CSC591-006 Smartphone OS Security Introduction Spring 2012 Prof. William Enck NC State -- Department of Computer Science Page 1
Why Study Smartphone Security? • New platform / they’re popular / it’s a buzzword • Resource constrained devices (still?) • Different (intensified?) security risks • The future of computing? NC State -- Department of Computer Science Page 2
This Course • This is a paper-based seminar course considering smartphone operating systems and their security • Seminar-style : round-table discussions of scientific papers led by a student moderator • OS Report : breadth study of top platforms (Android, iOS, Windows Phone, and BlackBerry) • Research Project : students will complete a conference- like paper NC State -- Department of Computer Science Page 3
Grading • Project: 40% • Smartphone OS Report: 15% • Class participation: 25% • Moderating+Presentations: 10% • Paper critiques: 10% NC State -- Department of Computer Science Page 4
Paper Critiques • We will discuss one or two papers every class • Critiques are due by noon the day of class ‣ Graded as “satisfactory,” “satisfactory-”, “satisfactory+” ‣ Need a “satisfactory” average to pass the class • Identify: ‣ Three technical strengths ‣ Three technical weaknesses • For each strength/weakness: ‣ Identify it and support it by arguments • Late Policy: ‣ Four 1-day extensions ‣ Drop up to 4 summaries NC State -- Department of Computer Science Page 5
Paper Moderating • Assigned moderators will make a brief (5-7 minute) presentation (template on Moodle) ‣ Proposes three discussion questions • Breakout roundtable discussions for about 10 mins ‣ Groups of three (changes every class) • “All hands” discussion for about 15 mins NC State -- Department of Computer Science Page 6
Selecting Papers to Moderate • Everyone must go once before anyone goes twice • Paper discussions start next week • Email me 5 top choices by next class ‣ I will make assignments ‣ If a paper isn’t desired by anyone, I’ll pick someone NC State -- Department of Computer Science Page 7
OS Reports • Class broken into four teams (decided today!) ‣ Android, iOS, BlackBerry, Windows Phone • Written Report (Prelim) • Oral Presentation • Written Report (Final) ‣ Application environment ‣ Security Framework • Conclude with at least three positive and three negative critiques of the security framework. NC State -- Department of Computer Science Page 8
Research Projects (Proposal) • 3-5 page project description (Written in LaTeX) ‣ Section 1: Introduction ‣ Section 2: Approach ‣ Section 3: Deliverables ‣ Section 4: Schedule ‣ References • Groups of one or two (with approval) • Oral presentations (~10 mins) NC State -- Department of Computer Science Page 9
Project Status Report • Early draft of your final report ‣ Should have well written: abstract, introduction, overview of approach. ‣ Protocol/Architecture/Design should have some technical detail and a high-level architecture ‣ Placeholders for remaining sections ‣ Related work should be near complete NC State -- Department of Computer Science Page 10
Final Project Report • 8-10 pages (11pt) • Final Presentation • Suggested outline: ‣ ~20 mins (depending on number of projects) ‣ Abstract ‣ 5 mins Q&A ‣ Introduction ‣ Overview of Approach ‣ Protocol/Architecture/ Design/... ‣ Evaluation ‣ Discussion ‣ Related Work ‣ Conclusions ‣ References NC State -- Department of Computer Science Page 11
OS Report Teams NC State -- Department of Computer Science Page 12
Quick Android Primer NC State -- Department of Computer Science Page 13
Android Phones • An Android contains a number of “ applications ” ‣ Android comes installed with a number of basic systems tools, e.g., dialer, address book, etc. ‣ Developers use the Android API to construct applications. • All apps are written in Java and executed within a custom Java virtual machine. ‣ Each application package is contained in a jar file (.apk) • Applications are installed by the user ‣ No “app store” required, just build and go. ‣ Open access to data and voice services NC State -- Department of Computer Science Page 14
Architecture • The Android smartphone operating system is built upon Linux and includes many libraries and a core set of applications. • The middleware makes it interesting ‣ Not focused on UNIX processes ‣ Uses the Binder component framework • Originally part of BeOS, then enhanced Phone Contacts Maps by Palm, now used in Android Application Application Application ‣ Applications consist of many Reference Binder Monitor Android Middleware Component components of different types Framework Policy ‣ Applications interact via components Linux • We focus on security with respect to the component API NC State -- Department of Computer Science Page 15
Component Model • While each application runs as its own UNIX uid, sharing can occur through application-level interactions ‣ Interactions based on components ‣ Different component types • Activity • Service start/stop/bind start • Content Provider call Activity Activity Activity Service return • Broadcast Receiver callback Communicating with a Service Starting an Activity for a Result ‣ Target component in the same or different application Read/Write System Query Send Broadcast ‣ but first ... Content Activity Activity Intent Receiver Provider return Service Querying a Content Provider Receiving an Intent Broadcast NC State -- Department of Computer Science Page 16
Intents • Intents are objects used as inter-component signaling ‣ Starting the user interface for an application ‣ Sending a message between components ‣ Starting a background service NC State -- Department of Computer Science Page 17
Activity Component • The user interface consists of a series of Activity components. • Each Activity is a “screen”. • User actions tell an Activity to start another Activity, possibly with the expectation of a result . • The target Activity is not necessarily in the same application. • Directly or via Intent “action strings”. • Processing stops when another Activity is “on top”. NC State -- Department of Computer Science Page 18
Service Component • Background processing occurs in Service components. ‣ Downloading a file, playing music, tracking location, polling, etc. ‣ Local vs. Remote Services (process-level distinction) • Also provides a “service” interface between applications ‣ Arbitrary interfaces for data transfer Android Interface Definition Language (AIDL) • ‣ Register callback methods ‣ Core functionality often implemented as Service components e.g., Location API, Alarm service • • Multiple interfaces ‣ Control: start, stop ‣ Method invocation: bind NC State -- Department of Computer Science Page 19
Content Provider Component • Content Provider components provide a standardized interface for sharing data, i.e., content (between applications). • Models content in a relational DB ‣ Users of Content Providers can perform queries equivalent to SELECT, UPDATE, INSERT, DELETE ‣ Works well when content is tabular ‣ Also works as means of addressing “files” • URI addressing scheme content://<authority>/<table>/[<id>] ‣ content://contacts/people/10 ‣ NC State -- Department of Computer Science Page 20
Broadcast Receiver Component • Broadcast Receiver components act as specialized event Intent handlers (also think of as a message mailbox). • Broadcast Receiver components “ subscribe ” to specific action strings (possibly multiple) ‣ action strings are defined by the system or developer ‣ component is automatically called by the system • Recall that Android provides automatic Activity resolution using “action strings”. ‣ The action string was assigned to an Intent object ‣ Sender can specify component recipient (no action string) NC State -- Department of Computer Science Page 21
The Android Manifest • Manifest files are the technique for describing the contents of an application package (i.e., resource file) • Each Android application has a special AndroidManifest.xml file (included in the .apk package) ‣ describes the contained components • components cannot execute unless they are listed ‣ specifies rules for “auto-resolution” ‣ specifies access rules ‣ describes runtime dependencies ‣ optional runtime libraries ‣ required system permissions NC State -- Department of Computer Science Page 22
Manifest Specification NC State -- Department of Computer Science Page 23
Example Applications • FriendTracker Application FriendTracker Service to poll for friend locations ‣ Broadcasts an Intent when near a friend • FriendProvider Content Provider to store location of friends ‣ Cross references friends with system Contacts Provider • FriendTrackerControl Activity to start and stop the Service ‣ BootReceiver Broadcast Receiver to start the service on boot ‣ • FriendViewer Application FriendViewer Activity to display list of friend locations ‣ FriendMap Activity to show friends on a map (on right) ‣ FriendReceiver Broadcast Receiver to display when near ‣ • Available from http://siis.cse.psu.edu/android_sec_tutorial.html NC State -- Department of Computer Science Page 24
Recommend
More recommend