31
MIDP 2.0 Security Model
Trusted MIDlet Suites
Trusted MIDlet suites are MIDlet suites in which the integrity of the JAR file can be authenticated and trusted by the device, and bound to a protection domain. The Motorola C381p will use x.509PKI for signing and verifying trusted MIDlet suites.
Security for trusted MIDlet suites will utilize protection domains. Protection domains define permissions that will be granted to the MIDlet suite in that particular domain. A MIDlet suite will belong to one protection domain and its defined permissible actions. For implementation on the Motorola C381p, the following protection domains are supported:
•Manufacturer
•Untrusted – all MIDlet suites that are unsigned will belong to this domain.
Permissions within the above domains will authorize access to the protected APIs or functions. These domains will consist of a set of “Allowed” and “User” permissions that will be granted to the MIDlet suite.
Permission Types concerning the Handset
A protection domain will consist of a set of permissions. Each permission will be “Allowed” or “User”, not both. The following is the description of these sets of permissions as they relate to the handset:
•“Allowed” (Full Access) permissions are any permissions that explicitly allow access to a given protected API or function from a protected domain. Allowed permissions will not require any user interaction.
•“User” permissions are any permissions that require a prompt to be given to the user and explicit user confirmation in order to allow the MIDlet suite access to the protected API or function.
User Permission Interaction Mode
User permission for the Motorola C381p handsets is designed to allow the user the ability to either deny or grant access to the protected API or function using the following interaction modes (bolded term(s) is prompt displayed to the user):
•blanket – grants access to the protected API or function every time it is required by the MIDlet suite until the MIDlet suite is uninstalled or the permission is changed by the user. (Never Ask)
•session – grants access to the protected API or function every time it is required by the MIDlet suite until the MIDlet suite is terminated. This mode will prompt the user on or before the final invocation of the protected API or function. (Ask Once Per App Running)
•oneshot – will prompt the user each time the protected API or function is requested by the MIDlet suite. (Always Ask)
115