Securing J2ME Mobile Application API Using XACML

Document Type

Conference Proceeding


International Association for the Scientific Knowledge


Computing, Health and Science


Computer and Information Science




This article was originally published as: Kasinath, G. , & Armstrong, L.J. (2007). Securing J2ME mobile application API using XACML. Proceedings of IASK International Conference-E-Activity and Leading Technologies. (pp. 450-458). Porto, Portugal. International Association for the Scientific Knowledge.


Following Moore's law, the numbers of mobile phones and their capabifities have increased exponentially in recent years. The platform of choice for running applications on resource constrained devices such as mobile phones, today, is the Java 2 Micro Edition (J2ME) with Connected Limited Device Configuration (CLDC). This popularity exposes the security risks. These risks include the loss of data, money and privacy. Means of securing mobile phones and communication have been weI! researched and models have been proposed, based on their success on desktop computers. However, little has been done to explore and correct inherent flaws and possible vulnerabilities in application code developed for the J2ME platform. The intent of this paper is to focus on prQviding secure mobile applications by detecting and preventing flaws in mobile application code. The paper proposes an Extensible Access Control Markup Language (XACML) based framework for preventing application program flaws from being propagated to the mobile phones.

This document is currently not available here.