Cryptography Reference
In-Depth Information
implementation of a more fine-grained and dynamic access control monitor to its
interface.
Furthermore, the developer also has to request the appropriate permissions in the
manifest if an application wants to access sensitive hardware of a device. This
protects sensitive APIs and requires explicit user approval when applications use
particular interfaces, such as the network, camera, or GPS. All permissions are
granted during the installation of an application. Depending on the protection
level, this is done automatically by the system, or if required, with involving the
user.
The installation of an application aborts if one or more of the requested permis-
sions are not granted. Note that permissions are granted statically, i.e. they cannot
be revoked or added later. Android defines four protection levels for permissions:
normal, dangerous, signature, signatureOrsystem:
The “normal” permissions level grants access to interfaces that can only cause
minimal damage to applications, the system, or the user. This permission level is
always granted by the system at install time. The user is not queried explicitly.
The “dangerous” level of permissions implies a higher risk for privacy-sensitive
data or it gives control over application features that can badly affect the phone or
the user. Thus, the user has to approve a list of requested permissions at installa-
tion time.
The “signature” level denotes a permission level declared by a specific application,
say A. Another application, B, can request these permissions. Android grants them
if the requesting application B was signed with the same key as A. This process
does not require any user interaction.
All applications in the system image possess the “signatureOrSystem” permission
level. Additionally - similar to the signature level - applications which are signed
with the same key as the applications in the system image are also granted this
permission level.
Android puts a lot of effort in the protection of the inter-application and inter-
component communication. A large variety of security mechanisms has been
defined for runtime environment. However, apart from URI permissions and the
rather unspecific permission system for intents, data security has received little
attention.
10.3 Security Threats and Problems
Despite of the security mechanisms introduced above, Smartphones are still facing
numerous security threats and problems. Since Smartphones are consumer devices,
it is barely adequate to blame users for this; instead security mechanisms chosen by
the operating system developers should cope with this.
Search WWH ::
Custom Search