| |
| |
| Preface | |
| |
| |
| About This Book | |
| |
| |
| The Audience of This Book | |
| |
| |
| No Need to Read the Whole Book | |
| |
| |
| About the Authors | |
| |
| |
| Acknowledgements | |
| |
| |
| |
| Smart Card Introduction and Overview | |
| |
| |
| |
| What Makes the Smart Card "Smart"? | |
| |
| |
| |
| What is a Smart Card? | |
| |
| |
| |
| The Benefits of Smart Cards | |
| |
| |
| |
| Smart Card Hardware | |
| |
| |
| |
| Memory Cards and Microprocessor Cards | |
| |
| |
| |
| Contactless Cards | |
| |
| |
| |
| The Computer on the Smart Card | |
| |
| |
| |
| Mechanical Contacts | |
| |
| |
| |
| The Size of a Smart Card | |
| |
| |
| |
| Hardware Security | |
| |
| |
| |
| The Manufacturing Process | |
| |
| |
| |
| Introduction to Smart Card Software | |
| |
| |
| |
| Smart Card Application Development Process | |
| |
| |
| |
| Communication with the Card | |
| |
| |
| |
| APDUs | |
| |
| |
| |
| T=0 and T=1 | |
| |
| |
| |
| TLV Structures | |
| |
| |
| |
| Smart Card Operating Systems | |
| |
| |
| |
| File System Smart Cards | |
| |
| |
| |
| Java Card | |
| |
| |
| |
| Multos | |
| |
| |
| |
| Smart Card for Windows | |
| |
| |
| |
| Smart Cards and e-business | |
| |
| |
| |
| Electronic Purses | |
| |
| |
| |
| GeldKarte | |
| |
| |
| |
| Mondex | |
| |
| |
| |
| Proton | |
| |
| |
| |
| Visa Cash | |
| |
| |
| |
| Common Electronic Purse Specification | |
| |
| |
| |
| Authentication and Secure Access | |
| |
| |
| |
| Workstation Access | |
| |
| |
| |
| Network- and Server-Login | |
| |
| |
| |
| Secure Communication | |
| |
| |
| |
| Digital Signatures | |
| |
| |
| |
| Other Uses of Smart Cards in e-business | |
| |
| |
| |
| Electronic Ticketing | |
| |
| |
| |
| Loyalty Programs | |
| |
| |
| |
| Growth Expected | |
| |
| |
| |
| Cryptography | |
| |
| |
| |
| Cryptographic Algorithms | |
| |
| |
| |
| Symmetric Cryptographic Algorithms | |
| |
| |
| |
| Public-Key Algorithms | |
| |
| |
| |
| Hybrid Algorithms | |
| |
| |
| |
| Smart Card Cryptographic Protocols | |
| |
| |
| |
| External Authentication | |
| |
| |
| |
| Internal Authentication | |
| |
| |
| |
| Secure Messaging | |
| |
| |
| |
| TLS and Smart Cards | |
| |
| |
| |
| Smart Card Readers and Terminals | |
| |
| |
| |
| Smart Card Readers | |
| |
| |
| |
| Smart Card Terminals | |
| |
| |
| |
| Biometrie Identification | |
| |
| |
| |
| Smart Card Standards and Industry Initiatives | |
| |
| |
| |
| ISO Standards | |
| |
| |
| |
| EMV ICC Specifications for Payment Systems | |
| |
| |
| |
| PC/SC | |
| |
| |
| |
| Visa Open Platform | |
| |
| |
| |
| OpenCard Framework | |
| |
| |
| |
| Introduction to OpenCard | |
| |
| |
| |
| The History of the OpenCard Framework | |
| |
| |
| |
| The OpenCard Consortium | |
| |
| |
| |
| The Objectives of the OpenCard Framework | |
| |
| |
| |
| The Advantages of Using OCF | |
| |
| |
| |
| The OCF Architecture | |
| |
| |
| |
| A Note on Notation | |
| |
| |
| |
| Architecture Overview | |
| |
| |
| |
| The Utility Classes | |
| |
| |
| |
| The OpenCard Core Definitions | |
| |
| |
| |
| The Core Utility Classes | |
| |
| |
| |
| Hex String Processing | |
| |
| |
| |
| The Configuration Provider | |
| |
| |
| |
| The Tracer | |
| |
| |
| |
| System Access | |
| |
| |
| |
| The Optional Utility Classes | |
| |
| |
| |
| The Loader Classes | |
| |
| |
| |
| The PassThruCardService | |
| |
| |
| |
| The Tag and TLV Classes | |
| |
| |
| |
| The Terminal Layer | |
| |
| |
| |
| Terminal Layer Core Components | |
| |
| |
| |
| Terminal Registry and Event Mechanism | |
| |
| |
| |
| Device Abstractions | |
| |
| |
| |
| The Terminal Layer Exceptions | |
| |
| |
| |
| PIN / Password Support | |
| |
| |
| |
| Terminal Layer Optional Components | |
| |
| |
| |
| The opencard.opt.terminal Package | |
| |
| |
| |
| The opencard.opt.terminal.protocol Package | |
| |
| |
| |
| Tracing in the Terminal Layer | |
| |
| |
| |
| Communicating with the Card Reader | |
| |
| |
| |
| The Java Communications API | |
| |
| |
| |
| The Implementation | |
| |
| |
| |
| Using the T=1 Protocol Support | |
| |
| |
| |
| Implementing the CardTerminal | |
| |
| |
| |
| Implementing the CardTerminalFactory | |
| |
| |
| |
| The Service Layer | |
| |
| |
| |
| The CardService Layer Core Components | |
| |
| |
| |
| The Application Access Classes | |
| |
| |
| |
| The Card Access Classes | |
| |
| |
| |
| The CardService Support Classes | |
| |
| |
| |
| The CHV Support Classes | |
| |
| |
| |
| The CardService Exceptions | |
| |
| |
| |
| The CardService Optional Components | |
| |
| |
| |
| Standard CardService Interfaces | |
| |
| |
| |
| The ISO File System CardService | |
| |
| |
| |
| The Signature CardService | |
| |
| |
| |
| The Application Management CardService | |
| |
| |
| |
| The OCF Security Concept | |
| |
| |
| |
| OpenCard Security Overview | |
| |
| |
| |
| OpenCard Security Classes | |
| |
| |
| |
| The Smart Card Key Classes | |
| |
| |
| |
| CardService Interface Classes | |
| |
| |
| |
| Credentials | |
| |
| |
| |
| Running OCF in Browsers | |
| |
| |
| |
| Browser Security Models | |
| |
| |
| |
| Invocation of Privileged Methods | |
| |
| |
| |
| Security Implications | |
| |
| |
| |
| Smart Card Application Development Using OCF | |
| |
| |
| |
| Using OCF | |
| |
| |
| |
| Preparing Your System | |
| |
| |
| |
| Configuring OCF on Your System | |
| |
| |
| |
| Setting the OCF Configuration Properties | |
| |
| |
| |
| The First Simple Application | |
| |
| |
| |
| Starting OCF and Shutting it Down Again | |
| |
| |
| |
| Obtaining a SmartCard Object via waitForCard(...) | |
| |
| |
| |
| Obtaining a CardService Object | |
| |
| |
| |
| Using this Sample Program with Other Cards | |
| |
| |
| |
| Smart Card Access of a Digital Signature Application | |
| |
| |
| |
| Attributes | |
| |
| |
| |
| Constructor | |
| |
| |
| |
| cardlnserted() | |
| |
| |
| |
| allocateServices(SmartCard, Slot) | |
| |
| |
| |
| cardRemoved() | |
| |
| |
| |
| signatureCardPresent() | |
| |
| |
| |
| getCardHolderData() | |
| |
| |
| |
| propagateAnEarlierException() | |
| |
| |
| |
| setCardHolderData(String) | |
| |
| |
| |
| sign(int, byte[]) | |
| |
| |
| |
| close() | |
| |
| |
| |
| Class SignatureCardException | |
| |
| |
| |
| The Complete Sample Source Code | |
| |
| |
| |
| OCF and e-business | |
| |
| |
| |
| Internet Stock Brokerage | |
| |
| |
| |
| Security Considerations | |
| |
| |
| |
| Secure Stock Brokerage Architecture | |
| |
| |
| |
| Protocols | |
| |
| |
| |
| Distributed Payment Systems | |
| |
| |
| |
| Card-to-Card Payment Schemes | |
| |
| |
| |
| Card-to-Card Payments via Internet | |
| |
| |
| |
| Architecture Overview | |
| |
| |
| |
| Implementation | |
| |
| |
| |
| Java Card and OCF | |
| |
| |
| |
| Developing a Card Applet | |
| |
| |
| |
| Inside the Java Card | |
| |
| |
| |
| The Java Card Framework | |
| |
| |
| |
| Lifetimes of On-card Programs and Objects | |
| |
| |
| |
| A Sample Java Card Applet | |
| |
| |
| |
| Using OCF to Work with Card Applets | |
| |
| |
| |
| Card Applet Proxies | |
| |
| |
| |
| Controlling Our Sample Card Applet through OCF | |
| |
| |
| |
| Card and Application Management | |
| |
| |
| |
| Introduction | |
| |
| |
| |
| Card Management Systems | |
| |
| |
| |
| Application Management Systems | |
| |
| |
| |
| Key Management Systems | |
| |
| |
| |
| Using OCF for Card and Application Management | |
| |
| |
| |
| Example | |
| |
| |
| |
| Security | |
| |
| |
| |
| Architecture and Technology | |
| |
| |
| |
| Post-Issuance Application Download | |
| |
| |
| |
| Post-Issuance Application Personalization | |
| |
| |
| |
| OCF for Embedded Devices | |
| |
| |
| |
| Device Profiles | |
| |
| |
| |
| OCF for Embedded Devices | |
| |
| |
| |
| Differences between OCF and OCF for Embedded Devices | |
| |
| |
| |
| Footprint Statistics | |
| |
| |
| |
| Appendixes | |
| |
| |
| |
| The Card | |
| |
| |
| |
| The IBM Multi Function Card | |
| |
| |
| |
| The File Structure on the Card | |
| |
| |
| |
| Accessing the Card | |
| |
| |
| |
| Useful Web Sites | |
| |
| |
| |
| Bibliography | |
| |
| |
| |
| Glossary | |
| |
| |
| |
| Index | |