12
JSR-177 Java ME
Security and Trust
Services API
12.1 Feature Description
This chapter describes the JSR-177 which defines optional packages for the Java ME
platform. The purpose of this JSR is to specify a collection of APIs that provides se-
curity and trust services by integrating a Security Element (SE). An SE, provides the
following:
•
Secure storage to protect sensitive data, such as the user's private
keys, public key (root) certificates, service credentials, personal
information, etc.
•
Cryptographic operations to support payment protocols, data integrity,
and data confidentiality.
•
A secure execution environment to deploy custom security features.
MIDlets would rely on these features to handle many value-added
services, such as user identification and authentication, banking,
payment, loyalty applications, and so on.
Smart cards (SIM/USIM/UICC/RUIM) are commonly used to implement an SE. For
example, on GSM networks, the network operator enters the network authentication
data on the SIM, as well as the subscriber's personal information, such as the ad-
dress book. When the subscriber inserts the SIM into a mobile handset, the handset
is enabled to work on the operator's network.
Java ME Developer Guide
Chapter 12 - JSR-177 Java ME Security and Trust Services API
[85/201]
DRAFT - Subject to Change