Only allowing one specific MIDlet to use a Java Card Applet in the Secure Element

**jommaso** · 2008-05-07, 13:16

I wrote a question to Nokia: Janne Jalkanen regarding this, and I think it might be useful for other developers to know =)

Question:
I’m wondering is if there is any way of assure that a Java Card Applet in the secure element only can be used by a single specific MIDlet, some sort of way to control that no other MIDlet can access or use the Java Card Applet stored in the Secure Element.

Answer, From Janne Jalkanen:
Nope.

The SE itself is paranoid and treats all accesses equally. So it cannot be limited to a single application.

The only way you could do this is to implement a secure authentication protocol between your own applet and your own midlet - but be aware that if you include the keys in the midlet, they might be compromised e.g. with a debugger.

So the most secure way is to use your midlet as a conduit between the applet and a remote web server, which can securely store the keys and communicate using encrypted connections to the applet.

**geri-m** · 2008-05-07, 13:51

This and other Q&A can already be found in the WIKI

<http://wiki.forum.nokia.com/index.php/Nokia_6131_NFC_-_FAQs> (see: "If I sign a simple midlet, can it talk to for instance a Paypass application?")

Cheers, geri-m

Discussion Board

Thread: Only allowing one specific MIDlet to use a Java Card Applet in the Secure Element

Thread Tools

Search Thread

Rate This Thread

Display

Similar Threads

Help me secure my midlet

Reading and writing to the Secure Element (Nokia 6131)

Permanently locking the secure element

Opening connection to the secure element fails when restarting the midlet.

Java AppServer 'wakes up' a MIDlet using WMA, Push

Posting Permissions