symbian platform security symbian signed
TRANSCRIPT
-
8/14/2019 Symbian Platform Security Symbian Signed
1/23
-
8/14/2019 Symbian Platform Security Symbian Signed
2/23
-
8/14/2019 Symbian Platform Security Symbian Signed
3/23
-
8/14/2019 Symbian Platform Security Symbian Signed
4/23
-
8/14/2019 Symbian Platform Security Symbian Signed
5/23
-
8/14/2019 Symbian Platform Security Symbian Signed
6/23
-
8/14/2019 Symbian Platform Security Symbian Signed
7/23
-
8/14/2019 Symbian Platform Security Symbian Signed
8/23
-
8/14/2019 Symbian Platform Security Symbian Signed
9/23
-
8/14/2019 Symbian Platform Security Symbian Signed
10/23
-
8/14/2019 Symbian Platform Security Symbian Signed
11/23
-
8/14/2019 Symbian Platform Security Symbian Signed
12/23
-
8/14/2019 Symbian Platform Security Symbian Signed
13/23
Capability RulesCapability Rules
The Capabilities of a Process NeverChange During its Lifetime.
A Process can only Load a DLL if that DLLis Trusted with At Least the SameCapabilities as that Process
-
8/14/2019 Symbian Platform Security Symbian Signed
14/23
Identifier for ExecutableIdentifier for ExecutableApplicationsApplications
Unique Identifier (UID)Unique Identifier (UID) Each Executable Has Unique Identifiers.Each Executable Has Unique Identifiers.
Secure Identifier (SID)Secure Identifier (SID) Used to Identify Private Directory the Process canUsed to Identify Private Directory the Process can
AccessAccess Used to Uniquely Identify Application when it MakesUsed to Uniquely Identify Application when it Makes
Inter-Process CallInter-Process Call
Vendor Identifier (VID)Vendor Identifier (VID) Used to Uniquely Identify a VendorUsed to Uniquely Identify a Vendor
-
8/14/2019 Symbian Platform Security Symbian Signed
15/23
Data CagingData Caging
Also Called File Access ControlAlso Called File Access Control Allows Protection of Private DataAllows Protection of Private Data
Both User and System Files Can beBoth User and System Files Can beProtectedProtected
-
8/14/2019 Symbian Platform Security Symbian Signed
16/23
Symbian SignedSymbian Signed
-
8/14/2019 Symbian Platform Security Symbian Signed
17/23
Symbian SignedSymbian Signed
Allows Symbian Software Developers to Obtain aDigital Signature for their Applications
Does Not Guarantee Completely Correct ApplicationBehavior.
What it Guarantees?Minimum Quality Level Applications Do Not
Block Incoming Calls Overwrite File System Refuse to Shutdown
If Uninstalled, Application Does Not Leave any Files Behind In Resource Critical Situations, Application Behaves Well
And Others.
-
8/14/2019 Symbian Platform Security Symbian Signed
18/23
Symbian Signed TestingCriteria Two Groups of Tests Two Groups of Tests
Universal Tests (UNI)Universal Tests (UNI) Tests Basic Application Reliability and Robustness Tests Basic Application Reliability and Robustness
Examples: Stress Testing, Correct Installation, Uninstall,Examples: Stress Testing, Correct Installation, Uninstall,Compliance with System Events, Out of Memory Error, etc.Compliance with System Events, Out of Memory Error, etc.
Capability Related Test (CAP)Capability Related Test (CAP) Perform Tests Related to Specific CapabilitiesPerform Tests Related to Specific Capabilities
Examples: Platform Security Features,Examples: Platform Security Features, VoIP applicationsmust not interfere with GSM-based telephony functions,
-
8/14/2019 Symbian Platform Security Symbian Signed
19/23
Signing OptionsSigning Options
Open SignedOpen Signed Developer Certificate Based Signing for Developers Without aDeveloper Certificate Based Signing for Developers Without a
Publisher IDPublisher ID Can be Used for Testing, Non-Commercial or Personal UseCan be Used for Testing, Non-Commercial or Personal Use
Deployment is Restricted by Device IMEIDeployment is Restricted by Device IMEI Express SignedExpress Signed Signing Option that Does Not Require Independent Testing Available Capabilities are Restricted
Certified SignedCertified Signed Mainstream Signing Option Based on Independent Testing Provides Access to Most CapabilitiesProvides Access to Most Capabilities
-
8/14/2019 Symbian Platform Security Symbian Signed
20/23
Signing OptionsSigning Options
YesNo Yes YesCertificateSigned
YesNoNo YesExpressSigned
No YesNo YesOpenSignedOffline
No YesNoNoOpenSigned
Online
ForCommercialDistribution
IMEIRestrictions
IndependentTesting
Required
PublisherID
Required
-
8/14/2019 Symbian Platform Security Symbian Signed
21/23
-
8/14/2019 Symbian Platform Security Symbian Signed
22/23
Which Applications RequireWhich Applications RequireSigning (Symbian Signed)?Signing (Symbian Signed)? For Symbian OS v9 and AboveFor Symbian OS v9 and Above
Applications that Need to Access APIs Protected by SystemApplications that Need to Access APIs Protected by SystemCapabilities, Must be SignedCapabilities, Must be Signed
Applications that Do Not Use Protected APIs May RequireApplications that Do Not Use Protected APIs May RequireSignature if Device Implementation Enforces It.Signature if Device Implementation Enforces It.
Applications that Need Only User Capabilities May RequireApplications that Need Only User Capabilities May RequireSignature if Device Implementation Enforces It.Signature if Device Implementation Enforces It.
Application that Need Manufacturer Capabilities are RequiredApplication that Need Manufacturer Capabilities are Requiredto Go Through Manufacturer Defined Signing Processto Go Through Manufacturer Defined Signing Process
There is no requirement to sign applications targetedat versions of Symbian OS earlier than v9
-
8/14/2019 Symbian Platform Security Symbian Signed
23/23