| Java Card is the Smart Card which contains a microprocessror and processes Java programs.The technology combines Smart Card and Java. As it deepens the applications of Java,the Java Card overcomes the obstacles of disadvantages such as the needed technology of developing the hardware and software too professional, the research cycle too long. It allows the applied programs written by Java to run on the Smart Card hardware and other restrained stored devices. Java Card technology establishes a safe, convenient and multifunctional platform which integrates the excellence of Java.With the widely used of Java Card, its security becomes a very important factor. The goals of this paper will research the Java Card deeply, and analyze its security. It puts forward some designs which can be put into practice.Firstly,on the base of the systemic research, the paper analyzes the Java Card from three aspects.1. Firewall and Shareable ObjectJava Card provides the safe running environment for the applications by the firewall mechanism. The applications on the card are separated by the firewall,in order to be independence with others. It offers the control of storage data which contains the shareable objects to prevent the safe questions in the developing process.The paper introduces the two mechanisms and discuss some questions which encountered in practice.2. Garbage collectionNow the bottleneck of Java Card technology is that the hardware environment is too small to run applications. And it makes the running performance improve slowly. So the effective use of the memory is very important. Garbage collection is the feature of Java, especially to Java Card. It not only makes the Java Card programming simply, but also realizes the dynamically memory releasing. This paper brings forward the suited garbage collection mechanism on the base of the present research.3. Transaction-controlling mechanismAtomicity means that when the programming is wrong or electricity is broken, the data will be updated entirely or not at all in order not to leave uncertain data. JCRE supports the atomicity of the transaction strongly. So if the transaction is not finished, the data on the card will go to the state before the transacting. This mechanism ensures that the unexpected break will not happen during the transaction.Then the paper introduces the concepts of the Opencard Framework and Global Platform. The thesis also explains the structure of the Opencard Framework and the Global Platform's secure mechanism of downloading,including key management, APDU command implementation and so on.Some improved solutions have been put forward according to the analyse.According to the referenced data, two new models have been realized based on the analysis above:1. The model of encryption and signatureThe self security of Java Card shows on the protection of the data. The packages of the Javacard.security and Javacardx.cryptos provide the current encrypted algorithms and technology such as symmetrical algorithm,asymmetric cryptography, digital signature,pin and so on. This paper introduces the concept of combined public key and put forward a mixed secret key system (AES. ECC,EC Signature algorithm). The system can keep secrete and make signature. On the base of the mixed secret key system, the classes' module and the flow charts have also been designed.2. Security modelBased on the principle of Java Card,a solution for secure Java platform is proposed and implemented.This solution enable different off-card entities to implement security management for on-card content by means of dividing authentication levels of different key sets and providing security channel on the base of the management and application of key sets.The paper achieves two innovations: 1. introduce the concept of combined public key and realize the mixing secret key system (AES, ECC, EC Signature algorithm) in the Java Card, which optimize the related algorithms; 2. implement a key-management Java Card security model. |
PDF Full Text Request