Symbian OS Platform Security/Glossary

From Franklin Heath Ltd Wiki
Jump to: navigation, search

Reproduced by kind permission of John Wiley & Sons.

AppArc
The Symbian OS Application Architecture framework, which defines the application structure and basic user interface handling.
attack surface
The complete set of resources and interfaces exposed to potential attackers trying to compromise a system’s security.
binary
A file containing compiled native executable program code.
BLOB
Binary Large OBject: a collection of binary data held in a file store or database. Commonly used to represent multimedia objects such as images, sounds and video.
CONE
The Symbian OS CONtrol Environment, the framework responsible for graphical interaction.
CSR
Certificate Signing Request: an unsigned certificate, used to create a valid certificate by signing it with the private key of a certificate authority.
CSY
Symbian OS plug-in communications server module.
DLL
Dynamically Linked Library: a binary which can be loaded into a running process to make code available for use.
DoS
Denial of Service: an attack on the security of a system which results in it being unavailable for use.
DRM
Digital Rights Management: the administration of rights in a digital environment. Rights may include controls on the use and redistribution of digital content.
ECOM
Symbian OS object factory framework used to manage and instantiate plug-in implementations.
ESN
Electronic Serial Number: a unique number used to identify a mobile phone on CDMA mobile phone networks.
ESOCK
Symbian OS network socket server process.
ETEL
Symbian OS telephony server process.
EXE
A type of binary which when loaded is used as the basis for a new process.
F32
The Symbian OS file server process.
FEP
Symbian OS Front End Processor: allows implementation of character input mechanisms as an alternative to the phone keypad.
firmware
Programs stored in semi-permanent storage such as ROM.
GSM
Originally ‘Groupe Spéciale Mobile’, rechristened ‘Global Standard for Mobile Communications’: the most widely used standard for mobile phone networks.
hard reset
Restarting a system from scratch, a ‘cold boot’, as opposed to a ‘soft reset’ which preserves the system state.
hashing
Using a one-way function to produce a short but effectively unique value representing a longer block of data.
IETF
Internet Engineering Task Force: a body that develops and ratifies standards for network data interchange (see www.ietf.org).
IMEI
International Mobile Equipment Identity, a unique number used to identify a mobile phone on GSM (and UMTS) mobile phone networks.
IPC
Inter-Process Communication: communication across thread and process boundaries. Symbian OS has supported two versions of IPC interface. IPC v2 was introduced to support platform security.
ISV
Independent Software Vendor, also referred to as a third-party developer: a software author using publicly available development tools.
kernel object
An object that is created and managed in the address space of the OS kernel, rather than of an individual process.
keyspace
In Symbian OS, a subsection of the central repository that contains the settings managed by one particular application.
LDD
Logical Device Driver: part of a kernel device driver which includes the logical functions of a device e.g., on and off, and read and write.
malware
Malicious software designed to damage or interfere with the operation of a computer system.
MIME type
Multipurpose Internet Mail Extensions media type, defined in IETF RFC 2046.
MMU
Memory Management Unit: a hardware component which maps kernel and user process virtual memory addresses on to physical memory.
OCSP
Online Certificate Status Protocol, defined in IETF RFC 2560.
opcode
Short for ‘operation code’, a short code used to represent one of a set of functions.
OTA
Over the Air - refers to data arriving via the mobile phone network rather than local data from a physically connected source.
P2P
Peer to Peer: network services which involve direct data connections between two or more client devices. A canonical P2P application is file sharing.
PDD
Physical Device Driver: part of a kernel device driver which includes interfaces to specific hardware functions of a device.
PIN
Personal Identification Number: a simple authentication mechanism requiring the user to enter a string of digits that only they know.
PKCS#10
One of the Public Key Cryptography Standards, which defines the format of a certificate signing request (CSR).
process
The Symbian OS unit of memory protection: one user process may not access another’s memory. A process may contain one or more threads.
race condition
An undesirable condition when two or more operations may be attempted simultaneously, and the system behavior depends on which is processed first.
recognizer
Symbian OS plug-in code that can examine sample data, and return, if recognized, its data type. The data type is represented as a MIME type.
RFC
Request For Comments: an IETF standard.
ROM
Read-Only Memory (often loosely used to include flash memory which is reprogrammable, but effectively read-only in normal operation).
SIM
Subscriber Identity Module – a secure means of storing the key identifying a mobile phone service subscriber and a small amount of other information.
SIS
Symbian OS Software Install Script – a package format for delivering applications to the phone in installable form.
SMS
Short Message Service: a mechanism for sending text messages on GSM mobile phone networks.
spoofing
A technique for attacking security systems by masquerading as another user, process or device.
SSL
Secure Sockets Layer: a network security protocol for data connections between two end points providing confidentiality, integrity and authentication.
SWInstall
The Symbian OS Software Install subsystem.
TCB
Trusted Computing Base.
TCE
Trusted Computing Environment.
TLS
Transport Layer Security: a network security protocol defined by IETF RFC 2246. Developed from SSL.
TOCTOU
Time of Check, Time of Use: a mnemonic describing the risks of race conditions when operations may affect security attributes between the time the security check is made and the time the result of the check is acted upon.
UI
User Interface. On Symbian OS-based mobile phones, the graphical user interface is a separate component such as S60 or UIQ.
UIKON
Symbian OS common APIs for graphical user interfaces.
UMTS
Universal Mobile Telecommunications System – a third-generation (3G) mobile phone network standard, the next generation of GSM.
URL
Uniform Resource Locator: the address of content on the World-Wide Web.
vtable
Virtual method table: in C++, contains pointers to all the virtual member functions defined in a class.
WAP
Wireless Application Protocol: a network protocol designed for delivering OTA content to mobile phones.
X.509
A standard format for digital certificates, defined by the International Telecommunication Union.