1. Amol Kamble1

2. Presentation Agenda Identify Java Card Technology Identify Elements of Java Cardapplications Communicating with a Java Card Applet Java Card Language Limitations2 3. IntroductionThe first Java Card was introduced in 1996 bySchlumberges card division which later mergedwith Gemplus to form GemaltoJava Card refers to a technology thatallows Java-based applications to be runsecurely on smart cards.Java Card gives the user, the ability toprogram the device and make themapplication specific.3 4. Smart Cards A smart card is a plasticcard that contains anembedded integratedcircuit (IC) Examples: Our very Own T-Card! Credit Cards Cell Phone SIM Cards4 5. Java Cards are Smart! How?? They store and process Information Smart Cards can be used to addauthentication and secure access toinformation systems that require a highlevel of security5 6. Properties Highly secure Tampering with one, results in destructionof the information it contains Does not contain a battery. Becomes activewhen connected with a card reader Comes in two forms: Contact Contact less6 7. Contact Java cards workby communicating viaphysical contactbetween a card readerand the smart card.Contact-Less smartcards communicate bymeans of a radiofrequency signal, with atypical range of lessthan 2 feet.7Contact & Contact-Less 8. Features of Java Card SUPPORTED NOT SUPPORTED Small primitive data types:boolean, byte, short. One dimensional arrays. Object oriented features:inheritance, virtual methods,dynamic object creation,overloading, scope. Large primitive datatypes: long, double, float. Characters, strings. Multidimensional arrays. Dynamic class loading. Garbage collection. Threads. Object Cloning8 9. Elements of Java CardApplication A complete Java Card applicationconsists of : A back-end application A host (off-card) application An interface device (card reader ) The on-card applet User credentials9 10. 10 11. The Back-End Application andSystemsProvides connectivity to security systemsExample: In an electronic payment system, the back-endapplication could provide access to credit card andother payment information11 12. Card Readers side Consists of two parts: Host Application Card Acceptance Device ExampleThink of an ATM machine Host Application, being the Computer, providesinteraction with the system. Card Acceptance Device, where you insert a debit card.12 13. The Card-SideElements: One or more JavaApplets Cards operating System Java Card RuntimeEnvironment (JCRE) Java Card Virtual Machine Java Card Framework andAPIs13 14. Developing a Java Card Applet Write the Java source Compile your source Convert the class files into a ConvertedApplet (CAP) file (binary representation ofclasses and interfaces) Verify that the CAP is valid (structure,valid bytecode subset, inter-packagedependencies) Install the CAP file14 15. Communicating with aJava Card Applet Two methods for communicating with JavaCard Applet:1. Fundamental message-passing model2. Java Card Remote Method Invocation (JCRMI) whichis a subset of J2SE RMI!15 16. 16 17. The Message-Passing Model All Java Card applets extend the Applet baseclass and must implement the install() and process()methods JCRE calls install() when installing the applet, andprocess() every time there is an incoming APDU for theapplet APDU: A logical data packet that's exchangedbetween the CAD and the Java Card Framework (ItIs considered as the center piece for the Message-PassingModel)17 18. Processing APDUs Every time there is an incoming APDU for aselected applet: The JCRE invokes the applet's process() method The incoming APDU is passed as an argument The applet must: parse the command APDU process the data generate a response APDU and return control to the JCRE18 19. The Command APDUCLA - Class of InstructionINS - Instruction CodeP1,P2 - ParametersLc - Length of the fieldLe - Maximum Response Length19 20. The Response APDUSW1 : Status word1SW2: Status word220 21. The Java Card RMI (JCRMI) The second communication model relies on asubset of the J2SE RMI distributed-object model a server application creates and makes accessible remoteobjects a client application obtains remote references to remoteobjects, and then invokes remote methods on them.21 22. BenefitsHardware Independence: Java Card isindependent of the type of hardware used and itcan be run on any Smart card processor (8 bits or16 bits or 32 bits ) Ability to store and manage many applications Applets developed with Java Card technology willrun on any Java Card technology-enabled smartcard, independently of the card vendor andunderlying hardware.22 23. ApplicationsSubscriber Identity Module (SIM) cards, used in cellphones on most wireless networksGovernment and health-care identity cardsFinancial cards supporting both online and offlinetransactionsSmart tickets for mass trans23 24. 24 25. 25