JavaCard technology makes it possible to develop software for a smart card using a high level language: Java. This technology is platform independent, it can handle multiple applications (each running securely within its own sandbox) on one smart card, post-issuance applications can be added to it and it is compatible with international standards like ISO-7816.
Unfortunately, this strong adherence to ISO-7816 has resulted in a smartcard platform that internally is fully object oriented, but that for communication with the outside world relies on a very arcane and primitive protocol. This has seriously hampered the development of large distributed systems involving smart cards that require the object orientedness of the card to be externally visible and usable.
The JASON project aims to bring full object oriented programming to the smart card world, with special emphasis on keeping high security standards. In the JASON paradigm, an object stored on a JavaCard is viewed as a remote object, accessible through a remote method invocation mechanism. At a higher level of abstraction, a smart card application is seen as a large collection of interconnected objects. Some of these objects are stored in back offices, others in terminals or PC's and many more stored securely on millions of smart cards.
This network is highly dynamic: smart cards are usually offline, and only connect to the network when they are inserted into a terminal (or when they connect to a terminal over a wireless interface in the case of contactless cards). Much more importantly, this network needs to be highly secure. Access to certain objects should be restricted, and the confidentiality and authenticity of the communication between the objects has to be guaranteed.
In the JASON platform we are developing, smart cards are viewed as secure containers for objects, whose methods can be called straightforwardly and securely using JASON's Secure Method Invocation (SMI) system. This SMI system extends standard Remote Method Invocation (RMI) with access control, also securing the data in transit between caller and callee. Using an extension of Java interfaces, programmers can specify access conditions and invocation protection requirements for methods implemented by smart card objects. The SMI tools generate the necessary stubs and skeletons, and the JASON middleware layer ensures the security requirements will be met.
For more information see the source code and documentation of a beta-version of the JASON secure method invocation platform or read the CARDIS paper describing the JASON SMI concept in greater detail.
|Last Version - $Revision: 135 $ / $Date: 2008-02-04 10:15:39 +0100 (Mon, 04 Feb 2008) $ Maintained by Jaap-Henk Hoepman Email:|