SlideShare une entreprise Scribd logo

Step-by-Step development of an Application for the Java Card 3.0TM platform

Eric Vétillard
Eric Vétillard

A JavaOne presentation that describes the Java Card Connected development model, based on a practical example. Beyond Java Card Connected, could be interesting for people who want to develop small embedded Web servers.

Technologie
1  sur  51
Télécharger pour lire hors ligne
Step-by-Step development of an Application for the Java Card 3.0™ platform Anki Nelaturu Eric Vétillard Sun Microsystems Trusted Labs
2 About the speakers > Eric Vétillard ● CTO of Trusted Labs ● Technical Chair, Java Card Forum > Anki Nelaturu ● Staff engineer, Java Card Technology Group, Sun Microsystems
3 Session objectives > Learn the basic principles of Java Card 3.0 ● Based on a small realistic application ● Step-by-step building of a first version ● Including typical smart card issues ● Security, performance, deployment > Discover the development tools ● Building a project ● Using the Reference Implementation
4 The Session at a Glance > An introduction to Java Card 3.0 > Writing a first application > Building and running the application > Making your application realistic > Further options > Deploying your application
5 Smart Card Characteristics > Smart cards are small ● Best in class have 32k RAM, 1M Flash > Smart cards are cheap ● A single chip, embedded in plastic > Smart cards are secure ● They are often used to manage sensitive assets > Smart cards are manageable ● Powerful remote app management tools
6 Why a Specific Platform? > Limited resources ● RAM is very scarce; object use is limited ● Flash memory is hard to access ● Computing power is limited > Specific requirements ● High level of security ● Several applications share the same VM ● Persistence is achieved through objects
7 Java Card 3.0 in One Slide > VM and core API based on CLDC ● Minus floating-point numbers and a few details ● Plus persistent objects ● Plus a firewall between applications ● Plus detailed permissions > A servlet application model ● Plus a legacy smart card application model
8 The First Application > A basic password manager ● Stores triplets made of ● An identifier (URL or simple string) ● A user name ● A password > Available through a Web interface ● Main application is a servlet
9 A Password Record package com.vetilles.passwords; public class PasswordEntry ; private String userName; private String password; public PasswordEntry(String userName, String password) { this.userName = userName; this.password = password; } public String getUserName() { return userName ; } public void setUserName(String userName) { this.userName = userName; } ...
10 A Password Manager package com.vetilles.passwords; import java.util.Hashtable; import java.util.Enumeration; import javacardx.framework.TransactionType; import javacardx.framework.TransactionTypeValue; public class PasswordManager ; private Hashtable<String,PasswordEntry> entries; public PasswordManager() { entries = new Hashtable(); } ...
11 A Password Manager ... @TransactionType(TransactionTypeValue.REQUIRED) public boolean addPasswordEntry (String id, String userName, String password) { if (entries.containsKey(id)) return false ; entries.put(id, new PasswordEntry(userName, password); return true ; } public PasswordEntry retrievePasswordEntry(String id) { return entries.get(id) ; } ...
12 A Password Manager ... @TransactionType(TransactionTypeValue.REQUIRED) public boolean deletePasswordEntry(String id) { return entries.remove(id) != null ; } public Enumeration<String> listIdentifiers() { return entries.keys() ; } }
13 Persistence basics > Persistence by reachability ● Reachability by a root of persistence ● Static field, servlet context, applet object ● All persistent objects stored in persistent memory > Guarantees on persistent objects ● Individual write operations are atomic ● All writes in a transaction are atomic
14 Transaction basics > Inspired from Java EE persistence ● With some specific details ● A smart card is not a database > Three basic principles ● The scope of the transaction is a method ● Commit occurs on normal return ● Abort occurs on exception exit
15 Transaction types > SUPPORTS ● By default, transaction optional > REQUIRED ● When a transaction is needed > REQUIRES_NEW ● For a separate transaction > MANDATORY, NEVER, NOT_SUPPORTED: ● For special cases
16 A Password Servlet package com.vetilles.passwords; import java.io.IOException; import java.io.PrintWriter; import java.util.Enumeration; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** A Simple Hello Servlet */ public class PassServlet extends HttpServlet { private static PasswordManager manager = new PasswordManager(); ...
17 A Password Servlet @Override public void doGet( HttpServletRequest request, HttpServletResponse response) throws IOException { // First interprets the command String command = request.getServletPath(); // Matches the possible incoming commands if (command.equals("/addentry")) addEntry(request, response); else if (command.equals("/retrieveentry")) retrieveEntry(request, response); else if (command.equals("/deleteentry")) deleteEntry(request, response); else if (command.equals("/listidentifiers")) listIdentifiers(request, response); }
18 A Password Servlet private void addEntry( HttpServletRequest request, HttpServletResponse response) throws IOException { boolean status = manager.addPasswordEntry( request.getParameter("id"), request.getParameter("name"), request.getParameter("pass")) ; PrintWriter out = startResponse(response); if (status) out.println(HTML_ADD_ENTRY_SUCCESS); else out.println(HTML_ADD_ENTRY_FAILED); finishResponse(response); }
19 A Password Servlet private static final String HTML_ADD_ENTRY_SUCCESS = "<p align="center">" + "Password entry added successfully" + "</p><br>"; private static final String HTML_ADD_ENTRY_FAILED = "<p align="center">" + "Password entry addition failed." + "</p>" + "<p align="center">" + "Identifier already in use." + "</p><br>";
20 A Password Servlet private PrintWriter startResponse( HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Set content type first response.setContentType("text/html"); // Uses RequestDispatcher to write the header RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/header.i"); dispatcher.include(request, response); // Get PrintWriter object to create response return response.getWriter(); }
21 A Password Servlet private void finishResponse( HttpServletRequest request) HttpServletResponse response) throws IOException { // Uses RequestDispatcher to write the footer RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/footer.i"); dispatcher.include(request, response); }
22 HTML file: header.i <html> <head><title>Password Manager</title></head> <body> <table><tr> <h1 align="center">Password Manager</h1><br> <td><a href="/pass/add.html">Add entry</a></td> <td><a href="/pass/retrieve.html"> Retrieve entry </a></td> <td><a href="/pass/delete.html"> Delete entry </a></td> <td><a href="/pass/listidentifiers"> List identifiers </a></td> </tr></table> <br><br>
23 HTML file: footer.i </body> </html>
24 Access Control > No access control ● The user must be authenticated > Container-managed authentication is possible ● BASIC authentication for simplicity ● FORM-based for more flexibility > Role-based security is available ● Access rights orthogonal to authentication
25 So ? > For Java Card 2.x developers ● Java Card 3.0 is a major breakthrough ● The servlet model is entirely new > For other Java developers ● Java Card 3.0 is more traditional ● Well integrated into standard tool chain ● NetBeans, debugger, etc.
26 Demo
27 What is Wrong with this Application? > Security ● Content is not well protected ● No protection against Web attacks > Performance ● Too much content going back and forth ● Card-specific optimizations
28 Why Protect the Content? > No separation in n tiers ● Data is stored by the presentation application > Smart cards are subject to attacks ● They are a Web server in the attacker's hands ● Attacks on the hardware are possible ● Observation and fault induction attacks > Content is sensitive
29 Secure Storage of Passwords > Issue 1: Upon deletion, passwords must be wiped ● How do you wipe a String? ● Persistent storage must be in a byte array > Issue 2: Passwords should be stored encrypted ● Once again, byte arrays are required > The PasswordEntry class needs some work ● Storage of passwords in encrypted byte arrays
30 Secure Storage of Passwords package com.vetilles.passwords; import javacard.security.DESKey ; import javacard.security.KeyBuilder ; import javacardx.crypto.Cipher ; import javacardx.crypto.RandomData ; public class PasswordEntry { private String userName; private byte[] password; private static DESKey theKey ; private static Cipher cipher ; public PasswordEntry(String userName, String password) { if (theKey == null) initCrypto() ; this.userName = userName; setPassword(password); }
31 Secure Storage of Passwords private static void initCrypto() { // Allocates the objects theKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); theKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); }
32 Secure Storage of Passwords public void setPassword(String pass) { byte[] bytes = pass.bytes(); password = new byte[bytes.length+9]; cipher.init(theKey,Cipher.MODE_ENCRYPT); password[0] = (byte)cipher.doFinal( bytes, (short)0, (short)bytes.length, password, (short)1 ); } public String getPassword() { byte[] bytes = new byte[password.length]; cipher.init(theKey,Cipher.MODE_DECRYPT); short len = cipher.doFinal( password, (short)1, password[0], bytes, (short)0 ); return new String(bytes,(short)0,len); }
33 Secure Communication > Several issues are present ● All data is transmitted in clear ● Master password is transmitted in clear > One simple solution: SSL ● Supported at the container level ● Not a single line of code ● Only constraint: manage the certificates
34 Web Security > Web applications have many security issues > See OWASP for a starting point ● In particular the “Top 10 Vulnerabilities” > Some countermeasures are required ● Input filtering ● Output canonicalization ● Proper session management
35 Validating Input private void addEntry( HttpServletRequest request, HttpServletResponse response) throws IOException { boolean status ; try { status = manager.addPasswordEntry( validateId(request.getParameter("id")), validateId(request.getParameter("name")), request.getParameter("pass")) ; } catch(Exception e) { sendError(response,e.getMessage()); return; } ... }
36 Validating Input private static final String otherChars = "-_@." ; private String validateId(String id) throws IOException { char[] chars = id.toCharArray() ; for(char c:chars) { if (Character.isDigit(c)) continue; if (Character.isLowerCase(c)) continue; if (Character.isUpperCase(c)) continue; if (otherChars.indexOf(c)!=-1) continue; throw new IOException("Invalid identifier string"); } // If we get here, all characters are acceptable return id ; }
37 Canonicalizing Output > The idea is to make the output innocuous ● Make sure that characters are not interpreted ● The following only works on ASCII characters private String encodeUnverifiedString(String str) { StringBuffer s = new StringBuffer(); char[] chars = str.toCharArray() ; for(char c:chars) { s.append("<span>#&" + Integer.toString(c) + ";</span>"); } return s.toString(); }
38 Communication Performance > Card communication remains slow ● Content production also has limits > Similar to other elements of the “Web of Things” ● Servers are less powerful than clients ● The work must be delegated to clients > Ajax can be used ● Limits the amount of communication ● Limits HTML overhead on the server side
39 Ajax on a Smart Card? > Ajax is an interesting technique ● It is entirely managed on the card ● It uses the client's resources > Aren't there security issues ? ● No, not really ● The browser must be trusted anyway
40 Performance Optimization Persistent memory private static void initCrypto() { // Allocates the objects theKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); theKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); }
41 Performance Optimization Persistent memory private static void initCrypto() { // Allocates the objects DESKey newKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); newKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); // Promotes the key to persistent memory theKey = newKey ; }
42 What more could we do ? > Manage the data in a separate application ● Use sharing to communicate > Add an APDU interface ● Work with legacy smart card applications > Manage our own authenticators ● Rather than use the platform's default ones > Backup our passwords ● Open a connection to a backup server
43 What about Deployment? > Many instances ● Not a single server ● Instead, millions of cards/objects > A mutualized server ● Several providers represented on the server ● Usually, one single issuer (the owner) ● Some resource allocation to manage
44 GlobalPlatform > Card management technology since 1999 ● Standards to deploy/manage applications ● Standards to manage relationships ● Between card issuers and application providers ● Including trusted third parties when needed > Currently being adapted to a Web model ● Update of application management ● Addition of new resources to be managed
45 GlobalPlatform Architecture FromGlobalPlatform Card Spec v2.2,2006
46 Issuer-Centric Deployment > Current model for smart cards ● The issuer owns the card > Many deployment options ● The issuer manages all applications ● Simple and practical ● A third party needs to sign all applications ● Practical to enforce issuer policies ● Management can be delegated ● All operations may still be explicitly authorized
47 Alternative Deployment Scenarios > White card schemes ● Very similar to an issuer-centric scheme ● But the “issuer” is an association/public entity > Cardholder-owned cards ● Not the tendency for traditional cards ● Likely trend with smart objects > ...
48 GlobalPlatform Networked Framework > Adapts the existing model to the Web ● HTTP and SSL as transport ● ASN.1 as encoding > Supports specific Web application features ● Management of URIs ● Who can use the http://localhost:8019/google ? ● Management of realms and authenticators ● Who can use the “Visa” authentication realm?
49 Recap > Java Card 3.0 brings Web servers everywhere ● On cards and on other devices ● Using a very classical model > Of course, there is a catch ● Resources are severely limited ● Deployment needs to be carefully planned ● Applications and devices may be linked
50 Getting More Information > Spec and Development Kit ● java.sun.com/products/javacard ● Look at the samples ... > Blogs ● javacard.vetilles.com > Other sessions at JavaOne
Anki Nelaturu anki.nelaturu@sun.com Eric Vétillard eric.vetillard@trusted-labs.com

Recommandé

Atm security
Atm securityAtm security
Atm securityLikan Patra
 
an atm with an eye
an atm with an eyean atm with an eye
an atm with an eyeMohd Nazir Shakeel
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologyapuneet bhatia
 
An Overview of Cryptocurrencies
An Overview of CryptocurrenciesAn Overview of Cryptocurrencies
An Overview of CryptocurrenciesRizal Mohd Nor
 
Smart card ppt
Smart card pptSmart card ppt
Smart card pptkondalarao7
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityReben Dalshad
 
Smart Card
Smart CardSmart Card
Smart CardDarani Daran
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technologythinkahead.net
 

Recommandé

Atm security
Atm securityAtm security
Atm securityLikan Patra
 
an atm with an eye
an atm with an eyean atm with an eye
an atm with an eyeMohd Nazir Shakeel
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologyapuneet bhatia
 
An Overview of Cryptocurrencies
An Overview of CryptocurrenciesAn Overview of Cryptocurrencies
An Overview of CryptocurrenciesRizal Mohd Nor
 
Smart card ppt
Smart card pptSmart card ppt
Smart card pptkondalarao7
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityReben Dalshad
 
Smart Card
Smart CardSmart Card
Smart CardDarani Daran
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technologythinkahead.net
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain ApplicationsAhmed Banafa
 
Bank locker system
Bank locker systemBank locker system
Bank locker systemRahul Wagh
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
Introduction to emv
Introduction to emvIntroduction to emv
Introduction to emvAnil Chaurasiya
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyShashank Karamballi
 
ATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSMATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSMAlpesh Kurhade
 
Smart cards
Smart cardsSmart cards
Smart cardsSiddhartha Mazumdar
 
An atm with an iris recognition
An atm with an iris recognitionAn atm with an iris recognition
An atm with an iris recognitionmahesh123slideshre
 
Smart cards
Smart cardsSmart cards
Smart cardsjaswinderkaur144
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt Dewanshu Haswani
 
Use case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTUUse case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTURohit Verma
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerAbhishek Gupta
 
Out sources of atm
Out sources of atmOut sources of atm
Out sources of atmDharmik
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofArunanand Ta
 
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...cjwells
 
Bitcoin technology
Bitcoin technologyBitcoin technology
Bitcoin technologyWajid Hamdani
 
Money pad,the future wallet
Money pad,the future walletMoney pad,the future wallet
Money pad,the future walletSmitakshi Sen
 
Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...sgoldbergg
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101n|u - The Open Security Community
 
Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 

Contenu connexe

Tendances

Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain ApplicationsAhmed Banafa
 
Bank locker system
Bank locker systemBank locker system
Bank locker systemRahul Wagh
 
ATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSMATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSMAlpesh Kurhade
 
An atm with an iris recognition
An atm with an iris recognitionAn atm with an iris recognition
An atm with an iris recognitionmahesh123slideshre
 
Use case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTUUse case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTURohit Verma
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
Out sources of atm
Out sources of atmOut sources of atm
Out sources of atmDharmik
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofArunanand Ta
 
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...cjwells
 
Money pad,the future wallet
Money pad,the future walletMoney pad,the future wallet
Money pad,the future walletSmitakshi Sen
 
Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...sgoldbergg
 

Tendances (20)

Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain Applications
 
Bank locker system
Bank locker systemBank locker system
Bank locker system
 
Smartcard
SmartcardSmartcard
Smartcard
 
Introduction to emv
Introduction to emvIntroduction to emv
Introduction to emv
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
ATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSMATM Security by using Fingerprint Recognition And GSM
ATM Security by using Fingerprint Recognition And GSM
 
Smart cards
Smart cardsSmart cards
Smart cards
 
An atm with an iris recognition
An atm with an iris recognitionAn atm with an iris recognition
An atm with an iris recognition
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt
 
Use case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTUUse case of block chain unit 4 AKTU
Use case of block chain unit 4 AKTU
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card Security
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Out sources of atm
Out sources of atmOut sources of atm
Out sources of atm
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge Proof
 
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
Digital Currency Systems: Emerging B2B e-Commerce Alternative During Monetary...
 
Bitcoin technology
Bitcoin technologyBitcoin technology
Bitcoin technology
 
Money pad,the future wallet
Money pad,the future walletMoney pad,the future wallet
Money pad,the future wallet
 
Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...Working of ATM machine : For all those who wanted to know the internal workin...
Working of ATM machine : For all those who wanted to know the internal workin...
 
Cryptography - 101
Cryptography - 101Cryptography - 101
Cryptography - 101
 

En vedette

Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!Mikhail Dudarev
 
Java card technology
Java card technologyJava card technology
Java card technologyAmol Kamble
 

En vedette (8)

Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java Card
 
jCardSim – Java Card is simple!
jCardSim – Java Card is simple!jCardSim – Java Card is simple!
jCardSim – Java Card is simple!
 
Java ring
Java ringJava ring
Java ring
 
FIPS 201 / PIV
FIPS 201 / PIVFIPS 201 / PIV
FIPS 201 / PIV
 
Java card
Java cardJava card
Java card
 
Java card technology
Java card technologyJava card technology
Java card technology
 
Java card technology
Java card technologyJava card technology
Java card technology
 
Dif fft
Dif fftDif fft
Dif fft
 

Similaire à Step-by-Step development of an Application for the Java Card 3.0TM platform

General Principles of Web Security
General Principles of Web SecurityGeneral Principles of Web Security
General Principles of Web Securityjemond
 
Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Apostolos Giannakidis
 
JavaFest. Nanne Baars. Web application security for developers
JavaFest. Nanne Baars. Web application security for developersJavaFest. Nanne Baars. Web application security for developers
JavaFest. Nanne Baars. Web application security for developersFestGroup
 
Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Balázs Tatár
 
Mitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMMitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMApostolos Giannakidis
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the TrenchesJonathan Wage
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenchesLukas Smith
 
Lesson_07_Spring_Security_Register_NEW.pdf
Lesson_07_Spring_Security_Register_NEW.pdfLesson_07_Spring_Security_Register_NEW.pdf
Lesson_07_Spring_Security_Register_NEW.pdfScott Anderson
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
How to make a high-quality Node.js app, Nikita Galkin
How to make a high-quality Node.js app, Nikita GalkinHow to make a high-quality Node.js app, Nikita Galkin
How to make a high-quality Node.js app, Nikita GalkinSigma Software
 
Java EE 8 security and JSON binding API
Java EE 8 security and JSON binding APIJava EE 8 security and JSON binding API
Java EE 8 security and JSON binding APIAlex Theedom
 
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...PROIDEA
 
Ten useful JavaScript tips & best practices
Ten useful JavaScript tips & best practicesTen useful JavaScript tips & best practices
Ten useful JavaScript tips & best practicesAnkit Rastogi
 
Resiliency & Security_Ballerina Day CMB 2018
Resiliency & Security_Ballerina Day CMB 2018 Resiliency & Security_Ballerina Day CMB 2018
Resiliency & Security_Ballerina Day CMB 2018 Ballerina
 
Integrating Security Roles into Microsoft Silverlight Applications
Integrating Security Roles into Microsoft Silverlight ApplicationsIntegrating Security Roles into Microsoft Silverlight Applications
Integrating Security Roles into Microsoft Silverlight ApplicationsDan Wahlin
 
[NDC 2019] Functions 2.0: Enterprise-Grade Serverless
[NDC 2019] Functions 2.0: Enterprise-Grade Serverless[NDC 2019] Functions 2.0: Enterprise-Grade Serverless
[NDC 2019] Functions 2.0: Enterprise-Grade ServerlessKatyShimizu
 

Similaire à Step-by-Step development of an Application for the Java Card 3.0TM platform (20)

General Principles of Web Security
General Principles of Web SecurityGeneral Principles of Web Security
General Principles of Web Security
 
Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)Mitigating Java Deserialization attacks from within the JVM (improved version)
Mitigating Java Deserialization attacks from within the JVM (improved version)
 
Curator intro
Curator introCurator intro
Curator intro
 
JavaFest. Nanne Baars. Web application security for developers
JavaFest. Nanne Baars. Web application security for developersJavaFest. Nanne Baars. Web application security for developers
JavaFest. Nanne Baars. Web application security for developers
 
Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019Let's write secure Drupal code! - DrupalCamp London 2019
Let's write secure Drupal code! - DrupalCamp London 2019
 
Mitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVMMitigating Java Deserialization attacks from within the JVM
Mitigating Java Deserialization attacks from within the JVM
 
Struts2 notes
Struts2 notesStruts2 notes
Struts2 notes
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
 
Lesson_07_Spring_Security_Register_NEW.pdf
Lesson_07_Spring_Security_Register_NEW.pdfLesson_07_Spring_Security_Register_NEW.pdf
Lesson_07_Spring_Security_Register_NEW.pdf
 
Struts2 - 101
Struts2 - 101Struts2 - 101
Struts2 - 101
 
Application Security
Application SecurityApplication Security
Application Security
 
How to make a high-quality Node.js app, Nikita Galkin
How to make a high-quality Node.js app, Nikita GalkinHow to make a high-quality Node.js app, Nikita Galkin
How to make a high-quality Node.js app, Nikita Galkin
 
Java EE 8 security and JSON binding API
Java EE 8 security and JSON binding APIJava EE 8 security and JSON binding API
Java EE 8 security and JSON binding API
 
Dependency Injection
Dependency InjectionDependency Injection
Dependency Injection
 
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
JDD 2016 - Michał Balinski, Oleksandr Goldobin - Practical Non Blocking Micro...
 
Ten useful JavaScript tips & best practices
Ten useful JavaScript tips & best practicesTen useful JavaScript tips & best practices
Ten useful JavaScript tips & best practices
 
Resiliency & Security_Ballerina Day CMB 2018
Resiliency & Security_Ballerina Day CMB 2018 Resiliency & Security_Ballerina Day CMB 2018
Resiliency & Security_Ballerina Day CMB 2018
 
Integrating Security Roles into Microsoft Silverlight Applications
Integrating Security Roles into Microsoft Silverlight ApplicationsIntegrating Security Roles into Microsoft Silverlight Applications
Integrating Security Roles into Microsoft Silverlight Applications
 
[NDC 2019] Functions 2.0: Enterprise-Grade Serverless
[NDC 2019] Functions 2.0: Enterprise-Grade Serverless[NDC 2019] Functions 2.0: Enterprise-Grade Serverless
[NDC 2019] Functions 2.0: Enterprise-Grade Serverless
 

Plus de Eric Vétillard

New Security Issues related to Embedded Web Servers
New Security Issues related to Embedded Web ServersNew Security Issues related to Embedded Web Servers
New Security Issues related to Embedded Web ServersEric Vétillard
 
Java Card Technology: The Foundations of NFC
Java Card Technology: The Foundations of NFCJava Card Technology: The Foundations of NFC
Java Card Technology: The Foundations of NFCEric Vétillard
 
Java Card Platform Security and Performance
Java Card Platform Security and PerformanceJava Card Platform Security and Performance
Java Card Platform Security and PerformanceEric Vétillard
 
Java Card in Banking and NFC
Java Card in Banking and NFCJava Card in Banking and NFC
Java Card in Banking and NFCEric Vétillard
 
First Steps with Java Card
First Steps with Java CardFirst Steps with Java Card
First Steps with Java CardEric Vétillard
 
Java Solutions for Securing Edge-to-Enterprise
Java Solutions for Securing Edge-to-EnterpriseJava Solutions for Securing Edge-to-Enterprise
Java Solutions for Securing Edge-to-EnterpriseEric Vétillard
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsEric Vétillard
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314Eric Vétillard
 
Java Card, 15 years later
Java Card, 15 years laterJava Card, 15 years later
Java Card, 15 years laterEric Vétillard
 

Plus de Eric Vétillard (9)

New Security Issues related to Embedded Web Servers
New Security Issues related to Embedded Web ServersNew Security Issues related to Embedded Web Servers
New Security Issues related to Embedded Web Servers
 
Java Card Technology: The Foundations of NFC
Java Card Technology: The Foundations of NFCJava Card Technology: The Foundations of NFC
Java Card Technology: The Foundations of NFC
 
Java Card Platform Security and Performance
Java Card Platform Security and PerformanceJava Card Platform Security and Performance
Java Card Platform Security and Performance
 
Java Card in Banking and NFC
Java Card in Banking and NFCJava Card in Banking and NFC
Java Card in Banking and NFC
 
First Steps with Java Card
First Steps with Java CardFirst Steps with Java Card
First Steps with Java Card
 
Java Solutions for Securing Edge-to-Enterprise
Java Solutions for Securing Edge-to-EnterpriseJava Solutions for Securing Edge-to-Enterprise
Java Solutions for Securing Edge-to-Enterprise
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314
 
Java Card, 15 years later
Java Card, 15 years laterJava Card, 15 years later
Java Card, 15 years later
 

Dernier

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 

Dernier (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 

Step-by-Step development of an Application for the Java Card 3.0TM platform

  • 1. Step-by-Step development of an Application for the Java Card 3.0™ platform Anki Nelaturu Eric Vétillard Sun Microsystems Trusted Labs
  • 2. 2 About the speakers > Eric Vétillard ● CTO of Trusted Labs ● Technical Chair, Java Card Forum > Anki Nelaturu ● Staff engineer, Java Card Technology Group, Sun Microsystems
  • 3. 3 Session objectives > Learn the basic principles of Java Card 3.0 ● Based on a small realistic application ● Step-by-step building of a first version ● Including typical smart card issues ● Security, performance, deployment > Discover the development tools ● Building a project ● Using the Reference Implementation
  • 4. 4 The Session at a Glance > An introduction to Java Card 3.0 > Writing a first application > Building and running the application > Making your application realistic > Further options > Deploying your application
  • 5. 5 Smart Card Characteristics > Smart cards are small ● Best in class have 32k RAM, 1M Flash > Smart cards are cheap ● A single chip, embedded in plastic > Smart cards are secure ● They are often used to manage sensitive assets > Smart cards are manageable ● Powerful remote app management tools
  • 6. 6 Why a Specific Platform? > Limited resources ● RAM is very scarce; object use is limited ● Flash memory is hard to access ● Computing power is limited > Specific requirements ● High level of security ● Several applications share the same VM ● Persistence is achieved through objects
  • 7. 7 Java Card 3.0 in One Slide > VM and core API based on CLDC ● Minus floating-point numbers and a few details ● Plus persistent objects ● Plus a firewall between applications ● Plus detailed permissions > A servlet application model ● Plus a legacy smart card application model
  • 8. 8 The First Application > A basic password manager ● Stores triplets made of ● An identifier (URL or simple string) ● A user name ● A password > Available through a Web interface ● Main application is a servlet
  • 9. 9 A Password Record package com.vetilles.passwords; public class PasswordEntry ; private String userName; private String password; public PasswordEntry(String userName, String password) { this.userName = userName; this.password = password; } public String getUserName() { return userName ; } public void setUserName(String userName) { this.userName = userName; } ...
  • 10. 10 A Password Manager package com.vetilles.passwords; import java.util.Hashtable; import java.util.Enumeration; import javacardx.framework.TransactionType; import javacardx.framework.TransactionTypeValue; public class PasswordManager ; private Hashtable<String,PasswordEntry> entries; public PasswordManager() { entries = new Hashtable(); } ...
  • 11. 11 A Password Manager ... @TransactionType(TransactionTypeValue.REQUIRED) public boolean addPasswordEntry (String id, String userName, String password) { if (entries.containsKey(id)) return false ; entries.put(id, new PasswordEntry(userName, password); return true ; } public PasswordEntry retrievePasswordEntry(String id) { return entries.get(id) ; } ...
  • 12. 12 A Password Manager ... @TransactionType(TransactionTypeValue.REQUIRED) public boolean deletePasswordEntry(String id) { return entries.remove(id) != null ; } public Enumeration<String> listIdentifiers() { return entries.keys() ; } }
  • 13. 13 Persistence basics > Persistence by reachability ● Reachability by a root of persistence ● Static field, servlet context, applet object ● All persistent objects stored in persistent memory > Guarantees on persistent objects ● Individual write operations are atomic ● All writes in a transaction are atomic
  • 14. 14 Transaction basics > Inspired from Java EE persistence ● With some specific details ● A smart card is not a database > Three basic principles ● The scope of the transaction is a method ● Commit occurs on normal return ● Abort occurs on exception exit
  • 15. 15 Transaction types > SUPPORTS ● By default, transaction optional > REQUIRED ● When a transaction is needed > REQUIRES_NEW ● For a separate transaction > MANDATORY, NEVER, NOT_SUPPORTED: ● For special cases
  • 16. 16 A Password Servlet package com.vetilles.passwords; import java.io.IOException; import java.io.PrintWriter; import java.util.Enumeration; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** A Simple Hello Servlet */ public class PassServlet extends HttpServlet { private static PasswordManager manager = new PasswordManager(); ...
  • 17. 17 A Password Servlet @Override public void doGet( HttpServletRequest request, HttpServletResponse response) throws IOException { // First interprets the command String command = request.getServletPath(); // Matches the possible incoming commands if (command.equals("/addentry")) addEntry(request, response); else if (command.equals("/retrieveentry")) retrieveEntry(request, response); else if (command.equals("/deleteentry")) deleteEntry(request, response); else if (command.equals("/listidentifiers")) listIdentifiers(request, response); }
  • 18. 18 A Password Servlet private void addEntry( HttpServletRequest request, HttpServletResponse response) throws IOException { boolean status = manager.addPasswordEntry( request.getParameter("id"), request.getParameter("name"), request.getParameter("pass")) ; PrintWriter out = startResponse(response); if (status) out.println(HTML_ADD_ENTRY_SUCCESS); else out.println(HTML_ADD_ENTRY_FAILED); finishResponse(response); }
  • 19. 19 A Password Servlet private static final String HTML_ADD_ENTRY_SUCCESS = "<p align="center">" + "Password entry added successfully" + "</p><br>"; private static final String HTML_ADD_ENTRY_FAILED = "<p align="center">" + "Password entry addition failed." + "</p>" + "<p align="center">" + "Identifier already in use." + "</p><br>";
  • 20. 20 A Password Servlet private PrintWriter startResponse( HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Set content type first response.setContentType("text/html"); // Uses RequestDispatcher to write the header RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/header.i"); dispatcher.include(request, response); // Get PrintWriter object to create response return response.getWriter(); }
  • 21. 21 A Password Servlet private void finishResponse( HttpServletRequest request) HttpServletResponse response) throws IOException { // Uses RequestDispatcher to write the footer RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/footer.i"); dispatcher.include(request, response); }
  • 22. 22 HTML file: header.i <html> <head><title>Password Manager</title></head> <body> <table><tr> <h1 align="center">Password Manager</h1><br> <td><a href="/pass/add.html">Add entry</a></td> <td><a href="/pass/retrieve.html"> Retrieve entry </a></td> <td><a href="/pass/delete.html"> Delete entry </a></td> <td><a href="/pass/listidentifiers"> List identifiers </a></td> </tr></table> <br><br>
  • 24. 24 Access Control > No access control ● The user must be authenticated > Container-managed authentication is possible ● BASIC authentication for simplicity ● FORM-based for more flexibility > Role-based security is available ● Access rights orthogonal to authentication
  • 25. 25 So ? > For Java Card 2.x developers ● Java Card 3.0 is a major breakthrough ● The servlet model is entirely new > For other Java developers ● Java Card 3.0 is more traditional ● Well integrated into standard tool chain ● NetBeans, debugger, etc.
  • 27. 27 What is Wrong with this Application? > Security ● Content is not well protected ● No protection against Web attacks > Performance ● Too much content going back and forth ● Card-specific optimizations
  • 28. 28 Why Protect the Content? > No separation in n tiers ● Data is stored by the presentation application > Smart cards are subject to attacks ● They are a Web server in the attacker's hands ● Attacks on the hardware are possible ● Observation and fault induction attacks > Content is sensitive
  • 29. 29 Secure Storage of Passwords > Issue 1: Upon deletion, passwords must be wiped ● How do you wipe a String? ● Persistent storage must be in a byte array > Issue 2: Passwords should be stored encrypted ● Once again, byte arrays are required > The PasswordEntry class needs some work ● Storage of passwords in encrypted byte arrays
  • 30. 30 Secure Storage of Passwords package com.vetilles.passwords; import javacard.security.DESKey ; import javacard.security.KeyBuilder ; import javacardx.crypto.Cipher ; import javacardx.crypto.RandomData ; public class PasswordEntry { private String userName; private byte[] password; private static DESKey theKey ; private static Cipher cipher ; public PasswordEntry(String userName, String password) { if (theKey == null) initCrypto() ; this.userName = userName; setPassword(password); }
  • 31. 31 Secure Storage of Passwords private static void initCrypto() { // Allocates the objects theKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); theKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); }
  • 32. 32 Secure Storage of Passwords public void setPassword(String pass) { byte[] bytes = pass.bytes(); password = new byte[bytes.length+9]; cipher.init(theKey,Cipher.MODE_ENCRYPT); password[0] = (byte)cipher.doFinal( bytes, (short)0, (short)bytes.length, password, (short)1 ); } public String getPassword() { byte[] bytes = new byte[password.length]; cipher.init(theKey,Cipher.MODE_DECRYPT); short len = cipher.doFinal( password, (short)1, password[0], bytes, (short)0 ); return new String(bytes,(short)0,len); }
  • 33. 33 Secure Communication > Several issues are present ● All data is transmitted in clear ● Master password is transmitted in clear > One simple solution: SSL ● Supported at the container level ● Not a single line of code ● Only constraint: manage the certificates
  • 34. 34 Web Security > Web applications have many security issues > See OWASP for a starting point ● In particular the “Top 10 Vulnerabilities” > Some countermeasures are required ● Input filtering ● Output canonicalization ● Proper session management
  • 35. 35 Validating Input private void addEntry( HttpServletRequest request, HttpServletResponse response) throws IOException { boolean status ; try { status = manager.addPasswordEntry( validateId(request.getParameter("id")), validateId(request.getParameter("name")), request.getParameter("pass")) ; } catch(Exception e) { sendError(response,e.getMessage()); return; } ... }
  • 36. 36 Validating Input private static final String otherChars = "-_@." ; private String validateId(String id) throws IOException { char[] chars = id.toCharArray() ; for(char c:chars) { if (Character.isDigit(c)) continue; if (Character.isLowerCase(c)) continue; if (Character.isUpperCase(c)) continue; if (otherChars.indexOf(c)!=-1) continue; throw new IOException("Invalid identifier string"); } // If we get here, all characters are acceptable return id ; }
  • 37. 37 Canonicalizing Output > The idea is to make the output innocuous ● Make sure that characters are not interpreted ● The following only works on ASCII characters private String encodeUnverifiedString(String str) { StringBuffer s = new StringBuffer(); char[] chars = str.toCharArray() ; for(char c:chars) { s.append("<span>#&" + Integer.toString(c) + ";</span>"); } return s.toString(); }
  • 38. 38 Communication Performance > Card communication remains slow ● Content production also has limits > Similar to other elements of the “Web of Things” ● Servers are less powerful than clients ● The work must be delegated to clients > Ajax can be used ● Limits the amount of communication ● Limits HTML overhead on the server side
  • 39. 39 Ajax on a Smart Card? > Ajax is an interesting technique ● It is entirely managed on the card ● It uses the client's resources > Aren't there security issues ? ● No, not really ● The browser must be trusted anyway
  • 40. 40 Performance Optimization Persistent memory private static void initCrypto() { // Allocates the objects theKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); theKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); }
  • 41. 41 Performance Optimization Persistent memory private static void initCrypto() { // Allocates the objects DESKey newKey = (DESKey)KeyBuilder.buildKey( "DES",KeyBuilder.LENGTH_DES3_2KEY, false); cipher = Cipher.getInstance("DES_CBC_ISO9797_M2", true); // Generates a random key value RandomData rnd = RandomData.getInstance("SECURE_RANDOM"); byte[] value = new byte[16] ; rnd.generateData(value, (short)0, (short)16); newKey.setKey(value); // Clears the key value before to return rnd.generateData(value, (short)0, (short)16); // Promotes the key to persistent memory theKey = newKey ; }
  • 42. 42 What more could we do ? > Manage the data in a separate application ● Use sharing to communicate > Add an APDU interface ● Work with legacy smart card applications > Manage our own authenticators ● Rather than use the platform's default ones > Backup our passwords ● Open a connection to a backup server
  • 43. 43 What about Deployment? > Many instances ● Not a single server ● Instead, millions of cards/objects > A mutualized server ● Several providers represented on the server ● Usually, one single issuer (the owner) ● Some resource allocation to manage
  • 44. 44 GlobalPlatform > Card management technology since 1999 ● Standards to deploy/manage applications ● Standards to manage relationships ● Between card issuers and application providers ● Including trusted third parties when needed > Currently being adapted to a Web model ● Update of application management ● Addition of new resources to be managed
  • 46. 46 Issuer-Centric Deployment > Current model for smart cards ● The issuer owns the card > Many deployment options ● The issuer manages all applications ● Simple and practical ● A third party needs to sign all applications ● Practical to enforce issuer policies ● Management can be delegated ● All operations may still be explicitly authorized
  • 47. 47 Alternative Deployment Scenarios > White card schemes ● Very similar to an issuer-centric scheme ● But the “issuer” is an association/public entity > Cardholder-owned cards ● Not the tendency for traditional cards ● Likely trend with smart objects > ...
  • 48. 48 GlobalPlatform Networked Framework > Adapts the existing model to the Web ● HTTP and SSL as transport ● ASN.1 as encoding > Supports specific Web application features ● Management of URIs ● Who can use the http://localhost:8019/google ? ● Management of realms and authenticators ● Who can use the “Visa” authentication realm?
  • 49. 49 Recap > Java Card 3.0 brings Web servers everywhere ● On cards and on other devices ● Using a very classical model > Of course, there is a catch ● Resources are severely limited ● Deployment needs to be carefully planned ● Applications and devices may be linked
  • 50. 50 Getting More Information > Spec and Development Kit ● java.sun.com/products/javacard ● Look at the samples ... > Blogs ● javacard.vetilles.com > Other sessions at JavaOne