I am currently sitting in the “Marketing to the Customer” track, in which talks are focused on customer-centric solutions. So far, the main discussion topic has been mobile advertising, with presentations from Celltick, Abaxia, Netsize, and Oberthur on the topic. Gemalto also given a talk about personal data management. Most of the presentations were of […]
Variants of the split VM
Anki Nelaturu recently blogged about Java Card 3’s split VM. His post is accurate, and provides interesting information for most people. However, for some old Java Carders, split VM has another meaning. It refers to the fact that, in Java Card 2, class files are trnasformed into CAP files, and bytecode verification usually happens during […]
JC101-10C: Adding a password and state management
In the last tutorial entry, we have seen in theory how it is possible to add a password and to manage an application’s state. In the present entry, we will actually add support for a password in the application. This support will be provided using the OwnerPIN class, which goes beyond simple PIN codes, and […]
JC101-9C: Authentication and lifecycle
We now have reached the point where we have a fully functional password manager, which is able to store login information. However, this application is not complete, since it does not include any protection of these sensitive assets. Anybody who is able to select the application and who knows the application’s protocol will be able […]
Security-by-Contractâ„¢
I have just attended the final review of the S3MS project, a research and development project partially funded by the European Commission in which my company was involved. The central concept of the S3MS project is Security-by-Contractâ„¢. The idea is here that application developers provide with their application a security contract, which is a set […]
Security gets personal
With the release of Java Card 3.0, it seems that we have finally reached the end of the road to Bandol (Sun’s internal codename for that release), and we are starting to go down another road, which has not yet been named. As this blog’s title becomes obsolete, I thought that I would seize this […]
JC101-8C: Processing APDU’s (2/2)
In the previous tutorial entry, we have looked at APDU processing, with an initial focus on processing a first command with incoming data. We will here look at the next commands, focusing on the ones that return data.
A new Java Card blog
I think that Java Card was one of the last official Java technologies not to have a blog at blogs.sun.com. Well, I can’t say this any more, as this Java Card blog has now been created. And of course, this blog contains serious news. The second article is already announcing a contest for Java Card […]
JC101-7C: Processing APDU’s (1/2)
In the last post, we have defined a specification for an APDU-based application. It is now time to implement this application, i.e., to start processing a few APDU’s. We’ll do that in the style that characterizes this tutorial, which is a mix of simple code with a few basic optimizations.
The day has come …
The Java Card 3.0 specification has been released, and is available here. The launch celebrations will continue throughout Spring, with some presentations and a special event at SIMposium in Berlin, and more happenings at JavaOne in San Francisco. Now, we’re talking business. I will try to write a few posts about the spec in the […]