Please note that as of October 24, 2014, the Nokia Developer Wiki will no longer be accepting user contributions, including new entries, edits and comments, as we begin transitioning to our new home, in the Windows Phone Development Wiki. We plan to move over the majority of the existing entries. Thanks for all your past and future contributions.

(Difference between revisions)

Java Security Domains

From Wiki
Jump to: navigation, search
hartti (Talk | contribs)
m (API access settings on real phones)
hartti (Talk | contribs)
m (added Java ME category)
Line 1: Line 1:
[[Category:Java]][[Category:Security]][[Category:Signing and Certification]]
[[Category:Java]][[Category:Java ME]][[Category:Security]][[Category:Signing and Certification]]

Revision as of 22:50, 25 September 2008



Accessing certain method calls and APIs from MIDlets has some restrictions. It is possible that in those cases the user will get prompted for confirmation to allow the certain method call or the access might be blocked altogether, which will result SecurityException to be thrown.

Making these prompts to appear less frequently requires the developer to sign the MIDlet (and the user to manually change the API access settings). Only signing to operator or manufacturer domain will remove the prompts completely, although this requires really close collaboration with those parties.

Security domains

MIDP 2.0 specification defines 4 security domains in which the MIDlet can be installed:

  • third party protection domain (untrusted 3rd party)
  • identified third party protection domain (trusted 3rd party)
  • operator protection domain
  • manufacturer protection domain

API protection groups

Each of the protection domains have certain level of access to the protected (sensitive APIs). The access rights are grouped to a function groups:

  • Net access (MIDP spec also defines low-level net access, but this has been combined on many phones to the Net access function group)
  • Messaging (MIDP spec also defines restricted messaging)
  • Application auto-start
  • Local connectivity
  • Multimedia recording
  • Read user data (including files and PIM)
  • Write/Edit user data (including files and PIM)
  • Location
  • Landmark store
  • Smart card communication
  • Authentication
  • (Call control)
  • (Phone call)

The MIDlet will have access settings defined to each of the function groups above, which are supported by the phone. The setting can be one of the following defined by the security domain policy of the phone:

  • Always allow / Blanket access
  • Ask first time / Ask once per session
  • Ask every time
  • Not allowed

API access definitions in Java ME standards

The Java specifications include a number of versions for the available API access rights (note, that there might not be a single device available which would support the API access rights exactly the way they are defined in the specification!)

NOTE: The MIDP specification defines that even trusted 3rd party MIDlet cannot have networking and auto-start permissions simultaneously as Always Allowed!

A MIDlet which has not been signed will be placed in the untrusted domain, which has most restrictions for accessing certain APIs. If the MIDlet has been signed and the corresponding certificate is stored in the certificate store of the phone, the MIDlet will be placed in the protection domain to which the certificate has been tied to. (There are some complex checks which are done at the installation time, please see the MIDP 2 specification for more info).

Certificates to sign to trusted 3rd party domain

If your application passes Java Verified testing, it will be signed with UTI root certificate, which will place your MIDlet to trusted 3rd party domain. Other common certificates placing your MIDlet to trusted 3rd party domain are available from:

Note, that the MIDP specification does not allow new certificates added on the phones to allow signing to trusted 3rd party domain. This is however possible on S60 2nd Edition devices due to incorrect implementation (instructions). Also note, that some operators have implemented so called developer certificates for their devices (Sprint and China Unicom). Consequently, make sure to check the available code-signing CA-certificates (or check this posting).

Security Domain policies for a number of carriers, deviating from the standard

As the MIDP spec security domain policy is just a recommendation, some operators have defined their own security domains and API access rights. These include

Security domain information from other manufacturers than Nokia

API access settings on real phones

Also the generic phones have different versions of the API access rights implemented.

One cannot change the default settings available on the phone, but after MIDlet installation it is possible to change the API access settings from default to the available ones (not all options are available to untrusted MIDlets).


241 page views in the last 30 days.