Motorola maxx V6 manual Draft Subject to Change 97/201, Request for Access Algorithm

Java ME Developer Guide

Chapter 12 - JSR-177 Java ME Security and Trust Services API

The implementation applies the following algorithm when evaluating a request for ac- cess:

Request for Access Algorithm

Use Domain Mechanism (DM) to evaluate access to the method

if access is forbidden according to DM Access Denied

else /* Access Granted according to DM, check ACP now */ if PKCS#15 is present

if ACIF link in DODF is present, then if ACIF is found, then

loop for ACIE

if either ACIE contains AID for the target app or ACIE re-

lated to the entire SE

get corresponding ACF to evaluate access permis-

sions

if ACL is present

get ACE and evaluate access to the method else

Access Granted /* ACL is missing */ endif

endif

endloop

Access Denied /* either no ACIE element is found or all found

ACLs are empty */

endif /* for ACIF */

Access Denied /* ACP link exists, but no applicable ACIF is found */ else /* No ACP */

Access Granted

endif

else /* No PKCS#15 */ Access Granted

endif

endif

If any errors in ACP or PKCS#15 (U)SIM structure is found during the evaluation al- gorithm

execution access is denied.

Code Sample 3 Request for Access Algorithm

The algorithm can be implemented in many different ways. The most efficient one

DRAFT - Subject to Change [97/201]