Primary AIR Technologies | 15
Security
All of this talk of APIs and desktop functionality brings up an
important question: what about security? Because Adobe
AIR applications have access to local resources, couldn’t they
theoretically do something harmful?
First, it is important to note that Adobe AIR runs on top of
the operating system’s security layer. It does not provide any
way to get around or subvert this security. This is important,
because it means Adobe AIR applications can work only
within the permissions given to it by the operating system—
and all current and any new security capabilities that the OS
implements.
In order to run an Adobe AIR application, a user must down-
load the application to the desktop, go through an install rit-
ual, and then launch the application. This is an experience
very similar to downloading and installing a desktop applica-
tion. The similarity is not an accident. Adobe AIR applica-
tions run in a fundamentally different security content than
applications that run within a browser. It is a security
context closer to that of a native application than a web
application.
To enable safe browsing, the browser security model limits
all I/O capabilities of web applications. This includes
restricting their ability to work with local resources, limiting
what network resources are accessible, and constraining its
user interface. The browser only allows applications to con-
nect with data that is associated with (usually, provided by) a
server located on a single web domain. In addition, the
browser provides a trusted UI for users to understand the ori-
gin of the application and control the state of the applica-
tion. This model is sufficient for applications that are
connected to a single service provider and rely on that ser-
vice for data synchronization and storage.