SECURITY problem

Question

How can i prohibit connect for not bonded device's?( not bond - not connect)...I am implemented the prohibit connection under the android phone, PC, iOS in Bluetooth connection stetting (i don't take a passable for bonding on connect in BLE_GAP_EVT_SEC_PARAMS_REQUEST event of DEVICE MANAGER), but when i starting nRF Master Control Panel i can take information from all service which it support (for examples HRM, battery, body sensor loc, and other) without security even if the device not connected in Bluetooth connection stetting on iOS, Android, PC) why is occur?

Petter Myhre · Accepted Answer

"The Link Layer may perform device filtering based on the device address of the peer device. Link Layer Device Filtering is used by the Link Layer to minimize the number of devices to which it responds." See Bluetooth Core specification 4.2, Vol. 6, Part B, Section 4.3. 
 "The set of devices that the Link Layer uses for device filtering is called the White List." See Bluetooth Specification 4.2, Vol. 6, Part B, Section 4.3.1. 
 This question about GAP address types may be of interest. 
 The radio in the nRF51 Series is able to filter on 8 device addresses at the time, please see Section 17.1.13 in the nRF51 Series Reference Manual. This handles public and random static addresses. 
 The Accelerated Address Resolved (AAR) is able to filter on 16 IRKs at the time, please see Section 24 in the nRF51 Series Reference Manual. This handles private resolvable addresses. 
 The S110 SoftDevice doesn't support 16 IRKs, only 8. SoftDevice timing requirements enforces this limitation. 
 You can whitelist 8 random static or public addresses, and 8 IRKs at the time. iOS uses private resolvable addresses which means that you can whitelist 8 iOS devices at the time. 
 You can use the Advertising Module to enable whitelisting, or you can set it up manually. If you get into trouble setting it up, please add new question explaining what you have tried.