Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

Published byAmbrose Strickland Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS."— Presentation transcript:

1 CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS

2 OS Abstractions 2 Operating System Hardware Applications CPUDiskRAM ProcessFile systemVirtual memory Network I/O Devices

3 Smartphones 3 ==

4 …in 2015 4

5 What is the difference between a mobile OS and a desktop/server OS? 5

6 Differences l Size / form-factor u UI system design? l Resource-constrained (e.g., battery, memory) u Optimized OS (what would you do?) l Cellular and other hardware components l User has no root access u Unless OS has vulnerabilities l Security threats u App is fully sandboxed and cannot easily attack other apps 6

7 Android 7

8 Based on Linux Linux on ARM Drivers and architecture support How to port Android to a new device? Using Linux vs. Writing a new OS from scratch? Do all Linux kernel implementations work well on mobile devices? 8

9 Android 9

10 Android 10

11 Android 11

12 Differences l Size / form-factor l Resource-constrained (e.g., battery, memory) u Optimized OS (what would you do?) l Cellular and other hardware components l User has no root access u Unless OS has vulnerabilities l Security threats u Malware is fully sandboxed and cannot easily attack other apps 12

13 Offloading of Computation Naive offloading Speech-to-text, OCR, Apple’s Siri More sophisticated offloading - fine-grained offloading MAUI: Making Smartphones Last Longer with Code Offload Running two versions of the app on the mobile device and a powerful server Decide when/what to offload on the fly 13

14 Differences l Size / form-factor l Resource-constrained (e.g., battery, memory) u Optimized OS (what would you do?) l Cellular and other hardware components l User has no root access u Unless OS has vulnerabilities l Security threats u Malware is fully sandboxed and cannot easily attack other apps 14

15 Disk I/O FlashHard Disk Drive Random access~0.1ms5-10ms File fragment impactNoGreatly impacted Total power1/2 to 1/3 of HDDup to 15+ watts ReliabilityReliable Less reliable due to mechanical parts Write longevity Limited number of writes Less of a problem Capacity<= 1TB4TB Price$0.4 / GB$0.04 / GB 15

16 New Capabilities l Cellular u Make phone calls u Send/Recv SMS l GPS u Tracking l Phone number u Identification... l How to secure them? 16

17 Android Security 17

18 Android Sandbox l UID separation to protect apps from each other 18

19 Android Permission l Apps need permissions when they attempt to u access sensitive resource or u perform sensitive operations 19

20 Device-related permission 20

21 Non-device-related permission l Enforced in kernel through uid l Kernel code in net/ipv4/af_inet.c: #include static inline int current_has_network(void) { return in_egroup_p(AID_INET) || capable(CAP_NET_RAW); } 21

22 Differences l Size / form-factor l Resource-constrained (e.g., battery, memory) u Optimized OS (what would you do?) l Cellular and other hardware components l User has no root access u Unless OS has vulnerabilities l Security threats u Malware is fully sandboxed and cannot easily attack other apps 22

23 Android Root l No app can run with root privilege in Android u even if the user desires l Restrictions set by Google, Vendors, and Carriers u Result: bloatware, power inefficiency, lost freedom/functionality, etc. l How do we gain root back? 23

24 Background: Symbolic Link l On most file systems, symbolic link is supported to point to the same file content without having to copy the content l “ln –s /home/zhiyunq/ /shortcut” l /shortcut  /home/zhiyunq 24

25 File Permission Vulnerabilities l Works on certain Android devices u Customized by vendors such as Motorola or Samsung l Goal: Write to /data/local.prop u Add line ro.kernel.qemu=1 u But permission denied to normal app l Exploit: u rm /data/local/logs/log.txt (accessible to anyone) u ln -s /data/local.prop /data/local/logs/log.txt u What is the vulnerability? 25

26 Programming Model Each application is running in its own process An application can have one or more components: activities, services, broadcast receivers and content providers A task (an “application” from user’s point of view) consists of several activities from one or multiple applications An application keeps running until the system kills it because of memory shortage 26

27 Summary l Android OS vs. Traditional OS l Security architecture of Android l Android root exploit through file permission vulnerability 27

Download ppt "CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS."

Similar presentations

Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.

Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.
MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.

MOOC on M4D 2013 I NTRODUCTION TO THE A NDROID P LATFORM Ashish Agrawal Indian Institute of Technology Kanpur.
ECOS: Leveraging Software-Defined Networks to Support Mobile Application Offloading Aaron Gember, Christopher Dragga, Aditya Akella University of Wisconsin-Madison.

ECOS: Leveraging Software-Defined Networks to Support Mobile Application Offloading Aaron Gember, Christopher Dragga, Aditya Akella University of Wisconsin-Madison.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson Presented By: Rajat Khandelwal – 2009CS10209 Parikshit.
Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.

Aurasium: Practical Policy Enforcement for Android Applications R. Xu, H. Saidi and R. Anderson.
Mobile Application Development

Mobile Application Development
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Operating Systems.

Operating Systems.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.

OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.
Introduction to Android Platform Overview 19.3.2013.

Introduction to Android Platform Overview
Case study 2 Android – Mobile OS.

Case study 2 Android – Mobile OS.
Presentation By Deepak Katta

Presentation By Deepak Katta
Programming mobile devices Part II Programming Symbian devices with Symbian C++

Programming mobile devices Part II Programming Symbian devices with Symbian C++
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
PowerPoint Presentation to Accompany Chapter 5 System Software Visualizing TechnologyCopyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall.

PowerPoint Presentation to Accompany Chapter 5 System Software Visualizing TechnologyCopyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall.
Introduction to Android Swapnil Pathak www.SecurityXploded.com Advanced Malware Analysis Training Series.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

Similar presentations

Ads by Google