Symbian3/PDK/Source/GUID-39A995DC-F047-4B41-A60D-27063CE329BE.dita
author Dominic Pinkman <dominic.pinkman@nokia.com>
Fri, 16 Jul 2010 17:23:46 +0100
changeset 12 80ef3a206772
parent 9 59758314f811
child 14 578be2adaf3e
permissions -rw-r--r--
Week 28 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 1897, Bug 344, Bug 2681, Bug 463, Bug 1522.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
9
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     1
<?xml version="1.0" encoding="utf-8"?>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     2
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     3
<!-- This component and the accompanying materials are made available under the terms of the License 
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     4
"Eclipse Public License v1.0" which accompanies this distribution, 
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     5
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     6
<!-- Initial Contributors:
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     7
    Nokia Corporation - initial contribution.
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     8
Contributors: 
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
     9
-->
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    10
<!DOCTYPE concept
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    11
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    12
<concept id="GUID-39A995DC-F047-4B41-A60D-27063CE329BE" xml:lang="en"><title>Planning
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    13
system and software security</title><prolog><metadata><keywords/></metadata></prolog><conbody>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    14
<p>Devices based on the Symbian platform are capable of joining both public
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    15
and private networks and often have the functionality of a normal desktop
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    16
computer. However, the average user does not perceive the device as a computer,
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    17
but rather as a regular phone that is safe from security threats. This creates
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    18
an opportunity for hostile attackers to infiltrate the device and wreak severe
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    19
direct or indirect damage (for example, by penetrating into the corporate
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    20
intranet).</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    21
<p>It is, however, possible to anticipate these kinds of threats, and protect
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    22
applications by using the security features offered by the Symbian platform,
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    23
and by expanding <i>security policies</i> to cover mobile devices and services.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    24
<p>To develop system or software security, repeat the following steps:</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    25
<ol>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    26
<li id="GUID-98856624-2B55-44FC-9DD9-69850C2B22D9"><p>Define and
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    27
evaluate all critical assets (resources, information).</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    28
<li id="GUID-4FE98A61-A0B8-4249-936E-DF319804AA2D"><p>Identify all
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    29
possible threats, vulnerabilities, and potential attacks, and estimate the
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    30
extent of possible damage.</p><p>Areas to examine in the Symbian platform
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    31
are system resources, removable media, and communication between components.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    32
</li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    33
<li id="GUID-43B87274-297C-4AA8-B2A1-872E2BA83F30"><p>Prioritize
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    34
high-risk vulnerabilities, and select and implement corresponding security
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    35
features. If risks are sufficiently low, protective measures may be unnecessary.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    36
</li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    37
<li id="GUID-3D7F3A95-635E-4D9C-9883-BBD36263401D"><p>Repeat these
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    38
steps until the necessary level of protection is achieved.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    39
</ol>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    40
<p/>
12
80ef3a206772 Week 28 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 1897, Bug 344, Bug 2681, Bug 463, Bug 1522.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 9
diff changeset
    41
<fig id="GUID-A41ADA16-6D0B-4EA4-BBF2-67C2CFED68F3"><title>Security development process</title><image href="GUID-316D7B85-F827-4479-B5EE-81F210614236_d0e13237_href.png"/></fig>
9
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    42
<p>The security development process is guided by <i>cost</i>, <i>efficiency,</i> and <i>usability</i>.
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    43
If security is too tight, this may be expensive and affect both performance
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    44
and the user's experience of the system or software. On the other hand, if
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    45
security is too slack, this may result in severe damage and, in the long run,
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    46
be even more costly.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    47
<section id="GUID-39A995DC-F047-4B41-A60D-27063CE329BF"><title>Security methods</title>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    48
<p>The list below contains the most common and important security methods
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    49
used in the mobile world:</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    50
<ul>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    51
<li><p><i>Ciphering</i> enables confidentiality. Information is
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    52
accessible only by authorized parties. With ciphering it is also possible
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    53
to maintain integrity.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    54
<li><p><i>Hash</i> function (<i>checksum</i>) can be used to verify
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    55
integrity and detect information tampering.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    56
<li><p><i>Signing</i> allows attaching of information to a certain
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    57
source.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    58
<li><p><i>Authentication</i> ensures that the object is what it
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    59
claims to be.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    60
<li><p><i>Access control</i> restricts unauthorized access to resources.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    61
</li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    62
<li><p><i>Authorization</i> is permission to perform tasks on behalf
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    63
of somebody else.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    64
<li><p><i>Certification</i> is provided usually by a third party
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    65
to prove information validity.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    66
<li><p><i>Recovery mechanisms</i> are usually implemented as redundancy
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    67
(duplication of information or routes).</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    68
<li><p>In communication it is possible to use, for example, <i>error
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    69
correction</i> to repair transmission failures, <i>random traffic generation</i> to
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    70
keep the line occupied, and <i>packet uniforming</i> to blend important packets
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    71
into traffic.</p></li>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    72
</ul>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    73
<p>Some of the methods above are interconnected (for example, certification
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    74
requires that the information is signed) and not all of them are of equal
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    75
importance, since some basic methods form a base for more complicated methods.</p>
59758314f811 Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
Dominic Pinkman <dominic.pinkman@nokia.com>
parents: 5
diff changeset
    76
</section>
1
25a17d01db0c Addition of the PDK content and example code for Documentation_content according to Feature bug 1607 and bug 1608
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents:
diff changeset
    77
</conbody></concept>