File Group Permissions - VeriFone Vx810 Reference Manual

Hide thumbs Also See for Vx810:

Reference manual (158 pages)

Installation manual (36 pages)

User manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

ERFORMING

OWNLOADS

File Authentication Requirements

File Group

Permissions

106

810 R

EFERENCE

When the signature file successfully authenticates its target file, it is

automatically moved to the same file system and file group as the target file it

authenticates (that is, if *FA = 1).

The processing routine gives visible and audible indications when a specific

signature file authenticates successfully. The file authentication module does

not halt the process if a signature file fails to authenticate, but continues to the

next step, storing the downloaded files in their final locations in the device file

system.

Certificate files and signature files are retained in the SRAM file system until

the file authentication process is complete. These special files are either

deleted or automatically redirected to another file system or file group, as

previously described.

When an application file is authenticated, the operating system sets the file's

read-only attribute to protect it from being modified while stored in device

memory. This is also true for a signature file retained in device memory. When

a signature file is assigned the read-only attribute, it is no longer detected as a

new signature file by the file authentication module on device restart.

When all certificates and signature files are processed and special files are

deleted or redirected as required, the device restarts and the *GO application

executes.

This section discusses how file authentication controls who (which business

entity) can store application files in which file groups in the V

By inserting zero-length SETDRIVE.x and SETGROUP.n files into a download list,

you can specify which drive (x = I: SRAM or F: flash ROM) and in which group (n

= 1–15) to store an application file. In addition to this file redirection protocol, the

file authentication module controls which files are allowed, under the authority of

the signer certificate used to sign them, to be stored in which file groups in the

810 file system.

For example, if the device owner specifies storing a loyalty application in GID2,

the information is encoded in the sponsor and signer certificates and issued by

the VeriFone CA for that device.

Chapter 5

discussed how signer certificates are required inputs to the VeriShield

File Signing Tool when preparing a deployment device. Each signature file

generated under that signer certificate contains a logical link that allows the

application to authenticate and run on the device only if the signature files and

corresponding target files are downloaded onto the target GID.

Although you can store files in any file group simply by selecting the target group

in system mode, the files downloaded are not authenticated for the selected target

group unless they are properly signed under the authority of the sponsor and

signer certificates issued for that device.

UIDE

810 file system.

Table of Contents

File Group Permissions - VeriFone Vx810 Reference Manual

Related Manuals for VeriFone Vx810

Related Content for VeriFone Vx810

Table of Contents