Recent studies show that sales of Symbian-based mobile devices have increased by 131% in the third quarter of 2005, reaching a total of 8.5 million devices and bringing the total number of Symbian users to 48 million. In this article, the author presents the latest Symbian 9.1 release which brings a number of significant changes and some revolutionary new features.

Recent studies show that sales of Symbian-based mobile devices have increased by 131% in the third quarter of 2005, reaching a total of 8.5 million devices and bringing the total number of Symbian users to 48 million. The latest Symbian 9.1 release brings a number of significant changes and some revolutionary new features, and this article presents an overview of some of the most interesting developments.

Safety first

Sales of mobile devices equipped with Symbian OS are quite literally snowballing. As recently as 2004, quarterly sales were only just in excess of 3.5 million devices and as few as 30 different models were available. At present, quarterly sales are closer to 8.5 million, the number of devices in use has doubled and some 60 new models are in development. The Symbian environment, until recently restricted to high-end models, is now available to a growing number of users. However, new users are usually unaware that the system's open architecture and extensive communication capabilities open up a variety of potential security issues. Indeed, many phone users are unaware that their device has an operating system in the first place. Security problems in Symbian 9.1 are addressed by the integrated Platform Security architecture (PlatSec).

Table 1. Capabilities list

User capabilities
NetworkServices	Allows network connections to be made, in particular ones that generate costs (such as a phone call).
LocalServices	Allows local connections that involve no costs to be made, for example Bluetooth or USB connections.
ReadUserData, WriteUserData	Protect the device user's privacy by controlling read/write access to private data (photos, bank details etc.).
System capabilities
Tcb	Allows access to restricted directories within the file system (/sys and /resource).
CommDD	Allows control of communications device drivers.
MultimediaDD	Allows control of multimedia device drivers.
PowerMgmt	Allows power profiles to be switched and managed, with control of power consumption and the right to shut down processes.
ReadDeviceData, WriteDeviceData	Allows read/write access to data that controls device behaviour.
TrustedUi	Allows access to the trusted user interface, used for entering sensitive information. In trusted mode, the system protects the screen buffer and keyboard input from being intercepted by other applications.
ProtServ	Allows server processes with protected names to be created. A protected name begins with an exclamation mark.
DiskAdmin	Allows access to certain disk operations, such as formatting.
AllFiles	Allows access to files in the /private directory.
SwEvent	Allows keyboard and pointing device events to be generated.

Platform Security architecture

PlatSec is charged with the following tasks:

• user security - controlling access to private data (contacts, PIM entries etc.) and any APIs that can be used to generate costs (for example ones used to send MMS messages);

• device security - ensuring that process code cannot degrade the core functionality of the phone or application performance;

• network security - protecting operator services and other devices available though networking.

Platform Security protects system-critical APIs from unauthorised use. Access to an estimated 40% of all OS functionality is protected by a system of privileges, in this case called capabilities.

The security model is divided into three layers. The lowest layer is the Trusted Computing Base (TCB) - the most vulnerable and best protected part of the system. The TCB has unlimited access to all platform components, both hardware and software (the kernel, file system and - for open systems - software installer). Above the TCB resides the Trusted Computing Environment (TCE), made up of the remaining system components, such as C32, ESOCK, ETEL and WSERV. The last and relatively least secure level is the layer visible to the user. Users can assign capabilities only within the narrow segment of system functionality accessible to them. Table 2 shows the capabilities for particular PlatSec layers.

Figure 1. Access rights verification

Besides the capabilities mechanism, previously unrestricted access to file system space has been narrowed down by dividing the file system into areas with different access rights:

• The /sys directory is available only to the TCB. All executable code resides in the /sys/bin directory and it is not possible to execute an application from outside this directory.

• The /resource directory is read-only for processes outside the TCB. This allows resources to be shared while ensuring their consistency.

• Each application is assigned its own private space within a subdirectory of /private.

• The remainder of the file system is publicly available and can be read and written by any application.

sum:

0 €

» Library of the Month
» Workshop
» Software Engineering
» Programming Tools
» Interview
» High quality and
secure programming
» Reverse Engineering
» Portable GUI
» Artificial intelligence