Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home IT Management
    • IT Management

    Java Card Update Shows Full Hand of IT Issues

    Written by

    Peter Coffee
    Published November 19, 2003
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      With Mondays announcement of the Java Card 2.2.1 specification, Sun Microsystems Inc. demonstrates that the fundamental issues of next-generation IT apply across the entire spectrum of devices—from the largest server farms, to the richest desktop and portable clients, all the way down to the most minimal device that can still carry executable content. No matter where the work is being done, it has to conform to concerns about security, connectivity, standards and productive application development.

      A Java Card is a form of smart card: that is, a package with the physical characteristics of a standard credit card, embedding the needed hardware for active on-board processing of stored data and for exchange of data with other devices. Specifically, a Java Card is a smart card that provides a Java run-time environment meeting certain guarantees for portability of code across all devices conforming to that specification.

      A Java Card gets important capabilities by being able to execute algorithms, instead of just storing data in the manner of a magnetic stripe or other non-volatile memory. For example, it can participate in cryptographic transactions using “secret in plain sight” techniques like a Diffie-Hellman exchange. The 2.2.1 specification adds AES and elliptic curve cryptography support for high-level access by application developers.

      Because Java Cards, and smart cards in general, are produced and distributed in quantity with an eye toward minimum cost, its vital that their security be designed—but not expensively overdesigned—to stand up against both logical and physical attack. The additional security of Java, as Ive noted before, derives as much from whats left out as from what the Java platform includes.

      I spoke with Suns Java Card business unit director, Peter Cattaneo, just before the 2.2.1 announcement, and he put this issue in vivid perspective. “If anyone tries to tell you that other approaches to programming smart cards can also be secure,” he observed, “thats well and good—but if you explode the state space of the things that you have to prove by three orders of magnitude, it will be obsolete before you finish.” Theres a big difference between the possibility of security on the one hand, and the feasible provability of security on the other: I know which one I want.

      And no IT node, however compact or resource-constrained, should fail to take (or at least attempt to take) this kind of responsibility for the protection of its data and its transactions.

      The 2.2.1 specification also adds support for wireless communication standards: this reflects the momentum of wireless, in particular, and also the overwhelming importance of non-proprietary standards in general as foundations for all future IT initiatives.

      Also provided in Java Card 2.2.1 are memory space optimization tools. Java Cards can be packaged as single-function devices, and the new Java Card S program thats part of the 2.2.1 update defines devices that bar the addition of new Java applets to a card; many applications of this technology benefit, though, by letting users and their service providers add code dynamically to a card already in the users possession. The new Java Card specification also continues the trend that Java arguably began toward reducing error-prone, often insecure manual management of the memory resource.

      My conversation with Suns Peter Cattaneo concluded on an important note for enterprise developers. “The technical barriers are down to close to zero,” Cattaneo said, in terms of being able to use Java Cards to carry code from many different providers on a single device and to use that code for any number of different secure transactions. “The barrier, really, is which parties will trust which others.” Developing key partner relationships, and agreeing about how to establish and share trust so that customers enjoy both security and convenience, is the difference between possibility and fact: that makes Java Cards a target-rich environment for the strategically oriented enterprise development team.

      Discuss This in the eWEEK Forum

      Tell me what youd like to run on a Java Card.

      Peter Coffee
      Peter Coffee
      Peter Coffee is Director of Platform Research at salesforce.com, where he serves as a liaison with the developer community to define the opportunity and clarify developers' technical requirements on the company's evolving Apex Platform. Peter previously spent 18 years with eWEEK (formerly PC Week), the national news magazine of enterprise technology practice, where he reviewed software development tools and methods and wrote regular columns on emerging technologies and professional community issues.Before he began writing full-time in 1989, Peter spent eleven years in technical and management positions at Exxon and The Aerospace Corporation, including management of the latter company's first desktop computing planning team and applied research in applications of artificial intelligence techniques. He holds an engineering degree from MIT and an MBA from Pepperdine University, he has held teaching appointments in computer science, business analytics and information systems management at Pepperdine, UCLA, and Chapman College.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.