Over the air provisioning, Security issues, Module exchange suite – Siemens TC65 User Manual
Page 38: Otap
TC65 JAVA User's Guide
Strictly confidential / Released
s
TC65 JAVA User's Guide_V05
Page 38 of 90
26.09.2005
7.2
Over the Air Provisioning
See Chapter 8 for OTA provisioning.
7.3 Security
Issues
The developer should be aware of the following security issues. Security aspects in general
are discussed in chapter 11.
7.3.1
Module Exchange Suite
The serial interface should be mechanically protected.
The copy protection rules for Java applications prevent opening, reading, copying, moving or
renaming of JAR files. It is not recommended that the name of a Java application (for
example <name>.jar) be used for a directory, since the copy protection will refuse access to
open, copy or rename such directories.
7.3.2 OTAP
• A password should be used to update with OTA (SMS Authentication)
• Parameters should be set to fixed values (
at^sjotap
) whenever possible so that they
cannot be changed over the air.
• The http server should be secure. (e.g. Access control via basic authentication)