Java card 3 released
SUN is about to release the newer java card 3! Quoting the wikipedia article:
Java Card refers to a technology that allows small Java-based applications (applets) to be run securely on smart cards and similar small memory footprint devices. Java Card is the tiniest of Java targeted for embedded devices. Java Card gives the user ability to program the device and make them application specific. It is widely used in SIM cards (used in GSM mobile phones) and ATM cards. The first Java Card was introduced in 1996 by Schlumberger‘s card division which later merged with Gemplus to form Gemalto. Java Card products are based on the Java Card Platform specifications developed by Sun Microsystems. Many Java card products also rely on the GlobalPlatform specifications for the secure management of applications on the card (download, installation, personalization, deletion).
Here are some features of it (text stolen from here):
- JDK6 Compatible VM: Except for floats, it support class file version 50.
- Full Java Language support: Java Card 2 has restrictions on the language itself. But JC3 has no limits. You can use all language features like annotations, enhanced for-loops etc… (except floating point)
- Rich API: This is mixture of CLDC, GCF, Servlet, JavaCard2 API, Sockets, Threads, Transactions …
- Three application models and two library models, which makes it possible to have virtually any kind of secure application on JC3: o Servlets, extended-Applets, Classic-Applets o Extension-Library and Classic-Library
- Servlet Container with Servlet 2.5 support.
- HTTP and HTTPS interface: No need for special client programming. Use any web client to reach JC3.
- Still tiny(!!):24K RAM, 128K EEPROM, 512K ROM with a 32 bit processor
- It is not just “Card” any more: With the newly added USB interface this technology can go beyond Smart Cards into devices like secure USB tokens, Secure Personal Databases, Embedded Servers, WebDAV compliant thumb drives and more.
The hot part is that smart cards support directly HTTP/HTTPS. This means it can be part of WoT and support natively Web-based communication (HTML/SOAP/REST), so it could be very nice to see new applications that could be built with it. Any experience on your side with that?