Motorola C381P Benutzerhandbuch
31
MIDP 2.0 Security Model
MIDP 2.0 Security Model
115
Trusted MIDlet Suites
Trusted MIDlet suites are MIDlet suites in which the integrity of the JAR file can be
authenticated and trusted by the device, and bound to a protection domain. The Motorola
C381p will use x.509PKI for signing and verifying trusted MIDlet suites.
Security for trusted MIDlet suites will utilize protection domains. Protection domains define
permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet
suite will belong to one protection domain and its defined permissible actions. For
implementation on the Motorola C381p, the following protection domains are supported:
authenticated and trusted by the device, and bound to a protection domain. The Motorola
C381p will use x.509PKI for signing and verifying trusted MIDlet suites.
Security for trusted MIDlet suites will utilize protection domains. Protection domains define
permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet
suite will belong to one protection domain and its defined permissible actions. For
implementation on the Motorola C381p, the following protection domains are supported:
• Manufacturer
• Untrusted – all MIDlet suites that are unsigned will belong to this domain.
• Untrusted – all MIDlet suites that are unsigned will belong to this domain.
Permissions within the above domains will authorize access to the protected APIs or
functions. These domains will consist of a set of “Allowed” and “User” permissions that will
be granted to the MIDlet suite.
functions. These domains will consist of a set of “Allowed” and “User” permissions that will
be granted to the MIDlet suite.
Permission Types concerning the Handset
A protection domain will consist of a set of permissions. Each permission will be “Allowed”
or “User”, not both. The following is the description of these sets of permissions as they
relate to the handset:
or “User”, not both. The following is the description of these sets of permissions as they
relate to the handset:
• “Allowed” (Full Access) permissions are any permissions that explicitly allow
access to a given protected API or function from a protected domain. Allowed
permissions will not require any user interaction.
permissions will not require any user interaction.
• “User” permissions are any permissions that require a prompt to be given to the
user and explicit user confirmation in order to allow the MIDlet suite access to the
protected API or function.
protected API or function.
User Permission Interaction Mode
User permission for the Motorola C381p handsets is designed to allow the user the ability
to either deny or grant access to the protected API or function using the following
interaction modes (bolded term(s) is prompt displayed to the user):
to either deny or grant access to the protected API or function using the following
interaction modes (bolded term(s) is prompt displayed to the user):
• blanket – grants access to the protected API or function every time it is required
by the MIDlet suite until the MIDlet suite is uninstalled or the permission is
changed by the user. (Never Ask)
changed by the user. (Never Ask)
• session – grants access to the protected API or function every time it is required
by the MIDlet suite until the MIDlet suite is terminated. This mode will prompt the
user on or before the final invocation of the protected API or function. (Ask
Once Per App Running)
user on or before the final invocation of the protected API or function. (Ask
Once Per App Running)
• oneshot – will prompt the user each time the protected API or function is
requested by the MIDlet suite. (Always Ask)