The invention relates to personal security tokens when hosting Javacard applications for delivering html pages to an envisioning device. Such personal tokens are generally known as personal tokens including a web or HTML server.
Personal tokens are used for authenticating a user when such user accesses to a limited or a private resources equipment such as a mobile telecommunication network, a bank facility or network, a remote server storing secret data or even a protected area with limited physical access thereto.
The mostly known device of this type is the IC card such as for example a SIM card (Subscriber Identification Module) or a credit card, but it can also be a USB key, a mass memory card, or any kind of token carrying some necessary credentials. Such tokens are typically compliant with international standard ISO7816.
The envisioning device is typically the mobile terminal in a mobile telephony network, but can also a hosting PC or a remote terminal in an IT network, either the internet or a company internal network.
Javacard is a language and programming system which is derived from Java, i.e. with simplified functionalities due to the reduced abilities of smart cards, but retaining the main aspects of Java such as downloading of .cap file, instantiation, registering, using application Ids, and more importantly a selected group of the original Java language instructions, which make Javacard keep the object-oriented nature of original Java. Javacard enabled smart cards or USB dongles are well-known.
Oftentimes Javacard is used for delivering HTML data to a hosting device, which hosting device runs an HTML engine, which engine reads the such delivered HTML data and constructs an HTML page departing on such delivered data. The delivered HTML data are sufficient data for describing the content to be found in the HTML page, i.e. static objects, dynamic objects, and a template for organizing the static and dynamic objects in the page.
Javacard applications are loaded into security tokens either over-the-air, either by wired means i.e. in the factory while customizing the token, or even at a selling point by means of a local computer with some dedicated connections and a driver for that purpose. Javacard applications are difficult to update. Some Javacard data which are already present in the token are oftentimes impossible to modify, which means that the whole application has to be downloaded in a new version which encompasses the modified data. This also means that the token has to be either brought back to factory or to a selling point, or that a new downloading of the complete application code, i.e. of the .cap file, has to be carried out over-the-air, which is long and fastidious for the operator and requires difficult memory management in the token.
This appears to be particularly true for application codes which are dedicated to delivering HTML page data when it appears necessary to amend the HTML page.
For example, changing an object in the HTML page or amending the template of the HTML page for emphasizing a particular object rather than another one requires the Javacard application to be downloaded again in the card and interpreted again by the card in its modified version.