summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorDongsun Lee <ds73.lee@samsung.com>2016-01-13 13:39:48 +0900
committerDongsun Lee <ds73.lee@samsung.com>2016-01-13 13:43:42 +0900
commite575e8ad62a2403bcc092e9d76e5375354a1eee8 (patch)
tree46490ec0981858666059aff46ac744b5aaa75331 /doc
parente30c443b76228fb0e591dc97fd91d9c6bb5cb733 (diff)
downloadkey-manager-e575e8ad62a2403bcc092e9d76e5375354a1eee8.tar.gz
key-manager-e575e8ad62a2403bcc092e9d76e5375354a1eee8.tar.bz2
key-manager-e575e8ad62a2403bcc092e9d76e5375354a1eee8.zip
change "protected by a user password" to "protected by Tizen platform" in a document file
Change-Id: Ib303ef0596203e2dd5fe0ae7a89a517bad494a9a Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Diffstat (limited to 'doc')
-rw-r--r--doc/key-manager_doc.h20
1 files changed, 5 insertions, 15 deletions
diff --git a/doc/key-manager_doc.h b/doc/key-manager_doc.h
index 81e29796..3c2e3d7c 100644
--- a/doc/key-manager_doc.h
+++ b/doc/key-manager_doc.h
@@ -18,7 +18,7 @@
/**
* @ingroup CAPI_SECURITY_FRAMEWORK
* @defgroup CAPI_KEY_MANAGER_MODULE Key Manager
- * @brief The key manager provides a secure repository protected by a user’s passwords for keys, certificates, and sensitive data of users and/or their APPs.
+ * @brief The key manager provides a secure repository protected by Tizen platform for keys, certificates, and sensitive data of users and/or their APPs.
* Additionally, the key manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
*
* @section CAPI_KEY_MANAGER_MODULE_OVERVIEW Overview
@@ -34,7 +34,7 @@
* </tr>
* </table>
*
- * It provides a secure repository for keys, certificates, and sensitive data of users and/or their APPs which are protected by a user’s passwords.
+ * It provides a secure repository for keys, certificates, and sensitive data of users and/or their APPs which are protected by Tizen platform.
* Additionally, it provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
*
* @image html capi_key_manager_overview_diagram.png
@@ -47,24 +47,14 @@
* A client can specify simple access rules when storing a data in Key Manager.
* - Exportable/Non-Exportable:
* Only for data tagged as exportable, Key Manager returns the raw value of the data.
- * If data is tagged as non-exportable, Key Manager does not return its raw value.
+ * If data is tagged as non-exportable, Key Manager does not return its raw value.
* In that case, Key Manager provides secure cryptographic operations for non-exportable keys without revealing key values to clients.
* - Per Key Password:
- * All data in Key Manager is protected by a user’s password.
+ * All data in Key Manager is protected by Tizen platform.
* Besides, a client can encrypt its data using its own password additionally.
- * If a client provides a password when storing a data, the data will be encrypted with the password.
+ * If a client provides a password when storing a data, the data will be encrypted with the password.
* This password should be provided when get the data from Key Manager.
*
- * User Login/Logout and Data Protection
- * - When a user logs in, logs out or changes his/her password, Key Manager should know about it.
- * Privileged APPs such as LockScreen APP or Setting APP can notify the key manager using these control APIs.
- * - When a user logs in, the key manager decrypts the user's DKEK (with which a user's data file is encrypted) with a user password.
- * So during the login period, any client can access its data which is protected by a user's password.
- * "user key" in API means DKEK.
- * - When a user logs out, the key manager removes the user's DKEK from memory.
- * Therefore, clients cannot access any data.
- * - When a user changes his/her password, the key manager re-encrypts the user's DKEK with the new password.
- *
* Data Access Control
* - By default, only the owner of a data can access to the data.
* - If the owner grants the access to other applications, those applications can read or delete the data from key-manager DB.