Android Security Internals: An In-Depth Guide to Android's Security Architecture - PDF
Скачать полную версию книги "Android Security Internals: An In-Depth Guide to Android's Security Architecture - PDF"
In a relatively short period of time, Android has become the world’s most popular mobile platform. Although originally designed for smartphones, it now powers tablets, TVs, and wearable devices, and will soon even be found in cars. Android is being developed at a breathtaking pace, with an average of two major releases per year. Each new release brings a better UI, performance improvements, and a host of new user-facing features which are typically blogged about and dissected in excruciating detail by Android enthusiasts.
One aspect of the Android platform that has seen major improvements over the last few years, but which has received little public attention, is security. Over the years, Android has become more resistant to common exploit techniques (such as buffer overflows), its application isolation (sandboxing) has been reinforced, and its attack surface has been considerably reduced by aggressively decreasing the number of system processes that run as root. In addition to these exploit mitigations, recent versions of Android have introduced major new security features such as restricted user support,
full-disk encryption, hardware-backed credential storage, and support for centralized device management and provisioning. Even more enterpriseoriented features and security improvements such as managed profile support, improved full-disk encryption, and support for biometric authentication have been announced for the next Android release (referred to as Android L as I write this).
As with any new platform feature, discussing cutting-edge security improvements is exciting, but it’s arguably more important to understand Android’s security architecture from the bottom up because each new security feature builds upon and integrates with the platform’s core security model. Android’s sandboxing model (in which each application runs as a separate Linux user and has a dedicated data directory) and permission system (which requires each application to explicitly declare the platform features it requires) are fairly well understood and documented. However, the internals of other fundamental platform features that have an impact on device security, such as package management and code signing, are largely treated as a black box beyond the security research community.
One of the reasons for Android’s popularity is the relative ease with which a device can be “flashed” with a custom build of Android, “rooted” by applying a third-party update package, or otherwise customized. Android enthusiast forums and blogs feature many practical “How to” guides that take users through the steps necessary to unlock a device and apply various customization packages, but they offer very little structured information about how such system updates operate under the hood and what risks they carry.
This books aims to fill these gaps by providing an exploration of how Android works by describing its security architecture from the bottom up and delving deep into the implementation of major Android subsystems and components that relate to device and data security. The coverage includes broad topics that affect all applications, such as package and user management, permissions and device policy, as well as more specific ones such as cryptographic providers, credential storage, and support for secure elements.
It’s not uncommon for entire Android subsystems to be replaced or rewritten between releases, but security-related development is conservative by nature, and while the described behavior might be changed or augmented across releases, Android’s core security architecture should remain fairly stable in future releases.
who This Book Is For
This book should be useful to anyone interested in learning more about Android’s security architecture. Both security researchers looking to evaluate the security level of Android as a whole or of a specific subsystem and platform developers working on customizing and extending Android will find the high-level description of each security feature and the provided implementation details to be a useful starting point for understanding the underlying platform source code. Application developers can gain a deeper understanding of how the platform works, which will enable them to write more secure applications and take better advantage of the securityrelated APIs that the platform provides. While some parts of the book are accessible to a non-technical audience, the bulk of the discussion is closely tied to Android source code or system files, so familiarity with the core concepts of software development in a Unix environment is useful.