This invention relates in general to portable code transfer, such as JAVA technology, and more particularly to security and authentication of portable code for use by wireless or mobile devices, or other computing devices with relatively limited computing resources, and limited communication bandwidth.
In networked environments such as the Internet, the use of portable code or portable applications has gained widespread acceptance. The best known technology in this field is JAVA. In creating JAVA code, a developer creates an application and makes it available on a network in byte code format. The byte code is downloaded by various client devices connected to the network and loaded into a JAVA virtual machine environment on the client machine or computer. The virtual machine environment is a layer of software that can interact with the specific computing platform of the particular client device and interpret the byte code. An application so loaded onto a client device could compromise the client device, and may even be designed to do so if the developer of the application had malicious intentions. Therefore, security is a significant issue with portable code.
Many security schemes have been devised to address these security issues. These range from giving only very restricted access to all portable applications to a system of authentication in which different levels of permission may be granted depending on whether the application can be authenticated as having come from a trusted source. The later scheme is more preferable since it allows an application more access to the local computer""s resources, so long as it is authenticated. This allows developers to create more powerful applications because the applications have more access to the computer resources of the client machine.
However, as presently devised, these authentication schemes are designed for general purpose personal computers, which are commonly referred to as xe2x80x9cdesktopxe2x80x9d computers. These machines have varying degrees of computing resources, but in general the resources they have greatly exceed the computing resources of small, portable devices such as personal organizers and mobile communication devices. There is an increasing number of these smaller devices being manufactured that are able to connect to large networks, and particularly the internet. Presently X.509 certificates are widely used for authentication, but these are quite large files compared to the limited memory resources available on these smaller mobile devices. Furthermore, since the certificate comes bundled with the application typically, the device must load both the application and the certificate. Therefore a data structure and method of authenticating portable applications that can be used by smaller devices is needed.