DOCSLIB.ORG

A Security Policy Oracle: Detecting Security Holes Using Multiple API Implementations

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Security Policy Oracle: Detecting Security Holes Using Multiple API Implementations A Security Policy Oracle: Detecting Security Holes Using Multiple API Implementations Varun Srivastava Michael D. Bond Kathryn S. McKinley Vitaly Shmatikov Yahoo! The Ohio State University The University of Texas at Austin varun [email protected] [email protected] fmckinley,[email protected] Abstract 1. Introduction Even experienced developers struggle to implement security poli- Demand for secure software is increasing, but ensuring that soft- cies correctly. For example, despite 15 years of development, stan- ware is secure remains a challenge. Developers are choosing dard Java libraries still suffer from missing and incorrectly applied memory-safe systems [9, 39] and languages such as Java and permission checks, which enable untrusted applications to execute C# in part because they improve security by reducing memory- native calls or modify private class variables without authorization. corruption attacks. Even memory-safe systems, however, rely on Previous techniques for static verification of authorization enforce- the access-rights model to ensure that the program has the appro- ment rely on manually specified policies or attempt to infer the pol- priate permissions before performing sensitive actions. Unfortu- icy by code-mining. Neither approach guarantees that the policy nately, even experienced developers find it difficult to specify and used for verification is correct. implement access-rights policies correctly. Consequently, semantic In this paper, we exploit the fact that many modern APIs have mistakes—such as missing permission checks which enable mali- multiple, independent implementations. Our flow- and context- cious code to bypass protection—have become a significant cause sensitive analysis takes as input an API, multiple implementations of security vulnerabilities [26]. thereof, and the definitions of security checks and security-sensitive This paper presents a new approach to finding security vulner- events. For each API entry point, the analysis computes the secu- abilities in software libraries, also known as Application Program- rity policies enforced by the checks before security-sensitive events ming Interfaces (APIs). We leverage the increasing availability of such as native method calls and API returns, compares these poli- multiple, independent implementations of the same API. By de- cies across implementations, and reports the differences. Unlike sign, these implementations must be interoperable and must im- code-mining, this technique finds missing checks even if they are plement semantically consistent security policies. A security pol- part of a rare pattern. Security-policy differencing has no intrinsic icy in the access-rights model consists of a mapping between secu- false positives: implementations of the same API must enforce the rity checks, such as verifying permissions of the calling code, and same policy, or at least one of them is wrong! security-sensitive events, such as writing to a file or the network. Our analysis finds 20 new, confirmed security vulnerabilities We exploit this consistency requirement to build a security policy and 11 interoperability bugs in the Sun, Harmony, and Classpath oracle, which accurately (i) derives security policies realized by implementations of the Java Class Library, many of which were each implementation and (ii) finds incorrect policies. missed by prior analyses. These problems manifest in 499 entry Previous static analysis techniques for finding security vulner- points in these mature, well-studied libraries. Multiple API imple- abilities either rely on manual policy specification and/or verifica- mentations are proliferating due to cloud-based software services tion, or infer frequently occurring policies by code-mining. For ex- and standardization of library interfaces. Comparing software im- ample, Koved et al. derive a policy and then require programmers plementations for consistency is a new approach to discovering to check by hand that permissions held at all sensitive points in the “deep” bugs in them. program are sufficient [22, 28]. Sistla et al. take as input manu- ally specified check-event pairs and verify that all occurrences of Categories and Subject Descriptors D. Software [D.2 Software the event are dominated by the corresponding check [30]. These Engineering]: D.2.4 Software/Program Verification; K. Comput- approaches are error-prone and limited in expressiveness. There ing Milieux [K.6 Management of Computing and Information Sys- are hundreds of potential security-sensitive events and 31 poten- tems]: K.6.5 Security and Protection tial checks in the Java Class Library; some policies involve multi- ple checks and some checks do not always dominate the event. It General Terms Languages, Security, Verification is easy to overlook a security-sensitive event or omit a rare check- Keywords Security, Authorization, Access Control, Static Analy- event pair in a manual policy. Koved et al. and Sistla et al. reported sis, Java Class Libraries no bugs for the Sun Java Development Kit (JDK) and Apache Har- mony implementations of the Java Class Library. By contrast, our analysis uncovered multiple, exploitable security vulnerabilities in the same code. Another approach is code-mining, which infers policies from Permission to make digital or hard copies of all or part of this work for personal or frequently occurring patterns and flags deviations as potential classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation bugs [10, 14, 35]. These techniques fundamentally assume that on the first page. To copy otherwise, to republish, to post on servers or to redistribute the same pattern of security checks and security-sensitive opera- to lists, requires prior specific permission and/or a fee. tions occurs in many places in the code, and they are thus likely to PLDI’11, June 4–8, 2011, San Jose, California, USA. miss vulnerabilities that violate a unique policy—such as the Har- Copyright c 2011 ACM 978-1-4503-0663-8/11/06. $10.00 mony bug described in Section 2. Frequent patterns may or may not Our analysis is very precise. It produces only 3 false positives, represent actual policies, resulting in false positives and negatives. while finding 20 new security vulnerabilities (6 in JDK, 6 in Har- Code-mining techniques face an inherent tradeoff between cover- mony, 8 in Classpath) and 11 interoperability bugs that manifest age and the number of false positives. As the statistical threshold in 499 API entry points. Example vulnerabilities include opening is lowered to include more patterns, they may find more bugs, but network connections and loading libraries without properly check- the number of false positives increases since deviations from rare ing permissions of the calling code. We reported all vulnerabilities patterns can be mistakenly flagged as bugs. found by our analysis to the developers of the respective libraries, Cross-implementation consistency as a “security policy oracle.” who accepted and immediately fixed many of them [31–33]. Our key idea is to use any inconsistency in security semantics be- In summary, our analysis uncovered multiple security vulnera- tween implementations of the same API as an oracle for detecting bilities in three mature implementations of the Java Class Library, incorrect policies. Unlike approaches that rely on explicit policies with a minimal number of false positives. This paper demonstrates or frequent patterns, this technique completely avoids the need to that our approach (i) scales to industrial implementations of real- determine whether the policy is correct, replacing it by a much eas- world software libraries and (ii) is capable of discovering “deep” ier task of determining whether two policies are consistent. bugs even in well-studied, tested, widely used code. Although we Our use of consistency checking is very different from the code- describe our design and implementation with respect to the Java mining approaches. In our case, there are no benign inconsisten- programming language, our approach is applicable to other lan- cies! Any semantic inconsistency between two implementations of guages, such as C#, that use a similar access-rights model. the same API is, at the very least, an interoperability bug or, in the Current software engineering trends are likely to increase the worst case, a security hole. In theory, policy differencing has no in- applicability of comparative API analysis. For example, the pro- trinsic false positives. In practice, imprecision in conservative static liferation of distributed, multi-layer software services encourages analysis results in a very small number of false positives. Further- separation of APIs from their implementations, and thus multiple more, our technique can discover a missing permissions check even implementations of the same API. Many platforms are adopting the if this type of check occurs in a single place in the code. It may pro- Software-As-A-Service (SaaS) model [1, 16, 20, 29], which en- duce false negatives if exactly the same semantic bug occurs in all courages multiple implementations of the same functionality and implementations of a given library routine. This case is unlikely if thus provides the input material for our “security policy oracle.” the implementations are developed independently, as is the case for Widely used APIs sometimes have an open-source version, which our main test subject, the Java Class Library. programmers
Load more

Recommended publications
  • CDC Runtime Guide
    CDC Runtime Guide for the Sun Java Connected Device Configuration Application Management System Version 1.0 Sun Microsystems, Inc. www.sun.com November 2005 Copyright © 2005 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. THIS PRODUCT CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF SUN MICROSYSTEMS, INC. USE, DISCLOSURE OR REPRODUCTION IS PROHIBITED WITHOUT THE PRIOR EXPRESS WRITTEN PERMISSION OF SUN MICROSYSTEMS, INC. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, J2ME, Java ME, Sun Corporate Logo and Java Logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries.
    [Show full text]
  • The Java Hotspot VM Under the Hood
    The Java HotSpot VM Under the Hood Tobias Hartmann Principal Member of Technical Staff Compiler Group – Java HotSpot Virtual Machine Oracle Corporation August 2017 Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | About me • Joined Oracle in 2014 • Software engineer in the Java HotSpot VM Compiler Team – Based in Baden, Switzerland • German citizen • Master’s degree in Computer Science from ETH Zurich • Worked on various compiler-related projects – Currently working on future Value Type support for Java Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 Outline • Intro: Why virtual machines? • Part 1: The Java HotSpot VM – JIT compilation in HotSpot – Tiered Compilation • Part 2: Projects – Segmented Code Cache – Compact Strings – Ahead-of-time Compilation – Minimal Value Types Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 4 A typical computing platform User Applications Application Software Java SE Java EE Java Virtual Machine System Software Operating system Hardware Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 5 A typical computing platform User Applications Application Software Java SE Java EE Java Virtual Machine System Software Operating system Hardware Copyright © 2017, Oracle and/or its affiliates.
    [Show full text]
  • Technique: HTTP the Java Way
    Technique: HTTP the Java way An article from Android in Practice EARLY ACCESS EDITION Charlie Collins, Michael D. Galpin, and Matthias Kaeppler MEAP Release: July 2010 Softbound print: Spring 2011 | 500 pages ISBN: 9781935182924 This article is taken from the book Android in Practice. The authors demonstrate how to send simple HTTP requests to a Web server using Java’s standard HTTP networking facilities. Tweet this button! (instructions here) Get 35% off any version of Android in Practice with the checkout code fcc35. Offer is only valid through www.manning.com. The standard Java class library already has a solution for HTTP messaging. An open-source implementation of these classes is bundled with Android’s class library, which is based on Apache Harmony. It’s simple and bare- bones in its structure and, while it supports features like proxy servers, cookies (to some degree), and SSL, the one thing that it lacks more than anything else is a class interface and component structure that doesn’t leave you bathed in tears. Still, more elaborate HTTP solutions are often wrappers around the standard Java interfaces and, if you don’t need all the abstraction provided, for example, by Apache HttpClient interfaces, the stock Java classes may not only be sufficient, they also perform much better thanks to a much slimmer, more low-level implementation. Problem You must perform simple networking tasks via HTTP (such as downloading a file) and you want to avoid the performance penalty imposed by the higher-level, much larger, and more complex Apache HttpClient implementation. Solution If you ever find yourself in this situation, you probably want to do HTTP conversations through a java.net.HttpURLConnection.
    [Show full text]
  • A Java Security Scanner for Eclipse
    Colby College Digital Commons @ Colby Honors Theses Student Research 2005 JeSS – a Java Security Scanner for Eclipse Russell Spitler Colby College Follow this and additional works at: https://digitalcommons.colby.edu/honorstheses Part of the Databases and Information Systems Commons, Other Computer Engineering Commons, Programming Languages and Compilers Commons, and the Systems Architecture Commons Colby College theses are protected by copyright. They may be viewed or downloaded from this site for the purposes of research and scholarship. Reproduction or distribution for commercial purposes is prohibited without written permission of the author. Recommended Citation Spitler, Russell, "JeSS – a Java Security Scanner for Eclipse" (2005). Honors Theses. Paper 567. https://digitalcommons.colby.edu/honorstheses/567 This Honors Thesis (Open Access) is brought to you for free and open access by the Student Research at Digital Commons @ Colby. It has been accepted for inclusion in Honors Theses by an authorized administrator of Digital Commons @ Colby. JeSS – a Java Security Scanner for Eclipse Russell Spitler Senior Honors Thesis Spring 2005 Colby College Department of Computer Science Advisor: Dale Skrien Contents Chapter 1 Introduction 1 Chapter 2 Secure Coding and Java Security 2.1 – Secure Coding 3 2.2 – Java Security 7 Chapter 3 Java Security Holes 3.1 – Don’t depend on initialization 13 3.2 – Make everything final 14 3.3 – Make your code unserializable and undeserializable 16 3.4 – Make your class non-Cloneable 19 3.5 – Don’t rely on
    [Show full text]
  • Exploiting SAS Software Using Java Technology
    Exploiting SAS® Software Using Java™ Technology Barbara Walters, SAS Institute Inc., Cary, NC Java programs are often delivered via the Internet. In order to protect the local machine from malicious programs, the Java language and the JVM Abstract provide a secure environment for application execution. The secure This paper describes how to use Java™ technology with SAS software. environment ensures that the client machine (the machine where the SAS Institute currently offers several Java development tools that allow browser is running) is not corrupted by the downloaded program and that applications to access SAS data and take advantage of SAS no information is stolen from the client machine. computational capabilities. This paper describes how to use these class libraries and address client/server configuration and performance Java security is based upon the “sandbox” model. The sandbox is the issues. set of resources (threads, socket connections, local files, etc.) that the downloaded Java code is allowed to access. The code is restricted from accessing resources outside of its sandbox. In executing Java applets, Introduction each Web browser defines the limits of the sandbox. Since its introduction in mid-1995, Java have become an integral part of The Security Manager enforces the limits of the sandbox. For applets, the World Wide Web. Java is a rich programming language that enables the Web browser controls the Security Manager. Each browser may put Web programmers to create sophisticated and responsive client/server different restrictions on applet behavior. The default limits imposed by applications. Because Java is portable and secure, users of Web the Security Manager are: applications can be confident that those applications will execute • Classes cannot access the local file system properly and not corrupt their computers.
    [Show full text]
  • Eu-19-Zhang-New-Exploit-Technique
    New Exploit Technique In Java Deserialization Attack • Yang Zhang • Yongtao Wang Keyi Li “在此键⼊引⽂。• ” • Kunzhe Chai –Johnny Appleseed New Exploit Technique In Java Deserialization Attack Back2Zero Team BCM Social Corp. BCM Social Group Who are we? Yang Zhang(Lucas) • Founder of Back2Zero Team & Leader of Security Research Department in BCM Social Corp. • Focus on Application Security, Cloud Security, Penetration Testing. • Spoke at various security conferences such as CanSecWest, POC, ZeroNights. Keyi Li(Kevin) • Master degree majoring in Cyber Security at Syracuse University. • Co-founder of Back2Zero team and core member of n0tr00t security team. • Internationally renowned security conference speaker. –Johnny Appleseed Who are we? Yongtao Wang • Co-founder of PegasusTeam and Leader of Red Team in BCM Social Corp. • Specializes in penetration testing and wireless security. • Blackhat, Codeblue, POC, Kcon, etc. Conference speaker. Kunzhe Chai(Anthony) • Founder of PegasusTeam and Chief Information Security Officer in BCM Social Corp. • Author of the well-known security tool MDK4. • Maker of China's first Wireless Security Defense Product Standard and he also is the world's first inventor of Fake Base Stations defense technology–Johnny Appleseed Agenda • Introduction to Java Deserialization • Well-Known Defense Solutions • Critical vulnerabilities in Java • URLConnection • JDBC • New exploit for Java Deserialization • Takeaways 2015: Chris Frohoff and Gabriel Lawrence presented their research into Java object deserialization vulnerabilities ultimately resulting in what can be readily described as the biggest wave of RCE bugs in Java history. Introduction to Java Deserialization Java Deserialization Serialization • The process of converting a Java object into stream of bytes. Databases Deserialization Serialization • A reverse process of creating a Java object from stream of bytes.
    [Show full text]
  • Apache Harmony Project Tim Ellison Geir Magnusson Jr
    The Apache Harmony Project Tim Ellison Geir Magnusson Jr. Apache Harmony Project http://harmony.apache.org TS-7820 2007 JavaOneSM Conference | Session TS-7820 | Goal of This Talk In the next 45 minutes you will... Learn about the motivations, current status, and future plans of the Apache Harmony project 2007 JavaOneSM Conference | Session TS-7820 | 2 Agenda Project History Development Model Modularity VM Interface How Are We Doing? Relevance in the Age of OpenJDK Summary 2007 JavaOneSM Conference | Session TS-7820 | 3 Agenda Project History Development Model Modularity VM Interface How Are We Doing? Relevance in the Age of OpenJDK Summary 2007 JavaOneSM Conference | Session TS-7820 | 4 Apache Harmony In the Beginning May 2005—founded in the Apache Incubator Primary Goals 1. Compatible, independent implementation of Java™ Platform, Standard Edition (Java SE platform) under the Apache License 2. Community-developed, modular architecture allowing sharing and independent innovation 3. Protect IP rights of ecosystem 2007 JavaOneSM Conference | Session TS-7820 | 5 Apache Harmony Early history: 2005 Broad community discussion • Technical issues • Legal and IP issues • Project governance issues Goal: Consolidation and Consensus 2007 JavaOneSM Conference | Session TS-7820 | 6 Early History Early history: 2005/2006 Initial Code Contributions • Three Virtual machines ● JCHEVM, BootVM, DRLVM • Class Libraries ● Core classes, VM interface, test cases ● Security, beans, regex, Swing, AWT ● RMI and math 2007 JavaOneSM Conference | Session TS-7820 |
    [Show full text]
  • CDC Runtime Guide
    CDC Runtime Guide Java™ Platform, Micro Edition Connected Device Configuration, Version 1.1.2 Foundation Profile, Version 1.1.2 Optimized Implementation Sun Microsystems, Inc. www.sun.com December 2008 Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, Solaris and HotSpot are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the United States and other countries. The Adobe logo is a registered trademark of Adobe Systems, Incorporated. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited.
    [Show full text]
  • Java Security, 2Nd Edition
    Table of Contents Preface..................................................................................................................................................................1 Who Should Read This Book?.................................................................................................................1 Versions Used in This Book....................................................................................................................2 Conventions Used in This Book..............................................................................................................2 Organization of This Book.......................................................................................................................3 What's New in This Edition.....................................................................................................................5 How to Contact Us...................................................................................................................................5 Acknowledgments....................................................................................................................................6 Feedback for the Author..........................................................................................................................6 Chapter 1. Java Application Security...............................................................................................................7 1.1 What Is Security?...............................................................................................................................7
    [Show full text]
  • CDC Build System Guide
    CDC Build System Guide Java™ Platform, Micro Edition Connected Device Configuration, Version 1.1.2 Foundation Profile, Version 1.1.2 Optimized Implementation Sun Microsystems, Inc. www.sun.com December 2008 Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements. This distribution may include materials developed by third parties. Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and in other countries, exclusively licensed through X/Open Company, Ltd. Sun, Sun Microsystems, the Sun logo, Java, Solaris and HotSpot are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the United States and other countries. The Adobe logo is a registered trademark of Adobe Systems, Incorporated. Products covered by and information contained in this service manual are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited.
    [Show full text]
  • Java(8$ Andrew$Binstock,$Editor$In$Chief,$Dr.Dobbs$
    Java$Update$and$Roadmap$ November(2014( Tomas$Nilsson$ Senior$Principal$Product$Manager$ Java$SE$ Copyright$©$2014,$Oracle$and/or$its$affiliates.$All$rights$reserved.$$|$ Safe$Harbor$Statement$ The$following$is$intended$to$outline$our$general$product$direcNon.$It$is$intended$for$ informaNon$purposes$only,$and$may$not$be$incorporated$into$any$contract.$It$is$not$a$ commitment$to$deliver$any$material,$code,$or$funcNonality,$and$should$not$be$relied$upon$ in$making$purchasing$decisions.$The$development,$release,$and$Nming$of$any$features$or$ funcNonality$described$for$Oracle’s$products$remains$at$the$sole$discreNon$of$Oracle.$ Copyright$©$2014,$Oracle$and/or$its$affiliates.$All$rights$reserved.$$|$ Agenda$ 1( Oracle$and$Java$ 2( Java$SE$8$Overview$ 3( Java$SE$9$and$Beyond$ Copyright$©$2014,$Oracle$and/or$its$affiliates.$All$rights$reserved.$$|$ 1( Oracle$and$Java$ 2( Java$SE$8$Overview$ 3( Roadmap$ Copyright$©$2014,$Oracle$and/or$its$affiliates.$All$rights$reserved.$$|$ Oracle$and$Java$ • Oracle$has$used$Java$since$the$beginning$of$Nme$(eg$1990s)$ • Acquired$JAVA$(Sun$Microsystems)$in$2010,$including$Java$IP,$trademarks$ • Embraced$OpenJDK,$open$community,$open$JCP$ – Welcomed$IBM,$Apple,$SAP,$ARM,$AMD,$Intel,$Twi\er,$Goldman$Sachs,$Microso^$and$many$others$ – Made$OpenJDK$official$Java$SE$reference$implementaNon$ – Ongoing$move$towards$open$development,$governance,$transparency$ • JDK$development:$Oracle$and$community$ – Oracle$focus$on$modernizaNon,$security,$big$Ncket$R&D$and$commercial$value$to$Oracle$ – Community$contributes$based$on$interest$and$ability,$examples:$
    [Show full text]
  • CDC: Java Platform Technology for Connected Devices
    CDC: JAVA™ PLATFORM TECHNOLOGY FOR CONNECTED DEVICES Java™ Platform, Micro Edition White Paper June 2005 2 Table of Contents Sun Microsystems, Inc. Table of Contents Introduction . 3 Enterprise Mobility . 4 Connected Devices in Transition . 5 Connected Devices Today . 5 What Users Want . 5 What Developers Want . 6 What Service Providers Want . 6 What Enterprises Want . 6 Java Technology Leads the Way . 7 From Java Specification Requests… . 7 …to Reference Implementations . 8 …to Technology Compatibility Kits . 8 Java Platform, Micro Edition Technologies . 9 Configurations . 9 CDC . 10 CLDC . 10 Profiles . 11 Optional Packages . 11 A CDC Java Runtime Environment . 12 CDC Technical Overview . 13 CDC Class Library . 13 CDC HotSpot™ Implementation . 13 CDC API Overview . 13 Application Models . 15 Standalone Applications . 16 Managed Applications: Applets . 16 Managed Applications: Xlets . 17 CLDC Compatibility . 18 GUI Options and Tradeoffs . 19 AWT . 19 Lightweight Components . 20 Alternate GUI Interfaces . 20 AGUI Optional Package . 20 Security . 21 Developer Tool Support . 22 3 Introduction Sun Microsystems, Inc. Chapter 1 Introduction From a developer’s perspective, the APIs for desktop PCs and enterprise systems have been a daunting combination of complexity and confusion. Over the last 10 years, Java™ technology has helped simplify and tame this world for the benefit of everyone. Developers have benefited by seeing their skills become applicable to more systems. Users have benefited from consistent interfaces across different platforms. And systems vendors have benefited by reducing and focusing their R&D investments while attracting more developers. For desktop and enterprise systems, “Write Once, Run Anywhere”™ has been a success. But if the complexities of the desktop and enterprise world seem, well, complex, then the connected device world is even scarier.
    [Show full text]