Pengembangan teknologi keamanan transaksi elekronik terus dilakukan. Java™ Wallet merupakan salah satu produk yang dikembangkan untuk mendukung sistem keamanan dalam transakasi. Java™ wallet dirancang untuk keperluan traksaksi antar perusahan yang bekerja di sisi client. Tidak seperti biasanya, antara client dan server selalu terhubung selama transakasi.
Sistem keamanan Java™ Wallet merupakan keturunan dari Java™ sehingga mewarisi karakteristik keamanan Java™. Semua komponen yang ada dalam Java™ Wallet tidak dapat dipalsu, disadap, dan tidak merusak sistem yang ada.
Java™ wallet menyimpan semua informasi pengguna yang berhak untuk bertransaksi, sehingga terhindar dari upaya-upaya pencurian informasi transakasi oleh pihak-pihak yang tidak berkepentingan.
Kata kunci: Java™ Wallet, Security, Client, E-Commerce
Referensi:
• Secure Computing with Java: Now and the Future (a whitepaper) http://www.javasoft.com/marketing/collateral/security.html
• Java’s Security architecture http://www.javaworld.com/javaworld/jw-08-1997
• Centre for Electronic Commerce http://www-cec.buseco.monash.edu.au
• Ries, Eric, Java Electronic Commerce Framework, 1997.
• www.visa.com
• www.mastercard.com
• What is the JavaTM Wallet?
• What is the JavaTM Commerce Client?
• What are the JavaTM Commerce APIs?
• What is a Commerce JavaBeansTM Component?
• What is a Cassette?
• What is the Java SmartCard API?
• Will the Java Commerce APIs be part of JDK 1.1?
• How can I get more detailed information?
Add a question to the FAQ
Questions and Answers
What is the Java Wallet?
The Java Wallet is a family of products written in the JavaTM programming language that are designed to enable secure electronic commerce operations. The Java Wallet incorporates the Java Commerce Client, Commerce JavaBeans components, the Gateway Security Model, and Java Commerce Messages to offer users an extensible platform for online commerce.
These products can be used independently of one another. Users might even be unaware that they have a Java Wallet running in their machine when several Commerce JavaBeans components are included in some other application.
Because it is implemented in Java, the Java Wallet will run everywhere Java is available. This includes all popular browsers and the increasing number of operating systems and network computers that incorporate Java.
What is the Java Commerce Client?
The Java Commerce Client (JCC) is Sun Microsystem's client side solution for secure electronic commerce transactions. As an open, extensible platform, the JCC provides functionality that reduces the time and effort developers require to build electronic commerce applications. JCC users are provided with a Wallet-like user interface, a database, and an extensible platform that enables the use of a variety of payment instruments and protocols for a nearly unlimited number of E-commerce operations.
Once the JCC is configured on a client machine, the JCC user can download and install new Instrument, Protocol, and Operation Commerce JavaBeans components developed by third party software providers. The JCC user can also extend the JCC with internal services, like address books, and transaction logs, that are also available as Commerce JavaBeans components. The JCC provides merchants with the ability to create heavily branded user interfaces that can be tied to merchant-specific operations, such as a purchase on a specific merchant site or a transaction with a given bank.
The JCC offers a flexible solution in the rapidly evolving world of electronic commerce on the Internet.
What are the Java Commerce APIs?
The Java Commerce APIs implement basic services within the Java Commerce Client. They provide foundation services that allow developers to easily create new electronic commerce applications, like on-line shopping malls, home banking or electronic brokerage. The classes that form the Java Commerce APIs are designed to enable:
• Rapid Commerce Component Development. The Commerce JavaBeans specification provides for rapid development and deployment of commerce components. Once components are packaged in signed jar files (known as cassettes), they can be made available to end users via download or disk.
• Easy, Secure Downloading and Installation of Cassettes. The Java Commerce API contains support for an installation subsystem that facilitates the download and installation of new commerce components into the Java Wallet.
• Secure Interoperation of Commerce JavaBeans components. Once commerce components are installed and registered, the Java Commerce API enables their secure, constrained interoperation using the Gateway Security Model.
• Secure Storage of Private End-User Information. The Java Commerce APIs contain a database that securely holds personal information, like credit card numbers or transaction histories. The database uses the security functionality built into the Java Developer's Kit to ensure the privacy of this data.
• Rapid Development of Secure Payment Mechanisms. The Java Commerce APIs allow developers to quickly go from payment protocol specifications to working implementations.
What is a Commerce JavaBeansTM Component?
A Commerce JavaBeans component is a reusable commerce component that meets specific interface requirements. Commerce JavaBeans enable developers to easily write commerce components that can extend the functionality of the JCC.
The Commerce JavaBeans model extends the JavaBeans TM model to provide interface typing and support for the Gateway Security Model. Commerce JavaBeans components show some functionality within standard JavaBeans builder tools, but they only manifest full functionality in Commerce JavaBeans-aware environments such as the JCC.
The Commerce JavaBeans API Specification will be published soon.
The following Commerce JavaBeans interfaces are defined for use with the JCC:
• Transacted (Issues events that allow transaction checkpointing and recovery. This interface is extended by both Operation and Protocol interfaces.)
• Operation (Implemented for purchase, ATM transfer, financial planning. . .)
• Protocol (Implemented for post, SET, Mondex. . .)
• Instrument (Implemented for credit card, coupon, voucher, frequent-flyer miles card. . .)
• User interface (Implemented for alternate GUIs designed by Commerce JavaBeans component developers)
• Service (Implemented for address book, cassette management, instrument management. . . )
• Preference (Implemented for user preference configuration)
• Gate (Implementation provides a secure shield around protected APIs)
The Commerce JavaBeans class is derived from java.beans.Beans. Therefore, the Commerce JavaBeans class presents the same functionality as java.beans.Beans but with a slightly broader interface tailored to support Commerce JavaBeans components.
Commerce JavaBeans components are contained in cassettes. When a cassette is downloaded and installed, the JCC can make use of the Commerce JavaBeans component(s) it contains to perform commerce operations. For example, the JCC could use a Purchase Operation Bean in conjunction with a credit card Instrument and an SET Protocol Bean to perform a secure online purchase. The Commerce JavaBeans model is extensible, so developers can create new types of Commerce JavaBeans components as the need for them arises.
What is a Cassette?
A Cassette is package for Commerce JavaBeans components.
A Cassette is a JAR (Java archive) file that:
• Contains resources (one or more Commerce JavaBeans components, shared interfaces, graphics, etc.)
• Is digitally signed with one or more Roles. Each role provides specific capabilities to the contents of a cassette.
• Contains information about the contents of the JAR file which enables the JCC to download, install, and register Commerce JavaBeans components.
What is the Java Smart Card API?
The javax.smartcard package provides an API that enables communication between portable Java applications and smart cards, independent of hardware devices. The Java Smart Card layer makes the card reader and port transparent to the Java application communicating with the smart card, providing a direct channel between application and smart card. The Java application only requires intimate knowledge of the smart card itself, for example, what kinds of APDUs the card understands. The implementation of javax.smartcard included with the Java Wallet is preliminary and should be considered a prototype.
For more information on the Java Smart Card API, visit the Java Wallet Smart Card API Page.
Will the Java Commerce APIs Be Part of JDKTM?
The Java Commerce APIs are delivered separately from JDK. The Java Commerce APIs constitute a standard extension to the JDK.
