Android Platform Security - Concepts, Attacks, Guidelines
Submitted by Arun Joseph (@arunjoseph05) on Friday, 18 October 2013
The session will focus at exploring the security architecture and features of Android( JellyBean 4.3) from a platfrom builders perspective.
Android security is multi-layered and more robust than traditional Linux.
This talk covers in-depth analysis of various security features introduced till JellyBean 4.3.
- Memory Protection Options
- Application SandBoxing
- Full Filesystem encryption
- Storing the master keys and certificates
- SEAndroid project
- Full FileSystem Encryption
- Secure interprocess communication
- Application signing
- Application-defined and user-granted permissions
Answers what users and developers can expect from this security framework and how to tune different security controls.
This talk also covers some of the famous Android security attacks
- Android MasterKeys Vulnerability
Finally, how platform builders like Texas Instruments enhance security of Android.
- Enabling Hardware Cryptography Accelerators
- Enabling Hardware Random Number Generators
Arun work for Texas Instruments and currently leading the android development project hosted on http://arowboat.org
Arun has more than 3 years of Android and Linux Kernel experience and is an expert in Embedded systems.