摘要
J2ME平台是一种应用于资源受限的消费类电子设备的Java运行时环境,应用广泛;然而,深受众多移动终端支持的MIDP1.0缺乏足够的安全机制,使得这些设备上的信息安全受到威胁和攻击,这种状况有望在MIDP2.0中得到改善。首先简要介绍了J2ME和MIDP的概念,讨论了移动环境下支持MIDP1.0的设备受到的安全威胁和攻击,阐述了MIDP2.0规范中新增的安全机制和特征——主要表现在增加了安全的网络协议(如SSL)和采用了对MIDlet应用程序签名的策略等,分析了这些增强的安全机制如何防止和抵御对敏感信息的威胁和攻击,从而得出结论,MIDP2.0虽然仍然存在威胁和攻击,但在安全性方面比MIDP1.0有了很大的提高。
J2ME is a micro Java runtime environment for resource-constrained devices. There are already many mobile devices that support MIDP 1.0 in J2ME. Many security threats exist in MIDP1.0 since the specification has only little security issues. It's supposed that the next version of MIDP will improve the security for the business information and personal privacy. The briefintroductions of the J2ME and MIDP are given at first, the security threats and attacks in the J2ME environment are explained as following, then the new security mechanisms and features in MIDP2.0 are expounded and against presented threats are analyzed, finally the conclusion is drawn that MIDP2.0 improves the mobile information security.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第14期2511-2515,共5页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2001AA113400)
