Smart Card Application Development Using Java

Size: px

Start display at page:

Download "Smart Card Application Development Using Java"

Edgar Webster
8 years ago
Views:

1 Uwe Hansmann Martin S. Nicklous Thomas Schack Frank Seliger Smart Card Application Development Using Java With 98 Figures, 16 Tables and a Multi Function Smart Card Springer

2 Table of Contents Preface 1 About This Book 1 The Audience of This Book 2 No Need to Read the Whole Book 2 About the Authors 8 Acknowledgements 9 Part I. Smart Card Introduction and Overview 11 1 What Makes the Smart Card "Smart"? What is a Smart Card? The Benefits of Smart Cards Smart Card Hardware Memory Cards and Microprocessor Cards Contactless Cards The Computer on the Smart Card Mechanical Contacts The Size of a Smart Card Hardware Security The Manufacturing Process 21 Table of Contents IX

2 Smart Card Hardware 16 1.2.1 Memory Cards and Microprocessor Cards 16 1.2.2 Contactless Cards 17 1.2.3 The Computer on the Smart Card 17 1.2.4 Mechanical Contacts 19 1.

3 2 Introduction to Smart Card Software Smart Card Application Development Process Communication with the Card APDUs T=0 and T=l TLV Structures Smart Card Operating Systems File System Smart Cards Java Card Multos Smart Card for Windows 33 3 Smart Cards and e-business Electronic Purses GeldKarte Mondex Proton Visa Cash Common Electronic Purse Specification Authentication and Secure Access Workstation Access Network- and Server-Login Secure Communication Digital Signatures Other Uses of Smart Cards in e-business Electronic Ticketing Loyalty Programs Growth Expected 48 4 Cryptography Cryptographic Algorithms Symmetric Cryptographic Algorithms 50 Table of Contents

1.2 Mondex..40 3.1.3 Proton 40 3.1.4 Visa Cash 41 3.1.5 Common Electronic Purse Specification 42 3.2 Authentication and Secure Access 43 3.2.1 Workstation Access 44 3.2.2 Network- and Server-Login 44 3.

4 4.1.2 Public-Key Algorithms Hybrid Algorithms Smart Card Cryptographic Protocols External Authentication Internal Authentication Secure Messaging TLSand Smart Cards 64 5 Smart Card Readers and Terminals Smart Card Readers Smart Card Terminals Biometric Identification 70 6 Smart Card Standards and Industry Initiatives ISO Standards EMV ICC Specifications for Payment Systems PC/SC Visa Open Platform 78 Part II. OpenCard Framework 79 7 Introduction to OpenCard The History of the OpenCard Framework The OpenCard Consortium The Objectives of the OpenCard Framework The Advantages of Using OCF 84 Table of Contents XI

3 Biometric Identification 70 6 Smart Card Standards and Industry Initiatives 71 6.1 ISO Standards 71 6.2 EMV ICC Specifications for Payment Systems 73 6.3PC/SC 75 6.

5 7.5 The OCF Architecture A Note on Notation Architecture Overview 87 8 The Utility Classes The OpenCard Core Definitions The Core Utility Classes Hex String Processing The Configuration Provider The Tracer System Access The Optional Utility Classes The Loader Classes The PassThruCardService The Tag and TLV Classes The Terminal Layer Terminal Layer Core Components Terminal Registry and Event Mechanism Device Abstractions The Terminal Layer Exceptions PIN / Password Support Terminal Layer Optional Components The opencard.opt.terminal Package The opencard.opt.terminal.protocol Package Tracing in the Terminal Layer Communicating with the Card Reader '. r The Java Communications API The Implementation Using the T=l Protocol Support,., Implementing the CardTerminal Implementing the CardTerminalFactory 134 Xll Table of Content*

1 Terminal Layer Core Components 108 9.1.1 Terminal Registry and Event Mechanism 109 9.1.2 Device Abstractions 110 9.1.3 The Terminal Layer Exceptions 113 9.1.4 PIN / Password Support 114 9.

6 10 The Service Layer The CardService Layer Core Components The Application Access Classes The Card Access Classes The CardService Support Classes The CHV Support Classes The CardService Exceptions The CardService Optional Components Standard CardService Interfaces The ISO File System CardService The Signature CardService The Application Management CardService The OCF Security Concept OpenCard Security Overview OpenCard Security Classes The Smart Card Key Classes CardService Interface Classes Credentials Running OCF in Browsers Browser Security Models Invocation of Privileged Methods Security Implications 179 Part III. Smart Card Application Development Using OCF Using OCF Preparing Your System Configuring OCF on Your System Setting the OCF Configuration Properties 184 Table of Contents XIII

3.3 The Application Management CardService 163 11 The OCF Security Concept 165 11.1 OpenCard Security Overview 166 11.2 OpenCard Security Classes 168 11.2.2 The Smart Card Key Classes 170 11.2.3 CardService Interface Classes 172 11.

7 4.1.2 Public-Key Algorithms Hybrid Algorithms Smart Card Cryptographic Protocols External Authentication Internal Authentication Secure Messaging TLSand Smart Cards 64 5 Smart Card Readers and Terminals Smart Card Readers Smart Card Terminals Biometric Identification 70 6 Smart Card Standards and Industry Initiatives ISO Standards EMV ICC Specifications for Payment Systems PC/SC Visa Open Platform 78 Part II. OpenCard Framework 79 7 Introduction to OpenCard The History of the OpenCard Framework The OpenCard Consortium The Objectives of the OpenCard Framework The Advantages of Using OCF 84 Table of Contents XI

Government Smart Card Interoperability Specification

Interagency Report 6887-2003 Edition Government Smart Card Interoperability Specification Version 2.1 Teresa Schwarzhoff Jim Dray John Wack Eric Dalci Alan Goldfine Michaela Iorga July 16, 2003 NIST Interagency