Java Card

The RISC-V True Random Number Generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the Entropy Source (ES) component away from cryptographic DRBGs into a separate privileged interface, and in its use of polling. The modular approach is suitable for the RISC-V hardware IP ecosystem, allows a significantly smaller implementation footprint on platforms that need it, while directly supporting current standards compliance testing methods. We describe the interface, its use in cryptography, and offer additional discussion, background, and rationale for various aspects of it. The design was informed by lessons learned from earlier mainstream ISAs, recently introduced SP 800-90B and FIPS 140-3 entropy audit requirements, AIS 31 and Common Criteria, current and emerging cryptographic needs such as post-quantum cryptography, and the goal of supporting a wide variety of RISC-V implementations and applications. Many of the architectural choices result from quantitative observations about random number generators in secure microcontrollers, the Linux kernel, and cryptographic libraries.

The Java dialect Java Card for programming smartcards contains some features which do not exist in Java. Java Card distinguishes persistent and transient data (data stored in EEPROM and RAM, respectively). Because power to a smartcard can suddenly be interrupted by a so-called card tear, by someone removing the smartcard from the reader, Java Card provides a notion of transaction to ensure that updates of multiple fields in persistent memory can be performed atomically. This paper describes a way to reason about these Java Card specific language features.

This paper describes a case study in refining an abstract security protocol description down to a concrete implementation on a Java Card smart card. The aim is to consider the decisions that have to be made in the development of such an implementation in a systematic way, and to investigate the possibilities of formal specification and verification in the design process and for the final implementation.

Ahead-of-Time and Just-in-Time compilation are common ways to improve runtime performances of restrained systems like Java Card by turning critical Java methods into native code. However, native code is much bigger than Java bytecode, which severely limits or even forbids these practices for devices with memory constraints. In this paper, we describe and evaluate a method for reducing natively-compiled code by suppressing runtime exception check sites, which are emitted when compiling bytecodes that may potentially throw runtime exceptions. This is made possible by completing the Java program with JML annotations, and using a theorem prover in order to formally prove that the compiled methods never throw runtime exceptions. Runtime exception check sites can then safely be removed from the generated native code, as it is proved they will never be entered. We have experimented our approach on several card-range and embedded Java applications, and were able to remove almost all the exception check sites. Results show memory footprints for native code that are up to 70% smaller than the non-optimized version, and sometimes as low than 115% the size of the Java bytecode when compiled for ARM thumb.

A new fast stream cipher, MAJE4 is designed and developed with a variable key size of 128-bit or 256-bit. The randomness property of the stream cipher is analysed by using the statistical tests. The performance evaluation of the stream cipher is done in comparison with another fast stream cipher called JEROBOAM. The focus is to generate a long unpredictable key stream with better performance, which can be used for cryptographic applications. Keywords-cryptography, stream cipher, pseudo random number generator (PRNG)

Permission is granted for you to make copies of this manual for educational and scholarly purposes, and for commercial use in specifying software, but the copies may not be sold or otherwise used for direct commercial advantage; this permission is granted provided that this copyright and permission notice is preserved on all copies. All other rights reserved. Version Information: @(#) $Id: jmlrefman.texinfo,v 1.235 2008/07/17 20:40:09 wdietl Exp $ i

The use of formal methods can significantly improve software quality. However, many instructors and students consider formal methods to be too difficult, impractical, and esoteric for use in undergraduate classes. This paper describes a method, used successfully at several universities, that combines ninja stealth with the latest advances in formal methods tools and technologies to integrate applied formal methods into software engineering courses.

Design by Contract (DBC) is an oft-cited, but rarely followed, programming practice that focuses on writing formal specifications first, and writing code that fulfills those specifications second. The development of static analysis tools over the past several years has made it possible to fully embrace DBC in Java systems by writing, type checking, and consistency checking rich behavioral specifications for Java before writing any code. This paper discusses a DBCbased, verification-centric software development process for Java that integrates the Business Object Notation (BON), the Java Modeling Language, and several associated tools including the BON compiler BONC, the ESC/Java2 static checker, a runtime assertion checker, and a specification-based unit test generator. This verification-centric process, reinforced by its rich open source tool support, is one of the most advanced, concrete, open, practical, and usable processes available today for rigorously designing and developing software systems.

Abstract: ESC/Java2 is a tool for statically checking program specifications. It expands significantly upon ESC/Java, on which it is built. It is consistent with the definition of JML and of Java 1.4. It adds additional static checking to that in ESC/Java; most significantly, it adds support for checking frame conditions and annotations containing method calls. This document describes the status of the final release of ESC/Java2, along with some notes regarding the details of that implementation. Keywords: Behavioral interface specification, ...

The nonterminal java-literal represents Java literals which are taken without change from Java [Gosling-Joy-Steele96]. Various authors refer to "model types" when they really mean "types with modifier pure that are used for modeling." Such a usage is contrary to JML's notion of a type with a model modifier. The following is the syntax of modifiers.

Security requirements are more demanding in the e-commerce domain. However, mobile e-commerce settings not only insist on security requirements, they also require balance between security levels and hardware and usability device ability. These features require designing models having simple authentication and authorisation scheme which also ensures information integrity for each e-transaction. The Mobile and Wireless Applications’ Development Interest Group W@Pcolombia thus developed the P3SIM platform so that mobile applications might include SIM parameter-based security features. The P3SIM platform’s framework and compilation and simulation settings combines the advantages of identification provided by the SIM module with the security features provided by SATSA and Java Card APIs for Java ME environments, one of the most-used platforms for mobile application development. Developing an m-commerce-based prototype not only shows the platform's ability to operate in secure environ...

Java is a popular development platform for mobile code systems. It ensures application portability and mobility for a variety of systems, while providing strong security features. The intermediate code (byte code) allows the virtual machine to verify statically (during the loading phase) that the program is well-behaved. This is done by a software security module called the byte code verifier. Smart Cards that provide a Java Virtual Machine, called Java Card, are not supplied with such a verifier because of its complexity. Alternatives are being studied to provide the same functionality outside the card. In the present paper, we propose to integrate the whole verifier inside the smart card. This ensures that the smart card becomes entirely autonomous, which allows full realization of smart cards potential as pervasive computing devices. Our verifier uses a specialized encoding and a software cache with a variety of cache polices to adapt to the hardware constraints of smart card. Our experimental results confirm the feasibility of such a security system being implemented in a smart card.

Java is the ideal development platform for mobile code systems. It ensures application portability and mobility for a variety of platforms, while providing strong security features. The intermediate code (byte code) allows us to verify statically (i.e. during loading phase) that the program is trustworthy. This is done by a software security module called the byte code verifier. Given the

In this paper we present a methodology and protocol for establishing a security context between a Mobile Operator's application server and a GSM/UMTS SIM card. The methodology assumes that the already issued Mobile Station is capable but unprepared. The proposed scheme creates a secure entity within the Mobile Station "Over The Air" (OTA). This secure entity can then be used for subsequent SIM authentications enabling m-Commerce, DRM or web service applications. To validate our proposal we have developed a proof of concept model to install and execute the security context using readily available J2ME, Java Card, J2SE and J2EE platforms, with the KToolBar MIDP2.0 emulator tool from Sun, and a Gemplus Java Card.

The use of certificates for secure transactions in smart cards requires the existence of a secure and efficient revocation protocol. There are a number of existing protocols for online certificate revocation and validation, among which OCSP and SCVP are the most widely used. However there are not any real applications testing the efficiency of these protocols when run in a smart card, even though the advantages of such an inlplementation are promising. In this paper we examine the details of the implementation of these protocols, emphasising on the issues arisen from the limitations of the smart cards. We also discuss the performance results from the implementation of OCSP and SCVP in a multi-application smart card environment. Results from two different Java Card platforms are presented and analyzed.

Digital content providers seek to restrict usage by implementing conditional access. One such scenario is the security aspects of digital video broadcast (DVB-S). There has been a history of attacks on this technology to circumvent any security measures and some techniques have been countered by the deployment of customised/provider specific receivers. However, this leads to less choice and the duplication of equipment at the customer level. Open satellite receivers have been introduced to allow a single user to access several different services from a single piece of receiver equipment. These boxes provide a highly configurable environment with software emulations of conditional access systems that is open to abuse. The internet has allowed communities with in-depth expertise to grow up around open receiver equipment; effectively communicating attack methods as they evolve. A new level of emerging attack is a card sharing by which one legitimate user colludes to provide protected content to a larger group of illegitimate users. In this paper we propose countermeasures to protect DVB-S content against this species of attack by enforcing behavioural contracts and correct usage guidelines within the smart card. 1

The advent of smartphones and the flexibility to have multiple applications serving the user's needs, has started a convergence of different services into a single device. Traditional services provided by mobile phones like voice and text communication became secondary to other domains like Online Social Network (OSN) and entertainment applications on smartphones. A similar trend is also happening for smart card services, in which traditional smart card services like banking, transportticketing and access control, are moving to smartphones. This transition from smart cards to smartphone is to a large extent, facilitated by Near Field Communication (NFC) technology which enables a smartphone to emulate a smart card. As the smart card services require a comparatively higher level of security than other applications on the smartphone. Initial proposals for this convergences were focused on secure elements. However, the ownership issues reminiscent of traditional smart card domain became the Achilles' heel. A potential way forward has been proposed by the Google Andriod in the shape of Host Card Emulation (HCE) to allow mobile phone applications to communicate via NFC. However to provide higher-level of security as required by smart card applications, a number of proposals have been put forward including the Trusted Execution Environment (TEE). In this paper, we will look into how the TEE fits into the overall picture of smart card services on a smartphone -provisioned via the HCE. We also analyse the current state of the art of TEE proposal and what potential ecosystem hurdles it might face due to the nature of current trends. Finally, we provide a potential pathway to overcome the ecosystem issues to achieve wide scale deployment, enabling secure services to individual users.

Smart cards are mostly deployed in security-critical environments in order to provide a secure and trusted access to the provisioned services. These services are delivered to a cardholder using the Service Provider's (SPs) applications on his or her smart card(s). These applications are at their most vulnerable state when they are executing. There exist a variety of runtime attacks that can circumvent the security checks implemented either by the respective application or the runtime environment to protect the smart card platform, user and/or application. In this paper, we discuss the Java Runtime Environment and a potential threat model based on runtime attacks. Subsequently, we discussed the counter-measures that can be deployed to provide a secure and reliable execution platform, along with an evaluation of their effectiveness, incurred performance-penalty and latency.

Currently it is possible to implement Biometric Passport applets according to ICAO specifications. In this paper, an ePassport Java Card applet, according to ICAO specifications using the Basic Access Control security, is developed. A system for inspection of the ePassport applet, using Java, in order to test its functionalities and capabilities is also implemented. The simulators, which are developed in this paper, can display the communication between the inspection system and the Java Cards, which could be real or emulated cards.

The workshop runs its third edition, and it has followed the previous CAT07 and CAT08. The prefix " EURO " underlines the European scope of this edition of the workshop. In its previous editions the workshop was co-located with IFIP Conference on Trust Management (IFIPTM). The interaction with the trust management community has brought stimulating ideas and experiences from the trust management research into the context-awareness areas. This year the workshop has tried to widen its scientific interaction and it has been co-located with two important events in Security and Privacy: (a) EUROPKI09, the European Workshop on Public Key Services Application and Infrastructures, and (b) ISC09, the Information Security Conference. This change is consistent with the goal of the workshop, which aims to stimulate an active exchange of new ideas on the bidirectional relationship between the area of context awareness and the area of trust, security, and privacy. Since its very foundati...

E-commerce is the most efficient and time-effective method to promote a product to worldwide customers. Its transaction may require submitting customer's personal information such as username, password, credit card numbers, and financial data. Unified Modeling Language (UML) or Object Constraint Language (OCL) was one of the standardized languages for software developers with visualizing the software system in e-commerce. In e-commerce, purpose security is the primary issue meant for transferring personal data, online payment, and user details. Due to the lack of such security, a significant portion of the customers is feeling uncomfortable to send their respective information over the Internet. This study investigated completely 40 different kinds of literature which are collected from standard publications. Each research paper analyzes different ideas to secure online shopping based on the UML/OCL. In the existing papers, some of the security drawbacks are pointed out and they are overcome by various languages with different software effectively is reviewed by using new research papers.

The task of developing Java-based applications for embedded systems can be greatly enhanced by providing developers access to Java’s Core APIs such as java.lang and java.util. Oftentimes, platforms used in embedded systems are scaled back versions of the JVM. As a result, Core APIs must be migrated in order to be compatible with a particular platform. A significant portion of such migration centers around the removal of field, method, or constructor declarations. This paper describes the challenges and techniques associated with the automated removal-based modification of Java source code. Driving this research is the need to migrate selected Java Core APIs to an embedded platform called the SCore processor. This migration is being performed using a tool called Monarch.

The rapid expansion of the Internet of Things (IoT) introduces significant security challenges, given the resource-constrained nature of most IoT devices. To address these challenges, elliptic curve cryptography (ECC) has emerged as a promising solution due to its ability to deliver high levels of security with shorter key lengths, making it highly efficient for devices with limited computational power and memory. This paper focuses on a comparative analysis of three widely used ECC-based cryptographic algorithms: Elliptic Curve Digital Signature Algorithm (ECDSA), Elliptic Curve Integrated Encryption Scheme (ECIES), and Elliptic Curve Diffie-Hellman (ECDH). Through a detailed evaluation of performance metrics such as key generation speed, execution time, and overall efficiency, the study identifies the strengths and limitations of each algorithm in securing IoT environments. The results reveal that ECDH excels in public key generation speed, making it suitable for applications requiring frequent key exchanges. ECDSA demonstrates the fastest overall execution time, providing an efficient option for digital signatures and authentication. Conversely, ECIES, while slower, offers robust encryption capabilities ideal for scenarios demanding enhanced confidentiality. This comparative study highlights the importance of aligning algorithm selection with specific IoT application requirements, balancing factors like security, performance, resource constraints, and operational complexity. The findings underscore the suitability of ECC-based algorithms in addressing the unique challenges of IoT security.

Due to the fast evolving of trusted computing environments and internet-of-things an eager need has been established for open platforms which support interchangeable technologies to co-exist without threatening system's security. Certainly, future embedded applications will need high performance operating systems to support the intensivecomputing algorithms required for satisfying acceptable response and secure the application inside the vulnerable open environment; hence, new inevitable requirements for embedded operating systems have arisen including hard real-time response, support for native applications, system openness and system scalability. This paper introduces a new design for secure and open smart card operating system, called ESCOS (Egypt Smart Card Operating System), based on the prevalent Java Card technology. The new design provides competitive characteristics in the main three factors of judging smart card platforms; namely, system security, supported technology and system response. In addition, ESCOS is designed to have high degree of modularity and re-configurability to meet fastchanging business needs and diverse hardware platforms.

Java Card is the dominant smartcard technology in use today, with over 12 billion Java Card smartcards having shipped globally in the last 15 years. Almost exclusively, the deployed Java Card smartcards are instances of a Classic edition for which garbage collection is an optional component in even the most recent Classic edition. Poorly written or malicious Java Card applications may drain the available memory of a Java Card Virtual Machine to the point the card becomes unusable, and undisciplined use of the transaction mechanism may exhaust the available transaction buffers, resulting in programmatic abort by the Java Card Runtime Environment and so limit the range of services a Java Card application may successfully be able to offer. Given the size and global nature of the user base, and the commercial importance of Java Card, there is a stunning lack of tools supporting analysis or certification of the memory, transactional or CPU usage of Java Card applications. In this thesis ...

In this paper, we discuss a new testing process to generate test cases for object-oriented programs. We focus on classes with mutable objects. The test case construction process is guided by formal object-oriented specifications. In our approach, testers first analyze the formal specification of a class to partition the state space of the class and identify a test model that is based on finite-state machines, then analyze the class specification and the test model to select a set of test data for each method of the class, and finally prepare the test cases of the class from the test model by following various well-developed testing criteria. This paper also extends the subtype relationship to allow testing information on super-classes to be inherited by subclasses. The subtype relation is defined on a formal specification and test model, and improves the effectiveness of testing using the class inheritance hierarchy.

The contactless bank card is a replica of the old fashion payment methods. The contactless card saves the customer a lot of time and effort because the cardholder can tap the card on the card reader instead of carrying a massive amount of cash or memorizing a long password. The transaction will be done in a few seconds, which is a magnificent technique for a very rush and speedy world like this. However, because the contactless card does not require a PIN or signature, it is vulnerable to different types of attacks, and the card can be used by every single person who has the card, even if they are not the real cardholder. Nevertheless, for each new problem, there is a unique solution. Hence this paper presents an innovative way to overcome this problem by embedding a fingerprint sensor into the contactless card to add an extra level of security by creating a virtual environment giving a contactless card and using a minutiae-based algorithm for fingerprint recognition in this contactless card. The work is evaluated based on accuracy using two metrics, false acceptance rate (FAR) and false rejection rate (FRR), algorithm's matching time, and transaction time. This work shows a good result regarding the transaction time and the possibility of integrating the fingerprint into the contactless card. It displays how fingerprint image quality and features affect fingerprint authentication results. However, it also shows that minutiae-based techniques are not adequate when the dataset is relatively small and has data with low-quality and/or noisy data.

Given the undeniable popularity of the Web, providing efficient and secure access to remote databases using a Web browser is crucial for the emerging cooperative information systems and applications. In this paper, we evaluate all currently available Java-based approaches that support persistent connections between Web clients and database servers. These approaches include Java applets, Java Sockets, Servlets, Remote Method Invocation, CORBA, and mobile agents technology. Our comparison is along the important parameters of performance and programmability.

Given the undeniable popularity of the Web, providing efficient and secure access to remote databases using a Web browser is crucial for the emerging cooperative information systems and applications. In this paper, we evaluate all currently available Java-based approaches that support persistent connections between Web clients and database servers. These approaches include Java applets, Java Sockets, Servlets, Remote Method Invocation, CORBA, and mobile agents technology. Our comparison is along the dimensions of performance and programmability. Our findings point out that best performance is not always achievable with high programmability and low resource requirements. Moreover, the mobile agent technology needs to improve its programmability while giving particular emphasis on its infrastructure.

This industry wide recognition expresses an essential fact. The specific properties of smart cards, compared with all other types of cards, are determined by a microcontroller integrated in a card, which controls, initiates, and monitors all activities. Smart card microcomputer architecture Most smart card microcomputer chips adopt a conventional von Neumann architecture, as Figure 1 shows. 2 Microcontroller The heart of a microprocessor card is a CPU surrounded by four functional blocks: ROM, Eeprom, RAM, and an I/O port. The card also has special circuits for security and power control. The ROM contains the chip operating system (or mask) which is burned in during fabrication. The ROM is efficient in terms of space and power requirements. The Eeprom nonvolatile memory is a costly component that takes up to 50 percent of the chip area. Data and program code can be written, usually by the smart card manufacturer, to and read from the Eeprom under the control of operating system. Flash memory, which is more efficient than Eeprom in terms of writing time, is also becoming common in smart cards. The RAM is the processor's working memory. It is volatile memory and small-typically up to 512 bytes. Within the card, data are passed through a bus under the security logic's control. Microcomputer memory partitioning and the logic that governs access to the partition are central design elements for smart card security. Cards have a single I/O interface, which takes various forms. Usually, it is a serial I/O interface consisting of a single register, through which the card transfers data. The vast majority of smart card microprocessors use an asynchronous byte-oriented protocol (T=0). The ISO/IEC 7816-3 standard (http://www.iso.ch) specifies this protocol,

Memory-constrained devices, including widely used smart cards, require resisting attacks by the quantum computers. Lattice-based encryption scheme possesses high efficiency and reliability which could run on small devices with limited storage capacity and computation resources such as IoT sensor nodes or smart cards. We present the first implementation of a lattice-based encryption scheme on the standard Java Card platform by combining number theoretic transform and improved Montgomery modular multiplication. The running time of decryption is nearly optimal (about 7 seconds for 128-bit security level). We also optimize discrete Ziggurat algorithm and Knuth-Yao algorithm to sample from prescribed probability distributions on the Java Card platform. More importantly, we indicate that polynomial multiplication can be performed on Java Card efficiently even if the long integers are not supported, which makes running more lattice-based cryptosystems on smart cards achievable.

The Java programming language has been widely described as secure by design. Nevertheless, a number of serious security vulnerabilities have been discovered in Java, particularly in the component known as the Bytecode Verifier. This paper describes a method for representing Java security constraints using the Alloy modeling language. It further describes a system for performing a security analysis on any block of Java bytecodes by converting the bytes into relation initializers in Alloy. Any counterexamples found by the Alloy analyzer correspond directly to insecure code. Analysis of a real-world malicious applet is given to demonstrate the efficacy of the approach. Introduction. This paper will describe an analysis tool for verifying security constraints within Java bytecodes. This investigation was motivated by the continued appearance of malicious Java code that violates the security constraints imposed by the Java compiler, the Java Bytecode Verifier and the Java runtime. The analysis approach is based on the lightweight modeling language Alloy [AL, DJ]. This paper will describe the security verification approach taken by the Java Virtual Machine (JVM), and briefly enumerate some of the ways that it has been circumvented. A review of the top level goals of this work will then be presented, followed by a hierarchical description of the design of the analysis tool and its implementation. Results will then be presented in detail using a real-world example of malicious code: the BlackBox applet. Finally, a path toward future work on the analysis tool will be described. The analysis tool has, in fact, proven to be a powerful approach to analyzing JVM security constraints. The approach of applying lightweight modeling as a means to check JVM security constraints appears to be a new approach. Background. The Java programming language has been touted as "secure by design" since its inception. However, attacks against Java security have been promulgated from the earliest days of Java. Felten discovered several weaknesses in the Java security model almost immediately, and his work on Java [FE] contains an extensive list of early exploits. The development of Java malware has continued unabated up to the present. The Common Vulnerabilities and Exposures project [CV] lists numerous Java bugs that can lead to privilege escalation, sensitive data exfiltration, denial of service and other malicious outcomes. Of particular note is the BlackBox malicious Java applet [BB, LS]. This applet exploits a number of Java security weaknesses, and was widely deployed, infecting thousands of machines. The BlackBox applet not only breaks out of the supposedly invulnerable sandbox that the Java applet runtime imposes, it also manages to escalate its privilege to the highest possible level (since

This paper describes a radical approach to aggressively optimize an embedded Java virtual machine interpretation in a portable way. We call this technique Semantically Enriched Code (sEc). The sEc technique can improve the speed of a JVM by orders of ...

The convergence of the cell phone industry and the Internet brings with it a myriad of services, to be accessed when on the move. It also brings a need for a paradigm shift in its billing mechanism. The current billing operation does not cater for different services on the same channel with different ratings. It also often makes it impossible to bill in real time. These two limitations may cause revenue loss for cell phone operators, especially since the South African market focuses on prepaid users requesting services that may range from as little as 5c to R10 or R20 per service. Additional functionality is needed to eliminate discouraging, non-configurable error messages generated by the network when services are down, or when real-time hilling systems refuse delivery of a service due to insufficient funds on the user's account. Motivated by these restrictions, it seemed not only sensible but very important to assess the state of the industry and available technologies, in order to define a new content billing architecture. Specifications and requirements for such a solution were researched and formulated, in order to complete the design and implementation. The choice for a cell phone Internet technology to support the new system fell on the Wireless Internet Gateway (WIG), as it caters to 99% of the South African market by delivering text-based Internet content to 2G cell phones. The content-based billing application (CBA) was developed and tested in the laboratory to verify its functionality and performance. It implements all the specifications and requirements. The CBA was then installed on the network of a South African cell phone operator. Endto-end performance tests on the complete system, including its latency and throughput levels, confirmed that it successfully implemented all requirements and business logic. I am grateful to everybody who supported me throughout the course of my studies. Firstly, I would like to thank my previous employer, Atos Origin, for the opportunity to do the research, and for providing the laboratory environment for testing and implementing this project. I would also like to thank everyone at CRCED Pretoria, and especially Dr Johann van Rensburg who acted as my mentor. They made the process running smoother than I ever thought possible and turned my studies into a uniquely educational experience. Then I would like to express my gratitude to all my friends who stayed by me all through this sometimes lonesome affair. I often take the ongoing support of my parents for granted. So I would like to use this opportunity to put it in black and white: thanks, mom, you're the reason for almost all of my good qualities; you have always been a great help in everything I've ever asked from you. All my other strong points I owe to my father; thanks, dad for your wisdom and guidance that has been with me all my life and throughout the course of this project.

Este trabalho tem como objetivo apresentar o conceito de Java Card e os principais metodos, tecnicas e ferramentas utilizadas na atualidade por desenvolvedores. A ideia e apresentar a tecnologia e detalhar o processo de como iniciar uma aplicacao, apresentar tecnicas e ferramentas que podem maximizar as chances da criacao de aplicacoes bem sucedidas e as principais vantagens da tecnologia. Por fim, mostrar o passo a passo do desenvolvimento de uma pequena aplicacao, para que seja colocado em pratica as tecnicas apresentadas.

This paper describes the functionality and practical uses of a network smart card: a smart card that can connect to the Internet as a secure and autonomous peer. The network smart card does not require any special middleware on the host device. It uses standard networking protocols PPP and TCPIIP to achieve network connectivity. Network security is accomplished by an optimized SSLITLS stack on the smart card. The combination of TCPIIP and SSLITLS stacks on the smart card enables the smart card to establish a secure end-to-end network connection with any standard (unmodified) client or server on the Internet. This opens the door to seamless, secure and novel applications of smart cards in the most ubiquitous network: the Internet. Some of these applications that use the network smart card in confidential online transactions are explained.

The Java Modeling Language (JML) is a behavioral interface specification language tailored for specifying Java modules. This paper describes a source-to-source translation tool that takes a JML specification and Java source code for a module and produces source code that checks assertions at run-time. It describes issues unique to JML, including specification-only variables, refinement, specification inheritance, and privacy. It also describes the design and implementation of the translation tool.

The Java Modeling Language (JML) is a behavioral interface specification language tailored for specifying Java modules. This paper describes a source-to-source translation tool that takes a JML specification and Java source code for a module and produces source code that checks assertions at run-time. It describes issues unique to JML, including specification-only variables, refinement, specification inheritance, and privacy. It also describes the design and implementation of the translation tool.

He is currently a Member of the Research Staff of the Palo Alto Research Center, Xerox Corporation, El Segundo, California, where he is working on advanced display processor design and digital communications systems. His research interests also include computer architecture and coherent optical data processing. Dr. Sterling is a member of IEEE Computer Society, Tau Beta Pi, and Eta Kappa Nu.

Bytecode is a stack based java virtual machine instruction set that contains 202 instructions, not only it provides architectural independence to java but also ensures that the code is secure and portable. It has widely evolved into a topic of high importance , for the industrial organizations as well as academic institutions. The industry derive it's interest because of the fact that bytecode is used specifically for websites and mobile device applications namely: cell phones, metro cards, credit cards, internet banking etc where security is of prime importance. Moreover it allows classes to load dynamically which results into an additional dare for those applications which contains formal methods. Also, the poor structuredness of the code and the operand stack being pervasively present results in furthermore challenges for the analysis of bytecode. This paper reviews the theoretical aspects of analysis, transformation, verification and security of Java bytecode by presenting t...

Accessing files on remote resources is a required function in Grids. In this paper, we report on the file transfer patterns supported in the Java CoG Kit. These patterns are supported by a rich set of accompanying components, including Java classes and methods, command line tools, graphical user interfaces, and portals. The patterns and their implementations are exposed through familiar Java language capabilities of interfaces, hence hiding the underlying protocols. Using these interfaces, one can provide a variety of implementations for diverse file transfer mechanisms and protocols. Together, these tools can be used to implement more sophisticated services. We present a number of prototype applications reusing the Java CoG Kits file transfer patterns. Additionally, we present performance numbers based on a typical client deployment scenario.

This paper discusses the incompatibility between the formal logic derived from quantum phenomenology and the ordinary logic that underlies the mathematics constituting the formal language of quantum mechanics. A new discrete scenario in which this incompatibility could be resolved is also proposed.