Abstract: In general, in one aspect, the invention relates to a method for executing applications. The method includes accessing a secure storage element via a host device including a computer processor; executing, by the computer processor, a hosted execution runtime environment (HERE) on the host device; identifying a persistent memory image of the HERE within the secure storage element; executing, by the computer processor, an application using the HERE; and applying, based on executing the application, a first set of changes to the persistent memory image.

Abstract: A system and method is provided to facilitate secure communications for a server-application executing on a resource-constrained device. A request, from a client application executing on a client device to access a server application executing on the resource-constrained device is received on an application-specific secure port of a resource-constrained device. The request is authenticated using a security token stored in an application context of the server application. The authentication is performed by a transport security layer protocol executing within the application context of the server application. The security token is specific for the server application. A secure connection is established directly between the secure port and the client application upon the authentication being successful.

Abstract: A challenge string is sent from a server to an authentication card. The challenge string is encrypted using a private key on the authentication card. Then, the encrypted challenge string is sent as a response from the authentication card to the server. A unique identifier of the authentication card is correlated to a user record residing at the server to obtain an authentication certificate from within the user record. The authentication certificate includes a public key. The public key from the authentication certificate is used to decrypt the response at the server. A determination is then made as to whether the decrypted response matches the challenge string as originally sent from the server to the authentication card. If the decrypted response matches the original challenge string, the authentication is successful. Otherwise, the authentication fails.

Abstract: In general, in one aspect, the invention relates to a method for executing applications. The method includes accessing a secure storage element via a host device including a computer processor; executing, by the computer processor, a hosted execution runtime environment (HERE) on the host device; identifying a persistent memory image of the HERE within the secure storage element; executing, by the computer processor, an application using the HERE; and applying, based on executing the application, a first set of changes to the persistent memory image.

Abstract: A system and method is provided to facilitate secure communications for a server-application executing on a resource-constrained device. A request, from a client application executing on a client device to access a server application executing on the resource-constrained device is received on an application-specific secure port of a resource-constrained device. The request is authenticated using a security token stored in an application context of the server application. The authentication is performed by a transport security layer protocol executing within the application context of the server application. The security token is specific for the server application. A secure connection is established directly between the secure port and the client application upon the authentication being successful.

Abstract: An approach for making an object owned by a first application that executes in a first isolated execution context accessible to a second application that executes in a second isolated execution context is described herein. According to this approach the object is associated with the first isolated execution context. A request is received to render the object accessible to the second application. Ownership of the object is transferred to the second application by changing the isolated execution context that is associated with the object to the second isolated execution context, thereby rendering the object accessible to the second application.

Abstract: To execute legacy smart card applications in a next generation smart card environment, a mechanism converts the applications into a format executable by the next generation smart card platforms. For instance, in a Java-based environment, a normalizer tool translates a CAP file into a Java Class file. Additional mechanisms recreate, on next generation smart cards, a specialized environment that allows the legacy applications to execute without impacting legacy and non-legacy application performance. For example, mechanisms create new instances of previously shared objects so that legacy applications can continue to expect exclusive access to those objects. Moreover, mechanisms manage the communication between a legacy application and non-legacy applications by controlling how and when calls are sent to the legacy application.

Abstract: A persistence management system facilitates porting servlet-based applications, such as Web applications, to an extremely mobile/nomadic system such as a resource-constrained device platform, e.g., a smart card, where sessions on a card acceptance device are intermittent by nature. Persistence management system (i) minimizes the startup time, and (ii) restores applications in a consistent state. The persistent management system supports: a) selective persistence of servlet model objects: both container-managed objects and application-managed objects; b) optional persistence of threads; and c) optional persistence of connection objects.

Abstract: A first application instance is associated with a protection domain based on credentials (e.g.: a signed certificate) associated with a set of application code that, when executed, gives rise to the application instance. The first application instance executes in a first execution context. An indication is received that the first application instance seeks access to protected functionality associated with a second execution context. In response to receiving the indication, a determining is made as to whether the first application instance has permission to access the protected functionality. The determination is made by determining the protection domain with which the first application instance is associated, and determining if the protection domain with which the first application instance is associated is in the set of one or more protection domains.

Abstract: A generic event notification service for a resource-constrained device is provided. One method includes receiving an event having a unique event identifier, and determining whether an event-producing application is authorized to fire the event. Upon a determination of authorization to fire the event, a determination is made whether any event-consuming applications are authorized by the event-producing application to receive the event. Upon a determination of authorization to receive the event, the event is forwarded to each authorized event-consuming application. In this manner, secure, flexible, generic, and uniform application interaction is facilitated.

Abstract: An approach for making an object owned by a first application that executes in a first isolated execution context accessible to a second application that executes in a second isolated execution context is described herein. According to this approach the object is associated with the first isolated execution context. A request is received to render the object accessible to the second application. Ownership of the object is transferred to the second application by changing the isolated execution context that is associated with the object to the second isolated execution context, thereby rendering the object accessible to the second application.

Abstract: A first application instance is associated with a protection domain based on credentials (e.g.: a signed certificate) associated with a set of application code that, when executed, gives rise to the application instance. The first application instance executes in a first execution context. An indication is received that the first application instance seeks access to protected functionality associated with a second execution context. In response to receiving the indication, a determining is made as to whether the first application instance has permission to access the protected functionality. The determination is made by determining the protection domain with which the first application instance is associated, and determining if the protection domain with which the first application instance is associated is in the set of one or more protection domains.

Abstract: A method for resetting a pin on an access card is disclosed. The method includes generating a server authentication (SA) public key and an SA private key and attempting a write of the SA public key to the access card over a non-secure channel. The method further includes determining if the access card currently contains an existing SA public key.

Abstract: To execute legacy smart card applications in a next generation smart card environment, a mechanism converts the applications into a format executable by the next generation smart card platforms. For instance, in a Java-based environment, a normalizer tool translates a CAP file into a Java Class file. Additional mechanisms recreate, on next generation smart cards, a specialized environment that allows the legacy applications to execute without impacting legacy and non-legacy application performance. For example, mechanisms create new instances of previously shared objects so that legacy applications can continue to expect exclusive access to those objects. Moreover, mechanisms manage the communication between a legacy application and non-legacy applications by controlling how and when calls are sent to the legacy application.