Droidcon India 2013

What's your thinking on Android this year?

Android Platform Security - Concepts, Attacks, Guidelines

Submitted by Arun Joseph (@arunjoseph05) on Friday, 18 October 2013

Section: Systems Technical level: Intermediate

View proposal in schedule

Abstract

The session will focus at exploring the security architecture and features of Android( JellyBean 4.3) from a platfrom builders perspective.

Outline

Android security is multi-layered and more robust than traditional Linux.
This talk covers in-depth analysis of various security features introduced till JellyBean 4.3.

  • Memory Protection Options
  • Application SandBoxing
  • Full Filesystem encryption
  • Storing the master keys and certificates
  • SEAndroid project
  • Full FileSystem Encryption
  • Cryptography
  • Secure interprocess communication
  • Application signing
  • Application-defined and user-granted permissions

Answers what users and developers can expect from this security framework and how to tune different security controls.

This talk also covers some of the famous Android security attacks

  • FROST
  • Android MasterKeys Vulnerability

Finally, how platform builders like Texas Instruments enhance security of Android.

  • Enabling Hardware Cryptography Accelerators
  • Enabling Hardware Random Number Generators

Speaker bio

Arun Joseph

Arun work for Texas Instruments and currently leading the android development project hosted on http://arowboat.org

Arun has more than 3 years of Android and Linux Kernel experience and is an expert in Embedded systems.

Comments

  • siva kumar paradesi (@sivakumarpms) 4 years ago

    thanks

Login with Twitter or Google to leave a comment