Android Security      GClue
Apple TV
iCloud                     AirPlayMacBook   iPhone4S             Apple TV
Android
Android• 55   /1•             1   9000•           400
Android Market• App • 30• Download • 3000 DL/
AppStoreiTunes AppStore     Android Market 3300 DL/            3300 DL/      7600        DL/
AppStore 2014     1850     /5                 /
CPU/GPU          2
Android OS 4.0        Hangout
Android OS4Android Beam   WiFi Direct   Bluetooth                  P2P         Health
Galaxy Nexus
Android OS                          For Tablet                          3.0 3.1 3.21.0 1.1 1.5 1.6 2.0 2.1 2.2 2.3        ...
Store
MarketAmeba AppMarket       CyberAgent@                        GMO  Yahoo Market          YahooSquare Enix Market    Squar...
Market(        )                  175000    GetJarAmazon AppStore    Amazon   AppStore
GetJar300       /      175000      Java ME      BlackBerry      Symbian      Windows Mobile      Android
Amazon AppStore Android OS 2.3 Kindle Fire
Android Market   iTunes Store   Kill Switch
Android   ?
Android
Android Security Model• Android         OS                       Linux  UserID    GroupID
UID/GID        /data/data# ls -ldrwxr-x--x app_1    app_1     2011-10-20 17:46 com.android.backupconfirmdrwxr-x--x app_2   ...
••    ./android/debug.keystore
Android •     com.gclue.app1     com.yokohama.app1       App A             App Bcom.gclue.app1   com.yokohama.app1
ADK
Hardware• ADK• USB Host
Intent
Intent                 App BApp A
Android
Android• Permission• URI Permission
Permission                            AndroidManifest.xml                            <uses-permission android:name="androi...
Permission                  Permissionandroid.permission.GET_ACCOUNTS               GMailandroid.permission.READ_CALENDARa...
Data• Content Provider(SQLite)• SharedPreference(KeyValueStore)• File I/O
Content Provider• Android• SQLite            AndroidManifest.xml                 android:readPermission                 an...
URI Permission•    • <grant-uri-permission>    •           AndroidManifest.xml            <grant-uri-permission android:pa...
SharedPreference        File I/OAndroidManifest.xml   Context.MODE_PRIVATE   Context.MODE_WORLD_READABLE   Context.MODE_WO...
Cloud
Account Manager
Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFutur...
Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFutur...
CloudAcountManager        Service                  KeyGoogle Analytics Data        analytics         APIs   Google Apps AP...
Google App
Google Data ProtocolGoogle
Google Apps
Google Apps Device Policy
Upcoming SlideShare
Loading in …5
×

最先端の利用シーンからみるセキュリティリスク

960 views

Published on

情報セキュリティ大学院大学で開催された「スマートフォンや次世代端末のセキュリティ」での講演資料

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
960
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

最先端の利用シーンからみるセキュリティリスク

  1. 1. Android Security GClue
  2. 2. Apple TV
  3. 3. iCloud AirPlayMacBook iPhone4S Apple TV
  4. 4. Android
  5. 5. Android• 55 /1• 1 9000• 400
  6. 6. Android Market• App • 30• Download • 3000 DL/
  7. 7. AppStoreiTunes AppStore Android Market 3300 DL/ 3300 DL/ 7600 DL/
  8. 8. AppStore 2014 1850 /5 /
  9. 9. CPU/GPU 2
  10. 10. Android OS 4.0 Hangout
  11. 11. Android OS4Android Beam WiFi Direct Bluetooth P2P Health
  12. 12. Galaxy Nexus
  13. 13. Android OS For Tablet 3.0 3.1 3.21.0 1.1 1.5 1.6 2.0 2.1 2.2 2.3 4.0 For SmartPhone 2.0 3.1 For TV
  14. 14. Store
  15. 15. MarketAmeba AppMarket CyberAgent@ GMO Yahoo Market YahooSquare Enix Market Square Enix au one Market au/kddi AndroApp Vector Bandai Namco
  16. 16. Market( ) 175000 GetJarAmazon AppStore Amazon AppStore
  17. 17. GetJar300 / 175000 Java ME BlackBerry Symbian Windows Mobile Android
  18. 18. Amazon AppStore Android OS 2.3 Kindle Fire
  19. 19. Android Market iTunes Store Kill Switch
  20. 20. Android ?
  21. 21. Android
  22. 22. Android Security Model• Android OS Linux UserID GroupID
  23. 23. UID/GID /data/data# ls -ldrwxr-x--x app_1 app_1 2011-10-20 17:46 com.android.backupconfirmdrwxr-x--x app_2 app_2 2011-10-20 17:50 com.android.browserdrwxr-x--x app_3 app_3 2011-10-20 17:46 com.android.calculator2drwxr-x--x app_4 app_4 2011-10-20 17:50 com.android.calendardrwxr-x--x app_6 app_6 2011-10-20 17:46 com.android.cameradrwxr-x--x app_7 app_7 2011-10-20 17:46 com.android.certinstallerdrwxr-x--x app_0 app_0 2011-10-20 17:46 com.android.contactsdrwxr-x--x app_9 app_9 2011-10-20 17:46 com.android.customlocale2drwxr-x--x app_10 app_10 2011-10-20 17:46 com.android.defcontainerdrwxr-x--x app_11 app_11 2011-10-20 17:49 com.android.deskclockdrwxr-x--x app_12 app_12 2011-10-20 17:46 com.android.developmentdrwxr-x--x app_14 app_14 2011-10-20 17:50 com.android.emaildrwxr-x--x app_8 app_8 2011-10-20 17:46 com.android.emulator.connectivity.testdrwxr-x--x app_18 app_18 2011-10-20 17:46 com.android.emulator.gps.testdrwxr-x--x app_15 app_15 2011-10-20 17:46 com.android.exchangedrwxr-x--x app_16 app_16 2011-10-20 17:46 com.android.fallback UID/GID
  24. 24. •• ./android/debug.keystore
  25. 25. Android • com.gclue.app1 com.yokohama.app1 App A App Bcom.gclue.app1 com.yokohama.app1
  26. 26. ADK
  27. 27. Hardware• ADK• USB Host
  28. 28. Intent
  29. 29. Intent App BApp A
  30. 30. Android
  31. 31. Android• Permission• URI Permission
  32. 32. Permission AndroidManifest.xml <uses-permission android:name="android.permission.READ_PHONE_STATE"/> 480px x 800px IMEI Samsung Galaxy S Phone No Software Version [Captivate] Sim Serial Subscriber IdDownload Permission
  33. 33. Permission Permissionandroid.permission.GET_ACCOUNTS GMailandroid.permission.READ_CALENDARandroid.permission.READ_CONTACTSandroid.permission.READ_PHONE_STATE (IMEI, SubscriberID, SimSerial)android.permission.READ_PROFILEandroid.permission.RECEIVE_SMSandroid.permission.READ_SMS SMS / /android.permission.WRITE_SMS Android Googleandroid.permission.USE_CREDENTIALS OAuth
  34. 34. Data• Content Provider(SQLite)• SharedPreference(KeyValueStore)• File I/O
  35. 35. Content Provider• Android• SQLite AndroidManifest.xml android:readPermission android:writePermission android:permission
  36. 36. URI Permission• • <grant-uri-permission> • AndroidManifest.xml <grant-uri-permission android:pathPrefix="/all_downloads/"/>
  37. 37. SharedPreference File I/OAndroidManifest.xml Context.MODE_PRIVATE Context.MODE_WORLD_READABLE Context.MODE_WORLD_WRITEABL
  38. 38. Cloud
  39. 39. Account Manager
  40. 40. Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "android", null, this, null, null); Android Market
  41. 41. Account ManagerAndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/>AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "ah", null, this, null, null); Google App Engine
  42. 42. CloudAcountManager Service KeyGoogle Analytics Data analytics APIs Google Apps APIs apps (Domain InformationGoogle Sites Data API jotspot & Management) Blogger Data API bloggerBook Search Data API print Calendar Data API cl Google Code Search codesearch Data API Contacts Data API Content API for cp structuredcontent No Password Shopping Documents List Data writely API Finance Data API finance Gmail Atom feed mail Health Data API health Maps Data APIs local Picasa Web Albums lh2 Data API Sidewiki Data API annotatewebSpreadsheets Data API wise Webmaster Tools API sitemaps YouTube Data API youtube Android Market android
  43. 43. Google App
  44. 44. Google Data ProtocolGoogle
  45. 45. Google Apps
  46. 46. Google Apps Device Policy

×