Java Card

Java Card refers to a technology that allows small Java-based applications (applets) to be run securely on smart cards and similar devices. It is widely used in SIM cards (used in GSM mobile phones) and ATM cards.

The first Java Card technology - based smart cards were introduced in 1997 by several companies including former Schlumberger's card division (now Axalto) and Gemplus. Java Card products are based on the Java Card Platform specifications developed by Sun Microsystems.

The main features of this technology are portability and security.

程式移攜性

The Java Card VM, responsible for interpreting the Java applet instructions, is a subset of the Java VM, and thus requires less space in the host media than the Java VM. Additionally, Java Card applets are also smaller, an aspect which further contributes to their portability.

A trade-off for this feature, however, is that not all Java features are supported, and the size and memory resources are limited. Although there are methods for overcoming the size limitation of an application, such as dividing the application's code into packages, the size of each package still may not exceed 64 KB.

防護安全性

Java Card技術在研發初衷就是為了保護智慧卡內的私密、敏感性資料。而防護安全性取決於幾種角度：

資料存取修改時的權限防擋（Data encapsulation）

由於Java Card的應用程式是在一個具隔離性的環境（此指Java Card VM）下執行，所以程式對卡片資料的寫入、讀取、修改也受到權限機制的控制保護，無論使用何種讀卡設備、作業系統、應用程式都不能跨越權限去存取不屬於自己的卡片內資料，等於具有「Applet Firewall，小型應用程式的防火牆」的功效。

資料存取傳遞時的加密防護（Cryptography）

Java Card能支援絕大多數的常用加密演算法，包括橢圓曲線加密法（elliptic curve cryptography）。

無論是電信方面還是金融方面的智慧片應用，現在都運用Java Card技術來防護卡內所儲存的資訊資料。

補充：台灣所用的全民健康保險個人身份識別卡（簡稱：健保卡）也是用Java Card技術，技術上可以做到個人醫療資訊的保密、轉診轉檢資訊的資訊防護、或授權下的基本共通資訊共享，台灣共使用2,400萬張此種卡片，硬體卡片方面由瑞薩（Renesas）與英飛凌（Infineon）兩家半導體業者所共同供應。

外部連結

Java Card平台規格（昇陽電腦）-（英文）

智慧卡的基礎知識-（英文）

程式移攜性

防護安全性

相關參見

外部連結