Another exciting use for Java Card in IoT, is to secure the “last yard” between devices (or gateways) and attached peripherals. This is especially important for systems comprising actuator devices that can have a direct impact on safety. Securing data coming from a sensor (or sent to an actuator), can be a complex cost/ technology equation in untrusted physical environments. It is a challenging problem to solve, as sensors are often very simple devices with severe price constraints. Having them perform cryptographic operations or coupling them with a dedicated security chip brings about some commercial hurdles, in particular in markets where sensor data can be highly sensitive, such as automotive.
The introduction of multi-application secure elements, powered by Java Card offers cost-effective options, as the price of the hardware may be shared by multiple services.
Firstly, the secure element can be granted direct access to peripherals. This can be used to make sure that there is no “in the clear” communication between a sensor and the cloud. One can also leverage the secure element to perform verification of biometric data against an expected value, avoiding side channel attacks. The secure element can also verify the operating conditions using built-in sensors and detect abnormal use. There are also scenarios where a secure chip could perform general purpose operations such as data averaging or initial filtering and even edge analytics, to alleviate the load or act as a substitute to a general purpose MCU.
Java Card is at the core of these use cases. The Java Card Forum and Oracle have standardised APIs and a new I/O model, to allow direct and secure access to peripherals from within Java Card applications. Those features are included in the Java Card 3.1 release, helping to simplify the implementation of Trusted Peripheral use cases and enabling trust and the exchange of sensitive data at the very edge.