Java News from Wednesday, May 5, 2004

Sun has posted the proposed final draft specification of Java Specification Request (JSR) 177, Security and Trust Services API (SATSA) for J2ME to the Java Community Process (JCP). According to the draft spec,

The purpose of this JSR is to specify a collection of APIs that provides security and trust services by integrating a Security Element (SE). A SE, a component in a J2ME device, provides the following benefits:

A SE can be in a variety of forms. Smart cards are commonly used to implement a SE. They are widely deployed in wireless phones, such as SIM cards in GSM phones, UICC cards in 3G phones, and RUIM cards in CDMA phones. For example, in GSM networks, the network operator enters the network authentication data on the smart card, as well as the subscriber's personal information, such as the address book. When the subscriber inserts the smart card into a mobile handset, the handset is enabled to work on the operator’s network. In addition to a smart card-based implementation, a SE can also be implemented by a handset itself. Such implementation may utilize, for example, embedded chips or special security features of the hardware. Alternatively, a SE may be entirely implemented in software. This specification does not exclude any of the possible implementations of a SE even though some of the packages are optimized for smart card implementation.