JAVA CARD TECHNOLOGY

PRESENTED BY:UJJWAL KUMAR

IT 4th year

1

Contents Identify Java Card Technology. Java Card Architecture. Identify Elements of Java Card

Applications. Communicating with a Java Card

Applet. Java Card Language Limitations .

2

Introduction

What is a Java Card?

Simple Answer:

Adoption of Java Platform for usage on Smart Cards.

3

Contd….Dialect of Java for programming smartcards.Subset of Java (due to hardware constraints) No threads, doubles, strings, garbage

collection, and very restricted API.With some extras (due to hardware

peculiarities) Communication via APDUs or RMI. Persistent & transient data in EEPROM

&RAM. Transaction mechanism.

4

Smart Card ?A smart card is a

plastic card that contains an embedded integrated circuit (IC).

Examples: Our very Own UID-CardUID-Card! Credit Cards Cell Phone SIM Cards …

5

Smart Cards are good! How?

They store and process Information.

Smart Cards Can be used to add authentication and secure access to information systems that require a high level of security.

6

Properties of Smart Cards

Highly secure-Tempering with one, results in destruction of the information it contains.

Don’t contain battery- Become active when connected with a card reader.

Come in two forms Contact or Contact less.

7

Contact or Contact Less?Contact smart cards

work by communicating via physical contact between a card reader and the smart card.

Contact less smart cards communicate by means of a radio frequency signal, with a typical range of less than 2 feet.

8

Java Card Architecture

Java Card platform

smartcard hardwareap

plet

appl

et

appl

et

Java CardVirtual Machine

Java Card API(mini OS)

9

Elements of Java Card Application:

A complete Java Card application consists of :

A back-end application A host (off-card) application An interface device (card reader ) The on-card applet User credentials And supporting software

10

Elements of Java Card Application:

11

Back-End Application and Systems

Provide connectivity to security systems

Example: In an electronic payment system, the

back-end application could provide access to credit card and other payment information

12

The Reader-SideThe Reader-Side Consists of two parts:

Host Application Card Acceptance Device

Think of a bank machine: Host Application as the Computer that

provides interaction with the system Card Acceptance Device being where you

put your debit card in.

13

The Card-Side Elements:

One or more Java Applets

Card’s operating System

Java Card Runtime Environment(JCRE)• Java Card Virtual

Machine• Java Card Framework

and APIs

14

Communicating with a Java Card Applet

Two methods for communicating with Java Card Applet:

1. Fundamental message-passing model , communication via APDUs, as defined in ISO7816

2. Java Card Remote Method Invocation (JCRMI) which is a subset of J2SE RMI

15

ISO 7816• Standard describing the protocol for

communication between smartcard and terminal .

• Messages are called APDUs (Application Protocol Data Units), which are sequences of bytes in a certain format

• Terminal sends command APDU to card, card sends a response APDU back .

16

Message passing model All Java Card applets extend the Applet base class

and must implement the install() and process() methods.

JCRE calls install() when installing the applet, and process() every time there is an incoming APDU for the applet .

APDU: a logical data packet that's exchanged between the CAD and the Java Card Framework (It is considered as the center piece for the Message-Passing Model) .

17

Command APDU

18

CLA Class byteINS Instruction byteP1,P2 ParametersLc Length of data block Data Lc bytes of dataLe Length of expected response

Response APDU

19

Data : Le bytes of data (optional)SW1, SW2 : Status word (obligatory)

20

APDU coding conventionsSome conventions for CLA, INS etc.

given in ISO 7816-4 & Values for SW1, SW2(set by ISO).

Processing APDUs Every time there is an incoming APDU for a

selected applet: The JCRE invokes the applet's process()

method The incoming APDU is passed as an

argument The applet must:

• parse the command APDU• process the data• generate a response APDU• and return control to the JCRE

21

2222

appl

etap

plet

Java Card I/O with APDUs

Java Card platformap

plet

appl

et

terminalsmartcard hardware

command APDU,incl. applet ID

OS selects applet and invokes itsprocess method

Applet sendsresponse APDU

appletexecutes

Java Card API packages Java.lang

Object, Exception, ...

Javacard.frameworkISO7816, APDU, Applet, JCSystem

Javacard.securityKeyBuilder, RSAPrivateKey, CryptoException

Javacardx.cryptoCipher

23

Java Card RMI (JCRMI) The second communication model relies on a

subset of the J2SE RMI distributed-object model

a server application creates and makes accessible remote objects

a client application obtains remote references to remote objects, and then invokes remote methods on them.

In JCRMI, the Java Card applet is the server, and the host application the client

24

Summary of Java Card Language Limitations

25

Smart Card HardwareROM

Program code of VM, API, and pre-installed applets.

EEPROM Persistent storage of the data, incl.

objects with their fields, and program code of downloaded applets .

RAM Transient storage of data, eg stack.

26

THANKYOU…

27