The present invention relates generally to computing systems, and more particularly, to techniques for providing secure computing systems.
Unlike the typical desktop, other computing devices are mobile, highly specialized for a particular application, operate with relatively less memory, and/or processing constraints. By way of an example, a smart card is representative of a mobile computing device that can be highly specialized for a particular application (e.g., security). Smart cards are also an example of a computing environment where the amount of memory and processing power that can be provided is typically not as much as those in the desktop (e.g., Personal Computer) environments. As such, a smart card may provide a good example and will be discussed.
Smart cards were introduced about two decades ago in the form of memory cards that were used to store critical information (e.g., phone cards). The smart cards today are, however, much more sophisticated than those initially introduced. Today, a smart card can have an embedded integrated circuit (IC). The smart card can, for example, be a plastic card that includes the embedded integrated circuit (IC). The smart card can resemble a credit card. Moreover, it can be used to highly sensitive applications (e.g., banking, security). As a result, extensive efforts have been made by a number of entities to develop smart cards that are secure
Smart-card technology is an industry standard defined and controlled by the Joint Technical Committee 1 (JTC1) of the International Standards Organization (ISO) and the International Electronic Committee (IEC). The series of international standards ISO/IEC 7816, introduced in 1987 with its latest update in 2003, defines various aspects of a smart card, including physical characteristics, physical contacts, electronic signals and transmission protocols, commands, security architecture, application identifiers, and common data elements.
In some areas of use, smart cards are just memory cards that merely provide protected non-volatile storage. More advanced smart cards, however, have both microprocessors and memory, and can be used for secure processing and storage. Smart cards can operate without a battery (i.e. become active only when connected with a card reader). When connected, after performing a reset sequence the card remains passive, waiting to receive a command request from a client (host) application. Smart cards can be contact or contactless. As the names imply, contact smart cards work by communicating via physical contact between a card reader and the smart card's 8-pin contact, while contactless smart cards communicate by means of a radio frequency signal, with a typical range of less than 2 feet. The radio communication of contactless smart cards is based on technology similar to Radio Frequency ID (RFID) tags used in stores to counter theft and track inventory. FIG. 1 depicts contact and contactless smart cards. FIGS. 1A and 1B respectively depict contact and contactless smart cards.
Given the popularity of mobile devices today, it is desirable to develop programming environments that are better suited for them. These programming environments, among other things, should be secure.