最先端の利用シーンからみるセキュリティリスク
Nov. 18, 2011•0 likes•788 views
Download to read offline
Report
Technology
Business
情報セキュリティ大学院大学で開催された「スマートフォンや次世代端末のセキュリティ」での講演資料
Akira SasakiFollow
More Related Content
Similar to 最先端の利用シーンからみるセキュリティリスク
從 Google i/o 2015 看下半年 mobile 應用發展趨勢Ascii Huang
Gene Presentation For AndroidGene Leybzon
Domo Arigato Mr. Roboto - Open Source Bridge 2009sullis
Getting Started with Android - OSSPAC 2009sullis
Introduction to Android - Mobile Portlandsullis
G4H Webcast: Automated Security Analysis of Mobile Applications with Mobile S...Ajin Abraham
![[Wroclaw #1] Android Security Workshop](https://cdn.slidesharecdn.com/ss_thumbnails/owaspplwroclaw1-160225150939-thumbnail.jpg?width=1600&height=908&fit=bounds)
More from Akira Sasaki
AI robot carAkira Sasaki
CES2019 STEM教材最新動向Akira Sasaki
Android Things最新動向Akira Sasaki
はじめてのAndroid ThingsAkira Sasaki
AIZU.cloud 第一回 AWS CLIハンズオンAkira Sasaki
Hacker DoJo FaBo's LT.Akira Sasaki
Recently uploaded
Take Control of Podcasting thanks to Open Source and Podcasting 2.0🎙 Benjamin Bellamy
Solving today’s Traffic Problems with Sustainable Ride Hailing SolutionOn Demand Clone
"From Orchestration to Choreography and Back", Yevhen Bobrov Fwdays
EuroBSDCon 2023 - (auto)Installing BSD Systems - Cases using pfSense, TrueNAS...Vinícius Zavam
Google Cloud Study Jams Info SessionGDSCPCCE
Mastering Automation Quality: Exploring UiPath's Test Suite for Seamless Test...DianaGray10
最先端の利用シーンからみるセキュリティリスク
- 1. Android Security GClue
- 2. Apple TV
- 3. iCloud AirPlay MacBook iPhone4S Apple TV
- 4. Android
- 5. Android • 55 /1 • 1 9000 • 400
- 6. Android Market • App • 30 • Download • 3000 DL/
- 7. AppStore iTunes AppStore Android Market 3300 DL/ 3300 DL/ 7600 DL/
- 8. AppStore 2014 1850 / 5 /
- 9. CPU/GPU 2
- 10. Android OS 4.0 Hangout
- 11. Android OS4 Android Beam WiFi Direct Bluetooth P2P Health
- 12. Galaxy Nexus
- 13. Android OS For Tablet 3.0 3.1 3.2 1.0 1.1 1.5 1.6 2.0 2.1 2.2 2.3 4.0 For SmartPhone 2.0 3.1 For TV
- 14. Store
- 15. Market Ameba AppMarket CyberAgent @ GMO Yahoo Market Yahoo Square Enix Market Square Enix au one Market au/kddi AndroApp Vector Bandai Namco
- 16. Market( ) 175000 GetJar Amazon AppStore Amazon AppStore
- 17. GetJar 300 / 175000 Java ME BlackBerry Symbian Windows Mobile Android
- 18. Amazon AppStore Android OS 2.3 Kindle Fire
- 19. Android Market iTunes Store Kill Switch
- 20. Android ?
- 21. Android
- 22. Android Security Model • Android OS Linux UserID GroupID
- 23. UID/GID /data/data # ls -l drwxr-x--x app_1 app_1 2011-10-20 17:46 com.android.backupconfirm drwxr-x--x app_2 app_2 2011-10-20 17:50 com.android.browser drwxr-x--x app_3 app_3 2011-10-20 17:46 com.android.calculator2 drwxr-x--x app_4 app_4 2011-10-20 17:50 com.android.calendar drwxr-x--x app_6 app_6 2011-10-20 17:46 com.android.camera drwxr-x--x app_7 app_7 2011-10-20 17:46 com.android.certinstaller drwxr-x--x app_0 app_0 2011-10-20 17:46 com.android.contacts drwxr-x--x app_9 app_9 2011-10-20 17:46 com.android.customlocale2 drwxr-x--x app_10 app_10 2011-10-20 17:46 com.android.defcontainer drwxr-x--x app_11 app_11 2011-10-20 17:49 com.android.deskclock drwxr-x--x app_12 app_12 2011-10-20 17:46 com.android.development drwxr-x--x app_14 app_14 2011-10-20 17:50 com.android.email drwxr-x--x app_8 app_8 2011-10-20 17:46 com.android.emulator.connectivity.test drwxr-x--x app_18 app_18 2011-10-20 17:46 com.android.emulator.gps.test drwxr-x--x app_15 app_15 2011-10-20 17:46 com.android.exchange drwxr-x--x app_16 app_16 2011-10-20 17:46 com.android.fallback UID/GID
- 24. • • ./android/debug.keystore
- 25. Android • com.gclue.app1 com.yokohama.app1 App A App B com.gclue.app1 com.yokohama.app1
- 26. ADK
- 27. Hardware • ADK • USB Host
- 28. Intent
- 29. Intent App B App A
- 30. Android
- 31. Android • Permission • URI Permission
- 32. Permission AndroidManifest.xml <uses-permission android:name="android.permission.READ_PHONE_STATE"/> 480px x 800px IMEI Samsung Galaxy S Phone No Software Version [Captivate] Sim Serial Subscriber Id Download Permission
- 33. Permission Permission android.permission.GET_ACCOUNTS GMail android.permission.READ_CALENDAR android.permission.READ_CONTACTS android.permission.READ_PHONE_STATE (IMEI, SubscriberID, SimSerial) android.permission.READ_PROFILE android.permission.RECEIVE_SMS android.permission.READ_SMS SMS / / android.permission.WRITE_SMS Android Google android.permission.USE_CREDENTIALS OAuth
- 34. Data • Content Provider(SQLite) • SharedPreference(KeyValueStore) • File I/O
- 35. Content Provider • Android • SQLite AndroidManifest.xml android:readPermission android:writePermission android:permission
- 36. URI Permission • • <grant-uri-permission> • AndroidManifest.xml <grant-uri-permission android:pathPrefix="/all_downloads/"/>
- 37. SharedPreference File I/O AndroidManifest.xml Context.MODE_PRIVATE Context.MODE_WORLD_READABLE Context.MODE_WORLD_WRITEABL
- 38. Cloud
- 39. Account Manager
- 40. Account Manager AndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/> AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "android", null, this, null, null); Android Market
- 41. Account Manager AndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/> AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "ah", null, this, null, null); Google App Engine
- 42. Cloud AcountManager Service Key Google Analytics Data analytics APIs Google Apps APIs apps (Domain Information Google Sites Data API jotspot & Management) Blogger Data API blogger Book Search Data API print Calendar Data API cl Google Code Search codesearch Data API Contacts Data API Content API for cp structuredcontent No Password Shopping Documents List Data writely API Finance Data API finance Gmail Atom feed mail Health Data API health Maps Data APIs local Picasa Web Albums lh2 Data API Sidewiki Data API annotateweb Spreadsheets Data API wise Webmaster Tools API sitemaps YouTube Data API youtube Android Market android
- 43. Google App
- 45. Google Apps
- 46. Google Apps Device Policy