Planning system and software security

Smartphones are capable of joining both public and private networks and often have the functionality of a normal desktop computer. Despite this, the average user does not perceive his or her device as a computer, but rather as a regular phone that is safe from security weaknesses. This creates an opportunity for hostile attackers to infiltrate and wreak severe direct or indirect damage (for example, penetrating into the corporate intranet).

It is, however, possible to anticipate this kind of action, and protect applications by using security features offered by Symbian OS and by expanding security policies to cover mobile devices and services.

The following steps should be followed in the process of developing system (or software) security:

  1. Define and evaluate all critical assets (resources, information).

  2. Identify all possible threats, vulnerabilities, and attacks, and estimate the extent of possible damage.

  3. Prioritize high-risk vulnerabilities, and select and implement corresponding security features. If risks are sufficiently low, protective measures may be unnecessary.

  4. Repeat these steps until the necessary level of protection is achieved.

The threat analysis performed in step two actually forms the basis of security engineering, where possible threats are identified and evaluated. Areas to examine in Symbian OS are device drivers, process startup, removable media, system resources, and communication between other components.

Figure 18: Security enhancement process

The security assessment process is guided by issues of cost, efficiency, and usability. If security is too tight, it may also be overly expensive and affect both performance and the user's experience of the system (or software). On the other hand, if security is too loose, it may result in severe damage and, in the long run, be even more costly.

Security mechanisms

Numerous security mechanisms are available; the most common and important ones in the mobile world are:

  • Ciphering enables confidentiality. Information is accessible only by authorized parties. With ciphering it is also possible to maintain integrity.

  • Hash function (checksum) can be used to verify integrity and detect information tampering.

  • Signing allows attaching of information to a certain source.

  • Authentication ensures that the object is what it claims to be.

  • Access control restricts unauthorized access to resources.

  • Authorization is permission to perform tasks on behalf of somebody else.

  • Certification is provided usually by a third party to prove information validity.

  • Recovery mechanisms are usually implemented as redundancy (duplication of information or routes).

  • In communication it is possible to use, for example, error correction to repair transmission failures, random traffic generation to keep the line occupied, and packet uniforming to blend important packets into traffic.

As can be seen from the list, some mechanisms are attached to others (for example, certification requires that the information is signed). Also, all mechanisms are not equally important since some basic mechanisms form a base for more complicated mechanisms.

Symbian has introduced a security enhancement for its operating system, called platform security. This enhancement is intended to increase the security awareness among software developers, and it provides tools (that is, security features using the mechanisms listed above) for design and implementation.

© Nokia 2008.