Android security in depth

1,104 views

Published on

Presentation about developer level security features on android

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,104
On SlideShare
0
From Embeds
0
Number of Embeds
258
Actions
Shares
0
Downloads
49
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide
  • Mmap_min_addr prevents MMAPing the lowest pages of virtual memory. A null pointer dereference could access that memory and execute code that you prepared beforehand.
  • Android security in depth

    1. 1. Sander AlberinkHealthcare Automotive Industrial Automation Machine & Systems EnergyLogisticsAndroid Security in depth
    2. 2. Agenda Android overview System-level security Application-level security Enterprise-level security
    3. 3. Show of hands...Who has■ An Android device?■ Loaded a custom ROM?■ Rooted his device?■ Developed for that device?22 mei 2013 Android Security in depth4
    4. 4. Android Security – System level
    5. 5. Android system architecture
    6. 6. System level execution NX-bit Stack-overflow prevention Address Space Layout Randomization dlmalloc/calloc + extensions mmap_min_addr
    7. 7. Linux security measures Sandboxing in kernel Permissions enforced through linux groups Each app separate UID
    8. 8. Dalvik VM Not a security boundary■ No security manager■ Permissions areenforced in OS, not VM■ Bytecode verificationoptimized for speed, notsecurity
    9. 9.  Zygote process preloads typical classesand dynamic link libraries Copy-on-write■ Only when new process writes page,new page is allocated.■ All pages not be written are sharedamong all zygote children. Exec system call is not used in zygote.■ wipes the page mapping table ofprocess.■ It means exec discards zygote cache. Runs as UID=0 (root). After forking childprocess, its UID is changed by setuidsystem call.Zygote processes
    10. 10. Binder IPC■ IPC via kernel interface■ Used under water for all IPC in Android• Service to application• Service to system• But also Intent-based communication...■ Is security-aware and passes calling UID & GID22 mei 2013 Powerpoint ICT Automatisering11
    11. 11. Additional measures in Android 4.2 Application verification■ Additional scan formalicious sw Always-on VPN Improvements toinstalld/init handling, etc
    12. 12. Android Security – Application level
    13. 13. Intent system Communication between OS andapplications via Intents OS resolves requested action(e.g. edit contact) with allregistered Intent receivers Highly versatile and modular Allows changing out defaultfunctionality for alternatives
    14. 14. Permissions Permissions determine ifan app can perform anaction 4 levels:■ Normal■ Dangerous■ Signature■ System
    15. 15. Permissions contd Permissions checked when:■ Starting activities■ Starting/binding to services■ Sending to BroadcastReceivers■ Accessings ContentProviders (separate for read andwrite■ … and at any given moment usingContext.checkCallingPermission()
    16. 16. App signingAll Android applications must be signed by the author (developer) Application or code signing is the process of digitally signing a given applicationusing a private key to: Identify the codes author Detect if the application has changed Establish trust between applicationsOn Android, the certificate (X.509) can be self-signed, so there is no need for acertificate authorityAndroid applications can be built in debug and release-mode: In debug mode the app is automatically signed with debug key and cannot bedistributed (e.g. via Google Play) In release-mode the app is signed with the private key.
    17. 17. Android Security – Enterprise level
    18. 18. Encryption Full-disk encryption using dm-crypt■ Actually: /data partition Done using 128 bit AES/SHA256 Master key encrypted with another key based off devicePIN/passwd■ Problem: since PIN is usually 4 digits long, crackingmaster key is matter of little time...
    19. 19. Device Policies Determine user-levelsecurity Locate lost devices Enable remote wipe Can disable functionality(such as camera)
    20. 20. VPN Support for VPN connections based on■ IPSec■ PPTP■ Own VPN implementation (3rd party, 4.0+) Requires use of device lock mechanism As of Android 4.2, always-on VPN is possible too
    21. 21. Questions?

    ×