Security Policies and Access Control |
95 |
|
|
redundant security manager queries are generated for incoming and outgoing connections, respectively.
6.2.5Database contents and registration procedure
There are two databases maintained by the security manager—the device database and the service database. Each record of the device database contains information regarding device identity, trust level, and link key shared with the particular unit. It may also be useful to store other information, such as a human-readable device name for simpler user interaction upon authorization requests. To be useful over several sessions, the database should be stored in nonvolatile memory.
The service database contains information regarding the security level (i.e., authorization, authentication, and encryption requirements) for incoming and outgoing requests. Furthermore, a protocol/service multiplexor (PSM) value is stored. The PSM value is used by the L2CAP layer during channel establishment to route the connection request to the right upper layer (several higher layer protocols can be multiplexed over L2CAP). Whenever L2CAP submits a
Outgoing connection
Nonmultiplexing protocol
Multiplexing protocol (RFCOMM)
Security manager
L2CAP
Incoming connection
Figure 6.3 Duplicate security manager requests following incoming and outgoing connection requests.