SyncML Authentication


SyncML®: Synchronizing and Managing Your Mobile Data
By Uwe Hansmann, Riku Mettälä, Apratim Purakayastha, Peter Thompson, Phillipe Kahn
Table of Contents
Chapter 8.  Security and Authentication

Even with the most secure transport possible, there is still a need to authenticate the client. After all, it is important to know who is accessing sensitive data. SyncML provides for three authentication layers:

  • SyncML® Authentication (different from transport layer authentication)

  • Datastore Authentication

  • Object Authentication

Each layer's authentication may be overridden at lower layers. For example, the Client authentication may be overridden for a particular datastore, and that may be overridden for a particular object within that datastore.

SyncML Client/Server Authentication

SyncML Client/Server Authentication is the authentication of the Client and the Server. Client/Server Authentication is the most common authentication used in SyncML. This is where the credentials are presented in the SyncHdr and are used to authenticate the sender. For simple setups, this level of authentication may be enough. However, in cases where the Client is accessing datastores that contain sensitive information (e.g. payroll datastores), more authentication may be needed.

Datastore Authentication

It is possible that a Client will need access to a datastore that has restrictions on it. For example, a Client may want to synchronize with a corporate datastore that contains the contact information for all of the company employees. It is possible that the user would be granted read-only rights, with only Human Resources people granted read-write rights.

The credentials for this level of authentication would be presented in the Alert used to start the synchronization with that particular datastore.

Object Authentication

Object-level authentication is the least used authentication within SyncML. The purpose for this level is to allow individual objects to be accessible to a smaller number of clients than the datastore authentication would allow. For example, an accounting datastore might allow access to the general ledger within the accounting group, and only allow access to the salaries to the Chief Financial Officer and the Human Resources manager.


    SyncML. Synchronizing and Managing Your Mobile Data
    SyncML: Synchronizing and Managing Your Mobile Data
    ISBN: 0130093696
    EAN: 2147483647
    Year: 2001
    Pages: 124 © 2008-2017.
    If you may any questions please contact us: