Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

How Thales uses Java Card technology to secure IoT end-to-end communication

While device growth brings transformative effects to several industries and to people’s daily lives, it also induces an additional level of system complexity to the infrastructure that will handle device data.

In parallel, there is a strong imperative to be able to trust the data that gets acquired and acted on by IoT solutions. The effects of corrupted devices or data on systems that make instant, analytics-based decisions can have a severe cost. As a result, there is an increasing need for solutions that secure the source of data at the edge, creating end-to-end security up to the cloud and beyond to connected devices.

Recognising this need for scalable security, the GSMA (Global System for Mobile Communications) has recently published a specification to establish end-to-end, chip-to-cloud security for IoT products and services called IoT Safe (IoT SIM Applet For Secure End-End Communication), that establishes the SIM or eSIM as the hardware root of trust.

A secure element running Java Card can play a critical role to ensure trust between the cloud and connected device. It can be leveraged by the device to delegate the provisioning of device identity and to manage the initial on-boarding process. It can further secure the cloud authentication and authorisation process and store the related credentials securely.

Thales (one of the Java Card Forum Members) has implemented the GSMA IoT SAFE specifications, leveraging on field proven and standardized SIM and eSIM security solutions to deliver scalable IoT Security. Find out how they use:
Secure Elements to deliver scalable trust for IoT applications (Infographic)
Secure Elements to address the three key IoT security requirements
Secure Elements to enable mutual authentication between IoT devices and the cloud