diff options
author | Dongsun Lee <ds73.lee@samsung.com> | 2014-10-20 16:23:49 +0900 |
---|---|---|
committer | Bartlomiej Grzelewski <b.grzelewski@samsung.com> | 2014-10-20 15:38:00 +0200 |
commit | 89c8e9730a446d2e7678b50cf7230cd4d19348f6 (patch) | |
tree | 145e00660ce4a21552af72b2a40696238a796901 | |
parent | 534efadce2161140f93d3e308774e2f90ec580ff (diff) | |
download | key-manager-89c8e9730a446d2e7678b50cf7230cd4d19348f6.tar.gz key-manager-89c8e9730a446d2e7678b50cf7230cd4d19348f6.tar.bz2 key-manager-89c8e9730a446d2e7678b50cf7230cd4d19348f6.zip |
add the explanation of access control and alias format
Change-Id: I2b2ce697357589f9efdab0c064ff9aea0a2bd9f4
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
-rw-r--r-- | doc/key-manager_doc.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/key-manager_doc.h b/doc/key-manager_doc.h index bdb158e9..df0a0832 100644 --- a/doc/key-manager_doc.h +++ b/doc/key-manager_doc.h @@ -65,6 +65,18 @@ * Therefore, clients cannot access any data. * - When a user changes his/her password, the key manager re-encrypts the user's DKEK with the new password. * + * Data Access Control + * - By default, only the owner of a data can access to the data. + * - If the owner grants the access to other applications, those applications can read or delete the data from key-manager DB. + * - When an application is deleted, the data and access control information granted by the application are also removed. + * + * Alias Format + * - The format of alias is package_id::name. + * - If package_id is not provided by a client, the key-manager will add the package_id of the client to the name internally. + * - The client can specify only its own pacakge id in the alias when storing a key, certificate, or data. + * - A client should specify the pacakge id of the owner in the alias to retrieve a a key, certificate, or data shared by other applications. + * - Aliases are returned as the format of package_id::name from the key-manager. + * */ #endif /* __TIZEN_CORE_KEY_MANAGER_DOC_H__ */ |