Internet enabled wireless devices continue to proliferate and are expected to surpass traditional Internet clients in the near future. This has opened up exciting new opportunities in the mobile e-commerce market. However, data security and privacy remain major concerns in the current generation of "wireless web" offerings. All such offerings today use a security architecture that lacks end-to-end security. This unfortunate choice is driven by perceived inadequacies of standard Internet security protocols like SSL (Secure Sockets Layer) on less capable CPUs and low-bandwidth wireless links.
This report presents the experiences in implementing and using standard security mechanisms and proto-cols on small wireless devices. A new classes has been Java 2 Micro-Edition (J2MEâ„¢) plat-form that offer fundamental cryptographic operations such as message digests and ciphers as well as higher level security protocols like SSL. The results show that SSL is a practical solution for ensuring end-to-end security of wireless Internet transactions even within todayâ€™s technological constraints.