Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

JCF 2020 Webinar Series

The JCF is planning a Series of 6 Webinars in Q4 of 2020, to share with you insights into why Java Card should be the platform of choice in the IoT domain. This Series is FREE OF CHARGE and you can attend as many of the Webinars as you want.

WHAT WILL YOU LEARN?
The Java Card Webinar Series will provide you with an exceptional opportunity to discover how Java Card technology could expand your business. This Series will explain how:

  • the Java Card platform can securely support software upgrades for IoT devices
  • low cost IoT devices can benefit from Java Card technology, especially in terms of security and updatability
  • the Java Card platform enhances eSIM cellular authentication with cloud authentication capabilities
  • a Java Card platform and applications can be personalised securely in the field
  • Java Card technology provides device attestation
  • a Java Card-based Secure Element can be used to secure the communication between edge devices and multiple IoT Cloud platforms

WEBINAR TOPICS

WEBINAR 1: Thursday 5th November, 9am CET + 5pm CET

The GSMA IoTSafe Applet specification – only for eSIM products? (Infineon)

Daniel 100 b&wPresenter: Daniel Hübner, Infineon
Biography: Daniel Hübner is System Architect for the Infineon OPTIGA™ Trust Portfolio. He brings a wealth of 15 years’ experience in the smart card industry and has therefore developed an extensive knowledge in the related ecosystem. Before his current role, he was also responsible for the product definition of the OPTIGA™ Connect Consumer eSIM solution. Prior to that he was a support engineer for Java Card solutions in the payment and government domain.

Webinar Overview: The GSMA has released a specification for a Java Card applet to enable the key handshake procedure required in the TLS protocol. By doing that, the GSMA plan is to enhance eSIM cellular authentication with cloud authentication capabilities and forge the secure Trust Anchor protecting the necessary authentication credentials.
We want to give a short introduction into IoTsafe, why we have decided to go for IoTsafe, not only for the eSIM, but also for non-cellular Secure Element products and how Java Card helps to save costs and time on R&D and maintenance.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/2479542067542290700

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/7971078181237071372


WEBINAR 2: Thursday 12th November, 9am CET + 5pm CET

The Benefits of Java Card in eUICC for IoT Devices (Thales DIS)

Denis 100 b&wPresenter: Denis Praca, Thales
Biography: Denis Praca has over 30 years of experience in the Telecom industry and is currently an expert within the standardization team of Thales DIS. Denis has been working in the smart card industry for over 20-years, and is active in several standardization activities in various organizations such as the ETSI, GSMA and Trusted Connectivity Alliance (formerly SIMalliance). Outstanding contributions include the editorship of the remote SIM provisioning architecture document at the GSMA (SGP.22 specification), as well as chairing the eUICC working group at the Trusted Connectivity Alliance, and vice-chairing the ETSI Smart Card Platform (SCP) working group.

Webinar Overview: Java Card has for years been a mandatory standardized key component of the eUICC. The emergence of low cost IoT devices brings the temptation to remove Java Card to further push cost down. This Webinar will describe the benefits of Java Card for low cost IoT devices, especially in terms of security and updatability, showing that its removal from IoT devices may not be the cleverest choice. Of course, Java Card is today the only interoperable option offered for secure application developers, but in addition to interoperability, Java Card also offers significant benefits. This Webinar will address these benefits, including for example:

  • Security of IoT devices and eco-system, even low cost, is not an option, especially when these devices are shipped in the millions. The use of a virtual machine like the one offered by Java Card is the easiest way to improve security of software, by providing the best process and data isolation. In addition, by relying on a proven standard solutions like IoT-SAFE, confidence in the eco-system can be increased.
  • To maintain the security level, IoT devices require updatability. Java Card helps the updating process.
  • When addressing different markets, customization of devices is required and Java Card is helping the customization process.
  • IoT devices using 3GPP connectivity must embed a secured UICC containing Network Access Applications and grouping all secure related features in a single place minimizes cost. It should also be noted that most of the MNOs use Java Card applets in order to adapt device network access to their network specifications (e.g. Roaming or DNS management)
  • In conclusion, we will try to show that the benefit of supporting Java Card in a UICC or eUICC largely compensates its cost.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/8354973765586800908

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/2490023711890027532


WEBINAR 3: Thursday 19th November, 9am CET + 5pm CET

Serious about IoT? Take note of iSIM and IoT SAFE (ARM – guest speaker)

Paul 100 b&wPresenter: Paul Bradley, ARM
Biography: Paul Bradley is the Strategic Marketing Manager for Arm’s Kigen Secure Connectivity offer. Working with Tier 1 partners within the ecosystem, Paul develops and executes strategies based upon market insights to maintain Kigen’s position as an industry leader in secure identity from chip-to-cloud. Prior to Arm, Paul worked at TM Forum, launching the solutions-oriented Open Digital Framework, and at Gemalto where he held various senior management and consulting roles in the digital security field. Paul has a BSc. in Applied Science (Computer Science & Software Engineering) from Trinity College and Technological University Dublin (formerly Dublin Institute of Technology).

anurag 100 b&wPresenter: Anurag Sharma, ARM
Biography: Anurag Sharma is the Senior Software Developer for Arm’s Kigen Secure Connectivity offer. Anurag is responsible for javacard Applet development. Prior to Arm, Anurag worked at Nucleus software where he takes care of security aspects and applet architecture for world’s first peer to peer offline payment system, and in Idemia where he was responsible for javacard applet and tools development. Anurag has B.Tech in computer Science from U.P. Technical University, India. Anurag is IoT and payment security enthusiast.

Webinar Overview: McKinsey estimates that by 2025, IoT could contribute up to $11.1 trillion per annum to the global economy. Achieving this kind of impact would require various conditions to be in place. One of them is ensuring seamless and secure IoT device provisioning and management so companies unlock the full value of IoT data insights.
IoT devices need to establish trust with a cloud to exchange data securely. However, the high number of proprietary IoT security solutions that currently exists creates a great deal of fragmentation on the market. This fragmentation, combined with the overall complexity of IoT, is causing delays in IoT adoption as enterprises lack implementation knowledge and confidence in future interoperability, scalability and security of IoT devices.
Find out how the combination of GSMA’s IoT SAFE and pioneering integrated SIM (iSIM) technology can address this issue, by delivering a repeatable, standardized solution which is hugely scalable. We will explain what iSIM is; how it helps to simplify the complexities of IoT and why it offers a cost-effective mechanism for cloud authentication and end-to-end security.
You will find out how OEMs and enterprises can utilize an iSIM with an IoT SAFE applet to ‘bake’ secure connectivity into the device at the point of manufacture and enable even the smallest devices to connect, authenticate and exchange trusted data with clouds right out-of-the box.
The talk will also cover our recent collaboration with Vodafone which demonstrates the potential of this innovation. Learn how an iSIM-powered smart label, created for the health sciences giant Bayer, can safely deliver invaluable data insights, securely via cellular networks, directly to Bayer.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/9142412107562792460

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/7405389344351241484


WEBINAR 4: Wednesday 25th November, 9am CET + 5pm CET

Secure Personalization of Java Card and Applications in the operational phase (G+D Mobile Security)

UllrichMartini 100 b&wPresenter: Dr. Ullrich Martini, G+D Mobile Security
Biography: Ullrich Martini studied Physics and received a PhD in 2001 at the Ludwig-Maximilians-University in Munich. Since 2001 he is has been an employee of Giesecke + Devrient and has worked on different variants of secure hardware and software. Since 2018 he has focused on Internet of Things and Smart Wearables at G + D Mobile Security GmbH. He is responsible for tokenization service in G+D Mobile Security Digital Business.


Webinar Overview:
GlobalPlatform (GP) proposed different methods for personalization of Java Card and applications. The presentation explains the possibility and pre-requisites of a de-centralized secure method of Java Card personalisation offered by Java Card and GP technologies and demonstrates an implementation in Java Cards.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/5150550480527005964

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/2907462097468459020


WEBINAR 5: Thursday 3rd December, 9am CET + 5pm CET 

IoT Device Attestation – Demo (Oracle)

Webinar Overview: On-boarding IoT devices requires checking device identity and other attributes (e.g. software state, debug status, security level, etc.). GlobalPlatform has defined an Entity Attestation Token (EAT), as well as the protocol to securely process and export a set of claims securely encapsulated in the EAT. This demonstration shows a secure attestation service running as Java Card application in SE. The service processes attestation requests, builds, signs and exports the EAT corresponding to the EAT specification and requested claims. The EAT is verified by a Cloud service that decides on-boarding depending on policies.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/1240289108946316556

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/8833859457995257612


WEBINAR 6: Thursday 10th December, 9am CET + 5pm CET

IoT Secure Sensors Payload & Cloud Connection – Demo  (Oracle)

Webinar Overview: Securing communication between IoT devices and IoT cloud services is critical to building trusted IoT environments. This demonstration explains how a Java Card-based SE is used to secure the communication between edge devices and multiple IoT Cloud platforms. Among other aspects the demo shows how Java Card and GlobalPlatform technologies support the capability to update and upgrade the security scheme simplifying the repurposing of a device to migrate to another cloud solution.

REGISTER FOR THIS WEBINAR AT 9AM CET: https://attendee.gotowebinar.com/register/5220249622123436812

REGISTER FOR THIS WEBINAR AT 5PM CET: https://attendee.gotowebinar.com/register/8351802774052702220


Please note: All presentations/demos will be in English

WHO SHOULD ATTEND?
This Series is key for IoT device developers, IoT security systems architects, product managers, MNOs, application developers and security experts.
During the Series you will be able to interact with our panel of Java Card specialists (including such companies as G+D Mobile Security, Infineon,  Thales, Oracle and our guest speaker ARM).