| Runtime Environment Specification, Java Card Platform, v3.0.1, Connected Edition |     |
Runtime Environment
Specification
Java Card
Platform,
Version 3.0.1
Connected Edition
5-30-09
|
Contents |
1.3 Runtime Environment for Classic Applet-based Applications
2. Application Programming Models
2.1 Web Application Model Overview
2.2 Applet-based Application Models Overview
2.3 Unified Naming and Dedicated Application Namespaces
2.3.2 Dedicated Application Namespaces
2.4.2 Object Access Across Contexts
2.5 Inter-Application Communication Facilities Overview
2.6 Applications Not Activated Through a Container-managed Endpoint
2.7.3 Thread Interruption and Termination
2.7.5 Thread Safety of API Classes
2.8.1 Memory Store and Object Store Terminology
2.8.2 Persistence By Reachability Principle
2.9.3 Overlapping Transaction Updates
2.9.4 Transient Arrays and TransientReference Objects
2.9.5 Power-up After Card Tear
2.10.5 Lifetime and Persistence of Tasks
2.10.7 Per-Thread Active Context
3. Web Application Environment
3.2.1 Application Module Loading
3.2.2 Application Instance Identification
3.2.3 Application Instance Creation
3.2.4 Application Instance Deletion
3.2.5 Application Module Unloading
3.2.6 Restart Upon Platform Reset
3.2.8 Lifecycle Event Dispatch
3.2.9 Container-managed Object Lifetime and Persistence
3.3 Lifecycle and Entry Point Method Invocation
3.3.1 Servlet, Filter and Listener Lifecycle Methods
3.3.2 SIO, Event and Restartable Task Entry Point Methods
3.3.3 Use of Volatile and Persistent Objects
3.4 Default Container Behavior and Default Servlet
3.5 Secure Hosting of Web Applications
3.5.1 Port-based Virtual Hosting
3.5.2 Request Dispatching and Redirection
3.5.3 Retrieving a Web Application Instance’s Security Requirements and Credentials
4. APDU-based Application Environment
4.1 Applet Application Overview
4.2 Applet Application Lifecycle
4.2.1 Application Module Loading
4.2.2 Application Instance Identification
4.2.3 Application Instance Creation
4.2.4 Application Instance Deletion
4.2.5 Applet Application Module Unloading
4.2.6 Restart Upon Platform Reset
4.2.7 Dispatching APDU Commands
4.2.8 Container-managed Object Lifetime and Persistence
4.3 Lifecycle and Entry Point Method Invocation
4.3.1 Applet Lifecycle Methods
4.3.2 SIO, Event and Restartable Task Entry Point Methods
4.3.3 Use of Volatile and Persistent Objects
4.3.4 Multithreading Issues For Applets
4.4 Classic Applet Application Support
4.4.2 SIO Synchronization Proxy Classes
4.4.3 Restricted Visibility on Classic Library
4.4.4 Classic Transaction Model
4.4.5 Special Security Restrictions
5. Card Initialization and Power-up
5.3.2 Transmission Control Protocol (TCP) Reset
5.4 Concurrently Active Interfaces
6. Security and Access Control Mechanisms
6.1.1 Permission-based Security Policy
6.1.2 Role-based Security Policy
6.1.3 Effective Application Security Policy
6.2.5 Security Policy Enforcement
6.3.1 User Role-based Security
6.3.2 Client Role-based Security
6.4 User Authentication and Authorization
6.4.1 Scheme-specific Authenticators
6.4.2 Global Authentication of Card Holders
6.4.3 Session-scoped Authentication of Web Users
6.4.4 Application-managed Authentication
6.4.5 Web Container-managed Authentication
6.4.6 Card Holder Authorization For Remotely Accessible Applications
6.5 On-card Client Application Authentication and Authorization
6.5.1 On-card Client Application Authentication
6.5.2 Authentication Session Duration
6.6 Security Requirements and Credential Management of Secure Communications
6.6.1 Assignment of Security Requirements and Credential Managers
6.6.2 Retrieving Security Requirements and Credential Managers For Establishing Connections
6.6.3 Invocation of Security Requirements and Credential Managers
6.7.1 Class Loader Delegation Hierarchy
6.7.2 Class Loading Delegation Principle
6.7.3 User-defined Class Loaders
6.7.4 Class-Path Resource Lookup
6.8.3 Restriction on the Use of the Class.forName Method
6.9 Context Isolation Enhancements
6.9.2 Application Namespace Enforcement
6.9.3 Ownership of Transferable Objects
7. Inter-application Communication
7.1 Security Containment Mechanisms
7.2 Object Ownership Transfer Mechanism
7.2.2 Transferring Object Ownerships
7.3 Shareable Interface Object-based Services
7.3.1 SIO-based Service Definition and Identification
7.3.2 SIO-based Service Factory Registration
7.3.3 SIO-based Service Lookup
7.3.4 Role-based Security for SIO-based Services
7.3.5 Lifetime and Persistence of SIO-based Services
7.3.7 Per-Thread Active Context
7.4.1 Event Definition and Identification
7.4.2 Event Listener Registration
7.4.4 Role-based Security for Events
7.4.5 Lifetime and Persistence of Event Listeners
7.4.7 Per-Thread Active Context
8.1 The Card Manager Application
8.2 The Card Management Facility
8.3 Unit of Distribution and Deployment
8.4.1 Application Module Distribution Format
8.4.2 Extension Library Distribution Format
8.4.3 Classic Library Distribution Format
8.5.1 Conventions Used in XML Descriptor Element Diagrams
8.5.2 Common Rules for Processing the XML Descriptors
8.5.3 Java Card Platform-specific Application Descriptor
8.5.4 Web Application Deployment Descriptor
8.5.5 Applet Application Deployment Descriptor
8.6 Loading Application Modules
8.6.1 Code Isolation and Class File Lookup Order Requirements
8.6.2 Class Dependency Resolution Requirements
8.6.3 Class Pre-loading Optimizations
8.8 Creation of Application Instances
8.9 Deletion of Application Instance
8.9.1 Multiple Application/Applet Instance Deletion
8.10 Unloading of Deployment Units
8.10.1 Application Module Unloading with Instance Deletion
9.2 File System Object Identification
9.2.1 Application-private File System Objects
9.4 Atomicity and Transactional Behavior
9.5 Generic Connection Framework-based File Access
9.6 File Resource Event Notifications
A. Default Platform Security Policy APPENDIXA-1
A.1 Permissions in Default Protection Domain for Web Applications APPENDIXA-2
A.2 Permissions in Default Protection Domain for Extended Applets APPENDIXA-4
A.3 Permissions in Default Protection Domain for Classic Applets APPENDIXA-6
A.4 Permissions in Default Protection Domain for Card Management Applications APPENDIXA-7
B. Security Annotations APPENDIXB-1
B.1 Annotations Defined APPENDIXB-3
B.1.1 Type Annotations APPENDIXB-3
B.1.2 Interface Annotation APPENDIXB-5
B.1.3 Method Annotations APPENDIXB-5
B.2 Semantics of Annotations APPENDIXB-7
B.2.1 Scope of Annotations APPENDIXB-7
B.2.2 Annotated APIs APPENDIXB-8
| Runtime Environment Specification, Java Card Platform, v3.0.1, Connected Edition | 5-30-09 | |
Copyright © 2009 Sun Microsystems, Inc. All rights reserved.