Android Access Control

Slides:



Advertisements
Similar presentations
Android Application Development A Tutorial Driven Course.
Advertisements

Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Android and Eclipse Thaddeus Diamond CPSC 112. A Quick Introduction Eclipse is an IDE (Integrated Development Environment Open Source Much more full-featured.
Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.
NETWORK SERVERS Oliver Topping (with a little help from my Mum)
Android for Java Developers Denver Java Users Group Jan 11, Mike
Mobile Device Programming
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Introduction to Computer Operating Systems
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
CS101 Computer Software. Software Software is... Two main types of software are…
Wireless and Mobile Security
Use flash eBook software AnyFlip to make page flip book works seamlessly on mobile devices.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Lecture 3 Page 1 CS 136, Fall 2010 Security Mechanisms CS 136 Computer Security Peter Reiher September 30, 2010.
DEVOLOPING ANDROID APP ON LOCATION BASED REMINDER ON ANDROID MOBILE SYSTEMS.
Lecture 3 Page 1 CS 236 Online Prolog to Lecture 3 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
THE WINDOWS OPERATING SYSTEM Computer Basics 1.2.
Lecture9 Page 1 CS 236 Online Operating System Security, Con’t CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 8 Page 1 CS 236 Online Prolog to Lecture 8 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Information Systems Design and Development Technical Implications (Software) Computing Science.
Wireless Mesh Networking or Peer to Peer Technology Andre Lukito – Johnsonsu – Wednesday, 9.
Android operating system N. Sravani M. Tech(CSE) (09251D5804)
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Literature by S. Demetriou et al. Presented.
Lecture 2 Page 1 CS 136, Fall 2011 Security Principles, Policies, and Tools CS 136 Computer Security Peter Reiher September 27, 2011.
M IND Q S YSTEMS Leaders in Training /7, 2nd Floor, Srinivasa Nagar Colony (W) Above HDFC Bank, S.R.Nagar Hyderabad
Android Mobile Application Development
Outline Security design principles Security policies Basic concepts
Understanding Android Security
Android Access Control
Tor Good + Evil.
How to use Skype For Business at CERN
Seminar On Android Submitted By: Ghaytadak Satish Laxman 1.
Android System Security
Computing.
Mobile Applications Applied to Information System
Android.
Outline What does the OS protect? Authentication for operating systems
TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime Sadiq Basha.
Computing Fundamentals
Introduction to Operating System (OS)
Outline What does the OS protect? Authentication for operating systems
What is an Operating System?
Computer Literacy Unit 2
Android Mobile apps development services company in India
With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.
CS323 Android Getting Started
Lesson 8 Operating Systems
Application Development A Tutorial Driven Course
Computers: Tools for an Information Age
Understanding Android Security
Device Access Tomas Lukša.
Mandatory Access Control and the Real World
Computers: Tools for an Information Age
Presentation transcript:

Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Android Access Control Android is a software development environment for mobile devices Especially phones An open platform that allows adding arbitrary applications Written by many different parties What’s the appropriate access control model?

The Android Access Control Model Linux is at the bottom If that were all, apps would run with permissions of user who ran them Above that, access control specific for Android Each application runs as its own Linux user But how to handle interactions between apps? Access to other apps’ components handled by Intercomponent Communications (ICC) controls

ICC Access Control Built into Android stack So Android apps use it, but no regular app does ICC reference monitor provides a form of MAC Android apps built of components Each app component has an access label Developers assign apps sets of access labels Some for components in their own app Some for components of other apps Set defines an application’s access domain

What Does This Mean? Application developer limits what his application can do Even if compromised, it can’t do more Permissions settable only at app installation Developer can also limit who else can use his components Preventing data leakage, for example

Some Advantages of This Approach Limits power of applications Allows those installing applications to know what they can access Centralizes information about access permissions Extensions limit that somewhat

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.