Eric Vétillard's Cardis2010 Slides

Where is our smart card AppStore? Eric Vétillard Cardis 2010

SIM Toolkit Menus & interactions from the SIM card

Java Card 1.0 Platform interoperability Application portability But … Applications are scripts

Java Card 2.1 Full-blown applications Multi-application cards Binary interoperability … But … APDUs

Java Card 2.2 RMI Hiding the low-level protocol But … not universal

Smart Card Web Server Based on standard protocols HTTP, TLS, … But … Still APDUs Many limitations

Java Card 3.0 Full blown Web Server TCP/IP based Ultimate (2010)

OpenPlatform 2.0.1’ Interoperable card management But … One actor ?

GlobalPlatform 2.1 Supports multiple providers/roles But … not very SIM-oriented

GlobalPlatform 2.2 SIM-oriented Full UICC profile, Supports NFC But … APDU

GlobalPlatform 3.0 Fully IP-based Supports SCWS Ultimate (2010)

Impressive • Open • Interoperable • Interoperable app • Multi-application management • High-level protocols • Multiple providers • Standard protocols • Works on UICC • Full IP support • Manages Web servers

But …

Who cares ?

Open Not everybody cares about that No Java Card in China Proprietary frameworks Operators are “big enough”

Interoperable Yes, we all like that But … we don’t get it easily Functional interop takes years No security interop (yet)

Multi-application Few people really care Applications are often tightly linked ( Some use cases in the SIM area )

Multi-provider Nobody cares In fact, it is mostly annoying Before NFC, no multi-provider cards It may still kill NFC

High-level protocols Only developers care Who cares about developers?

Standard Protocols Standard? Not on cards! Handset vendors are slow to react SCWS support ? USB SIM interface ?

Cards are Tokens Programmable tokens but still tokens

Wait !!

SIM cards !! SIM cards are more than tokens For the benefit of a single operator Losing value in a connected world Nice biz model (20th century)

NFC !! NFC supports multiple providers Have you seen NFC deployments ? Have you seen NFC biz models ?? Back to the brand, plus revenues

No Future ?

Assets ? Secure Small = Personal Cheap = Trusted Manageable = Here Personalizable

Environment ? Cloud Interconnection, all data accessible Identity? Mobile Here and Now Generative, Interactive

Here Me You

Soooo what ?? (some) research issues

Open Card Platforms The technology is there (almost)

Leveraging Locality

Think at the System Level

Think at the Human Level

Getting to Trust

Where is my App Store? Most likely, it will not come Smart cards are in the infrastructure Smart cards are lacking …

Where is my App Store?

Thank you!

For more information • Sources of inspiration – Usual suspects: Bruce, Ross, and friends – More industrial: Ajit Jaokar, Umair Haque – Compiled: http://javacard.vetilles.com • Image credits from Flickr culdesac par Gabba Gabba Hey! iconwall by liquidx appstoreiphone by Lee Bennett fuzzyball by andymangold androidmarket by Fragments of Eternity neons_night by an untrained eye mom_child_trust by Isobel T neons_toss by Neato Coolville Lightbulb by jamie hladky

Eric Vétillard's Cardis2010 Slides

by evetillard on Apr 15, 2010

Accessibility

Tags

Upload Details

Usage Rights

1 Embed 5

Statistics

Eric Vétillard’s Cardis2010 Slides — Presentation Transcript