Security Analysis of Mobile Java

Author

Debbabi, Mourad ; Saleh, Mohamed ; Talhi, Chamseddine ; Zhioua, Sami

Author_Institution

Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, Que.

fYear

2005

fDate

26-26 Aug. 2005

Firstpage

231

Lastpage

235

Abstract

Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: first, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform

Keywords

Java; application program interfaces; mobile computing; security of data; virtual machines; CLDC API; J2ME CLDC platform; Java 2 Micro-Edition Connected Limited Device Configuration; MIDP API; Mobile Information Device Profile; mobile Java; mobile application; resource-constrained device; security analysis; virtual machine; Cellular phones; Communication system security; Data security; Information analysis; Information security; Information systems; Internet; Java; Systems engineering and theory; Virtual machining;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 2005. Proceedings. Sixteenth International Workshop on

Conference_Location

Copenhagen

ISSN

1529-4188

Print_ISBN

0-7695-2424-9

Type

conf

DOI

10.1109/DEXA.2005.172

Filename

1508278