Description
As a working tool for professionals, this easy-to-understand resource provides you with a clear, comprehensive guide to smart cards, credit and debit cards, Java Card and OpenCard Framework (OFC). You get in-depth coverage of important standards, open specifications and critical security issues, including common threats and security mechanisms regarding the card and its connection interface. The book shows you how to program Java Card cardlet, OCF card service, and Terminal application. You learn how OpenCard Framework is structured, and how it communicates with a smart card. This innovative resource explains how to use OpenCard Framework applets to provide a number of additional features for Internet applications dealing with smart cards. What 's more, the book presents an informative case study on the credit/debit application, offering a detailed roadmap of the application development process.
Table Of Contents
Smart Card Basics - Logic of Integrated Circuit Cards. Communication Interface of Integrated Circuit Cards. Smart Card Operating Systems. Smart Card Life Cycle. Integrated Circuit Card Standards.; Security Issues - Symmetric Cryptography. Asymmetric Cryptography. Authentication. Smart Card Security. Known Attacks on Smart Cards. System Security. Security Evaluation Criteria.; File Structure and Commands - File structure of integrated circuit cards. Command Structure of Integrated Circuit Cards. Examples of Smart Card Commands. Cryptographic Authentication and Secure Messaging.; ISO 7816 Smart Card Communication - Answer to Reset. T = 1.; Card Readers and Card Terminals.; Related Technologies.; Debit and Credit Cards - Relevant Specifications. EMV Transaction. EMV 2000 Details.; Java Card Basics - Java Card Architecture. Differences from Java. Java Card Applet. References.; Deployment of Java Card Technology - Java Card Forum. SIM Application Toolkit. Visa Open Platform. References.; Java Card Security - Java Card Language Subset Security. Card Applet Security Mechanisms. Java Card Crypto APIs. References.; Application Development - Java Card API. Existing Implementations.; OCF Basics - Smart Card Applications. The OpenCard Framework. The OpenCard Consortium. OCF Architecture Overview. PC/SC. OCF versus PC/SC. Other Card Terminal APIs.; OCF Structure - OCF Card Terminal Layer. OCF Card Service Layer. OCF Security. OCF-Card Terminal Communication. OCF and Java Card Applets. ; Case Study Overview- Sample Application Functionality. Security Functions. Application Design. ; Java Card Applet Development - Applet Architecture. EMVPurse class. Class EMVdemo. Class EMVFileSystem. ; OCF Card Service Development - Setting up the environment. The Properties File and the Factory. The Card Service. Terminal Application - Startup and Shutdown. Processing Options and Restrictions. Dynamic Data Authentication. Terminal risk management.Verification of the Result.; Conclusions.; Appendix A Card Applet Source Code. Appendix B OCF Reference Manual. Abbreviations.; Author Information.;
Author
-
Mikhail Gordeev
Mikhail Gordeev is a research assistant at the Institute of Computer Technology of the Vienna University of Technology. Dr. Gordeev holds an M.Sc. in computer science from Perm State Technical University, Russia and a Ph.D. in electric engineering and information technology from the Vienna University of Technology.
-
Vesna Hassler
Vesna Hassler is a member of A-SIT (Secure Information Technology Center, Austria). She received her B.Sc. and M.Sc. degrees in Electrical Engineering from Zagreb University (Croatia), and her Ph.D. degree from Graz University of Technology (Austria). Dr. Hassler is the author of Security Fundamentals for E-Commerce (Artech House, 2001) and has published a number of conference and journal papers on cryptography, network security, payment systems, and smart cards
-
Martin Manninger
Martin Manninger is the manager of smart card projects at Austria Card, Ltd. He holds his M.Sc. in economics and informatics from the University of Vienna, and a Ph.D. in electrical engineering from Vienna University of Technology.
-
Pedrick Moore
Pedrick Moore is a currently an independent language consultant. She holds a B.A. in German from the University of Virginia.
-
Christoph Muller
Christoph Muller currently works for Xsoft GmbH. His recent research activity includes OpenCard Framework and smart cards. He holds an M.Sc. in informatics from Vienna University of Technology.