Exit Print View

Java Platform Micro Edition Software Development Kit Version 3.0

Get PDF Book Print View

Document Information

Getting Started

Java ME Platform SDK Features

Using Sample Projects

Creating and Editing Projects

Viewing and Editing Project Properties

Running Projects in the Emulator

Searching the WURFL Device Database

Finding Files in the Multiple User Environment

Profiling Applications

Monitoring Network Traffic

Lightweight UI Toolkit

Security and MIDlet Signing

Security Domains

Setting Security Domains

Specifying the Security Domain for an Emulator

Specifying the Security Domain for a Project

Signing a Project

Managing Keystores and Key Pairs

Working With Keystores and Key Pairs

Creating a Keystore

Adding an Existing Keystore

Creating a New Key Pair

Removing a Key Pair

Importing an Existing Key Pair

Managing Root Certificates

BD-J Support

CLDC Emulation on a Windows Mobile Device

Installing CLDC Emulation on a Windows Mobile Emulator

On-device Debugging

Command Line Reference


JSR Support

JSR 75: PDA Optional Packages

JSR 82: Bluetooth and OBEX Support

JSR 135: Mobile Media API Support

JSR 172: Web Services Support

JSR 177: Smart Card Security (SATSA)

JSR 179: Location API Support

JSRs 184, 226, and 239: Graphics Capabilities

JSR 205: Wireless Messaging API (WMA) Support

JSR 211: Content Handler API (CHAPI)

JSR 238: Mobile Internationalization API (MIA)

JSR 229: Payment API Support

JSR 256: Mobile Sensor API Support


Security and MIDlet Signing

The Java ME Platform SDK supports the security policies and domains defined by both JSR 185 (Java Technology for the Wireless Industry or JTWI) and JSR 248 (Mobile Service Architecture or MSA). The SDK provides tools to sign MIDlet suites, manage keys, and manage root certificates. The security domains are further described in Security Domains.

MIDP 2.0 (JSR 118) includes a comprehensive security model based on protection domains. MIDlet suites are installed into a protection domain that determines access to protected functions. The MIDP 2.0 specification also includes a recommended practice for using public key cryptography to verify and authenticate MIDlet suites.

The general process to create a cryptographically signed MIDlet suite is as follows:

  1. The MIDlet author, probably a software company, buys a signing key pair from a certificate authority (the CA).

  2. The author signs the MIDlet suite with the signing key pair and distributes their certificate with the MIDlet suite.

  3. When the MIDlet suite is installed on the emulator or on a device, the implementation verifies the author’s certificate using its own copy of the CA’s root certificate. Then it uses the author’s certificate to verify the signature on the MIDlet suite.

  4. After verification, the device or emulator installs the MIDlet suite into the security domain that is associated with the CA’s root certificate.

For definitive information, consult the MIDP 2.0 specification. For an overview of MIDlet signing using the Java ME Platform SDK, read the article Understanding MIDP 2.0's Security Architecture, which is available at http://developers.sun.com/techtopics/mobility/midp/articles/permissions/

If you need more background on public key cryptography, try the article MIDP Application Security 1: Design Concerns and Cryptography, which is available at http://developers.sun.com/techtopics/mobility/midp/articles/security1/. See the following topics: