1 / 41

A Comparison of Android and iOS Security Models

A Comparison of Android and iOS Security Models. Trevor L. Buttrey. vs. Reasons for Concern. Smartphones are advancing technologically Have become popular People are growing more dependant upon them Size makes them easy to lose

Download Presentation

A Comparison of Android and iOS Security Models

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Comparison ofAndroid and iOS Security Models Trevor L. Buttrey Computer and Information Sciences

  2. vs. Computer and Information Sciences

  3. Reasons for Concern • Smartphones are advancing technologically • Have become popular • People are growing more dependant upon them • Size makes them easy to lose • Security problems are becoming more of an issue as users store more and more personal information on them Computer and Information Sciences

  4. Unsecure Devices Allow • Access to emails and social networking accounts • Access to personal messages • Access to phone book • Access to phone accounts • Access to personal and confidential information Computer and Information Sciences

  5. Unsecure Devices Allow • Access to bank accounts • Access to mobile payments • Access to web accounts • Access to passwords • Knowledge of location Computer and Information Sciences

  6. The 5 Security Pillars Traditional Access Controls Permissions -based Access Control Encryption Application Provenance Isolation Computer and Information Sciences

  7. Traditional Access Controls Computer and Information Sciences

  8. Traditional Access Control iOS • Password and passcode locking mechanisms • Touch ID • Device self-wipe capabilities • Lockout of internal memory if not unlocked • Memory is soldered to PCB Computer and Information Sciences

  9. Traditional Access Control Android • Starting with 2.x, password, passcode, and pattern locking mechanism, • 4.0 introduced facial recognition • Other locking methods include fingerprint readers and pictures. • Lockout of internal memory if not unlocked • SD card removable Computer and Information Sciences

  10. Data Encryption Computer and Information Sciences

  11. Data Encryption iOS • Hierarchy of encryption keys: • Passcode Key • Hardware Keys: Unique ID (UID) and device group ID (GID) • AES 256-bit keys • Built Into Hardware and not directly accessible • File System Key • Generated Randomly and stored in Flash Memory • Used to encrypt File Metadata • Per File Key • Encrypted by Class Key for file’s encryption class • Encrypts contents of files on disk Computer and Information Sciences

  12. Data Encryption iOS • Encryption Classes • Complete Protection • Only Decryptablewhen unlocked, unusable when locked • Protected Unless Open • Uses Asymmetric Elliptic Curves (it’s complicated) • Protected Until First User Authentication • Similar to FDE • No Protection • Only protected by UID Computer and Information Sciences

  13. Data Encryption iOS • Effaceable Storage • Low Level access to storage for secure wiping • Used to erase File System Key Computer and Information Sciences

  14. Data Encryption iOS • Secure enclave • Securely process fingerprints • Is given the key to decrypt the complete protection data class when locked. • Separate and directly inaccessible to OS Computer and Information Sciences

  15. Data Encryption Android • Some data encryption present • Android 3.x “Honeycomb” and above support full filesystem encryption (AES128 CBC & ESSIV:SHA256) • SD card encryption is not supported on any version in AOSP • Device Manufacturers Can implement this themselves Computer and Information Sciences

  16. Data Encryption Android • Samsung Knox: • Brings android closer to iOS • Supports AES-256 encryption of internal storage and SD cards Computer and Information Sciences

  17. Permissions-based Access Control Computer and Information Sciences

  18. Permissions-based Access Control • After an app is installed, it has access to all permitted resources of that device • It can perform any kind of malicious operation using the permissions provided Computer and Information Sciences

  19. Permissions-based Access Control iOS • Each app is given only certain permissions by iOS • Once installed, user has granted app access to any of the devices resources • Apps can use most resources without additional permission • May access things they don’t need • Does not require permission of the user Computer and Information Sciences

  20. Permissions-based Access Control Android • Follows Capability-Based Security Model • App must request specific permissions from OS before access • User sees what is being requested and must grant permission before app is installed • Once app is granted permission, it could perform malicious activity using those permissions Computer and Information Sciences

  21. Permissions-based Access Control Android vs. iOS • Android allows more access to the system than iOS does • Android only gives explicit permissions to apps while apps installed on iOS can perform any operation as defined by the OS Computer and Information Sciences

  22. Default App Permissions: Android vs. iOS iOS Android Internet YouTube History Phone Number Read SD Card WiFi Connection Logs List of Installed Apps Address Book Music/Video Files Calendar Safari Search History Mic and Video Camera Launch An Installed App Device UID Auto-Complete Computer and Information Sciences

  23. Requestable App Permissions: Android vs. iOS iOS Android Location (GPS) Prevent Phone From Sleeping Internet Fine Location (GPS) Coarse Location (Network) Record Audio SMS/MMS Send/Receive Calendar Address Book Push Notifications Manage Accounts Make Phone Call Music/Video/Picture SD Read/Write Make and Terminate Calls Control NFC Send SMS/MMS Access Device Logs Obtain Task List Make Bluetooth Connections Computer and Information Sciences

  24. Which is Legitimate? AndroidOS.FakePlayer Legit Video Player Computer and Information Sciences

  25. Application Provenance Computer and Information Sciences

  26. Application Provenance iOS • Robust signing system • Apple provides digital certificate only to those who register • $100 per year • Thorough analysis of apps, takes weeks Computer and Information Sciences

  27. Application Provenance Android • Not a robust signing system • Anonymous signing certificates can be made without oversight from Google • Allows legitimate applications to be repackaged after adding malware • Although not signed with the same signature, they will be signed, and can be distributed on the web. Computer and Information Sciences

  28. Isolation Computer and Information Sciences

  29. Programming iOS: • All apps are Objective-C or Swift Android: • Apps run in Dalvik JVM • Android does not use that as main form of isolation as not all code run in the VM • Most web browsers use significant amounts of native code Computer and Information Sciences

  30. Isolation iOS • Sandboxed • Own home directory • Must use APIs to access or modify system settings • Cannot communicate with other apps directly • Nothing runs as root except kernel Computer and Information Sciences

  31. Isolation iOS • Declared Entitlements • Digitally signed • Allow extra permissions • Alternative to running as root Computer and Information Sciences

  32. Isolation Android • Sandboxing • Uses native Linux user-based permissions model • Each app is it’s own user • Secured by the Linux kernel itself Computer and Information Sciences

  33. Isolation Android • Samsung Knox: • Further separates applications • Prevents access to Android APIs • Reduces API set allows data in, but not out Computer and Information Sciences

  34. Jailbreaking, Rooting, and Exploits Computer and Information Sciences

  35. Jailbreaking, Rooting, and Exploits iOS • Jailbreaking: Uses exploits (buffer overflows among other things) to allow unsigned code to run Android • Rooting: Uses exploits (usually buffer overflows) to load a su binary (usually harder than it sounds) to allow apps to run with elevated privileges Computer and Information Sciences

  36. Jailbreaking, Rooting, and Exploits The Point: Although the uses for the exploits are usually beneficial for the user, their existence represents flaws in OS’s that can be leveraged by malicious apps. Computer and Information Sciences

  37. Jailbreaking and Rooting Advantages: • The (hacking) community can push out patches for other exploits faster than the manufactures (iOS PDF) • Finer control over the system Computer and Information Sciences

  38. Jailbreakingand Rooting Disadvantages: • May cause security vulnerabilities • May “brick” the device • May void the warranty Computer and Information Sciences

  39. After running the exploits, the device may become vulnerable in other ways (iPhone.Ikee) Computer and Information Sciences

  40. Summary • Both have Strong Isolation • iOS’s Permission system is static, but due to vetting process harder for apps to abuse them. • Android’s Permission system is flexible, but requires user vigilance. • Both have Strong Traditional access controls • Both have encryption on recent versions, however android 2.x versions don’t have any and 3.x+ encryption pales compared to iOS • Apple has a stronger vetting process, but also takes longer for app updates • Android has weaker vetting process, but updates get pushed out almost immediately Computer and Information Sciences

  41. xkcd,com Computer and Information Sciences

More Related