Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.


A Visionary

B0BW2506

Bertrand du Castel was a true visionary, in both his technical leadership and the charm and wit he brought to scientific gatherings. From its inception, he was the outspoken champion of the Java Card platform. As one of its founders, his was an early voice for the Java Card Forum as it sought to lend credence to the use of mainstream computer system technology in the highly constrained world of “smart cards.” It is fitting that the JCF celebrate his life – his dedication, passion, belief and determination helped establish a new paradigm in the world of massively distributed, high security computer architectures. However, his vision extended beyond the technical. He recognized that we all live in the progression of history; and, he had a knack for recognizing episodes of historic importance, from the profound to the seemingly mundane.

Bertrand graduated from the prestigious Ecole Polytechnique in Paris, where he completed his PhD in Theoretical Computer Science with a focus on linguistics. He started his career at IBM before moving to Schlumberger in the late 1970s. At that time, the company was often touted as the “IBM of the oil patch” in an era of profound and pervasive change in the oil and gas industry.

In the mid-1990’s, Bertrand was selected to lead a new project to develop a “post-issuance, programmable” smart card. This would allow what were typically thought of as “tokens” to become highly personal and highly portable computers in their own right. Few besides Bertrand appreciated that this somewhat speculative company venture would change the entire industry. To ensure the success of the project, he soon had to prove his leadership skills – drawing together the best technical minds, uniting internal departments to work together, maintaining management’s belief in the final outcome, and opening up the development work to the industry at large; surely the most controversial aspect of the process.

B0BW2442_1As it emerged that ultimate success would require all smart card competitors to have access to the new non-proprietary technology licensed from Sun Microsystems, Bertrand understood that the industry as a whole had to work together, and in close concert with Sun Microsystems.

So, in a truly prescient move, just days after the first Java Card was produced by Schlumberger, the Java Card Forum was formed on 12th February 1997. Bertrand served as the Chair of the Technical Committee and was instrumental in driving forward each new version of the Java Card platform specification: 2.1 in 1999 (interoperable file format), 2.2.2 in 2006 (ETSI and contactless) – and although he left the Forum in 2006, his vision of a connected card led to the release of Java Card 3.0 in 2008.

In 2005, Bertrand’s contribution to the smart card industry was formally recognised when Card Technology Magazine (the main publication of the smart card industry in its day) named him Visionary of the Year and ran a major article about his work.

Bertrand was a fiercely driven man, who led from the front and never shied away from controversy. Discussions within the Java Card Forum could be intense, but progress was always made. He was a character who injected life into the JCF meetings and, beyond the technical world, he relished the opportunity to be part of the passing history in which we all live. Bertrand also had a love of travel and a profound sense of adventure, exemplified by the time he rode a bus for a couple of days and nights on a trip from Austin to central Mexico to see the destination of the migration of millions of Monarch butterflies from all across North America.

Bertrand loved soccer, both watching and playing the game. He organized weekly “pick up” soccer games in a dusty field at the Schlumberger facility in Austin and in 1998 he immediately vetoed scheduling a JCF meeting during the World Cup Finals at the Stade de France in Paris. One simply did not over schedule such a day.

Bertrand’s esoteric style and deep insights into art, literature and language delighted those in the audience for the myriad presentations and publications in which he sprinkled in these references. There are those that still fondly remember his presentation on “Smart Cards and the Washing Machine.” In latter years, he delved deeply into the realm of neuro-science and the human brain, publishing a peer-reviewed paper in a well-recognized neuroscience journal. He was a complex, charismatic and brilliant man who will be sadly missed – but whose Java Card legacy will continue to evolve and provide secure solutions for many years to come.

DSC09800


The term “visionary” has been tossed around a lot over the years, but for Bertrand du Castel, the title fit.

He saw things not the way they are but the way they could be. And he would persuade, cajole, urge and exhort others to see the possibilities, as well.

A true enabler of innovation–including the creation of the hugely successful Java Card platform for the smart card industry–Bertrand had a knack for consensus building as he convinced others to adopt his vision. If they resisted, he used persistence, an abundant wit and his quirky charm to overcome their reservations.

He will be sorely missed.

Dan Balaban is a journalist and author of a 2005 profile on Bertrand du Castel, “Keeping an Eye on the Future,” in Card Technology magazine.


 

Many thanks to Tim Jurgensen and Bertrand’s family for their contributions to this feature.

Photos:
All photos re-printed with kind permission from Will van Overbeek, www.willvano.com

Sources:
• Personal History of the Java Card; 2009, Bertrand du Castel
• Keeping an Eye on the Future; 2005, Dan Balaban for Card Technology
• Wikipedia entry for Bertrand du Castel


RELEASE OF JAVA CARD 3.1 PROVIDES THE FOUNDATION FOR IOT SECURITY

Berlin, 16th January 2019 – The Java Card Forum (JCF) and Oracle proudly announce the release of Java Card 3.1, which is a major milestone platform update, facilitating the development of advanced security services for existing markets and the emerging Internet of Things (IoT) sector. The JCF have been working in close co-operation with Oracle, providing recommendations for the new specification and the release is a testament to this long-standing partnership of over 20 years.

For current Java Card users, the new version offers a developer-focused technology update to existing secure elements and facilitates the deployment and reuse of large applications. Development of the latest version has also focused on the heightened concern about security and trust in the IoT arena (as more machines and devices become connected), providing new functionality to accelerate development of IoT use cases and support for communication over IoT protocols, and secure access to peripherals.

“I strongly believe in the potential of Java Card technology to benefit new fields of deployment – especially in the Internet of Things,” explains Volker Gerstenberger JCF President and Business Committee Chairman. “With the advent of the IoT age we are seeing more and more connected endpoint devices that need to be connected and secured. We see additional new networks (such as Narrow-Band IoT, for example) that have to be protected and the emergence of a variety of completely new and unforeseen services that need to be enabled, from both a user experience perspective and more importantly, from a security perspective.”

Christian Kirchstaetter, head of the Technical Committee agrees: “The Java Card 3.1 specification has a clear objective to address the Internet of Things security challenges. By this I mean new features supporting integration into IoT devices and new types of communication protocols and therefore becoming the new security powerhouse for IoT.”

“Java Card 3.1 is the most significant feature release of Java Card in over 10 years,” adds Florian Tournier, Senior Director for Java and IoT at Oracle. “The close partnership between Java Card Forum and Oracle has delivered a flexible platform that can fulfil the fast-changing security requirements of Internet of Things devices.”

Java Card 3.1 Documentation can be found here.

Trademarks:
Oracle, Java Card and Java are registered trademarks of Oracle and/or its affiliates.


Java Card technology – Building the Foundation for End-to-End IoT Security (new Whitepaper)

The Java Card Forum and Oracle have today released a Whitepaper explaining how Java Card technology is ideally placed when it comes to securing the IoT sector.

cover of Whitepaper

Connected devices volumes are expected to increase exponentially in the upcoming years. Analyst data seem to converge and indicate that the number of things connected to the internet should exceed the number of humans by a factor of 8 come 2020.

While this growth brings transformative effects to several industries and to people’s daily lives, it also induces an additional level of system complexity to the infrastructure that will handle device data. IoT systems need to be cognisant of a vast number of device types, interfaces, communication protocols, or device lifecycles.

In parallel, there is a strong imperative to be able to trust the data that gets acquired and acted on by IoT solutions. It is a well-known fact that Big Data is only as good, or as secure, as the small data that it is built on. The effects of corrupted devices or data on systems that make instant, analytics-based decisions can have a severe financial, material and human cost.

As a result, there is an increasing need for solutions that secure the source of data at the edge, creating end- to-end security up to the cloud, and help IoT customers simplify the overall security equation.

Fortunately, there is an extensive body of work already available detailing the security risks associated with Internet of Things systems. This document does not intend to replicate this work. Instead we will focus specifically on the security of IoT devices. We will make an effort to categorise some of the key challenges faced by IoT vendors at the edge of the network. We will also go over hardware or software solutions that can abstract a good portion of the IoT complexity from the customer. We will discuss what new use cases can be brought about by open, secure application platforms such as Java Card technology.

Download the full Whitepaper here.


Want to find out how to secure IoT Edge with Java Card technology?

On March 21st and 22nd, Oracle are running 3 webinars to share how Java Card technology can help in the design of secure IoT systems.

Security at the device edge has become more critical than ever with the maturation of Internet of Things (IoT) infrastructures based on Cloud Services, Business Intelligence, and Big Data Analytics. The risk of processing data from compromised, rogue, or untrusted devices increases exponentially due to the scale of IoT networks and with potentially dire business outcomes. What is your IoT security vulnerability management strategy?

This webinar session on the applications of Java Card technology will review security risks introduced by massively pervasive connected devices for the IoT market. Join this live interactive presentation to:

  • Find out what hardware and software solutions are available today to anchor security at the heart of device architectures
  • Address technology fragmentation and deployment issues
  • Review IoT edge use cases to identify potential risks and requirements at multiple levels

Click here to find out more and register for the Webinar.

 


Infineon Technologies joins the Java Card Forum

The Java Card Forum welcomes Infineon during its 20th year anniversary

Berlin, 6th November 2017 – The Java Card Forum (JCF) is delighted to announce Infineon Technologies AG as its latest member.

With more than six billion high security controllers sold since 2010, Infineon is a major player in today’s global security industry. Infineon has a long history working with Java Card technology supporting specification enhancements throughout the various releases, right up to the 3.0 version.

“Infineon can bring a wealth of experience to the Java Card Forum particularly in the area of security and a network of partners who are interested in the further development of the platform,” explains Ioannis Kabitoglou, Vice President & General Manager at Infineon. “There is clear trend towards the use of Java Card technology in Smart Card and Security applications in the area of payment and government. Especially multi-application is driving this development: Java Card gives a maximum of flexibility for combining and upgrading various features on a single card,” concludes Kabitoglou.

“We are delighted that Infineon will be a valued member of the JCF,” declares Volker Gerstenberger, President of the JCF. “They have long been champions of the Java Card platform and we welcome their contributions to the continued specification development. It is especially significant that they are joining in 2017, as we celebrate our 20 year anniversary – a real statement that the technology is very much alive and kicking, with new business opportunities and challenges.”

About the JCF

The primary purpose of the Java Card Forum is to promote, as an industry, the development of Java as the preferred platform for interoperable smart cards and other secure devices. The Forum was founded in 1997 and is composed of a Business Committee and Technical Committee, advancing the Java Card specification in cooperation with Oracle. The Java Card platform is now one of the most pervasive technologies in the world.

About Infineon Technologies

Infineon Technologies AG is a world leader in semiconductor solutions that make life easier, safer and greener. Microelectronics from Infineon is the key to a better future. In the 2016 fiscal year (ending September 30), the company reported sales of about Euro 6.5 billion with more than 36,000 employees worldwide. Infineon is listed on the Frankfurt Stock Exchange (ticker symbol: IFX) and in the USA on the over-the-counter market OTCQX International Premier (ticker symbol: IFNNY).

Trademarks:
Oracle and Java are registered trademarks of Oracle and/or its affiliates.


Celebrating our 20 Year Anniversary in Munich

Screen Shot 2017-10-18 at 13.11.25

There have been many different posts on the site highlighting our 20 years Anniversary over the last few months, looking at how the JCF and the technology have evolved over the years, but we also felt it was important to celebrate the achievements with the people who made it happen.

Yesterday evening (17th October) we invited past and current members of the Java Card Forum to join together in celebrating the work carried out over the last 20 years; to reminisce about the ‘good times’ and look forward to the next release of the Java Card specification in 2018.

The Celebration Dinner took place in Munich, during one of the bi-annual Plenary sessions, and was held in a typical Bavarian restaurant, ensuring plenty of hearty food, German beer and Lederhosen!

As Volker Gerstenberger, President of the JCF, welcomed old and new members alike to the event, he reminded guests of a few Java Card facts: “Who would have thought back in 1997, that as an industry we would now be producing enough Java Cards per year to supply every man, woman and child on the planet. And that over the years we’ve shipped enough Java Cards to reach to the moon and back nearly 3 times.
With the current work advancing Java Card technology to become the security powerhouse for IoT, I am proud to say the JCF’s contribution remains as relevant today as it was back in the 90s.

Here’s to the next 20 years!

A Toast to Forum members past and present
20years_toast

Members can view more photos here, using the password provided.