Problems of smart card application development
Problems of smart card application development
The development of smart card applications has always been a long and time-consuming process. The cards have the same size and appearance, they use a standardized communication protocol. Despite this, smart cards of different manufacturers have different internal “stuffing”. Most of the development tools are issued by smart card manufacturers. They usually include general assembly language programming tools and specialized hardware emulators that can be purchased from chip vendors. Third-party organizations are practically deprived of the opportunity to independently develop applications and sell them to consumers. Therefore, the development of programs for smart cards is usually carried out only by a narrow circle of highly qualified specialists who have deep knowledge in the field of hardware and software used in certain types of cards.
Due to the lack of available standardized high-level software interfaces for smart cards, application developers had to use low-level communication protocols, independently implement the dispatcher-
memory cherization, as well as delve into other details of specific hardware implementations. Most of the smart card applications used today have been developed from scratch on individual orders. This is a very long and time-consuming process. Usually, the product development cycle before entering the market takes from a year to two. Upgrading software or porting applications to other platforms is extremely difficult or generally impossible.
Moreover, the software was developed for specialized platforms, so applications from different service providers cannot exist and be shared on the same card. Incompatibility and a limited set of available functionality have become the main factors that restrain the further spread of smart card applications.
Java Card ™ technology is designed to overcome the obstacles that prevent the wider distribution of smart cards. This technology allows you to perform applications written in the Java programming language on smart cards and other devices with a limited amount of memory. Such applications are called applets. In essence, Java Card technology is a universal secure mobile platform for smart cards. This platform allows you to use the most important functionality of the Java language.
Advantages of Java Card Technology
By applying Java Card technology, developers of smart card applications can get significant benefits.
Simplification of the application development process – the Java language allows you to use standard technologies for programming smart cards. Development-
chicks now do not need to delve into the intricacies of programming microcontrollers and learn assembly languages for processors 6805 and 8051. There are many standard integrated Java development environments on sale from companies such as Borland, IBM, Microsoft, Sun and Symantec. Moreover, Java Card technology includes an open platform that defines standard programming interfaces and execution environment. This platform allows you to overcome the difficulties associated with the details of the implementation of the hardware and software of a smart card at a low level. Only high-level programming interfaces are used in the development of applications. Programmers can focus on improving the main algorithm of the application. Extensions and libraries created by other developers are also available to them.
Security In relation to smart cards, security is always a primary concern. Java’s built-in security features do a good job of this. For example, access rights to all methods and variables are clearly regulated. It is impossible to change the values of pointers in order to gain unauthorized access to “foreign” areas of the page. In addition, the Java Card platform provides a protective mechanism, or firewall, which ensures the execution of each applet in a separate context. All these security features allow you to protect the system from malicious program attempts to damage other parts of the system.
Hardware independence Java Card technology allows you to differentiate from the hardware implementation used. It is compatible with all processors that smart cards are equipped with (8-bit, 16-bit and 32-bit). There is a “layer” between the applets and the smart card hardware – the Java Card platform, so they are independent of the physical implementation. Ready-to-use applets can be loaded into any smart card based on Java technology without recompilation.
The ability to store and execute many applications a smart card with Java technology support can store many applets provided by various service providers. These can be applications for conducting electronic payments, authentication, accumulation of discounts, as well as programs for working with medical information. The Java Card application security system does not allow one applet to access others without special permission. The capabilities of each smart card are not limited to any one application. Multiple applets can be loaded into one card. The functionality of the Java smart card can be constantly increased by downloading new or updated applets. You don’t need an additional card for this.
Compatibility with existing smart card standards – Java Card technology complies with the ISO 7816 international smart card standard. Therefore, it supports all systems and applications that are generally compatible with ISO 7816. Java Card applets can work not only with all Java smart cards, but also with all existing reader devices.
A Brief history of Java Card Technology
Java Card programming interfaces were first published in November 1996 by a group of specialists from the Schlumberger production center, which is located in Austin (Texas). The developers had the following goals: creating technologies for mass production of applications for smart cards and ensuring information security. They soon realized that the best solution was to use the Java programming language. Schlumberger offered the first project of Java Card software interfaces and was the first to receive a license to develop for smart cards. A few months later, Bull and Gemplus joined Schlumberger. The partners established the Java Card Forum, an industry consortium whose tasks included identifying and resolving problems related to Java Card technology, as well as accelerating the adoption of this technology by the smart card industry.
The Java Card 1.0 specification contained only descriptions of software interfaces and was not yet an extensible platform suitable for direct use. Convinced of the broad support of the industry, Sun Microsystems Corporation has committed itself to developing Java Card technology, a Java platform for smart cards and other devices with limited memory. The first step in this direction was the acquisition of Integrity Arts, which separated from Gemplus. Integrity Arts specialized in designing virtual machines and operating systems for smart cards.
In November 1997, Sun Microsystems Corporation published the Java Card 2.0 specification. It was based on the developments of Integrity Arts. Industry representatives and members of the Java Card Forum took part in the development. Among them were smart card manufacturers, issuers and various associations from the smart card industry. The programming interfaces of Java Card 2.0 differed significantly from the initial version 1.0. They allowed the creation of object-oriented applets. In addition, the Java Card 2.0 specification described the application execution environment in more detail. However, there was no description of the format of the downloaded applets in this specification.
In March 1999, the Java Card Specification version 2.1 was published. It consisted of three parts: Java Card 2.1 software interface specifications, Java Card 2.1 runtime environment specifications and Java Card 2.1 Virtual Machine specifications. In version 2.1, the software interfaces were updated, but continuity with version 2.0 was preserved. The environment standardization also continued applet executions. The biggest achievement of the Java Card 2.1 specification was the precise definition of the architecture of the Java Card virtual machine and the format of the downloaded applets. Applet interoperability has become a reality.
In the three years since the advent of Java Card technology, it has become widespread and has been approved by the smart card industry. Licenses for the right to use Java Card technology have been obtained by all leading smart card manufacturers and many key industry players. In total, more than 30 licenses were obtained. The list of holders of licenses for the right to use Java Card technology and their partners can be found on the Web page http://java.sun.com/products/javacard/#partners .