Your SlideShare is downloading. ×
最先端の利用シーンからみるセキュリティリスク
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

最先端の利用シーンからみるセキュリティリスク

675
views

Published on

情報セキュリティ大学院大学で開催された「スマートフォンや次世代端末のセキュリティ」での講演資料

情報セキュリティ大学院大学で開催された「スマートフォンや次世代端末のセキュリティ」での講演資料

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
675
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Android Security GClue
  • 2. Apple TV
  • 3. iCloud AirPlayMacBook iPhone4S Apple TV
  • 4. Android
  • 5. Android• 55 /1• 1 9000• 400
  • 6. Android Market• App • 30• Download • 3000 DL/
  • 7. AppStoreiTunes AppStore Android Market 3300 DL/ 3300 DL/ 7600 DL/
  • 8. AppStore 2014 1850 /5 /
  • 9. CPU/GPU 2
  • 10. Android OS 4.0 Hangout
  • 11. Android OS4Android Beam WiFi Direct Bluetooth P2P Health
  • 12. Galaxy Nexus
  • 13. Android OS For Tablet 3.0 3.1 3.21.0 1.1 1.5 1.6 2.0 2.1 2.2 2.3 4.0 For SmartPhone 2.0 3.1 For TV
  • 14. Store
  • 15. MarketAmeba AppMarket CyberAgent@ GMO Yahoo Market YahooSquare Enix Market Square Enix au one Market au/kddi AndroApp Vector Bandai Namco
  • 16. Market( ) 175000 GetJarAmazon AppStore Amazon AppStore
  • 17. GetJar300 / 175000 Java ME BlackBerry Symbian Windows Mobile Android
  • 18. Amazon AppStore Android OS 2.3 Kindle Fire
  • 19. Android Market iTunes Store Kill Switch
  • 20. Android ?
  • 21. Android
  • 22. Android Security Model• Android OS Linux UserID GroupID
  • 23. UID/GID /data/data# ls -ldrwxr-x--x app_1 app_1 2011-10-20 17:46 com.android.backupconfirmdrwxr-x--x app_2 app_2 2011-10-20 17:50 com.android.browserdrwxr-x--x app_3 app_3 2011-10-20 17:46 com.android.calculator2drwxr-x--x app_4 app_4 2011-10-20 17:50 com.android.calendardrwxr-x--x app_6 app_6 2011-10-20 17:46 com.android.cameradrwxr-x--x app_7 app_7 2011-10-20 17:46 com.android.certinstallerdrwxr-x--x app_0 app_0 2011-10-20 17:46 com.android.contactsdrwxr-x--x app_9 app_9 2011-10-20 17:46 com.android.customlocale2drwxr-x--x app_10 app_10 2011-10-20 17:46 com.android.defcontainerdrwxr-x--x app_11 app_11 2011-10-20 17:49 com.android.deskclockdrwxr-x--x app_12 app_12 2011-10-20 17:46 com.android.developmentdrwxr-x--x app_14 app_14 2011-10-20 17:50 com.android.emaildrwxr-x--x app_8 app_8 2011-10-20 17:46 com.android.emulator.connectivity.testdrwxr-x--x app_18 app_18 2011-10-20 17:46 com.android.emulator.gps.testdrwxr-x--x app_15 app_15 2011-10-20 17:46 com.android.exchangedrwxr-x--x app_16 app_16 2011-10-20 17:46 com.android.fallback UID/GID
  • 24. •• ./android/debug.keystore
  • 25. Android • com.gclue.app1 com.yokohama.app1 App A App Bcom.gclue.app1 com.yokohama.app1
  • 26. ADK
  • 27. Hardware• ADK• USB Host
  • 28. Intent
  • 29. Intent App BApp A
  • 30. Android
  • 31. Android• Permission• URI Permission
  • 32. Permission AndroidManifest.xml <uses-permission android:name="android.permission.READ_PHONE_STATE"/> 480px x 800px IMEI Samsung Galaxy S Phone No Software Version [Captivate] Sim Serial Subscriber IdDownload Permission
  • 33. Permission Permissionandroid.permission.GET_ACCOUNTS GMailandroid.permission.READ_CALENDARandroid.permission.READ_CONTACTSandroid.permission.READ_PHONE_STATE (IMEI, SubscriberID, SimSerial)android.permission.READ_PROFILEandroid.permission.RECEIVE_SMSandroid.permission.READ_SMS SMS / /android.permission.WRITE_SMS Android Googleandroid.permission.USE_CREDENTIALS OAuth
  • 34. Data• Content Provider(SQLite)• SharedPreference(KeyValueStore)• File I/O
  • 35. Content Provider• Android• SQLite AndroidManifest.xml android:readPermission android:writePermission android:permission
  • 36. URI Permission• • <grant-uri-permission> • AndroidManifest.xml <grant-uri-permission android:pathPrefix="/all_downloads/"/>
  • 37. SharedPreference File I/OAndroidManifest.xml Context.MODE_PRIVATE Context.MODE_WORLD_READABLE Context.MODE_WORLD_WRITEABL
  • 38. Cloud
  • 39. Account Manager
  • 40. Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "android", null, this, null, null); Android Market
  • 41. Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "ah", null, this, null, null); Google App Engine
  • 42. CloudAcountManager Service KeyGoogle Analytics Data analytics APIs Google Apps APIs apps (Domain InformationGoogle Sites Data API jotspot & Management) Blogger Data API bloggerBook Search Data API print Calendar Data API cl Google Code Search codesearch Data API Contacts Data API Content API for cp structuredcontent No Password Shopping Documents List Data writely API Finance Data API finance Gmail Atom feed mail Health Data API health Maps Data APIs local Picasa Web Albums lh2 Data API Sidewiki Data API annotatewebSpreadsheets Data API wise Webmaster Tools API sitemaps YouTube Data API youtube Android Market android
  • 43. Google App
  • 44. Google Data ProtocolGoogle
  • 45. Google Apps
  • 46. Google Apps Device Policy