How to turn a GSM SIM into a web server
Proceedings of the fourth working conference on smart card research and advanced applications on Smart card research and advanced applications
Java Virtual Machine Specification
Java Virtual Machine Specification
On-Card Bytecode Verification for Java Card
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Smart cards in interaction: towards trustworthy digital signatures
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Hi-index | 0.00 |
Today mobile operators are in the possession of the SIM application toolkit technology available in their GSM SIM smartcards plugged into the mobile handsets of their subscribers. Although there are roughly 500 mio. SIMs deployed all over the world, they are not integrated into the Internet yet. With the WebSIM approach [6] we have demonstrated how SIMs can be integrated into the Internet by means of a tiny HTTP server implemented in a SIMto provide value-added services running on top of the SIM toolkit.In this contribution we propose to further extend this approach by making SIMs accessible as open and secure execution platforms for mobile code. Here, open means that virtually anybody in the Internet can use this mobile code platform, and secure means that both - platform and subscriber - cannot be harmed by malicious code. Such a platform can be provided by operators upon which third-party service providers can build their applications which would benefit from the security context of the smartcard they run inside.The SIMspeak system is comprised of an off-card compiler, a verifier, and a corresponding card-resident interpreter, which can interpret code that has been pushed by an Internet service provider into a customer's SIM. We describe the underlying trust model of SIMspeak, its architecture, language, and protocols. Furthermore we present approaches for end-to-end security that influence the design of the compiler, verifier, and interpreter and we give an overview on the current status of our implementation.