| |
| |
Preface | |
| |
| |
About This Book | |
| |
| |
The Audience of This Book | |
| |
| |
No Need to Read the Whole Book | |
| |
| |
About the Authors | |
| |
| |
Acknowledgements | |
| |
| |
| |
Smart Card Introduction and Overview | |
| |
| |
| |
What Makes the Smart Card "Smart"? | |
| |
| |
| |
What is a Smart Card? | |
| |
| |
| |
The Benefits of Smart Cards | |
| |
| |
| |
Smart Card Hardware | |
| |
| |
| |
Memory Cards and Microprocessor Cards | |
| |
| |
| |
Contactless Cards | |
| |
| |
| |
The Computer on the Smart Card | |
| |
| |
| |
Mechanical Contacts | |
| |
| |
| |
The Size of a Smart Card | |
| |
| |
| |
Hardware Security | |
| |
| |
| |
The Manufacturing Process | |
| |
| |
| |
Introduction to Smart Card Software | |
| |
| |
| |
Smart Card Application Development Process | |
| |
| |
| |
Communication with the Card | |
| |
| |
| |
APDUs | |
| |
| |
| |
T=0 and T=1 | |
| |
| |
| |
TLV Structures | |
| |
| |
| |
Smart Card Operating Systems | |
| |
| |
| |
File System Smart Cards | |
| |
| |
| |
Java Card | |
| |
| |
| |
Multos | |
| |
| |
| |
Smart Card for Windows | |
| |
| |
| |
Smart Cards and e-business | |
| |
| |
| |
Electronic Purses | |
| |
| |
| |
GeldKarte | |
| |
| |
| |
Mondex | |
| |
| |
| |
Proton | |
| |
| |
| |
Visa Cash | |
| |
| |
| |
Common Electronic Purse Specification | |
| |
| |
| |
Authentication and Secure Access | |
| |
| |
| |
Workstation Access | |
| |
| |
| |
Network- and Server-Login | |
| |
| |
| |
Secure Communication | |
| |
| |
| |
Digital Signatures | |
| |
| |
| |
Other Uses of Smart Cards in e-business | |
| |
| |
| |
Electronic Ticketing | |
| |
| |
| |
Loyalty Programs | |
| |
| |
| |
Growth Expected | |
| |
| |
| |
Cryptography | |
| |
| |
| |
Cryptographic Algorithms | |
| |
| |
| |
Symmetric Cryptographic Algorithms | |
| |
| |
| |
Public-Key Algorithms | |
| |
| |
| |
Hybrid Algorithms | |
| |
| |
| |
Smart Card Cryptographic Protocols | |
| |
| |
| |
External Authentication | |
| |
| |
| |
Internal Authentication | |
| |
| |
| |
Secure Messaging | |
| |
| |
| |
TLS and Smart Cards | |
| |
| |
| |
Smart Card Readers and Terminals | |
| |
| |
| |
Smart Card Readers | |
| |
| |
| |
Smart Card Terminals | |
| |
| |
| |
Biometrie Identification | |
| |
| |
| |
Smart Card Standards and Industry Initiatives | |
| |
| |
| |
ISO Standards | |
| |
| |
| |
EMV ICC Specifications for Payment Systems | |
| |
| |
| |
PC/SC | |
| |
| |
| |
Visa Open Platform | |
| |
| |
| |
OpenCard Framework | |
| |
| |
| |
Introduction to OpenCard | |
| |
| |
| |
The History of the OpenCard Framework | |
| |
| |
| |
The OpenCard Consortium | |
| |
| |
| |
The Objectives of the OpenCard Framework | |
| |
| |
| |
The Advantages of Using OCF | |
| |
| |
| |
The OCF Architecture | |
| |
| |
| |
A Note on Notation | |
| |
| |
| |
Architecture Overview | |
| |
| |
| |
The Utility Classes | |
| |
| |
| |
The OpenCard Core Definitions | |
| |
| |
| |
The Core Utility Classes | |
| |
| |
| |
Hex String Processing | |
| |
| |
| |
The Configuration Provider | |
| |
| |
| |
The Tracer | |
| |
| |
| |
System Access | |
| |
| |
| |
The Optional Utility Classes | |
| |
| |
| |
The Loader Classes | |
| |
| |
| |
The PassThruCardService | |
| |
| |
| |
The Tag and TLV Classes | |
| |
| |
| |
The Terminal Layer | |
| |
| |
| |
Terminal Layer Core Components | |
| |
| |
| |
Terminal Registry and Event Mechanism | |
| |
| |
| |
Device Abstractions | |
| |
| |
| |
The Terminal Layer Exceptions | |
| |
| |
| |
PIN / Password Support | |
| |
| |
| |
Terminal Layer Optional Components | |
| |
| |
| |
The opencard.opt.terminal Package | |
| |
| |
| |
The opencard.opt.terminal.protocol Package | |
| |
| |
| |
Tracing in the Terminal Layer | |
| |
| |
| |
Communicating with the Card Reader | |
| |
| |
| |
The Java Communications API | |
| |
| |
| |
The Implementation | |
| |
| |
| |
Using the T=1 Protocol Support | |
| |
| |
| |
Implementing the CardTerminal | |
| |
| |
| |
Implementing the CardTerminalFactory | |
| |
| |
| |
The Service Layer | |
| |
| |
| |
The CardService Layer Core Components | |
| |
| |
| |
The Application Access Classes | |
| |
| |
| |
The Card Access Classes | |
| |
| |
| |
The CardService Support Classes | |
| |
| |
| |
The CHV Support Classes | |
| |
| |
| |
The CardService Exceptions | |
| |
| |
| |
The CardService Optional Components | |
| |
| |
| |
Standard CardService Interfaces | |
| |
| |
| |
The ISO File System CardService | |
| |
| |
| |
The Signature CardService | |
| |
| |
| |
The Application Management CardService | |
| |
| |
| |
The OCF Security Concept | |
| |
| |
| |
OpenCard Security Overview | |
| |
| |
| |
OpenCard Security Classes | |
| |
| |
| |
The Smart Card Key Classes | |
| |
| |
| |
CardService Interface Classes | |
| |
| |
| |
Credentials | |
| |
| |
| |
Running OCF in Browsers | |
| |
| |
| |
Browser Security Models | |
| |
| |
| |
Invocation of Privileged Methods | |
| |
| |
| |
Security Implications | |
| |
| |
| |
Smart Card Application Development Using OCF | |
| |
| |
| |
Using OCF | |
| |
| |
| |
Preparing Your System | |
| |
| |
| |
Configuring OCF on Your System | |
| |
| |
| |
Setting the OCF Configuration Properties | |
| |
| |
| |
The First Simple Application | |
| |
| |
| |
Starting OCF and Shutting it Down Again | |
| |
| |
| |
Obtaining a SmartCard Object via waitForCard(...) | |
| |
| |
| |
Obtaining a CardService Object | |
| |
| |
| |
Using this Sample Program with Other Cards | |
| |
| |
| |
Smart Card Access of a Digital Signature Application | |
| |
| |
| |
Attributes | |
| |
| |
| |
Constructor | |
| |
| |
| |
cardlnserted() | |
| |
| |
| |
allocateServices(SmartCard, Slot) | |
| |
| |
| |
cardRemoved() | |
| |
| |
| |
signatureCardPresent() | |
| |
| |
| |
getCardHolderData() | |
| |
| |
| |
propagateAnEarlierException() | |
| |
| |
| |
setCardHolderData(String) | |
| |
| |
| |
sign(int, byte[]) | |
| |
| |
| |
close() | |
| |
| |
| |
Class SignatureCardException | |
| |
| |
| |
The Complete Sample Source Code | |
| |
| |
| |
OCF and e-business | |
| |
| |
| |
Internet Stock Brokerage | |
| |
| |
| |
Security Considerations | |
| |
| |
| |
Secure Stock Brokerage Architecture | |
| |
| |
| |
Protocols | |
| |
| |
| |
Distributed Payment Systems | |
| |
| |
| |
Card-to-Card Payment Schemes | |
| |
| |
| |
Card-to-Card Payments via Internet | |
| |
| |
| |
Architecture Overview | |
| |
| |
| |
Implementation | |
| |
| |
| |
Java Card and OCF | |
| |
| |
| |
Developing a Card Applet | |
| |
| |
| |
Inside the Java Card | |
| |
| |
| |
The Java Card Framework | |
| |
| |
| |
Lifetimes of On-card Programs and Objects | |
| |
| |
| |
A Sample Java Card Applet | |
| |
| |
| |
Using OCF to Work with Card Applets | |
| |
| |
| |
Card Applet Proxies | |
| |
| |
| |
Controlling Our Sample Card Applet through OCF | |
| |
| |
| |
Card and Application Management | |
| |
| |
| |
Introduction | |
| |
| |
| |
Card Management Systems | |
| |
| |
| |
Application Management Systems | |
| |
| |
| |
Key Management Systems | |
| |
| |
| |
Using OCF for Card and Application Management | |
| |
| |
| |
Example | |
| |
| |
| |
Security | |
| |
| |
| |
Architecture and Technology | |
| |
| |
| |
Post-Issuance Application Download | |
| |
| |
| |
Post-Issuance Application Personalization | |
| |
| |
| |
OCF for Embedded Devices | |
| |
| |
| |
Device Profiles | |
| |
| |
| |
OCF for Embedded Devices | |
| |
| |
| |
Differences between OCF and OCF for Embedded Devices | |
| |
| |
| |
Footprint Statistics | |
| |
| |
| |
Appendixes | |
| |
| |
| |
The Card | |
| |
| |
| |
The IBM Multi Function Card | |
| |
| |
| |
The File Structure on the Card | |
| |
| |
| |
Accessing the Card | |
| |
| |
| |
Useful Web Sites | |
| |
| |
| |
Bibliography | |
| |
| |
| |
Glossary | |
| |
| |
| |
Index | |