Design and Prototyping of Web Service Security on J2ME based Mobile Phones

Ti-Shiang Wang

2005

Abstract

One of the main objectives in this paper is to investigate how to manipulate the Simple Object Access Protocol (SOAP) message and place security functions in the header of SOAP message. Here, we will present the design and implementation of web service security application on Java 2 Micro Edition (J2ME) based mobile devices. Basically this prototyping includes two-stage approach. In the first stage, we study the concept of proof in implementation of web services security on the IBM laptop using IBM WebSephere Studio Device Developer (WSDD V 5.6) IDE [1]. In addition we import kXML/kSOAP APIs to process SOAP message and use Bouncy Castle’s API [2] supporting cryptographic algorithms for security implementations. In this paper, the security functions we present here include five tasks: non-security, data digest, data encryption using symmetric key, data encryption using asymmetric key, and digital signature. At each task, we will discuss its corresponding design, SOAP header message, time performance, and return results in emulator. Based on the expected results from the first stage, in the second stage, we use Nokia 6600/3650 mobile phones as target mobile devices to test our application and evaluate performance at each task. Finally we will share our experience and lessons on this work in the conclusion and do the demonstration using Nokia 3650 mobile phone in the conference.

References

  1. IBM WSDD, http://www-306.ibm.com/software/wireless/wsdd/
  2. Bouncy Castle, http://www.bouncycastle.org/index.html.
  3. M. Gudgin, M. Hadley, N. Mendelsohn, J. Moreau, and H. Nielsen, SOAP Version 1.2 Part 1: Messaging Framework, http://www.w3.org/TR/2003/REC-soap12-part1-20030624/, June, 2003.
  4. Jon Rllid and Mark Young, Sun Microsystems, J2ME Web Services 1.0 final Draft, http://www.jcp.org/en/jsr/detail?id=172, October 15, 2003.
  5. kXML project - http://www.kxml.org
  6. Enhydra.org, http://kxml.objectweb.org/project/aboutProject/index.html
  7. Enterprise J2ME: Developing Mobile Java Applications, Michael Juntao Yuan, ISBN: 0131405306, Prentice Hall Publisher, 2003.
  8. Xmethods.Inc, http://www.xmethods.net/, 2004.
  9. WSDL files for temperature, http://www.xmethods.net/sd/2001/TemperatureService.wsdl.
  10. OASIS, Web Services Security: SOAP Message Security 1.0 (WS-Security 2004), http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf, March 2004.
Download


Paper Citation


in Harvard Style

Wang T. (2005). Design and Prototyping of Web Service Security on J2ME based Mobile Phones . In Proceedings of the Joint Workshop on Web Services and Model-Driven Enterprise Information Systems - Volume 1: WSMDEIS, (ICEIS 2005) ISBN 972-8865-27-9, pages 29-38. DOI: 10.5220/0002541300290038


in Bibtex Style

@conference{wsmdeis05,
author={Ti-Shiang Wang},
title={Design and Prototyping of Web Service Security on J2ME based Mobile Phones},
booktitle={Proceedings of the Joint Workshop on Web Services and Model-Driven Enterprise Information Systems - Volume 1: WSMDEIS, (ICEIS 2005)},
year={2005},
pages={29-38},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002541300290038},
isbn={972-8865-27-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Joint Workshop on Web Services and Model-Driven Enterprise Information Systems - Volume 1: WSMDEIS, (ICEIS 2005)
TI - Design and Prototyping of Web Service Security on J2ME based Mobile Phones
SN - 972-8865-27-9
AU - Wang T.
PY - 2005
SP - 29
EP - 38
DO - 10.5220/0002541300290038