Java Card TM Open Platform for Smart Cards



Similar documents
JavaCard. Java Card - old vs new

Smart Card Technology Capabilities

Java Card. Smartcards. Demos. . p.1/30

Smart Card Application Development Using the Java Card Technology

Smart Cards a(s) Safety Critical Systems

JCAT. Java Card TM. An environment for attack and test on. Serge Chaumette, Iban Hatchondo, Damien Sauveron CCCT 03 & ISAS 03

jcardsim Java Card is simple!

RVS Seminar Deployment and Performance Analysis of JavaCards in a Heterogenous Environment. Carolin Latze University of Berne

Mobile Application Languages XML, Java, J2ME and JavaCard Lesson 04 Java

picojava TM : A Hardware Implementation of the Java Virtual Machine

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

High Speed Software Driven AES Algorithm on IC Smartcards

Smart Cards and their Operating Systems

Fachbereich Informatik und Elektrotechnik SunSPOT. Ubiquitous Computing. Ubiquitous Computing, Helmut Dispert

Study of Java Card and its Application 1 Nainesh Rawani, 2 Akhil Patel

Smart Card APDU Analysis

Malicious Code on Java Card Smartcards: Attacks and Countermeasures

A Two Step Approach in the Development of a Java Silicon Machine (JSM) for Small Embedded Systems

Introducing etoken. What is etoken?

Developing secure Java Card applications

An evaluation of the Java Card environment

Characteristics of Java (Optional) Y. Daniel Liang Supplement for Introduction to Java Programming

1. Overview of the Java Language

MultiApp ID V2.1. Java Card System. Common Criteria / ISO Security Target Public version EAL5+ MultiApp ID V2.1 JCS Security Target

Hardware/Software Co-Design of a Java Virtual Machine

Description of the Technical Component:

Measurement and Analysis Introduction of ISO7816 (Smart Card)

Smart Card. Smart Card applications

INTRODUCTION TO JAVA PROGRAMMING LANGUAGE

Code Generation for High-Assurance Java Card Applets

MUSCLE Cryptographic Card Edge Definition for Java 1 Enabled Smartcards

Java Card Applet Firewall Exploration and Exploitation

New Methodologies in Smart Card Security Design. Y.GRESSUS Methodology and Secure ASIC development manager, Bull CP8

Jonathan Worthington Scarborough Linux User Group

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

SIM cards for cellular networks

Evaluating Elliptic Curve Cryptography for Use on Java Card

SOSSE. Matthias Brüstle Simple Operating System for Smartcard Education. Kommunikationsnetz Franken e.v.

CardOS API V3.2. Standard cryptographic interface for using applications with CardOS smart cards

Page 1. Smart Card Applications. Lecture 7: Prof. Sead Muftic Matei Ciobanu Morogan. Lecture 7 : Lecture 7 : Smart Card Applications

Java Card Protection Profile Open Configuration

Secure Network Communications FIPS Non Proprietary Security Policy

Classification of Smart Card Operating Systems

The Java Virtual Machine and Mobile Devices. John Buford, Ph.D. Oct 2003 Presented to Gordon College CS 311

Java in Education. Choosing appropriate tool for creating multimedia is the first step in multimedia design

3GPP TSG SA WG3 Security S3#30 S October 2003 Povoa de Varzim, Portugal. Abstract

Andrew Calafato. Technical Report RHUL MA May 2013

General Introduction

Multi-core Programming System Overview

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Section 1.4. Java s Magic: Bytecode, Java Virtual Machine, JIT,

SMARTCARD SECURITY. Java Card Security. Marc Witteman. Introduction

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

Java Smart Cards as a Platform for Electronic Commerce

Secure web transactions system

NXP J3A081, J2A081 and J3A041 Secure Smart Card Controller Rev. 3

Application Programming Interface

Developing a new Protection Profile for (U)SIM UICC platforms. ICCC 2008, Korea, Jiju Septembre 2008 JP.Wary/M.Eznack/C.Loiseaux/R.

FLY SECURITY TARGET LITE NFC FLY BUY

SECURITY TARGET-LITE NFC FLYBUY PLATINUM. FQR : Issue: 2 Date : 02/6/2012 1//194

eid Security Frank Cornelis Architect eid fedict All rights reserved

Java and Real Time Storage Applications

2 Introduction to Java. Introduction to Programming 1 1

Crash Course in Java

Mobile Operating Systems. Week I

Replication on Virtual Machines

Java Card Application Programming Interface

1 The Java Virtual Machine

HYBRID JINI FOR LIMITED DEVICES

Lesson-3 CASE STUDY OF AN EMBEDDED SYSTEM FOR SMART CARD

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

Side-Channel Monitoring of Contactless Java Cards

SkyRecon Cryptographic Module (SCM)

Whitepaper on identity solutions for mobile devices

Performance Evaluation of Java Card Bytecodes

Using BroadSAFE TM Technology 07/18/05

Security Technical. Overview. BlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4

System Structures. Services Interface Structure

Gemalto Mifare 1K Datasheet

BlackBerry Enterprise Server 5.0 SP3 and BlackBerry 7.1

Cloud Computing. Up until now

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

GlobalPlatform. Card Specification. Version 2.2

How To Understand The Architecture Of An Ulteo Virtual Desktop Server Farm

Topics. Introduction. Java History CS 146. Introduction to Programming and Algorithms Module 1. Module Objectives

Information and Communications Technology Courses at a Glance

Developing Embedded Software in Java Part 1: Technology and Architecture

JavaPOS TM FAQ. What is an FAQ? What is JavaPOS?

Towards the Hardware Accelerated Defensive Virtual Machine - Type and Bound Protection

Lecture 9: Application of Cryptography

FIPS Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0

RE-TRUST Design Alternatives on JVM

02 B The Java Virtual Machine

Chapter 3 Operating-System Structures

M-Shield mobile security technology

JAVA 2 Network Security

Usable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014

JavaPOS TM FAQ. What is an FAQ? What is JavaPOS?

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Nokia 9210i/9290 Communicators and PersonalJava TM Application Development

Transcription:

Java Card TM Open Platform for Smart Cards Wolfgang Effing Giesecke & Devrient GmbH C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 1

What happened in the past? Every company created its own proprietary standard E.g. a GSM smart card was not able to run a banking application In the PC world it's the same with WinNT, Linux or Macintosh Platform Specific Applications 1 2 3 Operating System Microprocessor Chip Card Platform But the internet era taught us The customer wants to use the same applications independent of any platforms C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 2

What are the ideas for the future? Creating an operating system, which allows the "Write once - Run anywhere" principle The internet with its JAVA programming language showed us the right way Java Applications (Applets) 1 2 3 Java Interpreter Operating System Java Virtual Machine Microprocessor A powerful smart card, which is able to run a GSM, banking or ID application The user selects his requested application and starts C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 3

Java Card Basics (1) What is Java Card? A programmable smart card A multi-application smart card An interoperable smart card A smart card for secure application loading A programmable smart card Easy to program using the power of JAVA Object-Oriented Standard Language A lot of programmers Very compact code C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 4

Java Card Basics (2) A multi-application smart card Several applications can be loaded onto the same card Firewall between applications Sharing between applications ISO-7816/4 compliant application selection An interoperable smart card Interoperable at the source code level Applications written for one card can run on any card Write once - Run anywhere Interoperable at the load file level Since Java Card Runtime Environment JCRE 2.1 Converted Applet CAP file can be loaded onto any card Interoperable at the loader level Since Open Platform 2.0 The loading APDUs and sequences are defined C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 5

Java Card Basics (3) A smart card for secure application loading High security features of Java Card Allows application loading after issuance VM concept No direct hardware access References instead of pointers Bytecode verification Firewall Secured execution contexts C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 6

The Java Card Architecture - Overview C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 7

The Java Card Architecture - Hardware Chip features (Infineon SLE66CX320P) 64 kbyte ROM 32 kbyte E²PROM 28 kbyte available for the customer 2 kbyte RAM 255 Byte COD/COR per package Crypto-Coprocessor UART DES/3DES in Hardware Advanced Crypto Engine (ACE) for RSA calculations Support of transport protocols C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 8

The Java Card Architecture - Native Functions Native Functions Access to the chip hardware Communication protocols (T=0/T=1) Memory Access (E²PROM writing) Special Card Functions Atomic Transaction Facility Transient Storage Crytographic services Symmetric Cryptography (DES, 3DES) Public Key Cryptography (RSA 1024 Bit key, DSA) Hashing (SHA-1) Padding (ISO 9797, PKCS#1, PKCS#5) Signing Encipher, Decipher Firewall control C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 9

The Java Card Architecture - JCVM (1) The Java Card Virtual Machine (JCVM) is responsible for Byte Code Interpretation Exception Handling Firewall Checks Object Consistency Checks The JCVM does not support Long, double and float variables Multithreading Garbage collection Reloadable classes Currently no 32 bit integer C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 10

The Java Card Architecture - JCVM (2) The JCVM is split into two parts.class files Converter.cap file Interpreter off-card on-card The Converter (off-card VM) Class loading, resolution and linking Verification Bytecode optimization and conversion to CAP file The Interpreter (on-card VM) Bytecode execution Java Card firewall enforcement C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 11

The Java Card Architecture - JCRE Java Card Runtime Environment (JCRE) Card Reset Handling Applet Selection and APDU Dispatching Firewall Control and Context Switching Access to Application Identifiers (AIDs) Access to Shareable Interface Objects (SIOs) C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 12

The Java Card Architecture - API (1) Java Card API 2.1 java.lang Language Elements javacard.framework Core Applet Functionallity javacard.security Random, Keys, Message Digests, Signatures javacardx.crypto Cipher Services C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 13

The Java Card Architecture - API (2) java.lang Object Throwable Exceptions javacard.framework Applet (base class for all Applets) AID APDU (high level IO) System (Transactions, Transient Data, JCRE requests) PIN Util (arraycopy(nonatomic), secure arraycompare) Exceptions, Shareable Interface, ISO7816 Interface C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 14

The Java Card Architecture - API (3) javacard.security Key Interfaces Key Builder Message Digest Signature Random Data javacardx.crypto Symmetric Cryptography DES, 3DES Public Key Cryptography RSA, DSA C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 15

The Java Card Architecture - Card Management Card Manager Applet, API and Loader Card Content Management Card Life Cycle Management Keyset Management Secure Messaging Applet Signature Verification Applet Installation and Registration Applet Life Cycle Management C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 16

Programming a Java Card - Overview Java TM Source Java Compiler Code (Symantec Visual C@fe, Borland J-Builder, Microsoft J++,...) Java Class File G&D Professional (Off-Card VM Converter-Module) Card Application Package (CAP) Java Card (On-Card VM) Functional Test Test with card characteristics The Java source code will be converted into the class files with standard tools Input of the G&D Java Card VM are class files, containing byte code Some work of the JVM is done outside the card A new simplified and smaller card class file (CAP-Format) is generated The CAP-file with the applet is loaded onto the card The applet will be interpreted on the smart card C:\Presentations - JavaCard_OpenPlatform.ppt - ef - 29.04.04 - page 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information