Security analysis of mobile java

Mourad Debbabi; Mohamed Saleh; Chamseddine Talhi; Sami Zhioua

doi:10.1109/DEXA.2005.172

Security analysis of mobile java

Mourad Debbabi, Mohamed Saleh, Chamseddine Talhi, Sami Zhioua

Concordia Institute for Information Systems Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: First, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: Virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform.

Original language	English
Title of host publication	Proceedings - Sixteenth International Workshop on Database and Expert Systems Applications, DEXA 2005
Pages	231-235
Number of pages	5
DOIs	https://doi.org/10.1109/DEXA.2005.172
Publication status	Published - 1 Dec 2005
Externally published	Yes
Event	16th International Workshop on Database and Expert Systems Applications, DEXA 2005 - Copenhagen, Denmark Duration: 22 Aug 2005 → 26 Aug 2005

Publication series

Name	Proceedings - International Workshop on Database and Expert Systems Applications, DEXA
Volume	2006
ISSN (Print)	1529-4188

Conference

Conference	16th International Workshop on Database and Expert Systems Applications, DEXA 2005
Country/Territory	Denmark
City	Copenhagen
Period	22/08/05 → 26/08/05

Access to Document

10.1109/DEXA.2005.172

Cite this

@inproceedings{d47e5a1c60ca4192a98a0a263140a837,

title = "Security analysis of mobile java",

abstract = "Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: First, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: Virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform.",

author = "Mourad Debbabi and Mohamed Saleh and Chamseddine Talhi and Sami Zhioua",

year = "2005",

month = dec,

day = "1",

doi = "10.1109/DEXA.2005.172",

language = "English",

isbn = "0769524249",

series = "Proceedings - International Workshop on Database and Expert Systems Applications, DEXA",

pages = "231--235",

booktitle = "Proceedings - Sixteenth International Workshop on Database and Expert Systems Applications, DEXA 2005",

note = "16th International Workshop on Database and Expert Systems Applications, DEXA 2005 ; Conference date: 22-08-2005 Through 26-08-2005",

}

Debbabi, M, Saleh, M, Talhi, C & Zhioua, S 2005, Security analysis of mobile java. in Proceedings - Sixteenth International Workshop on Database and Expert Systems Applications, DEXA 2005., 1508278, Proceedings - International Workshop on Database and Expert Systems Applications, DEXA, vol. 2006, pp. 231-235, 16th International Workshop on Database and Expert Systems Applications, DEXA 2005, Copenhagen, Denmark, 22/08/05. https://doi.org/10.1109/DEXA.2005.172

Security analysis of mobile java. / Debbabi, Mourad; Saleh, Mohamed; Talhi, Chamseddine et al.
Proceedings - Sixteenth International Workshop on Database and Expert Systems Applications, DEXA 2005. 2005. p. 231-235 1508278 (Proceedings - International Workshop on Database and Expert Systems Applications, DEXA; Vol. 2006).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Security analysis of mobile java

AU - Debbabi, Mourad

AU - Saleh, Mohamed

AU - Talhi, Chamseddine

AU - Zhioua, Sami

PY - 2005/12/1

Y1 - 2005/12/1

N2 - Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: First, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: Virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform.

AB - Java 2 Micro-Edition Connected Limited Device Configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: First, we study the security architecture of J2ME CLDC, then we provide a vulnerability analysis of this Java platform. The analyzed components are: Virtual machine, CLDC API and MIDP (Mobile Information Device Profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely-deployed implementations of this platform.

U2 - 10.1109/DEXA.2005.172

DO - 10.1109/DEXA.2005.172

M3 - Conference contribution

AN - SCOPUS:33749048456

SN - 0769524249

SN - 9780769524245

T3 - Proceedings - International Workshop on Database and Expert Systems Applications, DEXA

SP - 231

EP - 235

BT - Proceedings - Sixteenth International Workshop on Database and Expert Systems Applications, DEXA 2005

T2 - 16th International Workshop on Database and Expert Systems Applications, DEXA 2005

Y2 - 22 August 2005 through 26 August 2005

ER -

Security analysis of mobile java

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this