Ashlesha Mahawadiwar et al.
/ (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES
A software framework for authentication of
interacting data between different mobile
applications.
.Ashlesha Mahawadiwar
M.E IVsem(Embedded system & Computing)
G.H.Raisoni.College of Engineering.
Nagpur, India
ashlesha37@yahoo.com
Abstract
The security of mobile communication has
become increasingly important with the development of
devices that features more and more versatile
ES
communication functionality. Third party software in
mobile phones has expanded into areas where the user
expects security in forms of confidentiality and integrity
of data.
At the same time this development has lead into
a situation where mobile communication is used in areas
such as mobile commerce and mobile payments.
Persistence and distribution of data is crucial for these
systems, as the small handheld devices are not as
powerful as that of the desktop computers.
In this paper , the proposed work is targeted to
A
overcome the problem in data sharing in distributed
applications through the concept of Multi-Agent
Systems by providing a shared storage. And also, to
provide explicit access to authenticated & authorized
MIDlets. With this mechanism, it is possible to share the
data among specific MIDlets safely.
IJ
Keywords:J2ME, Mobile business, MIDlets,
MIDP,CLDC
I.INTRODUCTION
The integration of novel handheld devices’ capabilities,
such as location, storage, processing and communication,
has opened a myriad of applications from which users can
ISSN: 2230-7818 @ 2011 http://www.ijaest.iserp.org. All rights Reserved.
Vol No. 4, Issue No. 1, 010 - 014
Dr. N.G Bawane
Professor, Computer Science & Engineering
G.H.Raisoni.College of Engineering.
Nagpur, India
narenbawane@rediffmail.com
T
aily benefit. These applications may range from simple e-
mail systems to complex applications, such as intelligent
Personal Digital Assistants, interactive multiplayer games, e-
commerce, location-sensitive transactions systems, and so
on.
Some of these applications require the intelligent
behavior typically provided by agents, since they must
exhibit capabilities such as autonomy, goal-driven reasoning
,reactivity, adaptation, as well as communication,
coordination and cooperation with other software entities.
Different m-commerce applications are being deployed on
small handheld devices, to facilitate the transactions and data
processing in wireless environment [3]
In a wireless environment, there is a need for a
secure exchange of information between different wireless
devices. Often it is required to have distribution and
sharing of data among various clients. But enabling
distributed applications opens the data to be accessible for
RMS,
all MIDlets (small applications running on mobile devices)
present on the device, hence creating a number of
vulnerabilities to the confidential information that is
intended to be shared with specific MIDlets. Hence a
MIDlet needs to have a secure storage system.[1]
The information can be susceptible to an attack
from a malicious user i.e. it can be accessed and manipulated
by other MIDlets(from the same device or from a different
device). Sharing the data among different MIDlets creates a
lot of vulnerabilities to the confidential information ,
Page 10
Ashlesha Mahawadiwar et al. / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES
Vol No. 4, Issue No. 1, 010 - 014

therefore some mechanism is needed to overcome this
problem and to prevent unintended access of the stored data.
The proposed plan for implementing the multi agent
systems approach consists of implementing the following
things :
A Java virtual machine together with core libraries,
classes and Application Programming Interfaces (API)
forms a “J2ME configuration”. “Profiles” define J2ME
environment furthermore, specifying Java platform suited
for “specific” devices . The MIDP profile is the core profile
for the CLDC configuration. See fig.1.

1.To overcome the problem in data sharing through the
concept of multi-agent systems by providing shared storage
among specific MIDlets
2..To restrict the actions (save, delete, search etc) that can
be performed on the data by invoking the services of agents
along with limited access of data to specific MIDLETs.
3. To enable the record stores of a MIDLET to be shared
not only on local device but also across remote devices.
4. To authorize the shared storage of data for a particular
MIDLET.
5. The multi agent system should provide features such as
context awareness, object persistence and scalability.
J2ME has a Record Management System (RMS),
an Application Programming Interface (API) that provides
persistent storage on local device. RMS (kind of a database)
is the only feature in J2ME for local data storage and is
essential to writing any application that relies on local
persistent data . RMS stores all the records in a file with
extension “.db” called record store. The application
developed in J2ME for mobile devices is called a MIDLET
and each MIDLET suit (group of related MIDLETs) can
own one or more record stores.

T
Due to the limitations of J2ME Record
Management System (RMS), when the data of record store
is set to shared mode then it can be accessed by all the
II TECHNOLOGY CONSIDERATION MIDLETs present on the device and hence creating a
number of vulnerabilities to the confidential information.
Also, there is no restricted access for intended users.
ES
J2ME is targeted to developers of intelligent
wireless devices and small computing devices who need
incorporate cross-platform functionality into their products.
The consumers of these small devices have high
performance expectations. They expect the same software
and capabilities fond on their desktop and laptop computers
to be available on their cellphones and PDAs.[20]
J2ME slims down the Java Standard Edition
(J2SE) by removing or rewriting key parts of the core
runtime environment in order to fit it into small devices. As
an outcome of a consortium involving Sun Microsystems
Inc. and the major telecommunication devices manufactures
A
(e.g. Motorola, Nokia, Sony, Samsung and Ericsson), J2ME
broadens application perspectives in this area. In fact, it
allows the developers to write their own software for
handheld devices, which was unfeasible before since the
software and platforms for these devices were proprietary.
.
One of the J2ME features is that it provides built in
IJ

caching mechanisms for locally storing data on a mobile

device. The Mobile Information Device Profile (MIDP)
adds APIs (Application Programming Interface) for user
interaction, network connectivity, and persistent storage.
Java 2 Micro Edition (J2ME) is a runtime environment for
resource-constrained environments.
J2ME includes specific virtual machines,
configurations and profiles for various environments and
needs. With an appropriate configuration and profile, J2ME
applications could be executed within pagers, mobile
phones, PDAs, set-top boxes and automobile navigation
systems.
Fig 1. Java2 platforms
To achieve the desired target, the methodologies
which are already implemented are given as:
- JavaSpaces implements the concept of tuple space through
Java programming language. It is a service of Jini , which
forms a distributed network of clients and services.
JavaSpaces provide an easy way for communications facility
in mobile distributed applications. Due to the fact that Jini
technology is dependent on Remote Method Invocation

ISSN: 2230-7818 @ 2011 http://www.ijaest.iserp.org. All rights Reserved. Page 11

Ashlesha Mahawadiwar et al. / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES
(RMI), which is not supported by number of handheld
devices,so JavaSpaces is not suitable for distributed mobile
applications. Moreover, JavaSpaces requires a resource rich
environment.
-applications developed using MobileSpaces capture events
through notify() method which resulted in demand of more
resources.[1]
-lightweight storage system based on serialization
framework allows MIDP enabled J2ME devices to store data
on local as well as remote storage spaces requiring similar
semantics., so this framework does not support
heterogeneous environment.
-Existing multi agent system frameworks (JADE-LEAP,
Grasshopper, Micro FIPA-OS etc.) do not provide
robustness, context awareness and persistence.
III.EXAMPLE
The problem can be illustrated by giving an example.
ES
A person arrives at an airport. He wants to book
hotel , book a taxi ,and also book the ticket for his return
journey all from his mobile phone. He wants to do this thru
the agent.
The information about hotel is present on the
database of the mobile of the hotel manager. Also, taxi
booking office owner contains details about the taxis in the
database of his mobile.
The person after arriving , makes a call to the agent.
A
The agent ,in order to seek info. about the hotel contacts the
hotel manager . The manager asks about the authentication
of the agent. The agent provides the user name and
password and confirms his identity. The manager after
authenticating the agent, provides him with the latest
availability. The agent then makes a booking and provides it
IJ
to the customer. This is repeated for booking the taxi and for
the return ticket also.
Hence, the manager will send the information to the
registered users only (agent in this case ) but not to any
other persons as the malicious user can damage or change
the data . Hence ,protection to the information is provided.
IV.SYSTEM MODULE ANALYSIS
A. Design of RMS and design the query parser
ISSN: 2230-7818 @ 2011 http://www.ijaest.iserp.org. All rights Reserved.
Vol No. 4, Issue No. 1, 010 - 014
MIDlets are packaged together in suites inside a .jar
file with a Manifest file indicating which classes implement
which MIDlet. As well as the Java classes, the .jar file can
contain other resources such as images or sound files. A .jad
file contains the location of the .jar as well as the list of
MIDlets in the suite and other attributes.
The Record Management System (RMS) is a simple record-
oriented database that allows a MIDlet to persistently store
information and retrieve it later. Different MIDlets can also
use the RMS to share data.
Each record store can be visualized as a collection of
records, which will remain persistent across multiple
invocations of the MIDlet. The device platform is
responsible for making its best effort to maintain the
integrity of the MIDlet's record stores throughout the normal
use of the platform, including reboots, battery changes, etc.
T
A record store is created in platform-dependent locations,
like nonvolatile device memory, which are not directly
exposed to the MIDlets. The RMS classes call into the
platform-specific native code that uses the standard OS data
manager functions to perform the actual database operations.
Record store implementations ensure that all
individual record store operations are atomic, synchronous,
and serialized, so no corruption of data will occur with
multiple accesses. The record store is timestamped to
denote the last time it was modified. The record store also
maintains a version, which is an integer that is incremented
for each operation that modifies the contents of the record
store. Versions and timestamps are useful for
synchronization purposes.
When a MIDlet uses multiple threads to access a
record store, it is the MIDlet's responsibility to coordinate
this access; if it fails to do so, unintended consequences may
result. Similarly, if a platform(ex. like a multi-agent system)
performs a synchronization of a record store with multiple
threads trying to access the record store simultaneously, it is
the platform's responsibility to enforce exclusive access to
the record store between the MIDlet and its synchronization
engine. Each record in a record store is an array of bytes and
has a unique integer identifier.
B. Developing an agent management system
An agent is an intelligent system which has certain
set of goals that act on the environment. This agent system
will be above the RMS for giving specific access. Its a kind
of wrapper layer which will guard all the actions related to
record database.
C. Developing message transport service
Page 12
Ashlesha Mahawadiwar et al. / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES
Vol No. 4, Issue No. 1, 010 - 014

-Bluetooth. connectivity
customer Shop
Developing the protocol for Bluetooth connectivity owner
has following steps: System Raise a query
- Locating device flow
-Establish connection
Accepts
-Make data transfer between client & server phones
Asks for auth. ,needs
D. Implement authorization & authentication auth.info.
It will make the agent system do the work of
authentication and authorization in the following way:

- check for the validity of the user Usernm,pwd

Process,
-based on that , take a decision to grant the access .

T
valid
-provide authorization by giving privileges to access
certain services. confirmation user
The test bed we are planning to use is Nokia series of
phones.
ES
The flow of the system will be as given in fig.2

Response to Collect
query info from
others
A
Fig.2:secure client-server interaction

V. CONCLUSION
Software security will become a more important
concern in mobile business applications because more and
IJ

more data will be stored or can be accessed with a mobile

device. Also, more services will be provided by the system
through different data connections, like Bluetooth. This
requires Confidentiality, Integrity and Authenticity. The
proposed solution implements these concepts using the
Bluetooth protocol and the Java ME platform.

As the security level is increased, so the growing

processing volume of the application becomes an overhead
for the mobile device processor and battery lifetime.
Because performance and quality are important software
characteristics mainly for users and the security has same

ISSN: 2230-7818 @ 2011 http://www.ijaest.iserp.org. All rights Reserved. Page 13

Ashlesha Mahawadiwar et al. / (IJAEST) INTERNATIONAL JOURNAL OF ADVANCED ENGINEERING SCIENCES AND TECHNOLOGIES
important for system owners, developers must find a balance
between them.
The system is an innovation with the
practical value, and provides thought and solutions for the
application of future mobile business.
REFERENCES
[1]Wu Yueliang,” Mobile Business Application based on
J2ME and web services”, Eighth International Conference
on Mobile Business,2009
[2] Muhammad Ainan Sadiq, Syed Muhammad Ali
Shah,”Shared storage in J2ME:A multi agent system
approach”, Annual IEEE International Computer Software
and Applications Conference,2008
[3] Wassim Itani and Ayman I. Kayssi “J2ME end to end
security for m-commerce” IEEE,2003
ES
[4 ] A. Chander, J. Mitchell, and I. Shin, “Mobile code
security by Java bytecode instrumentation,” in Proc. of
DARPA Information Survivability Conference & Exposition
II 2001. USA: IEEE, 2001.
[5]S. Jun-Zhao, D. Howie, A. Koivisto, and J. Sauvola, “A
hierarchical framework model of mobile security,” in
Personal, Indoor and Mobile Radio Communications, 2001.
IEEE, 2001.
[6] P. Ashley, H. Hinton, and M. Vandenwauver, “Wired
A
versus Wireless Security: The Internet, WAP and iMode for
E-Commerce,” in Proc. Of Computer Security Applications
Conference 2001, USA, 2001.
[7] A. Biryukov, A. Shamir, and D. Wagner, “Real time
cryptanalysis of A5/1 on a PC,” Lecture Notes in Computer
Science, vol. 1978, 2001.
IJ
[8] Hafiz Farooq et. al: “Persistent Architecture for Context
Aware Lightweight Multi Agent System”. The Fifth
International Joint Conference on Autonomous Agents &
Multi-Agent Systems, Japan, 2006.
ISSN: 2230-7818 @ 2011 http://www.ijaest.iserp.org. All rights Reserved.
Vol No. 4, Issue No. 1, 010 - 014
[9] D. Gelernter, "Generative Communication in Linda",
ACM Transactions Programming Languages and Systems.
[10] Xia Shixiong, Chang Zheng. Constructing mobile
business with the IPv6 method[J]. Computer Engineering,
[11] Guo Shaoyou. Discusses of the Web service and
dynamic ecommerce . Information magazine. 2003(2)
.
[12] A. Kaminsky, "JiniME: JiniTM Connection Technology
for Mobile Devices", Information Technology Laboratory
Rochester Institute of Technology, August 2000.
[13] T. Rybicki; J. Domaszewicz; “MobileSpaces –
JavaSpaces for Mobile Devices”; Computer as a Tool, 2005.
EUROCON 2005.The International Conference on Volume
2, Issue, 2005 Page(s):1076 – 1079
[14] Philipp Bolliger; Marc Langheinrich; “Distributed
T
Persistence for Limited Devices”; Inst. for Pervasive
Computing ETH Zurich, Switzerland.
[15] Karun Bakshi, “Oracle Database Lite 10gR2 Feature
Overview”, June 2006, Oracle Corporation, World
Headquarters, 500 Oracle Parkway, Redwood Shores, CA
94065, U.S.A.
[16] Yannis Labrou and Tim Finin, “Agent Communication
Language: the current landscape”, IEEE Intelligent systems,
Language: the current landscape”, IEEE Intelligent systems,
March/April, 1999.
[17] Weiss, G. Multiagent Systems: A Modern Approach to
Distributed Artificial
Intelligence, The MIT Press, Cambridge, Massachussets,
London, England, 1999.
[18] “Applications for mobile Information Devices: White
Paper”, Sun Microsystems,
Inc., 2000
[19] MIDP 2.0 Style Guide
[20] J2ME complete reference
[21] JAVA2 complete reference
Page 14