Check out the new USENIX Web site.
...JavaCard1
http://java.sun.com/products/javacard
... Specification2
http://www.globalplatform.org
... Framework3
http://www.opencard.org
... Workgroup4
http://www.pcscworkgroup.com/
... parameters5
Strictly speaking, because a symmetric session key is used to protect the data, also the callee can construct valid parameters. Therefore non-repudiation cannot be guaranteed.