Java Card:An analysis of the most successful smart card operating system

To explain why the Java Card operating system has become the most successful smart card operating system to date, we analyze the realized features of the current Java Card version, we argue it could be enhanced by adding a number of intended features and we discuss a set of complementary features that have been suggested. No technology can be successful without the right people and the right circumstances, so we provide some insights in the personal and historical historic aspects of the success of Java Card

Adição de funções de criptografia simétrica em um applet de código aberto com suporte via middleware OpenSC

TCC(graduação) - Universidade Federal de Santa Catarina. Centro Tecnológico. Ciências da Computação.O sigilo dos dados é um dos principais pilares da segurança em computação. Dentre as diferentes formas para alcançá-lo, vale destacar o uso de chaves secretas. Com elas, pode-se cifrar informações sensíveis utilizando algoritmos de criptografia simétrica em que a chave é compartilhada entre o remetente e o destinatário. A mesma chave realiza as operações de cifragem e decifragem dos dados. Neste contexto, o maior problema é o armazenamento da chave de forma segura. Dentre as possíveis maneiras de armazená-la, pode-se citar: banco de dados local, servidores e Smart Cards. Sendo o enfoque deste trabalho, o último, que fornece portabilidade e segurança. Embora sua relevância, a maioria das aplicações que implementam criptografia simétrica em Smart Cards, são de código proprietário. Este trabalho busca uma alternativa utilizando Java Cards, OpenSC e o cifrador AES, implementando as principais funções de criptografia simétrica em um applet de código aberto. Como resultado, obteve-se um applet open source suportado pelo middleware OpenSC, capaz de realizar as principais funções de criptografia simétrica.Data confidentiality is one of the main pillars of computer security. Among the different ways to reach it, it is worth highlighting the use of secret keys. With them, sensitive information can be encrypted using symmetric encryption algorithms in which the key is shared between the sender and the recipient. The same key performs data encryption and decryption operations. In this context, the biggest problem is securely storing the key. Among the possible ways to store it, we can mention: local database, servers and Smart Cards. Being the focus of this work, the latter, which provides portability and security. Although its relevance, most applications that implement symmetric encryption on Smart Cards, are proprietary code. This work looks for an alternative using Java Cards, OpenSC and the AES cipher, implementing the main functions of symmetric cryptography in an open source applet. As a result, we obtained an open source applet supported by the OpenSC middleware, capable of performing the main symmetric cryptographic functions

Herramientas para generar sobre Web ejercicios de ajedrez interactivos para principiantes

Este proyecto consiste en la realización de una herramienta para generar ejercicios de ajedrez para principiantes. Con dicha herramienta se permiten crear varios tipos de ejercicios con la finalidad de que un alumno con un nivel básico de conocimientos ajedrecísticos pueda practicar lo aprendido. El resultado final de estos ejercicios se visualiza en un Applet lo que permite su integración en una página Web. A tal efecto y para facilitar el aprendizaje se ha creado un sitio Web, donde se explican las nociones básicas del ajedrez en la que se incluyen ejemplos de ejercicios tipos generados con la herramienta desarrollada. [ABSTRACT] This project consists on the realization of a tool to generate exercises of ches s for beginners . This tool allows creating several types of exercis es with the goal that a s tudent with a basic level of chess knowledge can practice his skill. The final result of these exercises is visualized in an Applet that allows it integration on the Web. To facilitate the learning, a Web s ite has been created. This Web site includes basic knowledge of chess with examples of exercises types generated with the developed tool

Programming languages: a brief review

In this article we review the development of programming languages and classify them based on their structures and their applications

An automatic song annotation system

Projecte final de carrera fet en col.laboració amb CCMAThe amount of multimedia content in the audiovisual sector, as well as on the Internet, is increasing a lot, and Music is one of the most outstanding forms of multimedia content requested by users. Every year, new songs, artists and genres appear in the market. Managing this musical content is, thus, becoming a very complex task. The present document presents the design and implementation of a system, that aims to solve the problem related to multimedia content management

Analisa Serangan Remote Exploit Melalui Java Applet Attack Method Terhadap Sistem Operasi Windows 8

Dalam 5 tahun terakhir jenis serangan client-side attacks jumlahnya meningkat secara dramatis. Penyerang mengalihkan fokus mereka ke sisi klien yang memiliki celah lebih besar karena klien mempunyai perlindungan terhadap sistem yang lebih sederhana daripada server. Eksploitasi dengan menggunakan malicous Java yang memanfaatkan kerentanan pada Java adalah yang paling sering terdeteksi oleh Trustwave Secure Web Gateway anti-malware technology dengan persentase sebesar 78% dan sebagian besar penjahat cyber mengandalkan Java applet sebagai metode untuk mengirimkan malware maupun payload. Java applet attack method adalah salah satu teknik serangan yang memanfaatkan kerentananan pada Java untuk mengeksploitasi sistem user menggunakan Java applet dan dapat menyerang ke berbagai sistem operasi termasuk Windows 8 yang merupakan sistem operasi keluaran terbaru dari Microsoft. Skripsi ini bertujuan untuk menganalisa serangan remote exploit melalui Java applet attack method terhadap sistem operasi Windows 8 yang terproteksi firewall. Penelitian yang dilakukan menggunakan metode studi pustaka dan melakukan eksperimen yang melalui beberapa tahapan diantaranya studi kepustakaan, pengolahan data, pengujian serangan, analisa serangan, optimalisasi firewall, pengujian firewall dan penulisan laporan. Dengan menganalisa serangan tersebut akan diketahui perilaku dan karakterisiknya yaitu pada Java exploit dan Java payload yang ada didalam Java applet. Java exploit berfungsi untuk melewati Java Virtual Machine (JVM) sandbox dan menonaktifkan SecurityManager dan payload Java meterpreter berfungsi untuk mengelabuhi firewall dan sebagai media interaksi antara penyerang dengan sistem klien. Kemudian dibuat rule firewall pada Comodo Firewall yang mampu mencegah payload untuk melakukan reverse connection dan mencegah payload melakukan staging

Next generation satellite orbital control system

Selection of the correct software architecture is vital for building successful software-intensive systems. Its realization requires important decisions about the organization of the system and by and large permits or prevents a system\u27s acceptance and quality attributes such as performance and reliability. The correct architecture is essential for program success while the wrong one is a formula for disaster. In this investigation, potential software architectures for the Next Generation Satellite Orbital Control System (NG-SOCS) are developed from compiled system specifications and a review of existing technologies. From the developed architectures, the recommended architecture is selected based on real-world considerations that face corporations today, including maximizing code reuse, mitigation of project risks and the alignment of the solution with business objectives