Skip to Main Content
As the Internet is used increasingly as a platform for business transactions, security becomes a primary issue for Internet applications. Some applications are too sensitive for software-only security mechanisms. Higher levels of protection can be achieved with smart-card-based authentication schemes and transaction protocols. In this paper, we provide examples of typical banking applications implemented with smart cards using symmetrical (DES) and asymmetrical (RSA) cryptography. We present a pure Java™ architecture for such applications, which is intended for use on standard Web application servers and client devices enabled for Web browsing and the Java language. It employs applets on the client side to access smart cards via the OpenCard Framework. The applets communicate with authentication servlets or application servlets on the server side and act as a mediator between the smart card and the application logic on the server.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.