Sony Ericsson UIQ 3 Unique Identifiers, UIDs, Secure Identifier, SID, Vendor Identifier, VID

Developers guidelines Signing applications

Identifiers

Symbian OS v9 Platform Security also requires that applications can be uniquely identified and strictly classified to reflect their PlatSec level of trust. For example, signed and unsigned application are clearly separated by having UID values in separated value ranges.

Unique Identifiers, UIDs

In Symbian OS, objects are identified by three 32 bit globally unique identifiers, referred to as UID1, UID2 and UID3.

•UID1 is a system level identifier, distinguishing for example executables, DLLs and file stores.

•UID2 distinguishes objects with the same UID1 based on different interfaces. For example GUI appli- cations have a common UID2 value.

•UID3 can be seen as a project identifier, for example, all objects belonging to a given program may share a UID3 value.

With Symbian OS v9, allocation of UID3 values has been changed to further enhance security, for exam- ple to implement the data caging feature. Applications developed for public distribution must be assigned a globally unique UID3 value, which is utilized through an automated UID allocation system implemented within the Symbian Signed programme.

Allowed UID values have been split into one protected range for signed application and one unprotected range for unsigned applications. Only signed applications can use UIDs in the protected range, and only protected range UID values are allowed for signed applications. This is validated in the Symbian Signed process. On the other hand unsigned applications are not allowed to use UIDs in the protected range, and can only be installed with a UID from the unprotected range of values.

Secure Identifier, SID

Symbian OS v9 applications are assigned a SID value, which is automatically set to the UID3 value, unless explicitly specified by the developer. The SID value determines the name of the folder where private appli- cation data is stored.

The SID value can be specified in the .MMP file of the application, but this option should only be used in special cases. Normally the automatically set value of UID3 should be accepted.

Vendor Identifier, VID

A Vendor ID can be used at runtime to identify the source of the binary. It is mainly of interest for phone manufacturers and network operators, for example when needing to restrict access to a certain service to applications from specific vendors. Most developers have no need for a VID, and the default VID value (0) can then be used.