Java for Mobile Devices: A Security Study

14 years 5 months ago

Download www.acsac.org

Java 2 Micro-Edition Connected Limited Device Conﬁguration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resourceconstrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: First, we study the security architecture of J2ME CLDC. Second, we provide a vulnerability analysis of this Java platform. The analyzed components are: Virtual machine, CLDC API and MIDP (Mobile Information Device Proﬁle) API. The analysis covers the speciﬁcations, the reference implementation (RI) as well as several other widely-deployed implementations of this platform. The aspects targeted by this security analysis encompass: Networking, record management system, virtual machine, multi-threading and digital right management. This work identiﬁes security weaknesses in J2ME CLDC that may represent sources of security exploits. Moreover, the results reported ...

Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi,

Real-time Traffic

ACSAC 2005 | CLDC API | J2ME CLDC | Security | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	24 Jun 2010
Updated	24 Jun 2010
Type	Conference
Year	2005
Where	ACSAC
Authors	Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi, Sami Zhioua

Comments (0)

Sciweavers

Java for Mobile Devices: A Security Study

ACSAC 2005 | CLDC API | J2ME CLDC | Security | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers