3 Definitions and abbreviations

03.573GPPFunctional descriptionMobile Station Application Execution Environment (MExE)Release 1998Stage 2TS

3.1 Definitions

For the purposes of the present document, the following terms and definitions apply.

administrator: The administrator of the MExE MS is the entity which has the control of the third party trusted domain, and all resources associated with the domain. The administrator of the device could be the user, the operator, the manufacturer, the service provider, or a third party as designated by the owner of the device.

certificate: An entity that contains the issuer’s public key, identification of the issuer, identification of the signer, and possibly other relevant information. Also, a certificate contains a signed hash of the contents. The signer can be a 3rd. party other than the issuer.

fine grain: Refers to the capabilities of the Java security system to allow applications, sections of code or Java classes to be assigned permissions to perform a specific set of privileged operations. The smallest programming element that can be given permission attributes is a Java class [19]

key pair: Key pairs are matching private and public keys. If a block of data is encrypted using the private key, the public key from the pair can be used to decrypt it. The private key is never divulged to any other party, but the public key is available, e.g. in a certificate.

personal certificate: This is a certificate loaded by the user or a user application which is limited to the application that it is intended for, and is not a MExE Certificate. E.g. an e-mail application could load certificates for its usage. Personal certificates are out of scope for MExE.

phonebook: A phonebook is a dataset of personal or entity attributes. The simplest form is a set of name-number pairs as supported by GSM SIMs.

MExE: MExE (Mobile station application Execution Environment) is defined in detail in this document, but the scope of MExE does not include the operating system, or the manufacturer’s execution environment.

MExE certificate: This is a certificate used in the realisation of MExE security domains. A MExE Certificate can be used to verify downloaded MExE executables. Use of the word "certificate" in this document implies a MExE certificate. Other varieties of certificate will be explicitly qualified as a e.g. "Personal Certificate".

MExE executable: An executable is an applet, application, or executable content, which conforms to the MExE specification and may execute on the ME.

MExE Java VM: This is a standard Java virtual machine used to execute MExE Java applets and applications

MExE native library: This is a downloaded native library that can be accessed by MExE executables

MExE-SIM: A SIM that is capable of storing a security certificate that is accessible using standard mechanisms..

owner: An owner of the MExE MS. An owner could be a user, operator (e.g. where the MS is obtained as part of a subscription and the cost of the MS is subsidised), service provider, or a third party (e.g. the MS is owned by the user’s company and this company wishes to control how the MS is used)

power up event: An abstract event that occurs when the MExE MS is cold started (i.e. switched on).

sandbox: A sandbox is a safe area to run Java code. Untrusted Java code executing in a sandbox has access to only certain resources [18]

service: A service (which may consist of an application or applet, and its related content) is a set of functions offered to a user by an organisation, and may be performed on the MExE MS and/or remotely

service name: An identifier associated with a service, which could be a string, a fully qualified Java class name, a unique URI or other identifier.

session: The period between the launching of a MExE executable and its execution termination. A WAP-session is established between the mobile and the WAP Gateway. The duration of a WAP-session can range from a second to years. The WAP-session can be associated with a particular subscription in the WAP Gateway.

signature: "Signing" is the process of encrypting a hash of the data using a private key. If the signature can be decrypted using the public key, then the signature is valid.

signed JAR file: Archives of Java classes or data that contain signatures that also include a way to identify the signer in the manifest. (The Manifest contains a file which has attributes defined in it.)

user: The user of the MExE MS

Further definitions specific to MExE are in GSM given in 02.57 (MExE stage 1) [2].

3.2 Abbreviations

For the purposes of the present document, the following abbreviations apply:

API Application Programming Interface

APDU Application protocol data unit

CA Certification Authority

CC/PP Composite Capability/Preference Profiles

Diff-serv Differentiated Services

CGI Common Gateway Interface

CCM Certificate Configuration Message

CP-Admin Certificate Present (in the MExE SIM) – Administrator

CP-TP Certificate Present (in the MExE SIM) – Third Party

DHCP Dynamic Host Configuration Protocol

GSM Global System for Mobile Communication

GPRS General Packet Radio Service

HTTP HyperText Transfer Protocol

HTTPS HyperText Transport Protocol Secure (https is http/1.1 over SSL, i.e. port 443)

IETF Internet Engineering Task Force

IP Internet Protocol

JNDI Java Naming Directory Interface

JTAPI Java Telephony Application Programming Interface

JAR file Java Archive File

MMI Man-Machine Interface

MSE MExE Service Environment

OCF OpenCard Framework

QoS Quality of Service

RDF Resource Description Format

RFC Request For Comments

SAP Service Access Point

SMS Short Message Service

TLS Transport Layer Security

TP Third Party

UDP User Datagram Protocol

UE User Equipment

UI User Interface

UMTS Universal Mobile Telecommunications System

URL Uniform Resource Locator

URI Uniform Resource Identifier

USSD Unstructured Supplementary Service Data

WAE Wireless Application Environment

WAP Wireless Application Protocol

WDP Wireless Datagram Protocol

WSP Wireless Session Protocol

WTA Wireless Telephony Applications

WTAI Wireless Telephony Applications Interface

WTLS Wireless Transport Layer Security

WTP Wireless Transaction Protocol

WWW World Wide Web

Further abbreviations are given in GSM 02.57 (MExE stage 1) [2] and GSM 01.04 [1].