Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Slides:



Advertisements
Similar presentations
Chapter 3 Multics. Chapter Overview Multics contribution to technology Multics History Multics System – Fundamentals – Security Fundamentals – Protection.
Advertisements

MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
Lecture 12 Page 1 CS 111 Online Devices and Device Drivers CS 111 On-Line MS Program Operating Systems Peter Reiher.
Unit 6- Operating Systems.  Identify the purpose of an OS  Identify different operating systems  Describe computer user interaction with multiple operating.
Security of Mobile Applications Vitaly Shmatikov CS 6431.
Location Aware Social Network Group 2 CS Team Introduction Prasun Johari M.S. ECE Ankur Aggarwal M.S. CS Gurlal Kahlon M.S. CS Shobith Alva M.S.
Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems System Software Chapter 4.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
A METHODOLOGY FOR EMPIRICAL ANALYSIS OF PERMISSION-BASED SECURITY MODELS AND ITS APPLICATION TO ANDROID.
Lesson 8 Operating Systems
Authors: William Enck The Pennsylvania State University Peter Gilbert Duke University Byung-Gon Chun Intel Labs Landon P. Cox Duke University Jaeyeon Jung.
Automatic Software Testing Tool for Computer Networks ADD Presentation Dudi Patimer Adi Shachar Yaniv Cohen
NETWORK SERVERS Oliver Topping (with a little help from my Mum)
Android Platform. Course Instructor Yourself? Lectures, Labs, Text-Book Moodle Course Syllabus Online Resources Assessment Deadlines Code of professional.
Mobile Application Development using Android Lecture 2.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Lecture 13 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
Lecture 13 Page 1 Advanced Network Security Authentication and Authorization in Local Networks Advanced Network Security Peter Reiher August, 2014.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
Android Security Extensions. Android Security Model Main objective is simplicity Users should not be bothered Does the user care? Most do not care…until.
Page 1 System and Group Policies Lecture 7 Hassan Shuja 11/02/2004.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Introduction to Computer Operating Systems
Lecture 15 Page 1 CS 236 Online Prolog to Lecture 15 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
CS101 Computer Software. Software Software is... Two main types of software are…
Wireless and Mobile Security
Lecture 2 Page 1 CS 236 Online Prolog to Lecture 2 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Use flash eBook software AnyFlip to make page flip book works seamlessly on mobile devices.
Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Lecture 3 Page 1 CS 136, Fall 2010 Security Mechanisms CS 136 Computer Security Peter Reiher September 30, 2010.
Lecture 17 Page 1 CS 236 Online Prolog to Lecture 17 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 3 Page 1 CS 236 Online Prolog to Lecture 3 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
THE WINDOWS OPERATING SYSTEM Computer Basics 1.2.
Lecture9 Page 1 CS 236 Online Operating System Security, Con’t CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Ms. Tracy  Identify the purpose of an operating system.  Identify different operating systems.  Describe computer user interaction with multiple.
Lecture 8 Page 1 CS 236 Online Prolog to Lecture 8 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Information Systems Design and Development Technical Implications (Software) Computing Science.
Wireless Mesh Networking or Peer to Peer Technology Andre Lukito – Johnsonsu – Wednesday, 9.
AGENDA Introduction History Version history Features and specifications Android latest Android vs Symbian Android market Advantages of Android Disadvantages.
System Software Chapter Handles technical details Works with end users, application software, and computer hardware Four types of programs –Operating.
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.
Lecture 2 Page 1 CS 136, Fall 2011 Security Principles, Policies, and Tools CS 136 Computer Security Peter Reiher September 27, 2011.
M IND Q S YSTEMS Leaders in Training /7, 2nd Floor, Srinivasa Nagar Colony (W) Above HDFC Bank, S.R.Nagar Hyderabad
Android Mobile Application Development
Understanding Android Security
Android Access Control
How to use Skype For Business at CERN
Seminar On Android Submitted By: Ghaytadak Satish Laxman 1.
Android System Security
Outline What does the OS protect? Authentication for operating systems
Outline What does the OS protect? Authentication for operating systems
What is an Operating System?
Computer Literacy Unit 2
Chapter 6: Alternative Operating Systems
Android Mobile apps development services company in India
CS323 Android Getting Started
Understanding Android Security
Mandatory Access Control and the Real World
Chit Fund Software, Online Chit Fund Software, Android Chit Fund Software,Chit Fund Management Software,Chit Fund Online Software,Chit Fund Accounting Software.
Android Access Control
Presentation transcript:

Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Lecture 4 Page 2 CS 236 Online Android Access Control Android is a software development environment for mobile devices –Especially phones An open platform that allows adding arbitrary applications –Written by many different parties What’s the appropriate access control model?

Lecture 4 Page 3 CS 236 Online The Android Access Control Model Linux is at the bottom –If that were all, apps would run with permissions of user who ran them Above that, access control specific for Android Each application runs as its own Linux user –But how to handle interactions between apps? Access to other apps’ components handled by Intercomponent Communications (ICC) controls

Lecture 4 Page 4 CS 236 Online ICC Access Control Built into Android stack –So Android apps use it, but no regular app does ICC reference monitor provides a form of MAC Android apps built of components –Each app component has an access label Developers assign apps sets of access labels –Some for components in their own app –Some for components of other apps –Set defines an application’s access domain

Lecture 4 Page 5 CS 236 Online What Does This Mean? Application developer limits what his application can do –Even if compromised, it can’t do more –Permissions settable only at app installation Developer can also limit who else can use his components –Preventing data leakage, for example

Lecture 4 Page 6 CS 236 Online Some Advantages of This Approach Limits power of applications Allows those installing applications to know what they can access Centralizes information about access permissions –Extensions limit that somewhat