A given user may own several eGo devices and uses one according to a given context.
Nevertheless, all eGo devices shall be synchronized to ensure seamless accesses to the services then the following rules manage the eGo ecosystem expressed in the above figure:
- The user may have several eGo devices but a single one is active at a given time and is carried by the user.
- The eGo device is issued by an eGo issuer. The eGo issuer is the legal owner of eGo.
- The eGo devices used to a given user may be issued by different eGo issuers.
- Each eGo device is registered with a single TSM master collection cs6 mac.
- The organization managing the TSM certifies the eGo manufacturer supporting its security policy.
- Each TSM server shall provide a secure proxy to another TSM server supporting its security policy.
- Each eGo device manages at least a Secure Domain. The Secure Domain structure is based on the Global Platform standard.
- Each TSM server is responsible for managing all Secure Domains related to a given application on which the said TSM server has a business connector.
- The TSM server managing a given eGo shall delegate the management of secure domains according to the ownership of the applications via a secure proxy.
The eGo devices, used by a given user, are never active at the same time then the synchronization between eGo devices is sequential.
After synchronization, all eGo devices used by a given user contain the same security domains (and their respective data) irrespective of their eGo issuers, the TSM servers and the Service Providers.
A Service Provider may be an eGo issuer.