Symbian OS Platform Security/Glossary
From Franklin Heath Ltd Wiki
Reproduced by kind permission of John Wiley & Sons.
- AppArc
- The Symbian OS Application Architecture framework, which defines the application structure and basic user interface handling.
- attack surface
- The complete set of resources and interfaces exposed to potential attackers trying to compromise a system’s security.
- binary
- A file containing compiled native executable program code.
- BLOB
- Binary Large OBject: a collection of binary data held in a file store or database. Commonly used to represent multimedia objects such as images, sounds and video.
- CONE
- The Symbian OS CONtrol Environment, the framework responsible for graphical interaction.
- CSR
- Certificate Signing Request: an unsigned certificate, used to create a valid certificate by signing it with the private key of a certificate authority.
- CSY
- Symbian OS plug-in communications server module.
- DLL
- Dynamically Linked Library: a binary which can be loaded into a running process to make code available for use.
- DoS
- Denial of Service: an attack on the security of a system which results in it being unavailable for use.
- DRM
- Digital Rights Management: the administration of rights in a digital environment. Rights may include controls on the use and redistribution of digital content.
- ECOM
- Symbian OS object factory framework used to manage and instantiate plug-in implementations.
- ESN
- Electronic Serial Number: a unique number used to identify a mobile phone on CDMA mobile phone networks.
- ESOCK
- Symbian OS network socket server process.
- ETEL
- Symbian OS telephony server process.
- EXE
- A type of binary which when loaded is used as the basis for a new process.
- F32
- The Symbian OS file server process.
- FEP
- Symbian OS Front End Processor: allows implementation of character input mechanisms as an alternative to the phone keypad.
- firmware
- Programs stored in semi-permanent storage such as ROM.
- GSM
- Originally ‘Groupe Spéciale Mobile’, rechristened ‘Global Standard for Mobile Communications’: the most widely used standard for mobile phone networks.
- hard reset
- Restarting a system from scratch, a ‘cold boot’, as opposed to a ‘soft reset’ which preserves the system state.
- hashing
- Using a one-way function to produce a short but effectively unique value representing a longer block of data.
- IETF
- Internet Engineering Task Force: a body that develops and ratifies standards for network data interchange (see www.ietf.org).
- IMEI
- International Mobile Equipment Identity, a unique number used to identify a mobile phone on GSM (and UMTS) mobile phone networks.
- IPC
- Inter-Process Communication: communication across thread and process boundaries. Symbian OS has supported two versions of IPC interface. IPC v2 was introduced to support platform security.
- ISV
- Independent Software Vendor, also referred to as a third-party developer: a software author using publicly available development tools.
- kernel object
- An object that is created and managed in the address space of the OS kernel, rather than of an individual process.
- keyspace
- In Symbian OS, a subsection of the central repository that contains the settings managed by one particular application.
- LDD
- Logical Device Driver: part of a kernel device driver which includes the logical functions of a device e.g., on and off, and read and write.
- malware
- Malicious software designed to damage or interfere with the operation of a computer system.
- MIME type
- Multipurpose Internet Mail Extensions media type, defined in IETF RFC 2046.
- MMU
- Memory Management Unit: a hardware component which maps kernel and user process virtual memory addresses on to physical memory.
- OCSP
- Online Certificate Status Protocol, defined in IETF RFC 2560.
- opcode
- Short for ‘operation code’, a short code used to represent one of a set of functions.
- OTA
- Over the Air - refers to data arriving via the mobile phone network rather than local data from a physically connected source.
- P2P
- Peer to Peer: network services which involve direct data connections between two or more client devices. A canonical P2P application is file sharing.
- PDD
- Physical Device Driver: part of a kernel device driver which includes interfaces to specific hardware functions of a device.
- PIN
- Personal Identification Number: a simple authentication mechanism requiring the user to enter a string of digits that only they know.
- PKCS#10
- One of the Public Key Cryptography Standards, which defines the format of a certificate signing request (CSR).
- process
- The Symbian OS unit of memory protection: one user process may not access another’s memory. A process may contain one or more threads.
- race condition
- An undesirable condition when two or more operations may be attempted simultaneously, and the system behavior depends on which is processed first.
- recognizer
- Symbian OS plug-in code that can examine sample data, and return, if recognized, its data type. The data type is represented as a MIME type.
- RFC
- Request For Comments: an IETF standard.
- ROM
- Read-Only Memory (often loosely used to include flash memory which is reprogrammable, but effectively read-only in normal operation).
- SIM
- Subscriber Identity Module – a secure means of storing the key identifying a mobile phone service subscriber and a small amount of other information.
- SIS
- Symbian OS Software Install Script – a package format for delivering applications to the phone in installable form.
- SMS
- Short Message Service: a mechanism for sending text messages on GSM mobile phone networks.
- spoofing
- A technique for attacking security systems by masquerading as another user, process or device.
- SSL
- Secure Sockets Layer: a network security protocol for data connections between two end points providing confidentiality, integrity and authentication.
- SWInstall
- The Symbian OS Software Install subsystem.
- TCB
- Trusted Computing Base.
- TCE
- Trusted Computing Environment.
- TLS
- Transport Layer Security: a network security protocol defined by IETF RFC 2246. Developed from SSL.
- TOCTOU
- Time of Check, Time of Use: a mnemonic describing the risks of race conditions when operations may affect security attributes between the time the security check is made and the time the result of the check is acted upon.
- UI
- User Interface. On Symbian OS-based mobile phones, the graphical user interface is a separate component such as S60 or UIQ.
- UIKON
- Symbian OS common APIs for graphical user interfaces.
- UMTS
- Universal Mobile Telecommunications System – a third-generation (3G) mobile phone network standard, the next generation of GSM.
- URL
- Uniform Resource Locator: the address of content on the World-Wide Web.
- vtable
- Virtual method table: in C++, contains pointers to all the virtual member functions defined in a class.
- WAP
- Wireless Application Protocol: a network protocol designed for delivering OTA content to mobile phones.
- X.509
- A standard format for digital certificates, defined by the International Telecommunication Union.