Title :
Security Analysis of Mobile Java
Author :
Debbabi, Mourad ; Saleh, Mohamed ; Talhi, Chamseddine ; Zhioua, Sami
Author_Institution :
Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, Que.
Abstract :
Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: first, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform
Keywords :
Java; application program interfaces; mobile computing; security of data; virtual machines; CLDC API; J2ME CLDC platform; Java 2 Micro-Edition Connected Limited Device Configuration; MIDP API; Mobile Information Device Profile; mobile Java; mobile application; resource-constrained device; security analysis; virtual machine; Cellular phones; Communication system security; Data security; Information analysis; Information security; Information systems; Internet; Java; Systems engineering and theory; Virtual machining;
Conference_Titel :
Database and Expert Systems Applications, 2005. Proceedings. Sixteenth International Workshop on
Conference_Location :
Copenhagen
Print_ISBN :
0-7695-2424-9
DOI :
10.1109/DEXA.2005.172
