mic_none

Security and Trust Services API for J2ME Source: en.wikipedia.org/wiki/Security_and_Trust_Services_API_for_J2ME

The Security and Trust Services API for J2ME (SATSA) (JSR 177) is an optional package within Java ME that enables enhanced cryptographic and smart-card-based security for mobile applications. It includes APDU communication, Java Card RMI, general cryptography, and PKI features.[1][2]

Features

[edit]

SATSA adds the following capabilities to Java ME:

  • Smart-card communication via ISO 7816 APDU.[3][4]
  • Remote invocation of Java Card objects via SATSA‑JCRMI.[5]
  • SATSA-Crypto supporting message digests, symmetric/asymmetric encryption, and signatures.[6][7]
  • SATSA-PKI for certificate-based digital signatures and secure user authentication.[8]

Components

[edit]

SATSA is divided into four main components:

  • SATSA‑APDU: Low-level APDU communication for ISO/IEC 7816 smart cards.[6][4]
  • SATSA‑JCRMI: Java Card Remote Method Invocation.[5][3]
  • SATSA‑Crypto: Encryption, message digests, digital signature APIs.[9][7]
  • SATSA‑PKI: Secure key storage, certificate handling, digital signature verification.[8][6]

Implementation examples

[edit]

APDU communication

[edit]
APDUConnection conn = (APDUConnection) Connector.open("apdu:0");
byte[] response = conn.exchangeAPDU(command);

Used in smart card access systems for PIN verification and applet interaction.[6][10]

Java Card RMI

[edit]
JavaCardRMIConnection jc = (JavaCardRMIConnection)
    Connector.open("jcrmi:0;AID=a0...c.8.1");
MyApplet stub = (MyApplet) jc.getRemoteObject();

Provides a high-level interface to smart card functionality.[5][7]

DES encryption

[edit]
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, key, ivSpec);
c.doFinal(data, 0, data.length, out, 0);

Commonly used to secure local data or perform session encryption.[9][6]

Platform support and tools

[edit]

SATSA is supported on selected devices from major manufacturers including Motorola, Nokia (from Series 40), Samsung, and Sony Ericsson (JP-8+).[11][12]

The Java ME SDK and Sun Java Wireless Toolkit include full SATSA emulation, including APDU/JCRMI over TCP/IP ports 9025 and 9026.[3][6]

See also

[edit]

References

[edit]
  1. ^ "Security and Trust Services API for J2ME (SATSA); JSR 177". Oracle. Retrieved 27 June 2025.
  2. ^ "JSR 177: Smart Card Security (SATSA)". Java Community Process. 2004-09-03. Retrieved 27 June 2025.
  3. ^ a b c "WTK User Guide: SATSA". Sun Java Wireless Toolkit. Retrieved 27 June 2025.
  4. ^ a b "2007 JavaOne: What to Do With APDU?" (PDF). JavaOne Conference. 2007. Retrieved 27 June 2025.
  5. ^ a b c "Security and Trust Services APIs Reference Implementation" (PDF). Sun Microsystems. 2004. Retrieved 27 June 2025.
  6. ^ a b c d e f "Oracle SATSA Developer Guide". Oracle. Retrieved 27 June 2025.
  7. ^ a b c "Framework for cryptography algorithms on mobile devices" (PDF). University of Pretoria. 2014. Retrieved 27 June 2025.
  8. ^ a b "Design, Installation and Execution of a Security Agent for Mobile Stations" (PDF). Lecture Notes in Computer Science. 3986. Springer: 1–15. 2006. doi:10.1007/11733447_1. Retrieved 27 June 2025.
  9. ^ a b "How to encrypt/decrypt with DES in J2ME". IT&C Solutions. 2011-06-05. Retrieved 27 June 2025.
  10. ^ "Access STK from J2ME". StackOverflow. 2011-06-08. Retrieved 27 June 2025.
  11. ^ "Developing Applications Using SATSA on Nokia Devices". Nokia Developer. Retrieved 27 June 2025.
  12. ^ "JCP JSR 177 Expert Group". Java Community Process. Retrieved 27 June 2025.