Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
161162163164165166167168169170
Application permissions for applications that users install as trusted
applications on a smartphone
Some applications that a user installs on a BlackBerry smartphone prompt the user to install the application as a trusted
application. If the user accepts the prompt and installs the application as a trusted application, all permissions for the
application are set to Allow except for the following permissions:
Permission Setting
Input Simulation Deny
Browser Filtering Deny
Recording Prompt
Security Timer Reset Prompt
Display Information While Locked Deny
Secure Element Prompt
How code signing controls the resources that
applications can access on a smartphone
Some APIs in the BlackBerry Java SDK are protected APIs. Protected APIs expose methods that can access user data or
other information on BlackBerry smartphones that is considered sensitive. When an application uses protected APIs, the
application must be digitally signed with code signing keys before the application can be deployed.
Application developers can request access to a set of code signing keys from blackberry.com/SignedKeys/. The developer
must digitally sign the application before it can be installed on a smartphone. Code signing does not certify or approve an
application, but it allows Research In Motion to identify the author of a potentially malicious application that uses sensitive
APIs.
In addition to API control, code signing can be used to restrict or share access to application data by other applications on
a smartphone.
For more information about code signing and applications, visit www.blackberry.com/go/serverdocs to see the BlackBerry
Java SDK Security Development Guide.
Security Technical Overview Controlling applications on a device
166