The present invention relates generally to computing systems, and more particularly, to techniques for providing secure computing systems.
Unlike a typical general-purpose desktop computer, some computing devices are mobile, highly specialized for a particular application. These mobile devices typically operate with relatively less memory, and/or processing power. By way of an example, a smart card is representative of a mobile computing device. A smart card can be highly specialized and provided for a particular application (e.g., security). A smart card is also an example of a computing environment where the amount of memory and processing power that can be provided is typically not as much as those provided for general-purpose desktop. As such, a smart card may provide a good example for discussion and will be discussed further.
Smart cards were introduced about two decades ago in the form of memory cards that were used to store critical information (e.g., phone cards). The smart cards today are, however, much more sophisticated than those initially introduced. Today, a smart card can have an embedded integrated circuit (IC). The smart card can, for example, be a plastic card that includes the embedded integrated circuit (IC). A smart card can resemble a credit card. Moreover, a smart can be used for highly sensitive applications (e.g., banking, security). As a result, extensive efforts have been made by a number of entities to develop smart cards that are secure.
Smart-card technology is an industry standard defined and controlled by the Joint Technical Committee 1 (JTC1) of the International Standards Organization (ISO) and the International Electronic Committee (IEC). The series of international standards ISO/IEC 7816, introduced in 1987 with its latest update in 2003, defines various aspects of a smart card, including physical characteristics, physical contacts, electronic signals and transmission protocols, commands, security architecture, application identifiers, and common data elements.
In some areas of use, smart cards are just memory cards that merely provide protected non-volatile storage. More advanced smart cards, however, have both microprocessors and memory, and can be used for secure processing and storage. Smart cards can operate without a battery (i.e. become active only when connected with a card reader). When connected, after performing a reset sequence the card remains passive, waiting to receive a command request from a client (host) application. Smart cards can be contact or contactless. As the names imply, contact smart cards work by communicating via physical contact between a card reader and the smart card's 8-pin contact, while contactless smart cards communicate by means of a radio frequency signal, with a typical range of less than 2 feet. The radio communication of contactless smart cards is based on technology similar to Radio Frequency ID (RFID) tags used in stores to counter theft and track inventory. FIG. 1 depicts contact and contactless smart cards. FIGS. 1A and 1B respectively depict contact and contactless smart cards.
Given the popularity of mobile devices, it is desirable to develop programming environments that are better suited for them. These programming environments, among other things, should be secure.