西安电子科技大学：《移动互联网技术》课程教学资源（PPT课件）03 移动互联网技术（Android安全）

移动互联网技术-Android安全 苏锐丹

移动互联网技术-Android安全 苏锐丹

Android software stack Applications System apps User apps Launcher2 Phone Evernote Feedly Browser Settings Chrome Dropbox Contacts Facebook Application Framework Java core libraries Android Framework Libraries PowerManager PackageManager ResourceManager Apache ContentProviders LocationManager Harmony Binder System Services PowerManager PackageManager Battery Service service ActivityManager Connectivity rvice Daivik VM/Android Runtime Zygote Native Userspace Hardware Abstraction Native Layer Libraries Linux Kernel Ashmem Wakelocks Logger Binder (IPC) Driver Camera driver Audio driver Display driver

Android software stack

the green blocks correspond to the components developed in C/C++ the blue cohere with the ones implemented in Java. Apache version 2.0 License GNU GPL version 2 license(linux kernel)

◼ the green blocks correspond to the components developed in C/C++ ◼ the blue cohere with the ones implemented in Java. ◼ Apache version 2.0 License ◼ GNU GPL version 2 license(linux kernel)

Kernel changes Binder Ashmem ■Vakelocks

Kernel changes ◼ Binder ◼ Ashmem ◼ Wakelocks

Native userspace Hardware Abstraction Layer a very different approach to support new hardware Android define an API that is used by upper layers to interact with this type of hardware Init/toolbox Native daemons ■Native libraries

Native userspace ◼ Hardware Abstraction Layer a very different approach to support new hardware Android define an API that is used by upper layers to interact with this type of hardware ◼ Init/toolbox ◼ Native daemons ◼ Native libraries

Application framework Dalvik Zygote,accelerate the process initialization procedure Java Core Libraries ■System Services basic mobile operating system functionality(PackageManagerService......) ▣JNI Application Framework Libraries

Application framework ◼ Dalvik Zygote, accelerate the process initialization procedure ◼ Java Core Libraries ◼ System Services basic mobile operating system functionality(PackageManagerService……) JNI ◼ Application Framework Libraries

Android applications ■System Applications Applications from numerous app markets

Android applications ◼ System Applications ◼ Applications from numerous app markets

an adversary app should not harm the operating system resources,the user and other applications ▣Linux kernel level Application Framework level

◼ an adversary app should not harm the operating system resources, the user and other applications Linux kernel level Application Framework level

Application Sandbox ■ enforces the isolation of applications and operating system components process separation and Discretionary Access Control over network sockets and filesystem assigning each application a separate Unix user(UID)and group(GID)identifiers running each application in a separate Linux process

Application Sandbox ◼ enforces the isolation of applications and operating system components process separation and Discretionary Access Control over network sockets and filesystem assigning each application a separate Unix user (UID) and group (GID) identifiers running each application in a separate Linux process

App 1 App 2 Applications IPC MAC Android Middleware FileSystem DAC Linux Socket DAC Kernel