Java Card Questions and Answers with Zhiqun Chen

By Ed Ort, October 2000    

The Java Developer Connection (JDC) recently asked its readers "Do you have a question about Java Card technology, the Java technology for smart cards?" The JDC took the best questions to Zhiqun Chen, a Java Card Technology expert, and a key member of Sun's Java Card engineering team. Here are her answers.

JDC: What is a smart card?

ZC: Smart cards are often called chip cards, or integrated circuit (IC) cards. The integrated circuit incorporated in the credit card-sized plastic substrate contains elements used for data transmission, storage, and processing. Usually, a smart card does not contain a power supply, a display, or a keyboard. To communicate with the outside world, a smart card is placed in or near a card acceptance device, which is connected to a computer. A card acceptance device is also called a reader or a terminal.

SmartCard image

JDC: What is Java Card technology and how does it differ from existing smart card technology?

ZC: Java Card technology enables programs written in the Java programming language to run in smart cards and other memory-constrained devices. It consists of three components, each defined in a specification:

  • The Java Card Virtual Machine 1 specification defines a subset of the Java programming language and virtual machine specification suitable for smart card applications.
  • The Java Card Runtime Environment specification describes Java Card runtime environment behavior. This includes memory management, application management, security enforcement, and other runtime features.
  • The Java Card Application Programming Interface (API) specification describes the set of core and extension Java Card packages and classes for programming smart card applications.

These three components provide a secure, vendor-independent, ubiquitous Java platform for smart cards. The Java Card platform nicely separates applications (called applets) from the proprietary technologies of smart card vendors, and provides standard system and API interfaces for applets. Through the Java Card API, applets are much easier to write and are portable across various smart card architectures.

Java Card technology is compatible with existing smart card technology. It conforms to the smart card international standard ISO 7816 to support the smart card memory model, communication protocol, and application execution model. A Java-enabled smart card communicates with a terminal using the ISO 7816 APDU protocol. In this way, Java Card technology is also compatible with the existing terminal technology.

JDC: Does Java Card 2.1.1 provide everything a developer needs to develop Java Card applets? Where can I find a Java Card demo and sample applets?

ZC: The Java Card 2.1.1 development kit is the latest Java Card product release. It includes the following components:

  • Java Card 2.1.1 Framework Classes
  • Java Card demo and sample applets
  • Java Card 2.1.1 Java Card Workstation Development Environment (JCWDE)
  • Java Card 2.1.1 Converter Tool
  • Java Card 2.1.1 ApduTool Utility

Using the toolkit, you can do a variety of things, such as:

  • Install and run the sample applets in the JCWDE
  • Convert the sample applet packages and build CAP files using the Converter tool
  • Develop your own Java Card applets

You can download the development kit from the Java Card product web site. You can find more details on the development kit in the Java Card 2.1.1 Development Kit Release Notes and in the Java Card 2.1.1 Development Kit User's Guide. Both are available in the download.

JDC: How do I test Java Card applets?

ZC: Java Card applets are written in the Java programming language. Java classes that make up an applet can be compiled using any Java compiler; this produces one or more class files. First run, test, and debug the applet in the Java Card workstation development environment (JCWDE). The JCWDE runs on a PC or a workstation. It simulates the Java Card runtime environment on a Java virtual machine 1 . The class files of the applet are executed in the JCWDE. In this way, the JCWDE can utilize many Java development tools (such as the virtual machine, the IDE, and the debugger) and allows you to test the applet's behavior. You can quickly see the applet's results without going through the conversion process. During this step, the overall functional aspects of the applet are tested. However, some of the Java Card virtual machine runtime features, such as applet firewall and the transient and persistent behavior of objects, cannot be examined through the JCWDE.

After you run, test, and debug the applet, use the Java Card converter to convert the class files of the applet that make up a Java package to a CAP file. If the applet requires several packages to run, a CAP is converted from each package.

Next, load and test the CAP file(s) that represent the applet in a Java Card simulator. The simulator also implements the Java Card runtime environment on a PC or a workstation. However, the simulator is a more sophisticated testing tool. It encompasses a Java Card virtual machine implementation. In this development phase, not only is the applet further tested, but also the runtime behavior of the applet is measured. The simulator also comes with a debugger that allows you to set breakpoints, or "single-step" the program, watching the execution state of the applet change in the simulated Java Card runtime environment.

A smart card communicates with the outside world using the APDU protocol. In the testing/simulated environment, the APDU tool is used to send APDU commands to the JCWDE or to the simulator via a socket connection. Each APDU is processed by the JCWDE (or the simulator) and the result is returned to the APDU tool, which displays both the command and response APDUs on the console.

The JCWDE and the APDU tool are included in the Java Card 2.1.1 development kit. As I mentioned in a previous answer, you can download the development kit from the Java Card Web site. The Java Card simulator will be available to licensees soon.

JDC: What are the smart card applications in the wireless industry?

ZC: Smart cards are primarily used in GSM and are planned for use in the next wireless standards (3GPP). GSM, which stands for Global System for Mobile Communications, is a digital cellular radio network operating in over 200 countries, world-wide. It provides almost complete coverage in western Europe, with growing coverage in the Americas, Asia and elsewhere.

A GSM wireless phone has a subscriber identity module (SIM) card, which is a smart card with a much smaller plastic substrate to fit into the slot inside the phone. The SIM card identifies the user and provides encryption keys for digital voice transmission. It is very difficult to intercept telephone numbers and illegally program them into wireless phones. The key generated by the SIM card for encryption is temporary and changes with each use. So, even if a GSM transmission could be decrypted, it would be useless for the next transmission. Because the user's identity is programmed into the SIM card, the user is not confined to using one phone, he or she can use any GSM compatible phone that accepts the SIM card. A subscriber gets a SIM card from the service provider and inserts it into a phone that can be purchased or leased separately.

As wireless communication gains wide acceptance, the role of wireless phones will go much further than voice transmission. GSM operators are competing to provide value-added services to retain a competitive edge. These value-added services include mobile banking, mobile commerce, web-access and so on, which all rely on smart cards to verify the subscriber's identity and ensure security in data transmissions.

The European Telecommunications Standards Institute (ETSI), the organization that creates GSM standards, has adopted Java Card technology for inclusion in the SIM card. GSM standard 03.19 defines a Java API for developing GSM applications that run on the Java Card platform. The GSM Java API is an extension to the Java Card 2.1 API.

JDC: What is the licensing agreement for Java Card technology? Is it available under Sun's community source license?

ZC: Java Card is not available under Sun's community source license. The Java Card specifications, API, and development tool kit are released to the public. If you are interested in licensing the technology for commercial use, please send email to javacard-biz@sun.com.

JDC: Where is Java Card technology headed? In particular, what improvements are being considered for the next Java Card technology release?

ZC: The next release (2.1.2) will be available early next year. It is a maintenance release that includes bug fixes, tools enhancements, and specification clarifications. Part of the release includes a new development component: the Java Card off-card verifier. The verifier provides functionality for verifying CAP files and export files. It ensures that these files have the correct format and conform to the Java Card Virtual Machine specification.

In addition, Sun and Metrowerks are collaborating to integrate the Java Card development components with Metrowerks' CodeWarrior Integrated Development Environment.

Additional Resources

Java Card Technology
This page has links to articles, news items and downloads pertinent to Java Card technology.

Java Card Technology for Smart Card: Architecture and Programmer's Guide by Zhiqun Chen
This book is a comprehensive guide to developing applications with Java Card technology. It introduces the Java Card platform, describes Java Card programming concepts, and guides you in developing Java Card applets.

Java Card forum
This is a good place to post questions about Java Card technology and get answers from the JDC community.



1 As used in this document, the terms "Java virtual machine" or "JVM" mean a virtual machine for the Java platform.

Rate and Review
Tell us what you think of the content of this page.
Excellent   Good   Fair   Poor  
Comments:
Your email address (no reply is possible without an address):
Sun Privacy Policy

Note: We are not able to respond to all submitted comments.