Your SlideShare is downloading. ×
0
Making Mobility
More Secure…



                                        Developing real-world
                            ...
Contents




       Smart Card Web Server technology from a developer point of view


           SIM Application toolkit v...
Some facts about the company

•   2006. Cellnetrix was established as an R&D company focused on the
    software developme...
Cellnetrix competence domains



                                    cellSIM
                            Software for smar...
Smart card web server and related technologies


                                          Dynamic SIM toolkit

          ...
Smart Card Web Server: developer point of view


From a developer point of view Smart Card Web Server is seen as a HTTP 1....
SCWS Architecture Overview
                                                                                               ...
CAT/USAT Applications Development Workflow
                            IDE with java level                     Development...
SCWS Applications Development Workflow
                                                                           IDE with...
Protocol stack for BIP-based SCWS implementation

cd Protocol Stack

              OSI Layers   Web Brow ser              ...
SCWS Registration

                                                                                         SCWS usually m...
SCWS Registration
 ad UICC Serv er Registration


    The operation is executed for each configured request handler.

    ...
SCWS Operation
ad SCWS Operation




                                                              Channel status change
 ...
BIP Channel States
   sm BIP Channel States


      This state chart shows possible states and transitions for BIP
      c...
Typical SCWS design
   cd SCWS



                                                                                        ...
Conclusion

 SCWS technology has a chance to become a major on-device portal
 solution in the upcoming years if some of ma...
Conclusion….


               Thank you for your attention!
               We’re pleased to answer your questions!
       ...
Upcoming SlideShare
Loading in...5
×

Developing Smart Card Web Server Applications

5,029

Published on

Cellnetrix presentation for 2nd Comprion technology day, 23rd June, Paderborn, Germany

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,029
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
393
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Transcript of "Developing Smart Card Web Server Applications"

  1. 1. Making Mobility More Secure… Developing real-world smart card web server applications Dr. Vladimir Nagin Cellnetrix Managing Director Cellnetrix R&D Center © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 1 • 19/6/2009
  2. 2. Contents Smart Card Web Server technology from a developer point of view SIM Application toolkit vs. Smart card web server workflow Typical SCWS procedures and processes Conclusion Cellnetrix © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 2 • 19/6/2009
  3. 3. Some facts about the company • 2006. Cellnetrix was established as an R&D company focused on the software development for smart cards complying with modern requirements for convergence, network connectivity and interoperability • 2007. In order to address global market demands Cellnetrix opened an office in Hamburg, Germany. Company gets an international status with the headquarter based in Germany and R&D center located in Russia • 2007. After successful completion of several smart card development projects the company concentrated on solutions which help to make wireless mobility safer and more secure • 2008 . Today Cellnetrix delivers to its customers secure software solutions targeted for various mobile networks such as GSM, UMTS or CDMA, as well as WLAN and the Internet and provides professional services for mobile operators, service providers, smart card and software vendors Cellnetrix Software and services provided by Cellnetrix are based on open technologies and standards such as OMA, ETSI, 3GPP, ISO, Global platform and active use of Java technologies. © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 3 • 19/6/2009
  4. 4. Cellnetrix competence domains cellSIM Software for smart cards and secure devices based on Java Card 2.2.1/2.2.2 UICC platform cellOTA cellApps Over-the-Air management Value-added services for (U)SIM and applications development R-UIM enhancing mobile trust Cellnetrix and security © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 4 • 19/6/2009
  5. 5. Smart card web server and related technologies Dynamic SIM toolkit Smart card web server WAP 2.0 Mobile optimized html/xhtml Different dynamic portal technologies will coexist in the nearest future. Smart card web Cellnetrix server has a chance to become a major on-device portal WM/Symbian/J2ME on-device portals technology owing to operator ownership and control. 2003 2005 2007 2009 © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 5 • 19/6/2009
  6. 6. Smart Card Web Server: developer point of view From a developer point of view Smart Card Web Server is seen as a HTTP 1.1 server with extended functionality such as: •Chunked encoding; •Keep-alive connection; •Cache management; •Pipelining; •Authentication; •Servlet support. And available via http://127.0.0.1:3516/ to the outer world; Physically 2 layers can be used to access the server: 1. using ISO7816 and BIP; 2. via USB-IC and Ethernet Emulation Layer in (U)SIM card itself Cellnetrix © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 6 • 19/6/2009
  7. 7. SCWS Architecture Overview A servlet is a way to generate the dynamic content. It is a Java Card applet registered to the SCWS and mapped to one or several URIs Static content Dynamic content (U)SIM Toolkit A standardized JavaCard API ( servlets ) Applets (ETSI TS 102 588 Release 7) is provided Administrative Servlets are triggered by SCWS commands what is similar to SIM toolkit event Java SCWS API Toolkit API processor concept HTTP Web Server Java VM &JRE TLS layer TCP/IP BIP EEM Native resources File System T=0 Cellnetrix USB-IC © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 7 • 19/6/2009
  8. 8. CAT/USAT Applications Development Workflow IDE with java level Development and Unit *.java files simulation Testing Compilation and conversion Testing with handset emulator *.cap / *.ijc Card level simulator converted files physical JC 2.2 Download to a APDU-based tests card Cellnetrix Physical (U)SIM Testing with card real handsets © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 8 • 19/6/2009
  9. 9. SCWS Applications Development Workflow IDE with java level Development and Unit Static data *.java files simulation Testing Compilation and Upload to the physical card via Admin session conversion Testing with Internet browsers (IE,Firefox,Opera) Testing with handset emulator *.cap / *.ijc converted files Card level simulator (JC 2.2 case) Application level testing (HTTP,…) Download to a physical card APDU-level testing Transport level testing Cellnetrix Physical (U)SIM Testing with card real handsets © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 9 • 19/6/2009
  10. 10. Protocol stack for BIP-based SCWS implementation cd Protocol Stack OSI Layers Web Brow ser BIP Proxy SCWS 7: APP 7: HTTP 7: HTTP 7: HTTP 7: HTTP 6: PRES 6: MIME 6: MIME 6: MIME 6: MIME 5: SESS 4,5: TCP 4,5: TCP 4,5: BIP 4,5: BIP 4: TRANSP 3: NET 3: IP 3: IP 1,2,3: ISO 7816 1,2,3: ISO 7816 (T=0 or T=1) (T=0 or T=1) 2: LINK 1,2: Ethernet 1,2: Ethernet Cellnetrix 1: PHY © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 10 • 19/6/2009
  11. 11. SCWS Registration SCWS usually makes itself available after receiving Terminal Profile from the handset ad SCWS Operation Terminal profile «loop» Other initialization BIP supported? UICC serv er registration PROFILE_DONWLOAD [yes] End Cellnetrix © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 11 • 19/6/2009
  12. 12. SCWS Registration ad UICC Serv er Registration The operation is executed for each configured request handler. Usually, if we need to handle N simulatneous requests on M ports, that will require N*M HTTP request handlers each occupying one BIP channel. Listen port State number HTTP Request Handler Max number of channels used? Initialize corresponding Issue OPEN CHANNEL in request handler w ith the UICC Serv er Mode BIP channel ID Start [yes] Cellnetrix BIP channel attrs End © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 12 • 19/6/2009
  13. 13. SCWS Operation ad SCWS Operation Channel status change BIP channel ID valid? processing CHANNEL_STATUS [yes] End BIP channel HTTP Request attrs Handler Inbound data processing BIP channel ID valid? DATA_AVAILABLE [yes] End Cellnetrix © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 13 • 19/6/2009
  14. 14. BIP Channel States sm BIP Channel States This state chart shows possible states and transitions for BIP channels operated in UICC server mode. TCP in CLOSED state Server socket opens TCP in LISTEN state BIP channel SCWS closes connection Initial requested TCP handshake successful SCWS closes connection Client closes connection Cellnetrix Error TCP in ESTABLISHED Error happens state © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 14 • 19/6/2009
  15. 15. Typical SCWS design cd SCWS SCWS ov er BIP One for each request to be served concurrently HTTP Request Handler BIP Ev ent Dispatcher I/O Buffer Handler State Channel State «delegate» BIP «trace» Request Processing API «delegate» HTTP Request Sink Request Processing Request Data «delegate» «trace» Processor «trace» «delegate» Content Provider «delegate» URL Trigger HTTP Response «trace» Source Response Data «delegate» «trace» HTTP Helpers Serv ice Registry List of Content Inv oker Prov iders «delegate» URL Trigger Content Provider Cellnetrix AIAPI URL Trigger © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 15 • 19/6/2009
  16. 16. Conclusion SCWS technology has a chance to become a major on-device portal solution in the upcoming years if some of main problems are solved: Lack of mobile handsets with SCWS support Despite the strong market demands there are only a few commercial handsets which support SCWS functionality Interoperability problems First trials show that there are some interoperability problems with SCWS handset appearing on the market. There are no automated test suites available to test SCWS implementation both on card and handset side. Expensive roll-out All (U)SIM cards should be exchanged to support new functionality. If SCWS is implemented over TCP performance requirements for (U)SIM cards are higher. Migration path from Dynamic SIM toolkit to SCWS based services Currently available mobile services based on Dynamic SIM toolkit might be migrated onto SCWS Cellnetrix platform. Major SIM toolkit commands such as Setup Call, Send SMS or USSD must be supported. © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 16 • 19/6/2009
  17. 17. Conclusion…. Thank you for your attention! We’re pleased to answer your questions! Cellnetrix R&D Center Yablonevaya alleya, 313a, Zelenograd, Moscow, Russia, 124482 Tel . +7(495) 944-66-90 Fax. +7(495) 536-57-63 Cellnetrix GmbH Holstenkamp 54, D-22525 Hamburg, Germany Tel. + 49 40 891 062 Fax.+ 49 40 891 064 Cellnetrix Email: Web: http://www.cellnetrix.com © Cellnetrix 2009 • Developing real-world smart card web server applications • English • 17 • 19/6/2009
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×