Java News from Tuesday, November 11, 2003

Sun has posted the public review draft specification of Java Specification Request (JSR) 177, Security and Trust Services API (SATSA) for J2ME to the Java Community Process (JCP). According to the draft spec,

The Security and Trust Services API specification defines optional packages1 for the JavaTM 2 Platform, Micro Edition (J2METM). The specification has been produced in response to Java Specification Request 177 (JSR-177). The purpose of this JSR is to specify a collection of API that provides security and trust services by integrating a Security Element (SE). A SE, a component in a J2ME device, provides the following benefits:

A SE can be in a variety of forms. Smart cards are commonly used to implement a SE. They are widely deployed in wireless phones, such as SIM cards in GSM phones, UICC cards in 3G phones, and RUIM cards in CDMA phones. For example, in GSM networks, the network operator enters the network authentication data on the smart card, as well as the subscriber's personal information, such as the address book. When the subscriber inserts the smart card into a mobile handset, the handset is enabled to work on the operator’s network. In addition to a smart card-based implementation, a SE can also be implemented by a handset itself. Such implementation may utilize, for example, embedded chips or special security features of the hardware. Alternatively, a SE may be entirely implemented in software. This specification does not exclude any of the possible implementations of a SE even through some of the packages are optimized for smart card implementation.

Comments are due by November 28.