Droidcon India 2013

What's your thinking on Android this year?

Android Platform Security - Concepts, Attacks, Guidelines

Submitted by Arun Joseph (@arunjoseph05) on Friday, 18 October 2013

videocam_off

Technical level

Intermediate

Section

Systems

Status

Confirmed & Scheduled

View proposal in schedule

Vote on this proposal

Login to vote

Total votes:  +9

Objective

The session will focus at exploring the security architecture and features of Android( JellyBean 4.3) from a platfrom builders perspective.

Description

Android security is multi-layered and more robust than traditional Linux.
This talk covers in-depth analysis of various security features introduced till JellyBean 4.3.

  • Memory Protection Options
  • Application SandBoxing
  • Full Filesystem encryption
  • Storing the master keys and certificates
  • SEAndroid project
  • Full FileSystem Encryption
  • Cryptography
  • Secure interprocess communication
  • Application signing
  • Application-defined and user-granted permissions

Answers what users and developers can expect from this security framework and how to tune different security controls.

This talk also covers some of the famous Android security attacks

  • FROST
  • Android MasterKeys Vulnerability

Finally, how platform builders like Texas Instruments enhance security of Android.

  • Enabling Hardware Cryptography Accelerators
  • Enabling Hardware Random Number Generators

Speaker bio

Arun Joseph

Arun work for Texas Instruments and currently leading the android development project hosted on http://arowboat.org

Arun has more than 3 years of Android and Linux Kernel experience and is an expert in Embedded systems.

Comments

  • 1
    siva kumar paradesi (@sivakumarpms) 4 years ago

    thanks

Login with Twitter or Google to leave a comment