Android 安全框架 -- 总概
2017-02-13 10:29
393 查看
先吐槽一下,那些说Android不安全的人(早期版本的确存在一些问题,比如APP权限管理太粗放,这个我会在后面的文章进行讲解),到底有没有认真了解过它的安全架构,它从低至上的安全机制难道不让人心动?
既然Android的安全框架优秀,那到底它做了些什么呢?下面这张图做了很好的解释
![](https://img-blog.csdn.net/20170214182826440?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvYmx1ZV9ydXNo/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center)
这张图很直观但我觉得还不够详细,我把Android的安全功能归类为
Trust binary
Runtime security
Security data storage and exchange
我自己整理了一个表格
既然Android的安全框架优秀,那到底它做了些什么呢?下面这张图做了很好的解释
这张图很直观但我觉得还不够详细,我把Android的安全功能归类为
Trust binary
Runtime security
Security data storage and exchange
我自己整理了一个表格
| ||||
Category | item | description | Android M status | What we need to implement |
Trust binary | Secure boot | Make sure only boot image signed by Harman can be booted on our hardware device. The boot image is verified by the boot rom, is designed by OEM(TI). | depends on HW platform | Integrate SOC's secure boot support |
verified boot | Verified boot guarantees the integrity of the device software starting from a hardware root of trust up to the system partition. During boot, each stage verifies the integrity and authenticity of the next stage before executing it. | Bootloader requirements and Green/Yellow/Red Boot state definition. · "boot_signer" tool (system/extra/verify) to append signature to the boot image · Adopt Linux kernel's "dm-verity" for block based partition, e.g. system, verification · build/tools/releasetools/build_image.py now handles overall creation of dm-verity signed filesystem images · build/target/product/verity.mk · PackageManager aware of verified boot by system/etc/permissions/android.software.verified_boot.xml | · Verify boot and recovery partition with HW fused OEM key as well as embeded ceritication | |
OTA update | Secure SW update. | Propose the Redbend solution | ||
3rd APP install | Check the signature of 3rd APP, make sure the APP is valid. | Done by Google | ||
Runtime security | Process sandbox | Using the DAC(Discretionary Access Control) and SELinux(Mandatory Access Control) to provide a fine granular access control mechanism to enforce the concept of least privilege. | Done by Google | Add the new rules for the new files and process |
APP permission | Done by Google | Prefer to provide a HMI menu to manage the APP permission dynamically | ||
Trust execute environment | Using hardware feature to provide a isolate execute environment | Done by Google and SOC supplier | If OEM need some new feature, should develop with the SOC supplier together. | |
Security data storage and exchange | Full disk encryption | Full disk encryption is the process of encoding all user data on an Android device using an encrypted key. Once a device is encrypted, all user-created data is automatically encrypted before committing it to disk and all reads automatically decrypt data before returning it to the calling process. | Done by Google | |
Keystore | The availability of a trusted execution environment in a system on a chip (SoC) offers an opportunity for Android devices to provide hardware-backed, strong security services to the Android OS, to platform services, and even to third-party apps. |
相关文章推荐
- 使用C++实现JNI接口需要注意的事项
- Android IPC进程间通讯机制
- Android Manifest 用法
- [转载]Activity中ConfigChanges属性的用法
- Android之获取手机上的图片和视频缩略图thumbnails
- Android之使用Http协议实现文件上传功能
- Android学习笔记(二九):嵌入浏览器
- android string.xml文件中的整型和string型代替
- i-jetty环境搭配与编译
- android之定时器AlarmManager
- android wifi 无线调试
- Android Native 绘图方法
- Android java 与 javascript互访(相互调用)的方法例子
- android 代码实现控件之间的间距
- android FragmentPagerAdapter的“标准”配置
- Android"解决"onTouch和onClick的冲突问题
- android:installLocation简析
- android searchView的关闭事件