Java ME Developer Guide

Chapter 12 - JSR-177 Java ME Security and Trust Services API

12 JSR-177 Java ME Security and Trust Services API

12.1 Feature Description

This chapter describes the JSR-177 which defines optional packages for the Java ME platform. The purpose of this JSR is to specify a collection of APIs that provides se- curity and trust services by integrating a Security Element (SE). An SE, provides the following:

Secure storage to protect sensitive data, such as the user's private keys, public key (root) certificates, service credentials, personal information, etc.

Cryptographic operations to support payment protocols, data integrity, and data confidentiality.

A secure execution environment to deploy custom security features. MIDlets would rely on these features to handle many value-added services, such as user identification and authentication, banking, payment, loyalty applications, and so on.

Smart cards (SIM/USIM/UICC/RUIM) are commonly used to implement an SE. For example, on GSM networks, the network operator enters the network authentication data on the SIM, as well as the subscriber's personal information, such as the ad- dress book. When the subscriber inserts the SIM into a mobile handset, the handset is enabled to work on the operator's network.

DRAFT - Subject to Change [85/201]

Page 85
Image 85
Motorola maxx V6 JSR-177 Java ME Security and Trust Services API, Feature Description, Draft Subject to Change 85/201