An increasing number of smart phones support Java 2, Micro Edition. Mobile application developers must deal with J2ME’s inherent security weaknesses as well as bugs in implementa¬tions on real devices. The new Security and Trust Services API for J2ME addresses some of these challenges, although it too has shortcomings.
A smart phone combines a full-featured mobile phone with advanced data and multimedia functionality including PDA capabilities, Internet and e-mail access, and MP3 and video playback. It typically includes a large color touch screen, a keyboard, Bluetooth technology to communicate with other devices, and substantially more memory and processing power than a regular mobile phone. Another key feature is the ability to install additional applications.
The smart phone market is growing fast, spurring development of new mobile software for everything from gaming to online banking to GPS navigation. For example, total global revenue in the mobile gaming market is expected to soar from $2.6 billion in 2005 to $11.2 billion by 2010, with online multiplayer games generating 20.5 percent of market share.
Many different development platforms exist for smart phones, categorized by phone manufacturers, mobile operating systems, and device capabilities. The most widespread is Java 2, Micro Edition), available on nearly 80 percent of currently marketed smart phones.
Experience gained during a commercial development project demonstrates how J2ME technologies, particularly security-related functionality, are implemented on real devices and provides insights into the problems researchers encounter during the development process.
J2ME TECHNOLOGIES
The Java 2 platform has several editions, including Enterprise Edition (J2EE) for the server side and Standard Edition (J2SE) for desktop systems. J2ME is a highly optimized Java runtime environment aimed at mobile phones, PDAs, and other small devices.
Configurations and profiles
J2ME configurations are intended for devices with similar characteristics in terms of processors and memory. Profiles target devices that are similar in terms of screen type, input devices, and network connectivity; they complement the low-level functionality of configurations by adding support for user interaction and network connectivity.
A configuration specifies the supported Java virtual machine features, the included Java programming language features, and the supported Java libraries and application programming interfaces (APIs). Two configurations are widely available on J2ME devices: Connected Limited Device Configuration 1.0, which has been around for years, and CLDC 1.1, which is deployed in newly released devices ). The most notable difference between the two configurations is that CLDC 1.1 adds support for floating-point operations. Because CLDC 1.1 is a superset of CLDC 1.0, Java applications built for CLDC 1.0 will run without problems on CLDC 1.1. Thus, unless any of the additions in version 1.1 is specifically needed, developers should build their applications for CLDC 1.0 to be compatible with as many devices as possible.
Two profiles extend CLDC functionality: Mobile Information Device Profile 1.0 and 2.0 (). The MIDP profiles add APIs for user intera原文请找腾讯752018766辣,文-论'文.网
http://www.751com.cn ction, network connectivity, and persistent storage. HTTP connections provide network connectivity, while a record management system provides persistent storage. MIDP 2.0, a superset of MIDP 1.0, includes support for secure HTTP (HTTPS) connections and more powerful graphics APIs for gaming.
Specifications
New J2EE/J2SE/J2ME specifications emerge through the Java Community Process (JCP) program. Developers first submit a Java Specification Request for acceptance by an executive committee. Once the committee accepts a JSR, an expert group assumes responsibility for specification development. The specification draft must first pass a community review, then a public review. The expert group presents a proposed final draft, and an approval ballot decides if the specification is suitable for release.
An expert group typically consists of many participants. For example, the MIDP 2.0 expert group included, among others, Ericsson, Motorola, Nokia, Siemens, Sun Microsystems, Samsung, and Symbian. Expert groups enable large industrial parties to collaborate in specifying new functionality for the Java platform. This minimizes competition among different vendor specifications and increases the likelihood of a specification’s wide adoption. All CLDC versions and MIDP versions resulted from JSRs, as did several other J2ME components such as the Security and Trust Services API (JSR-177), the Wireless Messaging API (JSR-120), and the Java APIs for Bluetooth Wireless Technology (JSR-82). All specifications are freely available at the JCP Web site
上一页 [1] [2] [3] [4] [5] [6] 下一页
J2ME网络安全挑战英文文献及翻译 第5页下载如图片无法显示或论文不完整,请联系qq752018766
