B Installation and Runtime Security Guidelines
Oracle Java ME SDK requires an execution model that makes certain network resources are available for emulator execution. These required resources might include (but are not limited to) a variety of communication capabilities between product components.
Note:The Oracle Java ME SDK installation and runtime system is a developer system. It is not designed to guard against any malicious attacks from outside intruders.
During execution, the Oracle Java ME SDK architecture can present an insecure operating environment to the platform's installation file system, and its runtime environment. For this reason, it is critically important to observe the precautions outlined in these guidelines when you install and run Oracle Java ME SDK.
B.1 Maintaining Optimum Network Security
To maintain optimum network security, Oracle Java ME SDK can be installed and run in an isolated network environment, where the Oracle Java ME SDK system is not connected directly to the Internet. It can also be connected to a secure company intranet environment, which will reduce unwanted exposure to malicious intrusion.
An example of an Oracle Java ME SDK requirement for an Internet connection is when wireless functionality requires a connection to the Internet to support communications with the wireless network infrastructure that is part of an Oracle Java ME SDK application execution process. Whether or not an Internet connection is required depends on the particular application running on Oracle Java ME SDK. For example, some applications can use an HTTP connection.
If Oracle Java ME SDK is open to any network access, then you must take the following precautions to protect valuable resources from malicious intrusion:
Installing the Java ME Demos plugin is optional. Some sample projects use network access and open ports. Because the sample code does not include protection against malicious intrusion, ensure that your environment is secure if you install and run the sample projects.
Install Oracle Java ME SDK behind a secure firewall that strictly limits unauthorized network access to the Oracle Java ME SDK file system and services. Limit access privileges to those that are required for Oracle Java ME SDK usage while allowing all the bidirectional local network communications that are necessary for Oracle Java ME SDK functionality. The firewall configuration must support these requirements to run the Oracle Java ME SDK while also addressing them from a security standpoint.
Follow the principle of least privileged by assigning the minimum set of system access permissions required to install and execute Oracle Java ME SDK.
Do not store any sensitive information on the same file system that is hosting Oracle Java ME SDK.
To maintain the maximum level of security, ensure that all the latest updates for the operating system are installed.