Week 23 contribution of SDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-39A995DC-F047-4B41-A60D-27063CE329BE" xml:lang="en"><title>Planning
system and software security</title><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Devices based on the Symbian platform are capable of joining both public
and private networks and often have the functionality of a normal desktop
computer. However, the average user does not perceive the device as a computer,
but rather as a regular phone that is safe from security threats. This creates
an opportunity for hostile attackers to infiltrate the device and wreak severe
direct or indirect damage (for example, by penetrating into the corporate
intranet).</p>
<p>It is, however, possible to anticipate these kinds of threats, and protect
applications by using the security features offered by the Symbian platform,
and by expanding <i>security policies</i> to cover mobile devices and services.</p>
<p>To develop system or software security, repeat the following steps:</p>
<ol>
<li id="GUID-98856624-2B55-44FC-9DD9-69850C2B22D9"><p>Define and
evaluate all critical assets (resources, information).</p></li>
<li id="GUID-4FE98A61-A0B8-4249-936E-DF319804AA2D"><p>Identify all
possible threats, vulnerabilities, and potential attacks, and estimate the
extent of possible damage.</p><p>Areas to examine in the Symbian platform
are system resources, removable media, and communication between components.</p>
</li>
<li id="GUID-43B87274-297C-4AA8-B2A1-872E2BA83F30"><p>Prioritize
high-risk vulnerabilities, and select and implement corresponding security
features. If risks are sufficiently low, protective measures may be unnecessary.</p>
</li>
<li id="GUID-3D7F3A95-635E-4D9C-9883-BBD36263401D"><p>Repeat these
steps until the necessary level of protection is achieved.</p></li>
</ol>
<p/>
<fig id="GUID-A41ADA16-6D0B-4EA4-BBF2-67C2CFED68F3"><title>Security development process</title><image href="GUID-316D7B85-F827-4479-B5EE-81F210614236_d0e11518_href.png"/></fig>
<p>The security development process is guided by <i>cost</i>, <i>efficiency,</i> and <i>usability</i>.
If security is too tight, this may be expensive and affect both performance
and the user's experience of the system or software. On the other hand, if
security is too slack, this may result in severe damage and, in the long run,
be even more costly.</p>
<section id="GUID-39A995DC-F047-4B41-A60D-27063CE329BF"><title>Security methods</title>
<p>The list below contains the most common and important security methods
used in the mobile world:</p>
<ul>
<li><p><i>Ciphering</i> enables confidentiality. Information is
accessible only by authorized parties. With ciphering it is also possible
to maintain integrity.</p></li>
<li><p><i>Hash</i> function (<i>checksum</i>) can be used to verify
integrity and detect information tampering.</p></li>
<li><p><i>Signing</i> allows attaching of information to a certain
source.</p></li>
<li><p><i>Authentication</i> ensures that the object is what it
claims to be.</p></li>
<li><p><i>Access control</i> restricts unauthorized access to resources.</p>
</li>
<li><p><i>Authorization</i> is permission to perform tasks on behalf
of somebody else.</p></li>
<li><p><i>Certification</i> is provided usually by a third party
to prove information validity.</p></li>
<li><p><i>Recovery mechanisms</i> are usually implemented as redundancy
(duplication of information or routes).</p></li>
<li><p>In communication it is possible to use, for example, <i>error
correction</i> to repair transmission failures, <i>random traffic generation</i> to
keep the line occupied, and <i>packet uniforming</i> to blend important packets
into traffic.</p></li>
</ul>
<p>Some of the methods above are interconnected (for example, certification
requires that the information is signed) and not all of them are of equal
importance, since some basic methods form a base for more complicated methods.</p>
</section>
</conbody></concept>