1 <?xml version="1.0" encoding="utf-8"?>

     2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->

     3 <!-- This component and the accompanying materials are made available under the terms of the License 

     4 "Eclipse Public License v1.0" which accompanies this distribution, 

     5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->

     6 <!-- Initial Contributors:

     7     Nokia Corporation - initial contribution.

     8 Contributors: 

     9 -->

    10 <!DOCTYPE concept

    11   PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">

    12 <concept id="GUID-68BBBA98-BDF7-4562-8168-5E90C73ADCF8" xml:lang="en"><title>Device

    13 security</title><prolog><metadata><keywords/></metadata></prolog><conbody>

    14 <p>The superior mobility and connectivity of mobile devices constitutes

    15 their greatest threat, and allows intruders to try different attack methods

    16 against the device. The figure below illustrates the most common methods of

    17 attack against mobile devices.</p>

    18 <fig id="GUID-2839B915-A025-4404-96A8-B9354F9E5A9F"><title>Mobile device and common attack methods</title><image href="GUID-A9E610B7-505C-41C4-9079-BC83C094982E_d0e10566_href.png"/></fig>

    19 <p>Due to the nature of mobile devices, including the potential vulnerabilities

    20 mentioned above, you should consider the following points when designing your

    21 application:</p>

    22 <ul>

    23 <li><p>If a mobile device is lost or stolen, confidential information

    24 (for example, calendar and contacts) can be read even by those with little

    25 expertise.</p></li>

    26 <li><p>Users can access confidential information and files at any

    27 time, including reverse engineering of software and algorithms.</p></li>

    28 <li><p>Data can be transferred from and to the mobile device through

    29 different methods, even accidentally. </p></li>

    30 <li><p>Users may detach removable media or the battery at any time,

    31 which can cause data loss or corruption.</p></li>

    32 </ul>

    33 <p>When you handle confidential information in your application, remember

    34 that with sufficient motivation and resources there are always ways to extract

    35 information from a mobile device. As the level of software security improves

    36 and attacks become less practical, interest in hardware attacks may in turn

    37 increase.</p>

    38 <p>In the continuously evolving digital world, every application should

    39 have a certain level of robustness against a changing and hostile environment.

    40 Applications should be prepared for data corruption and alteration, network

    41 and storage blackouts, plug-ins and components that misbehave, malicious attackers,

    42 and, perhaps most importantly, user errors.</p>

    43 <p>The Symbian <xref href="GUID-4BFEDD79-9502-526A-BA7B-97550A6F0601.dita">platform

    44 security</xref> architecture is designed to protect mobile devices and their

    45 contents.</p>

    46 <p>For more details, see <xref href="GUID-9058F379-C495-4B22-B270-FF6A80E450B8.dita">Device

    47 security mechanisms</xref>.</p>

    48 </conbody></concept>