Symbian OS Platform Security

Documents
Download Device Manufacturer Capability granting process description and other important documents.

Discussions
Discuss signing, certification and security issues and share ideas with other developers in our Discussion Boards.

Webinars
Check webinars about signing, Symbian Signed and how to access Device Manufacturer Capabilities.

eLearning
Learn more about Platform Security.

Screencasts
Find out more about preparing an application for Symbian Signed in the screencast Getting Ready for Symbian Signed with Carbide.c++.

FAQ
Check the most common questions about Platform Security and Capabilities.

Wiki
Check out the Testing pages in the Forum Nokia Developer Wiki.

Overview

S60 devices use the Symbian OS platform security model. The purpose of the model is to enable mobile consumers to use their mobile devices in an easy and trusted manner.

Mobile consumers can reasonably expect that a high-quality application doesn't lose or corrupt their data or contain malicious features. It's also fair to expect that the application performs only those tasks for which it's designed and expected to perform. The application must not allow others to exploit it for malicious purposes. Even if the application fails, it must not compromise security. Mobile consumers should also be confident that when they install an application from a trusted source, the application meets quality requirements defined for mobile applications. All these issues have been considered when defining security models for mobile applications.

Security in mobile devices has two main areas: hardware security and software security. Hardware security mainly protects the integrity of the software, and software security enforces application-level security. The focus of this section is software security.

Software security can be defined in a number of different ways:

• Quality-based approach: The product does what the specification says. It's assumed that the specifications are flawless.
• Robustness-based approach: The product fulfils its specification under different conditions and under attack, meaning that there are reactive components and, for example, error-correction methods managing changing environments.
• Feature-based approach: A secure product provides and guarantees security features that are required by its clients. It's assumed that the integrity and strength of features is already verified on a certain level.

Why should I care?

Application security is an important issue in Symbian OS, because native C++ applications have broad access to the mobile device functionality. For example, a native Symbian OS application can directly access network and mobile device interfaces, storage memory, messaging framework, and much more. This makes many features available for application development, but those features can be exploited in the wrong hands.

What tool can I use?

You can use Symbian OS platform security, which was introduced in Symbian OS v9.1 and available in S60 3rd Edition.

How do I distribute it?

Nokia offers you consumer and enterprise sales channels. Each channel provides unique features and benefits for you and your customers. The consumer market channels are Nokia Software Market, Download!, and MOSH. The enterprise channel is the Nokia for Business channel programme.

Rate This