Midlet Suite Security

Assumptions on MIDlets

  • Need not be aware of security policy except for security exceptions
  • Subject to 1 protection domain and permissions
  • Internal representation of domain is implementation specific
  • UI and results of authentication attempts to user out of MIDP scope
  • Device must protect its security policy and domain info
  • For static security policies, unused security functions may be eliminated on device
  • Security policy not to be used for security sensitive functionality, merely to restrict access.
Sandboxes and Trust
  • MIDP 1.0 MIDlets operate as untrusted on MIDP 2.0 devices
  • Untrusted Midlets: Cannot access protected API/Functions. Restricted environment-untrusted domain,
  • and HttpConnection APIs require confirmation from untrusted MIDlets.
  • Trust determination is device specific.
  • Trusted Apps have increased access to protected APIS

Permissions and APIS

Permissions Restricted API

http HttpConnection

https HttpsConnection

datagram UDPDatagram

datagramReceiver UDPDatagram

socket SocketConnection

serversocket ServerSocketConnection

ssl SecureSocketConnection

PushRegistry PushRegistry

Permission Names
  • Case sensitive
  • Each API defines its own permissions
Requesting permissions
  • MIDlet Permissions specified in JAD/ Jar manifest
  • MIDlet-Permission/MIDlet-Permisssion-Opt used to specify permissions
    • Comma separated, leading/trailing spaces ignored.
    • If both are set, their values must be identical.
  • All requested critical permissions must be known and present. Otherwise the suite is not installed.
Protection Domains
  • Defines permission sets, interaction modes.
  • 2 types
    • Allowed: All protection domain suites allowed access
    • User: Access only after user auth. - User prompt that user can allow/deny
Interaction Modes for User Permisssions
  • blanket: Grant perms for every interaction
  • session: Grant perms until MIDP terminates
  • oneshot: only current invocation- prompt user for each invocation of protected API.

  • Interaction determined by device security policy.

Non Security Sensitive APIs: javax.micoredition.rms, midlet, lcdui,, media, media.control

blog comments powered by Disqus