This appendix defines the permissions to protect the access to the RFID hardware. Permissions are checked by the platform prior to the access of the protected function. Some methods in this API are defined to throw a SecurityException if the caller does not have the permissions needed to perform the action. This must be enforced by an appropriate security framework in the platform.

Using MIDP 2.0 Security Framework

Originally the MIDP security model was defined in the MIDP 2.0 Specification and the Recommended Security Policy. The Java Technology for the Wireless Industry (JTWI), JSR 185 Specification defines the policy for the third-party domain ("untrusted domain"). The Mobile Service Architecture (MSA) makes the four protection domains defined in the MIDP 2.0 mandatory and defines the recommended security policies for the domains. A MIDlet suite can belong to one of the four domains:

If this API is implemented on the MIDP 2.0 platform, the security framework of MIDP 2.0 must be used as defined below.

The table below defines the names of the permissions used and the methods that are protected by that permission.

The permissions must be placed into some function group. This specification does not mandate any particular function group. This is left to the Mobile Service Architecture work to decide.

Security on top of CDC configuration

Since the Contactless Communication API can be implemented on top of CDC configuration, this appendix defines the security permissions for that environment.

The implementations of Contactless Communication API on configurations and profiles that use the fine grained security permissions based on java.security.Permission security checks must include the class javax.microedition.contactless.ContactlessPermission. The table below lists the methods that must perform permission checks. It also states the name and action values for the ContactlessPermission constructor that must be used.

Below is the program listing of the ContactlessPermission class.

/**
 * This class is for Contactless Communication API permissions.
 * 
 * @see java.security.Permission
 * @see java.lang.SecurityManager
 */

public final class ContactlessPermission extends Permission {

    /**
     * Creates a new ContactlessPermission object with the specified name
     * and actions.  name parameter is the class to which the 
     * permissions apply. Possible name values are "discovery_manager" and
     * "ndef_tag_connection"
     * actions contains the desired action granted on the property. Possible 
     * action value is "get_instance" and "write".
     *
     * @param name the class to which the permission applies.
     * @param actions the actions string.
     * @throws NullPointerException if name or actions is null.
     * @throws IllegalArgumentException if action or name is not one of 
     *                       the values listed in the description
	 */
    public ContactlessPermission(String name, String actions) {
    }

    /**
     * @see java.security.Permission
     */
    public void checkGuard(Object object) throws SecurityException {
    }
    
    /**
     * @see java.security.Permission
     */
    public boolean implies(Permission p) {
    }

    /**
     * @see java.security.Permission
     */
    public boolean equals(Object obj) {
    }

    /**
     * @see java.security.Permission
     */
    public int hashCode() {
    }

    /**
     * @see java.security.Permission
     */
    public String getActions() {
    }

    /**
     * @see java.security.Permission
     */
    public final String getName() {
    }

    /**
     * @see java.security.Permission
     */
    public PermissionCollection newPermissionCollection() {
    }
    
    /**
     * @see java.security.Permission
     */
    public String toString() {
    }
}