Mobile Java Security
Dependability for Java Mobile Code - Pierre Parrend
The recent increase of connected handheld devices, through which the users access to the Internet and communicate with others, introduces a major programming model shift: applications are not only provided in a classical client-server fashion, but can also be loaded as mobile code on the end device. Consequently, new security threats arise: Malicious code can be hidden in the loaded code, and executed inside the device. A new approach to security is thus necessary: Dependability must be guaranteed, i.e. both usual security properties (Authentication, Integrity, Confidentiality) and robustness, so as to explicitly prevent DoS attacks.
The state of the art of security for Java Mobile Code (MIDP and OSGi) is presented, as well as our research work on dependability in the context of the OSGi Platform.
This presentation is the support for a talk that has been given for the OWASP Group Swiss, the 24th of July, 2007.