-
-
-<a name="Links.between.the..Security.framework..and.the..Application.framework."></a>
-<h2>Links between the “Security framework” and the “Application framework”</h2>
-
-<p>The security framework refers to the security model used to ensure
-security and to the tools that are provided for implementing that model.</p>
-
-<p>The security model refers to how DAC (Discretionnary Access Control),
-MAC (Mandatory Access Control) and Capabilities are used by the system
-to ensure security and privacy. It also includes features of reporting
-using audit features and by managing logs and alerts.</p>
-
-<p>The application framework manages the applications:
-installing, uninstalling, starting, stopping, listing …</p>
-
-<p>The application framework uses the security model/framework
-to ensure the security and the privacy of the applications that
-it manages.</p>
-
-<p>The application framework must be compliant with the underlyiong
-security model/framework. But it should hide it to the applications.</p>
-
-<a name="The.security.framework"></a>
-<h2>The security framework</h2>
-
-<p>The implemented security model is the security model of Tizen 3.
-This model is described <a href="https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview" title="Tizen 3 security overview">here</a>.</p>
-
-<p>The security framework then comes from Tizen 3 but through
-the <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel</a>.
-It includes: <strong>Security-Manager</strong>, <strong>Cynara</strong>
-and <strong>D-Bus</strong> compliant to Cynara.</p>
-
-<p>Two patches are applied to the security-manager. These patches are removing
-dependencies to packages specific of Tizen but that are not needed by AGL.
-None of these patches adds or removes any behaviour.</p>
-
-<p><strong>Theoritically, the security framework/model is an implementation details
-that should not impact the layers above the application framework</strong>.</p>
-
-<p>The security framework of Tizen provides “nice lad” a valuable component to
-scan log files and analyse auditing. This component is still in developement.</p>
-
-<a name="The.application.framework"></a>
-<h2>The application framework</h2>
-
-<p>The application framework on top of the security framework
-provides the components to install and uninstall applications
-and to run it in a secured environment.</p>
-
-<p>The goal is to manage applications and to hide the details of
-the security framework to the applications.</p>
-
-<p>For the reasons explained in introduction, we did not used the
-application framework of Tizen as is but used an adaptation of it.</p>
-
-<p>The basis is kept identical: the applications are distributed
-in a digitally signed container that must match the specifications
-of widgets (web applications). This is described by the technical
-recomendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>
-
+<h2 id="links-between-the-security-framework-and-the-application-framework">Links between the "Security framework" and the "Application framework"</h2>
+<p>The security framework refers to the security model used to ensure security and to the tools that are provided for implementing that model.</p>
+<p>The security model refers to how DAC (Discretionnary Access Control), MAC (Mandatory Access Control) and Capabilities are used by the system to ensure security and privacy. It also includes features of reporting using audit features and by managing logs and alerts.</p>
+<p>The application framework manages the applications: installing, uninstalling, starting, stopping, listing ...</p>
+<p>The application framework uses the security model/framework to ensure the security and the privacy of the applications that it manages.</p>
+<p>The application framework must be compliant with the underlyiong security model/framework. But it should hide it to the applications.</p>
+<h2 id="the-security-framework">The security framework</h2>
+<p>The implemented security model is the security model of Tizen 3. This model is described <a href="https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview" title="Tizen 3 security overview">here</a>.</p>
+<p>The security framework then comes from Tizen 3 but through the <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel</a>. It includes: <strong>Security-Manager</strong>, <strong>Cynara</strong> and <strong>D-Bus</strong> compliant to Cynara.</p>
+<p>Two patches are applied to the security-manager. These patches are removing dependencies to packages specific of Tizen but that are not needed by AGL. None of these patches adds or removes any behaviour.</p>
+<p><strong>Theoritically, the security framework/model is an implementation details that should not impact the layers above the application framework</strong>.</p>
+<p>The security framework of Tizen provides "nice lad" a valuable component to scan log files and analyse auditing. This component is still in developement.</p>
+<h2 id="the-application-framework">The application framework</h2>
+<p>The application framework on top of the security framework provides the components to install and uninstall applications and to run it in a secured environment.</p>
+<p>The goal is to manage applications and to hide the details of the security framework to the applications.</p>
+<p>For the reasons explained in introduction, we did not used the application framework of Tizen as is but used an adaptation of it.</p>
+<p>The basis is kept identical: the applications are distributed in a digitally signed container that must match the specifications of widgets (web applications). This is described by the technical recomendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>