Security settings

The Bluetooth API 1.1 security model implemented in the Series 40 and Symbian platforms is based on the Mobile Service Architecture (MSA) Subset specification 1.00 security policy.

Permission is required for opening Bluetooth and OBEX client and server connections. Permission is also required when a push MIDlet is registered to PushRegistry and when a push MIDlet is launched. The corresponding function groups depend on the platform:

• On the Series 40 platform, all permissions are granted based on the Connectivity function group.

• On the Symbian platform, permission to create a connection is granted based on the Local Connectivity function group. Permission to register or launch a push MIDlet is granted based on the Application Auto Invocation function group.

The following table describes the security policy settings on the Series 40 platform.

The following table describes the security policy settings on the Symbian platform.

Explanations for the values are as follows:

• "Blanket" is valid for every invocation of an API by a MIDlet suite until it is uninstalled or the permission is changed by the user.

• "Session" is valid from the invocation of a MIDlet suite until it terminates. "Session" MUST prompt the user on or before the first invocation of the API or function, which is protected. When the user re-invokes the MIDlet suite the prompt MUST be repeated.

• "Oneshot" MUST prompt the user on each invocation of the API or function, which is protected.