WO2007000660A1 - Imparting digital uniqueness to the types of a programming language using a unique digital sequence - Google Patents

Imparting digital uniqueness to the types of a programming language using a unique digital sequence Download PDF

Info

Publication number
WO2007000660A1
WO2007000660A1 PCT/IB2006/001854 IB2006001854W WO2007000660A1 WO 2007000660 A1 WO2007000660 A1 WO 2007000660A1 IB 2006001854 W IB2006001854 W IB 2006001854W WO 2007000660 A1 WO2007000660 A1 WO 2007000660A1
Authority
WO
WIPO (PCT)
Prior art keywords
type
digital
uniqueness
smart card
imparting
Prior art date
Application number
PCT/IB2006/001854
Other languages
French (fr)
Inventor
Kapil Sachdeva
Sylvain Prevost
Original Assignee
Axalto S.A
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Axalto S.A filed Critical Axalto S.A
Publication of WO2007000660A1 publication Critical patent/WO2007000660A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44521Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44552Conflict resolution, i.e. enabling coexistence of conflicting executables

Definitions

  • the present invention relates generally to namespace uniqueness for computer programs during run-time and more particularly to namespace uniqueness for type definitions stored on smart cards and used by application software.
  • Smart cards are small personal computing devices that are used to protect very sensitive information. Smart cards may be used to provide banking functions, access to health records, personalization of computer network access, secure building access, and many more functions. Smart cards are also used as subscriber identity modules (SIM) in certain mobile telephony networks.
  • SIM subscriber identity modules
  • multi-application smart cards A recent trend in smart card technology is so called multi-application smart cards. These cards may be programmed with multiple disjointed application programs. For example, the same card may be used to access both banking records as well as provide health care information. The different applications running on a smart card may be written by the same author or may come from different vendors.
  • a common feature of multi-application smart cards is that the application programs may be loaded onto the smart card after the card has been issued by the manufacturer or even after an end-user has taken possession of the card.
  • Each such application program in a multi-application smart card is stored in some form of programmable memory on the smart card.
  • Applications written for multi-application smart cards are usually developed in high level languages such as C# or Java and then converted to a format appropriate for smart cards.
  • the process of preparing applications for a smart card may involve compiling the high level source code into an intermediate binary format and then converting the intermediate format to a smart card specific format.
  • the smart card specific format is one that is optimized for the smart card environment. It is used to help conserve the limited memory and other resources provided by the smart card hardware and may also help provide security.
  • a system and method according to the invention produces unique identification codes for type definitions that are referenced by multiple applications in a smart card by concatenating each type name with a unique data sequence and then performing a digital operation on the concatenated results.
  • the results of the digital operation are used by application programs to reference the type definition instead of using the type name. This method assures that the type identifiers are unique even when the type definitions originate from different sources.
  • FIG. 1 is a schematic illustration of the operating environment in which a smart card according to the invention may be used to provide secure computing services.
  • Figure 2 is a schematic illustration of an exemplary architecture of a resource-constrained device.
  • Figure 3 is a schematic illustration of a software architecture for a resource-constrained device.
  • Figure 4 is a flow diagram illustrating the development process used to create and execute applications and libraries on a smart card.
  • Figure 5 is a flow diagram illustrating a method for creating a unique type identifier in accordance with an embodiment of the present invention.
  • the invention is embodied in a system and method for imparting digital uniqueness in type definitions of a high level programming language used to develop applications for a multi-application smart card.
  • the system and method according to the invention uses a unique digital identifier that is created by performing a digital conversion process on a type name combined with a unique data sequence.
  • the unique data sequence is the public key token portion of the public key associated with the vendor that developed the type definition. Public keys are described in Richard E. Smith, Authentication: From Passwords to Public Keys. Addison-Wesley, 2001 , ISBN: 0201615991 , the entire disclosure of which is incorporated herein by reference.
  • FIG. 1 is a schematic illustration of the operating environment in which a resource-constrained device according to the invention may be used to provide secure communication with a remote entity.
  • a resource-constrained device 101 for example, a smart card
  • the resource-constrained device 101 may be connected to the computer network 109 via a personal computer 105 that has attached thereto a card reader 103 for accepting a smart card.
  • the resource-constrained device 101 may be connected in a myriad of other ways to the computer network 104, for example, via wireless communication networks, smart card hubs, or directly to the computer network 109.
  • the remote node 105 is a computer system of some sort capable to implement some functionality that may either seek access to information on the smart card 101 or to which the smart card user may seek access.
  • the remote node 107 may be executing banking software that a user of the smart card 101 is seeking to obtain access to.
  • the smart card 101 may then provide some access control functionality or may even be an electronic purse to which funds are downloaded from the remote computer.
  • FIG. 2 is a schematic illustration of an exemplary architecture of a resource-constrained device 101.
  • the resource-constrained device 101 e.g., a smart card has a central processing unit 203, a read-only memory (ROM) 205, a random access memory (RAM) 207, a non-volatile memory (NVM) 209, and a communications interface 211 for receiving input and placing output to a device, e.g., the card reader 102, to which the resource-constrained device 101 is connected.
  • ROM read-only memory
  • RAM random access memory
  • NVM non-volatile memory
  • FIG 3 is a block diagram of an exemplary software architecture 300 that one may find implemented on a smart card 101.
  • the software architecture 300 includes several application programs 301 , e.g., application programs 301 , 301 ', and 301".
  • the architecture may also include several runtime libraries, e.g., runtime libraries 302 and 302'. These applications and libraries are loaded onto the smart card by a loader 303.
  • the application programs 301 and libraries 302 would typically be loaded into the non-volatile memory 209. However, in other scenarios an application program or library may be permanently written onto the smart card at manufacture by having it stored in the ROM 205. If the smart card 101 is called upon to execute a program for only one session, it would be possible to have the program loaded in the RAM 207. However, that would be a rare circumstance. On the other hand, during execution of an application program, it is indeed possible that certain portions of the application program are loaded into the RAM 207.
  • the interpreter 305 may, for example, be a Javacard Virtual Machine as found on the Cyberflex smart card family from Axalto Inc. or the interpreter of a smart card implementing a .NET CLI (Common Language Infrastructure) as found in the .NET smart card technology from Axalto Inc. (www.axalto.com/infosec/NET_faq.asp).
  • the application programs 301 are compiled into executable code and do not require further interpretation by the interpreter 305. However, in such embodiments, the job control would be managed by some operating system program that would take the place of the interpreter 305.
  • the interpreter 305 is usually a static component of a smart card 101 and would therefore be loaded into the ROM 205.
  • the interpreter 305 may also be burned into some form of firmware.
  • the interpreter 305 may be stored in the non-volatile memory 209.
  • the smart card software architecture 300 also includes some system functions 307.
  • System functions 307 may include security functionality, cryptography functionality, and utility libraries which may be called by application programs 301.
  • the application programs 301 may access functions provided by the smart card system software 307 by issuing calls through an application program interface 309.
  • the application programs 301 may also access functions, data types, and class types stored in the runtime libraries 302.
  • One possible issue with a multi-application smart card 101 is that the names used for type definitions in the application 301 or runtime libraries 302 may not be unique. This problem is more likely to occur when the applications 301 and runtime libraries 302 are independently developed by different vendors. For example application 301 ' and application 301" may each be developed by a different vendor. It is possible that the same name could be used in 301' and 301" for different type definitions.
  • the loader 303 would detect this name collision and because of the name collision, avoid loading application 301" if application 301 ' were already loaded on the smart card.
  • the loader 303 may also prevent a library 302 from being loaded onto the smart card 101 if it redefined and existing type definition.
  • the type definitions used by the applications 301 are referenced by a unique identifier instead of the type name.
  • the unique identifiers are stored in both the applications 301 or libraries 302 that define the type and the applications 301 that reference the type definitions.
  • the unique identifier is produced as part of the development flow that is used for developing applications on a multi-application smart card.
  • FIG. 4 is a flow diagram illustrating an exemplary development flow 400 used to produce and execute applications and libraries on a multi-application smart card.
  • a high level programming language such as C# or Java is used to describe the program or library.
  • the high level code is then compiled into an intermediate object format.
  • the object format is converted into a format that is optimized for the smart card architecture.
  • the coding 410 and compile 420 steps are normally performed on a computer system such as a personal computer that has more resources than a smart card.
  • the conversion 430 step may also be performed on a personal computer or it may be performed on the smart card.
  • the remaining steps of loading 440 and executing 450 the application are performed on the smart card by the loader 303 and interpreter 305 respectively.
  • Figure 5 is a flow diagram illustrating the method or system according to the invention to create and reference a unique identifier for a type definition in a smart card.
  • the steps 510, 520, 530, and 540 may be implemented as part of the conversion process 430 of the exemplary development flow 400. Some or all of these steps may be performed on a development system such as a personal computer. The steps that are not performed on the development system may be performed on the smart card, for example, by the loader 303.
  • the type definition name is concatenated with the namespace name to produce a more unique text name.
  • Various text strings may be used as part of the namespace name in order to make the resulting concatenated name more unique. Some examples include library names, vendor names, and fully qualified domain names.
  • the text string resulting from 510 is concatenated with a unique data sequence associated with the vendor to produce a unique string identifier.
  • the public key token associated with the vendor is used for the unique data sequence.
  • the public key token consists of the first eight bytes of the public key associated with the vendor in the public key infrastructure or PKI. Since no two vendors have the same public key token the string identifier resulting from 520 is unique.
  • the unique string identifier produced from 520 may be large in size because it is the concatenation of several names and a data sequence. Since smart cards have limited resources the size of the identifiers needs to be kept as small as possible. Therefore, the digital operation performed in 530 serves to reduce the size of the identifier while still preserving the uniqueness.
  • a one way hash or message digest function such as MD5 or SHA-1 is used accomplish these goals. For example, if MD5 hashing is used for the digital operation in 530 then some portion of the resulting 128 bit message digest can serve as the unique identifier.
  • the identifier may be chosen to be the first 16 bits, first 32 bits, or some other subset of the message digest.
  • the size of the unique digital identifier is the same regardless of the size of the unique string identifier produced in 520. This small, constant size allows the identifier to be efficiently stored on a resource limited smart card.
  • the one way hashing functions also maintain the uniqueness of the identifier since there is an extremely low probability that two unique strings will result in the same identifier.
  • MD5 is described in "The MD5 Message-Digest Algorithm", IETF Network Working Group RFC 1321 , by R. Riverst, which is incorporated herein by reference.
  • SHA-1 is described in "US Secure Hash Algorithm 1 (SHA1)", IETF Network Working Group RFC 3174, by D. Eastlake, and P. Jones, which is incorporated herein by reference.
  • the unique identifier is created in step 530 it can be used by applications and libraries to reference the type definition.
  • the identifier is stored in place of the type name in the application or library that defines the type.
  • the identifier is also stored at locations in the applications or libraries that reference the defined type. These operations make up step 540.
  • the applications and libraries can be loaded onto the smart card in step 440.
  • the loader 303 verifies that all references to type definitions are uniquely resolved.
  • the unique identifiers are used to reference the type definitions instead of the type definition names.
  • Vendor A writes a program PA which contains Type MyGoodType which belongs to namespace MyGood Namespace
  • Vendor A has an associated PKI key, KeyA, and a key token, TokenA
  • Type definition contained in PA namespace MyGoodNamespace ⁇ public class MyGoodType ⁇ private int x_width; private int y_width;
  • Vendor B has an associate PKI key, KeyB, and a key token, TokenB
  • the example shows sample high level language code provided by two vendors. Since the vendors developed the code independent of one another the name spaces were not kept unique and a conflict occurred. Both vendors created a class type called MyGoodType but with different definitions for the class. If the two applications, PA and PB, referenced the class type by the name MyGoodType then they could not be loaded onto a smart card at the same time. The loader 303 would detect the multiple definitions and prevent both applications from being loaded together. Also, since the namespaces are also the same the problem cannot be solved by concatenating the namespaces and type names. The results of that operation would be the same for PA and PB: MyGoodNamespace.MyGoodType.
  • the two vendors discussed in the context of Table 1 have public keys associated with them in the PKI.
  • the key is KeyA and the first eight bytes of that key is defined to be TokenA.
  • vendor B has associated key KeyB and token TokenB.
  • TokenA and TokenB are unique, identifiers IDA and IDB as also unique. All references to MyGoodType in program PA are replaced with references to IDA and references to MyGoodType in PB are replaced with IDB. Therefore, the namespace uniqueness problem is avoided and both applications PA and PB may be loaded on the same smart card.

Abstract

A system and method for establishing uniqueness in type definition names. Each application vendor has associated therewith a unique data sequence. The data sequence is combined (510,520) with the type definition name and then a digital operation is performed (530) to produce a unique digital identifier that is used in place of the type name.

Description

IMPARTING DIGITAL UNIQUENESS TO THE TYPES OF A PROGRAMMING LANGUAGE USING A UNIQUE DIGITAL SEQUENCE
Field of the Invention
The present invention relates generally to namespace uniqueness for computer programs during run-time and more particularly to namespace uniqueness for type definitions stored on smart cards and used by application software.
Description of the related art
Smart cards are small personal computing devices that are used to protect very sensitive information. Smart cards may be used to provide banking functions, access to health records, personalization of computer network access, secure building access, and many more functions. Smart cards are also used as subscriber identity modules (SIM) in certain mobile telephony networks.
A recent trend in smart card technology is so called multi-application smart cards. These cards may be programmed with multiple disjointed application programs. For example, the same card may be used to access both banking records as well as provide health care information. The different applications running on a smart card may be written by the same author or may come from different vendors.
A common feature of multi-application smart cards is that the application programs may be loaded onto the smart card after the card has been issued by the manufacturer or even after an end-user has taken possession of the card. Each such application program in a multi-application smart card is stored in some form of programmable memory on the smart card.
Applications written for multi-application smart cards are usually developed in high level languages such as C# or Java and then converted to a format appropriate for smart cards. The process of preparing applications for a smart card may involve compiling the high level source code into an intermediate binary format and then converting the intermediate format to a smart card specific format. The smart card specific format is one that is optimized for the smart card environment. It is used to help conserve the limited memory and other resources provided by the smart card hardware and may also help provide security.
When multiple applications are loaded onto a smart card additional memory can be conserved by sharing common routines, data type definitions, and class type definitions between the applications. These common definitions and routines may be stored in libraries that are accessible by different applications. The applications reference the routines and type definitions by name. There is a potential for the same name to be defined in more than one library or application that is loaded onto a smart card making the name ambiguous. If an application attempts to access the definition by such a name the application cannot link to the correct definition. In a smart card environment the process that loads applications onto the card will reject the application if that situation occurs. For .NET based smart cards the type definitions stored on the smart card are not necessarily stored in a text format. Instead, the conversion process, usually performed by a converter program of a smart card software development kit, produces the smart card specific format. As part of the conversion process the type definition names are converted from the high level language text format into a more compact binary format.
To make the type names more unique, additional information can be concatenated with the names before the conversion process. Several forms of additional information have been used to improve the uniqueness of the resulting codes: namespace names, library names, vendor names, etc. Although this method improves the uniqueness of the codes because of the greater likelihood that the library or vendor names used as components of the type definitions name will be unique, that technique does not completely solve the problem as there is still a high likelihood of a collision between the names of type definitions provided from two unrelated sources. Therefore, there is still a need for a method to produce a truly unique identification code from a type name.
SUMMARY OF THE INVENTION
In a preferred embodiment, a system and method according to the invention produces unique identification codes for type definitions that are referenced by multiple applications in a smart card by concatenating each type name with a unique data sequence and then performing a digital operation on the concatenated results. The results of the digital operation are used by application programs to reference the type definition instead of using the type name. This method assures that the type identifiers are unique even when the type definitions originate from different sources.
Other aspects and advantages of the present invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, illustrating by way of example the principles of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a schematic illustration of the operating environment in which a smart card according to the invention may be used to provide secure computing services.
Figure 2 is a schematic illustration of an exemplary architecture of a resource-constrained device.
Figure 3 is a schematic illustration of a software architecture for a resource-constrained device.
Figure 4 is a flow diagram illustrating the development process used to create and execute applications and libraries on a smart card.
Figure 5 is a flow diagram illustrating a method for creating a unique type identifier in accordance with an embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
In the following detailed description and in the several figures of the drawings, like elements are identified with like reference numerals. As shown in the drawings for purposes of illustration, the invention is embodied in a system and method for imparting digital uniqueness in type definitions of a high level programming language used to develop applications for a multi-application smart card. The system and method according to the invention uses a unique digital identifier that is created by performing a digital conversion process on a type name combined with a unique data sequence. In a preferred embodiment the unique data sequence is the public key token portion of the public key associated with the vendor that developed the type definition. Public keys are described in Richard E. Smith, Authentication: From Passwords to Public Keys. Addison-Wesley, 2001 , ISBN: 0201615991 , the entire disclosure of which is incorporated herein by reference.
Figure 1 is a schematic illustration of the operating environment in which a resource-constrained device according to the invention may be used to provide secure communication with a remote entity. A resource-constrained device 101 , for example, a smart card, is connected to a computer network 109, for example, the Internet. The resource-constrained device 101 may be connected to the computer network 109 via a personal computer 105 that has attached thereto a card reader 103 for accepting a smart card. However, the resource-constrained device 101 may be connected in a myriad of other ways to the computer network 104, for example, via wireless communication networks, smart card hubs, or directly to the computer network 109. The remote node 105 is a computer system of some sort capable to implement some functionality that may either seek access to information on the smart card 101 or to which the smart card user may seek access. For example, the remote node 107 may be executing banking software that a user of the smart card 101 is seeking to obtain access to. The smart card 101 may then provide some access control functionality or may even be an electronic purse to which funds are downloaded from the remote computer.
The scenario of Figure 1 is presented here merely for the purpose of providing an example and must not be taken to limit the scope of the invention whatsoever. Only the imagination of designers limits the myriad of possible deployment scenarios and uses for smart cards.
Figure 2 is a schematic illustration of an exemplary architecture of a resource-constrained device 101. The resource-constrained device 101 , e.g., a smart card has a central processing unit 203, a read-only memory (ROM) 205, a random access memory (RAM) 207, a non-volatile memory (NVM) 209, and a communications interface 211 for receiving input and placing output to a device, e.g., the card reader 102, to which the resource-constrained device 101 is connected. These various components are connected to one another, for example, by bus 213. In one embodiment of the invention, the SSL/TLS module
103, as well as other software modules shown in Figure 1 , would be stored on the resource-constrained device 101 in the ROM 206. During operation, the CPU
203 operates according to instructions in the various software modules stored in the ROM 205.
Figure 3 is a block diagram of an exemplary software architecture 300 that one may find implemented on a smart card 101. The software architecture 300 includes several application programs 301 , e.g., application programs 301 , 301 ', and 301". The architecture may also include several runtime libraries, e.g., runtime libraries 302 and 302'. These applications and libraries are loaded onto the smart card by a loader 303. The application programs 301 and libraries 302 would typically be loaded into the non-volatile memory 209. However, in other scenarios an application program or library may be permanently written onto the smart card at manufacture by having it stored in the ROM 205. If the smart card 101 is called upon to execute a program for only one session, it would be possible to have the program loaded in the RAM 207. However, that would be a rare circumstance. On the other hand, during execution of an application program, it is indeed possible that certain portions of the application program are loaded into the RAM 207.
In this example, several application programs 301 are executed by the CPU 203 under the control of instructions of an interpreter 305. The interpreter 305 may, for example, be a Javacard Virtual Machine as found on the Cyberflex smart card family from Axalto Inc. or the interpreter of a smart card implementing a .NET CLI (Common Language Infrastructure) as found in the .NET smart card technology from Axalto Inc. (www.axalto.com/infosec/NET_faq.asp). In alternative embodiments, the application programs 301 are compiled into executable code and do not require further interpretation by the interpreter 305. However, in such embodiments, the job control would be managed by some operating system program that would take the place of the interpreter 305.
The interpreter 305 is usually a static component of a smart card 101 and would therefore be loaded into the ROM 205. The interpreter 305 may also be burned into some form of firmware. In another alternative the interpreter 305 may be stored in the non-volatile memory 209. In most embodiments of the invention, the smart card software architecture 300 also includes some system functions 307. System functions 307 may include security functionality, cryptography functionality, and utility libraries which may be called by application programs 301.
The application programs 301 may access functions provided by the smart card system software 307 by issuing calls through an application program interface 309. The application programs 301 may also access functions, data types, and class types stored in the runtime libraries 302. As the loader 303 loads the applications 301 onto the smart card it checks any references to type definitions and routines. The loader 303 will only allow the applications 301 if each reference can be uniquely matched to a definition in the applications 301 , runtime libraries 302, or system functions 307.
One possible issue with a multi-application smart card 101 is that the names used for type definitions in the application 301 or runtime libraries 302 may not be unique. This problem is more likely to occur when the applications 301 and runtime libraries 302 are independently developed by different vendors. For example application 301 ' and application 301" may each be developed by a different vendor. It is possible that the same name could be used in 301' and 301" for different type definitions. The loader 303 would detect this name collision and because of the name collision, avoid loading application 301" if application 301 ' were already loaded on the smart card. The loader 303 may also prevent a library 302 from being loaded onto the smart card 101 if it redefined and existing type definition. In a preferred embodiment of the present invention, the type definitions used by the applications 301 are referenced by a unique identifier instead of the type name. The unique identifiers are stored in both the applications 301 or libraries 302 that define the type and the applications 301 that reference the type definitions. The unique identifier is produced as part of the development flow that is used for developing applications on a multi-application smart card.
Figure 4 is a flow diagram illustrating an exemplary development flow 400 used to produce and execute applications and libraries on a multi-application smart card. In many cases a high level programming language such as C# or Java is used to describe the program or library. The high level code is then compiled into an intermediate object format. The object format is converted into a format that is optimized for the smart card architecture. The coding 410 and compile 420 steps are normally performed on a computer system such as a personal computer that has more resources than a smart card. The conversion 430 step may also be performed on a personal computer or it may be performed on the smart card. The remaining steps of loading 440 and executing 450 the application are performed on the smart card by the loader 303 and interpreter 305 respectively.
Figure 5 is a flow diagram illustrating the method or system according to the invention to create and reference a unique identifier for a type definition in a smart card. In a preferred implementation the steps 510, 520, 530, and 540 may be implemented as part of the conversion process 430 of the exemplary development flow 400. Some or all of these steps may be performed on a development system such as a personal computer. The steps that are not performed on the development system may be performed on the smart card, for example, by the loader 303.
Initially in step 510 the type definition name is concatenated with the namespace name to produce a more unique text name. Various text strings may be used as part of the namespace name in order to make the resulting concatenated name more unique. Some examples include library names, vendor names, and fully qualified domain names. Next in 520 the text string resulting from 510 is concatenated with a unique data sequence associated with the vendor to produce a unique string identifier. In a preferred embodiment of the present invention the public key token associated with the vendor is used for the unique data sequence. The public key token consists of the first eight bytes of the public key associated with the vendor in the public key infrastructure or PKI. Since no two vendors have the same public key token the string identifier resulting from 520 is unique.
The unique string identifier produced from 520 may be large in size because it is the concatenation of several names and a data sequence. Since smart cards have limited resources the size of the identifiers needs to be kept as small as possible. Therefore, the digital operation performed in 530 serves to reduce the size of the identifier while still preserving the uniqueness. In a preferred embodiment of the present invention a one way hash or message digest function such as MD5 or SHA-1 is used accomplish these goals. For example, if MD5 hashing is used for the digital operation in 530 then some portion of the resulting 128 bit message digest can serve as the unique identifier. The identifier may be chosen to be the first 16 bits, first 32 bits, or some other subset of the message digest. The size of the unique digital identifier is the same regardless of the size of the unique string identifier produced in 520. This small, constant size allows the identifier to be efficiently stored on a resource limited smart card. The one way hashing functions also maintain the uniqueness of the identifier since there is an extremely low probability that two unique strings will result in the same identifier. MD5 is described in "The MD5 Message-Digest Algorithm", IETF Network Working Group RFC 1321 , by R. Riverst, which is incorporated herein by reference. SHA-1 is described in "US Secure Hash Algorithm 1 (SHA1)", IETF Network Working Group RFC 3174, by D. Eastlake, and P. Jones, which is incorporated herein by reference.
After the unique identifier is created in step 530 it can be used by applications and libraries to reference the type definition. As part of the conversion process 430 the identifier is stored in place of the type name in the application or library that defines the type. The identifier is also stored at locations in the applications or libraries that reference the defined type. These operations make up step 540. After the conversion process 430 is complete the applications and libraries can be loaded onto the smart card in step 440. During this step the loader 303 verifies that all references to type definitions are uniquely resolved. Finally, during execution of the applications 301 by the interpreter 305 the unique identifiers are used to reference the type definitions instead of the type definition names.
To further illustrate the invention an example of a namespace uniqueness problem that is corrected by the invention is illustrated in Table 1 : Vendor A writes a program PA which contains Type MyGoodType which belongs to namespace MyGood Namespace
1- Vendor A has an associated PKI key, KeyA, and a key token, TokenA
Type definition contained in PA: namespace MyGoodNamespace{ public class MyGoodType{ private int x_width; private int y_width;
public void DrawShape(){ int z = x_width*2 + y_width*5;
}}}
2- Vendor B also writes a program PB which contains Type MyGoodType and which belongs to namespace MyGood Namespace
Vendor B has an associate PKI key, KeyB, and a key token, TokenB
Type definition contained in PB:
namespace MyGoodNamespace{ public class MyGoodType{ private string name; private string jobtitle;
public void ManagePerson(){ if(name == "Joe") jobtitle = "Doctor";
}}} TABLE 1 : Code examples illustrating a namespace uniqueness problem that is corrected by the invention.
The example shows sample high level language code provided by two vendors. Since the vendors developed the code independent of one another the name spaces were not kept unique and a conflict occurred. Both vendors created a class type called MyGoodType but with different definitions for the class. If the two applications, PA and PB, referenced the class type by the name MyGoodType then they could not be loaded onto a smart card at the same time. The loader 303 would detect the multiple definitions and prevent both applications from being loaded together. Also, since the namespaces are also the same the problem cannot be solved by concatenating the namespaces and type names. The results of that operation would be the same for PA and PB: MyGoodNamespace.MyGoodType.
The two vendors discussed in the context of Table 1 have public keys associated with them in the PKI. For vendor A the key is KeyA and the first eight bytes of that key is defined to be TokenA. Similarly, vendor B has associated key KeyB and token TokenB. In a preferred embodiment of the invention the public key token is used for the unique data sequence in 520 and MD5 is used for the digital operation in 530. Therefore, the unique identifier, IDA, for program PA is generated as IDA = MD5(MyGoodNameSpace.MyGoodType.TokenA). Similarly, the identifier, IDB, for program PB is generated as IDB = MD5(MyGoodNameSpace.MyGoodTYpe.TokenB). Since TokenA and TokenB are unique, identifiers IDA and IDB as also unique. All references to MyGoodType in program PA are replaced with references to IDA and references to MyGoodType in PB are replaced with IDB. Therefore, the namespace uniqueness problem is avoided and both applications PA and PB may be loaded on the same smart card.
Although specific embodiments of the invention have been described and illustrated, the invention is not to be limited to the specific forms or arrangements of parts so described and illustrated. For example, while the invention has been described in the context of smart cards, the invention is applicable to use with other resource-constrained devices. Also, a different unique data sequence may be used in place of the public key token and any digital operation may be used to produce the unique identifier as long as it maintains the uniqueness of the identifier.

Claims

1. A method of imparting digital uniqueness to type definitions originating from at least two sources and used in programming a smart card, comprising: associating a unique data sequence to a programming unit containing a type definition having a type name; concatenating (510) the type name with the unique data sequence thereby producing a concatenation result; performing a digital operation (530) to produce an operation result that is a function of the concatenation result; and using (540,560) the operation result in lieu of the type name when performing operations that require the type name.
2. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the programming unit is a .NET assembly.
3. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the programming unit is a JAVA class or jar file.
4. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the unique data sequence is a public key token assigned to the programming unit.
5. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the unique data sequence is a Universal Identifier (UID) assigned to the programming unit.
6. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the digital operation is a hashing algorithm.
7. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the hashing algorithm is selected from the set including MD5 and SHA1.
8. The method of imparting digital uniqueness to type definitions of Claim 1 wherein the digital operation produces a compressed digital string that uniquely identifies the type definition.
PCT/IB2006/001854 2005-06-29 2006-06-28 Imparting digital uniqueness to the types of a programming language using a unique digital sequence WO2007000660A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/170,572 2005-06-29
US11/170,572 US7698703B2 (en) 2005-06-29 2005-06-29 Imparting digital uniqueness to the types of a programming language using a unique digital sequence

Publications (1)

Publication Number Publication Date
WO2007000660A1 true WO2007000660A1 (en) 2007-01-04

Family

ID=36888956

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/001854 WO2007000660A1 (en) 2005-06-29 2006-06-28 Imparting digital uniqueness to the types of a programming language using a unique digital sequence

Country Status (2)

Country Link
US (1) US7698703B2 (en)
WO (1) WO2007000660A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101256612B (en) * 2008-04-01 2010-11-03 北京飞天诚信科技有限公司 Program protection method and system based on .Net card
DK2346994T3 (en) * 2008-09-30 2022-02-28 Ablexis Llc Knock-in mice for the production of chimeric antibodies
US10216501B2 (en) * 2015-06-04 2019-02-26 The Mathworks, Inc. Generating code in statically typed programming languages for dynamically typed array-based language
US11501010B2 (en) * 2020-05-20 2022-11-15 Snowflake Inc. Application-provisioning framework for database platforms
US11249988B2 (en) 2020-05-20 2022-02-15 Snowflake Inc. Account-level namespaces for database platforms
US11593354B2 (en) 2020-05-20 2023-02-28 Snowflake Inc. Namespace-based system-user access of database platforms

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0684553A2 (en) * 1994-05-26 1995-11-29 Sun Microsystems, Inc. Method and apparatus for generating and using short operation identifiers in object oriented systems
EP0803810A2 (en) * 1996-04-23 1997-10-29 Sun Microsystems, Inc. System and method for generating identifiers for uniquely identifying object types

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6941556B1 (en) * 1995-03-24 2005-09-06 Sun Microsystems, Inc. Method and system for type identification for multiple object interfaces in a distributed object environment
US5812819A (en) * 1995-06-05 1998-09-22 Shiva Corporation Remote access apparatus and method which allow dynamic internet protocol (IP) address management
CN1183449C (en) * 1996-10-25 2005-01-05 施卢默格系统公司 using a high level programming language with a microcontroller
US6005942A (en) * 1997-03-24 1999-12-21 Visa International Service Association System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card
JP4118456B2 (en) * 1999-06-29 2008-07-16 株式会社東芝 Program language processing system, code optimization method, and machine-readable storage medium
US6952428B1 (en) * 2001-01-26 2005-10-04 3Com Corporation System and method for a specialized dynamic host configuration protocol proxy in a data-over-cable network
FI114830B (en) * 2002-06-20 2004-12-31 Nokia Corp A method and system for evaluating program reliability in an electronic device, and an electronic device
EP1585032A1 (en) * 2004-04-05 2005-10-12 Sap Ag A computer system, method and program for the uniform access to configurable objects derived from disparate sources

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0684553A2 (en) * 1994-05-26 1995-11-29 Sun Microsystems, Inc. Method and apparatus for generating and using short operation identifiers in object oriented systems
EP0803810A2 (en) * 1996-04-23 1997-10-29 Sun Microsystems, Inc. System and method for generating identifiers for uniquely identifying object types

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"OBJECT LOCATION ALGORITHM", IBM TECHNICAL DISCLOSURE BULLETIN, IBM CORP. NEW YORK, US, vol. 36, no. 9B, September 1993 (1993-09-01), pages 257 - 258, XP002045269, ISSN: 0018-8689 *
ANONYMOUS: "Runtime Environment Specification, Java Card Platform, Version 2.2.1", October 2003, XP002371505 *
PRENEEL B: "CRYPTOGRAPHIC HASH FUNCTIONS", EUROPEAN TRANSACTIONS ON TELECOMMUNICATIONS AND RELATED TECHNOLOGIES, AEI, MILANO, IT, vol. 5, no. 4, 1 July 1994 (1994-07-01), pages 17 - 34, XP000460559, ISSN: 1120-3862 *

Also Published As

Publication number Publication date
US7698703B2 (en) 2010-04-13
US20070000995A1 (en) 2007-01-04

Similar Documents

Publication Publication Date Title
JP3689368B2 (en) Method of loading an application into a multi-application embedded system with data processing resources, corresponding system and execution method
US7272830B2 (en) Ordering program data for loading on a device
US7818727B2 (en) Using a high level programming language with a microcontroller
EP2364481B1 (en) Method for securing java bytecode.
CN111179086B (en) Intelligent contract virtual machine based on WebAsssemly
US7698703B2 (en) Imparting digital uniqueness to the types of a programming language using a unique digital sequence
US8473417B2 (en) Signing program data payload sequence in program loading
CN102696016B (en) Method for compressing mark symbol
US8943486B2 (en) Multiple instruction execution mode resource-constrained device
JP5945313B2 (en) Method of generating structure and corresponding structure
US20040143641A1 (en) System for communicating program data between a first device and a second device
CN111694613B (en) Decoupling method between application program modules, electronic device and storage medium
CN112115429B (en) Java class encryption and decryption method and computer readable storage medium
US20060080655A1 (en) System and method for post-issuance code update employing embedded native code
CN110333872B (en) Application processing method, device, equipment and medium
Arun et al. Jolt: Snarks for virtual machines via lookups
US7165246B2 (en) Optimized representation of data type information in program verification
CN113420313A (en) Program safe operation and encryption method and device, equipment and medium thereof
Culnane et al. Technical report on a virtual CTAP2 webauthn authenticator
CN114579135B (en) Installation package generation method and device
US20230274008A1 (en) A device and a method for performing a cryptographic algorithm
CN116560641A (en) Automatic interface generation method, device, equipment and storage medium
CN114677129A (en) Artwork right-confirming circulation method based on block chain
CN117667195A (en) Agile development method for database table and related equipment
CN116225551A (en) Configuration information determining method, device, equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06755973

Country of ref document: EP

Kind code of ref document: A1