This content has been marked as final. Show 2 replies
Good application !
First, I would recommend you don't store library information on the card simply because if the card is lost, you don't have a record of the books. I recommend you keep track of that information on the back-end. Why would the librarian need to unlock the student applet ? Two ways to approach this...1) I would just have a secure channel between the librarian and the student to store information onto the student card. 2) create a SIO librarian applet on the student card as well. The librarian would communicate to that applet and store data to that applet only. The student data is untouched, uncompromised and the student applet may read the SIO applet.
Thank you to recommend me, I do not store information of the books that the student borrowed. I store only information to control the loan and the time of the loan. The librarian has the right to block the card for better controlling the loan. I will test two ways which you presented. But the problem it is that there are little guides to do that, I find that the specification of JavaCard for these two technologies is too simple. I already tested a other solution, I declared the variable lock like a variable static, therefore I can read and modify this variable . But I am afraid that there is problem with security