Platform Security
From Forum Nokia Wiki
Contents |
Overview
Symbian OS platform security was introduced in S60 3rd Edition with the implementation of Symbian OS V9 as the S60 platform's underlying operating system. Platform security enhances the existing security features of Symbian OS to deliver a more secure platform for mobile devices. This secure platform offers device users greater assurance about the security of their devices and the data they hold.
Platform security offers developers a larger, more confident base of mobile consumers, who are more willing to install applications. This page provides links to key resources that will help developers to embrace this new technology and answers to the most frequently asked questions about platform security. Security in general can be considered as one of the key aspects in quality application. For more information about the importance of security aspects in the application development and quality assurance process, see www.forum.nokia.com/quality.
Rationale
Platform security was designed to make the security impact of architectural decisions visible. Architecturally, software components can be divided to groups where the components trust each other to behave well. Boundaries between these groups are termed security boundaries.
In practice, this means that if a software component wants to run code from a shared library, it effectively brings that code within its own security boundary, and must therefore trust that code. In addition, when supplying services to a component outside its own security boundary, the component must do certain checks to see whether the other component is entitled to such services.
Both of these actions (making a trust decision for shared code, and checking permissions of a calling component) are facilitated through the use of capabilities.
The need for capabilities can be used as an architectural tool: the amount of capabilities required from a component reflects the trust that is placed on it. If the amount of capabilities seems excessive, this can be construed as a hint that security boundaries may be too large.
Programming
Trusted computing base
The trusted computing base is a collection of software that enforces capabilities and Data Caging. It contains the kernel, the file system, and the software installer. This is the controlling part of the operating system for the platform security model.
See also
Platform Security in Forum Nokia
Symbian OS - Platform Security from Symbian
Platform Security - A Technical Overview from Symbian (PDF)
Discussion
Related Wiki Articles
- S60 SW installer troubleshooting
- How to generate XML using CSenDomFragment and CSenElement
- Parsing UTF-8 encoded settings file
- Creating new SIP profile programmatically
- SDK API Plug-in
- KIS001452 - Browser Control API freezes while loading web pages with 3rd party maps
- KIS001450 - Video Call HSCSD channel cannot be accessed by 3rd party applications
- KIS001449 - XML Data Binding Library doesn't work on S60 5th Edition
- TSS001448 - Creating a WLAN access point using OMA DM
- Remote Folder Browsing over Bluetooth
- KIS001447 - Re-provisioning of manually deleted access point using OMA DM fails
- TSS001446 - Provisioning VoIP and SIP Profiles using OMA DM commands
- How to Convert a Qt QString to an S60 descriptor
- S60 Platform and device identification codes
- Get MCC MNC using CTelephony
- KIS001444 - Issue with DM Adapters and MFE
- TSC001443 - Configuring an HTTP server for DRM protected content
- KIS001442 - Content Disposition Header in an HTTP response is not retrieved properly
- TSS001441 - Listing the certificates on the device using unified certificate store API
- TSS001440 - Monitoring the network registration status using CTelephony
