Beruflich Dokumente
Kultur Dokumente
This document presents the security features of the o Verifying: Rules of operation should be set and verified.
Java Platform. It will describe the general concept of security, o Well-behaving: Programs should be prevented from
the resources and JSRs available, extensions and some specific consuming too many system resources.
security features of the J2ME platform.
o C2 or B1 certified: Programs should have certification
from the U.S. government that certain security procedures
1.1 The Java Platform are included
Java 1.0
Java 1.1
2.2 Anatomy of a Java Application There are two types of class loaders: a “primordial”
class loader and class loader objects. The first one (and there is
only one) is part of the JVM implementation. It loads trusted
Java applications (applets, local, etc) pass through specific steps classes, including the ones from the Java APIs, normally located
before running in the JVM of the system. The figure below on the local disk. The latter one loads classes in custom ways,
demonstrates the features that play a role in the development of which can be installed by the Java application at runtime. For
the Sandbox. example, classes can be downloaded through a network and
loaded into the JVM. The classes loaded by the class loader
objects are considered suspicious in the eyes of the primordial
class loader. These objects are written in Java, compiled into
classes, loaded into the virtual machine and instantiated just like
any other object, contrasting with the first class loader (the
primordial one) which is a part of the JVM implementation.
o Cipher Streams: JCE presents the concept of secure Following below an example of JCE using Blowfish:
streams, combined with InputStream or OutputStream with
a Cipher object. They basically encrypt or decrypts the data /*
* Copyright 1997-2001 by Sun Microsystems, Inc.,
passing through. * 901 San Antonio Road, Palo Alto, California, 94303, U.S.A.
* All rights reserved.
o Key Generator: used to generate secret keys for symmetric *
* This software is the confidential and proprietary information
algorithms. * of Sun Microsystems, Inc. ("Confidential Information"). You
* shall not disclose such Confidential Information and shall use
o Secret Key Factory: represents a factory for secret keys. It * it only in accordance with the terms of the license agreement
* you entered into with Sun.
is used to convert keys of type java.security.Key into key */
...
1 The user must be authenticated, as described in the This standard provides confidentiality for the
LoginContext section. associated parties, message integrity and authentication. It is
2 The Subject that is the result of authentication must be supported by JAAS.
associated with an access control context, as described in
the Subject section.
3 Principal-based entries must be configured in the security
policy, as described below in the core classes section.
public HTTPMIDlet() {
mMainScreen = new Form("HTTPMIDlet");
mMainScreen.append(
"Press OK to create an HTTP connection.");
Command exitCommand =
new Command("Exit", Command.EXIT, 0);
Command okCommand =
new Command("OK", Command.OK, 0);
mMainScreen.addCommand(exitCommand);
mMainScreen.addCommand(okCommand);
mMainScreen.setCommandListener(this);
}
mDisplay.setCurrent(mMainScreen);
}
// Runnable method
try {
// Now make a connection to the server.
hc = (HttpConnection)Connector.open(url);
All Java security mechanisms, and particularly the
sandbox concept, implicitly require a MIDlet verifier as a
// Retrieve the response.
in = hc.openInputStream(); foundation very similar to the concept seen in J2SE (presented
int length = 256;
in section 2 of this article), however simplified. Without this
byte[] raw = new byte[length]; verification no security policy can be enforced. The code below
int readLength = in.read(raw);
demonstrates how MIDlet permissions can be defined in the
String message = new String(raw, 0, readLength);
resultsForm.append(message);
application descriptor (JAD file).
}
catch (Exception e) {
resultsForm.append( MIDlet-Permissions: javax.microedition.io.Connector.http
new StringItem("Exception: ", e.toString())); MIDlet-Permissions-opt: javax.microedition.io.Connector.socket
}
finally {
if (in != null) {
try { in.close(); }
catch (IOException ioe) {} 4.1.2 Security Domains
}
if (hc != null) {
try { hc.close(); }
catch (IOException ioe) {}
Downloaded code can be pretty dangerous, especially
} when you don' t know the origin and the owner. Even though
}
mDisplay.setCurrent(resultsForm); MIDlets, running on a virtual machine, are intrinsically a lot
}
}
safer than binary code, there are still some risks, for example:
o Processing Speed: mobile devices must be responsive to There are also APIs developed by MIDP device
the user. However they have slow CPUs and Java itself is vendors, such as Motorola, that provide device-specific
not as fast as desired. When there is a demand for cryptographic extensions. They take the advantage of using
cryptographic tasks, specifically public key algorithms, for native cryptography libraries and special features in hardware.
J2ME devices is a great challenge. For this reason, they tend to have good device performance. The
o Small footprint: there is a great demand for cryptographic only problem is the portability of applications to other devices,
packages that are compatible to the J2ME memory causing J2ME fragmentation and the loss of one of Java’s
greatest advantages. One way to avoid such fragmentation and
still take advantage of native performance is to develop standard
J2ME cryptography API specifications and allow device
vendors to plug in their own implementations. The JSR 177
provides J2ME applications with APIs for security and trust
services. This will be discussed in better detail in the next
section.
o APDU – Application Protocol Data Unit 4.2.2 JCRMI – JavaCard Remote Method
o JCRMI – JavaCard Remote Method Invocation Protocol Invocation Protocol
o Crypto – Cryptography Package
o PKI – Public Key Infrastructure This package enables the communication between MIDP
devices and a smart card using the JCRMI protocol. It is an
4.2.1 APDU – Application Protocol Data Unit alternative method for the communication with smartcard
applications with support to distributed objects framework. It
This standard enables MIDP applications to communicate with a contains a subset of J2SE RMI. It comprises three
smart card using a protocol based on Application Protocol Data classes/Interfaces as shown in the figure below.
Units (APDUs). This protocol is defined by ISO 7816-4. An
APDU is a short message represented by bytes. SATSA-APDU
enables your application to exchange APDU messages with a
card application. SATSA APDU has been implemented as an
extension of the Generic Connection Framework.
The source code below shows the exchange of APDU messages 4.2.3 Crypto – Cryptography Package
between a MIDlet and a JavaCard:
This is a generic cryptography API that provides features such
byte[] apdu = {
as message digests, digital signatures, and ciphers for smart
(byte)0x00, (byte)0x20, (byte)0x00, (byte)0x82, (byte)0x04, cards. It is a subset of the J2SE JCE (see section 3.1). It
(byte)0x01, (byte)0x02, (byte)0x03, (byte)0x04, (byte)0x00
}; encapsulates cryptographic ciphers in the javax.crypto.Cipher
byte[] response = purseConnection.exchangeAPDU(apdu);
class. The example below demonstrates the usage of the class
Cypher.
As it can be seen in the above picture, many of the • Cipher: Encryption and decryption are done using a cipher.
security APIs and extensions are important to the J2EE Platform A cipher is an object capable of carrying out encryption and
services. It can be said that J2EE takes full advantage of these decryption according to an encryption scheme (algorithm).
APIs to guarantee security in its operations. It takes regular data, the plaintext, and converts it into an
unreadable form, called ciphertext. This process is
encryption. The cipher can also decrypt ciphertext to restore
the original plaintext, regarded as decryption.
• Key Agreement: Key agreement is a protocol by which 2
or more parties can establish the same cryptographic keys,
without having to exchange any secret information.
• Message Authentication Code: A Message Authentication
Code (MAC) provides a way to check the integrity of
information transmitted over or stored in an unreliable
medium, based on a secret key. Typically, message
authentication codes are used between two parties that share
a secret key in order to validate information transmitted
between these parties. A MAC mechanism that is based on
cryptographic hash functions is referred to as HMAC.
Figure 27: Security in the JRE HMAC can be used with any cryptographic hash function,
e.g., MD5 or SHA-1, in combination with a secret shared
For the Java Runtime Environment, some services
key. HMAC is specified in RFC 2104.
utilize the security APIs available in the platform to enforce its
security model and guarantee a safe environment for the Java • Message Digest: The representation of text in the form of a
code. single string of digits, created using a formula called a one-
way hash function. Encrypting a message digest with a
As new application domains come to surface in the private key creates a digital signature, which is an electronic
Java Platform, new security requirements will eventually be means of authentication.
added into the APIs in order to fulfill their demands. Existing
domains may also request more security features, as trustability • One-Way Hash Function: An algorithm that turns
becomes crucial for certain types of applications. messages or text into a fixed string of digits, usually for
security or data management purposes. The "one way"
means that it's nearly impossible to derive the original text
Glossary from the string. A one-way hash function is used to create
digital signatures, which in turn identify and authenticate
• Authentication: the process of confirming the identity of a
the sender and message of a digitally distributed message.
party with whom one is communicating.
• Public Key Encryption: A cryptographic system that uses
• Certificate: a digitally signed statement vouching for the
two keys -- a public key known to everyone and a private or
identity and public key of an entity (person, company, etc.).
secret key known only to the recipient of the message.
Certificates can either be self-signed or issued by a
When John wants to send a secure message to Jane, he uses
Certification Authority (CA). Certification Authorities are
Jane's public key to encrypt the message. Jane then uses her
entities that are trusted to issue valid certificates for other
private key to decrypt it. An important element to the
entities.
public key system is that the public and private keys are
• Digital Signature: the digital equivalent of a handwritten related in such a way that only the public key can be used to
signature. It is used to ensure that data transmitted over a encrypt messages and only the corresponding private key
network was sent by whoever claims to have sent it and that can be used to decrypt them. Moreover, it is virtually
the data has not been modified in transit. For example, an impossible to deduce the private key if you know the public
RSA-based digital signature is calculated by first computing key. Public-key systems, such as Pretty Good Privacy
(PGP), are becoming popular for transmitting information
via the Internet. They are extremely secure and relatively into the smart card. The smart card then displays a new
simple to use. The only difficulty with public-key systems code (the response) that the user can present to log in.
is that you need to know the recipient' s public key to
encrypt a message for him or her. What' s needed, therefore, • Public Key Certificate: A public key certificate can be
is a global registry of public keys, which is one of the thought of as the digital equivalent of a passport. It is issued
promises of the new LDAP technology. Public key by a trusted organization and provides identification for the
cryptography was invented in 1976 by Whitfield Diffie and bearer. A trusted organization that issues public key
Martin Hellman. For this reason, it is sometime called certificates is known as a certificate authority (CA). The CA
Diffie-Hellman encryption. It is also called asymmetric can be likened to a notary public. To obtain a certificate
encryption because it uses two keys instead of one key from a CA, one must provide proof of identity. Once the
(symmetric encryption). CA is confident that the applicant represents the
organization it says it represents, the CA signs the
• Private Key Encryption: A type of encryption where the certificate attesting to the validity of the information
same key is used to encrypt and decrypt the message. This contained within the certificate.
differs from asymmetric (or public-key) encryption, which
uses one key to encrypt a message and another to decrypt • Tampering: a breach of communication security in which
the message. information in transit is changed or replaced and then sent
on to the recipient.
• LDAP: Short for Lightweight Directory Access Protocol, a
set of protocols for accessing information directories.
LDAP is based on the standards contained within the X.500
References
standard, but is significantly simpler. And unlike X.500,
LDAP supports TCP/IP, which is necessary for any type of [1] Java Security, Second Edition, Scott Oaks, May 2001
Internet access. Because it' s a simpler version of X.500, [2] Java Cryptography Extension Reference Guide, Sun Microsystems
LDAP is sometimes called X.500-lite. Although not yet http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.h
widely implemented, LDAP should eventually make it tml
possible for almost any application running on virtually any
[3] Java Secure Sockets Extension Reference Guide, Sun Microsystems
computer platform to obtain directory information, such as http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide
email addresses and public keys. Because LDAP is an open .html
protocol, applications need not worry about the type of
server hosting the directory. [4] Java Authentication and Authorization Service Reference Guide, Sun
Microsystems
• X.509: A widely used standard for defining digital http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASRefGuid
e.html
certificates. X.509 is actually an ITU Recommendation,
which means that it has not yet been officially defined or [5] SATSA Developer’s Guide and Reference Implementation 1.0, Sun
approved for standardized usage. As a result, companies Microsystems
have implemented the standard in different ways. For http://java.sun.com/j2me/docs/satsa-dg/
example, both Netscape and Microsoft use X.509 [6] Secure Your Sockets with JSSE, Jamie Jaworski, March 2001,
certificates to implement SSL in their Web servers and OnJava
browsers. But an X.509 Certificate generated by Netscape http://www.onjava.com/lpt/a/811
may not be readable by Microsoft products, and vice versa.
[7] MIDP Application Security 1: Design Concerns and Cryptography,
• Kerberos: An authentication system developed at the Jonathan Knudsen
September 2002,
Massachusetts Institute of Technology (MIT). Kerberos is http://developers.sun.com/techtopics/mobility/midp/articles/security1
designed to enable two parties to exchange private
information across an otherwise open network. It works by [8] JSR 219 – Foundation Profile 1.1
assigning a unique key, called a ticket, to each user that logs http://www.jcp.org/en/jsr/detail?id=219
on to the network. The ticket is then embedded in messages [9] JSR 177 – Security and Trust Services API for J2ME
to identify the sender of the message. http://www.jcp.org/en/jsr/detail?id=177
• RFC: The name of the result and the process for creating a [10] JSR 28 – Java SASL Specification
standard on the Internet. New standards are proposed and http://www.jcp.org/en/jsr/detail?id=28
published on line, as a Request For Comments. The Internet
[11] JSR 72 – Generic Security Services API
Engineering Task Force is a consensus-building body that http://www.jcp.org/en/jsr/detail?id=72
facilitates discussion, and eventually a new standard is
established, but the reference number/name for the standard [12] The Java Virtual Machine Specification, Second Edition
retains the acronym RFC, e.g. the official standard for e- http://java.sun.com/docs/books/vmspec/2nd-
edition/html/VMSpecTOC.doc.html
mail is RFC 822.
• Challenge-response Protocol: A challenge-response
protocol is a common authentication technique whereby an
individual is prompted (the challenge) to provide some
private information (the response). Most security systems
that rely on smart cards are based on challenge-response. A
user is given a code (the challenge) which he or she enters