Table of Contents
Advertisement
Any changes in the security configuration are done under
your responsibility. In no case shall Sagem Communication
and/or your network provider be liable for any damages
deriving from or arising out of such changes in the security
configuration.
You must be aware that applications downloaded to your
phone could cause the phone to perform actions for which
you will be billed, like making calls and sending SMS.
Depending on your operator's billing policy, you may also
be charged to download the application because of airtime
consumption.
Security considerations
Java™ MIDP technology is an efficient way to provide
powerful applications in mobile phones. It allows use, by
"over the air" downloaded applications or games, of the
great features built-in in a mobile phone (SMS sending and
receiving, multimedia playback and recording, network
access...).
All these MIDP 2.0 features cannot be simply exposed to
any MIDlet installed in the handset: a careful access control
system is implemented in the device to protect your private
data and airtime consumption.
Access controls are gathered in 9 security groups:
-
Network access (GPRS/GSM data airtime consumption,
HTTP/web connections...)
-
Auto invocation (MIDlet can wake up at a given time or
when receiving a SMS)
-
Phone call (ability to initiate a phone call)
-
Local connectivity (IrDA or serial interfaces use by the
MIDlet)
-
Messaging receive (SMS,SMS-CB interception by a
MIDlet)
-
Messaging sending (SMS sending by a MIDlet)
48
-
Read User data (Subscriber identity, Phonebook,
Agenda read access from a MIDlet)
-
Write User data (New phonebook or agenda entry)
-
Multimedia recording (ability to control camera or
microphone from a MIDlet)
According to the security status of an installed MIDlet (see
below), each of these security groups has one among 5
possible authorizations levels (listed from the more
restrictive to the more permissive):
-
Never
The security group completely prevents access to the
protected features.
-
Per use
Each time MIDlet tries to use protected feature, user is
prompted to grant access.
-
Per session
First time a MIDlet uses a protected function, user is
prompted to grant access like in "Per use" authorization
but access is granted until the MIDlet terminates.
-
Single confirmation
The first time in the whole MIDlet life a MIDlet uses a
protected feature, user is prompted to grant access. It
remains valid until the MIDlet is removed from the
handset.
-
Always
The security group unconditionally grants access to
protected features.
A MIDlet has a security status which is either "uncertified",
or else "certified".
An "uncertified" status means that the source of the MIDlet
could not be verified by the mobile phone at installation
time. As far as the phone knows, the MIDlet could have
been written by anyone.
Advertisement
Table of Contents
