Sony Ericsson UIQ 3 Unique Identifiers, UIDs, Secure Identifier, SID, Vendor Identifier, VID

Page 9

Developers guidelines Signing applications

Identifiers

Symbian OS v9 Platform Security also requires that applications can be uniquely identified and strictly classified to reflect their PlatSec level of trust. For example, signed and unsigned application are clearly separated by having UID values in separated value ranges.

Unique Identifiers, UIDs

In Symbian OS, objects are identified by three 32 bit globally unique identifiers, referred to as UID1, UID2 and UID3.

UID1 is a system level identifier, distinguishing for example executables, DLLs and file stores.

UID2 distinguishes objects with the same UID1 based on different interfaces. For example GUI appli- cations have a common UID2 value.

UID3 can be seen as a project identifier, for example, all objects belonging to a given program may share a UID3 value.

With Symbian OS v9, allocation of UID3 values has been changed to further enhance security, for exam- ple to implement the data caging feature. Applications developed for public distribution must be assigned a globally unique UID3 value, which is utilized through an automated UID allocation system implemented within the Symbian Signed programme.

Allowed UID values have been split into one protected range for signed application and one unprotected range for unsigned applications. Only signed applications can use UIDs in the protected range, and only protected range UID values are allowed for signed applications. This is validated in the Symbian Signed process. On the other hand unsigned applications are not allowed to use UIDs in the protected range, and can only be installed with a UID from the unprotected range of values.

Secure Identifier, SID

Symbian OS v9 applications are assigned a SID value, which is automatically set to the UID3 value, unless explicitly specified by the developer. The SID value determines the name of the folder where private appli- cation data is stored.

The SID value can be specified in the .MMP file of the application, but this option should only be used in special cases. Normally the automatically set value of UID3 should be accepted.

Vendor Identifier, VID

A Vendor ID can be used at runtime to identify the source of the binary. It is mainly of interest for phone manufacturers and network operators, for example when needing to restrict access to a certain service to applications from specific vendors. Most developers have no need for a VID, and the default VID value (0) can then be used.

9

October 2006

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Signing applications Purpose of this document PrefaceDocument conventions Sony Ericsson Developer WorldProducts AbbreviationsDocument history Trademarks and acknowledgementsTypographical conventions Change historyContents Developers guidelines Signing applications Symbian OS v9 security architecture Introduction CapabilitiesRestricted and unrestricted APIs Unique Identifiers, UIDs IdentifiersSecure Identifier, SID Vendor Identifier, VIDUnsigned sandboxed applications Data cagingSymbian Signed applications Capability mappingCapability User granted permission Basic Capabilties Developer certificates ACS publisher ID Publisher certifiersSigning freeware applications Symbian OS v9 application signing Planning for development Signing or notRequired capabilities NetworkServices LocalServicesUserEnvironment LocationWriteDeviceData PowerMgmtSWEvent ProtServDiskAdmin General signing procedureCreating a Symbian Signed application AllFilesUID allocation Symbian Signed portal account registrationTo retrieve a UID from the Symbian Signed Portal UID UID range Purpose ClassACS publisher ID Identity requirements Number of IMEIsExtended Capabilities Developers guidelines Signing applications UID Information To do before submitting the applicationPKG file format Policy statement dialogDevelopers guidelines Signing applications Appendix Functions listed by capability Capability AllFilesCapability CommDD Capability DiskAdmin Capability Drm Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability LocalServices Developers guidelines Signing applications Capability Location Capability MultimediaDD Capability NetworkControl Developers guidelines Signing applications Developers guidelines Signing applications Capability NetworkServices Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability PowerMgmt Capability ProtServCapability ReadDeviceData Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability ReadUserData Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability SurroundingsDD Capability SwEvent Capability Tcb Capability TrustedUI Capability UserEnvironmentCapability WriteDeviceData Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability WriteUserData Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Developers guidelines Signing applications Capability Illegal Developers guidelines Signing applications
Top Page Image Contents