The Bluetooth API 1.1 security model implemented in the Nokia Asha and Series 40 software platform devices is based on the Mobile Service Architecture (MSA) Subset specification 1.00 security policy.
Permission is required for opening Bluetooth and OBEX client and server connections. Permission is also required when a push MIDlet is registered to PushRegistry and when a push MIDlet is launched. The corresponding function groups depend on the platform. All permissions are granted based on the Connectivity function group.
The following table describes the security policy settings:
|
Function group |
Trusted 3rd Party Protection Domain |
Untrusted 3rd Party Protection Domain |
||
|---|---|---|---|---|
|
Default setting |
Other settings |
Default setting |
Other settings |
|
|
Connectivity |
Session |
Blanket, No |
Oneshot |
Session, Blanket, No |
Explanations for the values are as follows:
"Blanket" is valid for every invocation of an API by a MIDlet suite until it is uninstalled or the permission is changed by the user.
"Session" is valid from the invocation of a MIDlet suite until it terminates. "Session" MUST prompt the user on or before the first invocation of the API or function, which is protected. When the user re-invokes the MIDlet suite the prompt MUST be repeated.
"Oneshot" MUST prompt the user on each invocation of the API or function, which is protected.