisher=Butterworth-Heinemann |isbn=978-0-08-088730-2 |language=en}}
- Key Management: Secure storage and management of cryptographic keys, including master keys and application keys derived from them.
- Cryptography: Performing various cryptographic operations such as encryption, decryption, and digital signing to ensure data confidentiality and integrity.
- Mutual Authentication: Facilitating a two-way authentication process between the smart card and the reader system to verify the legitimacy of both parties before allowing any communication to proceed.
- Secure Messaging: Enabling secure communication between the SAM and the host system by encrypting and authenticating data packets.{{Cite web |title=ACOS6-SAM |url=https://www.acs.com.hk/en/products/481/acos6-sam-secure-access-module-card/ |access-date=2024-05-02 |website=acs.com.hk}}
Image:Hvqfn housing.JPG housing]]SAMs can be deployed in any of the following applications:{{Cite web |title=ACOS6-SAM Secure Access Module Card |url=https://www.acs.com.hk/en/products/20/acos6-sam-secure-access-module-card/ |access-date=2024-05-02 |website=acs.com.hk}}{{Cite web |title=Secure Access Module. Sims Direct |url=https://simsdirect.com.au/collections/europe |access-date=2024-05-02 |website=simsdirect}}{{Cite patent|number=WO2019210427A1|title=Secure access control|gdate=2019-11-07|invent1=Ouellet|inventor1-first=Sylvain|url=https://patents.google.com/patent/WO2019210427A1/en}}
:* Generate application keys based on master keys
:* Store and secure master keys
:* Perform cryptographic functions with smart cards
:* Use as a secure encryption device
:* Perform mutual authentication
:* Generate session keys
:* Perform secure messaging