Mercurial Mercurial > oss > FCL > sftools > depl > docscontent / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/SDK/Source/GUID-9058F379-C495-4B22-B270-FF6A80E450B8.dita
author Dominic Pinkman <Dominic.Pinkman@Nokia.com>
Thu, 11 Mar 2010 15:24:26 +0000
changeset 2 ebc84c812384
parent 0 89d6a7a84779
permissions -rw-r--r--
week 10 bug fix submission: Bug 1892, Bug 1897, Bug 1319. Also 3 or 4 documents were found to contain code blocks with SFL, which has been fixed. Partial fix for broken links, links to Forum Nokia, and the 'Symbian platform' terminology issues.

<?xml version="1.0" encoding="utf-8"?>
<!--Arbortext, Inc., 1988-2004, v.4002-->
<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
 "concept.dtd">
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<concept id="GUID-9058F379-C495-4B22-B270-FF6A80E450B8" xml:lang="en"><title>Device
security mechanisms</title>
<prolog>
<metadata>
<keywords></keywords>
</metadata>
</prolog>
<conbody>
<p>The list below contains some common device security mechanisms.</p>
<section id="GUID-24AD1095-E039-46B5-A39A-1D814D697DA1"><title>Device protection</title> <p>The
Symbian platform is not well equipped to protect against a physical attack
(that is, when an attacker has physical access to the mobile device) because
access to a device is controlled by the device lock feature, which is often
not used. Other external methods of protection, like a PIN code or Subscriber
Identity Module (SIM) locking, tend to provide protection only when accessing
a cellular network, leaving the <?Pub Caret?>information content vulnerable.
Without <xref href="GUID-A1ED2377-E196-423F-A5A2-1889C1CC3E05.dita">cryptographic
protection</xref>, it is possible to gain access to the device's information
storage with hardware-based methods (for example, wiretapping connectors and
direct reading of memory chips).</p> </section>
<section id="GUID-BE16A5D1-B580-4ED6-82D7-16B33B8EEADF"><title>Device authentication</title> <p>Sometimes,
for security reasons, an application needs to identify the mobile device it
is running on, for example, to use specific ciphering keys or to apply copy
protection. Identification can be done by checking the device's International
Mobile Equipment Identity (IMEI) code, which is unique in each device used
in cellular networks. To retrieve the IMEI code, you can use, for example
the <xref format="application/java-archive" href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/ETel_3rd_Party_API/CTelephonyClass.html#%3a%3aCTelephony%3a%3aGetPhoneId%28TRequestStatus%20%26amp%3b%2cTDes8%20%26amp%3b%29const"
><codeph>CTelephony::GetPhoneId</codeph></xref> method. There are different
APIs for retrieving the IMEI code in different versions of SDKs. Refer to
the SDK API or Symbian documentation for the proper method.</p> <p>Another
way to get information about the running platform and the mobile device is
to use the <codeph>HAL:Get()</codeph> method defined in <codeph>hal.h</codeph> header
file. For more information and examples, see <xref href="http://developer.symbian.org/wiki/index.php/Device_Product_ID,_Platform_ID_and_HAL_information"
scope="external">Device Product ID, Platform ID and HAL information</xref> at
the Symbian Foundation.</p> <p><b>User authentication</b></p> <p>When powering
on the device, the user is authenticated in the <i>operating system level</i> with
standard device authentication methods, such as a PIN code and security code
requests. However, these features can be turned off by the user and are easily
reset with special hardware. If an application needs to authenticate the user,
it should be done in the <i>application level</i> by implementing a separate
user name/password authentication mechanism.</p> </section>
<section id="GUID-962E0183-0CBD-457D-B24C-C0BDB30A58A4"><title>Mobile hardware</title> <p>The
Symbian platform attempts to ensure the integrity of data even in the presence
of unreliable communication and a shortage of resources, such as memory, power,
and storage.</p> <p>The user may detach removable storage media at any time,
either intentionally or unintentionally. The platform has a built-in detach
handling mechanism, but applications should still be prepared for a sudden
loss of storage media to prevent data loss or corruption. To check the type
of storage media (removable/fixed), use the <xref format="application/java-archive"
href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/F32_EKA2/RFsClass.html#%3a%3aRFs%3a%3aDrive%28%29"
><codeph>RFs::Drive()</codeph></xref> method. </p> <p>The device may shut
down at any time, either by accident or because the battery runs out. Important
data stored in nonpermanent memory should be written to permanent memory as
early as possible. To query the battery level, use the <codeph>HAL::Get(EPowerBatteryStatus)</codeph> method.
For information on how to retrieve system information, see the <xref href="GUID-54042C84-6216-5930-9CBF-BAF635CECD4D.dita">Power
HAL Handler Tutorial</xref>.</p> <p>Even though internal storage is not physically
protected, you can secure memory cards with password protection. If the locking
option is used (method <xref format="application/java-archive" href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/F32_EKA2/RFsClass.html#%3a%3aRFs%3a%3aLockDrive%28%29"
><codeph>RFs::LockDrive</codeph></xref>), memory card contents are protected
with a password and cannot be read in any other device without it. Password
locking is an extended functionality of the Multimedia card (MMC), and may
not be compatible with all hardware and software configurations.</p> </section>
<section id="GUID-9058F379-C495-4B22-B270-FF6A80E450B9"><title>Third-party
solutions</title> <p>A mobile device can be protected with third-party security
applications. <i>Antivirus software</i> can detect and quarantine any viruses
that try to access the device, as well as restore infected files. Antivirus
software is usually used together with <i>firewalls</i> to observe and protect
both incoming and outgoing data connections. This enables monitoring of important
data and prevents it from being sent out of the device. Firewall and antivirus
software can also be part of an <i>intrusion detection system</i> that notifies
the user whenever a malicious attempt is detected.</p> <p>Furthermore, there
are applications you can use to encrypt existing files, manage passwords,
and store information and data securely (in vaults). You can even cipher information
in applications and connection methods which do not initially support ciphering
(for example, short message service [SMS]).</p> </section>
</conbody>
</concept>
<?Pub *0000006870?>
FCL/sftools/depl/docscontent