Advertisement

Multi-Application Smart Card Platforms and Operating Systems

  • Konstantinos Markantonakis
  • Raja Naeem Akram
Chapter

Abstract

Although smart card technology has been available for many decades, it is only in the last few years that smart cards have become widely considered as one of the most common secure computing devices. They are encountered in a number of applications (e.g. secure wireless access in mobile networks, banking , identification) satisfying a diverse range of uses. One of the fundamental factors contributing towards the success of smart card technology is tamper resistance. As the underlying smart card processing power increases at a constant pace, more and more functionality becomes available. It was soon realised that in order to grasp the full benefits of the underlying hardware, parallel advances in the corresponding smart card operating systems would be necessary. This chapter provides an overview of the most widely utilised smart card operating systems or platforms that enable multiple applications to be securely managed and reside in the same smart card.

Keywords

Java card MULTOS GlobalPlatform Smart Card Operating System (SCOS) Multi-application Smart Cards WfSC .NET BasicCard 

Notes

Acknowledgements

The author wishes to thank the sponsors of the Information Security Group Smart Card Centre for their continued support. Also Sheila Cobourne and Danushka Jayasinghe.

References

  1. 1.
    T.M. Jurgensen and S.B. Guthery Smart Cards: The Developer’s Toolkit. 2002.Google Scholar
  2. 2.
    K. Markantonakis and K. Mayes. An overview of the GlobalPlatform smart card specification. Information Security Technical Report: Smartcard Security, 8(1):17–29, 2003. Elsevier Science Ltd (ISSN:1363-4127).Google Scholar
  3. 3.
    ISO/IEC. ISO/IEC 7816-4 Identification cards - Integrated circuit cards - Part 4: Organisation, security and commands for interchange. International Organization for Standardization, More Information Available via http://www.iso.org, 2edition, Cited August 2016.
  4. 4.
    W. Rankl and W. Effing. Smart Card Handbook. John Wiley & Sons, Ltd, 3rd edition, 2003. ISBN: 0470856688.Google Scholar
  5. 5.
    Andrew S. Tanenbaum. Modern Operating Systems. Prentice Hall, Upper Saddle River, N.J, 2001.Google Scholar
  6. 6.
    K. Markantonakis. Multiapplication Smart Card Platforms, [PowerPoint slides], 2016. Available via https://rhul.elearning.london.ac.uk/course/view.php?id=210.
  7. 7.
    K. Markantonakis. Is the performance of the cryptographic functions the real bottleneck? In M. Dupuy and P. Paradinas, editors, Trusted Information: The New Decade Challenge, IFIP TC11 16th International Conference on Information Security (IFIP/SEC’01) June 11–13, pages 77–92. Kluwer Academic Publishers, 2001. Paris, France.Google Scholar
  8. 8.
    W.A. Ettlin and G. Solber. Microsoft Basic Book/Macintosh Edition. McGraw-Hill Osborne Media, 1985.Google Scholar
  9. 9.
    M. Braentsch, P. Buhlier, T. Eirich, F. Horing, and M. Oestreicher. Java Card - from hype to reality. Mobile Computing - IEEE Concurrency, October 1999. IBM Zurich Research Laboratory.Google Scholar
  10. 10.
    Sun Microsystems Inc. Runtime Environment Specification; Java Card Platform, Version 2.1.1. More Information Available via http://download.oracle.com/otndocs/jcp/7233-javacard-2.1.1-spec-oth-JSpec/, Cited August 2016.
  11. 11.
    Z. Chen. Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. The Java Series. Addison-Wesley, June 2000. ISBN: 0201703297.Google Scholar
  12. 12.
    MAOSCO Ltd., MULTOS technology, More Information Available via http://www.multos.com/technology, Cited August 2016.
  13. 13.
    MAOSCO Ltd., MULTOS Developer’s Reference Manual, MAO-DOC-TEC-006v1.51. More Information Available via http://www.multos.com/uploads/MDRM.pdf Cited August 2016.
  14. 14.
    GlobalPlatform. Card Specification v2.2. More Information Available via http://www.globalplatform.org, Cited August 2016.
  15. 15.
    GlobalPlatform. GlobalPlatform Card Specification Version 2.3. More Information Available via http://www.globalplatform.org/specificationscard.asp, December 2015.
  16. 16.
    Microsoft, Introduction to Windows for Smart Cards, More Information Available via https://technet.microsoft.com/en-us/library/dd277375.aspx, Cited August 2016.
  17. 17.
    Smartcard Trends. .NET brings web services to smart cards. In Smart card Trends, volume 1, page 12. April 2004.Google Scholar
  18. 18.
    Z eitControl. Basiccard. More Information Available via http://www.basiccard.com/, Cited August 2016.
  19. 19.
    About the Java Card Forum (JCF), More Information Available via https://javacardforum.com, Cited August 2016.
  20. 20.
    J. Byous. Java technology: The early years., Sun Developer Network, 1998.Google Scholar
  21. 21.
    Oracle Technology Network, Java 2 Platform Standard Edition 5.0. More Information Available via http://www.oracle.com/technetwork/java/javase/index-jsp-135232.html, Cited August 2016.
  22. 22.
    B. Venners. The Java Virtual Machine, McGraw-Hill, New York, 1998.Google Scholar
  23. 23.
    T. Lindholm, F. Yellin, G. Bracha, A. Buckley. The Java Virtual Machine specification Java SE 8 Edition. More Information Available via https://docs.oracle.com/javase/specs/jvms/se8/jvms8.pdf, Cited August 2016.
  24. 24.
    Oracle. Oracle. More Information Available via http://www.oracle.com/technetwork/java/embedded/javacard/overview/index.html, Cited August 2016.
  25. 25.
    ISO/IEC. ISO/IEC 7816-6 Identification cards - Integrated circuit cards - Part 6: Interindustry data elements for interchange. International Organization for Standardization, More Information Available via http://www.iso.org, Cited August 2016.
  26. 26.
    ISO/IEC. ISO/IEC 7816-7 Identification cards - Integrated circuit(s) cards with contacts- Part 7: Interindustry commands for Structured Card Query Language (SCQL). International Organization for Standardization, More Information Available via http://www.iso.org, Cited August 2016.
  27. 27.
    ISO/IEC. ISO/IEC 7816-8 Identification cards - Integrated circuit cards - Part 8: Commands for security operations. International Organization for Standardization, More Information Available via http://www.iso.org, Cited August 2016.
  28. 28.
    Sun Microsystems Inc., The Java Card API Ver 2.1 Specification. More Information Available via http://download.oracle.com/otndocs/jcp/7234-javacard-2.1-spec-oth-JSpec/, Cited August 2016.
  29. 29.
    Sun Microsystems Inc., The Java Card API Ver 2.2.2 Specification. More Information Available via http://www.oracle.com/technetwork/java/javacard/specs-138637.html, Cited August 2016.
  30. 30.
    D.-W. Kim, and M.-S. Jung, I. Chong, (Ed.) A Study on the Optimization of Class File for Java Card Platform, Information Networking: Wired Communications and Management: International Conference, ICOIN 2002 Cheju Island, Korea, January 30 – February 1, 2002 Revised Papers, Part I, Springer Berlin Heidelberg, 2002, 563–570.Google Scholar
  31. 31.
    M. Tunstall, D. Sauveron, K. Markantonakis and K. Mayes. Smart card Security, volume 50 of Studies in Computational Intelligence, chapter Studies in Computational Intelligence, pages 205–237. 2007.Google Scholar
  32. 32.
    Oracle Technology Network, Java Card Protection Profile V3.0. More Information Available via http://www.oracle.com/technetwork/java/javacard/pp-142498.html, Cited August 2016.
  33. 33.
    GlobalPlatform. GlobalPlatform Technology Deployed on 17.7 Billion Secure Elements. More Information Available via https://www.globalplatform.org/mediapressview.asp?id=1241, Cited August 2016.
  34. 34.
    GlobalPlatform. GlobalPlatform Smart Card Security Target Guidelines. GlobalPlatform, 1.0 edition, October 2005.Google Scholar
  35. 35.
    GlobalPlatform. GlobalPlatform Card Security Requirements Specification. GlobalPlatform, 1.0 edition, May 2003.Google Scholar
  36. 36.
    MAOSCO. The MULTOS Consortium. More Information Available via http://www.multos.com/consortium/, Cited August 2016.
  37. 37.
    E.K. Clemons, D.C. Croson, and B.W. Weber. Reengineering money: the Mondex stored value card and beyond. In System Sciences, 1996., Proceedings of the Twenty-Ninth Hawaii International Conference on, volume 4, pages 254-261 vol.4, 3-6 Jan. 1996.Google Scholar
  38. 38.
    G.R.L. Higgins. Electronic cash in a global world. In Security and Detection, 1997. ECOS 97., European Conference on, page 86, 28-30 April 1997.Google Scholar
  39. 39.
    K.E. Mayes K. Markantonakis and F. Piper. Managing Information Assurance in Financial Services, chapter Smart Cards for Security and Assurance. Idea Group Publishing, Information Science Publishing, IRM Press, 2007.Google Scholar
  40. 40.
  41. 41.
    Common Criteria. More Information Available via http://www.commoncriteriaportal.org/, Cited August 2016.
  42. 42.
    MAOSCO Ltd., MULTOS Developers Guide, More Information Available via http://www.multos.com/uploads/MDG.pdf, Cited August 2016.
  43. 43.
    J. Elliot. The MAOS trap [smart card platforms]. Computing & Control Engineering Journal 12, Issue 1: 4–10, February 2001. ISSN: 0956-3385.Google Scholar
  44. 44.
    BasicCard. The ZeitControl BasicCard Family. More Information Available via http://209.68.36.204/downloads/bc_pdf.zip, Cited August 2016.
  45. 45.
    Brian Millier. Basiccards 101, program your first smartcard. Circuit Cellar, 164:22–27, March 2004.Google Scholar
  46. 46.
    Peter Johannes. MAOS platforms technical status report. Technical report, Europay International, November 1999.Google Scholar
  47. 47.
    ISO/IEC. ISO/IEC 7816-9 Identification cards - Integrated circuit cards - Part 9: Commands for card management. International Organization for Standardization, More Information Available via http://www.iso.org, Cited August 2016.
  48. 48.
    ECMA. Common Language Infrastructure (CLI) Partitions I to VI. European Computer Manufacturers Association, More Information Available via http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-335.pdf, 6th edition, Cited August 2016.
  49. 49.
    M. Hendry, Multi-application Smart Cards: Technology and Applications, Cambridge University Press, 2007, ISBN:0521873843, 9780521873840.Google Scholar
  50. 50.
    Axalto .NET Axalto unveils smart card powered by .Net. More Information Available via http://www.networkworld.com/article/2327491/lan-wan/axalto-unveils-smart-card-powered-by--net.html, Cited August 2016.
  51. 51.
    StepNexus StepNexus Acquires Hive Minded and .NET-based Nectar and trade; Smart Card Technology. More Information Available via http://www.smartcardalliance.org/stepnexus-acquires-hive-minded-and-net-based-nectartm-smart-card-technology/, Cited August 2016.
  52. 52.
    Gemalto, IDPrime .NET. More Information Available via http://www.gemalto.com/Products/dotnet_card/index.html, Cited August 2016.
  53. 53.
    Microsoft, Compiling to MSIL. More Information Available via https://msdn.microsoft.com/en-us/library/c5tkafs1(VS.71).aspx, Cited August 2016.
  54. 54.
    Hive Minded Delivers Smartcard Platform Based on the Microsoft .NET Framework, More Information Available via http://www.prnewswire.com/news-releases/hive-minded-delivers-smartcard-platform-based-on-the-microsoft-net-framework-71750142.html, Feb 2004.
  55. 55.
    V. Spáčil, The Security of .NET for Smart Cards. More Information Available via http://is.muni.cz/th/208177/fi_m/thesis.pdf.?lang=en, Cited August 2016.
  56. 56.
    B. Fouladi, K. Markantonakis and K. Mayes, Vulnerability Analysis of a Commercial .NET Smart Card, Smart Card Research and Advanced Applications, Springer series Lecture Notes in Computer Science, Volume 8419, pp 125–139.Google Scholar
  57. 57.
    Third Generation Partnership Project, Specification of the SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface (Release 4) TS Reference 51.014. More Information Available via http://www.3gpp.org/DynaReport/51014.htm Cited August 2016.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Smart Card Centre, Information Security GroupRoyal Holloway, University of LondonEghamUK

Personalised recommendations