Mercurial Mercurial > oss > FCL > sftools > depl > docscontent / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/SDK/Source/GUID-98F104F6-8850-4417-907E-113F2166EBD9.dita
changeset 7 51a74ef9ed63 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Symbian3/SDK/Source/GUID-98F104F6-8850-4417-907E-113F2166EBD9.dita	Wed Mar 31 11:11:55 2010 +0100
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-98F104F6-8850-4417-907E-113F2166EBD9" xml:lang="en"><title>Threats</title><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>Increasingly sophisticated mobile software has improved features and
+intelligence in mobile devices. At the same time, the increasing volume of
+high-end mobile devices has shaped the profile of an average user from an
+IT professional to an average-skilled end user.</p>
+<p>This shift has created new opportunities for malicious parties who usually
+want to gain access to the valuable information stored in mobile devices.</p>
+<section id="GUID-1F289359-8538-4352-AD30-DB83C0779E9C"><title>Types of threats</title>
+<p>The following list classifies threats according to the most common reasons
+for security breaches, in descending order of frequency:</p>
+<ul>
+<li><p>Intentional hostile action, where an attacker is deliberately
+trying to harm the system</p></li>
+<li><p>Administrative flaws in the management of a device (for example,
+in a security area)</p></li>
+<li><p>User mistakes, such as deletion of critical information or
+typing errors</p></li>
+<li><p>Technical failures that cause data corruption, deletion,
+or inaccessibility</p></li>
+<li><p>Other unpredictable or unavoidable failures and incidents
+that cannot be prevented (usually system wide)</p></li>
+</ul>
+</section>
+<section id="GUID-2FE0C29F-FC65-49A7-9F51-79847232C991"><title>Types of malicious
+software </title>
+<p>There are different types of malicious software that you need to be
+aware of when designing new applications. The following common classification
+is based on the way these programs spread.</p>
+<p/>
+<p>Software that needs a host to spread:</p>
+<ul>
+<li><p><i>Backdoors and trapdoors</i> are debug-type entrances to
+programs, for example, via hard-coded password access.</p></li>
+<li><p><i>Logical bomb</i> "explodes" under certain conditions,
+that is, it stops working or corrupts data. Like backdoors, the logical bombs
+can be unintentional, there may be a bug in the application that the developer
+did not discover in the testing phase.</p></li>
+<li><p><i>Trojan horse</i> is a useful-looking software that acts
+maliciously without notifying the user.</p></li>
+<li><p><i>Virus</i> modifies other software to reproduce new viruses.</p>
+</li>
+</ul>
+<p/>
+<p>Software that spreads independently:</p>
+<ul>
+<li><p><i>Bacteria</i> (also known as <i> rabbits</i>) reproduce
+themselves as quickly as possible to jam the system and its services. A single
+unit of bacteria is not usually dangerous, the strength comes from a large
+quantity.</p></li>
+<li><p><i>Worm</i> spreads through networks and can act in a system
+like bacteria or a virus.</p></li>
+</ul>
+<p>These classifications are not strict or self-contained. For example,
+a worm can be used to install a Trojan horse into a system. The Trojan horse
+can then be used to activate a backdoor or logical bomb.</p>
+<p>Controlling and restricting the access rights to your soft ware is an
+effective precaution to protect the system against these malicious programs.
+From Symbian OS v9.1, onwards, control and authentication of access rights
+is performed by the <xref href="GUID-4BFEDD79-9502-526A-BA7B-97550A6F0601.dita">platform
+security</xref> mechanisms.</p>
+</section>
+</conbody></concept>
\ No newline at end of file
FCL/sftools/depl/docscontent