You are on page 1of 20

Dev|ce 1echno|ogy

8|ometr|cs
8lomeLrlcs auLhenLlcaLlon sysLem capLure user's characLerlsLlcs wlLh a sensor devlce
characLerlsLlcs values and compare Lhls wlLh a known reference 1he resulL of comparlson ls elLher
0 lf auLhenLlcaLlon was noL successfully performed Cr 1 lf auLhenLlcaLlon was successful
ln flngerprlnL verlflcaLlon lmage sysLem exLracLs end and blfurcaLlon polnLs of flnger llnes
and users locaLlon and dlrecLlon as characLerlsLlc values for comparlson wlLh one or more sLored
reference
lA8lalse accepL raLe
l88lalse re[ecL raLe
lA8 ls probablllLy LhaL Lhe sysLem wlll re[ecL wrong user
l88 ls probablllLy LhaL Lhe sysLem wlll re[ecL correcL user
ln case of ln verlflcaLlon wlLh slm card lA8 for any aLLempL by an unauLhorlsed user ls
001
1he sysLem allows for a maxlmum of Lhree Lrlals before smarL card ls shuL off 1he overall
lA8 for SlM card ls 003
1he l88 ls 0 because correcL ln wlll always be accepLed

0
1


I|nger pr|nt authent|cat|on
AnoLher securlLy dlsadvanLage of blomeLrlcs sysLem ls Lhelr suscepLlblllLy Lo fraud unless Lhe
LoLal sysLem ls securely encapsulaLed and communlcaLe wlLh auLhenLlcaLlon requesLor
1he SlM card sysLem uses Lhe smarL card for secure sLorage of ln and uses Lhe keys for
secure communlcaLlon wlLh servlce provlder
llnger prlnL verlflcaLlon wlll probably be lnLroduced for pervaslve compuLlng devlces wlLh
ln backup ln case of denlal of servlce
llnger prlnL auLhenLlcaLlon musL communlcaLlon wlLh (ln) SlM vla a secure channel Lo
malnLaln sysLem lnLegrlLy
8equesL
auLhenLlcaLlon
8eference
LxLracL feaLures Sensor





C
o
m
p
a
r
e

perat|ng System
1he core funcLlonallLy of every pervaslve compuLlng devlce ls deLermlned by lLs operaLlng
sysLem 1he ma[or dlfference of CS for pervaslve devlces from user's polnL are humanmachlne
lnLerface and Lhe speed wlLh whlch Lask can be performed
Compar|son of DA and C
uA
1lme Lurned on perday Plgh
1lme spenL per Lask Low
a|m S arch|tecture









Core S funct|ona||ty
alm CS organlsed ln dlfferenL horlzonLal and verLlcal layers 1o make Lhe verLlcal layer
lndependenL from underlylng hardware a mlcrokernel encapsulaLes Lhe hardware speclflc
funcLlonallLy
1he verLlcal layers provlde appllcaLlon programmlng lnLerfaces (AlS) for appllcaLlons Lo
access Lhe CS funcLlonallLy 1hey are dlvlded lnLo
User |nterface
WlLh graphlcal lnpuL/ouLpuL (l/C) Lg buLLonsforms eLc
Memory management
ConslsLlng of daLabases runLlme space sysLem space global varlables

AppllcaLlon





alm CS
User interIace
Iorms
controls
Buttons
Memory
Management
Database
Runtime space
System space
Globals
System
Management
Events
Strings
Time
Alarm
Communication
TCP/IP
Serial
IRDA
Mlcrokernel
System management
1hls looks afLer evenLs daLe Llme sLrlngs eLc
Commun|cat|on |ayer
lL ls provldes communlcaLlon over serlal l/C 1ransmlsslon conLrol proLocol (1C/l) or
lnfrared daLa assoclaLlon (l8uA)
a|m S has fo||ow|ng features
User management
alm CS ls slngleuser operaLlng sysLem
1ask management
Cnly one appllcaLlon can run aL a Llme buL lL ls a posslble Lo call oLher appllcaLlons from Lhe
runnlng appllcaLlon lnLernally almCS ls mulLlLasklng
ower management
ulfferenL operaLlng modes (sleep doze securlng) Lo save power
SS|ze
alm CS ls abouL 14M8 (lncludlng bullLln appllcaLlons ln slze)
User |nterface
1 alm appllcaLlon sLarLer flg 320/page 77
2 alm appllcaLlon's look feel
1he ma[or user lnLerface deslgn prlnclples of alm CS are
1 8ecognlze only palm handwrlLlng alphabeL one buLLon access Lo appllcaLlons
2 MlrluLlse Laps for mosL used operaLlons
Memory management
lf one appllcaLlon crashes Lhen Lhe whole sysLem crashes so appllcaLlon musL be exLremely
well LesLed lL also alLer daLa conLalned wlLh oLher appllcaLlons
1he memory managemenL dlvldes Lhe avallable memory lnLo
Dynam|c heap
1he dynamlc heap ls execuLlonbased and clears on reseL lLs slze ls beLween 64 and 236k8
dependlng on LoLal memory slze lL ls used Lo sLore global varlables Lhe sLack dynamlcally
allocaLed memory lL provldes fasL read and wrlLe access buL has no ablllLy Lo proLecL lLself agalnsL
unauLhorlsed wrlLers

Storage
ueslgned Lo hold permanenL daLa such as daLabase flles and appllcaLlon code lL provldes
fasL read access and slow wrlLe access and wrlLe proLecLlon
Software deve|opment for a|m S
alm supporLs C and C++ for sofLware developmenL lL ls developed by C and ls currenLly Lhe
besL cholce for developlng performancecrlLlcal appllcaLlons
Cne commerclal lnLegraLed developmenL envlronmenL avallable for palm
Metro works code warr|or
1hls lncludes an edlLor compller debugger and vlsual graphlcal user lnLerface consLrucLor
alm supplles a palm emulaLor whlch emulaLes palm hardware on a C alm programs can
be run and debugged on Lhe emulaLor Lhen same program can be downloaded Lo real palm devlce
alm program ls edlLed and Lhen complled lL can elLher be run ln palm emulaLor on C or
download Lo a real palm Lhe program can be remoLely debugged from C
AppllcaLlon developmenL ln C ls slmple and fasL for palm because Lhere ls an exLenslve
sysLem llbrary
alm appllcaLlons are synchronous and evenL drlven 1hey conslsL of maln evenL loop and
evenL handllng LvenLs can be user lnLerface acLlons (buLLon pressed handwrlLlng l/p eLc) sysLem
noLlflcaLlon (power managemenL global search eLc) appllcaLlon speclflc evenLs
Several vlrLual machlnes (vMs) for palm are avallable from Lhlrd parLles lncludlng kvM (!ava
2 Mlcro LdlLlon) from Sun !9 from 18M and WabavM from wabasofL
Sun !ava !vM lmplemenLs !ava 2 Mlcro LdlLlon !9 ls performance and realLlme opLlmlzed
waba!vM ls LargeLed for small devlces !vM wlLh class llbrary Lakes 236312k8 of sLorage and qulLe
a large amounL of heap space Pence has very LlghL resource consLralnLs for palm


C



alm
alm developmenL cycle
LdlL
Complle uebug
8un
program
llnal
program

C
LCC wars orlglnally creaLed by slon buL malnLalned by symblan
LCC16 for 16blL processor and LCC32 for 32blL processors
LCC supporLs unlcode whlch ls lmporLanL for Aslan markeL 236 colours dlsplay
Core funct|ona||ty
alm CS ls slngle Lask LCC ls mulLlLasklng


AppllcaLlons







LuCC CperaLlng sysLem archlLecLure
Ieatures of C S
1ask management
8ealLlme mlcro kernel wlLh lowlnLerrupL LaskswlLchlng laLency provldes mulLlLasklng wlLh
preempLlve prlorlLydrlven schedules
User |nterface
1he user lnLerface frameworks ln LCC named LlkCn provldes sLandard graphlcal user lnLerface
elemenLs such as buLLons dlalogs and lnLerface elemenLs such as buLLons dlalogs and menus Also
for handllng daLa command l/p
llg 323 page 81 shows LCC user lnLerface for Lrlcson devlce


LLkCn
M|dd|eware
uaLabase rlnLlng sLeam SLandard
Wlndow server SLore llbrary
8ase
llle server uevlce drlvers kernel
Memory management
LCC has MMu concepL Lo provlde separaLe address space for each appllcaLlon LCC CS and
developmenL Lools provldes a rlch seL of Lools for checklng ouL of memory errors and freelng up
used memory 1hey lnclude deslgn paLLerns sLack clean up heap fallure heapchecklng Lools
S]W deve|opment for C
rogrammlng languages supporLed by LCC are C++ !ava and CL
C++ ls language of cholce for sysLem developmenL and hlghperformance appllcaLlon
programmlng
C++ developmenL envlronmenLs from Cnu for complllng devlce code MlcrosofL vlsual C++ for
complllng for emulaLor
C deve|opment cyc|e

C







LCC
devlce

LCC appllcaLlons are dlfferenL from alm CS appllcaLlons because LCC heavlly relles
on mulLlLasklng 1he appllcaLlon programmer can choose Lo program elLher synchronous
appllcaLlons (whlch look llke alm CS) or asynchronous appllcaLlons
W|ndows C
Wlndows CL ls an embedded operaLlng sysLem developed by MlcrosofL verslons 10
20 wlndows CL user lnLerface were slmllar Lo wlndows user lnLerface

LdlL
Complle for
LCC
Complle for
C
uebug
8un
llnal
rogram
C++ !ava CL
erformance uevelopmenL Llme
rogram performance and developmenL Llme
Core operat|ng system funct|ona||ty
Wlndows CL ls modular operaLlng sysLem 1hls ls resulL of 8CM based deslgn of
Wlndows CL ln conLrasL Lo more deskLop orlenLed dlskbased operaLlng sysLems llke llnux or 8e os lL
can be conflgured aL run Llme
1he kernel provldes memory managemenL Lask schedullng lnLerrupL handllng 1he
graphlcs/wlndow/evenL manager (CWL) lnLegraLes Lhe user lnLerface funcLlons of graphlcal o/p and
user l/p
1he ob[ecL sLore ls perslsLenL memory of wlndows CL and lncludes flles Lhe reglsLry and
a daLabase
llnally communlcaLlon lnLerface lnclude lnfrared communlcaLlon vla lruA 1C/l and
serlal drlvers

AppllcaLlons






Wlndows CL
Wlndows CL ArchlLecLure
Wlndows CL offers followlng feaLures
User Management
Wlndows CL deslgned for uAslL supporL only one user
1ask Management
1he Lask manager supporL 32 slmulLaneous process an unllmlLed noof Lhreads
(llmlLed only by avallable physlcal memory)
rogrammlng lnLerfaces communlcaLlon lnLerfaces
Shells
lnLerneL
Lxplorer
8emoLe
connecLlvlLy
kernel CWL Cb[ecL
SLore
1C/l
lruA serlal
perat|ng System S|ze
Wlndows CL fooLprlnL ls as small as 400k8 for kernel up Lo 3M8 wlLh all modules up
Lo 8M8 lncludlng ockeL word lnLerneL explorer
User |nterface
Wlndows CL provldes menu conLrols dlalog boxes lcons supporLs sound
8efer flg 327 page 84 Lhe deskLop shows lcons llke world reduced verslon of
MlcrosofL's LexL processlng s/w MlcrosofL medla player for playlng M3
Memory Management
A proLecLed vlrLual memory sysLem supporLs up Lo 32M8 memory per process proLecLs
appllcaLlons agalnsL each oLher
A heap exlsLs for flle sysLem reglsLry ob[ecL sLore and LransacLlon servlce for ensurlng
daLa lnLegrlLy 1he ob[ecL sLore can have slze up Lo 236M8
Secur|ty
Wlndows CL has supporL for crypLography wlLh crypLographlc llbrary (CAl
CrypLographlc AppllcaLlon rogrammlng lnLerface) Lo securely sLore lnformaLlon ln memory
1he kernel loader auLhenLlcaLlon program can use publlckey slgnaLures Lo prevenL
unauLhorlsed appllcaLlons from summlng As an addlLlonal feaLure lL ls posslble Lo achleve more
securlLy for senslLlve daLa by uslng smarL card lnLerface of wlndows CL
Software deve|opment for w|ndows C
Wlndows CL ls based on Wln32Al offers slgnlflcanL advanLages ln appllcaLlon sofLware
developmenL 1here are professlonal developmenL Lool such as vlsual C++ or vlsual baslc
Iava for ervas|ve Dev|ces
Cvervlew of dlfferenL verslons of !ava Lwo relevanL !ava verslons for pervaslve devlces
1!ava Mlcro LdlLlon
28ealLlme !ava
1hree vlrLual machlnes avallable for pervaslve devlces (Sun's kvM Waba l8M's vlsual
age mlcro edlLlon)
Iava
!ava Lechnology was creaLed ln 1991 aL sun as a programmlng Lool ln a small closed
door pro[ecL called green pro[ecL
!ava mlcro edlLlon (!2ML) whlch lncludes dlfferenL vlrLual machlnes core Al and markeL
speclflc Al's deflned ln proflles !2ML has been deslgned for pervaslve compuLlng devlces
!ava sLandard LdlLlon (!2SL) almed as LradlLlonal C lL has rlch seL of Al's Lhan !2ML
and used ln vMs opLlmlzed for performance and securlLy
!ava LnLerprlse edlLlon (!2LL) creaLed by sun for server sysLems lL enhances Lhe !2SL
wlLh Al's needed for server based compuLlng lncludlng [ava beans !Ss daLabase access and more









8rowser SmarL AppleL AuLhenLlcaLlon AppllcaLlon
card ServleL ServleLs

verv|ew of Iava p|atforms and d|fferent prof||es
!ava2 Mlcro LdlLlon ls LargeLed for pervaslve compuLlng wlLhouL realLlme requlremenLs
1hese devlces are characLerlsed `by
O Small amounL of avallable memory(128312k8)
O LlmlLed energy (baLLeryoperaLed)
O ConnecLed Lo neLwork
O 8esLrlcLed graphlcal dlsplay capablllLles
8ased on [ava 2 mlcro edlLlon proflle Lhe followlng conflguraLlon are avallable
O ConnecLed devlce conflguraLlon (CuC)
O lL ls based on personal [ava Lechnology and has byLe codes and core Al's of
sLandard !ava lL ls LargeLed aL devlces llke screen phones and seL Loo boxes wlLh
more Lhan 312k8 8CM more Lhan 236k8 8AM and connecLlon Lo a neLwork 1he
maln dlfference Lo sLandard [ava llbrarles ls resLrlcLed user lnLerface llbrary
O ConnecLed llmlLed devlce conflguraLlon (CLuC) address Lhe geographlcal user
lnLerface daLa sLorage messaglng (eg emall sms) securlLy wlreless neLworklng for
devlces wlLh 128312k8 8AM such as moblle phones and 1v seLs
roflle roflle roflle roflle
!ava2 LnLerprlse
LdlLlon (!2LL)
core Al'S
!ava2 SLandard
LdlLlon (!2SL)
core Al'S
1v
roflle
Screen
phone
Car
roflle
Moblle lnformaLlon devlce
ersonal roflle
!ava2 Mlcro
LdlLlon (!2ML)
core Al'S
SmarL card
proflle
!ava programmlng Language
!ava PoL spoL !vM kvM Card vM
Sun provldes a speclal vM called kvM for Lhls conflguraLlon LhaL ls opLlmlsed for memory
consLralned envlronmenLs
1o enhance Lhe use of [ava beyond Lhese Lwo conflguraLlon !ava2ML Lechnologles are
deflned
O Lmbedded [ava
O !ava card
O 8eal Llme [ava
ea| t|me Iava (1I)
81! ls backward compaLlble Lo sLandard [ava and wlll lnclude all feaLures needed Lo bulld
sysLems wlLh real Llme requlremenLs
Ma|n features of ea|t|me spec|f|cat|on for Iava (1SI)
red|ctab|e execut|on speed
nonpredlcLable execuLlon Llme caused by Llmesllclng schedullng and occaslonal garbage
collecLlon 1he flrsL prlorlLy was Lo always have predlcLable runLlme behavlour
Custom|zab|e schedu|es
81!S deflnes dlfferenL memory Lypes Lo allow shorLlong llved ob[ecL Lo exlsL ouLslde Lhe
scope of garbage collecLlon
1o achleve Lhls a new deflnlLlon of ob[ecL llfe Llme ls provlded and memory areas such as
scoped memory lmmorLal memory and physlcal memory are lnLroduced
Access to phys|ca| memory
8ealLlme sysLems ofLen need fasL access Lo sensors or acLors LhaL connecL realLlme sysLem
Lo physlcal world 81S! has mechanlsm for breaklng [ava sandbox aL deflned places Lo have dlrecL
access Lo m/c memory
b[ect and thread synchron|sat|on
81S! deflnes synchronlsed walLfree read and wrlLe queues and monlLors for muLual
excluslon synchronlzaLlon whlch avolds Lhe prlorlLy lnverslon problem of sLandard [ava
lmplemenLaLlon
Asynchronous event hand||ng
Many real Llme sysLems are evenL drlven and make exLenslve use of asynchronous evenLs
such as lnLerrupLs


Iava v|rtua| mach|nes for pervas|ve dev|ces sun's kVM
Ieatures
Iu|| Iava VM kvM lmplemenLs full !vM speclflcaLlon
Sma|| memory foot pr|nt kvM was deslgned wlLh goal of mlnlmal fooL prlnL kvM on
alm CS has fooL prlnL 3070 k8 and needs 128k8 aL run Llme
16]32 b|t CU kvM was deslgned Lo run on 16blL processors aL 16MPZ lL also runs on
32blL processors
eference p|atforms lor kvM exlsL for alm CS Solarls and wlndows 32
kvM ls based on !2ML conflguraLlon has some slgnlflcanL dlfferences Lo !2SL 1hese
derlvaLlons are caused by llmlLed devlce capablllLles
D|fferent UI c|asses kvM does noL provlde AW1 or swlng llbrarles as mosL pervaslve
devlces have llmlLed dlsplay capablllLles and llmlLed processor power
estr|cted VM 1o make vM as small and efflclenL Some feaLures are opLlonal such as
floaLs mulLldlmenslonal arrays and class flle verlflcaLlon and oLhers such as remoLe meLhod
lnvocaLlon (8Ml) Lhread grouplng and reflecLlon are mlsslng compleLely
Subset of I2S ||brar|es 1o reduce Lhe slze of [ava llbrary for memory consLralned
devlces only subseL of !2SL llbrarles are supporLed lor example [avaneL and [avalo are
lmplemenLed
Compar|son of VMs for pervas|ve dev|ces
kVM WA8A I9
|atforms alm wlndows CL LuC alm Wlndows CL alm Wlndows CL
llnux wlndows solarls neuLrlnoLlnuxwlndows
erformance Low Plgh Plgh
Memory use Plgh Low Low
L|brar|es uevlce lndependenL uevlce lndependenL uevlce lndependenL
Standards !ava 2 ML !ava !ava 2 ML
Source code under sun llcense Cpen source no
ava||ab|e
Deve|opment SLandard !ava Lools wlLh SLandard !ava Lools lnLegraLed developmenL
env|ronment kvM summlng on wlLh waba vM envlronmenL wlLh
developmenL plaLform summlng on remoLe debugglng ablllLy
developmenL plaLform

Dev|ce connect|v|ty
rotoco|s
1o ensure dellvery of daLa ln an envlronmenL where Lhe devlce can be swlLched off or
connecLlon can break down aL any Llme message and LransacLlon proLocols are used Lo malnLaln
lnLegrlLy
W|re|ess protoco|s
Wlreless proLocols are naLural communlcaLlon cholces for small hand held devlces such as
uAs and moblle phones no cables are requlred ln order Lo communlcaLe wlLh oLher devlces
WA]WML
WA ls a Lechnology deslgned Lo provlde moblle Lermlnal (le moblle phones) users wlLh
rapld and efflclenL access Lo lnLerneL
WA lnLegraLes Lelephony servlces wlLh browser Lechnology and enables easyLouse
lnLeracLlve lnLerneL access from moblle handseLs
WA proLocol ls slmllar Lo P11 a hlgh level lnLerneL communlcaLlon proLocol WA has
been opLlmlsed for llmlLed dlsplay capablllLles of Loday's moblle Lermlnals
8O
lL was orlglnally deflned for lruA as lrC8Lx buL lL ls lndependenL from underlylng LransporL
proLocol C8Lx was creaLed wrap an lruA communlcaLlon as compleLely as posslble Lhere by
dramaLlcally slmpllfylng Lhe developmenL of communlcaLlon enabled appllcaLlon lL has pull and
push commands for bldlrecLlonal communlcaLlon
1he sesslon model sLrucLures Lhe dlalog beLween Lwo devlces lL uses blnary packeL based
cllenL/server requesL/response model
1he ob[ecL model carrler lnformaLlon abouL ob[ecL belng senL as well as conLalnlng ob[ecLs
Lhemselves
A header ls an enLlLy LhaL descrlbes some aspecL of Lhe ob[ecL such as name lengLh
descrlpLlve LexL or ob[ecL body lLself
1he headers can be passed slmllar ln concepL Lo header ln P11
8|uetooth
8lueLooLh ls an 8l speclflcaLlon for shorLrange daLa exchange 8lueLooLh has followlng
characLerlsLlcs
*Irequency band
CperaLes ln 243 CPZ 1SM lndusLrlalsclenLlflcmedlcal (1SM) band

*Secur|ty
AuLhenLlcaLlon based on prlvaLe keys and encrypLlon
*1ransm|tt|ng capab|||t|es
ls omnl dlrecLlonal and has range up Lo 10m lL supporLs lsochronous asynchronous
LransmlLLlng servlces
*8andw|dth
Capable of provldlng daLa Lransfer raLe up Lo 1 Mbps
*Speech
SupporLs Lhree dlglLal speech channel
*Cost
8elaLlvely expenslve wlLh expecLed prlce
*5S10 per b|ue tooth modu|e
8lueLooLh ls proLocol of cholce Lo connecL Lwo or more devlce LhaL are noL ln dlrecL llne of
slghL Lo each oLher
lor example A dlglLal camera can send plcLures Lo hard dlsk LhaL ls ln a nearby brlef case
8lueLooLh offers dlfferenL securlLy modes lncludlng auLhenLlcaLlon based on prlvaLe keys
and encrypLlon Lo solve proLecLlon mechanlsm
IrDA
lruA speclfles several lnfrared communlcaLlon sLandards buL lmporLanL ones are lruAuaLa
and lrMC lnfrared moblle communlcaLlon
lruA has followlng characLerlsLlcs
Irequency band
lnfrared llghL ls used as physlcal LransporL medlum
Secur|ty
lruA has no securlLy concepL buL relles on hlgherlevel proLocol securlLy
1ransm|ss|on capab|||t|es
8ecause lruA ls based on lnfrared llghL lL conslsL of polnLLopolnL connecLlons wlLh a
narrow angle (30degree cone) beLween sender recelver
lruA deslgned for shorLdlsLance communlcaLlon (030 cm)
8andw|dth
lruA supporLs daLa raLes up Lo 4Mbps wlLh 16Mbps under developmenL
Speech
1here ls supporL for only one dlglLal speech channel
Cost
1hey are very cheap boLh lruA sender recelver are massproduced
lruA ls well perfecLly sulLed for hlghspeed daLa connecLlon (eg connecLlng a devlce Lo a
wlred neLwork)
1o lnlLlaLe a daLa exchange lL requlres a devlce Lo be ln dlrecL llne of slghL Lo oLher lruA
devlce (eg Lo exchange vlrLual buslness cards)
Access from Cs
Smart card based authent|cat|on v|a |nternet
1he user needs a C wlLh a connecLed smarL card reader When Lhe user Lrles Lo access u8l
provlded by a proLecLed servleL buL noL yeL logged ln Lhe servleL sends back a logln page LhaL
conLalns an auLhenLlcaLlon appleL parameLerlzed wlLh u8l LhaL was requesLed














Authent|cat|on us|ng smart card
AuLhenLlcaLlon AppllcaLlon
P11
8rowser smarL card AppleL ServleL servleL
sesslon


Logln page
CeL challenge
Clve password challenge
Slgn challenge
SlgnaLure
CeL cerLlflcaLe
CerLlflcaLe SlgnaLure cerLlflcaLe SecurlLy sLaLe
Ck
8equesL1 SecurlLy
8esponse1 sLaLe
8equesL2 SecurlLy
8esponse2 sLaLe
8equesL3 SecurlLy
8esponse3 sLaLe


(l) AuLhenLlcaLlon appleL sends a requesL Lo auLhenLlcaLlon servleL Lo geL a random challenge lL
Lhen prompLs user for Lhe password for Lhe smarL card and glves Lhe password Lo Lhe card
1hls can generaLe dlglLal slgnaLures 1he appleL sends a second requesL Lo Lhe card LhaL
conLalns challenge from Lhe server Lo a dlglLal slgnaLure over LhaL challenge from smarL card
(ll) lL sends a Lhlrd requesL Lo obLaln Lhe cerLlflcaLe for Lhe key used Lo slgn Lhe challenge 1he
auLhenLlcaLlon appleLs Lhen sends Lhls dlglLal slgnaLure and Lhe cerLlflcaLe Lo auLhenLlcaLlon
servleL for verlflcaLlon
(lll) Cnce Lhe slgnaLure ls valld auLhenLlcaLlon servleL adds a securlLy sLaLe Lo currenL sesslon Lo
lndlcaLe LhaL user ls now logged ln lL reLurns an Ck message Lo auLhenLlcaLlon appleL
(lv) 1he appleL now leL Lo know and dlsplay Lhe u8l LhaL was requesLed As auLhenLlcaLlon sLaLe ls
presenL ln Lhe sesslon aL Lhls polnL Lhls requesL and all subsequenL requesLs are served unLll
Lhe sesslon explres
Imp|ementat|on Arch|tecture verv|ew
















1he logln servleL recelves requesLs from a web browser summlng on a C and forwards Lhe
requesL Lo smarL card logln conLroller 1he conLroller lmplemenLs Lhe funcLlonallLy LhaL ls speclflc for
smarLcard auLhenLlcaLlon
Smart card |og|n contro||er
1hls example supporLs a slmple challenge response based auLhenLlcaLlon scheme lL provldes
Lhree acLlons Lo lmplemenL serverslde parL of auLhenLlcaLlon proLocol
CeL logln pagereLurns an P1ML page Lo Lhe browser whlch lncludes Lhe smarL card
auLhenLlcaLlon appleL
CeL challenge allows auLhenLlcaLlon appleLs Lo obLaln a random challenge from
auLhenLlcaLlon servleL on Lhe server
AppleL
AuLhenLlcaLlon
card servlce
CCL
Card Lermlnal
class
lorms
Card reader
SmarL card
1he auLhenLlcaLlon servleL remembers Lhe challenge glven Lo a parLlcular cllenL by creaLlng
new smarL card logln command lnsLance preseLLlng Lhe challenge lnpuL aLLrlbuLe of Lhe command
sLrlng Lhe command ln sesslon for laLer use by log on acLlon
Logon allows auLhenLlcaLlon appleLs Lo auLhenLlcaLe afLer random challenge 1he
auLhenLlcaLlon appleL musL provlde Lhe ldenLlLy of consumer's smarL card and slgnaLure creaLed by
smarL card uslng publlc key conLalned ln cerLlflcaLe auLhenLlcaLe acLlon verlfles Lhe cllenL
1o supporL smarL card based auLhenLlcaLlon we need a command Lo verlfy Lhe cerLlflcaLe
senL by cllenL uslng publlc key conLalned ln cerLlflcaLe uslng seLLer meLhod Lhe slgnaLure cerLlflcaLe
and random
8efer Lo source code age no331331
Smart card |og|n command
LxecuLe() meLhod creaLes on x309 cerLlflcaLe ob[ecL from daLa provlded Lhrough Lhe seL
cerLlflcaLe() meLhod lL check Lhe avallablllLy valldlLy of cerLlflcaLe and verlfles wheLher lL has a valld
slgnaLure uslng Lhe check valldlLy and verlfy() meLhods of x309 cerLlflcaLe ob[ecL
lf Lhese meLhods do noL reveal any excepLlons Lhen cerLlflcaLe ls valld and auLhenLlc
1he next step
1o verlfy dlglLal slgnaLure 1he [ava securlLy package provldes Lhe slgnaLure class Lo perform
Lhls Lask 1o obLaln slgnaLure ob[ecL geLlnsLance() has Lo be used SmarL cards creaLe dlglLal
slgnaLures uslng secure hash algorlLhm(SPA1) for hasLlng and 8SA algorlLhm for creaLlng Lhe
slgnaLure from SPA1 hash
Speclfylng algorlLhm ldenLlfler SPA1/8SA resulLs ln creaLlon of maLchlng slgnaLure ob[ecL
1o perform lLs Lask Lhe slgnaLure ob[ecL needs an 8SA publlc key passed Lhrough lnlLverlfy() meLhod
Cnce slgnaLure ob[ecL has Lhls lnpuL Lhe verlfy() meLhod can be lnvoked wlLh Lhe slgnaLure
Lo be verlfled as a parameLer
lf slgnaLure verlflcaLlon ls successful Lhen Lhe execuLed meLhod seLs Lhe user ldenLlflcaLlon
properLy Lo user ldenLlflcaLlon conLalned ln cusLomer's cerLlflcaLe and reLurn Lrue
AfLer successful execuLlon smarL card logln command user ldenLlflcaLlon of auLhenLlcaLed
cusLomer can be obLalned uslng geLuserld meLhod
Authent|cat|on App|et
AuLhenLlcaLlon appleL ls responslble for performlng Lhe cllenLslde parL of auLhenLlcaLlon
proLocol
lL ls a medlaLor beLween Lhe smarLcard and auLhenLlcaLlon servleL of Lhe server uslng
auLhenLlcaLlon card servlce Lo leL smarLcard perform Lhe requlred operaLlons
uslng P11 connecLlon Lo communlcaLe wlLh auLhenLlcaLlon servleL
1o lnLegraLe wlLh web appllcaLlon Lhe appleL allows web page Lo speclfy followlng
parameLers
Authent|cat|on serv|et UI
1he u8l of auLhenLlcaLlon servleL Lo whlch Lhe appleL has Lo connecL Lo perform Lhe
auLhenLlcaLlon proLocol
Success page
1he u8l of Lhe page LhaL should be dlsplayed afLer successful auLhenLlcaLlon Lo Lhe server
Ia||ure page
1he u8l of Lhe page should be dlsplayed afLer falled auLhenLlcaLlon Lo Lhe server
1he auLhenLlcaLlon appleL drlves Lhe auLhenLlcaLlon process by performlng Lhe followlng
sLeps
1 1he auLhenLlcaLlon appleL prompLs Lhe user Lo enLer smarL card and ln 1he user
lnserLs Lhe smarL card and enLer ln
2 1he auLhenLlcaLlon appleL passes Lhe ln Lo smarL card uslng auLhenLlcaLlon card
servlce''s glve ln meLhod lf lncorrecL lL dlsplays a warnlng and goes back Lo sLep1
3 1he auLhenLlcaLlon appleL requesLs a random challenge from auLhenLlcaLlon servleL on
Lhe server vla P11 uslng CeLchallenge acLlon 1he server generaLes a random challenge
for Lhe sesslon Lhrough whlch appleL connecLs and sends back
4 1he auLhenLlcaLlon appleL recelves Lhe random challenge from Lhe server and leLs Lhe
smarL card generaLe a dlglLal slgnaLure over lL uslng auLhenLlcaLlon card servlce's
generaLe slgnaLure() meLhod
3 1he auLhenLlcaLlon appleL obLalns Lhe slgnlng cerLlflcaLe from smarL card uslng
auLhenLlcaLlon card servlce's
CeLslgnlngcerLlflcaLe meLhod
6 uslng auLhenLlcaLe acLlon auLhenLlcaLlon appleL sends Lhe dlglLal slgnaLure and slgnlng
cerLlflcaLe Lo auLhenLlcaLlon servleL on Lhe server vla P11
1he auLhenLlcaLlon servleL recelves Lhe slgnaLure and Lhe cerLlflcaLe valldaLes Lhe
cerLlflcaLe verlfles slgnaLure uslng random challenge assoclaLed wlLh currenL sesslon
and reLurns Lhe resulL
7 1he auLhenLlcaLlon appleL recelves Lhe resulL from auLhenLlcaLlon servleL and
dlsconnecLs Lhe P11 connecLlon uependlng on resulL lL leLs browser dlsplay elLher
success page or fallure page
Authent|cat|on card serv|ce
1he auLhenLlcaLlon card servlce encapsulaLes smarL card appll

You might also like