随着国际化的进程加速,电子护照替代传统护照已经成为国际发展的必然趋势。目前,国际民用航空组织(ICAO)和欧盟(EU)已经推出三代电子护照,第一、二代护照已经在全球发行。随着技术的不断发展,第一、二代护照暴露出许多安全问题,第三代护照采用了新的访问控制机制,其安全性得到很大提高。介绍ICAO和EU的三代电子护照发展历程,从物理层面、通信层面和协议层面分析了电子护照的安全,重点研究电子护照协议层存在的安全问题以及探讨这些问题的一些解决方案。综合分析研究,对提高电子护照的安全性和隐私性有重大意义,对于安全证件领域的研究者也具有指导意义。%With the acceleration in internationalisation progress,to replace traditional passport with e-passports has become an inevitable trend of international development.Three generations of e-passport have been introduced by International Civil Aviation Organisation (ICAO)and European Union (EU),and the first two generations of e-passport have been issued worldwide.With the constant development of technology, various vulnerability problems are exposed in the 1 st and 2st e-passports.In third generation of e-passports new access control mechanism has been adopted,its security has been greatly improved.In this paper we introduce the development course of three-generation e-passports issued by ICAP and EU,analyse e-passports security mechanisms in levels of physics,communication and protocol,the focus is put on studying some security issues existing in protocol level of e-passports as well as discussing the solutions in regard to these issues.These studies have significance on improving the security and privacy of e-passports,and have the guidance meaning for the researchers in the area of secure credentials.
展开▼
