Rashad Maqbool Jillani

Slides:



Advertisements
Similar presentations
1 Symbian Client Server Architecture. 2 Client, who (a software module) needs service from service provider (another software module) Server, who provide.
Advertisements

Threads, SMP, and Microkernels
14 Macintosh OS X Internals. © 2005 Pearson Addison-Wesley. All rights reserved The Macintosh Platform 1984 – first affordable GUI Based on Motorola 32-bit.
Chapter 6 Security Kernels.
1 Module 1 The Windows NT 4.0 Environment. 2  Overview The Microsoft Operating System Family Windows NT Architecture Overview Workgroups and Domains.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
CS 550 Amoeba-A Distributed Operation System by Saie M Mulay.
Figure 1.1 Interaction between applications and the operating system.
1 DOS with Windows 3.1 and 3.11 Operating Environments n Designed to allow applications to have a graphical interface DOS runs in the background as the.
Operating System Organization
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Operating Systems.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Symbian os with smart phones Guided by: Hetal A Josiyara
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
Programming mobile devices Part II Programming Symbian devices with Symbian C++
Chapter 3 Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Computer Concepts 2013 Chapter 4 Operating Systems and File Management.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
hardware and operating systems basics.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 2: System Structures.
Systems Security & Audit Operating Systems security.
Operating System. Architecture of Computer System Hardware Operating System (OS) Programming Language (e.g. PASCAL) Application Programs (e.g. WORD, EXCEL)
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Seminar On Cellular Virus
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
G53SEC 1 Reference Monitors Enforcement of Access Control.
Chapter One Introduction to Windows XP. Objectives Describe the Windows XP product family Describe the Windows XP product family Describe the major features.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Section 3.1: Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.
April 2000Dr Milan Simic1 Network Operating Systems Windows NT.
Windows 2000 Course Summary Computing Department, Lancaster University, UK.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Windows NT Operating System. Windows NT Models Layered Model Client/Server Model Object Model Symmetric Multiprocessing.
Introduction to Windows XP Professional
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3.
Ihr Logo Operating Systems Internals & Design Principles Fifth Edition William Stallings Chapter 2 (Part II) Operating System Overview.
Vulnerability Study of the Android Ryan Selley, Swapnil Shinde, Michael Tanner, Madhura Tipnis, Colin Vinson (Group 8)
Operating Systems Security
Wireless and Mobile Security
VMM Based Rootkit Detection on Android
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Kernel Expanded version of Kodak’s AMX kernel Features –Uses Preemptive Priority Scheduling –Multithreading –Multitasking.
The Whole new Experience - By Mahesh Chauhan. Its sounds strange but the fact is that :-  More than 90% of the CPUs in the world are not in desktops.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
2Operating Systems  Program that runs on a computer  Manages hardware resources  Allows for execution of programs  Acts as an intermediary between.
1 Mobile Operating Systems BY:- Aashish Uppal CSE-1/7 th Sem (63/ )
Operating System.
Seminar On Cellular Virus
Chapter 1: Introduction
Chapter 3: Windows7 Part 4.
Symbian Operating System
Windows Internals Brown-Bag Seminar Chapter 1 – Concepts and Tools
Objective Understand the concepts of modern operating systems by investigating the most popular operating system in the current and future market Provide.
Rashad Maqbool Jillani
Operating Systems: A Modern Perspective, Chapter 3
Objective Understand the concepts of modern operating systems by investigating the most popular operating system in the current and future market Provide.
Presentation transcript:

Rashad Maqbool Jillani rjillani@fau.edu Mobile OS Security Rashad Maqbool Jillani rjillani@fau.edu

Background 1.5 billion mobile phone users (ITU) Mobile device capabilities are significantly advanced than those in the past PDA + Cell Phone = Smartphone Key question Are we going to face the same level of threat to security of mobile devices as that of in desktop environment?

Background Operating System (OS) Real Time Operating System (RTOS) Process Management Memory Management File Management I/O Management Networking Protection System User Interface Real Time Operating System (RTOS) Characterized by timing constraints Mobile Operating System (Mobile OS) RTOS running on a mobile device

Introduction Mobile Malware Information Theft Unsolicited Information Security research on mobile networks has focused largely on routing issues, and more recently on protocol security. Information Theft Transient information, Static information Blue Snarfing, Blue Bugging Unsolicited Information Theft of Service Attacks Denial of Service Attacks Flood the device Drain Power Attacks (Battery Exhaustion or Sleep Deprivation Torture)

Evolution of Symbian OS Introduction Evolution of Symbian OS 1997 - 32 bit EPOC Platform (Psion Software Inc) – Psion Series 5 PDA 1998 – Symbian – A spin-off from Psion Software Inc. Co-owned by Psion, Nokia, Eriksson, Motorola The motive behind this spin-off was to develop an advanced software platform for a new combination of consumer products called smartphones which would combine telephony and computing capability 1999 – EPOC named as Symbian OS Co-owned by Psion, Nokia, Sony-Eriksson, Motorola, Matsushita (Panasonic), Samsung and Siemens. Symbian OS Hard RTOS based on layered/micro-kernel architecture StrongARM architecture (ARM9 running over 100 MHZ) Program storage (flash memory) ; OS storage flash ROM

Symbian OS Micro-kernel uses client/server session based IPC Servers mediate access to shared resources and services Kernel deals with memory allocation and IPCs Proactive defense mechanism Platform Security Architecture OS Services Data Caging

Symbian OS Architecture

Architectural Overview Core Kernel, file server, memory management and device drivers System Layer Communication and computing services e.g. TCP/IP, IMAP4, SMS and database management Application Engines User Interface Software Applications All layers communicate with each other using Client/Server Mechanism

Platform Security Categories of trust

Capability Model A capability is an access token that corresponds to permission to access sensitive system resources. (Entity of protection) Capability Rules Rule 1: Every process has a set of capabilities and its capabilities never change during its lifetime. Rule 2: A process cannot load a DLL with a smaller set of capabilities than itself. …………..

Certification PlatSec uses certification to grant access to capabilities. EXE Requested capabilities capabilities required Compared and checked at install time DLL Requested capabilities capabilities that can be granted Certificate capabilities that can be granted Created during validation procedure. Validity confirmed SIS

The kernel’s role EKA2 kernel is the key component of TCB Multi-threaded and pre-emptive multitasking RTOS kernel IPC mechanism – Client/Server Sessions Special accessor and copy functions Thread stacks and heaps are private chunks When the kernel allocates memory to a process, it overwrites it with zeroes to prevent any private data from the previous owner being accessible to the new process. DBMS Window Server File Server Kernel Server Kernel mediated sessions Application

The kernel… Parameter passing in IPC request – the length is checked, even in the case of a pointer, to ensure that the server will not read or write more than the client expected to disclose : any attempt to read before the pointer’s address or after its length will fail. EKA2 also takes advantage of the ARMv6 never-execute bit in the page permissions when supported by the hardware. This is used to deny execution of code from stacks, heaps and static data.

Data Caging Data caging allows applications on a Symbian OS device to have private data which is not accessible by other applications. It is about file access control. Opposite to traditional “Access Control List”, it is “Fixed Access Control Policy”. ‘‘The access rules of a file are entirely determined by its directory path, regardless of the drive.’’ Four different sets of rules have been identified which are represented by four directory hierarchies under the root ‘\’: \sys ; Only TCB processes can read and write \resource ; All processes can read but only TCB processes can write \private ; All program are provided a private sub directory regardless of their level of trust. Only process owner and TCB processes can read and write All other root files and directories ; Public space

Windows CE OS Win CE 5.0 is a hard RTOS Base OS functionality is provided by kernel which includes process, thread, memory and file management Kernel acts as a conduit for the rest of the core OS Windows CE kernel uses a paged virtual-memory system to manage and allocate program memory. The kernel also allocates memory to the stack for each new process or thread.

Memory Architecture ROM stores the entire operating system (OS), as well as the applications that come with the OS design. The OS loads all read/write data into RAM. When OS executes programs directly from ROM, it saves program on RAM and reduces the time needed to start an application, because the OS does not have to copy the program into RAM before launching it. The maximum size for the RAM file system is 256 MB, with a maximum size of 32 MB for a single file. The maximum size for the RAM file system is 256 MB, with a maximum size of 32 MB for a single file. However, a database-volume file has a 16-MB limit. The maximum number of objects in the object store is 4,000,000. The boundary between the object store and the program RAM is movable.

Memory Architecture (cont) Windows Mobile 5.0 RAM is used exclusively for running programs. Flash memory is used for storage of programs and data. Result: extended battery life but slower performance

OS Security Componentization: OS loads only required components Module Certification: Windows CE exposes a function called OEMCertifyModule, if implemented; this function gives OEM the ability to verify the trust level of a process or a DLL within the OS. The file system can be either a RAM and ROM file system or a ROM only file system. The system registry stores the data about applications, user configuration settings and preferences, passwords. System registry is readable.

Mobile Malware Cabir: June 20, 2004, Symbian OS, Bluetooth worm DUTS: July 17, 2004, Win CE, File sharing and email virus BRADOR: August 5, 2004, Win CE, requires manual installation, first know backdoor Qdial: August 12, 2004, Symbian OS, replicates through Mosquitoes game, sends SMS to premium rate numbers Skulls: November 21, 2004, Symbian OS, trojan that replicates through file sharing networks Velasco: December 29, 2004, Symbian OS, Bluetooth worm Locknut (Gavno): February 1, 2005, Symbian OS, replicates via download from Symbian patch sites CommonWarrior: March 7, 2005, Symbian OS, spreads over Bluetooth/MMS Dampig: March 8, 2005, Symbian OS, malicious file dropper Cardtrap: September 20, 2005, Symbian OS, Trojan that spreads to users’ PC through phone’s memory card

Comparative Review OS Design and Architecture Memory Management Symbian: ARM processors running 100-200 MHz Win CE: ARM and Intel processors running 200-400 MHz Memory Management Symbian: OS kernel runs in privileged mode, with each app has its own address space Win CE: Shared RAM and flash ROM, use eXecute In Place (XIP) scheme File System Symbian: TCB contains file system Win CE: Hierarchical file system accessible through kernel functions Development Symbian: Symbian specific frameworks/libraries Win CE: Windows API Security Symbian: Fairly well designed Win CE: Lack of process’s address space protection Audit Trail

Conclusion As the user base of these devices grows over time, the possibility of serious threats will be imminent. Openness facilitates to both third party developers and malware writers Control the software distribution channel Biggest concern is the hijacking of radio facilities of mobile device Mobile worms and viruses will be a greater challenge in future unless safeguards become a standard provision on the new devices. Solution: Antivirus software for mobile devices