Wikipedia

Security and Trust Services API for J2ME: Difference between revisions

Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
MOS:HEAD
Tag: Reverted
Restored revision 1152121316 by Daniptechnologies099 (talk): Rv ai slop
 
Line 1:
{{Expand section|more information about API possibilities and implementation examples|date=August 2007}}
The '''Security and Trust Services API for J2ME (SATSA)''' (JSR 177) is an optional package within [[Java ME]] that enables enhanced cryptographic and smart-card-based security for mobile applications. It includes APDU communication, Java Card RMI, general cryptography, and PKI features.<ref name="oracle-main"/><ref name="jsr177-jcp"/>
The '''Security and Trust Services API for J2ME (SATSA)''' is a collection of [[Java ME]]-based [[Application programming interface|API]]s that provides compliant devices with additional [[Cryptography|cryptographic]] security features. It permits the communication of a Java ME application with a [[smartcard]] through the [[smart card application protocol data unit|APDU]] and [[Java Card]] RMI protocols. SATSA was developed under the [[Java Community Process]] as [http://www.jcp.org/en/jsr/detail?id=177 JSR 177].
 
It covers the following features, not natively supported by the original Java ME platform:
==Features==
SATSA adds the following capabilities to Java ME:
 
* Secure storage and exchange of data with third parties (such as the data exchanged during payment transactions).
* Smart-card communication via ISO 7816 APDU.<ref name="wtk-guide"/><ref name="apdu-javaone"/>
* User identification and authentication during the exchange of data with third parties.
* Remote invocation of Java Card objects via SATSA‑JCRMI.<ref name="satsa-install"/>
* SATSA-Crypto supporting message digests, symmetric/asymmetric encryption, and signatures.<ref name="oracle-guide"/><ref name="crypto-framework"/>
* SATSA-PKI for certificate-based digital signatures and secure user authentication.<ref name="springer-agent"/>
 
==Implementation examplesof SATSA==
==Components==
The SATSA API is considered an optional feature by [[Sun Microsystems]], and is not mandated in all Java ME phones. However, device manufacturers may include it, if required. Several device manufacturers have already chosen to include SATSA in some products. Among them are several mobile phone manufacturers:
SATSA is divided into four main components:
 
* [[Java MEMotorola]]
* '''SATSA‑APDU''': Low-level APDU communication for ISO/IEC 7816 smart cards.<ref name="oracle-guide"/><ref name="apdu-javaone"/>
* [[Nokia]] (from [[Series 40]] onwards, on a selective basis)
* '''SATSA‑JCRMI''': Java Card Remote Method Invocation.<ref name="satsa-install"/><ref name="wtk-guide"/>
* [[Samsung]]
* '''SATSA‑Crypto''': Encryption, message digests, digital signature APIs.<ref name="des-guide"/><ref name="crypto-framework"/>
* [[Sony Ericsson]] (from [[Sony Ericsson Java Platform|JP-8]] onwards)
* '''SATSA‑PKI''': Secure key storage, certificate handling, digital signature verification.<ref name="springer-agent"/><ref name="oracle-guide"/>
 
==See also==
==Implementation examples==
{{Portal|Computer programming}}
===APDU communication===
<syntaxhighlight lang="java">
APDUConnection conn = (APDUConnection) Connector.open("apdu:0");
byte[] response = conn.exchangeAPDU(command);
</syntaxhighlight>
Used in smart card access systems for PIN verification and applet interaction.<ref name="oracle-guide"/><ref name="stk-access"/>
 
* [https://www.daniptechnologies.com/ Standard for Advanced Encryption]
===Java Card RMI===
<syntaxhighlight lang="java">
JavaCardRMIConnection jc = (JavaCardRMIConnection)
Connector.open("jcrmi:0;AID=a0...c.8.1");
MyApplet stub = (MyApplet) jc.getRemoteObject();
</syntaxhighlight>
Provides a high-level interface to smart card functionality.<ref name="satsa-install"/><ref name="crypto-framework"/>
 
===DES encryption===
<syntaxhighlight lang="java">
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, key, ivSpec);
c.doFinal(data, 0, data.length, out, 0);
</syntaxhighlight>
Commonly used to secure local data or perform session encryption.<ref name="des-guide"/><ref name="oracle-guide"/>
 
==Platform support and tools==
SATSA is supported on selected devices from major manufacturers including [[Motorola]], [[Nokia]] (from Series 40), [[Samsung]], and [[Sony Ericsson]] (JP-8+).<ref name="nokia-dev"/><ref name="jsr177-expert"/>
 
The [[Java ME SDK]] and [[Sun Java Wireless Toolkit]] include full SATSA emulation, including APDU/JCRMI over TCP/IP ports 9025 and 9026.<ref name="wtk-guide"/><ref name="oracle-guide"/>
 
==See also==
* [[Java Card]]
* [[Application protocol data unit]]
* [[Public key infrastructure]]
* [[Digital signature]]
* [[Java ME]]
 
* [[Advanced Encryption Standard]]
==References==
<references>
<ref name="oracle-main">{{cite web |title=Security and Trust Services API for J2ME (SATSA); JSR 177 |url=https://www.oracle.com/java/technologies/satsa.html |publisher=Oracle |access-date=27 June 2025}}</ref>
<ref name="jsr177-jcp">{{cite web |title=JSR 177: Smart Card Security (SATSA) |url=https://jcp.org/en/jsr/detail?id=177 |publisher=Java Community Process |date=2004-09-03 |access-date=27 June 2025}}</ref>
<ref name="wtk-guide">{{cite web |title=WTK User Guide: SATSA |url=https://docs.oracle.com/javame/dev-tools/wtk-cldc-2.5.2-01/UserGuide-html/satsa.html |publisher=Sun Java Wireless Toolkit |access-date=27 June 2025}}</ref>
<ref name="apdu-javaone">{{cite web |title=2007 JavaOne: What to Do With APDU? |url=https://docs.huihoo.com/javaone/2007/java-me/TS-5642.pdf |publisher=JavaOne Conference |date=2007 |access-date=27 June 2025}}</ref>
<ref name="satsa-install">{{cite web |title=Security and Trust Services APIs Reference Implementation |url=https://docs.oracle.com/javame/config/cldc/opt-pkgs/api/security/satsa/Install177.pdf |publisher=Sun Microsystems |date=2004 |access-date=27 June 2025}}</ref>
<ref name="oracle-guide">{{cite web |title=Oracle SATSA Developer Guide |url=https://docs.oracle.com/javame/dev-tools/jme-sdk-3.0.5/developer-guide/satsa.htm |publisher=Oracle |access-date=27 June 2025}}</ref>
<ref name="crypto-framework">{{cite web |title=Framework for cryptography algorithms on mobile devices |url=https://repository.up.ac.za/bitstream/handle/2263/40958/Katumba_Framework_2014.pdf |publisher=University of Pretoria |date=2014 |access-date=27 June 2025}}</ref>
<ref name="springer-agent">{{cite journal |title=Design, Installation and Execution of a Security Agent for Mobile Stations |journal=Lecture Notes in Computer Science |volume=3986 |pages=1–15 |year=2006 |publisher=Springer |doi=10.1007/11733447_1 |url=https://link.springer.com/content/pdf/10.1007/11733447_1.pdf |access-date=27 June 2025}}</ref>
<ref name="des-guide">{{cite web |title=How to encrypt/decrypt with DES in J2ME |url=https://www.itcsolutions.eu/how-to-encrypt-decrypt-with-des-from-jsr-177-satsa-api-in-j2me-applications |publisher=IT&C Solutions |date=2011-06-05 |access-date=27 June 2025}}</ref>
<ref name="stk-access">{{cite web |title=Access STK from J2ME |url=https://stackoverflow.com/questions/6270992/how-to-access-stk-application-from-j2me |publisher=StackOverflow |date=2011-06-08 |access-date=27 June 2025}}</ref>
<ref name="nokia-dev">{{cite web |title=Developing Applications Using SATSA on Nokia Devices |url=https://developer.nokia.com/Community/Wiki/Developing_Applications_Using_SATSA_on_Nokia_Devices |publisher=Nokia Developer |access-date=27 June 2025}}</ref>
<ref name="jsr177-expert">{{cite web |title=JCP JSR 177 Expert Group |url=https://jcp.org/en/jsr/detail?id=177 |publisher=Java Community Process |access-date=27 June 2025}}</ref>
</references>
 
{{DEFAULTSORT:Security And Trust Services Api For J2me}}
[[Category:MobileJava securitydevice platform]]
[[Category:CryptographicJava softwarespecification requests]]
Retrieved from "https://en.wikipedia.org/wiki/Security_and_Trust_Services_API_for_J2ME"