Smart Card Platform classification on the basis of system post-issuance behavior.
-
Closed Platform
In these card post-issuance code download is not permitted. In such cases an attack should exploit the side channel analysis or fault injection.
-
Open Platform
In these card post-issuance code download is allowed. This scenario is protected by the GlobalPlatform protocol that requires a mutual authentication before loading any code. Therefore, the operator which is the only one allowed to load code into the card, checks systematically new application using the off-card BCV but also rules checkers and code reviews. Using the on-card BCV denies the right to load ill-formed applications. But it is demonstrated that this step is not sufficient. A well-formed code is loaded but ill-formed code is executed.
-
Development Platform
With such cards, the developer has the right to load code (the authentication keys are known).
Java Card Security 