IBM Skip to main content
  Home     Products & services     Support & downloads     My account  
  Select a country  
Journals Home  
  Systems Journal  
  ·  Current Issue  
  ·  Recent Issues  
  ·  Papers in Progress  
  ·  Search/Index  
  ·  Orders  
  ·  Description  
  ·  Author's Guide  
Journal of Research
and Development
  Staff  
  Contact Us  
  Related links:  
     IBM Security  
     Pervasive Computing  
IBM Systems Journal  
Volume 40, Number 3, 2001
End-to-End Security
 Table of contents: arrowHTML arrowPDF arrowASCII   This article: arrowHTML arrowPDF arrowASCII arrowCopyright info
   

Securing e-business applications using smart cards - References
by E.-M. Hamann, H. Henn, T. Schäck, and F. Seliger

Cited references and notes

  1. Electronic Signatures in Global and National Commerce Act, issued as United States public law 106-229 on June 30, 2000, effective October 1, 2000, http://www.access.gpo.gov/index.html (search for “106–229”).
  2. Directive 1999/93/EC of the European Parliament and of the Council, European Union (13 December 1999), http://europa.eu.int/eur-lex/en/index.html.
  3. Gesetz über Rahmenbedingungen für elektronische Signaturen/Signaturgesetz (German signature law) (August 2000), http://www.bmwi.de/Homepage/download/infogesellschaft/Signaturgesetz.pdf.
  4. Established smart card communication protocols limit the size of data exchanged in one single command to 255 bytes, which leads to the limitation of keys used with the single command signature operations.
  5. Identrus LLC, 140 East 45th Street, New York, NY 10017, http://www.identrus.com/.
  6. E.-M. Hamann, Digital Signature for the Internet (DSI) White Paper, IBM Pervasive Computing Laboratory, Boeblingen (2000).
  7. Authentication of the server was done during communication setup.
  8. S. B. Guthery and T. M. Jurgensen, Smart Card Developer's Kit, Macmillan Technical Publishing, Indianapolis, IN (1998).
  9. W. Rankl and W. Effing, Smart Card Handbook, John Wiley & Sons, Inc., New York (1998).
  10. Nonrepudiation is guaranteed for an action if the actor cannot reasonably deny having done this action.
  11. Smart cards capable of hosting several applications are often called “multiapplication smart cards.” The IBM Multi-Function Card (MFC) family, Java Cards, Windows-powered smart cards, and MULTOS cards are all multiapplication smart cards.
  12. Z. Chen, Java Card Technology for Smart Cards: Architecture and Programmer's Guide, Addison-Wesley Longman, Inc., Reading, MA (2000).
  13. Microsoft Smart Card for Windows, Microsoft Corporation, Redmond, WA (1999), http://www.microsoft.com/smartcard/.
  14. MULTOS Version 4, MAOSCO Limited, 47–53 Cannon Street, London, EC4M 5SQ, United Kingdom, http://www.MULTOS.com/.
  15. Interoperability Specification for ICCs and Personal Computer Systems 1.0 (1997), http://www.pcscworkgroup.com/.
  16. OpenCard Programmer's Guide, OpenCard Consortium (2000), http://www.opencard.org/.
  17. U. Hansmann, M. S. Nicklous, T. Schäck, and F. Seliger, Smart Card Application Development Using Java, Springer-Verlag, Berlin (1999).
  18. PKCS #11—Cryptographic Token Interface Standard, Version 2.10, RSA Laboratories, RSA Security, Inc., http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/index.html.
  19. Java Servlet Specification Version 2.2, Final Release, Sun Microsystems, Inc., Palo Alto, CA (1999).
  20. JavaServer Pages Specification Version 1.1, Final Release, Sun Microsystems, Inc., Palo Alto, CA (1999).
  21. Open Services Gateway Initiative (OSGi) Specification 1.0 (January 2000), http://www.osgi.org/.
About IBM | Privacy | Legal | Contact