Motorola E680 Technical Manual - Page 93

Trusted MIDlet Suites, Permission Types concerning the Handset, User Permission Interaction Mode

Get Motorola E680 - Smartphone - GSM PDF manuals and user guides View all Motorola E680 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 93 highlights

21 MIDP 2.0 Security Model Trusted MIDlet Suites Trusted MIDlet suites are MIDlet suites in which the integrity of the JAR file can be authenticated and trusted by the device, and bound to a protection domain. The Motorola E680 will use x.509PKI for signing and verifying trusted MIDlet suites. Security for trusted MIDlet suites will utilize protection domains. Protection domains define permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet suite will belong to one protection domain and its defined permissible actions. For implementation on the Motorola E680, the following protection domains are supported: • Manufacturer • Untrusted - all MIDlet suites that are unsigned will belong to this domain. Permissions within the above domains will authorize access to the protected APIs or functions. These domains will consist of a set of "Allowed" and "User" permissions that will be granted to the MIDlet suite. Permission Types concerning the Handset A protection domain will consist of a set of permissions. Each permission will be "Allowed" or "User", not both. The following is the description of these sets of permissions as they relate to the handset: • "Allowed" (Full Access) permissions are any permissions that explicitly allow access to a given protected API or function from a protected domain. Allowed permissions will not require any user interaction. • "User" permissions are any permissions that require a prompt to be given to the user and explicit user confirmation in order to allow the MIDlet suite access to the protected API or function. User Permission Interaction Mode User permission for the Motorola E680 handsets is designed to allow the user the ability to either deny or grant access to the protected API or function using the following interaction modes (bolded term(s) is prompt displayed to the user): • blanket - grants access to the protected API or function every time it is required by the MIDlet suite until the MIDlet suite is uninstalled or the permission is changed by the user. (Never Ask) • session - grants access to the protected API or function every time it is required by the MIDlet suite until the MIDlet suite is terminated. This mode will prompt the user on or before the final invocation of the protected API or function. (Ask Once Per App Running) 93

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
21
MIDP 2.0 Security Model
93
Trusted MIDlet Suites
Trusted MIDlet suites are MIDlet suites in which the integrity of the JAR file can be
authenticated and trusted by the device, and bound to a protection domain. The Motorola
E680 will use x.509PKI for signing and verifying trusted MIDlet suites.
Security for trusted MIDlet suites will utilize protection domains. Protection domains define
permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet
suite will belong to one protection domain and its defined permissible actions. For
implementation on the Motorola E680, the following protection domains are supported:
Manufacturer
Untrusted – all MIDlet suites that are unsigned will belong to this domain.
Permissions within the above domains will authorize access to the protected APIs or
functions. These domains will consist of a set of “Allowed” and “User” permissions that will
be granted to the MIDlet suite.
Permission Types concerning the Handset
A protection domain will consist of a set of permissions. Each permission will be “Allowed”
or “User”, not both. The following is the description of these sets of permissions as they
relate to the handset:
“Allowed” (Full Access) permissions are any permissions that explicitly allow
access to a given protected API or function from a protected domain. Allowed
permissions will not require any user interaction.
“User” permissions are any permissions that require a prompt to be given to the
user and explicit user confirmation in order to allow the MIDlet suite access to the
protected API or function.
User Permission Interaction Mode
User permission for the Motorola E680 handsets is designed to allow the user the ability
to either deny or grant access to the protected API or function using the following
interaction modes (bolded term(s) is prompt displayed to the user):
blanket – grants access to the protected API or function every time it is required
by the MIDlet suite until the MIDlet suite is uninstalled or the permission is
changed by the user. (
Never Ask
)
session – grants access to the protected API or function every time it is required
by the MIDlet suite until the MIDlet suite is terminated. This mode will prompt the
user on or before the final invocation of the protected API or function.
(
Ask
Once Per App Running
)