SECURE DATA COMMUNICATION FRAMEWORK FOR MOBILE DEVICES

Abstract

The use of wireless devices such as cellular phones and two-way pagers has undergone tremendous growth over the past few years. As the wireless market matures, people will demand more advanced reliable applications. Sun Micro system and a group of wireless industry leaders such as Nokia, Motorola, and Palm defined a new set of standards called Java 2 Micro Edition (J2ME) to help in developing and deploying the next generation wireless applications, but the transaction security is becoming an important concern for mobile users and wireless application developers alike. The overall security of the network is not so strong and the weakest link is the client-side device. The interceptable nature of wireless signals and the limited memory and computing power of most handheld devices leaves wireless systems dangerously vulnerable to data theft. Thus I have proposed and implemented a platform independent Authentication and an Encryption & Decryption system that will help the thin client to prove its identity to the server and will secure the communication between the client and the server. I have used Java 2 Micro Edition Wireless Tool Kit device simulators. The application developed for wireless devices is named as SecureMlDlet. The class files of this MIDlet applications is packaged in to a JAR file and then this JAR file can be installed in the mobile device via serial cable connected to a PC or via a wireless network. This approach gives mobile user a secure and unified model. For example, a customer making an on line query should not be impacted by whether they are using a mobile phone or a FDA, as long as each device can securely express the proper identity. The application is developed as one of the modules of "Mobile-Commerce Security", a research project going on at TDPP Division of National Informatics Center, New D