81
Java™
According to the security status of an installed MIDlet (see below), each of these security groups has one among 5 possible
authorizations levels (listed from the more restrictive to the more permissive):
• Never
The security group completely prevents access to the protected features.
• Per use
Each time MIDlet tries to use protected feature, user is prompted to grant access.
• Per session
First time a MIDlet uses a protected function, user is prompted to grant access like in "Per use" authorization but
access is granted until the MIDlet terminates.
• Single confirmation
The first time in the whole MIDlet life a MIDlet uses a protected feature, user is prompted to grant access. It remains
valid until the MIDlet is removed from the handset.
• Always
The security group unconditionally grants access to protected features.
A MIDlet has a security status which is either "uncertified", or else "certified".
An "uncertified" status means that the source of the MIDlet could not be verified by the mobile phone at installation time. As far
as the phone knows, the MIDlet could have been written by anyone.
A "certified" status means that the MIDlet was digitally signed by a known party, whose name is displayed by the mobile phone.
This means that the mobile phone successfully authenticated the named party as the source of the MIDlet.
Security permissions are different for "uncertified" or "certified" MIDlets, and may be different for different sorts of named parties.
Usually "uncertified" security permisions are more restrictive than "certified" ones.
Security configuration menu
When a MIDlet is installed in the mobile phone, default security authorizations are applied.
This default security configuration may be altered through the "Settings/Security" menu of an installed MIDlet.
Once in the "Security" menu, the security status of the MIDlet is displayed (see "Security considerations" paragraph above).
If you do not want to enter the security menu, simply select "Back" button.
You can proceed by selecting "Ok" button.
The menu displayed allows you to increase or decrease permissions currently applied to the current MIDlet for each of the
security groups.
When you set a more permissive authorization to a security group than the current value, mobile phone asks you to
confirm your increased risk exposure.
The maximum risk exposure increase is limited by the security status. Depending of the manufacturing configuration, it means,
for example, that "Net Access" security group authorization cannot be set to a permissive value higher that "Session" for an
"uncertified" MIDlet ("Single confirmation" and "Always" are unavailable in the security configuration menu) but an operator
"certified" MIDlet may have all permission values available without any limitations.
251729200_myC5-2_lu_en.book Page 81 Lundi, 4. octobre 2004 11:21 11
Summary of Contents for myC5-2
Page 4: ...1 Conformance Document 251729200_myC5 2_lu_en book Page 1 Lundi 4 octobre 2004 11 21 11...
Page 95: ...251729200_myC5 2_lu_en book Page 92 Lundi 4 octobre 2004 11 21 11...
Page 96: ...251729200_myC5 2_lu_en book Page 93 Lundi 4 octobre 2004 11 21 11...
Page 97: ...251729200_myC5 2_lu_en book Page 94 Lundi 4 octobre 2004 11 21 11...
Page 98: ...251729200_myC5 2_lu_en book Page 95 Lundi 4 octobre 2004 11 21 11...
Page 99: ...251729200 09 2004 251729200_myC5 2_lu_en book Page 96 Lundi 4 octobre 2004 11 21 11...