| Java Card is a kind of smart card which can run Java programs.It perfectly combines the smart card technique with Java language and it also defines the standard API and runtime environment. Java Card is becoming the mainstream in the network period for its advantages such as multi-application support , good security characteristic , Object-oriented programming environment, dynamic application downloads and so on. It also supports applications developed by different developer to be saved in one card. These excellences make the use of Java Card more and more broadly:from the bank's debit-credit card, the medical treatment card storing the personal treatment information, to the SIM card used in the cellphone. The use of Java Card has almost come down to all areas.Corresponding to the sharp ascent of the Java Card's need, the chance that it is assaulted in the form of being lawlessly invaded, modified and intercepted, will be much more. Because there are generally highly sensitive informations saved in the card such as personal ID numbers,fingerprints,private keys,accounts and so on. a sound security mechanism is needed to protect these informations from being lawlessly gotten. So in the recents years, researches on security of the Java Card system platform has attracted more and more attentions. But researches on the security are more about the card's security, less about the server's .This paper is going to do research and analyse on the server platform especially on its security.This paper first introduces basic technology, as well as the relevant protocol specification PKI and encryption technology introduction of Java Card platform. It also analyses the current security problems that the Java Card platform is faced with. Then it analyses the hidden trouble existing in the Java Card platform especially in the server part. On this basis, combining with the current security problems faced by the smart card service, a kind of server-side management platform framework is brought forward in this paper. It follows the GlobalPlatform specification and supports multi-application services. It implements the server part's security management and the secure communication with the card part. Some technology such as PKI. mixed keys, digital envelope, digital signature, news summary and so on are put forward to be used in the scheme. And dynamic encryption is going to be adopted in the communication process in this framework. According to the Java Card protocol,as well as considering some special demands that applications are to be developed on the platform, atomicity and transactions mechanism and Applet firewall and shareable mechanism are proposed to be intoduced to manage and maintenance the system in the server side. Multi-key system is advised to be introuced to manage users with different roles according to different privileges which means that a set of keys is used to encrypt data and another one used on the identification. |
PDF Full Text Request