Skip to Main Content
The current Java Application Environment for mobile terminals provides a very restricted security mechanism which is known as "the sandbox model." Although 3rd Generation Partnership Project defines access control and permission framework of a Java program in the terminal as the security domain, the specification has problems such that implementation in the terminal becomes difficult because it requires content authentication for determining the domain. In order to solve the problems and increase flexibility of mobile software services, we propose an efficient and flexible access control framework for the Java program in the mobile terminal. This framework relates a security domain to a server and utilizes the server authentication in SSL in order to determine the domain which the program belong to. As a result, downloading the program and determining the domain becomes efficient. This framework is able to apply other information appliances.
Date of Conference: 2002