Each Android release comes with great new and privacy features. When it comes to implementing these new features we always look at ways to measure the impact with that demonstrates the effectiveness of these improvements. But how do these features map to an overall strategy?

Last week, we released a whitepaper describing The Android Platform Security Model. Specifically we discuss:

  • The security which has implicitly informed the Android platform’s security design from the beginning, but has not been formally published or described outside of .
  • The context in which this security model must operate, including the scale of the Android ecosystem and its many form factors and use cases.
  • The complex model Android must address.
  • How Android’s reference implementation in the Android Open Source Project (AOSP) enacts the security model.
  • How Android’s security systems have evolved over time to address the threat model.

Android is fundamentally based on a multi-party consent1 model: an action should only happen if the involved parties consent to it. Most importantly, are not considered to be fully authorized agents for the user. There are some intentional deviations from the security model and we discuss why these exist and the value that they provide to users. Finally, openness is a fundamental value in Android: from how we develop and publish in open source, to the open access users and developers have in finding or publishing , and the open communication mechanisms we provide for inter-app interactions which facilitate innovation within the app ecosystem.

We hope this paper provides useful information and background to all the academic and security researchers dedicated to further strengthening the security of the Android ecosystem. Happy reading!

Acknowledgements: This post leveraged contributions from René Mayrhofer, Chad Brubaker, and Nick Kralevich


Source link

No tags for this post.


Please enter your comment!
Please enter your name here