Linux Today: Linux News On Internet Time.

More on LinuxToday

developerWorks: Lock Down J2ME Applications with Kerberos, Part 1

Nov 05, 2003, 05:30 (0 Talkback[s])
(Other stories by Faheem Khan)

"Many users are reluctant to use applications that send sensitive data over wireless connections because they don't trust wireless security. But the same protocols that make secure e-commerce over traditional wired networks possible can also help make wireless transactions safe. In this three-part article series, I'll demonstrate secure messaging between J2ME clients and server-side Java applications using the Kerberos protocol. I will develop a mobile banking MIDlet application that can send and receive payments securely over the Internet. The MIDlet application will use a J2ME-based Kerberos client to perform the actual secure messaging. In this article, I'll begin by explaining the usage model of a mobile banking application. I will then explain the sequence of Kerberos message exchanges that results in the establishment of a secure context for subsequent secure messaging between a J2ME client and a server-side Java application. This discussion will be followed by a description of the data formats used in Kerberos messaging. The last section of this article will briefly introduce the architecture of the Kerberos client, which will eventually author and process Kerberos messages and data formats..."

Complete Story

Related Stories: