Printed: May 5, 2024
From: http://jcp.org/en/jsr/detail?id=177
|
Specification Leads | |||
Saqib Ahmad | Oracle | ||
Roman Zelov | Sun Microsystems, Inc. | ||
Expert Group | |||
Betrusted Inc. | Gemalto | Motorola | |
Nokia Corporation | NTT DoCoMo, Inc. | Oberthur Card Systems | |
Oracle | Research In Motion, LTD (RIM) | Softbank Mobile Corporation | |
Sony Ericsson Mobile Communications AB | Sun Microsystems, Inc. | Telefonica Moviles Espana | |
Vodafone Group PLC | Vodafone Group Services Ltd |
NOTICE: Please be aware the CDC 1.0 specification initially related to this JSR has been replace (superseded) with the newer CDC 1.1 specification. CDC 1.0 will no longer be supported after 18-Aug-2009. This JSR and other optional technologies based on the CDC 1.0 standards are fully compatible with the CDC 1.1 standards. All development and certification efforts should be updated to use the current, supported technology.
Note that this JSR was completed under JCP 2.1.
The following information was updated from the original proposal.
2007.08.20: Roman Zelov was added as a Maintenance Lead.
Name of Maintenance Lead: Roman Zelov
E-Mail Address: roman.zelov
Telephone Number: +8 812 334 61 46
Fax Number: +8 812 334 30 38
Original Java Specification Request (JSR)
Identification |
Request |
Contributions
Section 1. Identification
Submitting Member: Sun Microsystems, Inc.
Name of Contact Person: Zhiqun Chen
E-Mail Address: zhiqun.chen@sun.com
Telephone Number: +1 408 276 7389
Fax Number: +1 408 276 7608
Specification Lead: Zhiqun Chen
E-Mail Address: zhiqun.chen@sun.com
Telephone Number: +1 408 276 7389
Fax Number: +1 408 276 7608
Initial Expert Group Membership:
Cingular
DoCoMo
France Telecom
Gemplus
Hutchison 3G
JPhone
KDDI
Oberthur
Orange
Sprint
Telef?nica M?viles Espa?a
Sun Microsystems Inc.
Vodafone
Supporting this JSR:
Section 2: Request
The purpose of this JSR is to define a collection of APIs that provide security services to J2ME enabled devices. These APIs are a necessary step for a device to become trusted, in other words provide security mechanisms to support a wide variety of application based services, such as access to corporate network, mobile commerce, and digital rights management.
Many of these services rely on the interaction with a Security Element in the device for secure storage and execution as described below:
As the primary use for cards in these devices is to provide security (storage and processing) and other custom services, this specification provides an access model that enables applications running on J2ME enabled devices to communicate with a smart card inserted in the device. This access model intends to provide a flexible mechanism to allow service and equipment providers to define secure operations.
This API will focus on supporting consumer devices (CLDC [Connected Limited Device Configuration] and CDC [Connected Device Configuration]) but should not be designed in such a way as to preclude its implementation on larger platforms such as J2SE.
The security and trust services API is proposed to be an optional package to be used together with several J2ME profiles.
This API provides security services to Java applications running on J2ME enabled devices and to enable new value-added functions to be deployed on these devices.
Also see 2.1.
The current J2ME platform does not have APIs that provide security services to applications and does not include any way to access security elements from the underlying platform.
In order to perform trusted operations, J2ME applications need to rely on the security services provided in a Security Element to ensure that, for example, the cryptographic keys are stored securely and that the cryptographic computations are performed securely. The proposed API establishes a Java programming model for accessing the features of a Security Element.
javax.microedition.se.*
javax.microedition.crypto
No. It depends largely on other standards and on their implementation on the various devices.
This JSR aims at extending the current security model to support client side, custom security solutions through the integration of a security element.
No.
No
Q1 - Q2, 2003
The expert group will follow the model of the JSR118 expert group and others, using in the main email communications with occasional telephone and face to face meetings.
Section 3: Contributions
General contributions:
The APIs to be defined in the specification are intended to work with CLDC- and CDC-based profiles, in particular MIDP, and will be defined to take into consideration industry standards of related technologies.