And Security on Android Omar Alaql Salah Alamri Design of Secure Operating System Outline Introduction Android Sold History Timeline Advantages and Disadvantages in Android Android Architecture ID: 750627
Download Presentation The PPT/PDF document "Welcome Android Operation System" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
WelcomeSlide2
Android Operation System
And
Security on Android
Omar Alaql
Salah Alamri
Design of Secure Operating SystemSlide3
Outline:
Introduction.
Android
Sold.
History.
Timeline.
Advantages and Disadvantages in Android.
Android Architecture.
Security and
privacy in Android.
Weakness Points
.
Android App piracy.
Security P
recautions
.
Android OS and Apple IOS
Conclusion.Slide4
Introduction
Android is a modern mobile platform that was designed to be open.
Android was designed with developers in mind, uses are provided visibility into how applications work and control from any attackers.Android is a
Linux-based operating system but it’s not based on the type of Linux system you may have used on your PC.
Android
is
open source
software stack for a wide range of mobile devices and a corresponding open-source project led by Google
honestly
modified and distributed by device manufacturers, wireless carriers and enthusiast developers.
By the third quarter of 2012 Android had a 75% share of the global smartphone market according to the research firm
IDC. Slide5
Android
SoldSlide6Slide7
History
Android
, Inc. was founded
in Pal alto ,California in
October 2003
by Andy Rubin, Rich Miner, Nick, and White.
Acquired Android INC by Google on August 17, 2005.
At Google, the team led by Rubin developed a mobile device platform powered by Linux Kernel.
November 5,2007, the open handset Alliance, where that day, Android was unveiled as its first product.
October
22,
2008,the
first commercially available phone to run Android was the HTC
Dream.
in 2010, Google launched its
Nexus
series
of devicesIn 2014, Google launched Android One, a standardized smartphone, mainly targeting customers in the developing world
.
As of March 3, 2015, the newest version of the Android operating system, Android 5.1Slide8
TimelineSlide9
Android versionsSlide10
Advantages and Disadvantages
Android is open
.
It can be developed by anyone.Easy access to the Android Market.Populist Operating System.
USB full facilities
Can replace the
battery,
etc.
Easy in terms of notification.
Supports all Google services
.
I
nstall
Rom modification.Slide11
Advantages and Disadvantages
Connected to the internet
Sometimes slow device company issued an official version of Android on their
own.
Android Market has
less control of the Manager.
As direct service providers to connect with the Google.
Sometimes there are ads.
Wasteful batteries. Slide12
Android Architecture
Android security control to:
Protect user data.
Protect system resources ( including the network).Provide application isolation.
Android provides these key security features.Robust security at the OS level through the Linux Kernel.
Mandatory application sandbox for all applications.
Secure interprocess communication.
Application signing.
Application- defined and user-granted permissions.Slide13
Android ArchitectureSlide14
Security and
privacy in Android
Android
device owners are not
given
root access
to the operating system and sensitive partitions such as systems are read-only
.
Root access can be obtained by exploiting security flaws in Android, which is used frequently by the open-source community to enhance the capabilities of their devices but also by malicious parties to install viruses and malware.
An
android application makes use of a sandbox to avoid sharing personal
information.
In computer security, a sandbox is a security mechanism for separating running programs
.Slide15
Security
and
privacy in Android
Android
applications run in a
sandbox where
Sandbox is
isolated area of the system that does not have access to the rest of the
system's resources.
unless access permissions are
granted
by the
user.
Before installing an application, the play store displays all required permissions.
The
sandboxing and permissions system
Reduces impact
of vulnerabilities and bugs in
applications,
but developer confusion and limited
documentation is still a problem.Slide16
Security and
privacy in Android
Android
is becoming
the most-targeted of the mobile
platforms.
The open nature of Android and its large user base have made it an attractive and profitable platform to attack
.
Common exploits and tool kits on the OS can be utilized across wide number of devices, meaning that attackers can perform exploits en masse and re-use attack vectors
Google did take measures in the development of the android kernel to build security measures in; the OS is sandboxed, preventing malicious processes from crossing between
applications.
Google provides major
updates to
Android every six to
nine months.Slide17
Security and
privacy in Android
T
he
Android system
has
no internal back-up
and restore.
There
are many third-party applications available on the internet such as
My Backup
and
Wave Secure
so try downloading them and backing up all your content on your PC.
An increasing security risk is mobile theft.
Shortage of
hardware data encryption
.
Honeycomb operating software
has hardware
encryption problems.
Android’s increasing popularity is making it liable
for SMS-
phishing
.
Security
problem with Android is the Play
Market.
Its filled with unlimited applications and they keep increasing.
There
are more and more Android malware and Fake anti-malware.
Increased
more than 400
% this year.
Several security firms
have
released antivirus software for Android
devices.
Lookout Mobile
Security.
AVG Technologies
McAfeeSlide18
Weakness
Points
User as
admin
.
Install
apps, grant app permissions, download data, and access unprotected
networks.
The
Android
Market.
Google’s verification processes for applications entering their market have been shown to be woefully lacking over the last year or
two.
a
number of malware-infected apps and games being made
available to users.
Gateway to PC
:
HTC
devices have long been able to
utilize
a
VPN
.
Application permissions
.
the
reality is that many apps request permission to access sensitive content they have no actual need for
.
Malicious application
injections
.
Data
/process transfers between
virtualized
application environments are handled by a protocol of implicit and
explicit intents. Slide19
Weakness
Points
Untrusted
third party applications
.
difficult to identify reputable vendors
Rooting
.
Rooting an Android device is akin to jail-breaking an iPhone.
It opens out additional functionality and services to users.
The process of gaining root access requires the device to be switched from S-On to S-Off (where S =security).
Root is common
exploit used by malicious
applications to gain system- level access to your android.
Wi-Fi
.
The vulnerability of android devices running 2.3.3 to compromise
on unprotected Wi-Fi
networks.
FaceNiff
is an easily downloadable application that allows the user to
intercept the social networking
logins.Slide20
Android App
piracy
in 2010, Google released a tool for validating authorized purchases for use within apps.
but developers complained that this was
insufficient and trivial to crack.
In
2012 Google released a feature in Android 4.1 that encrypted paid applications so that they would only work on the device on which they were
purchased
.
but this feature has been temporarily deactivated due to technical
issues.Slide21
Security Precautions
Manufacturer
Bootleggers:
The issue with HTC devices logging and transmitting user data is a significant vulnerability and the only ‘out of the box’ option is to wait for a patch.
for example
android vncserver. APK
which is a remote access tool – it could easily be innocuous or tied to functionality such as trace and wipe, but it is certainly something worth being aware of
.
Permissions management:
LBE
Privacy Guard acts as somewhat of an application
firewall.
granting the user the capacity to prevent an application’s individual permissionsSlide22
Security
Precautions
Trace
and wipe:
The Android equivalent of business continuity implementation.
If your Android device is lost or stolen, you can use these applications to remotely ping the device for its location and/or instruct it to delete specific content.
Installing
trusted packages
:
The ability to install non-Market applications on to a Google device.
APK files are the standard Android install file format and are a variant of JAR.
A program called APK Inspector has recently been released that will scan the assets, resources, and certificates contained within the APK to ensure it is secure.Slide23
Security Precautions
Anti-virus
:
None of these apps are asking for root access, and therefore they are failing to search for infections on the area of the device that is most targeted and vulnerable.
it
covers the apps folders, SD card, SMS, and
contact.
Droid Security
, Lookout
.
Link security:
malicious
links are
always loitering in the background waiting to seduce and ensnare hapless users.
There are a number of vendors that have created link security applications.Slide24
Android OS and Apple IOS
Android 5.1
Silent
mode added after missing on Android 5.0General improvements in system stability
Improved RAM management
Fixes for sudden app closures
Improved battery management
Excessive consumption of network devices when used Wi-Fi fixed
Issues with wireless connections fixed
Problems with Okay Google function solved
Notifications problems solved
Some sound problems experience by certain devices fixed
Other improvements and changes
Changes in the Material Design color palette (after users complaints, possibly for a higher version though
)Slide25
Android OS and Apple IOS
iPhone
IOS 8
Customizable Mail.Applications and battery usage.
Dismiss Notifications by just Swiping.
Notes and pictures.
Better Camera Controls.
Apple came with some nice features for shutterbugs in
iOS
8.
Weather.
Lock Screen Notifications based on your location
.
Keyboards.
Landscaped Home screen.
Key ShortcutSlide26
Android OS and Apple IOS
Video and Photo Sharing.
Audio Messages.
Sharing Location.
Contact
Info.
Revert
pictures.
Shazam
detects
songs.
Apple 8.2
Watch app
Fix same apps
Slide27
Android OS and Apple IOS
Technical
Specifications
The following table details some of the technical specifications of the Android and Apple IOS devices.
Although
there are some similarities, the two
platforms
are very different in end-user experience.Slide28
Android
OS and Apple IOS in SecurityThere are many different between OS and IOS in the Security.Slide29
Conclusion
The
Android's goal is to establish a enormous installed base for developers to take advantage. One of the method it will accomplish this is according to different kinds of hardware running the same software
environment.
It has proposed security mechanisms based on
SELinux
policy theory to ensure system security on application program framework layer.
it uses Android's security framework to ensure system security from the application layer intrusion
it is essential to research and develop the method to protect the Android framework.
There
is no one-stop effective security measure that can be implemented on an Android
operating system.
MDM products provides some much needed functionality to the mobile security tool kit.
Slide30
R
everences
http
://www.acumin.co.uk/download_files/WhitePaper/android_white_paper_2.
pdf
http://www.ijraset.com/fileserve.php?FID=1376
https://
source.android.com
/
http
://en.wikipedia.org/wiki/
Mobile_operating_system
http
://www.bitdefender.com/security/android-vulnerability-opens-door-to-sms-phishing-
scams.html
http://www.android-app-market.com/android-
architecture.html
http://
ieeexplore.ieee.org
/
xpl
/
abstractReferences.jsp?tp
=&
arnumber
=6150171&url=http://
ieeexplore.ieee.org
/
xpls
/
abs_all.jsp?arnumber
=6150171
http://techbii.com/security-risks-android/
http://
thefusejoplin.com
/2014/09/top-15-ios-8-hidden-features/Slide31
R
everences
http://www.androidpit.com/android-5-1-lollipop-
update
http://www.howtogeek.com/189036/android-is-based-on-linux-but-what-does-that-mean/
https
://source.android.com/devices/tech/security/#android-security-program-
overview
http://
www.cs.kent.edu
/~
rothstei
/summer_13/notes/
Alaql.pptx
http://en.wikipedia.org/wiki/Android_(operating_system)#History
http://www.bioinfopublication.org/files/articles/3_1_1_SE.pdf
http://handphoneseluler.blogspot.com/2013/01/advantages-and-disadvantages-android.html
https://books.google.com/books?id=GjsFBwAAQBAJ&pg=PA5&lpg=PA5&dq=Google+provides+major+updates+to+Android+every+six+to+nine+months.&source=bl&ots=8P-6X5oDpV&sig=WoP4cej1lvFc3Io2aRi9Z7EH3tI&hl=en&sa=X&ei=pg0OVbyXL4nFggTfr4LQDQ&ved=0CCYQ6AEwAQ#v=onepage&q=Google%20provides%20major%20updates%20to%20Android%20every%20six%20to%20nine%20months.&f=falseSlide32
Thank Everybody