Motorola maxx V6 Implementation based on Recommended Security Policy, Trusted 3rd Party Domain

Java ME Developer Guide

Chapter 8 - MIDP 2.0 Security Model

device implementation. User permission will have a default interaction mode and a set of other available interaction modes. The user should be presented with a choice of available interaction modes, including the ability to deny access to the protected API or function. The user will make their decision based on the user-friendly descrip- tion of the requested permissions provided for them.

The Permissions menu allows the user to configure permission settings for each MIDlet when the VM is not running. This menu is synchronized with available run- time options.

8.6Implementation based on Recommended Security Policy

The required trust model, the supported domain, and their corresponding structure will be contained in the default security policy for Motorola's implementation for MIDP

2.0.Permissions will be defined for MIDlets relating to their domain. User permission types, as well as user prompts and notifications, will also be defined.

8.7 Trusted 3rd Party Domain

A trusted third party protection domain root certificate is used to verify third party MIDlet suites. These root certificates will be mapped to a location on the handset that cannot be modified by the user. The storage of trusted third party protection do- main root certificates and operator protection domain root certificates in the handset is limited to 12 certificates.

The user will be able to enable any disabled trusted third party protection domain root certificates. If disabled, the third party domain will no longer be associated with this certificate. Permissions for trusted third party domain will be "User" permissions; specifically user interaction is required in order for permissions to be granted.

Table 13 shows the specific wording to be used in the first line of the above prompt:

DRAFT - Subject to Change [53/201]