Wednesday, October 28, 2009

Security part 1 basic

 

 

misconception:

People often ask "Is it secure?" when they should ask "How secure is it?" In truth, a sufficient investment of money and time can break any system. There are more secure and less secure systems, but perfect security is unattainable.

 

The goal of secure system design is to make the cost of breaking the system exceed the value of the information being protected. The cost of breaking the system is measured in both money and personal risk.

 

An online application

Example Architecture
Example Architecture

problem that are to be solved

The application provides a subscription-based service creating account. login information user name and password should be protected client side as will as server side.

Users who have previously subscribed can request information or action from the service.                                                Proving identity is called authentication.

Requests from the device and responses from the server may contain sensitive information.                                           The system should provide confidentiality.

how the hacker think

radio receiver can intercept data traffic between a wireless device and a local cell tower.

packet sniffer can intercept data traffic at any point along the Internet path between the device and the server.  You should assume that the path from client to server is full of opportunities for eavesdroppers.

An attacker may break into the server or database, stealing information or subverting the server software.

physical security (bond style)

spoofing the server (setting up a machine to look and act like the server)

social engineering (asking users for passwords or credit card numbers under the guise of providing technical support)

lay man style stole the mobile.

solution

Cryptography:

branch of mathematics that has powerful implications for data security.

basic principle of cryptography:some math problems are computationally expensive,AND WE ARE GOING to use this to our advantage.

Cryptography is one tool in the belt of the security architect. It's a big tool, and an effective one, its only a part ,every system has a limitation if one thing fail the other thing fail.

Most cryptographic operations are based on fairly simple equations using very large numbers,

in java --these numbers are instances of java.math.BigInteger. BigIntegers are commonly represented as byte arrays. bigger then integer and float

in J2me--pure Java implementation is available with the Bouncy Castle Cryptography APIs

 

Ciphers and Keys

cipher

A cipher is an algorithm useful for keeping data confidential. It can translate between regular data, called plaintext, and an encrypted form of the data, called ciphertext.

the cipher is an equation that takes one number (the plaintext) and makes it into another number (the ciphertext).

keys

Most ciphers use keys to encrypt and decrypt data.Keys are just numbers that are used in the cipher's equation. Different keys produce different ciphertexts from the same plaintext.

“the catch”

Ciphers provide confidentiality for data because it's extremely hard for attackers to decrypt the ciphertext without the right key, even if they know the algorithm.

decrypting  the data that is gathered by the above hacking. it will be prohibitively difficult without the right key,but it is not impossible.

cipher type

There are two types of ciphers, symmetric and asymmetric. A symmetric cipher uses a single key for both encryption and decryption. Two people with the same key on opposite sides of the Internet can use a symmetric cipher to send encrypted messages to each other. Symmetric cipher keys are sometimes called secret keys or private keys. Despite their usefulness, symmetric ciphers can be tricky because both people using the cipher must have the same key. One person can generate the key, but it must be safely transmitted to the other person.

Asymmetric ciphers use a key pair, two keys that are related to each other. One is a public key, the other is a private key. Data encrypted using one key can be decrypted using the other key. The public key can be freely distributed without compromising security; the private key must be kept private. Imagine how paired keys might work in practice: Someone wanting to send you a secret message can encrypt it using your public key and send the ciphertext to you. Assuming you haven't let anyone steal your private key, you are the only person who can decrypt the ciphertext.

Asymmetric ciphers are useful for authentication, which means proving identity. Anyone sending you a message encrypted with your public key is sure that only you can decrypt the message, so long as you keep your private key hidden. You are effectively authenticated to the sender. Asymmetric ciphers work the other way around, too. If you encrypt a message with your private key, anyone decrypting it with your public key is assured that you originated the message, because only you possess your private key. Here you have authenticated yourself to the recipient. If the recipient uses your public key to decipher a message from anyone lacking your private key, the result is gibberish.

The math for asymmetric ciphers is more complicated than for symmetric ciphers, so symmetric ciphers usually run faster. Encrypting large messages using an asymmetric cipher usually takes too long. A hybrid approach is sometimes useful, where two systems use an asymmetric cipher to agree on a symmetric cipher key. They then use a symmetric cipher and this session key for the remainder of the interaction.

Common cipher algorithms are DES, Rijndael, Blowfish, and ElGamal. Keys are specific to cipher algorithms; if you are using a Rijndael cipher, you have to have a Rijndael key. Many algorithms can use keys of different lengths, commonly measured in bits. Longer keys are slower to use than shorter keys but the ciphertext they produce is harder to break.

key generator

Where Do Keys Come From?

Keys can be generated from random numbers. The public and private keys in a key pair are mathematically related to each other but can be generated randomly. "Random" is a dubious word in this context. Computers are surprisingly bad at finding random numbers. Most use a pseudo-random number generator (PRNG), which produces a repeatable sequence of bits. Use two PRNGs, initialized identically, and you'll get exactly the same sequence of numbers. What good is a supposedly random key if an attacker can use the same PRNG to determine its value? I won't cover this subject exhaustively, but be aware that java.util.Random won't meet your needs. See the java.security.SecureRandom documentation for more details.

 

 

Another way to generate keys is to use a key agreement protocol. This is a clever mathematical trick two parties can use to agree on a session key. Neither party needs prior knowledge of the other, and eavesdroppers who listen to the entire exchange will still be unable to determine the value of the session key.

The most common key agreement protocol is Diffie-Hellman. A key agreement protocol is used by SSL and TLS, as you'll see in the next article in this series.

Message Digests and Signatures

A message digest is used to create a "fingerprint" of a piece of data. It takes an arbitrarily large message or file and mashes it down into a short, "digested" version, called the message digest value. Change just one bit of the original message and the digest value will be entirely and unpredictably different. You can use message digests to assure data integrity. When you download a file from a server, you can compute its digest value and compare it to the value computed by the server. If the two are the same, you can be sure that the file has not been modified on its way to you.

Common message digest algorithms are SHA-1 and RipeMD.

You use your handwritten signature to guarantee the validity of checks, contracts, and other documents. Digital signatures perform the same function, more reliably, on electronic documents. Supply a message and a private key (the signing key) to a digital signature algorithm, and out pops a number that, in essence, is an encrypted message digest value. This signature is unique to your private key and the message itself.

Suppose you sign a file, then send the file and the signature to your friend. She can use your public key and the message itself to verify your signature. She uses your public key to decrypt your signature, which gives her the digest value you computed. For comparison, she then computes her own digest value for the message. If her value matches yours, she knows that she received the file exactly as you sent it. (This process is a good way to conceptualize the verification of a digital signature, but the steps may not be explicit in practice.) If an attacker intercepts the file and modifies it, the message digest values won't match. He can't simply create a new signature for the modified file because he doesn't have your private key.

Common signature algorithms are DSA and RSA.

The example application could use digital signatures to authenticate users to the server. Suppose the user's private key is stored on the device and the corresponding public key is stored on the server. The MIDlet can generate a signature of a message and send it to the server. Knowing the public key, the server can verify the signature and trust the user's identity. Note that anyone who steals the device is also stealing a private key. A runtime password challenge would make it harder for the thief to use the application.

Certificates and Key Management

All these discussions of ciphers and signatures neatly sidestep the ugly monster in cryptography's closet: key management. How do you find someone's public key? Where do you keep your private key? Suppose someone you don't know, Pablo, sends you a message with a signature. You need to get his public key to verify the signature. How do you get it? How do you know you've got Pablo's real public key and not a fake?

A cryptographic certificate offers one solution. A certificate is a container for a public key. It's an electronic document that says something like "Violet certifies that Pablo's public key has this value". The certificate would contain information about Violet, information about Pablo, and the value of Pablo's public key. The whole thing would be signed by Violet. The certificate allows for extension of trust. If you know Violet's public key, and if you think she's reliable and a good judge of character, and if you can verify the certificate signature, then you can be pretty sure that Pablo's public key has the value contained in the certificate.

You've really only shifted the problem, however. Fine, Violet's public key verifies Pablo's public key, but who verifies hers, and how do you get it? Where's the end of the chain? The answer is a self-signed certificate, a certificate asserting the value of a public key, signed using the corresponding private key. This kind of certificate is called a root certificate, and companies or institutions that use them to sign other certificates are called certificate authorities (CAs). CAs generate their own root certificates and distribute them as widely as possible. The problem with self-signed certificates is that anyone can generate one, claiming to be the U.S. Post Office or the King of Norway. Trust in root certificates is based on the fact that they are widely published, making them hard to spoof. If you have a root certificate in hand, you should be able to verify its validity by comparing its signature to the signature published on the CA's web site.

Certificates can be assembled in chains, a ladder of verification starting at the bottom and ending at a CA. For example, Pablo could send you a message and a certificate chain consisting of the following certificates:

  • Pablo's certificate, signed by Violet
  • Violet's certificate, signed by Henry
  • Henry's certificate, signed by the King of Norway

Assuming you're sure you have the King of Norway's genuine root certificate, you can verify the whole chain of certificates, assuring you that Pablo's public key is authentic.

Key management is a matter of keeping track of your private key (or keys), and of managing certificates from other people and companies, including root certificates you can use to verify certificate chains.

The de facto standard for certificates is X.509v3.

The example application could use certificates in several places. First, the server needs users to authenticate themselves, to verify they are paid subscribers entitled to request services. The client device can send a message, the user's signature of the message, and a certificate chain to the server, enabling the server to authenticate the user.

On the flip side, the client may well wish to authenticate the server to make sure it's not talking to an attacker instead. The server can cooperate by following a similar strategy, sending the client a signed message and its certificate chain. Another possibility: a client that already has the server's certificate embedded in the application can verify signed messages sent by the server immediately.

Summary

In this article, you learned how you can build security into the system to balance the value of its contents with the cost of breaking it. Cryptography is a powerful tool for security. It includes ciphers for encrypting and decrypting data, signatures for assuring data integrity, and certificates for authentication. In the next part of this series, you'll learn about the Secure Sockets Layer and Transport Layer Security protocols, and how they are implemented in MIDP.

Tuesday, October 27, 2009

j2me java card technology

 

 

Java Card Technology

Java Card technology complements the Java ME platform. It slims down the Java platform for use within the severe memory and processing constraints of smart cards, a very specialized environment not suitable for general-purpose programming. A typical Java Card device has an 8- or 16-bit CPU running at 1 to 5 MHz and memory on the order of 1.2 K of RAM and 32 K of nonvolatile memory, typically EEPROM or flash.

The Java Card platform consists of the Java Card Virtual Machine, the Java Card Framework, security and remote invocation APIs, and Extension APIs, as illustrated in Figure 8.

Figure 8: The Java Card Platform

The Java Card specification, in version 2.2.2 at this writing, includes a carefully chosen subset of the Java programming language. It does not support large primitive data types such as long, double, float, strings, dynamic class loading, multithreading, and other features characteristic of Java technology. Java Card technology comes in three parts:

  • The Java Card Virtual Machine specification defines a subset of the Java language and a VM for smart cards.
  • The Java Card Runtime Environment (Java Card RE) specification defines the runtime behavior for smart cards.
  • The Java Card API specification defines the core and extension Java packages and classes available on smart cards.

The Java Card Development Kit provides a reference implementation of the runtime environment and the VM, as well as other tools to help you develop applications based on Java Card technology, commonly called Java Card applets.

Table 8 summarizes the Java technology APIs available in the Java Card specification.

Table 8: Summary of Core Java Packages in the Java Card 2.2.2 Specification

Name

Description

java.lang

Subset of the Java SE core Java programming language for Java Card technology-based development

java.rmi

Base exception class and tagging interface for Java Card RMI functionality

java.io

Base IOException class to complete the RMI exception hierarchy

javacard.framework

Framework of classes and interfaces for the core functionality of a Java Card applet

javacard.framework.service<

Framework of classes and interfaces for a service-based Java Card applet

javacard.security

Classes and interfaces in the Java Card security framework

Extension APIs

javacardx.apdu

Extension API that enables support for ISO 7816 specification defined optional APDU-related mechanisms

javacardx.biometry

Extension API that contains functionality for implementing a biometric framework on the Java Card platform

javacardx.crypto

Extension API that contains functionality, which may be subject to export controls, for implementing a security and cryptography framework on the Java Card platform

javacardx.external

Extension API that provides mechanisms to access memory subsystems that are not directly addressable by the Java Card RE on the Java Card platform

javacardx.framework.math

Extension API that contains common utility functions for BCD math and parity computations

javacardx.framework.tlv

Extension API that contains functionality for managing storage for BER TLV formatted data, based on the ASN.1 BER encoding rules of ISO/IEC 8825-1:2002, as well as parsing and editing BER TLV formatted data in I/O buffers

javacardx.framework.util

Extension API that contains common utility functions for manipulating arrays of primitive components -- byte, short, or int

javacardx.framework.util.intx

Extension API that contains common utility functions for using int components

Java Card applets commonly include digital IDs and secure storage, and they are often found on subscriber identity module (SIM) cards that are inserted in cell phones to hold telephone and user account information.

Recently, Sun Microsystems introduced the concept of a protection profile, which defines a set of security requirements for the Java Card RE, the Java Card VM, the Java Card API Framework, and the on-card installer components. Its purpose is to help creators of Java Card technology-based products develop a secure Java Card platform and obtain high-level security certifications.

j2me profiles

 

Profiles

Configurations do not provide classes for managing the application life cycle, for driving the UI, for maintaining and updating persistent data locally in the device, or for accessing securely information that is stored on a network server. Instead, that type of functionality is provided by the profiles or by optional packages. A profile adds domain-specific classes to the core set of classes provided by the configuration, classes that are geared toward specific uses of devices and provide functionality missing from the underlying configuration.

At this writing, there are six profiles, three based on CLDC and three on CDC. The three standard CLDC-based profiles are the following:

  • Mobile Information Device Profile (MIDP), versions 1.0, 2.0, and the upcoming 3.0
  • Information Module Profile (IMP), versions 1.0 and 2.0
  • Digital Set Top Box Profile

Not all these profiles are restricted to mobile handsets, with the latter targeted to digital set-top boxes.

The three profiles based on CDC are the following:

  • Foundation Profile
  • Personal Basis Profile
  • Personal Profile

Figure 5 shows how profiles relate to their underlying configurations and to each other.

Figure 5: Java ME Profiles for CLDC and CDC

Multiple profiles can exist on top of the same configuration, as in the case of MIDP and IMP. They can also depend on or build on each other. For example, the Personal Profile extends the Personal Basis Profile, which in turn depends on the Foundation Profile. Expect more profiles to appear as Java ME technology evolves.

CLDC-Based Profiles
Of the profiles designed for CLDC, MIDP is the most prevalent. Although MIDP 2.0 has superseded MIDP 1.0 in capability, many devices still support only MIDP 1.0, so you should not ignore the older version. At the time of this writing, version 3.0 is being defined in the JCP program.

IMP promises to do for headless devices -- that is, those without display or UI facilities, such as vending machines, industrial devices, and security systems -- what MIDP has done for smart cell phones and low-end PDAs. There are two versions of IMP: Version 1.0 is based on MIDP 1.0, and the Next Generation (NG) version is based on MIDP 2.0.

Use of CLDC is not restricted to such devices, however. As Figure 6 illustrates, the Digital Set Top Box Profile (JSR 242) is a CLDC-based profile specifically defined for the cable market. Also referred to as OnRamp, this profile is based on a subset of the PersonalJava technology-based OpenCable Application Platform (OCAP), which defines a set of APIs for the development of applications for set-top boxes and similar devices.

Figure 6: Java ME Profiles for CLDC

OnRamp is quite large, with 31 Java packages and approximately 1500 APIs. But it is not as large as its superset, OCAP, which has approximately 8000 APIs. These include a subset from the Personal Basis Profile such as support for the Abstract Window Toolkit (AWT), Xlet, file access, and network APIs, as well as support for several media-related interfaces including Java TV, Java Media Framework (JMF), Digital Audio Visual Council (DAVIC), Home Audio/Video Interoperability (HAVI), Digital Video Broadcasting (DVB), and as previously mentioned, the OpenCable Application Platform (OCAP).

MIDP and IMP are so similar to each other that we'll review them together.

As the first Java ME profile, MIDP is the most mature and widely adopted, with millions of deployments all around the world, primarily on PDAs, cell phones, and other handheld communicators.

IMP's targets are devices with characteristics similar to those of MIDP devices but with little or no capabilities for UI: headless embedded devices in vending machines, industrial applications, and security systems. First defined by JSR 195, IMP borrows all of its functionality from MIDP, including application-management, storage, networking, security, and timer APIs. IMP 1.0 is a strict subset of MIDP 1.0, excluding the APIs for UI, specifically javax.microedition.lcdui. IMP applications are called IMlets, but for all intents and purposes, they are MIDP applications or MIDlets: They subclass MIDlet and have the same packaging, deployment, security features, and life cycle as MIDlets.

MIDP 1.0 was introduced in JSR 37 and is still in wide use. MIDP 2.0, defined by JSR 118, enhanced the profile's capabilities. To the original APIs for networking, UIs, local persistence, and MIDlet life cycle, MIDP 2.0 added new networking APIs to support TCP socket streams and UDP datagrams,as well as serial, push-initiated, and secure connections. Other additions include a robust security API and policy, as well as APIs for sound and gaming.

The MIDP 2.0 profile specification also includes an update of the Over-the-Air (OTA) User-Initiated Provisioning recommendation that was originally defined as an addendum to the MIDP 1.0 specification, which describes how users can discover and download applications over wireless networks. Even though the MIDP specification indicates the use of CLDC 1.0, nothing precludes use of CLDC 1.1 as the base for either version of MIDP.

At this writing, IMP is undergoing its first revision. JSR 228, also known as IMP-NG, is IMP's next generation. It will take advantage of MIDP 2.0's new security and networking types and APIs, and other APIs such as PushRegistry and platformRequest(), but like IMP 1.0, it will not include any of the UI, game, or media APIs. Table 3 summarizes the device requirements for MIDP and IMP.

Table 3: Device Requirements for CLDC-Based Profiles

Requirement

Profile

MIDP 1.0

MIDP 2.0

IMP 1.0

IMP-NG

Display

Screen size

96x54

Same as MIDP 1.0

N/A

Same as IMP 1.0

Depth

1 bit

Same as MIDP 1.0

N/A

Same as IMP 1.0

Aspect ratio

1:1

Same as MIDP 1.0

N/A

Same as IMP 1.0

Input

One or two-handed keyboard, or touch screen

Same as MIDP 1.0

N/A

Same as IMP 1.0

Memory

Nonvolatile, in addition to what CLDC requires

128 KB

256 KB

128 KB

128 KB

Nonvolatile memory for application-created persistent data

8 KB

8 KB

8 KB

8 KB

Volatile memory for the Java runtime

32 KB

128 KB

32 KB

128 KB

Networking

Two-way, wireless, possibly intermittent, with limited bandwidth

Same as MIDP 1.0

Same as MIDP

Same as MIDP

Power

Limited, typically battery-operated

Same as MIDP 1.0

Same as MIDP

Same as MIDP

Table 4 summarizes the packages available in both versions of MIDP and in IMP 1.0.

Table 4: Packages in the CLDC-Based Profiles

Name

Description

MIDP 1.0

MIDP 2.0

IMP 1.0

java.lang

MIDP subset of the core Java programming language

X

X

X

java.util

Small subset of utility classes

X

X

X

java.io

MIDP subset of system input and output through data streams

X

X

X

javax.microedition.io

Networking support using the Generic Connection Framework; includes new socket, UDP, serial, and secure connection types, as well as push functionality

X

X

X

javax.microedition.lcdui

MIDP classes for UI

X

X

javax.microedition.lcdui.game

Gaming classes such as sprites, game canvas, and layer manager

X

javax.microedition.media

Interfaces for controlling (Control) and rendering (Player) audio -- sound classes compatible with the Mobile Media API specification (JSR 135)

X

javax.microedition.media.control

Sound-control classes (ToneControl and VolumeControl) -- compatible with the Mobile Media API specification (JSR 135)

X

javax.microedition.midlet

Application interface, life-cycle classes, and interactions with the runtime environment and application manager

X

X

X

javax.microedition.pki

Public key class for certificates used to authenticate information for secure connections

X

X

javax.microedition.rms

Classes for storing and retrieving persistent data

X

X

X

For more information on the profiles based on CLDC, read the articles What's New in MIDP 2.0 and The Information Module Profile.

CDC-Based Profiles
A richer configuration than CLDC, CDC is aimed at higher-end handheld and embedded devices, those with more memory and more processing power, but the configuration and profile pattern are the same. CDC provides a generic, low-level interface to the device, and one or more CDC-based profiles provide classes whose capabilities are appropriate to particular categories of devices. You've already seen that the Foundation Profile, Personal Basis Profile, and Personal Profile build on each other, as illustrated in Figure 7.

Figure 7: Java ME Profiles for CDC

The Foundation Profile includes all the classes in CDC and adds more Java SE classes, security features, and other APIs. The Personal Basis Profile includes all of CDC and Foundation Profile, and then adds a minimum core set of UI classes, among other features. The Personal Profile incorporates all of CDC, Foundation Profile, and Personal Basis Profile, and it provides a more complete set of the Abstract Window Toolkit (AWT) API, including its heavyweight APIs and support for applets.

The Foundation Profile
The Foundation Profile is a base for building other CDC-based profiles. In addition to providing all of CDC's interfaces and classes, the Foundation Profile extends the configuration by adding security, utility, and locale classes.

Because the Foundation Profile does not provide any UI classes -- no AWT, no Swing -- it is the profile of choice for small devices that don't need a UI, such as headless, dedicated, connected, and embedded devices. Table 5 summarizes the Foundation Profile's Java packages.

Table 5: Packages in the Foundation Profile

Name

Description

All the packages in CDC

See Table 2

java.lang

The core Java programming language

java.lang.ref

Reference-object classes, which support a limited degree of interaction with the garbage collector

java.lang.reflect

Classes and interfaces for obtaining reflective information about classes and objects

java.math

Subset of classes for performing arbitrary-precision integer arithmetic

java.text

Classes and interfaces for handling text, dates, numbers, and messages in a manner independent of native languages

java.util

Set of generally useful classes such as collections, event model, date and time facilities, internationalization, and miscellaneous utility classes

java.util.jar

Classes for reading and writing the Java archive (JAR) file format, which is based on the standard ZIP file format, with an optional manifest file

java.util.zip

Classes for reading and writing the standard ZIP file format

java.io

Subset of system input and output APIs through data streams, serialization, and the file system

java.net

Classes for implementing networking applications; support for all CDC protocols (datagram: and JAR), as well as socket: and http:

java.security

Classes and interfaces for the security framework

java.security.acl

Access Control List support. Note: Some classes and interfaces in this package have been superseded by classes in java.security

java.security.cert

Classes and interfaces for parsing and managing certificates

java.security.interfaces

Interfaces for generating RSA PKCS#1 keys and DSA NIST's FIPS-186 keys

java.security.spec

Classes and interfaces for key and algorithm parameter specifications

javax.microedition.io

Network support based on the Generic Connection Framework; support for all CDC protocols (file: and datagram:), as well as socket: and http:

Version 1.0 of the Personal Basis Profile was defined in JSR 129. More recently, version 1.1 was introduced in JSR 217, which is still in progress.

Differences Between Foundation Profile 1.0 and 1.1
The two versions of Foundation Profile are very similar. Existing APIs are being cleaned up. Enhancements are mainly centered on support for J2SE 1.4, including support for the next generation of the Internet Protocol IPv6, and java.net.URI.

The Personal Basis Profile
The Personal Basis Profile builds on the Foundation Profile and is a subset of the Personal Profile. In addition to providing all CDC and Foundation Profile interfaces and classes, the Personal Basis Profile includes a lightweight subset of the AWT that supports graphics, images, and widgets on devices that require a simple UI, such as automotive devices, consumer devices, and simple appliances. This profile also supports JavaBeans programming and a new Xlet application model. Table 6 summarizes the Java packages in the Personal Basis Profile.

Table 6: Packages in the Personal Basis Profile

Name

Description

All the packages in CDC and Foundation Profile

See Table 2 and Table 5

java.awt

Subset of classes for creating simple UIs and for painting graphics and images

java.awt.color

Subset of classes for manipulating colors

java.awt.event

Subset of interfaces and classes for handling events fired by AWT components

java.awt.image

Subset of classes for creating and modifying images

java.beans

Subset of classes related to JavaBeans development

java.rmi

Subset of RMI classes to support inter-Xlet communication

java.rmi.registry

Subset of RMI classes to support inter-Xlet communication

javax.microedition.xlet

Defines new Xlet application model, life-cycle classes, and interactions with the application manager

javax.microedition.xlet.ixc

Defines classes for inter-Xlet communication

Version 1.0 of the Personal Basis Profile was defined in JSR 129. More recently, the Personal Basis Profile 1.1 was introduced in JSR 217, which is still in progress.

Differences Between Personal Basis Profile 1.0 and 1.1
Version 1.1 is very similar to the original version. Existing APIs are being cleaned up. Enhancements are mainly centered on J2SE 1.4 support, including changes related to graphics and UI.

The Personal Profile
The Personal Profile is the new embodiment of the PersonalJava application environment, now at the end of its product life. The Personal Profile is a superset of the Personal Basis Profile and provides all the Java packages in both CDC and the Foundation Profile. It then adds heavyweight AWT classes and applet support missing from the Personal Basis Profile.

The Personal Profile thus provides a more complete application environment and looks very similar to Java SE. It is aimed at devices that require advanced UI and secure network connectivity, such as high-end PDAs, set-top boxes, and other high-end appliances. Table 7 summarizes the Personal Profile Java packages.

Table 7: Packages in the Personal Profile

Name

Description

All packages in CDC, Foundation Profile, and Personal Basis Profile

See Table 2, Table 5, and Table 6

java.applet

Classes needed to create an applet, as well as classes that an applet uses to communicate with its applet context

java.awt

Adds the heavyweight AWT components: Component, Menu, Button, Choice, and so on

java.awt.datatransfer

Subset of interfaces and classes for transferring data between and within applications

Personal Profile 1.0 was defined in JSR 62. More recently, Personal Profile 1.1 was introduced in JSR 216, which is still in progress.

Differences Between Personal Basis Profile 1.0 and 1.1
Version 1.1 is very like version 1.0. Existing APIs are being cleaned up. Enhancements are mainly centered on J2SE 1.4 support, including changes related to graphics and UI.

For a handy comparison of APIs in CDC and its profiles to the corresponding Java SE interfaces, see the CDC API Comparison (PDF).

Optional Packages
Optional packages are very important components of the Java ME platform. You can look at them as profile extensions. They provide support in relatively narrow areas of functionality that some devices and applications need but others don't, such as messaging, multimedia, and location services.

With optional packages taking over such burdens, profiles can concentrate on supporting only those capabilities that most or all devices in a class need. Profiles can supply the runtime environment, while optional packages supply specific kinds of functionality, some of which were not even envisioned when the profiles were designed.

All Java ME optional packages are defined by the JCP, making them standard APIs. As the name implies, inclusion of these packages is optional. Some are mandatory, while others are conditionally mandatory as defined by the JCP. Still others are optional as defined by the handset manufacturers that may choose to include them in a particular product, or in extensible environments such as PDAs on which developers may elect to include them. For example, in a particular MIDP handset that has hardware support for Bluetooth, the Java APIs for Bluetooth (JSR 82) might be present.

The number of optional packages is increasing, with some for CLDC environments, some for CDC, and some for both. Some are already approved, and many new ones are in the definition phase. For this purpose, the MSA specification defines a common architecture and programming platform for wireless handsets. Two flavors of MSA are defined: the basic MSA that addresses CLDC-based platforms, and MSA-Advanced that addresses CDC-based platforms.

j2me Configurations

 

Configurations

A configuration, at the bottom of the Java ME organization stack shown in Figure 1, defines a basic lowest-common-denominator Java runtime environment. This includes the VM and a set of core classes derived primarily from the Java SE platform. Each configuration is geared for a broad family of constrained devices with some type of network connectivity.

As this article mentioned earlier, two configurations have been defined: the Connected Limited Device Configuration (CLDC) and the Connected Device Configuration (CDC). CLDC is a subset of CDC, as Figure 4 shows.

Figure 4: Relationship Between CLDC and CDC

CDC includes all the classes defined by CLDC, including any new ones not included in the Java SE platform, such as the Generic Connection Framework.

The Connected Limited Device Configuration (CDC)
A direct descendant of the Spotless System, CLDC is a minimal Java ME configuration for devices with stringent restrictions on computational power, battery life, memory, and network bandwidth. These limits directly affect the kinds of Java technology-based applications they can support.

CLDC does not require a lot of resources. It supports devices with 16-bit or 32-bit processors with at least 160 KB of persistent memory and at least 32 KB of volatile memory, for a total of 192 KB. Power consumption is low, and devices are typically battery-powered. Network connectivity may be over an intermittent, slow-speed connection. At the heart of this configuration is a Java virtual machine with some Java SE capabilities removed. For example, CLDC does not support class finalization or thread groups. For a list of all the restrictions, visit the CLDC product page.

CLDC defines a subset of the standard core Java language packages familiar to Java SE developers, and it adds classes tailored for constrained devices. In addition, CLDC has introduced the streamlined Generic Connection Framework package, javax.microedition.io, to support I/O in devices that lack the memory to use the larger java.net and java.io packages. This framework is a straightforward hierarchy of interfaces and classes that create connections of various types -- including HTTP, datagram, and streams -- and that perform I/O. Table 1 lists the Java packages included in the CLDC.

Table 1: Core Java Packages in CLDC

Name

Description

java.lang

CLDC subset of core Java programming language classes

java.lang.ref (CLDC 1.1 only)

CLDC subset to support weak references

java.util

CLDC subset of Java SE utility classes

java.io

CLDC subset of system I/O through data streams

javax.microedition.io

Network support based on the Generic Connection Framework

Note that CLDC 1.1, JSR 139, has superseded the original CLDC 1.0 specification, JSR 30.

Differences Between CLDC 1.0 and 1.1
CLDC 1.0 and 1.1 are very similar. From the developer's perspective, the most important enhancements in the newer release are the new floating-point math capabilities and support for weak references. The following list, taken from the CLDC specification document, summarizes CLDC 1.1's main differences from version 1.0:

  • Floating-point support has been added.
    • All floating-point bytecodes are supported.
    • Classes Float and Double have been added.
    • Various methods have been added to the other library classes to handle floating-point values.
  • Weak-reference support -- a small subset of the Java SE weak-reference classes -- has been added.
  • Classes Calendar, Date, and TimeZone have been redesigned to conform more closely to their Java SE counterparts.
  • Error-handling requirements have been clarified, and one new error class, NoClassDefFoundError, has been added.
  • Thread objects have names, as threads in Java SE do. The method Thread.getName() has been introduced, and the Thread class has a few new constructors that have been inherited from Java SE.
  • Various minor library changes and bug fixes have been included, such as the addition of the following fields and methods:
    • Boolean.TRUE and Boolean.FALSE
    • Date.toString()
    • Random.nextInt(int n)
    • String.intern()
    • String.equalsIgnoreCase()
    • Thread.interrupt()
  • The minimum memory budget has been raised from 160 to 192 kilobytes, mainly to allow for the new floating-point functionality.
  • Permission classes have been added to express security checks in the Generic Connection Framework and java.lang APIs.
  • Inverse trigonometric functions have been added to facilitate location-based services.
  • Restrictions have been placed on the behavior of eager-linking VM implementations.
  • Specification text has been tightened and obsolete subsections removed.
  • The verifier specification is much more detailed.

For more information, see the CLDC product page.

The Connected Device Configuration (CDC)
CDC is designed for more powerful devices than those that CLDC supports, such as high-end cell phones and PDAs, and the more sophisticated embedded devices: TV set-top boxes, Web-based devices such as Internet appliances, and even car navigation systems.

Devices that support CDC have 32-bit processors, typically ARM-based devices, at least 2 MB of main memory and 2.5 MB of ROM, and some type of network connectivity. At the heart of this configuration is a Java VM such as the CDC HotSpot Implementation, with full Java SE capabilities.

CDC is a superset of CLDC. It includes all the classes defined by the CLDC, including any new ones not included in Java SE, such as the Generic Connection Framework. CDC includes many more core Java SE classes than does CLDC, making it a more familiar environment for experienced Java SE programmers. Table 2 summarizes the packages in CDC.

Table 2: Core Java Packages in CDC

Name

Description

java.lang

CDC subset of the core Java programming language

java.lang.ref

Reference-object classes, which support a limited degree of interaction with the garbage collector

java.lang.reflect

Classes and interfaces for obtaining reflective information about classes and objects

java.math

CDC subset of classes for performing arbitrary-precision integer arithmetic

java.text

CDC subset of classes and interfaces for handling text, dates, numbers, and messages in a manner independent of native languages

java.io

CDC subset of system input and output through data streams, serialization, and the file system

javax.microedition.io

Network support based on the Generic Connection Framework; support for file: and datagram:

java.util

CDC subset of collections, date and time facilities, internationalization, and miscellaneous utility classes

java.util.zip

CDC subset of classes for reading the standard ZIP file format

java.util.jar

CDC subset of classes for reading files in the Java archive (JAR) format, which is based on the standard ZIP file format, with an optional manifest file

java.net

CDC subset of classes for implementing a networking application; support for datagram: and JAR I/O

java.security

CDC subset of classes and interfaces for the security framework

java.security.cert

CDC subset of classes and interfaces for parsing and managing certificates

CDC release 1.0 was introduced as JSR 36. More recently, CDC 1.1 was introduced as JSR 218.

Differences Between CDC 1.0 and 1.1
CDC 1.1 is very like its predecessor. Existing APIs have been cleaned up. Enhancements center mainly on support for J2SE 1.4, including Unicode 3.0, assertions, and the new security optional packages: Java Authentication and Authorization Service (JAAS), Java Secure Socket Extension (JSSE), and Java Cryptography Extension (JCE).

For more information, see the CDC product page.

j2me future with MSA

 

The Mobile Service Architecture (MSA) specification defines a common architecture and programming platform for wireless handsets. Like its predecessor, Java Technology for the Wireless Industry (JSR 185), MSA is an umbrella Java specification, a collection of familiar, updated, and new JSRs that cooperate to support applications with a wide range of standardized capabilities.

Two flavors of MSA are defined: The basic MSA (JSR 248) addresses CLDC-based platforms, and the MSA-Advanced (JSR 249) addresses CDC-based platforms. The architectures define a comprehensive structure of APIs aimed at facilitating development and deployment of the widest possible variety of applications, in a form that will be easily portable across the broadest possible spectrum of mobile devices.

The basic MSA defines two stacks: a full MSA stack that comprises 16 JSRs and a subset of eight JSRs, as illustrated in Figure 3.

Figure 3: The MSA Specification APIs (JSR 248)

Some of the JSRs are mandatory, and others are conditionally mandatory. To comply with MSA, an implementation must support a mandatory JSR or one that is conditionally mandatory, that is, one that becomes mandatory when relevant conditions are true. A typical example of the latter is JSR 82, the Bluetooth API, which is not always required but must be supported if the device claims to support the Bluetooth wireless technology.

For an introduction to MSA, see the article The Mobile Service Architecture Specification.

Glossary

Glossary

3G Third generation (3G) wireless networks will offer faster data transfer rates than current networks. The first generation of wireless (1G) was analog cellular. The second generation (2G) is digital cellular, featuring integrated voice and data communications. So-called 2.5G networks offer incremental speed increases. 3G networks will offer dramatically improved data transfer rates, enabling new wireless applications such as streaming media.
3GPP The 3rd Generation Partnership Project (3GPP) is a global collaboration between 6 partners: ARIB, CWTS, ETSI, T1, TTA, and TTC. The group aims to develop a globally accepted 3rd-generation mobile system based on GSM.
802.11 802.11 is a group of specifications for wireless networks developed by the Institute of Electrical and Electronics Engineers (IEEE). 802.11 uses the Ethernet protocol and CSMA/CA (carrier sense multiple access with collision avoidance) for path sharing.
API An Application Programming Interface (API) is a set of classes that you can use in your own application. Sometimes called libraries or modules, APIs enable you to write an application without reinventing common pieces of code. For example, a networking API is something your application can use to make network connections, without your ever having to understand the underlying code.
AMPS Advanced Mobile Phone Service (AMPS) is a first-generation analog, circuit-switched cellular phone network. Originally operating in the 800 MHz band, service was later expanded to include transmissions in the 1900 MHz band, the VHF range in which most wireless carriers operate. Because AMPS uses analog signals, it cannot transmit digital signals and cannot transport data packets without assistance from newer technologies such as TDMA and CDMA.
CDC The Connected Device Configuration (CDC) is a specification for a Java ME configuration. Conceptually, CDC deals with devices with more memory and processing power than CLDC; it is for devices with an always-on network connection and a minimum of 2 MB of memory available for the Java system.
CDMA Code-Division Multiple Access (CDMA) is a cellular technology widely used in North America. There are currently three CDMA standards: CDMA One, CDMA2000 and W-CDMA. CDMA technology uses UHF 800Mhz-1.9Ghz frequencies and bandwidth ranges from 115Kbs to 2Mbps.
CDMA One Also know as IS-95, CDMAOne is a 2nd generation wireless technology. Supports speeds from 14.4Kbps to 115K bps.
CDMA2000 Also known as IS-136, CDMA2000 is a 3rd generation wireless technology. Supports speeds ranging from 144Kbps to 2Mbps.
CDPD Developed by Nortel Networks, Cellular Digital Packet Data (CDPD) is an open standard for supporting wireless Internet access from cellular devices. CDPD also supports Multicast, which allows content providers to efficiently broadcast information to many devices at the same time.
cHTML Compact HTML (cHTML) is a subset of HTML which is designed for small devices. The major features of HTML that are excluded from cHTML are: JPEG image, Table, Image map, Multiple character fonts and styles, Background color and image, Frame and Style sheet.
CLDC The Connected, Limited Device Configuration (CLDC) is a specification for a Java ME configuration. The CLDC is for devices with less than 512 KB or RAM available for the Java system and an intermittent (limited) network connection. It specifies a stripped-down Java virtual machine1 called the KVM as well as several APIs for fundamental application services. Three packages are minimalist versions of the Java SE java.lang, java.io, and java.util packages. A fourth package, javax.microedition.io, implements the Generic Connection Framework, a generalized API for making network connections.
configuration In Java ME, a configuration defines the minimum Java runtime environment for a family of devices: the combination of a Java virtual machine (either the standard Java SE virtual machine or a much more limited version called the CLDC VM) and a core set of APIs. CDC and CLDC are configurations. See also profile, optional package.
CVM The Compact Virtual Machine (CVM) is an optimized Java virtual machine1 (JVM) that is used by the CDC.
Deck A deck is a collection of one or more WML cards that can be downloaded, to a mobile phone, as a single entity.
EDGE Enhanced Data GSM Environment (EDGE) is a new, faster version of GSM. EDGE is designed to support transfer rates up to 384Kbps and enable the delivery of video and other high-bandwidth applications. EDGE is the result of a joint effort between TDMA operators, vendors and carriers and the GSM Alliance.
ETSI The European Telecommunications Standards Institute (ETSI) is a non-profit organization that establishes telecommunications standards for Europe.
FDMA Frequency-division multiple-access (FDMA) is a mechanism for sharing a radio frequency band among multiple users by dividing it into a number of smaller bands.
Foundation Profile The Foundation Profile is a Java ME profile specification that builds on CDC. It adds additional classes and interfaces to the CDC APIs but does not go so far as to specify user interface APIs, persistent storage, or application life cycle. Other Java ME profiles build on the CDC/Foundation combination: for example, the Personal Profile and the RMI Profile both build on the Foundation Profile.
Generic Connection Framework

The Generic Connection Framework (GCF) makes it easy for wireless devices to make network connections. It is part of CLDC and CDC and resides in the javax.microedition.io package.

GPRS The General Packet Radio System (GPRS) is the next generation of GSM. It will be the basis of 3G networks in Europe and elsewhere.
GSM The Global System for Mobile Communications (GSM) is a wireless network system that is widely used in Europe, Asia, and Australia. GSM is used at three different frequencies: GSM900 and GSM1800 are used in Europe, Asia, and Australia, while GSM1900 is deployed in North America and other parts of the world.
HLR The Home Location Register (HLR) is a database for permanent storage of subscriber data and service profiles.
HTTPS Hyper Text Transfer Protocol Secure sockets (HTTPS) is a protocol for transmission of encrypted hypertext over Secure Sockets Layer.
i-appli Sometimes called "Java for i-mode", i-appli is a Java environment based on CLDC. It is used on handsets in NTT DoCoMo's i-mode service. While i-appli is similar to MIDP, it was developed before the MIDP specification was finished and the two APIs are incompatible.
IDE An Integrated Development Environment (IDE) provides a programming environment as a single application. IDEs typically bundle a compiler, debugger, and GUI builder tog ether. Forte for Java is Sun's Java IDE.
iDEN The Integrated Dispatch Enhanced Network (iDEN) is a wireless network system developed by Motorola. Various carriers support iDEN networks around the world: Nextel is one of the largest carriers, with networks covering North and South America.
i-mode A standard used by Japanese wireless devices to access cHTML (compact HTML) Web sites and display animated GIFs and other multimedia content.
Java ME Java 2, Micro Edition is a group of specifications and technologies that pertain to Java on small devices. The Java ME moniker covers a wide range of devices, from pagers and mobile telephones through set-top boxes and car navigation systems. The Java ME world is divided into configurations and profiles, specifications that describe a Java environment for a specific class of device.
Java ME WTK The Sun Java Wireless Toolkit is a set of tools that provides developers with an emulation environment, documentation and examples for developing Java applications for small devices. The Sun Java WTK is based on the Connected Limited Device Configuration (CLDC) and Mobile Information Device Profile (MIDP) reference implementations, and can be tightly integrated with Forte for Java
Java Card The Java Card specification allows Java technology to run on smart cards and other small devices. The Java Card API is compatible with formal international standards, such as, ISO7816, and industry-specific standards, such as, Europay/Master Card/Visa (EMV).
JavaHQ JavaHQ is the Java platform control center on your Palm OS device.
JCP The Java Community Process (JCP) an open organization of international Java developers and licensees who develop and revise Java technology specifications, reference implementations, and technology compatibility kits through a formal process.
JDBC for CDC/FP The JDBC Optional Package for CDC/Foundation Profile (JDBCOP for CDC/FP) is an API that enables mobile Java applications to communicate with relational database servers using a subset of Java SE's Java Database Connectivity. This optional package is a strict subset of JDBC 3.0 that excludes some of JDBC's advanced and server-oriented features, such as pooled connections and array types. It's meant for use with the Foundation Profile or its supersets.
JSR Java Specification Request (JSR) is the actual description of proposed and final specifications for the Java platform. JSRs are reviewed by the JCP and the public before a final release of a specification is made.
KittyHawk KittyHawk is a set of APIs used by LG Telecom on its IBook and p520 devices. KittyHawk is based on CLDC. It is conceptually similar to MIDP but the two APIs are incompatible.
KJava KJava is an outdated term for Java ME. It comes from an early package of Java software for PalmOS, released at the 2000 JavaOne show. The classes for that release were packaged in the com.sun.kjava package.
kSOAP kSOAP is a SOAP API suitable for the Java ME, based on kXML.
kXML The kXML project provides a small footprint XML parser that can be used with Java ME.
KVM The KVM is a compact Java virtual machine (JVM) that is designed for small devices. It supports a subset of the features of the JVM. For example, the KVM does not support floating-point operations and object finalization. The CLDC specifies use of the KVM. According to folklore, the 'K' in KVM stands for kilobyte, signifying that the KVM runs in kilobytes of memory as opposed to megabytes.
LAN A Local Area Network (LAN) is a group of devices connected with various communications technologies in a small geographic area. Ethernet is the most widely-used LAN technology. Communication on a LAN can either be with Peer-to-Peer devices or Client-Server devices.
LCDUI LCDUI is a shorthand way of referring to the MIDP user interface APIs, contained in the javax.microedition.lcdui package. Strictly speaking, LCDUI stands for Liquid Crystal Display User Interface. It's a user interface toolkit for small device screens which are commonly LCD screens.
MExE The Mobile Execution Environment (MExE) is a specification created by the 3GPP which details an applicatio n environment for next generation mobile devices. MExE consists of a variety of technologies including WAP, Java ME, CLDC and MIDP.
MIDlet A MIDlet is an application written for MIDP. MIDlet applications are subclasses of the javax.microedition.midlet.MIDlet class that is defined by MIDP.
MIDlet suite MIDlets are packaged and distributed as MIDlet suites. A MIDlet suite can contain one or more MIDlets. The MIDlet suite consists of two files, an application descriptor file with a .jad extension and an archive file with a .jar file. The descriptor lists the archive file name, the names and class names for each MIDlet in the suite, and other information. The archive file contains the MIDlet classes and resource files.
MIDP The Mobile Information Device Profile (MIDP) is a specification for a Java ME profile. It is layered on top of CLDC and adds APIs for application life cycle, user interface, networking, and persistent storage.
MIDP-NG The Next Generation MIDP specification is currently under development by the Java Community Process. Planned improvements include XML parsing and cryptographic support.
Mobitex Mobitex is a packet-switched, narrowband PCS network, designed for wide-area wireless data communications. It was developed in 1984 by Eritel, an Ericsson subsidiary, a nd there are now over 30 Mobitex networks in operation worldwide.
Modulation Modulation is the method by which a high-frequency digital signal is grafted onto a lower-frequency analog wave, so that digital packets are able to ride piggyback on the analog airwave.
MSC A Mobile Switching Center (MSC) is a unit within a cellular phone network that automatically coordinates and switches calls in a given cell. It monitors each caller's signal strength, and when a signal begins to fade, it hands off the call to another MSC that's better positioned to manage the call.
Obfuscation Obfuscation is a technique used to complicate code. Obfuscation makes code harder to understand when it is de-compiled, but it typically has no affect on the functionality of the code. Obfuscation programs can be used to protect Java programs by making them harder to reverse-engineer.
optional package An optional package is a set of Java ME APIs providing services in a specific area, such as database access or multimedia. Unlike a profile, it does not define a complete application environment, but rather is used in conjunction with a configuration or a profile. It extends the runtime environment to support device capabilities that are not universal enough to be defined as part of a profile or that need to be shared by different profiles. Java ME RMI and the Mobile Media RMI are examples of optional packages.
OTA Over The Air (OTA) refers to any wireless networking technology.
PCS Personal Communications Service (PCS) is a suite of second-generation, digitally modulated mobile-communications interfaces that includes TDMA, CDMA, and GSM. PCS serves as an umbrella term for second-generation wireless technologies operating in the 1900MHz range
PDAP The Personal Digital Assistant Profile (PDAP) is a Java ME profile specification designed for small platforms such as PalmOS devices. You can think of PDAs as being larger than mobile phones but smaller than set-top boxes. PDAP is built on top of CLDC and will specify user interface and persistent storage APIs. PDAP is currently being developed using the Java Community Process (JCP).
PDC Personal Digital Cellular (PDC) is a Japanese standard for wireless communications.
PDCP Parallel and Distributed Computing Practices (PDCP) are often used to describe computer systems that are spread over many devices on a network (wired or wireless) where many nodes process data simultaneously.
Personal Profile The Personal Profile is a Java ME profile specification. Layered on the Foundation Profile and CDC, the Personal Profile will be the next generation of PersonalJava technology. The specification is currently in development under the Java Community Process (JCP).
PersonalJava PersonalJava is a Java environment based on the Java virtual machine1 (JVM) and a set of APIs similar to a JDK 1.1 environment. It includes the Touchable Look and Feel (also called Truffle), a graphic toolkit that is optimized for consumer devices with a touch sensitive screen. PersonalJava will be included in Java ME in the upcoming Personal Profile, which is built on CDC.
PNG Portable Network Graphics (PNG) is an image format offering lossless compression and storage flexibility. The MIDP specification requires implementations to recognize certain types of PNG images.
POSE Palm OS Emulator (POSE).
PRC Palm Resource Code (PRC) is the file format for Palm OS applications.
preverification Due to memory and processing power available on a device, the verification process of classes are split into two processes. The first process is the preverification which is off-device and done using the preverify tool. The second process is verification which is done on-device.
profile A profile is a set of APIs added to a configuration to support specific uses of a mobile device. Along with its underlying configuration, a profile defines a complete, and usually self-contained, general-purpose application environment. Profiles often, but not always, define APIs for user interface and persistence; the MIDP profile, based on the CLDC configuration, fits this pattern. Profiles may be supersets or subsets of other profiles; the Personal Basis Profile is a subset of the Personal Profile and a superset of the Foundation Profile. See also configuration, optional package.
Provisioning In telecommunications terms, provisioning means to provide telecommunications services to a user. This includes providing all necessary hardware, software, and wiring or transmission devices.
PSTN The public service telephone network (PSTN) is the traditional, land-line based system for exchanging phone calls.
RMI Remote method invocation (RMI) is a feature of Java SE that enables Java objects running in one virtual machine to invoke methods of Java objects running in another virtual machine, seamlessly.
RMI OP The RMI Optional Package (RMI OP) is a subset of Java SE 1.3's RMI functionality used in CDC-based profiles that incorporate the Foundation Profile, such as the Personal Basis Profile and the Personal Profile. The RMIOP cannot be used with CLDC-based profiles because they lack object serialization and other important features found only in CDC-based profiles. RMIOP supports most of the Java SE RMI functionality, including the Java Remote Method Protocol, marshalled objects, distributed garbage collection, registry-based object lookup, and network class loading, but not HTTP tunneling or the Java 1.1 stub protocol.
RMI Profile The RMI Profile is a Java ME profile specification designed to support Java's Remote Method Invocation (RMI) distributed object system. Devices implementing the RMI Profile will be able to interoperate via RMI with other Java devices, including Java 2, Standard Edition. The RMI Profile is based on the Foundation Profile, which in turn is based on CDC.
RMS The Record Management System (RMS) is a simple record-oriented database that allows a MIDlet to persistently store information and retrieve it later. Different MIDlets can also use the RMS to share data.
SDK A Software Development Kit (SDK) is a set of tools used to develop applications for a particular platform. An SDK typically contains a compiler, linker, and debugger. It may also contain libraries and documentation for APIs.
SIM A Subscriber Identity Module (SIM) is a stripped-down smart card containing information about the identity of a cell-phone subscriber, and subscriber authentication and service information. Because the SIM uniquely identifies the subscriber and is portable among handsets, the user can move it from one kind of phone to another, facilitating international roaming.
SMS Short Message Service (SMS) is a point-to-point service similar to paging for sending text messages of up to 160 characters to mobile phones.
SOAP The Simple Object Access Protocol (SOAP) is an XML- based protocol that allows objects of any type to communicated in a distributed environment. SOAP is used in developing Web Services.
SSL Secure Sockets Layer (SSL) is a socket protocol that encrypts data sent over the network and provides authentication for the socket endpoints.
T9 T9 is a text input method for mobile phones and other small devices. It replaces the "multi-tap" input method by guessing the word that you are trying to enter. T9 may be embedded in a device by the manufacturer. Note that even if the device supports T9, the Java implementation may or may not use it. Check your documentation for details.
TDMA Time Division Multiple Access (TDMA) is a second-generation modulation standard using bandwidth allocated in the 800 MHz, 900 MHz, and 1900MHz ranges.
Telematics Telematics is a location-based service that routes event notification and control data over wireless networks to and from mobile devices installed in automobiles. Telematics makes use of GPS technology to track vehicle latitude and longitude, and displays maps in LED consoles mounted in dashboards. It connects to remote processing centers that turn provide server-side Internet and voice services, as well as access to database resources.
Tomcat Tomcat is a reference implementation of the Java servlet and JavaServer Pages (JSP) specifications. It is intended as a platform for developing and testing servlets.
UDDI Universal Description, Discovery, and Integration (UDDI) is an XML-based standard for describing, publishing, and finding Web services. UDDI is a specification for a distributed registry of Web services.
UMTS Developed by Nortel Networks, Universal Mobile Telecommunications Service (UMTS) is a standard that will provide cellular users a consistent set of technologies no matter where they are located worldwide. UMTS utilizes W-CDMA technology.
VLR The Visitor Location Register (VLR) is a database that contains temporary information about subscribers.
WAE The Wireless Application Environment (WAE) provides a application framework for small devices. WAE leverages other technologies such as WAP, WTP, and WSP.
WAP Wireless Application Protocol (WAP) is a protocol for transmitting data between servers and clients (usually small wireless devices like mobile phones). WAP is analogous to HTTP in the World Wide Web. Many mobile phones include WAP browser software to allow users access to Internet WAP sites.
WAP Gateway A WAP Gateway acts as a bridge allowing WAP devices to communicate with other networks (namely the Internet).
W-CDMA Wideband Code-Division Multiple Access (W-CDMA), also known as IMT-2000, is a 3rd generation wireless technology. Supports speeds up to 384Kbps on a wide-area network, or 2Mbps locally.
WDP Wireless Datagram Protocol (WDP) works as the transport layer of WAP. WDP processes datagrams from upper layers to formats required by different physical datapaths, bearers, that may be for example GSM SMS or CDMA Packet Data. WDP is adapted to the bearers available in the device so upper layers don't need to care about the physical level.
WMA The Wireless Messaging API (WMA) is a set of classes for sending and receiving Short Message Service messages. See also SMS.
WML The Wireless Markup Language (WML) is a simple language used to create applications for small wireless devices like mobile phones. WML is analogous to HTML in the World Wide Web.
WMLScript WMLScript is a subset of the JavaScript scripting language designed as part of the WAP standard to provide a convenient mechanism to access mobile phone's peripheral functions.
WSP Wireless Session Protocol (WSP) implements session services of WAP. Sessions can be connection-oriented and connectionless and they may be suspended and resumed at will.
WTLS Wireless Transport Layer Security protocal (WTLS) does all cryptography oriented features of WAP. WTLS handles encryption/decryption, user authentication and data integrity. WTLS is based on the fixed network Transport Layer Security protocal (TLS), formerly known as Secure Sockets Layer (SSL).
WTP Wireless Transaction Protocol (WTP) is WAP's transaction protocol that works between the session protocol WSP and security protocol WTLS. WTP chops data packets into lower level datagrams and concatenates received datagrams into useful data. WTP also keeps track of received and sent packets and does re-transmissions and acknowledgment sending when needed.

j2me in this universe

Java ME is not a piece of software, nor is it a single specification.

Java ME is a platform, a collection of technologies and specifications that are designed for different parts of the small device market. Because Java ME spans such a variety of devices, it wouldn't make sense to try to create a one-size-fits-all solution.


Java ME, therefore, is divided into configurations, profiles,and optional packages.


Configurations are specifications that detail a virtual machine and a base set of APIs that can be used with a certain class of device. set of APIs is customarily a subset of the Java SE APIs.

configuration describes a JVM1 and a basic set of APIs, it does not by itself specify enough detail to enable you to build complete applications


A profile builds on a configuration but adds more specific APIs to make a complete environment for building applications.

Profiles usually include APIs for application life cycle, user interface, and persistent storage.

An optional package provides functionality that may not be associated with a specific configuration or profile. One example of an optional package is the Bluetooth API (JSR 82), which provides a standardized API for using Bluetooth networking. This optional package could be implemented alongside virtually any combination of configurations and profiles.

Optional packages bubble like a froth above the CLDC and CDC branches of Java ME. These provide all sorts of capabilities ranging from Bluetooth communication through web services and instant messaging. Look in the table for links to the specifications themselves.


The current universe of configurations, profiles and optional packages is shown in the diagram below. The tables immediately following provide more details about the abbreviations in the figure.


Java ME Overview


Java ME are developed under the CONTROL of the Java Community Process (JCP).

A specification begins life as a Java Specification Request (JSR).
The JSR then passes through various stages in the JCP before it is finished. Every JSR is assigned a number. Java ME specifications are commonly referred to by their JSR number.





Configurations
CLDC 1.0
Connected, Limited Device Configuration
CLDC 1.1
Connected, Limited Device Configuration 1.1
CDC
Connected Device Configuration
CDC 1.1
Connected Device Configuration 1.1
Profiles
MIDP 1.0
Mobile Information Device Profile
MIDP 2.0
Mobile Information Device Profile 2.0
PDAP
PDA Profile
FP
Foundation Profile
FP 1.1
Foundation Profile 1.1
PBP
Personal Basis Profile
PBP 1.1
Personal Basis Profile 1.1
PP
Personal Profile
PP 1.1
Personal Profile 1.1
IMP
Information Module Profile
IMP-NG
Information Module Profile - Next Generation
Optional Packages
PIM
PDA Optional Packages for the Java ME Platform
BTAPI
Java APIs for Bluetooth
WMA
Wireless Messaging API
WMA 2.0
Wireless Messaging API 2.0
MMAPI
Mobile Media API

JAIN SIMPLE Presence

JAIN SIMPLE Instant Messaging

Java ME Web Services
SATSA
Security and Trust Services API for Java ME

Location API for Java ME
SIP
SIP API for Java ME
3D
Mobile 3D Graphics API for Java ME

JAIN Presence

JAIN Instant Messaging

Event Tracking API for Java ME

Advanced Graphics and User Interface Optional Package for Java ME Platform
CHAPI
Content Handling API

Micro WSCI Framework for Java ME

Micro BPSS for Java ME Devices

Scalable 2D Vector Graphics API

Payment API

Data Sync API

Mobile Operational Management

Advanced Multimedia Supplements

Mobile Internationalization API

Java Bindings for OpenGL ES

Device Management API

Mobile Telephony API (MTA)


The other major branch of the Java ME tree is based on the Connected Device Configuration (CDC). This configuration is for larger devices (in terms of memory and processing power) with robust network connections. Set-top boxes and internet appliances are good examples of CDC devices, although high-end PDAs like the Sharp Zaurus also fit this configuration well. The Foundation Profile extends CDC and serves as the basis for several other profiles.


Java Technologies for Handsets, Smart Cards, and Embedded Devices

Java ME has evolved into an organized architecture for electronic devices, including sets of Java APIs for high-end PDAs and embedded devices, as well as for more constrained devices such as cell phones, low-end PDAs, and headless devices -- those without display or user interface (UI) facilities. Today the Java technologies for handsets, smart cards, and embedded devices are split

Figure 2: Java Technologies for Handsets, Smart Cards, and Embedded Devices

Java ME comprises the Connected Limited Device Configuration (CLDC) and the Connected Device Configuration (CDC):

  • CLDC supports resource-constrained devices with limited connectivity, such as cell phones, two-way pagers, low-end PDAs, and headless devices.

  • CDC supports less restrictive, high-end connected devices, such as high-end PDAs and communicators, and sophisticated embedded devices.

Java Card technology consists of the Java Card VM, the Java Card framework, and the security and remote invocation APIs.

Java SE for Embedded is Java SE technology with special support, functionality, and a licensing model for embedded platforms. It has a smaller footprint Java SE technology-based runtime, memory optimizations, and other savings, access to read-only memory (ROM) or compact flash, and support for embedded CPUs and operating systems. It replaces EmbeddedJava and PersonalJava.