Siemens TC65 manual Over the Air Provisioning, Security Issues, Otap

Page 38

TC65 JAVA User's Guide

s

Strictly confidential / Released

 

7.2Over the Air Provisioning

See Chapter 8 for OTA provisioning.

7.3Security Issues

The developer should be aware of the following security issues. Security aspects in general are discussed in chapter 11.

7.3.1Module Exchange Suite

The serial interface should be mechanically protected.

The copy protection rules for Java applications prevent opening, reading, copying, moving or renaming of JAR files. It is not recommended that the name of a Java application (for example <name>.jar) be used for a directory, since the copy protection will refuse access to open, copy or rename such directories.

7.3.2OTAP

A password should be used to update with OTA (SMS Authentication)

Parameters should be set to fixed values (at^sjotap) whenever possible so that they cannot be changed over the air.

The http server should be secure. (e.g. Access control via basic authentication)

TC65 JAVA User's Guide_V05

Page 38 of 90

26.09.2005

Page 37 Page 39
Image 38
Page 37 Page 39
Contents
Java Users Guide September 26 Document Name TC65 Java Users GuideTC65 Java Users Guide TC65 Java Users GuideV05Table of Contents Maintenance 3.3.2Java Security Compile and Run a Program without a Java IDEDebug Environment Java Tutorial Differences from the TC45Sun Java Studio Mobility 6 Switching Emulators TablesPreamble Related Documents New solutionOverview Terms and Abbreviations Abbreviation DescriptionSystem Requirements InstallationInstallation CD 1.2 WTK ComponentsModule Exchange Suite SDK and Java StudioInstalling the Smtk Environment Siemens Mobility Toolkit InstallationInstalling the Standard Development Toolkit Installing Module Exchange Suite MES Installing Sun Java Studio MobilityInstalling Eclipse Installing Borland JBuilder X Smtk Uninstall UpgradesSoftware Platform Software Architecture3 DAC/ADC Interfaces 1 ASC0 Serial DeviceGeneral Purpose I/O 4 ASC1Media JVM InterfacesIP Networking Other InterfacesData Flow of a Java Application Running on the Module ADCHandling Interfaces and Data Service Resources Module StatesState 2 No Java Running, General Purpose I/O and I2C State 1 Default No Java RunningState 4 Default Java Application Active State 3 No Java Running, General Purpose I/O and SPIState 5 Java Application Active, General Purpose I/O and I2C Module State Transitions Maintenance IP ServicePower Saving ChargingShutdown Airplane ModeAlarm Automatic ShutdownSwitching from Data Mode to Command Mode Restart after Switch OffSpecial AT Command Set for Java Applications Mode Indication after MIDlet StartupRestrictions Flash File System Configuration of Serial InterfaceJava Commands MemoryFrequencyB 1 / frequencyA PerformanceJava Duration of each loop = 600 sPin I/O Data Rates on RS-232 APIPlain Serial Interface Voice Call in Parallel75% 63% 55% 33% Scenarios with Gprs ConnectionUpload 65% 55% 33% 16%85% 78% 58% 48% Download91% 87% 81% 73% MIDlets MIDlet Documentation MIDlet Life CycleMIDlet.destroyApp method Hello World MIDlet Here is a sample HelloWorld programModule Exchange Suite Command Line BasedFile Transfer to Module Windows BasedOtap Security IssuesOver the Air Provisioning Otap Overview Over The Air Provisioning OtapIntroduction to Otap Parameters Max. Length AT Keyword SM Install/update Delete Otap ParametersDelete operation Install operationShort Message Format Java File Format Procedures Install/Update Delete Time Out Values and Result Codes Tips and Tricks for OtapOtap Tracer SecurityHow To Compile and Run a Program without a Java IDE Build ResultsRun on the Module with Autostart CompileRun on the Module with Manual Start Switch on Autostart Switch off AutostartDebug Environment Data Flow of a Java Application in the Debug EnvironmentEmulator Java IDE Sun Java Studio Mobility 6 2004Q3 Switching emulators Projects Compile and run TemplatesExamples JBuilderX JDK settings Borland JBuilderExamples TC65 Java Users Guide JBuilder2005 JDK settings Eclipse IntegrationEclipse Plug-in installation Eclipse J2ME platform TC65 Java Users GuideV05 26.09.2005 Example Eclipse Project importEclipse Example Compile and debug Eclipse Create packageEclipse Configuration BreakpointsJava Security Secure Data Transfer ModeAsja Vasecuritycertificate J a va C u r i t y c e r t i f i c a t eCreate a Secure Data Transfer Environment Step by Step Create CA and generate CA Root CertificateExecution Control Unsecured modeSecured mode Generate key pair Change to Secured Mode ConceptBuild binary data for AT command Atsjsec Generate customer root CertificateConcept for the Signing the Java MIDlet Encoded JAR-File HashStructure and Description of the Java Security Commands Application and Data ProtectionStructure of the Java Security Commands General structureBuild Java Security Command Hash SHA1Send Java Security Command to the Module ATSJSEC?Create Java Security Commands Export X.509 Root CertificateCommand switch off module exchange functionality Sign a MIDletJava Tutorial Using the AT Command APIClass ATCommand Instantiation with or without CSD SupportSending an AT Command to the Device, the send Method Data ConnectionsTC65 Java Users Guide Synchronization ATCommandResponseListener InterfaceNon-blocking ATCommand.send Method Implementation ATCommandListener InterfaceATEvents Registering a Listener with an ATCommand Instance Example Programming the MIDletThreads TC65 Java Users Guide Differences from the TC45
Related manuals
Manual 123 pages 53.3 Kb
Top Page Image Contents