Securing J2ME Mobile Application API Using XACML
International Association for the Scientific Knowledge
Computing, Health and Science
Computer and Information Science
Following Moore's law, the numbers of mobile phones and their capabifities have increased exponentially in recent years. The platform of choice for running applications on resource constrained devices such as mobile phones, today, is the Java 2 Micro Edition (J2ME) with Connected Limited Device Configuration (CLDC). This popularity exposes the security risks. These risks include the loss of data, money and privacy. Means of securing mobile phones and communication have been weI! researched and models have been proposed, based on their success on desktop computers. However, little has been done to explore and correct inherent flaws and possible vulnerabilities in application code developed for the J2ME platform. The intent of this paper is to focus on prQviding secure mobile applications by detecting and preventing flaws in mobile application code. The paper proposes an Extensible Access Control Markup Language (XACML) based framework for preventing application program flaws from being propagated to the mobile phones.