Java Card Technology Seminar Report 2006 Admission

INTRODUCTION

Java Card technology adapts the Java platform for use on smart cards and other devices whose environments are highly specialized, and whose memory and processing constraints are typically more severe than those of J2ME devices. Java Card technology is evolving. Accompanying both the technical evolution of smart card chips and the needs of application developers, new features have been introduced recently, such as remote method invocation (RMI), automated de-allocation of unreachable objects, and the possibility of having several communication channels open between the card and the card reader. In addition, version 2.2 of the Java Card specifications ([JCVM22][JCRE22][JCAPI22]) also introduces some of the previously mentioned card management features, such as applet deletion. Smart cards are very useful in the areas of personal security. They can be used to add authentication and secure access to information systems that require a high level of security. Information stored in smart cards is portable. With Java Card technology you can carry around valuable and sensitive personal information such as your medical history, credit card numbers, or electronic cash balances in a medium that is compact, yet very secure.

WHAT IS A SMART CARD ?

Identical to the size of a credit card, a smart card stores and processes information through the electronic circuits embedded in silicon in the plastic substrate of its body. There are two basic kinds of smart cards: An intelligent smart card contains a microprocessor and offers read, write, and calculating capability, like a small microcomputer. A memory card, on the other hand, does not have a microprocessor and is meant only for information storage. A memory card uses security logic to control the access of memory.

All smart cards contain three types of memory: persistent non-mutable memory; persistent mutable memory; and non-persistent mutable memory. ROM, EEPROM, and RAM are the most widely-used memory for the three respective types in the current smart cards. Persistent memory is also called non-volatile memory. We will use the terms persistent and non-volatile interchangeably in this article.

ISO 7816 part 1-7, defined by International Standard Organization, contains a set of standards that covers various aspects of smart cards. ISO 7816 consists of:

  • Physical characteristics (part 1)
  • Dimensions and location of the contacts (part 2)
  • Electronic signals and Transmission protocols (part 3)
  • Inter-industry commands for interchange (part 4)
  • Application identifiers (Part 5)
  • Inter-industry data elements (Part 6)
  • Inter-industry commands for SCQL (Part 7)

The following diagram illustrates the physical characteristics of a smart card, which are defined in ISO 7816, part 1.

For more on ISO 7816 and smart cards, see "Smart cards: A primer."

Normally, a smart card does not contain a power supply, a display, or a keyboard. It interacts with the outside world using the serial communication interface via its eight contact points. The dimensions and location of the contacts are covered in part 2 of ISO 7816. This diagram shows the contacts on a smart card.

A smart card is inserted into a Card Acceptance Device (CAD), which may connect to another computer. Other terms used for the Card Acceptance Device are terminal, reader, and IFD (interface device). They all provide the same basic functions, namely to supply the card with power and to establish a data-carrying connection.

When two computers communicate with each other, they exchange data packages, which are constructed following a set of protocols. Similarly, smart cards speak to the outside world using their own data packages -- called APDU (Application Protocol Data Units). APDU contains either a command or a response message. In the card world, the master-slave model is used whereby a smart card always plays the passive role. In other words, a smart card always waits for a command APDU from a terminal. It then executes the action specified in the APDU and replies to the terminal with a response APDU. Command APDUs and response APDUs are exchanged alternatively between a card and a terminal.

The smart cards that were introduced in the 1980s had a single chip in every card, with very limited resources (especially RAM). The dominant smart card technology today runs on 4 to 8 Kb of RAM and 32 to 64 Kb of EEPROM, using slow 8-bit processors, and uses a very limited subset of Java that provides

  • Partial support of basic types (8/16-bit values, no float, no String)
  • Small subset of Java ME APIs
  • Specific, pre-processed binary file formats
  • Single threading (no garbage collection)

Figure 1: The smart chip in a card

Java Card 3 extends the Java Card 2 support for classic applets into improved connected features targeting less resource-constrained devices and including new network-oriented features.

JAVA CARD SPECIFICATIONS

A Java Card is a smart card that is capable of running Java programs. The Java Card 2.0 specification was published at It contains detailed information for building the Java Card virtual machine and application programming interface (API) in smart cards. The minimum system requirement is 16 kilobytes of read-only memory (ROM), 8 kilobytes of EEPROM, and 256 bytes of random access memory (RAM).

The system architecture on the Java Card is illustrated in the following figure.

As shown in the figure, the Java Card VM is built on top of a specific integrated circuit (IC) and native operating system implementation. The JVM layer hides the manufacturer's proprietary technology with a common language and system interface. The Java Card framework defines a set of Application Programming Interface (API) classes for developing Java Card applications and for providing system services to those applications. A specific industry or business can supply add-on libraries to provide a service or to refine the security and system model. Java Card applications are called applets. Multiple applets can reside on one card. Each applet is identified uniquely by its AID (application identifier), as defined in ISO 7816, part 5.

An important point to keep in mind is what smart cards are not: They are not personal computers. They have limited memory resources and computing power. Users should not think of Java Card 2.0 as simply a stripped-down version of the JDK.

The lifetime of a Java Card

The Java Card lifetime starts when the native OS, Java Card VM, API classes libraries and optionally, applets are burned into ROM. This process of writing the permanent components into the non-mutable memory of a chip for carrying out incoming commands is called masking.

Before it lands in your wallet, a Java Card needs to go through initialization and personalization. Initialization refers to loading general data into a card's non-volatile memory. This data is identical across a large number of cards and is not specific to an individual; an example might be the issuer or manufacture's name.

The next step, personalization, involves assigning a card to a person. It can occur through physical personalization or through electronic personalization. Physical personalization refers to embossing or laser engraving your name and card number on the plastic surface of a card. Electronic personalization refers to loading personal data into a card's non-volatile memory, for example, your personal key, name, and pin number.

Initialization and Personalization vary from vendor to vendor and issuer to issuer. In both, EEPROM (a type of non-volatile memory) is often used for storing data.

At this point, the Java Card is ready for use. You can get a Java Card from an issuer or buy it from a retailer. Cards sold by a retailer are general-purpose, in which case personalization is often omitted.

Now you can insert your Java Card into a reader and send APDU commands to the applets residing on the card or download more applets or data onto the card.

A Java Card remains active until it is expired or blocked due to an unrecoverable error.

JAVA CARD VIRTUAL MACHINE

The Java Card Virtual Machine (JCVM) specification defines a

subset of the Java programming language and a Java-compatible VM for smart cards, including binary data representations and file formats, and the JCVM instruction set. The VM for the Java Card platform is implemented in two parts, with one part external to the card and the other running on the card itself. The on-card Java Card VM interprets byte code, manages classes and objects, and so on. The external Java VM part is a development tool, typically referred to as the Java Card Converter tool, that loads, verifies, and further prepares the Java classes in a card applet for on-card execution. The output of the converter tool is a Converted Applet (CAP) file, a file that contains all the classes in a Java package in a loadable, executable binary representation. The converter verifies that the classes conform to the Java Card specification. The JCVM supports only a restricted subset of the Java programming language, yet it preserves many of the familiar features including objects, inheritance, packages, dynamic object creation, virtual methods, interfaces, and exceptions.

Lifetime of a Java Card virtual machine

Unlike the Java virtual machine (JVM) in a PC or workstation, the Java Card virtual machine runs forever.

Most of the information stored on the card must be preserved even when the power is removed -- that is, when the card is removed from the reader. The Java Card VM creates objects in EEPROM to hold the persistent information. The execution lifetime of the Java Card VM is the lifetime of the card. When the power is not provided, the VM runs in an infinite clock cycle.

The lifetime of Java Card applets and objects

An applet's life starts when it is properly installed and registered with the system's registry table and ends when it is removed from the table. The space of a removed applet may or may not be reused, however, depending on whether garbage collection is implemented on the card. An applet on a card is in an inactive stage until it is explicitly selected by the terminal.

Objects are created in the persistent memory (for example, EEPROM). They could be lost or garbage-collected if other persistent objects do not reference them. However, it's a thousand times slower to write to EEPROM than to RAM.

Some objects are accessed frequently, and the contents of their fields need not be persistent. The Java Card supports transient (temporary) objects in RAM. Once an object has been declared as transient, its contents can not be moved back to the persistent memory.

Java Card 2.0 language subset

Java Card programs are, of course, written in Java. They are compiled using common Java compilers. Due to limited memory resources and computing power, not all the language features defined in the Java Language Specification are supported on the Java Card. Specifically, the Java Card does not support:

  • Dynamic class loading
  • Security manager
  • Threads and synchronization
  • Object cloning
  • Finalization
  • Large primitive data types (float, double, long, and char)

It's no surprise that keywords that support those features are also omitted from the language. VM implementers may decide to support 32-bit integer type or native methods for post-issuance applets if they are working on a more advanced smart card with more memory. Post-issuance applets are those applets that are installed on a Java Card after the card is issued to a card holder.

The Java Card 2.0 framework

Smart cards have been in the market for 20 years, and most of them are generally compatible with ISO 7816 Parts 1-7 and/or EMV. We've already looked at ISO 7816. What's EMV? The EMV standard, defined by Europe, MasterCard, and Visa, is based on the ISO 7816 series of standards with additional proprietary features to meet the specific needs of the financial industry. The Java Card Framework is designed to easily support smart card systems and applications. It hides the details of the smart card infrastructure and provides Java Card application developers with a relatively easy and straightforward programming interface.

Java Card security

Java applets are subject to Java security restrictions, however, the security model of Java Card systems differs from standard Java in many ways.

The Security Manager class is not supported on Java Card. Language security policies are implemented by the virtual machine.

Java applets create objects that store and manipulate data. An object is owned by the applet that creates it. Even though an applet may have the reference to an object, it cannot invoke the object's methods, unless it owns the object or the object is explicitly shared. An applet can share any of its objects with a particular applet or with all applets.

An applet is an independent entity within a Java Card. Its selection, execution, and functionality are not affected by other applets residing on the same card.

How things work together inside a Java Card???

Inside a Java Card, JCRE (Java Card Runtime Environment) refers to the Java Card virtual machine and the classes in the Java Card Framework. Each applet within a Java Card is associated with unique AID assigned by JCRE.

After an applet is correctly loaded into the card's persistent memory and linked with the Java Card Framework and other libraries on the card, JCRE calls the applet's install method as the last step in the applet installation process. A public static method, install, must be implemented by an applet class to create an instance of the applet and register it with JCRE. Because memory is limited, it's good programming practice, at this point, to create and initialize the objects the applet will need during its lifetime.

An applet on the card remains inactive until it is explicitly selected. The terminal sends a "SELECT APDU" command to JCRE. JCRE suspends the currently selected applet and invokes the applet's deselect method to perform any necessary cleanup. JCRE then marks the applet whose AID is specified in the "SELECT APDU" command as the currently selected applet and calls the newly selected applet's select method. The select method prepares the applet to accept APDU commands. JCRE dispatches the subsequent APDU commands to the currently selected applet until it receives the next "SELECT APDU" command.

INDUSTRIES

Almost any type of smart card can benefit from Java Card technology:

  • Subscriber Identity Module (SIM) cards, used in cell phones on most wireless networks
  • Financial cards supporting both online and offline transactions
  • Government and health-care identity cards
  • Cards that provide logical access and physical access to enterprise resources
  • Smart tickets for mass transit

On the majority of cellular telephone networks, a subscriber uses a smart card commonly called a SIM card to activate the telephone. The card authenticates the user and provides encryption keys for digital voice transmission. When fitted with Java Card technology, SIM cards can also provide transactional services such as remote banking and ticketing. Hundreds of millions of SIM cards based on Java Card technology are already powering innovative services in cell phones.

In the banking industry, smart cards give users secure access to a wide array of networked financial services including cash machines, bill paying, and bridge tolls. Java Card technology enables a single smart card to host multiple financial applications, and to deliver third-party services such as mileage programs or secure online trading.

Other applications are available in a wide variety, wherever security and authenticated identity are important, such as in controlling access to secure facilities and to medical records.

Java Card technology will enhance consumer access to new, e-commerce services through a range of connected appliances. Cellular phones and pay-TV equipment are examples of markets where the majority of products now available already include smart card readers.

JAVA CARD TECHNOLOGY DATASHEET

Java Card technology enables smart cards and other devices with limited memory to securely run small applications, called applets, that utilize Java technology. It provides smart card manufacturers with a secure and interoperable execution platform, capable of storing and updating multiple applications on a single device. Java Card technology is compatible with existing smart card standards.
With Java Card technology, new smart card - based applications and services can be rapidly and securely built, tested, and deployed. This reduces development costs, adds product differentiation, and enhances value-add for customers.
A complementary technology to the Java 2 Platform , Java Card technology makes it easy to integrate security tokens into a complete Java software solution.
Industries Embracing the Java Card Platform
Almost any type of smart card can be fitted with Java Card technology, including:
  • SIM cards used in cell phones on most wireless networks
  • Financial cards providing both online and offline transactions
  • Government / Healthcare ID cards
  • Logical access and physical access to enterprise resources
  • Smart ticketing for mass transit
On the majority of cellular telephone networks, smart cards (commonly called SIM cards) are required to activate the telephone. The card authenticates the user and provides encryption keys for digital voice transmission. When fitted with Java Card technology, SIM cards can also provide transactional services such as remote banking and ticketing. Hundreds of millions of Java Card technology-based SIM cards are already powering next-generation services in cell phones.
In the banking industry, smart cards give users secure access to a wide array of networked financial services including cash machines, bill paying, and bridge tolls. Java Card-based smart cards can host multiple financial applications in a single card , while delivering third-party services such as mileage programs or secure, on-line trading.
A wide variety of other applications are available wherever security and authenticated identity are important, such as providing access to facilities and medical records.
Java Card technology will enhance consumer access to new, e-commerce services through a range of connected appliances. Cellular phones and pay-TV equipment are examples of markets where the majority of products now available include built-in smart cards readers.
BENEFITS OF JAVA CARD TECHNOLOGY
There are several unique benefits of the Java Card technology for smart card vendors and issuers:
  1. Interoperable - Applets developed with Java Card technology will run on any Java Card technology-based smart card, independently of the card vendor and underlying hardware.
  2. Secure - Java Card technology relies on the inherent security of the Java programming language to provide a secure execution environment. It was designed through an open process, and the platform's proven industry deployments and security evaluations ensure that card issuers benefit from the most capable and secure technology available today.
  3. Multi-Application Capable - Java Card technology enables multiple applications to co-exist securely on a single smart card.
  4. Dynamic - New applications can be installed securely after a card has been issued, providing card issuers with the ability to dynamically respond to their customer's changing needs.
  5. Open - Java Card application developers benefit from object-oriented programming and design, and have access to off-the-shelf Java development tools.
  6. Compatible with Existing Standards - The Java Card API is compatible with international standards for smart cards such as ISO7816, or EMV. It is referenced by major industry-specific standards such as Global Platform and ETSI.

COMPONENTS OF JAVA CARD TECHNOLOGY