Table of Contents
Advertisement
Trusted MIDlet Suites
Trusted MIDlet suites are MIDlet suites in which the integrity of the JAR file can be
authenticated and trusted by the device, and bound to a protection domain. The Motorola
V3x will use x.509PKI for signing and verifying trusted MIDlet suites.
Security for trusted MIDlet suites will utilize protection domains. Protection domains define
permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet
suite will belong to one protection domain and its defined permissible actions. For
implementation on the Motorola V3x, the following protection domains should exist:
•
•
•
•
Permissions within the above domains will authorize access to the protected APIs or
functions. These domains will consist of a set of "Allowed" and "User" permissions that will
be granted to the MIDlet suite.
Permission Types concerning the Handset
A protection domain will consist of a set of permissions. Each permission will be "Allowed"
or "User", not both. The following is the description of these sets of permissions as they
relate to the handset:
"Allowed" (Full Access) permissions are any permissions that explicitly allow access to a
given protected API or function from a protected domain. Allowed permissions will not
require any user interaction.
"User" permissions are any permissions that require a prompt to be given to the user and
explicit user confirmation in order to allow the MIDlet suite access to the protected API or
function.
User Permission Interaction Mode
User permission for the Motorola V3x handsets is designed to allow the user the ability to
either deny or grant access to the protected API or function using the following interaction
modes (bolded term(s) is prompt displayed to the user):
Manufacturer – permissions will be marked as "Allowed" (Full Access).
Downloaded and authenticated manufacturer MIDlet suites will perform
consistently with MIDlet suites pre-installed by the manufacturer.
Operator – permissions will be marked as "Allowed" (Full Access). Downloaded
and authenticated operator MIDlet suites will perform consistently with other
MIDlet suites installed by the operator.
3
Party – permissions will be marked as "User". User interaction is required for
rd
permission to be granted. MIDlets do not need to be aware of the security policy
except for security exceptions that will occur when accessing APIs.
Untrusted – all MIDlet suites that are unsigned will belong to this domain.
83
Advertisement
Table of Contents
