Chapter 7. Security

This chapter outlines a number of patterns that can be used to secure your components from attack by software agents, known as malware. Before we get into the details of the patterns themselves, we cover some of the basics of the platform security provided by Symbian OS v9 so that they are put into context. For a fuller description please see [Shackman, 2006] and [Heath, 2006].

Security on Symbian OS follows a strategy of defense in depth[] in which there exist multiple security privileges which each provide the right to perform a specified group of actions or access specific information or resources. These security privileges are known as capabilities[] on Symbian OS and are assigned to executables during development. During development, you may also assign to an executable a secure identifier (SID) or a vendor identifier (VID).[] The capabilities, SID, and VID are known collectively as security credentials.

[] en.wikipedia.org/wiki/Defense_in_depth_(computing)

[] See [Heath, 2006, Section 2.4].

[] If not assigned explicitly, the SID defaults to the UID3 of the executable whilst the absence of a VID statement means that it does not have a VID.

In addition to this, Symbian OS platform security defines the following concepts:

  • The smallest zone of trust is a process – Symbian OS has been designed to control what each process can do. This reflects the fact that a process is the unit of memory protection and this hardware-assisted protection provides the foundation ...

Get Common Design Patterns for Symbian OS: The Foundations of Smartphone Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.