| This book is a comprehensive presentation of embedded Java security (namely, J2ME CLDC/MIDP), in the sense that the security model of embedded Java is thoroughly explained, then a detailed analysis of this model is undertaken. It is compared with the security model of Java Standard Edition in order to view the impact of limited resources (typically the case of devices supporting embedded Java) on security. In this regard, the main components of embedded Java are also presented to have an idea about the platform architecture. To assess the effectiveness of security measures, an evaluation of the security features is carried out with results presented in the framework of the MEHARI method for risk analysis and the Common Criteria methodology of security evaluation.
Java Micro Edition (Java ME) (currently version 2, hence J2ME) is the Java platform for resource-limited embedded devices such as Personal Digital Assistants (PDA), cellular phones, TV set-top boxes, automobile navigation systems and a broad range of embedded devices (washing machines, interconnecting electronic toys, etc.). Java ME provides the power and benefits of Java programming language tailored for embedded devices, including mobility of code, security, networking capabilities, etc.
In order to address the specific requirements of different market segments and device families, the high-level Java ME architecture defines 3 layers on top of the device’s operating system, namely, the virtual machine layer, the configuration layer, and the profile layer. The virtual machine is an implementation of the Java Virtual Machine (JVM). The configuration is a minimal set of class libraries that provide the basic functionalities for a particular range of devices. Currently, there are two standard configurations, namely, Connected Device Configuration (CDC) and Connected Limited Device Configuration (CLDC). CLDC is designed for devices with intermittent network connections, limited processors and memory. This category includes: Cellular phones, PDAs, etc. CDC, on the other hand, is designed for devices that have more processing power, memory, and network bandwidth. This category includes: Internet TVs, high-end communicators, automobile navigation systems, etc. |