Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Java Card
Post: #1

Java Card refers to a technology that allows small Java-based applications (applets) to be run securely on smart cards and similar small memory footprint devices. Java Card is the tiniest of Java targeted for embedded devices. Java Card gives the user ability to program the device and make them application specific. It is widely used in SIM cards (used in GSM mobile phones) and ATM cards. The first Java Card was introduced in 1996 by Schlumberger's card division which later merged with Gemplus to form Gemalto. Java Card products are based on the Java Card Platform specifications developed by Sun Microsystems.


Java Card technology was originally developed for the purpose of securing sensitive information stored on smart cards. Security is determined by various aspects of this technology:

* Data encapsulation. Data is stored within the application, and Java Card applications are executed in an isolated environment (the Java Card VM), separate from the underlying operating system and hardware.
* Applet Firewall. Unlike other Java VMs, a Java Card VM usually manages several applications, each one controlling sensitive data. Different applications are therefore separated from each other by an applet firewall which restricts and checks access of data elements of one applet to another.
* Cryptography. Commonly used encryption algorithms like DES, Triple DES, AES, RSA (including elliptic curve cryptography) are supported. Other cryptographic services like signing, key generation and key exchange are also supported.
* Applet.The applet is a state machine which processes only incoming command requests and responds by sending data or response status words back to the interface device.

Specific features

The Java Card runtime and virtual machine also support features that are specific to the Java Card platform:

* Persistence. With Java Card, objects are by default stored in persistent memory (RAM is very scarce on smart cards, and it is only used for temporary or security-sensitive objects). The runtime environment as well as the bytecode have therefore been adapted to manage persistent objects.
* Atomicity. As smart cards are externally powered and rely on persistent memory, persistent updates must be atomic. The individual write operations performed by individual bytecode instructions and API methods are therefore guaranteed atomic, and the Java Card Runtime includes a limited transaction mechanism.
* Applet isolation. The Java Card firewall is a mechanism that isolates the different applets present on a card from each other. It also includes a sharing mechanism that allows an applet to explicitly make an object available to other applets.
Post: #2
please read for getting technical report and presentation of JAVA CAR
Post: #3
Java Card is a smart card that is capable of running programs written in Java. For this a new Java platform, Sun's JavaSoft division has made available the Java Card 2.0 API specification, and several licensees are now implementing this API on smart cards. In order to program Java Cards that are 2.0-compliant, developers need to understand what a Java Card is architecturally, what its core classes are, and how to develop applications for the card.
A JavaCard is a typical smart card: itconforms to all smart card standards and thus requires no change to existing smart card-aware applications. However, JavaCardhas a twist that makes it unique: a Java Virtual Machine is implemented in its read-only memory (ROM) mask. The JVM controls the access to all smart card resources, such as memory and I/O, and thus essentially serves as the smart card’s operating system. The JVM executes a Java bytecode subset on the smart card, ultimately providing the functions accessible from outside, such as signature, log-in, and loyalty applications.
The advantages of this are obvious:Instead of programming the card’s code in hardware-specific assembler code, new applications can be developed in portable Java. Moreover, applications can be securely loaded to the card post-issuance—after it’s been issued to the customer.
A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with embedded integrated circuits. There are two broad categories of ICCs. Memory cards contain only non-volatile memory storage components, and perhaps dedicated security logic. Microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile butadiene styrene or polycarbonate . Smart cards may also provide strong security authentication for single sign-on within large organizations. 
Computer security

The Mozilla Firefoxweb browser can use smart cards to store certificates for use in secure web browsing. Some disk encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7BitLocker, can use smart cards to securely hold encryption keys, and also to add another layer of encryption to critical parts of the secured disk. Smart cards are also used for single sign-on to log on to computers.Smart cards support functionality has been added to Windows Live Passports.
Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for pay television, household utility pre-payment cards, high-security identification and access-control cards, and public transport and public phone payment cards.Smart cards may also be used as electronic wallets. The smart card chip can be "loaded" with funds to pay parking meters and vending machines or at various merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting machine.
Health care (medical)
Smart health cards can improve the security and privacy of patient information, provide a secure carrier for portable medical records, reduce health care fraud, support new processes for portable medical records, provide secure access to emergency medical information, enable compliance with government initiatives and mandates, and provide the platform to implement other applications as needed by the health care organization.
A quickly growing application is in digital identification. In this application, the cards authenticate identity. The most common example employs PKI. The card stores an encrypted digital certificate issued from the PKI provider along with other relevant information. Examples include the U.S. Department of Defense (DoD) Common Access Card (CAC), and various identification cards used by many governments for their citizens. Combined with biometrics, cards can provide two- or three-factor authentication. Smart cards are not always privacy-enhancing, because the subject carries possibly incriminating information on the card. Contactless smart cards that can be read from within a wallet or even a garment simplify authentication.
Smart cards are widely used to protect digital television streams. VideoGuard is a specific example of how smart card security worked (and was cracked).The Malaysian government uses smart identity cards carried by all citizens and resident non-citizens. The personal information inside the MYKAD card can be read using special APDU commands. Since April 2009, Toppan Printing Company has manufactured reusable smart cards for money transfer and made from paper instead of plastic.
The plastic card in which the chip is embedded is fairly flexible, and the larger the chip, the higher the probability that normal use could damage it. Cards are often carried in wallets or pockets—a harsh environment for a chip. However, for large banking systems, failure-management costs can be more than offset by fraud reduction. Using a smart card for mass transit presents a privacy risk, because it allows the mass transit operator (and the government) to track an individual's movement. Client-side identification and authentication cards are the most secure way for e.g., internet banking applications, but security is never 100% sure. If the account holder's computer hosts malware, the security model may be broken. Malware can override the communication (both input via keyboard and output via application screen) between the user and the application. The malware (e.g. the trojanSilentbanker) could modify a transaction, unnoticed by the user. Banks like Fortis and Dexia in Belgium combine a smart card with an unconnected card reader to avoid this problem. The customer enters a challenge received from the bank's website, a PIN and the transaction amount into the reader, The reader returns an 8-digit signature. This signature is manually entered into the personal computer and verified by the bank, preventing malware from changing the transaction amount.
Another problem is the lack of standards for functionality and security. To address this problem, The Berlin Group launched the ERIDANE Project to propose "a new functional and security framework for smart-card based Point of Interaction (POI) equipment".
Because of the JavaCard’s closedpackage concept, the converter can also apply more sophisticated optimizations. These include, for example, inlining methods—typically constructors or simple accessor methods that might then be left out of the resulting CAP file. As another example, a class hierarchy analysis offers the opportunity to replace virtual method invocations by direct invocations and to compact method tables. This results in an overall performance improvement and an overall code size reduction. However, these optimizations can change the Java semantics and might make it impossible for an external
Application to verify the CAP file without having access to the original Java class files. As external CAP-file verifiers are announced, such optimization options will have to be considered carefully.

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: wwwaddar card, rasan card mp, java card, java card biginteger, report card in java, up rasun card kednr, armani wallets,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  E-COMPILER FOR JAVA WITH SECURITY EDITOR smart paper boy 7 4,013 27-07-2013 01:06 PM
Last Post: computer topic
  E-COMPILER FOR JAVA WITH SECURITY EDITOR seminar class 9 5,471 24-06-2013 11:44 AM
Last Post: Guest
  Java Cryptography Architecture (JCA) seminar projects crazy 1 1,760 17-12-2012 01:51 PM
Last Post: seminar details
Lightbulb Java Cryptography Architecture (JCA) computer science crazy 1 1,795 17-12-2012 01:51 PM
Last Post: seminar details
  Java Programs IO STREAMS computer girl 0 354 08-06-2012 12:17 PM
Last Post: computer girl
  Distributed Data Mining in Credit Card Fraud Detection seminar class 2 2,008 09-02-2012 11:21 AM
Last Post: seminar addict
  if u can help me in java RMI ahmed abed 2 1,144 04-02-2012 11:37 AM
Last Post: seminar addict
  JAVA RMI Technology seminar surveyer 3 2,415 26-01-2012 10:31 AM
Last Post: seminar addict
  JAVA RING A SEMINAR REPORT Computer Science Clay 6 5,463 07-01-2012 12:19 PM
Last Post: project uploader
  Bluetooth & Java smart paper boy 2 972 24-08-2011 09:33 AM
Last Post: seminar addict