Android Security, Pitfalls and Lessons Learned

نویسندگان

Steffen Liebergeld

Matthias Lange

چکیده

Over the last two years Android became the most popular mobile operating system. But Android is also targeted by an over-proportional share of malware. In this paper we systematize the knowledge about the Android security mechanisms and formulate how the pitfalls can be avoided when building a mobile operating system.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Android Security , Pitfalls , Lessons Learned and BYOD Technical report

متن کامل

Android Security Framework: Enabling Generic and Extensible Access Control on Android

We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of codebased security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines...

متن کامل

Case Study: Static Security Analysis of the Android Goldfish Kernel

In this work we present an industry-driven case study of applying static program analysis to the Android kernel. In particular, we investigate the ability of open source tools as represented by Cppcheck and of commercial tools as represented by Goanna to detect security vulnerabilities. In our case study, we explore static security checking along the dimensions of setup effort, run time, qualit...

متن کامل

Securing Embedded User Interfaces: Android and Beyond

Web and smartphone applications commonly embed third-party user interfaces like advertisements and social media widgets. However, this capability comes with security implications, both for the embedded interfaces and the host page or application. While browsers have evolved over time to address many of these issues, mobile systems like Android—which do not yet support true cross-application int...

متن کامل

Attacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy

Android is the most prevalent Linux-based mobile Operating System in the market today. Many features of the platform security (such as stack protection, key generation, etc.) are based on values provided by the Linux Pseudorandom Number Generator (LPRNG) and weaknesses in the LPRNG could therefore directly affect platform security. Much literature has been published previously investigating and...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2013

Android Security, Pitfalls and Lessons Learned

نویسندگان

چکیده

منابع مشابه

Android Security , Pitfalls , Lessons Learned and BYOD Technical report

Android Security Framework: Enabling Generic and Extensible Access Control on Android

Case Study: Static Security Analysis of the Android Goldfish Kernel

Securing Embedded User Interfaces: Android and Beyond

Attacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy

عنوان ژورنال:

اشتراک گذاری