Symbian3/PDK/Source/GUID-011A0A93-42DF-5235-BC8E-7BD88B572277.dita
changeset 5 f345bda72bc4
parent 3 46218c8b8afa
child 14 578be2adaf3e
--- a/Symbian3/PDK/Source/GUID-011A0A93-42DF-5235-BC8E-7BD88B572277.dita	Tue Mar 30 11:42:04 2010 +0100
+++ b/Symbian3/PDK/Source/GUID-011A0A93-42DF-5235-BC8E-7BD88B572277.dita	Tue Mar 30 11:56:28 2010 +0100
@@ -1,13 +1,13 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
-<!-- This component and the accompanying materials are made available under the terms of the License 
-"Eclipse Public License v1.0" which accompanies this distribution, 
-and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
-<!-- Initial Contributors:
-    Nokia Corporation - initial contribution.
-Contributors: 
--->
-<!DOCTYPE concept
-  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
-<concept xml:lang="en" id="GUID-011A0A93-42DF-5235-BC8E-7BD88B572277"><title>OpenGL ES Security Threats and Measures</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>This topic provides a summary of some important security issues to be aware of when working with OpenGL ES on the Symbian platform. </p> <p> <b>Variant</b>: <xref href="GUID-D93978BE-11A3-5CE3-B110-1DEAA5AD566C.dita">ScreenPlay</xref> and <xref href="GUID-F64E6551-670E-5E12-8103-DE504D3EC94F.dita">non-ScreenPlay</xref>. <b>Target audience</b>: Device creators. </p> <p><b>Security threats </b> </p> <p>The following table provides a summary of some important potential security threats and measures that can be taken to protect against them. The numbers in brackets indicate the security measure in the subsequent table. </p> <table id="GUID-D866030D-6AE1-5F59-A3D7-A4FCB2AAD316"><tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/><thead><row><entry>Threat</entry> <entry>Description</entry> </row> </thead> <tbody><row><entry><p>Battery power </p> </entry> <entry><p>An attacker may want to drain the battery power of the handset to make it look like the battery life is poor. This inconveniences the handset owner by requiring the battery to be re-charged. It may cause the handset to be returned as faulty to the manufacturer. Use of OpenGL ES hardware drains the battery power. </p> <p> <b> Measure</b>: Uninstall malicious applications (4). </p> </entry> </row> <row><entry><p>CPU time </p> </entry> <entry><p>An attacker may want to cause a denial of service (DOS) attack or make games look slow on a handset. </p> <p> <b> Measure</b>: Uninstall malicious applications (4). </p> </entry> </row> <row><entry><p>Shader source code disclosure </p> </entry> <entry><p>A shader program present inside an OpenGL ES 2.0 application is loaded onto the GPU by the application. The shader program may be in source code format. This program is an asset which must remain confidential, because it may contain the application author's intellectual property. An attacker may want to read this program to discover how a given shader program works. For example a flight simulator may use a noise shader to produce a realistic cloud effect for the sky. An attacker may want to reproduce this effect in the product of a competitor. </p> <p> <b> Measures</b>: Protect the DLL (1) and cage shader programs (2). </p> </entry> </row> <row><entry><p>Shader binary replacement </p> </entry> <entry><p>An attacker may want to replace the binary code of a shader program. The motive might be to cause an amusing but annoying distortion of the screen. For example, to make the screen look as if it is melting or has holes in it. </p> <p> <b>Measures</b>: Protect the DLL (1), cage shader programs (2) and validate pre-compiled shader programs (3). </p> </entry> </row> </tbody> </tgroup> </table> <p><b>Security measures </b> </p> <table id="GUID-2563039F-48C0-57DA-97EA-D462136CFA25"><tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/><thead><row><entry>Measure</entry> <entry> Description</entry> </row> </thead> <tbody><row><entry><p> <b>1</b>  </p> </entry> <entry><p>Protect the DLL </p> </entry> <entry><p>The Symbian platform provides a security model to protect deployment of malicious DLLs, by requiring all binaries to be placed in <filepath>\sys\bin</filepath>. This location can only be overwritten by trusted entities. Therefore the DLL is protected. </p> </entry> </row> <row><entry><p> <b>2</b>  </p> </entry> <entry><p>Data cage shader programs </p> </entry> <entry><p>The confidentiality of the shader program can be compromised if it is stored by the application program in plain text format either in the executable or in a resource file. Data caging can be used to prevent system-wide access to binaries. Do not place the shader program in <filepath>\resource\apps\</filepath> because this directory is readable by other processes. A better location is <filepath>\private\&lt;SID&gt;</filepath>, where SID is the unique security identifier. </p> </entry> </row> <row><entry><p> <b>3</b>  </p> </entry> <entry><p>Validate pre-compiled shader programs </p> </entry> <entry><p>Some OpenGL ES 2.0 implementations support pre-compiled shader programs being loaded onto the graphics processing unit (GPU). The vendor must validate the supplied binary codes before loading them onto the GPU. </p> </entry> </row> <row><entry><p> <b>4</b>  </p> </entry> <entry><p>Uninstall malicious applications </p> </entry> <entry><p>Malicious OpenGL ES programs which attempt a DOS attack can be uninstalled. If the programs come through the Symbian Signed program, these can be revoked to prevent further distribution. </p> </entry> </row> </tbody> </tgroup> </table> </conbody><related-links><link href="GUID-7DD1BC7B-B3F7-515D-8DC8-B699B947B434.dita"><linktext>OpenGL ES Porting Guide</linktext> </link> <link href="GUID-BB7F358E-3AC8-566B-8AE3-52FA0F9082C6.dita"><linktext>OpenGL ES 2.0 Shader Programs</linktext> </link> <link href="GUID-90A4BDE2-839A-5A37-ACAA-EB33FE39DE54.dita"><linktext>OpenGL ES Variability
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept xml:lang="en" id="GUID-011A0A93-42DF-5235-BC8E-7BD88B572277"><title>OpenGL ES Security Threats and Measures</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>This topic provides a summary of some important security issues to be aware of when working with OpenGL ES on the Symbian platform. </p> <p> <b>Variant</b>: <xref href="GUID-D93978BE-11A3-5CE3-B110-1DEAA5AD566C.dita">ScreenPlay</xref> and <xref href="GUID-F64E6551-670E-5E12-8103-DE504D3EC94F.dita">non-ScreenPlay</xref>. <b>Target audience</b>: Device creators. </p> <p><b>Security threats </b> </p> <p>The following table provides a summary of some important potential security threats and measures that can be taken to protect against them. The numbers in brackets indicate the security measure in the subsequent table. </p> <table id="GUID-D866030D-6AE1-5F59-A3D7-A4FCB2AAD316"><tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/><thead><row><entry>Threat</entry> <entry>Description</entry> </row> </thead> <tbody><row><entry><p>Battery power </p> </entry> <entry><p>An attacker may want to drain the battery power of the handset to make it look like the battery life is poor. This inconveniences the handset owner by requiring the battery to be re-charged. It may cause the handset to be returned as faulty to the manufacturer. Use of OpenGL ES hardware drains the battery power. </p> <p> <b> Measure</b>: Uninstall malicious applications (4). </p> </entry> </row> <row><entry><p>CPU time </p> </entry> <entry><p>An attacker may want to cause a denial of service (DOS) attack or make games look slow on a handset. </p> <p> <b> Measure</b>: Uninstall malicious applications (4). </p> </entry> </row> <row><entry><p>Shader source code disclosure </p> </entry> <entry><p>A shader program present inside an OpenGL ES 2.0 application is loaded onto the GPU by the application. The shader program may be in source code format. This program is an asset which must remain confidential, because it may contain the application author's intellectual property. An attacker may want to read this program to discover how a given shader program works. For example a flight simulator may use a noise shader to produce a realistic cloud effect for the sky. An attacker may want to reproduce this effect in the product of a competitor. </p> <p> <b> Measures</b>: Protect the DLL (1) and cage shader programs (2). </p> </entry> </row> <row><entry><p>Shader binary replacement </p> </entry> <entry><p>An attacker may want to replace the binary code of a shader program. The motive might be to cause an amusing but annoying distortion of the screen. For example, to make the screen look as if it is melting or has holes in it. </p> <p> <b>Measures</b>: Protect the DLL (1), cage shader programs (2) and validate pre-compiled shader programs (3). </p> </entry> </row> </tbody> </tgroup> </table> <p><b>Security measures </b> </p> <table id="GUID-2563039F-48C0-57DA-97EA-D462136CFA25"><tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/><thead><row><entry>Measure</entry> <entry> Description</entry> </row> </thead> <tbody><row><entry><p> <b>1</b>  </p> </entry> <entry><p>Protect the DLL </p> </entry> <entry><p>The Symbian platform provides a security model to protect deployment of malicious DLLs, by requiring all binaries to be placed in <filepath>\sys\bin</filepath>. This location can only be overwritten by trusted entities. Therefore the DLL is protected. </p> </entry> </row> <row><entry><p> <b>2</b>  </p> </entry> <entry><p>Data cage shader programs </p> </entry> <entry><p>The confidentiality of the shader program can be compromised if it is stored by the application program in plain text format either in the executable or in a resource file. Data caging can be used to prevent system-wide access to binaries. Do not place the shader program in <filepath>\resource\apps\</filepath> because this directory is readable by other processes. A better location is <filepath>\private\&lt;SID&gt;</filepath>, where SID is the unique security identifier. </p> </entry> </row> <row><entry><p> <b>3</b>  </p> </entry> <entry><p>Validate pre-compiled shader programs </p> </entry> <entry><p>Some OpenGL ES 2.0 implementations support pre-compiled shader programs being loaded onto the graphics processing unit (GPU). The vendor must validate the supplied binary codes before loading them onto the GPU. </p> </entry> </row> <row><entry><p> <b>4</b>  </p> </entry> <entry><p>Uninstall malicious applications </p> </entry> <entry><p>Malicious OpenGL ES programs which attempt a DOS attack can be uninstalled. If the programs come through the Symbian Signed program, these can be revoked to prevent further distribution. </p> </entry> </row> </tbody> </tgroup> </table> </conbody><related-links><link href="GUID-7DD1BC7B-B3F7-515D-8DC8-B699B947B434.dita"><linktext>OpenGL ES Porting Guide</linktext> </link> <link href="GUID-BB7F358E-3AC8-566B-8AE3-52FA0F9082C6.dita"><linktext>OpenGL ES 2.0 Shader Programs</linktext> </link> <link href="GUID-90A4BDE2-839A-5A37-ACAA-EB33FE39DE54.dita"><linktext>OpenGL ES Variability
                 Choices</linktext> </link> <link href="GUID-12D5C140-DFDA-549B-9CCF-EF7488B832AE.dita"><linktext>OpenGLES Interface Overview</linktext> </link> </related-links></concept>
\ No newline at end of file