Heath | Symbian OS Platform Security | Buch | 978-0-470-01882-8 | sack.de

Buch, Englisch, 274 Seiten, Format (B × H): 190 mm x 234 mm, Gewicht: 501 g

Reihe: Symbian Press

Heath

Symbian OS Platform Security


Erscheinungsjahr 2006
ISBN: 978-0-470-01882-8
Verlag: John Wiley & Sons

Buch, Englisch, 274 Seiten, Format (B × H): 190 mm x 234 mm, Gewicht: 501 g

Reihe: Symbian Press

ISBN: 978-0-470-01882-8
Verlag: John Wiley & Sons

Symbian OS is an advanced, customizable operating system, which is licensed by the world's leading mobile phone manufacturers. The latest versions incorporate an enhanced security architecture designed to protect the interests of consumers, network operators and software developers.

The new security architecture of Symbian OS v9 is relevant to all security practitioners and will influence the decisions made by every developer that uses Symbian OS in the creation of devices or add-on applications. Symbian OS Platform Security covers the essential concepts and presents the security features with accompanying code examples.

This introductory book highlights and explains:

* the benefits of platform security on mobile devices
* key concepts that underlie the architecture, such as the core principles of 'trust', 'capability' and data 'caging'
* how to develop on a secure platform using real-world examples
* an effective approach to writing secure applications, servers and plug-ins, using real-world examples
* how to receive the full benefit of sharing data safely between applications
* the importance of application certification and signing from the industry 'gatekeepers' of platform security
* a market-oriented discussion of possible future developments in the field of mobile device security

Heath Symbian OS Platform Security jetzt bestellen!

Autoren/Hrsg.

Heath, Craig

Fachgebiete

Weitere Infos & Material

About This Book.

Foreword.

About the Authors.

Acknowledgements.

PART 1. INTRODUCTION TO SYMBIAN OS PLATFORM SECURITY.

Chapter. 1 Why a Secure Platform?.

1.1 User Expectations of Mobile Phone Security.

1.2 What the Security Architecture Should Provide.

1.3 Challenges and Threats to Mobile Phone Security.

1.4 How Symbian OS Platform Security Fits in the Value Chain?.

1.5 How Application Developers Benefit from the Security Architecture.

Chapter 2. Platform Security Concepts.

2.1 Background Security Principles.

2.2 Architectural Goals.

2.3 First Concept ? The Process is the Unit of Trust.

2.4 Second Concept ? Capabilities Determine Privilege.

2.5 Third Concept ? Data Caging for File Access.

2.6 Summary.

PART 2. HOW TO DEVELOP ON THE SECURE PLATFORM

Chapter 3. The Platform Security Environment.

3.1 Building Your Application.

3.2 Developing on the Emulator.

3.3 Packaging Your Application.

3.4 Testing on Phone Hardware.

3.5 Summary.

Chapter 4. How to Write Secure Applications.

4.1 What is a Secure Application?.

4.2 Analysing the Threats.

4.3 What Countermeasures Can be Taken?.

4.4 Implementation Considerations.

4.5 Summary.

Chapter 5. How to Write Secure Servers.

5.1 What is a Secure Server?.

5.2 Server Threat Modelling.

5.3 Designing Server Security Measures.

5.4 Server Implementation Considerations.

5.5 Summary.

Chapter 6. How to Write Secure Plug-ins.

6.1 What is a Secure Plug-In?.

6.2 ECOM Plug-ins.

6.3 Migrating Existing Plug-ins.

6.4 Converting Plug-ins to Servers.

6.5 Writing New ECOM-based Plug-in Frameworks.

6.6 Non-ECOM Architectures.

6.7 Summary.

Chapter 7. Sharing Data Safely.

7.1 Introduction to Sharing Data.

7.2 Categories of Data.

7.3 Deciding the Level of Trust.

7.4 Attacks on Data and Countermeasures.

7.5 Using System Services.

7.6 Summary.

PART 3. MANAGING PLATFORM SECURITY ATTRIBUTES

Chapter 8. Native Software Install.

8.1 Introduction to the Native Software Installer.

8.2 Validating Capabilities.

8.3 Identifiers, Upgrades, Removals and Special Files.

8.4 SIS File Changes for Platform Security.

8.5 Installing to and from Removable Media.

8.6 Summary.

Chapter 9. Enabling Platform Security.

9.1 Responsibilities in Granting Capabilities.

9.2 Overview of the Signing Process.

9.3 Step-by-step Guide to Signing.

9.4 Revocation.

PART 4. THE FUTURE OF MOBILE DEVICE SECURITY

Chapter 10. The Servant in Your Pocket.

10.1 Crystal-Ball Gazing.

10.2 Convergence, Content and Connectivity.

10.3 Enabling New Services.

10.4 New Security Technologies.

Appendix A. Capability Descriptions.

Appendix B. Some Cryptography Basics.

Appendix C. The Software Install API.

Glossary.

Bibliography and References.

Index.

Craig Heath has been working in IT security since 1988, including positions at The Santa Cruz Operation as security architect for SCO UNIX, and at Lutris Technologies as security architect for the Enhydra Enterprise Java Application Server. He joined Symbian in 2002, working in product management and strategy.
He has been a member of The Open Group Security Forum (originally the X/Open Security Working Group) since 1993, sitting on the Steering Committee since 1999. He has contributed to several published security standards, including XBSS (baseline system security requirements), XDAS (distributed audit), and XSSO (single sign-on). He has also participated in standards work within POSIX, IETF, the Java Community Process, and the Open Mobile Alliance.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.