The security model for Smartphone applications is based on certificates. A device can be configured by the device manager (usually the network operator) to allow only signed applications to run. Whether an application can run or not depends on:
- If the device has a one- or two-tiered security model
- The current security mode of the device: Open, Locked, or Prompt
- How the application was signed: with a privileged certificate, unprivileged certificate, or not at all
One-tiered devices give access to all APIs for applications that are allowed to run. On two-tiered devices, there are APIs that cannot be access unless the application was signed with a privileged certificate.
If the device has:
- Open security mode, all applications can run, signed and unsigned.
- Locked security mode, only signed applications run on the device.
- Prompt security mode, all signed applications run without a prompt, and the user is prompted to reject or accept all unsigned applications.
(from MSDN).
No comments:
Post a Comment