Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.

Slides:



Advertisements
Similar presentations
A NASSCOM ® Initiative Comprehensive Computer Security Software An advanced computer security software usually have one or more of the following utilities.
Advertisements

PScout: Analyzing the Android Permission Specification
1 A SIMPLE APPROACH TO BYOD. A Leader in Data Protection  Committed to innovative, easy-to-use security  Recognized by Gartner Research.
SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.
Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.
D-OSDi + Android Progress Presentation Xinyi Dong Long Qiu.
ANDROID™ OS Security A brief synopsis of the Android Operating System and its security. By Daniel Angelis.
Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.
Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.
Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Electrolux System Integration Projects
Android Security What is out there? Waqar Aziz. Android Market Share - I 2.
Presence Applications in the Real World Patrick Ferriter VP of Product Marketing.
Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.
Motivation. Part of Deutsche Telekom project:
Security Methods for the Mobile Android Platform Sam Rush Computer Systems Lab Period 4.
Sophos Mobile Security
Lesson 8 Operating Systems
Ken Dorsey KA8OAD. What is EchoLink? The simple answer is EchoLink software uses VoIP technology to link ham radio stations together around the world.
Lecture 4 Page 1 CS 236 Online Prolog to Lecture 4 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Software Architecture of Android Yaodong Bi, Ph.D. Department of Computing Sciences University of Scranton.
Mobile Application Development using Android Lecture 2.
Jozef Goetz, Application Layer PART VI Jozef Goetz, Position of application layer The application layer enables the user, whether human.
Developing Security Mobile Applications for Android Presenter, Joel Elixson Author, Jesse Burns of iSEC Partners.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Developing Secure Mobile Applications for Android CS 595 James Zachary Howland.
Frequently Asked Questions NCSC Product Certification Payroll Anytime, Anywhere!
 What is it??? Social media specifically for education  Why do I need it? Turning in assignments digitally Contact teacher after hours.
EVALUATING SECURITY OF SMART PHONE MESSAGING APPLICATIONS PRESENTED BY SUDHEER AKURATHI.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
Vulnerability Study of the Android Ryan Selley, Swapnil Shinde, Michael Tanner, Madhura Tipnis, Colin Vinson (Group 8)
Leave Me Alone: App- level Protection Against Runtime Information Gathering on Android NAN ZHANG, KAN YUAN, MUHAMMAD NAVEED†, XIAOYONG ZHOU AND XIAOFENG.
Mobile Application Security on Android Originally presented by Jesse Burns at Black Hat
Android System Security Xinming Ou. Android System Basics An open-source operating system for mobile devices (AOSP, led by Google) – Consists of a base.
Wireless and Mobile Security
Services Background operating component without a visual interface Running in the background indefinitely Differently from Activity, Service in Android.
TODAY Android Studio Installation Getting started Creating your 1 st App Beginning to understanding Intents.
Privacy-Preserving and Content-Protecting Location Based Queries.
Easy-to-Use RedFlag System Delivers Notifications via Phone, , Text, Social Media, and More to Improve Effectiveness of Your Communications COMPANY.
Role of Router. The Router as a Perimeter Device  Usually the main function of a router is considered as the forwarding of packets between two network.
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.
BLACKBERRY TECHNOLOGY PRESENTED BY SHAIK TABREZ (09J01A1225 )
“ Unleash the power of trusted collaboration” PortalTalk is a ready-made and complete solution for trusted collaboration in the cloud. It seamlessly integrates.
Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
The Ingredients of Android Applications. A simple application in a process In a classical programming environment, the OS would load the program code.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
Call-Center Agents, Customers Communicate More Conveniently with SMS Chat App COMPANY PROFILE: EARLY CONNECT Early Connect is a regional SaaS ISV founded.
Android Access Control
Boxify: Full-fledged App Sandboxing for Stock Android
What are they? The Package Repository Client is a set of Tcl scripts that are capable of locating, downloading, and installing packages for both Tcl and.
Transfer A Call Meeting Notes (2/21/17 09:23) ok
Android System Security
Boomerang Adds Smart Calendar Assistant and Reminders to Office 365 That Increase Productivity and Simplify Meeting Scheduling OFFICE 365 APP BUILDER.
Android Mobile Application Development
Start a Conference Call
Make Your Management and Board Meetings More Effective and Paperless with Microsoft Office 365, SharePoint, and the Pervasent Board Papers App Partner.
Introduction to Networking
Common Operating System Exploits
Reactive Android Development
Google 2 Step Verification Backup Codes Google 2 Steps Verification Backup Codes is very important to get access Gmail account. Backup codes is usually.
Android Mobile apps development services company in India
Panda Antivirus. 1. Panda Antivirus is a free antivirus software and also provide security to the cyber. 2. Panda Antivirus provides security to the business.
Frequently Asked Questions NCSC Product Certification
Get Enterprise-Grade Call Handling and Control for Microsoft Office 365 and Skype for Business with the Bridge Boss-Admin Executive Console OFFICE 365.
What is OAuth and Why?.
Android Access Control
Presentation transcript:

Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1

A Short Reminder… Our project involves making Android OS more secure. Android’s built-in permissions are very coarse grained. We aim to provide a better solution at the application level (without having to change the OS). 2

A Short Reminder… Last time we introduced a new permission mechanism – “A Declassifier”. 3

Android’s Security Model Android is a Linux-based OS. Unlike other popular Oses, in Android each app runs as a separate process under a distinct UID. Android offers several ways for apps to communicate with one another (IPC). 4

Our Previous Model After developing a POC that worked, it got us thinking about security issues… Our previous declassifier model: – Declassifier defines a custom global Action, known to both us and the 3 rd party. – 3 rd party app sends an Intent to use an Action. – The Declassifier handles the request using an Activity. This model is not very secure!! Let see why. 5

The Problem Intents are insecure. Anyone listening in can recognize them and use them. How does the declassifier know who is permitted to use the intent, and who isn’t. How can the 3 rd party app be sure that our declassifier is actually the one responding to the intent. 6

Project Scope We rely on Android’s mechanism for securing general application activities, and we will not touch on that. However, protecting apps that use our infrastructure is our responsibility. 7

The Solution Introducing: BroadcastReceiver Utilizes Android’s permissions mechanism (which we discussed last time). Filters incoming intents by caller permissions. Filters outgoing intents by recipient permissions. Enables a callback mechanism which allows sending back the answer in private. 8

Our New Model Our declassifier defines a custom Permission for each “small action” it supports (i.e: getting a contact’s phone number by name, etc.). Upon installing an app, the user is requested to confirm the list of required permissions. Data transferred remains private and safe. 9

Pertinent Literature iSEC Securing Android Apps - Mobile Application Security On Android, Black Hat 2009 – Jesse Burns ( 10

Demo Time 11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.