beautypg.com

Over the air provisioning, Security issues, Module exchange suite – Siemens Java TC65 User Manual

Page 38: Otap

background image

TC65 JAVA User's Guide
Strictly confidential / Released

s

TC65 JAVA User's Guide_V05

Page 38 of 90

26.09.2005

7.2

Over the Air Provisioning

See Chapter 8 for OTA provisioning.

7.3 Security

Issues

The developer should be aware of the following security issues. Security aspects in general
are discussed in chapter 11.

7.3.1

Module Exchange Suite

The serial interface should be mechanically protected.

The copy protection rules for Java applications prevent opening, reading, copying, moving or
renaming of JAR files. It is not recommended that the name of a Java application (for
example .jar) be used for a directory, since the copy protection will refuse access to
open, copy or rename such directories.

7.3.2 OTAP

• A password should be used to update with OTA (SMS Authentication)
• Parameters should be set to fixed values (

at^sjotap

) whenever possible so that they

cannot be changed over the air.

• The http server should be secure. (e.g. Access control via basic authentication)