Happy Birthday, Smart Card WEB server ! pdf
Pascal Urien, January 2009
The first
smart card WEB server was born on January 12th 1999, a memorable
Tuesday, due to snow falls that created heavy traffic jams around Paris. At the
afternoon end, highways were closed and even some drivers spent the night in
their cars. So I had to wait for the end of these traffic jams in my office, in
Bull Louveciennes until 10 pm. During these hours, I wrote the last code lines,
of the first Java card WEB server. I was in a hurry to see it at work. I drove
back to home, had a quick dinner, and then push HTML pages in my smart card,
while eating my dessert. Finally at midnight I started my browser with the URL
http://127.0.0.1, it was working!. I said to my wife “great new, the first
smart card web server is running” and I drunk a victorious glass of red
Bordeaux. She was not really convinced, and could not believe that such event
was occurring on her dining room table. But it was the truth…
The story
began in November 1997, the day I was engaged by the CP8 Company. At that time
I was a research engineer specialized in networking and embedded computing. I
designed communication boards and operating systems for the Bull Company. I was
also a lecturer in several French universities and I was teaching computer
designs, operating systems, networking, WEB technologies and Windows
programming. Since 1995 I was writing the WSPLUG shareware, a WEB server
dedicated to Windows 3.1 and Windows 95 environments. It was my first
experiments with eCommerce, and thanks to Compuserve facilities, I earned about
100$, which were spent in fine restaurants.
In February
1998, I was in the office of Michel Ugon, the inventor of the SPOM, i.e. a
smart card equipped with microprocessor and internal memories. I asked me to
think about new applications for smart cards. A few weeks later, I came back
with two proposals, peer to peer networks, based on contactless smart cards and
smart cards as IP nodes. The second idea won unanimous support, the SmartNet project was born.
The Sm@rNet
Project Architecture, February 1998
During the
summer 1997, I read while windsurfing in south of France, a heavy book from Guy
Pujolle, a famous professor teaching networking at the University of
Versailles. I was looking for a partnership student, so in March 1998, I sent a
first email to Guy Pujolle, in which I described the project by a few words,
“smart card is a network computer”. The answer was “OK, let’s do it”. But in
1998, in the dot-com bubble context, it was very difficult to find students for
research projects. Hayder Saleh volunteered for this job; it was a skilled
student from Bagdad, who got a grant for studying in France. After a short
training he was speaking and writing French in a very phonetically way, but he
was a cleaver guy opened to new technologies.
During the
spring 1998, I designed the SmartTP (Smart
Transfer Protocol) protocol making a logical bridge between TCP and the ISO
7816 transport. I built an experimental platform emulating smart cards and
terminals, and equipped with two serial ports. Two separate applications
simulated dialogs between browser and smart card; they were linked via a null
modem cable. Hayder was in charge to implement a meticulous emulation of the
T=1 protocol.
The first
patent, August 13th, 1998.
In July, the
first SmartTP specification was released and validated with the Windows
platform. I wrote a patent proposal and forwarded it to our intellectual
property department. Several rough debates were needed for convicting them that
my idea made sense. I renumber a heated discussion with a patent consultant
explaining me that “smart cards are not and will never be WEB servers”. Finally
I won on points, and the patent was issued on August 13th 1998. In
October we presented a live demonstration of our PC platform to marketing
attendees. It showed a browser downloading HTML page from a smart card emulated
WEB server. Yes it should be possible to do that!
The Sm@rNet Simulation platform, in September 1998
At the end of
his internship, Hayder took some vacations in Bagdad. I redacted a PHD proposal
and began the fight for its funding. In 1998 it was not easy to deploy smart
card readers because no standards were clearly defined. CP8 was using serial devices
called TLP 224, working with
proprietary APIs, the “CP8 AKL”. During the autumn, I intensively practiced ISO
7816 dialogs, and I successfully integrated the TLP 224 reader to the software
platform.
When Hayder
come back from Iraq in November, I got a temporary funding; we started a PHD
work with Guy Pujolle and continued the job. The next big step was to
physically design a smart card WEB server. Hopefully a revolution had occurred
within the smart cards landscape. CP8 released its first Java card, “Odyssey”
offering 7 Kilo Bytes of memory for data and code. We bought Java for dummies, and learned java cards
programming in CP8 corridors and at the coffee machine. Furthermore our office
neighbors were a group of friendly Indian engineers, designing the programming
kit for Odyssey products.
As I
mentioned before, I was a teaching expert of embedded systems, programming and
WEB technologies. It didn’t take me a long time for coding a WEB server for
java cards. The critical issue was mainly the protocol (SmartTP) transporting
HTTP packets between smart card and browser, which had been previously
validated. Mid-January 1999, the first smart card WEB server was running: 3,5
KB were consumed by the java program and 3,5 KB were available for its content.
January 1999, the first smart card WEB server,
designed with an Odyssey Java card and a TLP 224 reader.
After some
additional tests and improvements I sent a victorious email to the BULL staff,
“the first world smart card WEB server is running, you can use at my IP
address”. Gerard Roucairol, who was heading BULL researches, made an
enthusiastic response, in French “J’en
reste sur le cul”. But nothing else occurs during a few weeks, the company
managers were using a proxy for their internet surf, and weren’t able to
configure it. So they could reach my smart card WEB server…
I was a
little depicted, but I submitted a first paper proposal to a French conference,
JRES99, organized by the CNRS research agency. I took a risk, because I could
be fired for that, but my pioneer spirit was stronger.
In March 99,
I was invited to the traditional lunch offered by CP8 to its inventors of the
year. David Levy, the company CEO chaired this event, it was my table neighbor.
We had a long talk about the smart card WEB server. My students were prepared
to a possible delay for my afternoon talk, at the university of Paris Dauphine.
I was one hour late, and I said them “the story is beginning”, there were
“hurrah!” in the room.
During the
spring 1999, I made a 48 hours trip with my CEO to the SUN headquarters in the
San Francisco area, where I demonstrated the smart card WEB server. SUN
suggested to freely distribute this technology and to make money with services.
David Levy replied that “he didn’t suppose that Americans were communists”. I
also suggested an open approach, i.e. code source publication, but the answer
was “if you do that, you are fired”.
The
technology got a new name OverSoft,
because “Over” is smarter than “Micro”. It was officially announced at the
Cartes’99 fair. The first French paper was published in December 99 at JRES99,
the first revue paper appears in Computers Communications in 2000, and I was
not fired…
November
1999, the first press release
Three designs of the smart card WEB server
Sesames Award,
Paris 2000 (left part) and Advanced Card Award, London 2001 (right part)
A new PHD
student, Adel Tizraoui completed the research team in 2000. One fine morning of
May 2000, Hayder read in the subway an advertisement for the innovation
competition, “Les Sésames” organized during the cartes’2000 event. It took a
couple of days to convict our staff that we should participate to this
competition. Finally I was authorized to do it, I wrote and submit our entry;
we got the Sesame of the Best Technological Innovation. During the autumn 2000,
a new name was given to the smart card WEB server, the iSimplify! card. A few
hundred cards were produced and printed for the cartes’2000 fair. We (the
research team) designed a football quiz (the “Zizou applet”), driven by an HTTP
interface; every lucky winner was gratified with a true soccer.
April 2001, an insert in the French magazine Sciences
& Avenir.
2002, an
insert in the French magazine “01 informatique” illustrates the launching of
the first iSimplify! product, based
on a smart card WEB server
CP8 was
bought in 2001 by Schumberger. The iSimplify! product disappeared. The research
team released 9 patents and dozens of publications; it integrated OSI concepts,
server and client paradigms and XML technologies in the smart card ecosystem.
After a strong internal lobbying, I published the IETF draft entitled “Smart
Transfer Protocol” in June 2001.
A Short Bibliography
Pascal Urien,
Hayder Saleh. "Une nouvelle approche de la carte a puce reseau",
December 1999, JRES 99 Montpellier.
Pascal Urien
"Internet Card, a smart card as a true Internet node", Computer
Communication, volume 23, issue 17, October 2000.
Internet Draft, “SmartTP, Smart Transfer Protocol”,
June 2001, http://bgp.potaroo.net/ietf/all-ids/draft-urien-smarttp-00.txt
Pascal Urien,
Hayder Saleh, Adel Tizraoui , "XML Smartcards", Springer Verlag, LNCS
2093 IEEE International Conference on Networking, ICN'01, July 11-13, 2001,
Colmar, France.
Pascal Urien,
"Programming internet smartcards with XML scripts", Springer Verlag,
LNCS 2140, e-Smart 2001, September 2001.
Pascal Urien,
"Internet smartcard benefits for Internet security issues",
Campus-Wide Information Systems, Volume 20, Number 3, 2003, pp. 105-114.