Software installer

End users can install new software from a variety of sources: through e-mail, Internet downloads, multimedia messaging service (MMS) and WAP push messages, infrared and Bluetooth connections, PC Suite, and removable memory cards. The diversity of software vendors and delivery channels requires a sophisticated system for managing installed software.

The software installation system in Symbian OS provides a secure installation process for applications. It supports authentication of software components using digital signatures and certificates to provide a way to confirm that applications being installed onto a Symbian OS phone are from a known vendor. The signature for an installation package can be obtained through the Symbian Signed process, and the certificates located in the mobile device are installed during manufacturing (that is, they work as root certificates). The signature is then validated against certificates during installation; if they match, it implies the same trust for the installation package (and for the application) that the certificate provider has. The software installation system recognizes different varieties of devices, allowing the installation package creator to define the devices and platforms to which the software can be installed.

The following figure illustrates the steps of software installation:

Figure 23: Installation process for signed packages

When installing software, the user will see the originator of the package and the party that confirms the originator's identity. For security reasons, it is recommended that software is not installed unless the user trusts both the originator of the package and the certificate authority.

The user should be encouraged to consider the following aspects when installing software: Is the software to be installed coming from a trustworthy author and is the certificate provider trusted enough to authenticate the originator? If either of the answers is negative, the user should be asked to consider canceling the installation. This is especially important when installing security-related components (VPN clients, firewalls, virus scanners, etc.) or other business-related software.

Secure software installer

In platform security-enabled platforms, the software installer has the responsibility of identifying and authorizing the software during installation. This can be achieved with signed installation packages, allowing validation of a signature against trusted certificates stored in the device. The installation software can install two types of packages: signed .sis packages, and Java archives (JAR) run by a Java virtual machine.

When a signed package is installed into the system, its signature is validated against root certificates that are stored in the device. If they match, the application is installed and the requested capabilities are stored within the executable, assuming that the certificate can grant the capabilities. The application's Secure Identifier is also checked for local uniqueness; that is, a device cannot have two applications with the same SID. The software installer has the Trusted Computing Base (TCB) capability to access and modify all protected directories under the sys directory, so a third-party application can save executable files to the \sys\bin directory by means of the software installer. For unsigned applications, only basic capabilities can be granted, and these are always confirmed by the user.

Software can also be installed to removable media during the installation procedure. During installation, a hash (checksum) of the executable is stored locally in the device to protect the integrity of the binary. Afterwards, if the locally stored hash does not correspond with the binary on the memory card, the binary is not loaded. This overcomes the fact that the content of the memory card can be changed outside Symbian OS. The main drawback is that applications become dependant on the device they were originally installed into.

Applications and data can also be distributed directly on removable media. The memory card can contain the SISX signature part, which is then processed by the software installer when the memory card is installed. The SISX signature part must be of preinstalled application (PA) type, and it must be signed against a trusted certificate stored in the device to perform silent installation.