welcome. android operation system and security on android omar alaql salah alamri design of secure...
TRANSCRIPT
Welcome
Android Operation SystemAndSecurity on Android
Omar Alaql
Salah Alamri
Design of Secure Operating System
Outline: Introduction.
Android Sold.
History.
Timeline.
Advantages and Disadvantages in Android.
Android Architecture.
Security and privacy in Android.
Weakness Points.
Android App piracy.
Security Precautions.
Android OS and Apple IOS
Conclusion.
Introduction
Android is a modern mobile platform that was designed to be open.
Android was designed with developers in mind, uses are provided visibility into how applications work and control from any attackers.
Android is a Linux-based operating system but it’s not based on the type of Linux system you may have used on your PC.
Android is open source software stack for a wide range of mobile devices and a corresponding open-source project led by Google honestly modified and distributed by device manufacturers,
wireless carriers and enthusiast developers.
By the third quarter of 2012 Android had a 75% share of the global smartphone market according to the research firm IDC.
Android Sold
History Android, Inc. was founded in Pal alto ,California in October 2003 by Andy
Rubin, Rich Miner, Nick, and White.
Acquired Android INC by Google on August 17, 2005.
At Google, the team led by Rubin developed a mobile device platform powered by Linux Kernel.
November 5,2007, the open handset Alliance, where that day, Android was unveiled as its first product.
October 22, 2008,the first commercially available phone to run Android was the HTC Dream.
in 2010, Google launched its Nexus series of devices
In 2014, Google launched Android One, a standardized smartphone, mainly targeting customers in the developing world.
As of March 3, 2015, the newest version of the Android operating system, Android 5.1
Timeline
Android versions
Advantages and Disadvantages
Android is open. It can be developed by anyone.
Easy access to the Android Market.
Populist Operating System.
USB full facilities Can replace the battery, etc.
Easy in terms of notification.
Supports all Google services.
Install Rom modification.
Advantages and Disadvantages
Connected to the internet
Sometimes slow device company issued an official version of Android on their own.
Android Market has less control of the Manager.
As direct service providers to connect with the Google.
Sometimes there are ads.
Wasteful batteries.
Android Architecture
Android security control to: Protect user data. Protect system resources ( including the network). Provide application isolation.
Android provides these key security features. Robust security at the OS level through the Linux Kernel. Mandatory application sandbox for all applications. Secure interprocess communication. Application signing. Application- defined and user-granted permissions.
Android Architecture
Security and privacy in Android
Android device owners are not given root access to the operating system and sensitive partitions such as systems are read-only.
Root access can be obtained by exploiting security flaws in Android, which is used frequently by the open-source community to enhance the capabilities of their devices but also by malicious parties to install viruses and malware.
An android application makes use of a sandbox to avoid sharing personal information.
In computer security, a sandbox is a security mechanism for separating running programs.
Security and privacy in Android
Android applications run in a sandbox where Sandbox is isolated area of the system that does not have access to the rest of the system's resources. unless access permissions are granted by the
user. Before installing an application, the play store
displays all required permissions.
The sandboxing and permissions system Reduces impact of vulnerabilities and bugs in
applications, but developer confusion and limited documentation is still a problem.
Security and privacy in Android Android is becoming the most-targeted of the mobile
platforms.
The open nature of Android and its large user base have made it an attractive and profitable platform to attack.
Common exploits and tool kits on the OS can be utilized across wide number of devices, meaning that attackers can perform exploits en masse and re-use attack vectors
Google did take measures in the development of the android kernel to build security measures in; the OS is sandboxed, preventing malicious processes from crossing between applications.
Google provides major updates to Android every six to nine months.
Security and privacy in Android
The Android system has no internal back-up and restore. There are many third-party applications available on the internet such as My
Backup and Wave Secure so try downloading them and backing up all your content on your PC.
An increasing security risk is mobile theft.
Shortage of hardware data encryption. Honeycomb operating software has hardware encryption problems.
Android’s increasing popularity is making it liable for SMS-phishing.
Security problem with Android is the Play Market. Its filled with unlimited applications and they keep increasing.
There are more and more Android malware and Fake anti-malware. Increased more than 400% this year.
Several security firms have released antivirus software for Android devices. Lookout Mobile Security. AVG Technologies McAfee
Weakness Points User as admin.
Install apps, grant app permissions, download data, and access unprotected networks.
The Android Market. Google’s verification processes for applications entering their market have
been shown to be woefully lacking over the last year or two. a number of malware-infected apps and games being made available to users.
Gateway to PC: HTC devices have long been able to utilize a VPN.
Application permissions. the reality is that many apps request permission to access sensitive content they have
no actual need for.
Malicious application injections. Data/process transfers between virtualized application environments are handled
by a protocol of implicit and explicit intents.
Weakness Points
Untrusted third party applications.
difficult to identify reputable vendors
Rooting. Rooting an Android device is akin to jail-breaking an iPhone. It opens out additional functionality and servicesto users. The process of gaining root access requires the device to be switched from S-
On to S-Off (where S =security). Root is common exploit used by malicious applications to gain system- level
access to your android.
Wi-Fi. The vulnerability of android devices running 2.3.3 to compromise on
unprotected Wi-Fi networks. FaceNiff is an easily downloadable application that allows the user to
intercept the social networking logins.
Android App piracy
in 2010, Google released a tool for validating authorized purchases for use within apps. but developers complained that this
was insufficient and trivial to crack.
In 2012 Google released a feature in Android 4.1 that encrypted paid applications so that they would only work on the device on which they were purchased. but this feature has been temporarily
deactivated due to technical issues.
Security Precautions
Manufacturer Bootleggers: The issue with HTC devices logging and transmitting
user data is a significant vulnerability and the only ‘out of the box’ option is to wait for a patch.
for example android vncserver. APK which is a remote access tool – it could easily be innocuous or tied to functionality such as trace and wipe, but it is certainly something worth being aware of.
Permissions management:
LBE Privacy Guard acts as somewhat of an application firewall.
granting the user the capacity to prevent an application’s individual permissions
Security Precautions
Trace and wipe: The Android equivalent of business continuity implementation. If your Android device is lost or stolen, you can use these applications
to remotely ping the device for its location and/or instruct it to delete specific content.
Installing trusted packages: The ability to install non-Market applications on to a Google device. APK files are the standard Android install file format and are a variant
of JAR. A program called APK Inspector has recently been released that will
scan the assets, resources, and certificates contained within the APK to ensure it is secure.
Security Precautions
Anti-virus: None of these apps are asking for root access, and
therefore they are failing to search for infections on the area of the device that is most targeted and vulnerable.
it covers the apps folders, SD card, SMS, and contact. Droid Security, Lookout.
Link security: malicious links are always loitering in the background
waiting to seduce and ensnare hapless users. There are a number of vendors that have created link
security applications.
Android OS and Apple IOS
Android 5.1• Silent mode added after missing on Android 5.0 General improvements in system stability
Improved RAM management
Fixes for sudden app closures
Improved battery management
Excessive consumption of network devices when used Wi-Fi fixed
Issues with wireless connections fixed
Problems with Okay Google function solved
Notifications problems solved
Some sound problems experience by certain devices fixed
Other improvements and changes
Changes in the Material Design color palette (after users complaints, possibly for a higher version though)
Android OS and Apple IOS
iPhone IOS 8 Customizable Mail. Applications and battery usage. Dismiss Notifications by just Swiping. Notes and pictures. Better Camera Controls. Apple came with some nice features for shutterbugs in iOS 8. Weather.
Lock Screen Notifications based on your location. Keyboards. Landscaped Home screen. Key Shortcut
Android OS and Apple IOS
Video and Photo Sharing. Audio Messages. Sharing Location. Contact Info. Revert pictures. Shazam detects songs.
Apple 8.2Watch appFix same apps
Android OS and Apple IOS Technical Specifications
The following table details some of the technical specifications of the Android and Apple IOS devices.
Although there are some similarities, the two platforms
are very different in end-user experience.
Android OS and Apple IOS in Security There are many different between OS and IOS in the Security.
Conclusion
The Android's goal is to establish a enormous installed base for developers to take advantage. One of the method it will accomplish this is according to different kinds of hardware running the same software environment. It has proposed security mechanisms based on SELinux policy theory to ensure
system security on application program framework layer. it uses Android's security framework to ensure system security from the
application layer intrusion it is essential to research and develop the method to protect the Android
framework.
There is no one-stop effective security measure that can be implemented on an Android operating system.
MDM products provides some much needed functionality to the mobile security tool kit.
Reverences http://www.acumin.co.uk/download_files/WhitePaper/android_white_paper_2.pdf
http://www.ijraset.com/fileserve.php?FID=1376
https://source.android.com/
http://en.wikipedia.org/wiki/Mobile_operating_system
http://www.bitdefender.com/security/android-vulnerability-opens-door-to-sms-phishing-scams.html
http://www.android-app-market.com/android-architecture.html
http://ieeexplore.ieee.org/xpl/abstractReferences.jsp?tp=&arnumber=6150171&url=http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6150171
http://techbii.com/security-risks-android/
http://thefusejoplin.com/2014/09/top-15-ios-8-hidden-features/
Reverences http://www.androidpit.com/android-5-1-lollipop-update
http://www.howtogeek.com/189036/android-is-based-on-linux-but-what-does-that-mean/
https://source.android.com/devices/tech/security/#android-security-program-overview
http://www.cs.kent.edu/~rothstei/summer_13/notes/Alaql.pptx
http://en.wikipedia.org/wiki/Android_(operating_system)#History
http://www.bioinfopublication.org/files/articles/3_1_1_SE.pdf
http://handphoneseluler.blogspot.com/2013/01/advantages-and-disadvantages-android.html
https://books.google.com/books?id=GjsFBwAAQBAJ&pg=PA5&lpg=PA5&dq=Google+provides+major+updates+to+Android+every+six+to+nine+months.&source=bl&ots=8P-6X5oDpV&sig=WoP4cej1lvFc3Io2aRi9Z7EH3tI&hl=en&sa=X&ei=pg0OVbyXL4nFggTfr4LQDQ&ved=0CCYQ6AEwAQ#v=onepage&q=Google%20provides%20major%20updates%20to%20Android%20every%20six%20to%20nine%20months.&f=false
Thank Everybody