The case for a secure multi-application smart card operating system

  • Constantinos Markantonakis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1396)


The idea of a multi-application smart card operating system is not a new one, but only recently the smart card industry is catching up with proper software and hardware architectures that contribute in the anticipated evolution. In this paper we survey some of the proposed software architectures and comment on their applicability and performance, along with investigating the entirely new demands imposed both in the smart card operating system and the application level. We also present a slightly different more decentralized view of a secure smart card multi-application operating system with some interesting new features.


Smart card multi-application operating system interpreter applet objects Java JavaCard 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Ruth Cherneff, John Griffin, Dave Outcalt, Dr. Carmen Pufialito, Rhonda Kaplan Singer, Michelle Stapleton, “Smart Cards 97”, /cap/s-card/index.html#top, 1997.Google Scholar
  2. [2]
    Java Card Forum, Scholar
  3. [3]
    Bull, “Java Card Application Program Interface (API), File Management Interface Specication”,, 1997Google Scholar
  4. [4]
    Fabien Thiriet, Schlumberger Electronic Transactions, “Java Card Application Program Interface (API), Errors and Exception Handling”, http://www.javacard jcftech/eandf.doc,1997Google Scholar
  5. [5]
    Patrice Peyret, “Application-Enabling Card Systems with Plug-and-Play Applets”, Smart Card'96, 1996.Google Scholar
  6. [6]
    Schlumberger, “Cyberflex”, Scholar
  7. [7]
    Philips Semiconductors, “Integrated Circuits and Modules for Chip Cards”, PG Identification & Automotive Hamburg, 1997.Google Scholar
  8. [8]
    Philips Semiconductors, “The New Generation Crypto Controller P83C858 ”, 1996Google Scholar
  9. [9]
    Motorola, “Microcontroller literature”,, 1997.Google Scholar
  10. [10]
    General Information Systems Ltd., “OSCAR, Specification of a smart card filling system incorporating data security and message authentication”, uk/ oscmanl.htm, 1993.Google Scholar
  11. [11]
    Gemplus, “MCOS 16 K EEPROM DES Reference Manual Ver 2.2”, 1990.Google Scholar
  12. [12]
    Gemplus, “MPCOS Multi Application Payment Chip, Reference Manual Ver 4.0 ”,1994.Google Scholar
  13. [13]
    B. Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, 1996.Google Scholar
  14. [14]
    International Standard Organization, “ISO/IEC 7816-4”, 1995.Google Scholar
  15. [15]
    Stephen Lee, “The Case for Multifunctional Smart cards”, Smartcard Technology International, 1995.Google Scholar
  16. [16]
    IBM, “IBM Multi Functional Card General Information”, Smart Card'96, 1996.Google Scholar
  17. [17]
    Card Europe UK-Background Paper, “Smartcard Technology Leading to Multi Service Capability”, 1994.Google Scholar
  18. [18]
    General Information Systems Ltd, UK, “ISOS— The ndustry Standard Operating System, Introduction”, 1995.Google Scholar
  19. [19]
    Ian Blythe, “Smarter, More Secure Smartcards”, Byte Magazine, June 1997.Google Scholar
  20. [20]
    Drew Dean, “Java Security: From HotJava to Netscape And Beyond”, Computer Science Department Princeton University, 1996.Google Scholar
  21. [21]
    Jacques Soussana, “Java Card Application Program Interface, Transaction integrity”, http://www transact.doc, 1997Google Scholar
  22. [22]
    Dominique Bolignamo, Dyade, “Java Card Application Program Interface (API), Loading”,, 1997Google Scholar
  23. [23]
    Motorola, “M68HC05SC Family — At a Glance”, /csic /SMARTCRD/sctable.htm, 1997Google Scholar
  24. [24]
    Motorola, “Motorola's M68HC05SC family microcontrollers.”, http://, 1997Google Scholar
  25. [25]
    Java “Java Programming Language”, Scholar
  26. [26]
    Sun Microsystems, “The Java Card API specification”,, 1996Google Scholar
  27. [27]
    Java Soft, “Java Card API Frequently asked Questions”, javacard faq.htmGoogle Scholar
  28. [28]
    Schlumberger, “Cyberflex Smart card: Prelease Series Developers manual”,http://www.cyberflex. Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Constantinos Markantonakis
    • 1
  1. 1.Information Security Group, Computer Science DepartmentRoyal Holloway, University of LondonEghamUK

Personalised recommendations