-Messaging receive (SMS,SMS-CB interception by a MIDlet)

-Messaging sending (SMS sending by a MIDlet)

-Read User data (Subscriber identity, Phonebook, Agenda read access from a MIDlet)

-Write User data (New phonebook or agenda entry)

-Multimedia recording (ability to control camera or microphone from a MIDlet)

According to the security status of an installed MIDlet (see below), each of these security groups has one among 5 possible authorizations levels (listed from the more restrictive to the more permissive):

-Never

The security group completely prevents access to the protected features.

-Per use

Each time MIDlet tries to use protected feature, user is prompted to grant access.

-Per session

First time a MIDlet uses a protected function, user is prompted to grant access like in "Per use" authorization but access is granted until the MIDlet terminates.

-Single confirmation

The first time in the whole MIDlet life a MIDlet uses a protected feature, user is prompted to grant access. It remains valid until the MIDlet is removed from the handset.

-Always

The security group unconditionally grants access to protected features.

A MIDlet has a security status which is either "uncertified", or else "certified".

An "uncertified" status means that the source of the MIDlet could not be verified by the mobile phone at installation time. As far as the phone knows, the MIDlet could have been written by anyone.

A "certified" status means that the MIDlet was digitally signed by a known party, whose name is displayed by the mobile phone. This means that the mobile phone successfully authenticated the named party as the source of the MIDlet.

Security permissions are different for "uncertified" or "certified" MIDlets, and may be different for different sorts of named parties. Usually "uncertified" security permisions are more restrictive than "certified" ones.

Security configuration menu

When a MIDlet is installed in the mobile phone, default security authorizations are applied.

This default security configuration may be altered through the "Settings/Security" menu of an installed MIDlet.

Once in the "Security" menu, the security status of the MIDlet is displayed (see "Security considerations" paragraph above). If you do not want to enter the security menu, simply select "Back" button.

You can proceed by selecting "Ok" button.

The menu displayed allows you to increase or decrease permissions currently applied to the current MIDlet for each of the security groups.

62

Java™

Page 62
Image 62
Sagem MYV-76 manual Security configuration menu