A Runtime Monitoring Environment for Mobile Java

This paper appears in: Software Testing Verification and Validation Workshop, 2008. ICSTW '08. IEEE International Conference on Issue Date : 9-11 April 2008 On page(s): 270 Location: Lillehammer Print ISBN: 978-0-7695-3388-9 INSPEC Accession Number: 10076631 Digital Object Identifier : 10.1109/ICSTW.2008.3 Date of Current Version : 16 July 2008

The increased availability of mobile broadband connections enables the expansion of software downloads to mobile devices. This leads to greater number of available services and a better utilization of the computational power of mobile devices. The downside of this increased software availability is an increase in the possible attack vectors. One scenario is the misuse of resources, for example, a game is sending more SMS's than the user wishes it to send. Thus, techniques need to be in place that prevent downloaded software from misusing resources on the mobile device. In this paper, we show how it is possible to prevent such misuse of resources through the use of a runtime monitor that performs execution-time checks to monitor if the application is behaving correctly or not. This runtime monitor enhances the flexibility of the Java security model for mobile devices and allows to enforce security policies without having to rely on signatures of the downloaded applications.

Reaction: For the past years, especially with the fast growing of smart phones, it is true that applications of mobile devices are becoming more abundant and more powerful. With the use of broadband connections, one can easily download or share certain games or applications that can be installed in their mobile devices may it be for free or with a certain amount. The downside of this is that we cannot really trust signatures of downloaded applications since most free programs that we need have an unknown signature but still we gamble on it since it is free. I for one also downloads games and applications for my mobile device and I can say that almost all of my downloaded applications have no trusted signature. This runtime monitoring application for java can greatly lessen the risk of installing applications with

unknown signatures. If this is developed and used right in our devices, we can at least limit the capabilities of malicious applications with regards to sending and receiving unwanted information and as well as redundant once which results in spamming.

On mobile Java memory consumption

This paper appears in: Parallel, Distributed, and Network-Based Processing, 2006. PDP 2006. 14th Euromicro International Conference on Issue Date : 15-17 Feb. 2006 On page(s): 7 pp. ISSN : 1066-6192 Print ISBN: 0-7695-2513-X INSPEC Accession Number: 8894671 Digital Object Identifier : 10.1109/PDP.2006.50 Date of Current Version : 03 April 2006 Novel environments based on virtual machines, including Java in particular, liberate the developer from considering memory allocation. While the developer should then in principle disregard details of memory usage, and let the virtual machine master allocations, the environment may force the developer to consider memory-related restrictions when composing systems. This is currently a clear constraint for software development in mobile devices like phones. In this paper, we study memory consumption of Java in mobile setting by describing impact of static and dynamic data structures on memory consumption. We provide measurements to illustrate the effects of some memory saving techniques, provide rules of thumb for a programmer in this particular environment and introduce some tools that can automate parts of the memory usage optimization process.

Reaction: In developing a system, memory usage is one of the key elements than can make and unmake your project for it to be successful. Systems of the same kind are being developed almost all of the time and one key factor of those that are being widely used or adapted are proper memory usage. Yes, we can say that smart phones, palmtops, android phones or whatever we may call it are being built more and more powerful as the time goes by but still, precious memory usage that are utilized up to its most efficient nature will result to a better memory availability that can be used by other applications.

Surviving Java for mobiles

This paper appears in: Pervasive Computing, IEEE Issue Date : April-June 2003 Volume : 2 , Issue:2 On page(s): 90 ISSN : 1536-1268 INSPEC Accession Number: 7668946 Digital Object Identifier : 10.1109/MPRV.2003.1203758 Date of Current Version : 11 June 2003 Sponsored by : IEEE Computer Society

Mobile devices are gaining popularity worldwide, and constant hardware improvement is increasing their computational power every year. So, we can now equip mobile devices with more powerful applications. One of the most promising software platforms for mobile devices is Java 2 Micro Edition. Sun representatives assert that 18 to 20 million mobile phones support the J2ME platform. Analysts predict that within the next few years, this technology will become omnipresent. According to Gartner Group estimates, in 2006, approximately 80 percent of mobile phones will support Java. In our experience in creating applications for Java-enabled mobile devices, we've had to deal with several unforeseen problems not typical of desktop Java development projects. Unfortunately, literature on the subject has only fleetingly mentioned most of these problems. Here, we describe some of them and propose our solutions.

Reaction:

Gartners group estimate is right and that can be proven by android operating system which consists of 2.1 million lines of Java. An independent technology focused analyst house who offers its clients market intelligence, analysis and strategic consultancy about trends and activity in a range of high-tech markets, and with route-to-market strategies even says that in year 2010, Android operating system will be the worlds best-selling smartphone platform, dethroning Nokias Symbian from the 10-year top position.

Despite the very promising reputation of java mobile programs, it still consist many errors that only happens to mobile programming and addressing this problems and accepting it to be one is one of the key steps in making mobile java programming as perfect as it can be.

A Remote Patient Monitoring System Using a Java-enabled 3G Mobile Phone

This paper appears in: Engineering in Medicine and Biology Society, 2007. EMBS 2007. 29th Annual International Conference of the IEEE Issue Date : 22-26 Aug. 2007 On page(s): 3713 Location: Lyon ISSN : 1557-170X Print ISBN: 978-1-4244-0787-3 INSPEC Accession Number: 9910645 Digital Object Identifier : 10.1109/IEMBS.2007.4353138 Date of Current Version : 22 October 2007

Telemedicine systems have become an important supporting for the medical staffs. As the development of the mobile phones, it is possible to apply the mobile phones to be a part of telemedicine systems. We developed an innovative Remote Patient Monitoring System using a Java-enabled 3G mobile phone. By using this system, doctors can monitor the vital biosignals of patients in ICU/CCU, such as ECG, RESP, SpO2, EtCO2 and so on by using the real-time waveform and data monitoring and list trend data monitoring functions of installed Java jiglet application on the mobile phone. Furthermore, doctors can check the patients' information by using the patient information checking function. The 3G mobile phone used has the ability to implement the application as the same time as being used to make a voice call. Therefore, the doctor can get more and more information both from the browsing the screen of the mobile phone and the communicating with the medical staffs who are beside the patients and the monitors. The system can be conducted to evaluate the diagnostic accuracy, efficiency, and safety of telediagnosis.

Reaction: Man power or human resources is the most common problem everywhere, especially in hospitals. A

Remote Patient Monitoring System will help doctors monitor their patients faster and easier. Using this technology, the doctor does not need to go from room to room to conduct his routines such as monitoring the vital biosignals of patients like ECG, RESP, SpO2 and so on. By eliminating the travel period and time delay caused by doctors going from room to room, they can use the time that is being cut to perform other duties that require their attention. The only problem of this system is that what if the staffs on duty are set to a number that only relies on this technology to monitor their patients and it so happened that the monitoring system had failed such as the service provider got knocked down. How can the staff revert to manual monitoring of patient if their staff on duty is undermanned? Such problems like this should always be considered by the management of the hospital so that there will always be a backup plan if ever the problem persists to maintain the patients safety.

protective

mechanism

using

variable-instruction-sets

encryption for Java applications in mobile terminal platforms

This paper appears in: Advanced Intelligence and Awarenss Internet (AIAI 2010), 2010 International Conference on Issue Date : 23-25 Oct. 2010 On page(s): 19 Location: Beijing, China Digital Object Identifier : 10.1049/cp.2010.0712 Date of Current Version : 20 January 2011

In some mobile terminal platforms, such as Android, OMS (Open Mobile System), etc, the compiled Java application files could be easily decompiled, so the security of source codes in Java application is a problem. In this paper, we analyze traditional protective methods for Java application files. Then a classloading mechanism using variable-instruction-sets encryption is raised. Variable-instruction-sets encryption is a highly reliable and efficient algorithm which is applied on instruction level. Test results on prototype machine show that this mechanism is effective.

Reaction:

It is true that compiled Java application files can be easily decompiled since bytecode formats used by many virtual machines (such as the Java Virtual Machine or the .NET Framework Common Language Runtime) often include extensive metadata and high-level features that make decompilation quite feasible and the presence of debug data can make it possible to reproduce the original variable and structure names and even the line numbers. This means that java apps can be easily reversed engineered after it is decompiled. This lack of application security can be abused by some programmers who are not hesitant in manipulating programs for personal and illegal purposes. This process can even make a very innocent application to have very dangerous instructions which results to identify theft or unwanted application procedures. That is why any protective methods for java applications files should be applied in it such as variable-instruction-sets so that decompilation can not be done very easily.