SlideShare a Scribd company logo

Technical Overview of Java Card

Anshuman Sinha
Anshuman Sinha
TechnologyEducation
1 of 32
Technical Overview of Java for Smartcards Anshuman Sinha
Presentation ,[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Why Java for Smartcards? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Java Platforms Anshuman Sinha <anshuman.sinha2@gmail.com> Java Platform Size Machine Size
Java Card Tool Chain Anshuman Sinha <anshuman.sinha2@gmail.com> .Java Files .class Files .jca Files .exp Files Converter Java Smartcard Loader ,[object Object],[object Object],[object Object],Compiler . exp Files .cap Files
Java Card Block Diagram Anshuman Sinha <anshuman.sinha2@gmail.com> Card Operating System Java Card VM Java Card Runtime Environment (JCRE) Java Card API APDU Response Card Manager Smartcard Controller + Cryptography Co-processor Applet 3 Applet 2 Applet 1 Currently Selected Applet Vertical API(s)
Hardware Anshuman Sinha <anshuman.sinha2@gmail.com> R / F Interface Memory Chip Controller Antenna Coil Clk I/O Reset Vcc GND Clk I/O Reset Vcc GND Clk Mod Demod EEPROM Security & Address Logic EEPROM ROM CPU NPU Smartcard Contacts ROM RAM
Java Card Operating System Anshuman Sinha <anshuman.sinha2@gmail.com> Process Loop Terminal Command ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],EEPROM/Flash Memory Write Log ,[object Object],[object Object],ISO Commands ISO File System Anti-Tearing Tear Begin Transaction EF 1 EF 2 DF1 DF2 MF
Java Card Runtime Environment Anshuman Sinha <anshuman.sinha2@gmail.com> ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Applet Data and Code Applet Firewall Java Bytecode Storage Java Object Store Applet 3 Applet 2 Applet 1 Currently Selected Applet
Applet Firewalling ,[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Smartcard Protocols Anshuman Sinha <anshuman.sinha2@gmail.com> 7816 – 4 Inter-Industry commands for interchanges 7816 - 1 Physical Characteristics 7816 - 2 Dimension and locations of the contacts 14443 - 1 Physical Characteristics 7816 - 3 Electronic Signals and Transmission Protocol 14443 - 2 RF power and Signal I/F 14443 - 3 Initialization and anticollision 14443 - 4 Transmission protocol 7816 - 3 T=1/T=0 Transmission protocol Contact stack Contactless stack
Java Card 2.2.2 API ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com> Core Packages
Java Subsetting ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Fully Supported Features ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Partially supported features ,[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Token-based Linking ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Java Execution Engine Anshuman Sinha <anshuman.sinha2@gmail.com> Runtime Applet Context Applet (package) JCRE Context Operands Frame 16 bit Word 1. 2. Bytecode Handlers Native Table Function Locals Execute 3. Increment Fetch Update Java Heap
Security Exception ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com> ,[object Object],[object Object]
Exceptions ,[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Exceptions ,[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Presentation ,[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Global Platform ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Card Manager Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> OP_Ready Initialised Secured CM_Locked Terminated Card manager acts as default selected application Initialisation key controls access At least one key set loaded Post-issuance mode (at least MACing required) All applications locked Only Card Manager is available End of card life cycle (card is mute) APDU Set Status API lockCardManager API terminateCardManager
Applet Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> Installed Selectable Personalized Blocked Locked Application is installed (instantiated) but not available yet Application is available (activated) Application has been personalized Application is blocked, but behaviour is application-dependent Application is locked (not available) Only Card Manager can unlock APDU Set Status API setCardContentState Deleted APDU Install APDU Delete
Applet Loading Anshuman Sinha <anshuman.sinha2@gmail.com> Security Domain B Card Manager Security Domain A Applet Applet Application Provider B Card Issuer OPEN NETWORK Application Provider A HOST CARD Application Provider A Application Provider B Java Card Applet Applet chunks Secure Channel
Presentation ,[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Java Card Applets [1/2] ,[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com> Called by JCRE before selection of another applet . Called by JCRE on behalf of client applet to get all methods which are shared … Called by JCRE on behalf of client applet to get all methods which are shared …
Java Card Applets [2/2] ,[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com> Called by JCRE to process application specific commands Called by JCRE to process application specific commands Called by JCRE when this applet is selected Called by JCRE to return any data back to terminal while the applet is being selected
Presentation ,[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
Client Software ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>
PCSC/JPCSC Design Anshuman Sinha <anshuman.sinha2@gmail.com> ICC Aware Application Service Providers ICC Resource Manager IFD IFD IFD RS232 PS/2 IFD Handler ICC ICC ICC IFD Handler IFD Handler
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Anshuman Sinha <anshuman.sinha2@gmail.com>

Recommended

Understanding Telecom SIM and USIM/ISIM for LTE
Understanding Telecom SIM and USIM/ISIM for LTEUnderstanding Telecom SIM and USIM/ISIM for LTE
Understanding Telecom SIM and USIM/ISIM for LTEntel
 
Java card
Java cardJava card
Java cardRavi Jakashania
 
Programmable SIM cards, SoftSIMs and eSIMs
Programmable SIM cards, SoftSIMs and eSIMsProgrammable SIM cards, SoftSIMs and eSIMs
Programmable SIM cards, SoftSIMs and eSIMsGerry O'Prey
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Cisco CCNA ITN (Introduction to Networks) - Certification
Cisco CCNA ITN (Introduction to Networks) - CertificationCisco CCNA ITN (Introduction to Networks) - Certification
Cisco CCNA ITN (Introduction to Networks) - CertificationMohamed Haathim Sharfraz
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Android security
Android securityAndroid security
Android securityMobile Rtpl
 

Recommended

Understanding Telecom SIM and USIM/ISIM for LTE
Understanding Telecom SIM and USIM/ISIM for LTEUnderstanding Telecom SIM and USIM/ISIM for LTE
Understanding Telecom SIM and USIM/ISIM for LTEntel
 
Java card
Java cardJava card
Java cardRavi Jakashania
 
Programmable SIM cards, SoftSIMs and eSIMs
Programmable SIM cards, SoftSIMs and eSIMsProgrammable SIM cards, SoftSIMs and eSIMs
Programmable SIM cards, SoftSIMs and eSIMsGerry O'Prey
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Cisco CCNA ITN (Introduction to Networks) - Certification
Cisco CCNA ITN (Introduction to Networks) - CertificationCisco CCNA ITN (Introduction to Networks) - Certification
Cisco CCNA ITN (Introduction to Networks) - CertificationMohamed Haathim Sharfraz
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Android security
Android securityAndroid security
Android securityMobile Rtpl
 
USAT : USIM Application Toolkit
USAT : USIM Application ToolkitUSAT : USIM Application Toolkit
USAT : USIM Application ToolkitByeongweon Moon
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPSSantosh Khadsare
 
eSIM Deep Dive
eSIM Deep DiveeSIM Deep Dive
eSIM Deep DiveHossein Yavari
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
Symbian mobile operating system seminar report
Symbian mobile operating system seminar reportSymbian mobile operating system seminar report
Symbian mobile operating system seminar reportDevesh Singh
 
Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Julien SIMON
 
Android security
Android securityAndroid security
Android securityMidhun P Gopi
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Featureslukky753
 
Android Security
Android SecurityAndroid Security
Android SecurityLars Jacobs
 
SIM Card Overview
SIM Card OverviewSIM Card Overview
SIM Card OverviewCarlos Enrique Ortiz
 
Mobile security
Mobile securityMobile security
Mobile securityCyberoamAcademy
 
MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)Agile Testing Alliance
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 VulnerabilitiesPositiveTechnologies
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALASaikiran Panjala
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityMarketingArrowECS_CZ
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 

More Related Content

What's hot

USAT : USIM Application Toolkit
USAT : USIM Application ToolkitUSAT : USIM Application Toolkit
USAT : USIM Application ToolkitByeongweon Moon
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
Symbian mobile operating system seminar report
Symbian mobile operating system seminar reportSymbian mobile operating system seminar report
Symbian mobile operating system seminar reportDevesh Singh
 
Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Julien SIMON
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Featureslukky753
 
Android Security
Android SecurityAndroid Security
Android SecurityLars Jacobs
 
MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)Agile Testing Alliance
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALASaikiran Panjala
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 

What's hot (20)

USAT : USIM Application Toolkit
USAT : USIM Application ToolkitUSAT : USIM Application Toolkit
USAT : USIM Application Toolkit
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 
eSIM Deep Dive
eSIM Deep DiveeSIM Deep Dive
eSIM Deep Dive
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
Symbian mobile operating system seminar report
Symbian mobile operating system seminar reportSymbian mobile operating system seminar report
Symbian mobile operating system seminar report
 
Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)Java Card 2.x FAQ (2001)
Java Card 2.x FAQ (2001)
 
Android security
Android securityAndroid security
Android security
 
Palo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New FeaturesPalo Alto Networks PAN-OS 4.0 New Features
Palo Alto Networks PAN-OS 4.0 New Features
 
Android Security
Android SecurityAndroid Security
Android Security
 
SIM Card Overview
SIM Card OverviewSIM Card Overview
SIM Card Overview
 
Mobile security
Mobile securityMobile security
Mobile security
 
MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)MobSF: Mobile Security Testing (Android/IoS)
MobSF: Mobile Security Testing (Android/IoS)
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 Vulnerabilities
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Mobile security
Mobile securityMobile security
Mobile security
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 

Viewers also liked

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Java card technology
Java card technologyJava card technology
Java card technologyAmol Kamble
 
Step-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformStep-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformEric Vétillard
 
Rapid Fat Loss Program part2
Rapid Fat Loss Program part2Rapid Fat Loss Program part2
Rapid Fat Loss Program part2Sonya
 
Secure Element Solutions
Secure Element SolutionsSecure Element Solutions
Secure Element SolutionsUgo Chirico
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314Eric Vétillard
 
AES for Java Card 2.2.x
AES for Java Card 2.2.xAES for Java Card 2.2.x
AES for Java Card 2.2.xAnshuman Sinha
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web ApplicationsOlivier Potonniée
 
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...Nexgen Technology
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsPvrtechnologies Nellore
 
e-Sim Sharing (extract)
e-Sim Sharing (extract)e-Sim Sharing (extract)
e-Sim Sharing (extract)BearingPoint
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsjpstudcorner
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsNexgen Technology
 

Viewers also liked (20)

jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!
 
Java card technology
Java card technologyJava card technology
Java card technology
 
Java card technology
Java card technologyJava card technology
Java card technology
 
Step-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformStep-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected Platform
 
Javacard
Javacard Javacard
Javacard
 
Seminar
SeminarSeminar
Seminar
 
Rapid Fat Loss Program part2
Rapid Fat Loss Program part2Rapid Fat Loss Program part2
Rapid Fat Loss Program part2
 
Secure Element Solutions
Secure Element SolutionsSecure Element Solutions
Secure Element Solutions
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314
 
FIPS 201 / PIV
FIPS 201 / PIVFIPS 201 / PIV
FIPS 201 / PIV
 
AES for Java Card 2.2.x
AES for Java Card 2.2.xAES for Java Card 2.2.x
AES for Java Card 2.2.x
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web Applications
 
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...
DISCOVERY OF RANKING FRAUD FOR MOBILE APPS - IEEE PROJECTS IN PONDICHERRY,BUL...
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile apps
 
e-Sim Sharing (extract)
e-Sim Sharing (extract)e-Sim Sharing (extract)
e-Sim Sharing (extract)
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutions
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile apps
 
Discovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile appsDiscovery of ranking fraud for mobile apps
Discovery of ranking fraud for mobile apps
 
Dif fft
Dif fftDif fft
Dif fft
 

Similar to Technical Overview of Java Card

Java Card Security
Java Card SecurityJava Card Security
Java Card SecurityRiscure
 
PlaySIM Project Java One 2009
PlaySIM Project Java One 2009PlaySIM Project Java One 2009
PlaySIM Project Java One 2009Sebastian Hans
 
Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Aleksandr Yampolskiy
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future KingKapil Sachdeva
 
iOS Client Side Analysis
iOS Client Side AnalysisiOS Client Side Analysis
iOS Client Side AnalysisAadarsh N
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitiesYiannis Hatzopoulos
 
Applet Architecture - Introducing Java Applets
Applet Architecture - Introducing Java AppletsApplet Architecture - Introducing Java Applets
Applet Architecture - Introducing Java Appletsamitksaha
 
Java/Servlet/JSP/JDBC
Java/Servlet/JSP/JDBCJava/Servlet/JSP/JDBC
Java/Servlet/JSP/JDBCFAKHRUN NISHA
 
When Web Services Go Bad
When Web Services Go BadWhen Web Services Go Bad
When Web Services Go BadSteve Loughran
 

Similar to Technical Overview of Java Card (20)

Java Card Security
Java Card SecurityJava Card Security
Java Card Security
 
PlaySIM Project Java One 2009
PlaySIM Project Java One 2009PlaySIM Project Java One 2009
PlaySIM Project Java One 2009
 
Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?Much ado about randomness. What is really a random number?
Much ado about randomness. What is really a random number?
 
Java-Unit-I.ppt
Java-Unit-I.pptJava-Unit-I.ppt
Java-Unit-I.ppt
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 
Javacardtech
JavacardtechJavacardtech
Javacardtech
 
Security's Once and Future King
Security's Once and Future KingSecurity's Once and Future King
Security's Once and Future King
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Core java day1
Core java day1Core java day1
Core java day1
 
iOS Client Side Analysis
iOS Client Side AnalysisiOS Client Side Analysis
iOS Client Side Analysis
 
Android dev
Android devAndroid dev
Android dev
 
Introduction java programming
Introduction java programmingIntroduction java programming
Introduction java programming
 
Java
Java Java
Java
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
1.introduction to java
1.introduction to java1.introduction to java
1.introduction to java
 
eSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalitieseSmartlock - an antipiracy dongle with integrated DRM functionalities
eSmartlock - an antipiracy dongle with integrated DRM functionalities
 
Erlang OTP
Erlang OTPErlang OTP
Erlang OTP
 
Applet Architecture - Introducing Java Applets
Applet Architecture - Introducing Java AppletsApplet Architecture - Introducing Java Applets
Applet Architecture - Introducing Java Applets
 
Java/Servlet/JSP/JDBC
Java/Servlet/JSP/JDBCJava/Servlet/JSP/JDBC
Java/Servlet/JSP/JDBC
 
When Web Services Go Bad
When Web Services Go BadWhen Web Services Go Bad
When Web Services Go Bad
 

Recently uploaded

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Recently uploaded (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

Technical Overview of Java Card

  • 1. Technical Overview of Java for Smartcards Anshuman Sinha
  • 2.
  • 3.
  • 4. Java Platforms Anshuman Sinha <anshuman.sinha2@gmail.com> Java Platform Size Machine Size
  • 5.
  • 6. Java Card Block Diagram Anshuman Sinha <anshuman.sinha2@gmail.com> Card Operating System Java Card VM Java Card Runtime Environment (JCRE) Java Card API APDU Response Card Manager Smartcard Controller + Cryptography Co-processor Applet 3 Applet 2 Applet 1 Currently Selected Applet Vertical API(s)
  • 7. Hardware Anshuman Sinha <anshuman.sinha2@gmail.com> R / F Interface Memory Chip Controller Antenna Coil Clk I/O Reset Vcc GND Clk I/O Reset Vcc GND Clk Mod Demod EEPROM Security & Address Logic EEPROM ROM CPU NPU Smartcard Contacts ROM RAM
  • 8.
  • 9.
  • 10.
  • 11. Smartcard Protocols Anshuman Sinha <anshuman.sinha2@gmail.com> 7816 – 4 Inter-Industry commands for interchanges 7816 - 1 Physical Characteristics 7816 - 2 Dimension and locations of the contacts 14443 - 1 Physical Characteristics 7816 - 3 Electronic Signals and Transmission Protocol 14443 - 2 RF power and Signal I/F 14443 - 3 Initialization and anticollision 14443 - 4 Transmission protocol 7816 - 3 T=1/T=0 Transmission protocol Contact stack Contactless stack
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17. Java Execution Engine Anshuman Sinha <anshuman.sinha2@gmail.com> Runtime Applet Context Applet (package) JCRE Context Operands Frame 16 bit Word 1. 2. Bytecode Handlers Native Table Function Locals Execute 3. Increment Fetch Update Java Heap
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. Card Manager Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> OP_Ready Initialised Secured CM_Locked Terminated Card manager acts as default selected application Initialisation key controls access At least one key set loaded Post-issuance mode (at least MACing required) All applications locked Only Card Manager is available End of card life cycle (card is mute) APDU Set Status API lockCardManager API terminateCardManager
  • 24. Applet Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> Installed Selectable Personalized Blocked Locked Application is installed (instantiated) but not available yet Application is available (activated) Application has been personalized Application is blocked, but behaviour is application-dependent Application is locked (not available) Only Card Manager can unlock APDU Set Status API setCardContentState Deleted APDU Install APDU Delete
  • 25. Applet Loading Anshuman Sinha <anshuman.sinha2@gmail.com> Security Domain B Card Manager Security Domain A Applet Applet Application Provider B Card Issuer OPEN NETWORK Application Provider A HOST CARD Application Provider A Application Provider B Java Card Applet Applet chunks Secure Channel
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31. PCSC/JPCSC Design Anshuman Sinha <anshuman.sinha2@gmail.com> ICC Aware Application Service Providers ICC Resource Manager IFD IFD IFD RS232 PS/2 IFD Handler ICC ICC ICC IFD Handler IFD Handler
  • 32.