Embedded Java Security - Debbabi_ Mourad.pdf - Embedded Java Security (1618) - superktos86

Embedded Java Security

Mourad Debbabi, Mohamed Saleh,

Chamseddine Talhi and Sami Zhioua

Embedded

Java Security

Security for Mobile Devices

Mourad Debbabi, Full Professor and CU Research Chair Tier I

Mohamed Saleh, Research Associate

Chamseddine Talhi, Research Associate

Sami Zhioua, Research Associate

Computer Security Laboratory

Concordia Institute for Information Systems Engineering

Concordia University

Montreal, Quebec

Canada H3G 1M8

{debbabi, m_saleh, talhi, zhioua}@ciise.concordia.ca

British Library Cataloguing in Publication Data

A catalogue record for this book is available from the British Library

Library of Congress Control Number: 2006931788

ISBN-10: 1-84628-590-9

Printed on acid-free paper

ISBN-13: 978-1-84628-590-5

Apart from any fair dealing for the purposes of research or private study, or criticism or review,

as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be

reproduced, stored or transmitted, in any form or by any means, with the prior permission in

writing of the publishers, or in the case of reprographic reproduction in accordance with the terms

of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside

those terms should be sent to the publishers.

The use of registered names, trademarks, etc. in this publication does not imply, even in the

absence of a specific statement, that such names are exempt from the relevant laws and regulations

and therefore free for general use.

The publisher makes no representation, express or implied, with regard to the accuracy of the

information contained in this book and cannot accept any legal responsibility or liability for any

errors or omissions that may be made.

987654321

Springer Science+Business Media, LLC

springer.com

Preface

This book is a comprehensive presentation of embedded Java security

(namely, J2ME CLDC/MIDP), in the sense that the security model

of embedded Java is thoroughly explained, then a detailed analysis

of this model is undertaken. It is compared with the security model

of Java Standard Edition in order to view the impact of limited re-

sources (typically the case of devices supporting embedded Java) on

security. In this regard, the main components of embedded Java are

also presented to have an idea about the platform architecture. To

assess the eﬀectiveness of security measures, an evaluation of the se-

curity features is carried out with results presented in the framework

of the MEHARI method for risk analysis and the Common Criteria

methodology of security evaluation.

Content

Java Micro Edition (Java ME) (currently version 2, hence J2ME)

is the Java platform for resource-limited embedded devices such as

Personal Digital Assistants (PDA), cellular phones, TV set-top boxes,

automobile navigation systems and a broad range of embedded de-

vices (washing machines, interconnecting electronic toys, etc.). Java

ME provides the power and beneﬁts of Java programming language

tailored for embedded devices, including mobility of code, security,

networking capabilities, etc.

In order to address the speciﬁc requirements of diﬀerent market

segments and device families, the high-level Java ME architecture de-

ﬁnes 3 layers on top of the device’s operating system, namely, the

virtual machine layer, the conﬁguration layer, and the proﬁle layer.

The virtual machine is an implementation of the Java Virtual Ma-

chine (JVM). The conﬁguration is a minimal set of class libraries that

provide the basic functionalities for a particular range of devices. Cur-

Embedded Java Security - Debbabi_ Mourad.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: