DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
JAVA CARD
Presented by:
G Bharath Kumar Reddy
Regd.no: 08691F0004
Date : 20th April,2011 1
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
CONTENTS
Introduction
History
What is Java Card
Features of Java Card
Architecture
Working
Applications
Security
Challenges
Conclusion
References G.Bharath Kumar
Date : 20th April,2011 2 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
INTRODUCTION
Java Card refers to a technology that allows java-based applications(applets)to be
run securely on smart cards and similar small memory footprint devices.
Java Card gives the user ability to program the device and make them application
specific
The Java Card is an extremely secure Java-powered electronic token
Java Card could have a number of real-world applications.
G.Bharath Kumar
Date : 20th April,2011 3 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
HISTORY
1996 Introduction of Java Card technology
1997 Java Card 2.0 Technology Foundations
1999 Java Card 2.1 Interoperable File Format
2000 Java Card 2.1.1 Additional Crypto APIs
2002 Java Card 2.2 Next gen crypto ,memory
management
2003 Java Card 2.2.1 Enhancements for USIM
2004 Java Card Entry level Fixed Function cards
2006 Java Card 2.2.2 Contactless
2008 Java Card 3.0 “Classic ” and “Connected”
G.Bharath Kumar
Date : 20th April,2011 4 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
WHAT IS JAVA CARD?
A programmable smart card
A multi-application smart card
An interoperable smart card
A smart card for secure application loading
G.Bharath Kumar
Date : 20th April,2011 5 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
A programmable smart card
easy to program using the power of JAVA
standard language
object oriented
compact code
A multi-application smart card
several applications can be loaded onto the same card
firewall between applications
sharing between applications
An interoperable smart card
Interoperable at source code level is applications written for
one card can run on any card i.e Write once- Run anywhere(Platform
Independent).
G.Bharath Kumar
Date : 20th April,2011 6 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
Interoperable at load file level is since Java Card Runtime
Environment JCRE2.1 converted applet CAP file can be
loaded on to any card.
Interoperable at loader level
since open platform2.0 the loading APDUs and sequences
are defined.
A smart card for secure application loading
High security features of Java Card i.e allows application
loading after issuance.
VM concept i.e no direct hardware access and references
instead of pointers.
ByteCode verification
Firewall i.e secured execution contexts.
G.Bharath Kumar
Date : 20th April,2011 7 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES ARCHITECTURE
G.Bharath Kumar
Date : 20th April,2011 8 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
JCRE (JAVA CARD RUN TIME ENVIRONMENT)
SCIENCES
Card Reset Handling
Applet Selection and
APDU Dispatching
Firewall Control and
Context Switching
Access to Application
Identifiers (AIDs)
G.Bharath Kumar
Date : 20th April,2011 9 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
JAVA CARD ARCHITECTURE -
HARDWARE
CHIP FEATURES
64 KB ROM
32 KB EEPROM
28 KB available for the customer
2 KB RAM
slow and simple microprocessor(8-bit)
UART
support of transport protocols
G.Bharath Kumar
Date : 20th April,2011 10 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
JAVA CARD VIRTUAL MACHINE (JCVM)
The
java card virtual machine (JCVM) is responsible for
byte code interpretation
exception handling
firewall checks
object consistency checks
The
JCVM does not support
long, double and float variables
multithreading
garbage collection
reloadable classes
Currently no 32 bit integer
G.Bharath Kumar
Date : 20th April,2011 11 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
JAVA CARD VIRTUAL MACHINE(CONTD..)
SCIENCES
JCVM splits into two parts
The converter (off-card VM)
class loading, resolution and linking
verification
bytecode optimization and conversion to CAP file
The interpreter (on-card VM)
bytecode execution
java card firewall enforcement
G.Bharath Kumar
Date : 20th April,2011 12 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
WORKING
SCIENCES
G.Bharath Kumar
Date : 20th April,2011 13 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
MESSAGE PASSING MODEL
G.Bharath Kumar
Date : 20th April,2011 14 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
APDU STRUCTURE
CLA, INS define the command
P1, P2 – parameters
Lc – data field length
Le – maximum response length
SW1, SW2 – response status
G.Bharath Kumar
Date : 20th April,2011 15 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
APPLICATION
SCIENCES AREAS
Financial
• Smart Credit / Debit Mobile Communication
• Infotainment
• E-Purses
• Business Support
• Loyalty Programs
• Network Optimizers
G.Bharath Kumar
Date : 20th April,2011 16 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SECURITY
SCIENCES
Byte Code Verifier
verify java byte code before execution
Class loader system
load local class and network class separately
Data Encapsulation
data is stored within the application and Java Card applications are executed in an isolated environment(the Java Card
VM),separate from underlying operating system and hardware
Applet Firewall
unlike other java VMs ,a Java Card VM usually manages several applications,each one controlling sensitive
data.Different applications therefore separated from each other by an Applet Firewall which restricts and checks access
of data elements of one applet to another.
Applet
The Applet is a state machine which processes only incoming command requests and responds by sending data or
response status words back to the interface device
G.Bharath Kumar
Date : 20th April,2011 17 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
CHALLENGES
Java cards have very restricted resources
1.Limited Memory
2.Limited Computing Power
Java Card doesn’t support some of java features
1.Large primitive data types :long,double,float
2.char,string
3.Multidimensional array
4.Dynamic class loading
5.Garbage collection
6.Multithreading
7.Object Cloning
G.Bharath Kumar
Date : 20th April,2011 18 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
CONCLUSION
The java card adds a new platform to the world of
java
Java card is a significant step forward
Realistic threats exist also for java card
Off-card verification is more risky than it seems
Java card issuers to counter act the threats
Java card security is attainable
G.Bharath Kumar
Date : 20th April,2011 19 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
REFERENCES
[1] Java Card platform overview
By Sebastian Hans,
Senior Staff Engineer,
Sun Microsystems Inc.
http://developers.sun.com/techtopics/mobility/javacard/articles/javacard1
[2] Java Card™ 2.2 Application Programming Interface
http://www.sun.com
[3] “Understanding Java Card 2.0”
http://www.wireless.java.sun.com/javacard/
[4] Java Card Technology
http://www.java.sun.com/products/javacard/
[5] Java Cards
http://www.javaworld.com/
G.Bharath Kumar
Date : 20th April,2011 20 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
Thank U
G.Bharath Kumar
Date : 20th April,2011 21 Regd.no: 08691F0004
DEPARTMENT OF MASTER OF COMPUTER
APPLICATIONS
MADANAPALLE INSTITUTE OF TECHNOLOGY &
SCIENCES
Queries ?
G.Bharath Kumar
Date : 20th April,2011 22 Regd.no: 08691F0004