Java Card Forum


Java Card technology – Building the Foundation for End-to-End IoT Security (new Whitepaper)

The Java Card Forum and Oracle have today released a Whitepaper explaining how Java Card technology is ideally placed when it comes to securing the IoT sector.

cover of Whitepaper

Connected devices volumes are expected to increase exponentially in the upcoming years. Analyst data seem to converge and indicate that the number of things connected to the internet should exceed the number of humans by a factor of 8 come 2020.

While this growth brings transformative effects to several industries and to people’s daily lives, it also induces an additional level of system complexity to the infrastructure that will handle device data. IoT systems need to be cognisant of a vast number of device types, interfaces, communication protocols, or device lifecycles.

In parallel, there is a strong imperative to be able to trust the data that gets acquired and acted on by IoT solutions. It is a well-known fact that Big Data is only as good, or as secure, as the small data that it is built on. The effects of corrupted devices or data on systems that make instant, analytics-based decisions can have a severe financial, material and human cost.

As a result, there is an increasing need for solutions that secure the source of data at the edge, creating end- to-end security up to the cloud, and help IoT customers simplify the overall security equation.

Fortunately, there is an extensive body of work already available detailing the security risks associated with Internet of Things systems. This document does not intend to replicate this work. Instead we will focus specifically on the security of IoT devices. We will make an effort to categorise some of the key challenges faced by IoT vendors at the edge of the network. We will also go over hardware or software solutions that can abstract a good portion of the IoT complexity from the customer. We will discuss what new use cases can be brought about by open, secure application platforms such as Java Card technology.

Download the full Whitepaper here.


Want to find out how to secure IoT Edge with Java Card technology?

On March 21st and 22nd, Oracle are running 3 webinars to share how Java Card technology can help in the design of secure IoT systems.

Security at the device edge has become more critical than ever with the maturation of Internet of Things (IoT) infrastructures based on Cloud Services, Business Intelligence, and Big Data Analytics. The risk of processing data from compromised, rogue, or untrusted devices increases exponentially due to the scale of IoT networks and with potentially dire business outcomes. What is your IoT security vulnerability management strategy?

This webinar session on the applications of Java Card technology will review security risks introduced by massively pervasive connected devices for the IoT market. Join this live interactive presentation to:

  • Find out what hardware and software solutions are available today to anchor security at the heart of device architectures
  • Address technology fragmentation and deployment issues
  • Review IoT edge use cases to identify potential risks and requirements at multiple levels

Click here to find out more and register for the Webinar.

 


Infineon Technologies joins the Java Card Forum

The Java Card Forum welcomes Infineon during its 20th year anniversary

Berlin, 6th November 2017 – The Java Card Forum (JCF) is delighted to announce Infineon Technologies AG as its latest member.

With more than six billion high security controllers sold since 2010, Infineon is a major player in today’s global security industry. Infineon has a long history working with Java Card technology supporting specification enhancements throughout the various releases, right up to the 3.0 version.

“Infineon can bring a wealth of experience to the Java Card Forum particularly in the area of security and a network of partners who are interested in the further development of the platform,” explains Ioannis Kabitoglou, Vice President & General Manager at Infineon. “There is clear trend towards the use of Java Card technology in Smart Card and Security applications in the area of payment and government. Especially multi-application is driving this development: Java Card gives a maximum of flexibility for combining and upgrading various features on a single card,” concludes Kabitoglou.

“We are delighted that Infineon will be a valued member of the JCF,” declares Volker Gerstenberger, President of the JCF. “They have long been champions of the Java Card platform and we welcome their contributions to the continued specification development. It is especially significant that they are joining in 2017, as we celebrate our 20 year anniversary – a real statement that the technology is very much alive and kicking, with new business opportunities and challenges.”

About the JCF

The primary purpose of the Java Card Forum is to promote, as an industry, the development of Java as the preferred platform for interoperable smart cards and other secure devices. The Forum was founded in 1997 and is composed of a Business Committee and Technical Committee, advancing the Java Card specification in cooperation with Oracle. The Java Card platform is now one of the most pervasive technologies in the world.

About Infineon Technologies

Infineon Technologies AG is a world leader in semiconductor solutions that make life easier, safer and greener. Microelectronics from Infineon is the key to a better future. In the 2016 fiscal year (ending September 30), the company reported sales of about Euro 6.5 billion with more than 36,000 employees worldwide. Infineon is listed on the Frankfurt Stock Exchange (ticker symbol: IFX) and in the USA on the over-the-counter market OTCQX International Premier (ticker symbol: IFNNY).

Trademarks:
Oracle and Java are registered trademarks of Oracle and/or its affiliates.


Celebrating our 20 Year Anniversary in Munich

Screen Shot 2017-10-18 at 13.11.25

There have been many different posts on the site highlighting our 20 years Anniversary over the last few months, looking at how the JCF and the technology have evolved over the years, but we also felt it was important to celebrate the achievements with the people who made it happen.

Yesterday evening (17th October) we invited past and current members of the Java Card Forum to join together in celebrating the work carried out over the last 20 years; to reminisce about the ‘good times’ and look forward to the next release of the Java Card specification in 2018.

The Celebration Dinner took place in Munich, during one of the bi-annual Plenary sessions, and was held in a typical Bavarian restaurant, ensuring plenty of hearty food, German beer and Lederhosen!

As Volker Gerstenberger, President of the JCF, welcomed old and new members alike to the event, he reminded guests of a few Java Card facts: “Who would have thought back in 1997, that as an industry we would now be producing enough Java Cards per year to supply every man, woman and child on the planet. And that over the years we’ve shipped enough Java Cards to reach to the moon and back nearly 3 times.
With the current work advancing Java Card technology to become the security powerhouse for IoT, I am proud to say the JCF’s contribution remains as relevant today as it was back in the 90s.

Here’s to the next 20 years!

A Toast to Forum members past and present
20years_toast

Members can view more photos here, using the password provided.


Learn more about Securing the IoT Edge with Java Card + 20 years of Security Innovation

Following the JavaOne conference in October this year, we are delighted to be able to share 2 presentations made by Oracle about Java Card technology:

Securing the IoT Edge with Java Card

This presentation looks at security risks introduced by new connected devices and highlights how Java Card solutions can help design secure IoT systems. It covers the following:
• Connected devices, security risks, and requirements
• Secure hardware options addressing IoT edge security challenges: established (TPM/TEE/Secure Element) and emerging solutions (integrated Secure Element)
• Impact of secure hardware introduction on the IoT infrastructure and ecosystem
• Java Card as an abstraction for new secure hardware solutions and driving cross-market adoption
• IoT edge security use cases (secure TLS, device attestation, secure I/O) and Java Card as an enabler of strong IoT security (certification, openness, verticals, …)

Java Card: 20 Years of Security Innovation

Java Card technology, entering its 20th year of existence, is available in billions of secure devices shipped each year. Oracle and Java Card Forum are working on the next iteration of the Java Card specification, bringing significant additions to address new security form factors in mobile and IoT. This session looks back at the history of Java Card adoption and introduces key features of the upcoming Java Card 3.1 release.

To view, go to the following link and click on the download icon: https://oracle.rainfocus.com/catalog/oracle/oow17/catalogjavaone17?search=java%20card&showEnrolled=false


JNet ThingX Corp joins the Java Card Forum

The Java Card Forum welcomes jNet during its 20th year anniversary

Berlin, San Jose, 25th September 2017 – The Java Card Forum (JCF) is delighted to announce that jNet ThingX (“jNet”), a technology innovator specializing in the development of secure, embedded operating systems for secure microcontrollers (i.e. smartcards) and resource-constrained SoCs, is joining the Java Card Forum, demonstrating its commitment to contribute and drive forward the development of an IoT profile for the Java Card specification.

Over the past 3 years, jNet has been working with customers to evolve and adapt its Java Card solution to address the requirements of IoT edge devices. Building on Java Card’s strong security foundations, jNet added support for multiple communication protocols, sensors and actuators, including real-time processing of I/O and sensor fusion, secure remote updates, and more, to address the full set of requirements from the SoCs that go into IoT edge devices.

“Our mission at jNet has been to help our customers reduce development costs, accelerate time-to-market and enhance security for IoT edge devices by making them Java-programmable. We port a Java Virtual Machine on to the smallest, most resource-constrained SoCs, so developers can tap the powerful development ecosystem of Java to build things faster, more securely. We are confident that Java-programmable SoCs will become the norm for IoT edge devices,” said Mikhail Friedland, CEO at jNet ThingX. “Through our Java Card Forum membership and contributions to the Java Card IoT profile spec, we hope to accelerate the adoption of Java Card for IoT edge devices.”

“We are delighted that jNet will become a valued member of the JCF,” declares Volker Gerstenberger, President of the JCF. “With their solid background in the traditional sectors and their innovative work in the IoT area, they will add an additional expertise to the Forum, as we work on the future direction of the Java Card platform.”

About the JCF

The primary purpose of the Java Card Forum is to promote, as an industry, the development of Java as the preferred platform for interoperable smart cards and other secure devices. The Forum was founded in 1997 and is composed of a Business Committee and Technical Committee, advancing the Java Card specification in cooperation with Oracle. The Java Card platform is now one of the most pervasive technologies in the world.

About jNet ThingX Corp

jNet ThingX is a “technology enablement” company in the business of developing secure Java Virtual Machines and mission critical, native, real-time Operating Systems under contract with silicon manufacturers, government agencies and commercial businesses. Using its Java Virtual Machine, jNet helps its customers by abstracting away the complexities associated with development on resource-constrained secure microcontrollers and SoCs. As a result, jNet customers reduce their development costs, accelerate their time-to-market and benefit from robust security.

Trademarks:
Oracle and Java are registered trademarks of Oracle and/or its affiliates.