Upload
duncan-mcneil
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Multi-Application in Smart Card-based
DevicesChristophe Colas, [email protected]
Chief Software ArchitectAugust 2002
2
Smart Card Systems
Card Personalization / Issuance
Back-end Systems
Card Accepting Devices
Post-Issuance Transactions (1)
Post-Issuance Transactions (2)
Smart Card
3
Smart Card Systems (2)3 Types of Processing Units
Smart CardCard Accepting Devices (CADs)Back-end Systems
Complete Application split into these Processing Units
4
GlobalPlatform Key Focus Portability and Management of Applications
across Smart Cards (Card Committee) Smart Card Management System (System
Committee) Smart Card + Back-end Systems
Portability and Management of Application across CADs (Device Committee)
The remainder is strongly application specific…
5
Smart Card Systems and GP
Card Personalization / Issuance
Back-end Systems
Card Accepting Devices
Post-Issuance Transactions (1)
Post-Issuance Transactions (2)
Smart Card
6
CAD Issues
More and more Variety of Devices e.g. User Interface, Communication
Devices are getting more ComplexMultiplication of Development for
Different Types of PlatformsLonger Certification Process
7
GlobalPlatform Device Objectives
Reduce Development and Certification Cost
Preserve Application Software Investments Offer independence from Hardware
providers Enable easy addition of new services to
final customers Facilitate secure remote maintenance in
multi-application environment
8
GlobalPlatform Device Committee Deliverables
GlobalPlatform Device Framework (GPDF) 2.0For Device Application DevelopmentProvides Application Architecture and
APIsBased on Java technology
Application Installation and Security
9
GlobalPlatform Device Framework
Based on STIP Technology Minimum Java Runtime Definition Basic Programming Pattern Basic Platform Service Definition
e.g. smart card slot API, cryptography API, data storage API
Multi-Application Environment Designed for Secure-based transactions
Application Firewalling Controlled Access to Device Resources
10
Application Portability Full Portability of a Complete Device
Application for Different Types of Devices is impossible! e.g. User Interface or communication means are
too much different Is possible only
Portability of a module of the Application across several Types of Devices (the Invariant)
Horizontal Interoperability GPDF CLC Concept
Portability of the complete application for a given sets of device types
Vertical Interoperability e.g. STIP EFT/POS Profile
11
GPDF Application Architecture
Application split intoPlatform and Environment-independent
moduleKernel of the application with Device AbstractionContains Application Logic, which is Invariant to
the Device and Environment= Core Logic Component (CLC)Portable across all Types of Devices (e.g. GSM
phones, PDAs, EFT/POS terminals, Set-top boxes, …)
Platform and Environment ModuleCustomize the Kernel
to the Device To the Environment (e.g. country, local rules, …)
Mainly for User Interface and Communications
12
GPDF 2.0 ArchitectureBusiness Logic Layer
Core Logic Layer
EnvironmentLayer
STIP Technology Core Framework
BasicDevice
Services
GPDF
Platform
CLCModule
UserInterface
Communi-cation
…
Dev
ice
Ap
plic
atio
n
EventEngine
Storage
Crypto-graphy
Smart CardReader
…
Java Virtual MachineOther
Technologies
Device AbstractionServices
13
Device Application Secure Provisioning
Distribution Format Security at the Distribution Level
Authenticity and Integrity Association with Platform Service Access
Rights
Work in progress with GlobalPlatform and STIP Draft in Fall 2002
14
Ingenico Commitment To Open Technologies
Since 1998, Ingenico is working on standardization of open and interoperable technologies and focused at first on terminal environment
Founding member and active participation in consortiums
Java Environment Development for Secure Devices with small memory footprint
FINREAD EmbeddedFINREAD
15
Ingenico Products New 32-bit Terminal Family supporting
Open Platform Technologies Open Platform components
Embedded JVM supporting JEFF ISO Standard
JEFF is a highly optimized Java executable format for embedded systems to reduce memory footprint
STIP 2.1, GPDF 2.0 and FINREAD INGEODE
INGEnico Open Development Environment
16
Thank you!Any questions?
Ingenico’s payment solution for the 21th century !
Ingenico’s payment solution for the 21th century !