Application deployment for mobile 5.0, Introduction, Security – Motorola ENTERPRISE DIGITAL ASSISTANT MC70 User Manual
Page 67: Application security, Digital signatures, Chapter 4: application deployment for mobile 5.0, Introduction -1 security -1, Application security -1 digital signatures -1, Chapter 4, application deployment for mobile 5.0
Chapter 4
Application Deployment for Mobile 5.0
Chapter 4
Chapter 4 Application Deployment for Mobile 5.0
Introduction
This chapter describes new features in Windows Mobile 5.0 including new security features, how to package
applications, and procedures for deploying applications onto the EDA.
Security
The MC70 EDAs implement a set of security policies that determine whether an application is allowed to run
and, if allowed, with what level of trust. To develop an application, you must know the security configuration of
the device, and how to sign an application with the appropriate certificate to allow the application to run (and to
run with the needed level of trust).
Application Security
Application security controls the applications that can run on the EDA.
•
Trusted - All applications must be digitally signed by a certificate on the EDA.
•
Prompted - User is prompted to allow unsigned applications to run.
•
Open - All applications run.
Developers can include their own certificates and provision the device to “trusted.”
Digital Signatures
Digital signatures provide a way to authenticate the author of EXEs, DLLs, and packages. Digitally signed
applications give users confidence that an application comes from where they think it comes from. For
example, if an end-user downloads an update package from the internet that is digitally signed with Symbol's
software certificate, they are assured that the package is authentic and that it was created by Symbol. By
enforcing the use of digital signatures, users can also prevent malicious applications from executing on the
EDA. For example, users can provision the EDA to only execute “trusted” applications (digitally signed).
Symbol ships all Windows Mobile 5.0 based products in an “open” state, which means all signed and unsigned
applications should work. However, customers can still reconfigure their EDAs to operate in the “trusted” mode.
This means that only applications signed with a certificate from the Privileged Execution Trust Certificate Store
can run.