An investigation into interoperable end-to-end mobile web service security
- Authors: Moyo, Thamsanqa
- Date: 2008
- Subjects: Web services , Mobile computing , Smartphones , Internetworking (Telecommunication) , Computer networks -- Security measures , XML (Document markup language) , Microsoft .NET Framework , Java (Computer program language)
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4595 , http://hdl.handle.net/10962/d1004838 , Web services , Mobile computing , Smartphones , Internetworking (Telecommunication) , Computer networks -- Security measures , XML (Document markup language) , Microsoft .NET Framework , Java (Computer program language)
- Description: The capacity to engage in web services transactions on smartphones is growing as these devices become increasingly powerful and sophisticated. This capacity for mobile web services is being realised through mobile applications that consume web services hosted on larger computing devices. This thesis investigates the effect that end-to-end web services security has on the interoperability between mobile web services requesters and traditional web services providers. SOAP web services are the preferred web services approach for this investigation. Although WS-Security is recognised as demanding on mobile hardware and network resources, the selection of appropriate WS-Security mechanisms lessens this burden. An attempt to implement such mechanisms on smartphones is carried out via an experiment. Smartphones are selected as the mobile device type used in the experiment. The experiment is conducted on the Java Micro Edition (Java ME) and the .NET Compact Framework (.NET CF) smartphone platforms. The experiment shows that the implementation of interoperable, end-to-end, mobile web services security on both platforms is reliant on third-party libraries. This reliance on third-party libraries results in poor developer support and exposes developers to the complexity of cryptography. The experiment also shows that there are no standard message size optimisation libraries available for both platforms. The implementation carried out on the .NET CF is also shown to rely on the underlying operating system. It is concluded that standard WS-Security APIs must be provided on smartphone platforms to avoid the problems of poor developer support and the additional complexity of cryptography. It is recommended that these APIs include a message optimisation technique. It is further recommended that WS-Security APIs be completely operating system independent when they are implemented in managed code. This thesis contributes by: providing a snapshot of mobile web services security; identifying the smartphone platform state of readiness for end-to-end secure web services; and providing a set of recommendations that may improve this state of readiness. These contributions are of increasing importance as mobile web services evolve from a simple point-to-point environment to the more complex enterprise environment.
- Full Text:
A comparative analysis of Java and .NET mobile development environments for supporting mobile services
- Authors: Zhao, Xiaogeng
- Date: 2003 , 2013-05-23
- Subjects: Microsoft .NET , Java (Computer program language) , Mobile computing , Wireless communication systems
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4578 , http://hdl.handle.net/10962/d1003064 , Microsoft .NET , Java (Computer program language) , Mobile computing , Wireless communication systems
- Description: With the rapid development of wireless technologies, traditional mobile devices, such as pagers and cellular phones, have evolved from a purely communications and messaging-oriented medium to one that supports mobile data communication in general and acts as an application platform. As shown in a recent survey conducted by MDA, easy access to the present-day wireless Internet has resulted in mobile devices gaining more and more attention and popularity. The growth of and demand for mobile Web applications is expected to increase rapidly in the near future, as a range of software companies and mobile device manufacturers release increasingly accessible tools for creating mobile Web application and services. From a variety of possible development environments of this kind, the author has selected and examined two leading contenders, the J2ME and the Microsoft .NET mobile Web application development environments. This document reports the product life cycle of pilot mobile web applications, designed and implemented in each host environment in tum. A feature-by-feature investigation and comparison of the J2ME and .NET environments was carried out, covering the range of issues necessary for a complete mobile Web application development life cycle. The resulting analysis addresses features and efficiencies of the application development environment and the target deployment environment, the degree to which the resultant services are compatible on a variety of platforms, and the ease with which applications can be designed to be extensible. The thesis offers an objective evaluation of the J2ME and the .NET mobile development environments, which highlights their strengths and weaknesses, and suggests guidelines for designing, creating, and deploying high quality mobile Web applications. The research uncovers no clear winner across all categories assessed. J2ME currently favours situations in which bandwidth is limited and client side processing power is relatively sufficient, it exerts the processing power of mobile devices over distributed network environments. .NET requires a less constrained network throughput, but performs adequately on clients with more limited processing power, supports a more diverse target platform range, and offers a more efficient, in terms of development time, development environment. Both technologies are likely to receive significant user support for some time. , KMBT_363 , Adobe Acrobat 9.54 Paper Capture Plug-in
- Full Text: