While looking for something else, I found a nice paper [JHPC05]written last year by a few guys from Integrity Arts (the start-up from Gemplus that was bought by Sun to form its original Java Card team).
The paper includes a history of the ideas that led to Java Card, and it also places them in the big picture. Although it is undeniable that Eduard and Patrice in particular, were important in the creation of Java Card, they claim the paternity of many things. In particular, they tend to forget the role of the Java Card Forum, which has basically controlled all specification work since May 1997, and has been a major collaborative effort. Nevertheless, the paper is a good read to understand where Java Card comes from.
In this paper the authors reject the idea of a card being ‘active’ due to several security reasons. Now looking at the JC3 overview (http://www.javacardforum.org/03_documents/00_documents/JC3%20overview.pdf) I see that it is planned that a card can also be ‘active': “Card can also initiate communications”. Could you comment on the security implications of an active card?
The paper is nice, but you still need to read it carefully. The authors have a tendency to forget the other people, and the paper talks about principles that are 10 years old.
About the security implications of an active card, I will write a separate post; this is too long for a comment.