Viadeo Twitter Google Bookmarks ! Facebook Digg del.icio.us MySpace Yahoo MyWeb Blinklist Netvouz Reddit Simpy StumbleUpon Bookmarks Windows Live Favorites 
Logo Documentation Qt ·  Page d'accueil  ·  Toutes les classes  ·  Toutes les fonctions  ·  Vues d'ensemble  · 

Content: Installed Software: Safe Execution Environment
Functional Description

The Safe Execution Environment provides a level of security to enable downloading, installing and running third-party native applications; by addressing the risk of compromising the operation of the device, or its data, when running such applications.

The Safe Execution Environment for Qt Extended 4.3 Final only supports the download and secure execution of games

Features

Game Download

End-users may safely download and run games. Here games refers to restricted applications which do not require access to the full range of Qt Extended features (such as networking and document access).

These applications are restricted to

  • write-only display access
  • a specific location on the file-system
  • play audio

Safe Execution Package Manager

Refer to the Package Manager spec for details of the SXE related features of the Package Manager.

Safe Execution Policy Implementation

Application Level Policy

A policy file can be used to regulate the communication between applications and the server that take place along Qt Extended IPC. The policy file consists of a set of domains, each of which consists of a set of request strings. There are currently 2 domains, untrusted and trusted.

Through application policy, requests can be allowed for applications in the trusted domain while denied for those in the untrusted domain.

OS Level Policy

Application level policy is supplemented by Operating System level policy provided by a number of scripts. These scripts are used specify the policy of a Mandatory Access Control implementation ( such as LIDS from http://www.lids.org). Mandatory Access Control can, for example, prevent a program accessing the network or modem device directly.

Sample Integration

An example integration of MAC rules, SXE file-system and Qt Extended is provided as part of the Greenphone image. Scripts to build modified versions of the kernel, and the image are available. Generic script templates are also provided so that system customization can be performed for other platforms.

Sand-boxing

Untrusted applications run under a sandbox MAC rule set which inverts the usual system of allow, unless specifically denied to instead be deny, unless specifically allowed. This ensures that downloaded applications are not able to access any exploitable system resources.

The sandbox restricts the application to a specific subset of the file-system for its read-write access.

This feature includes a complete integration of the the SANDBOX rule into the 2.4 kernel based file-system on the Greenphone. It also caters for read-only filesystems such as cramfs.

The sandbox implementation is provided as a set of kernel patches and file-system tools, which builders of an SXE Qt Extended device must apply during integration.

Security Monitor

SxeMonitor is a Qt Extended system process, which monitors breaches in SXE policy. The following action is taken upon detection of a policy breach:

  • Alert dialog on application attempting unauthorized action
  • Alert SMS on application attempting unauthorized action
  • Downloaded application prevented from relaunching, ie disabled, after attempting unauthorized action. (Application can be re-enabled using Package Manager)
  • All running instances of the downloaded application are terminated when attempting an unauthorized action.
  • All downloaded applications are terminated and disabled if a brute force attack on binary keys is detected.

Two tier domain model

This feature is provided as part of the Touchscreen Phone Reference Design.

SXE adopts a two tier domain model, all applications must declare whether they belong into the trusted or untrusted domains. Application and OS level policy files have been developed so that untrusted applications will run under sandbox conditions while trusted applications are unrestricted.

All system applications are trusted while downloaded applications are may either be untrusted or trusted. (SXE may be configured so that downloaded applications must always declare themselves untrusted).

SXE only supports the running of games within the untrusted domain.


Copyright © 2009 Nokia Trademarks
Qt Extended 4.4.3
Cette page est une traduction d'une page de la documentation de Qt, écrite par Nokia Corporation and/or its subsidiary(-ies). Les éventuels problèmes résultant d'une mauvaise traduction ne sont pas imputables à Nokia. Qt qtextended4.4
Copyright © 2012 Developpez LLC. Tous droits réservés Developpez LLC. Aucune reproduction, même partielle, ne peut être faite de ce site et de l'ensemble de son contenu : textes, documents et images sans l'autorisation expresse de Developpez LLC. Sinon, vous encourez selon la loi jusqu'à 3 ans de prison et jusqu'à 300 000 E de dommages et intérêts. Cette page est déposée à la SACD.
Vous avez déniché une erreur ? Un bug ? Une redirection cassée ? Ou tout autre problème, quel qu'il soit ? Ou bien vous désirez participer à ce projet de traduction ? N'hésitez pas à nous contacter ou par MP !
 
 
 
 
Partenaires

Hébergement Web