An Intel® Dynamic Application Loader (Intel® DAL) trusted application, or applet, is part of an embedded solution and as such it runs in an environment with scarce execution resources. The overall design should be that, as far as possible, the host application performs the bulk of the processing and logic flow, invoking the functionality as needed for specific tasks to only implement the special functionality that this trusted environment can provide.
Intel DAL memory resources are scarce. Trusted applications should be loaded when they have a need to accomplish a task and their sessions should be closed as soon as the task is complete. This restriction directly impacts the number of simultaneously loaded trusted applications into the memory available to Intel DAL. Therefore, all trusted applications should follow the following steps:
trusted application (open session).
(close session) as soon as possible.
Failure to follow this can result in Intel DAL running out of memory and refusing to load trusted applications.
The SDK in Intel DAL assumes that you know how to develop Java* code. The following guidelines apply specifically to developing trusted applications that will run in the Intel DAL environment. Some of the parameters addressed here will change as a function of the platform version, possibly including, for example, available memory, function speed, and the maximum number of trusted applications.
Trusted applications should not depend on an endless loop construct (for example, a
loop), as the Virtual Machine (VM) will not interrupt or stop a running trusted application. This can be problematic if a host-based application attempts to stop the trusted application via the client service command, or the client service tries to stop the trusted application for some reason. Instead, the trusted application should wait for an event (even an event that will never occur). This will give the client application the window to stop the trusted application when necessary.
Do not include secret data in the trusted application.
There is no encryption on the trusted application binary.