Newsletter sign-up
View all newsletters

Enterprise Java Newsletter
Stay up to date on the latest tutorials and Java community news posted on JavaWorld

JavaWorld.com > Java Standard Edition >

Understanding Java Card 2.0

Learn the inner workings of the Java Card architecture, API, and runtime environment

By Zhiqun Chen and Rinaldo Di Giorgio, JavaWorld.com, 03/01/98

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone
This article begins with an overview of smart cards and a brief review of ISO 7816, the smart card standard. Given the background on smart cards in previous Java Developer columns, this installment will begin with an answer to the question, "What is a Java Card?" and an overview of the Java Card system architecture. Next, we'll focus on the many issues specific to the Java Card, including the Java Card lifecycle; the Java Card 2.0 language subset and API library classes; and Java Card security. Then we'll discuss the Java Card runtime environment and show how a Java Card runs. We'll close with an illuminating example: An electronic wallet application written just for the Java Card.

From here on, all references to Java Card implicitly refer to the Java Card 2.0.

What is a smart card?

Identical to the size of a credit card, a smart card stores and processes information through the electronic circuits embedded in silicon in the plastic substrate of its body. There are two basic kinds of smart cards: An intelligent smart card contains a microprocessor and offers read, write, and calculating capability, like a small microcomputer. A memory card, on the other hand, does not have a microprocessor and is meant only for information storage. A memory card uses security logic to control the access of memory.

All smart cards contain three types of memory: persistent non-mutable memory; persistent mutable memory; and non-persistent mutable memory. ROM, EEPROM, and RAM are the most widely-used memory for the three respective types in the current smart cards. Persistent memory is also called non-volatile memory. We will use the terms persistent and non-volatile interchangeably in this article.

ISO 7816 part 1-7, defined by International Standard Organization, contains a set of standards that covers various aspects of smart cards. ISO 7816 consists of:

  • Physical characteristics (part 1)

  • Dimensions and location of the contacts (part 2)

  • Electronic signals and Transmission protocols (part 3)

  • Inter-industry commands for interchange (part 4)

  • Application identifiers (Part 5)

  • Inter-industry data elements (Part 6)

  • Inter-industry commands for SCQL (Part 7)



The following diagram illustrates the physical characteristics of a smart card, which are defined in ISO 7816, part 1.

For more on ISO 7816 and smart cards, see "Smart cards: A primer."

Normally, a smart card does not contain a power supply, a display, or a keyboard. It interacts with the outside world using the serial communication interface via its eight contact points. The dimensions and location of the contacts are covered in part 2 of ISO 7816. This diagram shows the contacts on a smart card.

A smart card is inserted into a Card Acceptance Device (CAD), which may connect to another computer. Other terms used for the Card Acceptance Device are terminal, reader, and IFD (interface device). They all provide the same basic functions, namely to supply the card with power and to establish a data-carrying connection.

When two computers communicate with each other, they exchange data packages, which are constructed following a set of protocols. Similarly, smart cards speak to the outside world using their own data packages -- called APDU (Application Protocol Data Units). APDU contains either a command or a response message. In the card world, the master-slave model is used whereby a smart card always plays the passive role. In other words, a smart card always waits for a command APDU from a terminal. It then executes the action specified in the APDU and replies to the terminal with a response APDU. Command APDUs and response APDUs are exchanged alternatively between a card and a terminal.

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone
Comments (4)
Login
Forgot your account info?

thksBy Anonymous on February 11, 2010, 5:38 amgob bless ya

Reply | Read entire comment

Real very good Article.By Anonymous on February 5, 2010, 9:59 amReal very good Article.

Reply | Read entire comment

a real lessson for beginnersBy Anonymous on January 15, 2010, 12:02 amThe basic concepts here are explained in the simplest form. Umesh Tripathi. Bangalore.

Reply | Read entire comment

Great tutorial...thxBy Anonymous on April 24, 2009, 7:44 amGreat tutorial...thx

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a JavaWorld account? Log in here. Register now for a free account.
Resources
  • The first article in the Java Developer series on smart cards is "The smart card primer" http://www.javaworld.com/jw-12-1997/jw-12-javadev.html
  • For Java Card-related business opportunities, see "Giving currency to the Java Card API" http://www.javaworld.com/javaworld/jw-02-1998/jw-02-javacard.html
  • For developing applications based on the Java Card 1.0 API, see "Get a jumpstart on the Java Card" http://www.javaworld.com/javaworld/jw-02-1998/jw-02-javadev.html
  • Java Card Web site Javasoft http://java.sun.com/products/javacard/
  • Java commerce Web site http://java.sun.com/products/commerce/
  • Many thanks to Joshua Susser, the Java Card technical lead at Javasoft, for reviewing this article and providing technical guidance.