OS Security Quick Start

OS Security on the Symbian platform enables data confidentiality, integrity and authentication. It provides high-level services, such as key and certificate management, authentication, secure user prompting, and Digital Rights Management (DRM) framework.

Getting started with OS Security

OS Security is intended to support:

  • Secure communication protocols that provide data confidentiality and integrity

  • Authentication of installable software

  • Protection of device integrity

Architecture

OS Security includes the following collections:

  • Authorisation contains User Prompt Service (UPS) component that provides standard interfaces for the device creators to set policies that determine if requests made by applications to access system services, such making telephone calls, need confirmation from the user.

  • Security and Data Privacy Tools contains Security Config and Security Tools components. Security Config contains security ROM build-time configuration files. Device creators use the configuration files to customize the behavior of security components. Security Tools comprises of certapp tool that creates, augments, dumps and debugs certificate stores. It also dumps certificate files in human-readable form.

  • Crypto Management Libraries provides interfaces for management of tokens used for secure authentication, such as cryptographic keys and certificates. It contains CryptoToken framework to provide interfaces for managing cryptography certificates, keys and certificate applications.

  • Crypto Libraries contains a Weak CryptoSPI and Strong CryptoSPI components together called as CryptoSPI framework. The framework provides software-based implementations of cryptographic algorithms. It allows device creators to include alternative implementations as plug-in DLLs.

  • Crypto Plug-ins contains CryptoSPI Plug-ins component. These are plug-ins to the Crypto Libraries' Crypto SPI framework. It provides software-based implementations of cryptographic algorithms for encryption, decryption, hash and random number generation.

  • Crypto Services provides interfaces to handle cryptographic keys and certificates. It contains Certificate and Key Management, File-Based Certificate and Key Stores, ASN-PKCS Root Certificates and OpenSSL components.

The following diagram shows the OS Security's components grouped into collections, which are shown as white boxes:

Figure 1. OS Security in Symbian System Model

Technologies

DRM

DRM refers to an access control technology that prevents unauthorised use of copyrighted content.

To know more about the key concepts used in OS Security, see OS Security Concepts.