SlideShare a Scribd company logo

Mobile Security Architecture Proposed for Android

Manjesh Mani
Manjesh Mani
Technology
1 of 6
Download to read offline
2012 Ninth International Conference on Information Technology - New Generations 2012 Ninth International Conference on Information Technology- New Generations A Secure Software Architecture for Mobile Computing Hassan Reza, and Narayana Mazumder School of Aerospace Science, University of North Dakota Grand Forks, USA 58201 reza@aero.und.edu Abstract. Mobile computing is considered as low-end Performance and security are perceived paramount computing systems. It currently dominates almost all qualities for the modern mobile computing aspects of our lives from mobile banking to mobile systems. purchasing to mobile skypeing, etc. With the increasing demand of smartphones in today’s world, making the Mobile systems (e.g., smartphones) do not have system secure is very important. Software architecture plays an important role to achieve both functionalities the computing capabilities attributed to desktops and quality (e.g., security) of a system. This paper or laptops. As such, one cannot implement surveys the software architecture of five of the leading everything in a smartphones that can be mobile operating systems such as Android (Linux), implemented in full-fledged traditional computing Blackberry, iPhone (Mac OS X), Symbian, and systems. Some on the limitations of smartphones Windows Mobile. Our survey study indicates that are as follows: Android is the most promising of al and identifies security issues with Android. The paper then proposes Smartphones run in battery and has significant improved software architecture to resolve these issues. power constraint. More specifically, our proposed software architecture attempts to enhance the security of Android without Smartphones doesn’t have the same CPU comprising it performance. power as a computer. Smartphones have limited RAM as compared Key Words: Software Architecture, Security to a computer. Engineering, Mobile Computing, Android, Operating With the implementation of 3G network Systems. speed, the internet download and upload speed of the cellular networks has shown great 1. Introduction improvement. Screen size plays a major role and is a very The demand for Smartphones is increasingly important issue which needs to be taken into growing at an exponential rate; it is expected to consideration while building an operating soon pass laptops’ sale as a device for mobile system. computing [9]. Initially, cell phones were only used to perform simple tasks such as making In the next section, a brief background of the phone calls and/or exchanging text messages. surveyed operating systems is given together with Currently, cell phones are becoming more their comparison table. Using analysis result, two sophisticated by providing functionalities that of the leading operating systems are selected and once expected from laptop and/or desktop their architectures are explained in section 3. The computing systems. For example, using cell shortcomings and security risks of the selected phone, callers can now interact with system using architecture are discussed in section 4. Sections 5 spoken language, brows internet, exchange emails, and 6, discuss our proposed enhancements chat online and social network medias, use together with their architectural solutions. navigation systems, etc. Further, new and unimaginable capabilities can be incorporated in 2. Background and Comparison the mobile computing at any time and rate using new apps. Blackberry: Blackberry was introduced by Research In Motion (RIM) in 1999 which started 978-0-7695-4654-4/12 $26.00 © 2012 IEEE 566 DOI 10.1109/ITNG.2012.122
as a simple two-way pager, but it quickly became Openness S Ns Ns Ps Ps one of the most widespread of the mobile devices Security Ps S S Ps Ps Cost S Ps Ns Ps Ps [6].Blackberry software platform has a layered Hardware S Ns Ns S S architecture. It was the first mobile operating Independence system for smartphones. Usability S Ps S Ps Ps S = Satisfied; Ps = Partially satisfied; Ns = Not satisfied; Symbian: In 1998, Nokia, Ericsson, Panasonic, and Samsung got together and collaboratively Table 1: Summary of mobile platform categories created single operating system to run their devices [4]. The result from the above table has been used to select the software architecture of two leading iPhone: Apple announced iPhone at the operating systems. The selection criteria depended MacWorld expo in San Francisco in January 2007 on the availability and popularity of the operating [1]. The iPhone was the first smartphone which systems. Android was selected as one of the had huge popularity amongst the general users and contenders of the research because of the openness it quickly snatched some of the market share from and extremely user-friendliness of the operating RIM and Symbian and it quickly became a status system. Apple’s iOS was selected as the second symbol [4]. contender of the research. One of the major reason behind selecting iOS as another contender is due Android: Currently, Android is the most popular to its current popularity and innovation in the operating system out of the several Linux based design. mobile operating systems (e.g.,Maemo) [6]. In November 2007 Google released the operating 3. Architecture of iOS and Android OS system Android under the Open Handset Alliance with the goal of being an open source platform for iOS Architecture: Apple’s iOS is a sligthly software development on mobile platform [1]. different than Android, because Apple develops Android software architecture is based layered and controls both the end product and the architectural style [20] [21]; Android provides a operating system. Therefore, it is difficult to run custom built virtual machine (Dalvik) for the Apple’s iOS in any other device because of lack of applications to run; it also acts as the middleware access to source code. iOS [13] has a layered between code and the main operating system [4]. architecture and is shown in figure 1. Table 1 summaries our survey results. An Blackber iPhon Symbi Windo droi ry e an ws d Mobile Network S Ps Ps S S Scanning Network Ps S S S S Interface Selection Bluetooth I/O S S Ns S S Network S S Ns Ns S Interface Control Background S S S S S Figure 1: Architecture of Apple’s iOS processing / Multitasking Energy S S S S S Apple doesn’t allow any third party developer to Monitoring look into and work in any of the architecture level. Power Saving S S Ps S S The architecture is much closed from the outside Low-level S S S S S memory world. Developers can only interact through one management little window called Cocoa. The main application Location S Ns S S S development language is Objective-C [13]. Sensing Persistent S S S S S Since, Apple controls the whole environment – storage from chip to application to final device, it does not 567
require a virtual machine. This is one of the major Libraries: The surface manager of Android reasons why Apple’s iOS cannot be installed in library takes care of the display of the system and any other device. The operating system is totally OpenGL is an open-source utility which takes care dependent on the device. Thus, the portability of of graphics of the system. The media libraries are the software can be an issue with Apple’s iOS responsible for playback and recording of audio [13]. This is the reason why it is becoming less and video formats. FreeType takes care of the font popular nowadays as compared to Android – of the texts. The database engine of Android is which can be installed in any device which fulfils SQLite and Android’s browser is a Webkit the basic requirement of the system [11]. browser which is another open-source utility [12]. Android architecture: Android is s a software One of the important parts of the library systems stack (see Figure 2) for mobile devices which that plays a major role is our research is the Bionic includes an operating system, a middleware and ‘Libc’ of Android. Libc is a set of C/C++ library key applications. Android SDK provides the tools system. It is a custom libc implementation of and APIs necessary to develop an application general Linux libc, optimized for embedded use. using JAVA (which is a popular language amongst The advantage of this is that it is smaller in size the developers. The main advantage of Android and has faster code paths that are perfectly suited over Applie’s iOS is that it is open-source and is for mobile devices. This makes the system fast and based on Linux and is free to be used. Due the quick to respond to any request. One of the biggest presence of the Dalvik virtual machine (discussed disadvantages of this custom implementation is later) Android is fast; its hardware is independent, that it is not compatible with the standard Gnu which makes it portable [12]. Libc (glibc) [12]. Android Runtime: The development language that is used in this section is Java. The core Libraries of Android is very powerful, yet simple and familiar development platform as it is very similar to Linux. Dalvik Virtual Machine (DVM): This is one of the most important reasons why Android is so fast and suitable for mobile systems. Dalvik virtual machine focuses on two of the most important issues of mobile system: limited space, and limited power. It also increases the portability of the system because it can be implemented in any mobile system and is independent of the hardware. DVM converts all the files into smaller and more optimized (.dex) suitable for mobile systems [12]. One of the interesting features of DVM is that it Figure 2: Architecture of Android [12] supports multiple virtual machine processes meaning that if two applications are running at the Linux Kernel: Android is based on Linux but is same time, they may work on two separate virtual not Linux. The kernel of Android relies on Linux machines. This feature can improve the version 2.6 for core system services such as performance of the system. security, memory management, process management, network stack, and driver model. Application Framework and Application: The This is the abstraction layer between the hardware activity manager is responsible to keep track of and the rest of the software stack [12]. This means life cycle of any application. For example, suppose that as long as any device satisfies this layer a user is running an application and then she opens Android can be installed in that device. another application and minimizes the current application. She may forget about the minimized 568
application later on. Activity manager does a very each and every method cannot be applied in good job by tracking the idle time of a minimized Android because Android libraries have been application and killing it when the system runs out modified to a large extent to make them suitable of memory. The content provider takes care of the for mobile systems. shared data between applications. Therefore, due to performance (speed), openness, and portability Detecting malicious application: The following of Android, it can be reasonably expected that it procedure needs to be performed in order to detect will lead the modern mobile computing [11]. a malicious software/application: 4. Security risks of Android OS 1. Identify executable files linking format executables installed on the Linux side of In the previous section we have discussed that the Android operating system (applications that presence of Dalvik Virtual Machine (DVM) are pre-installed in the system). improves the performance of Android operating 2. Perform a statistical analysis of the function system. With the increasing complexity of the calls by these applications and keep a record Android OS with each new release [12], it is of the analysis in a log file. becoming more capable to perform different tasks 3. Compare the result to the newly installed which may compromise security. applications for detecting significant difference. Security is a very important issue that was not 4. Create a decision tree to determine the level of given much considerations We have discussed suspicion. earlier that the openness of Android makes it more popular amongst the developers and end-users. In what follows, we attempt to find out if existing But, an operating system cannot be made open at tools can be adopted for Android based systems. the cost of the system’s security. For example, Since, Android is a Linux based operating system Rootkits are malware that modify operating it is possible to incorporate security measures system’s data to achieve malicious goals. In some designed for Linux based desktop operating cases, Rootkits can create even more devastating system. But, three important factors need to be effects by spying on conversations via GSM [2]. taken into consideration: 1)the processing power Since, Android can be installed in any mobile and memory of a mobile system is very low as hardware and for any carrier such as GSM and compared to a desktop/laptop; 2)mobile systems CDMA. As such, it is more vulnerable to these do not have enough space as compared to a kinds of threats. desktop; 3) android’s libraries has been highly modified to make it suitable for mobile systems. 5. Enhancing security of Android OS The antivirus tool that was selected is Clam Android allows modifications even in the AntiVirus which is an open source (GPL) anti- operating system level. The openness of the virus toolkit for UNIX [16]. Although all of the system can not only be a threat to the system but parameters were not tested but for the most part, it also can be used to protect the system from works. malicious intrusion. Since, a third party application developer has access to all the levels of Netfilter is an open source firewall tool that has software architecture; they can develop kernel- been selected for our purpose. It hooks inside the based low level security tools. In Android, Linux kernel. This is possible to be implemented malware detection techniques can be implemented in Android OS as it is an open-source OS [17]. even at the kernel level. Chkrootkit has been chosen for this work. It scans Linux is known for its security; there are security for signs of worms, rootkits and Linux Kernel software available for Linux based system. Since, Module (LKM) Trojans. It inspects binaries, Android is based on Linux; one can test the checks logs for suspicious interfaces and looks for applicability of existing signature and intrusion hidden files [18]. detection methods in Android environment. But, 569
Snort is a well-known Linux tool which is used for we cannot slow down the performance of a system intrusion detection. It analyzes the traffic and in order to make the system more secure. packet logging on IP networks; it scans each and every port and checks for other suspicious In this section, we propose revised software behavior [19]. architecture to enhancing the security without compromising performance of Android by implementing intrusion detection techniques in the system itself. Figure 4 shows the software architecture without security improvement. Figure 4: Skeleton of Proposed Architecture Figure 5 shows the revised but improved software architecture of the Android to improve security. As can be seen from the figure, the proposed architecture includes a monitoring and a detection client security feature, and a control daemon. It has a database interface which allows the third party applications to access the database. The Figure 3: Decision tree; ‘y’ means it appears in the application framework level includes all the static table of an executable; ‘n’ means that it does functionalities needed to monitor any application’s not. activity. 6. Proposed Software Architecture A detection manager is included at this level; it In the previous sections, we noticed that the constantly monitors the behavior of all the running Android’s architecture has been designed to applications, which might include a malicious one. provide fast respond. For example, the inclusion of It also checks for any malicious behavior by any virtual machine and the fact that many virtual third-party application or from network. machines can be activated simultaneously, improves the performance significantly [12]. In The control daemon is responsible for constantly this section we attempt to extend the architecture checking the status of the detection manager. The of Android to incorporate some security measures. detection manager on the other hand, extracts Finally, we propose and modified layered information from Linux kernel and files systems architecture which makes the system fast and that are stored as reference and compares it with secure. the behavior of the third party application (discussed in ‘Detecting Malicious Application’). One way to make a system more secure is by For example, if it finds any anomalies and incorporating some of the security aspects at suspicious behaviors, it informs the control architectural level [10] [21]. Though some of the daemon about it. One needs to note that the above mentioned applications can be implemented detection manager itself does not do anything to in the Android operating system to boost security the malicious application (if found). There are two by detecting threats and mitigating against them, it major reasons behind this. First, if the detection is more cost effective to incorporate security manager itself tries to stop the malicious activity, mechanisms at architectural level [21] [10]. But it has to stop itself from monitoring the activities of other possible threats. Secondly, it will 570
significantly hamper the performance of the Implications and Opportunities. HotMobile Rutgers system. University, Annapolis Maryland, 2010, pp. 1-6. [3] T. Gronli, J. Hansen, and G. Ghinea, Android vs. In Figure 5, the control daemon usually remains Windows Mobile vs Java ME. PETRA 2010, Brunel quiet and does not interfere with any of the University, 2010, pp. 37-44. system’s activities. However, as soon as it senses any abnormality from the detection manager, it [4] S. P. Hall, and E. Anderson. Operating Systems for Mobile Computing, Consortium Computing Sciences becomes active. Depending on the risk and in College: Rocky Mountain Conference, 2009, pp. 64- maliciousness of the activity it then stops the 71. malicious access to data. In case, an activity is severely malicious it immediately stops the [5] A. Litke, K. Zotos, and G. Stephanides. Energy consumption Analysis of Design Patterns. Applied applications access to the libraries and instantly Informatics, Greece, 2005, pp. 86-90. blocks the database interface layer’s door that can only be accessed by the control daemon. This [6] E. Oliver, A Survey of Platforms for Mobile feature, in turn, ensures that the data remains Networks Research. Mobile Computing and relatively secure. Communications Review, December 2008, pp. 56-63. [7] C. Thompson, J. White, and D.C. Schmidt. Analyzing Mobile Application Software Power Consumption via Model-Driven Engineering. ACM MobiSys, 2010, pp.1-15. [8] N. Vallina- Rodriguez, P. Hui, J. Crowcroft, and A. Rice. Exhausting Battery Statistics. Mobiheld, 2010, pp.9-14. [9] http://mobilewebsitewatch.com/page/2/ Figure 5: Modified architecture of Android [10] P. Clements, R. Kazman, and M. Klein. Evaluating 7. Conclusion and Future Work Software Archiecture: Methods and Case Studies. Addison Wesley, 2002. In this work, we discussed the importance of low- end computing, namely, mobile computing. [11] Canalys Report. http://www.canalys.org Toward this goal, we studied and analyzed five leading mobile phone operating systems. Our [12] Android. http://code.google.com/android/ study has shown that Android is a promising [13] iPhone. http://developer.apple.com/iphone/ platform because of its openness and portability. We also discussed some security issues related to [14] R. Quinlan. Induction of decision trees, Machine Android operating system. Toward this end, we Learning, vol. 1(1), pp. 81–106, 1986. proposed an enhancement that works with the [15] K.A. Yuksel, O. Kiraz. Enhancing security of software architecture of Android. Linux-based Android devices, Sabanci University, Istanbul pp. 4-8. The results in this study have not been empirically validated yet. Therefore, future work will attempt [16] Clam Antivirus. http://www.clamav.net/ the practicality of our hypothesis by experimenting [17] [17] Netfilter. http://www.netfilter.org our theories on real mobile computing systems. [18] ChkRootkit http://www.chkrootkit.org References [19] Snort http://www.snort.org [1] M. Anvaari, and S Jansen. Evaluating Architectural Openness in mobile Software Platforms. ESCA 2010, [20] M. Shaw and D. Garlan. Software architecture: Copenhagen, Dennmark,2010, pp. 85-92. perspectives on an emerging discipline, Pearson, 1996. [2] J. Bickford, R. O’hare, A. Baliga, V. Ganathapy, and L.Iftode. Rootkits on Smart Phones: Attacks, [21] H. Reza, E. Grant: Quality-Oriented Software Architecture. ITCC-2005 (1), pp:140-145, 2005. 571

Recommended

Comparison of Concurrent Mobile OS Characteristics
Comparison of Concurrent Mobile OS CharacteristicsComparison of Concurrent Mobile OS Characteristics
Comparison of Concurrent Mobile OS CharacteristicsIJLT EMAS
 
Android
AndroidAndroid
Androiddavs7
 
Mobile sector's idea
Mobile sector's ideaMobile sector's idea
Mobile sector's ideaChen Chen
 
Handheld Slideshow J Heggarty
Handheld Slideshow J HeggartyHandheld Slideshow J Heggarty
Handheld Slideshow J HeggartyMike Moran
 
Discovering Computers: Chapter 03
Discovering Computers: Chapter 03Discovering Computers: Chapter 03
Discovering Computers: Chapter 03Anna Stirling
 
Chapter01
Chapter01Chapter01
Chapter01besimdurguti
 
Capítulo 1 Discovering Computers
Capítulo 1 Discovering ComputersCapítulo 1 Discovering Computers
Capítulo 1 Discovering Computerszihat
 
Developing For The Pervasive Internet Of Things
Developing For The Pervasive Internet Of ThingsDeveloping For The Pervasive Internet Of Things
Developing For The Pervasive Internet Of ThingsVictoria Romero-Gomez
 

Recommended

Comparison of Concurrent Mobile OS Characteristics
Comparison of Concurrent Mobile OS CharacteristicsComparison of Concurrent Mobile OS Characteristics
Comparison of Concurrent Mobile OS CharacteristicsIJLT EMAS
 
Android
AndroidAndroid
Androiddavs7
 
Mobile sector's idea
Mobile sector's ideaMobile sector's idea
Mobile sector's ideaChen Chen
 
Handheld Slideshow J Heggarty
Handheld Slideshow J HeggartyHandheld Slideshow J Heggarty
Handheld Slideshow J HeggartyMike Moran
 
Discovering Computers: Chapter 03
Discovering Computers: Chapter 03Discovering Computers: Chapter 03
Discovering Computers: Chapter 03Anna Stirling
 
Chapter01
Chapter01Chapter01
Chapter01besimdurguti
 
Capítulo 1 Discovering Computers
Capítulo 1 Discovering ComputersCapítulo 1 Discovering Computers
Capítulo 1 Discovering Computerszihat
 
Developing For The Pervasive Internet Of Things
Developing For The Pervasive Internet Of ThingsDeveloping For The Pervasive Internet Of Things
Developing For The Pervasive Internet Of ThingsVictoria Romero-Gomez
 
Discovering Computers: Chapter 02
Discovering Computers: Chapter 02Discovering Computers: Chapter 02
Discovering Computers: Chapter 02Anna Stirling
 
Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)aburgosguzman
 
Small computing & Mobile Computing
Small computing & Mobile ComputingSmall computing & Mobile Computing
Small computing & Mobile ComputingPaul Kahoro
 
Mobile system overview
Mobile system overviewMobile system overview
Mobile system overviewJack Zheng
 
Ios operating system
Ios operating systemIos operating system
Ios operating systemKhaja Moiz Uddin
 
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...hlittle
 
Mobile technologies
Mobile technologiesMobile technologies
Mobile technologiesSarankumar Rajagopal
 
Andriod vs iphone
Andriod vs iphoneAndriod vs iphone
Andriod vs iphoneIovely Khokhar
 
Chapter 01
Chapter 01Chapter 01
Chapter 01abdisalaam2012
 
Chapter 01 - Introduction to Computers
Chapter 01 - Introduction to ComputersChapter 01 - Introduction to Computers
Chapter 01 - Introduction to Computerspatf719
 
Evolution of the Mobile Ecosystem
Evolution of the Mobile EcosystemEvolution of the Mobile Ecosystem
Evolution of the Mobile EcosystemKathy Gill
 
Android vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspectiveAndroid vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspectiveRaj Pratim Bhattacharya
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Report
ReportReport
ReportVrishab Ml
 
Ppt on World Of Smartphones
Ppt on World Of SmartphonesPpt on World Of Smartphones
Ppt on World Of SmartphonesPulkit Syal
 
WindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOSWindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOSpraneethbabji
 
Pharma times mobile[2]
Pharma times mobile[2]Pharma times mobile[2]
Pharma times mobile[2]Doctors.net.uk
 
Andriod vs iOS
Andriod vs iOSAndriod vs iOS
Andriod vs iOSAmara Zafar
 
Course overview 1
Course overview 1Course overview 1
Course overview 1Michael Shrove
 
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...WithTheBest
 
Ijetr021120
Ijetr021120Ijetr021120
Ijetr021120Engineering Research Publication
 
Ijetr021120
Ijetr021120Ijetr021120
Ijetr021120ER Publication.org
 

More Related Content

What's hot

Discovering Computers: Chapter 02
Discovering Computers: Chapter 02Discovering Computers: Chapter 02
Discovering Computers: Chapter 02Anna Stirling
 
Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)aburgosguzman
 
Small computing & Mobile Computing
Small computing & Mobile ComputingSmall computing & Mobile Computing
Small computing & Mobile ComputingPaul Kahoro
 
Mobile system overview
Mobile system overviewMobile system overview
Mobile system overviewJack Zheng
 
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...hlittle
 
Chapter 01 - Introduction to Computers
Chapter 01 - Introduction to ComputersChapter 01 - Introduction to Computers
Chapter 01 - Introduction to Computerspatf719
 
Evolution of the Mobile Ecosystem
Evolution of the Mobile EcosystemEvolution of the Mobile Ecosystem
Evolution of the Mobile EcosystemKathy Gill
 
Android vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspectiveAndroid vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspectiveRaj Pratim Bhattacharya
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Ppt on World Of Smartphones
Ppt on World Of SmartphonesPpt on World Of Smartphones
Ppt on World Of SmartphonesPulkit Syal
 
WindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOSWindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOSpraneethbabji
 
Pharma times mobile[2]
Pharma times mobile[2]Pharma times mobile[2]
Pharma times mobile[2]Doctors.net.uk
 
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...WithTheBest
 

What's hot (20)

Discovering Computers: Chapter 02
Discovering Computers: Chapter 02Discovering Computers: Chapter 02
Discovering Computers: Chapter 02
 
Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)Development of mobile applications andrés burgos(english4-second draft)
Development of mobile applications andrés burgos(english4-second draft)
 
Small computing & Mobile Computing
Small computing & Mobile ComputingSmall computing & Mobile Computing
Small computing & Mobile Computing
 
Mobile system overview
Mobile system overviewMobile system overview
Mobile system overview
 
Ios operating system
Ios operating systemIos operating system
Ios operating system
 
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
Which Mobile OS is the Most Secure; Apple, Android or Windows? [Updated 2016-...
 
Mobile technologies
Mobile technologiesMobile technologies
Mobile technologies
 
Andriod vs iphone
Andriod vs iphoneAndriod vs iphone
Andriod vs iphone
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Chapter 01 - Introduction to Computers
Chapter 01 - Introduction to ComputersChapter 01 - Introduction to Computers
Chapter 01 - Introduction to Computers
 
Evolution of the Mobile Ecosystem
Evolution of the Mobile EcosystemEvolution of the Mobile Ecosystem
Evolution of the Mobile Ecosystem
 
Android vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspectiveAndroid vs ios System Architecture in OS perspective
Android vs ios System Architecture in OS perspective
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating System
 
Report
ReportReport
Report
 
Ppt on World Of Smartphones
Ppt on World Of SmartphonesPpt on World Of Smartphones
Ppt on World Of Smartphones
 
WindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOSWindowsMobile_vs_SymbianOS
WindowsMobile_vs_SymbianOS
 
Pharma times mobile[2]
Pharma times mobile[2]Pharma times mobile[2]
Pharma times mobile[2]
 
Andriod vs iOS
Andriod vs iOSAndriod vs iOS
Andriod vs iOS
 
Course overview 1
Course overview 1Course overview 1
Course overview 1
 
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
Beam Internets Everything: The Only Unified Messaging Platform that Connects ...
 

Similar to Mobile Security Architecture Proposed for Android

Penetration Testing for Android Smartphones
Penetration Testing for Android SmartphonesPenetration Testing for Android Smartphones
Penetration Testing for Android SmartphonesIOSR Journals
 
Operating Systems in Mobile Phones
Operating Systems in Mobile PhonesOperating Systems in Mobile Phones
Operating Systems in Mobile PhonesSasukeJUchiha
 
Network and Mobile Operating System
Network and Mobile Operating SystemNetwork and Mobile Operating System
Network and Mobile Operating SystemEdwin S. Garcia
 
Mobile Operating System
Mobile Operating SystemMobile Operating System
Mobile Operating SystemSonal Poddar
 
a study of evolutionary mobile operating system
a study of evolutionary mobile operating system a study of evolutionary mobile operating system
a study of evolutionary mobile operating system aravindhawan
 
Handheld operting system
Handheld operting systemHandheld operting system
Handheld operting systemAj Maurya
 
Handheld operting system
Handheld operting systemHandheld operting system
Handheld operting systemAj Maurya
 
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORM
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORMPERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORM
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORMIJNSA Journal
 
Research on Comparative Study of Different Mobile Operating System_Part-2
Research on Comparative Study of Different Mobile Operating System_Part-2Research on Comparative Study of Different Mobile Operating System_Part-2
Research on Comparative Study of Different Mobile Operating System_Part-2Zulkar Naim
 
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...Customizing AOSP For Different Embedded Devices And Integration at Applicatio...
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...ijafrc
 
Write a scholarly review on the following topic. This assignment i
Write a scholarly review on the following topic. This assignment iWrite a scholarly review on the following topic. This assignment i
Write a scholarly review on the following topic. This assignment ilorindajamieson
 
Review On Google Android a Mobile Platform
Review On Google Android a Mobile PlatformReview On Google Android a Mobile Platform
Review On Google Android a Mobile PlatformIOSR Journals
 
System software 1ppt(udated)
System software 1ppt(udated)System software 1ppt(udated)
System software 1ppt(udated)uraj007
 
889448 634356855122132416
889448 634356855122132416889448 634356855122132416
889448 634356855122132416zxdrtyu
 
Dia 1 intro to mobile and xamarin
Dia 1 intro to mobile and xamarinDia 1 intro to mobile and xamarin
Dia 1 intro to mobile and xamarinHernan Zaldivar
 
11.universal mobile application development (umad) on home automation
11.universal mobile application development (umad) on home automation11.universal mobile application development (umad) on home automation
11.universal mobile application development (umad) on home automationAlexander Decker
 
MOBILE OPERATING SYSTEM
MOBILE OPERATING SYSTEMMOBILE OPERATING SYSTEM
MOBILE OPERATING SYSTEMcool192
 
Cellphone the next pc
Cellphone the next pcCellphone the next pc
Cellphone the next pcJebin Joseph
 

Similar to Mobile Security Architecture Proposed for Android (20)

Ijetr021120
Ijetr021120Ijetr021120
Ijetr021120
 
Ijetr021120
Ijetr021120Ijetr021120
Ijetr021120
 
Penetration Testing for Android Smartphones
Penetration Testing for Android SmartphonesPenetration Testing for Android Smartphones
Penetration Testing for Android Smartphones
 
Operating Systems in Mobile Phones
Operating Systems in Mobile PhonesOperating Systems in Mobile Phones
Operating Systems in Mobile Phones
 
Network and Mobile Operating System
Network and Mobile Operating SystemNetwork and Mobile Operating System
Network and Mobile Operating System
 
Mobile Operating System
Mobile Operating SystemMobile Operating System
Mobile Operating System
 
a study of evolutionary mobile operating system
a study of evolutionary mobile operating system a study of evolutionary mobile operating system
a study of evolutionary mobile operating system
 
Handheld operting system
Handheld operting systemHandheld operting system
Handheld operting system
 
Handheld operting system
Handheld operting systemHandheld operting system
Handheld operting system
 
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORM
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORMPERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORM
PERSONAL SAFETY TRIGGERING SYSTEM ON ANDROID MOBILE PLATFORM
 
Research on Comparative Study of Different Mobile Operating System_Part-2
Research on Comparative Study of Different Mobile Operating System_Part-2Research on Comparative Study of Different Mobile Operating System_Part-2
Research on Comparative Study of Different Mobile Operating System_Part-2
 
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...Customizing AOSP For Different Embedded Devices And Integration at Applicatio...
Customizing AOSP For Different Embedded Devices And Integration at Applicatio...
 
Write a scholarly review on the following topic. This assignment i
Write a scholarly review on the following topic. This assignment iWrite a scholarly review on the following topic. This assignment i
Write a scholarly review on the following topic. This assignment i
 
Review On Google Android a Mobile Platform
Review On Google Android a Mobile PlatformReview On Google Android a Mobile Platform
Review On Google Android a Mobile Platform
 
System software 1ppt(udated)
System software 1ppt(udated)System software 1ppt(udated)
System software 1ppt(udated)
 
889448 634356855122132416
889448 634356855122132416889448 634356855122132416
889448 634356855122132416
 
Dia 1 intro to mobile and xamarin
Dia 1 intro to mobile and xamarinDia 1 intro to mobile and xamarin
Dia 1 intro to mobile and xamarin
 
11.universal mobile application development (umad) on home automation
11.universal mobile application development (umad) on home automation11.universal mobile application development (umad) on home automation
11.universal mobile application development (umad) on home automation
 
MOBILE OPERATING SYSTEM
MOBILE OPERATING SYSTEMMOBILE OPERATING SYSTEM
MOBILE OPERATING SYSTEM
 
Cellphone the next pc
Cellphone the next pcCellphone the next pc
Cellphone the next pc
 

Recently uploaded

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Recently uploaded (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Mobile Security Architecture Proposed for Android

  • 1. 2012 Ninth International Conference on Information Technology - New Generations 2012 Ninth International Conference on Information Technology- New Generations A Secure Software Architecture for Mobile Computing Hassan Reza, and Narayana Mazumder School of Aerospace Science, University of North Dakota Grand Forks, USA 58201 reza@aero.und.edu Abstract. Mobile computing is considered as low-end Performance and security are perceived paramount computing systems. It currently dominates almost all qualities for the modern mobile computing aspects of our lives from mobile banking to mobile systems. purchasing to mobile skypeing, etc. With the increasing demand of smartphones in today’s world, making the Mobile systems (e.g., smartphones) do not have system secure is very important. Software architecture plays an important role to achieve both functionalities the computing capabilities attributed to desktops and quality (e.g., security) of a system. This paper or laptops. As such, one cannot implement surveys the software architecture of five of the leading everything in a smartphones that can be mobile operating systems such as Android (Linux), implemented in full-fledged traditional computing Blackberry, iPhone (Mac OS X), Symbian, and systems. Some on the limitations of smartphones Windows Mobile. Our survey study indicates that are as follows: Android is the most promising of al and identifies security issues with Android. The paper then proposes Smartphones run in battery and has significant improved software architecture to resolve these issues. power constraint. More specifically, our proposed software architecture attempts to enhance the security of Android without Smartphones doesn’t have the same CPU comprising it performance. power as a computer. Smartphones have limited RAM as compared Key Words: Software Architecture, Security to a computer. Engineering, Mobile Computing, Android, Operating With the implementation of 3G network Systems. speed, the internet download and upload speed of the cellular networks has shown great 1. Introduction improvement. Screen size plays a major role and is a very The demand for Smartphones is increasingly important issue which needs to be taken into growing at an exponential rate; it is expected to consideration while building an operating soon pass laptops’ sale as a device for mobile system. computing [9]. Initially, cell phones were only used to perform simple tasks such as making In the next section, a brief background of the phone calls and/or exchanging text messages. surveyed operating systems is given together with Currently, cell phones are becoming more their comparison table. Using analysis result, two sophisticated by providing functionalities that of the leading operating systems are selected and once expected from laptop and/or desktop their architectures are explained in section 3. The computing systems. For example, using cell shortcomings and security risks of the selected phone, callers can now interact with system using architecture are discussed in section 4. Sections 5 spoken language, brows internet, exchange emails, and 6, discuss our proposed enhancements chat online and social network medias, use together with their architectural solutions. navigation systems, etc. Further, new and unimaginable capabilities can be incorporated in 2. Background and Comparison the mobile computing at any time and rate using new apps. Blackberry: Blackberry was introduced by Research In Motion (RIM) in 1999 which started 978-0-7695-4654-4/12 $26.00 © 2012 IEEE 566 DOI 10.1109/ITNG.2012.122
  • 2. as a simple two-way pager, but it quickly became Openness S Ns Ns Ps Ps one of the most widespread of the mobile devices Security Ps S S Ps Ps Cost S Ps Ns Ps Ps [6].Blackberry software platform has a layered Hardware S Ns Ns S S architecture. It was the first mobile operating Independence system for smartphones. Usability S Ps S Ps Ps S = Satisfied; Ps = Partially satisfied; Ns = Not satisfied; Symbian: In 1998, Nokia, Ericsson, Panasonic, and Samsung got together and collaboratively Table 1: Summary of mobile platform categories created single operating system to run their devices [4]. The result from the above table has been used to select the software architecture of two leading iPhone: Apple announced iPhone at the operating systems. The selection criteria depended MacWorld expo in San Francisco in January 2007 on the availability and popularity of the operating [1]. The iPhone was the first smartphone which systems. Android was selected as one of the had huge popularity amongst the general users and contenders of the research because of the openness it quickly snatched some of the market share from and extremely user-friendliness of the operating RIM and Symbian and it quickly became a status system. Apple’s iOS was selected as the second symbol [4]. contender of the research. One of the major reason behind selecting iOS as another contender is due Android: Currently, Android is the most popular to its current popularity and innovation in the operating system out of the several Linux based design. mobile operating systems (e.g.,Maemo) [6]. In November 2007 Google released the operating 3. Architecture of iOS and Android OS system Android under the Open Handset Alliance with the goal of being an open source platform for iOS Architecture: Apple’s iOS is a sligthly software development on mobile platform [1]. different than Android, because Apple develops Android software architecture is based layered and controls both the end product and the architectural style [20] [21]; Android provides a operating system. Therefore, it is difficult to run custom built virtual machine (Dalvik) for the Apple’s iOS in any other device because of lack of applications to run; it also acts as the middleware access to source code. iOS [13] has a layered between code and the main operating system [4]. architecture and is shown in figure 1. Table 1 summaries our survey results. An Blackber iPhon Symbi Windo droi ry e an ws d Mobile Network S Ps Ps S S Scanning Network Ps S S S S Interface Selection Bluetooth I/O S S Ns S S Network S S Ns Ns S Interface Control Background S S S S S Figure 1: Architecture of Apple’s iOS processing / Multitasking Energy S S S S S Apple doesn’t allow any third party developer to Monitoring look into and work in any of the architecture level. Power Saving S S Ps S S The architecture is much closed from the outside Low-level S S S S S memory world. Developers can only interact through one management little window called Cocoa. The main application Location S Ns S S S development language is Objective-C [13]. Sensing Persistent S S S S S Since, Apple controls the whole environment – storage from chip to application to final device, it does not 567
  • 3. require a virtual machine. This is one of the major Libraries: The surface manager of Android reasons why Apple’s iOS cannot be installed in library takes care of the display of the system and any other device. The operating system is totally OpenGL is an open-source utility which takes care dependent on the device. Thus, the portability of of graphics of the system. The media libraries are the software can be an issue with Apple’s iOS responsible for playback and recording of audio [13]. This is the reason why it is becoming less and video formats. FreeType takes care of the font popular nowadays as compared to Android – of the texts. The database engine of Android is which can be installed in any device which fulfils SQLite and Android’s browser is a Webkit the basic requirement of the system [11]. browser which is another open-source utility [12]. Android architecture: Android is s a software One of the important parts of the library systems stack (see Figure 2) for mobile devices which that plays a major role is our research is the Bionic includes an operating system, a middleware and ‘Libc’ of Android. Libc is a set of C/C++ library key applications. Android SDK provides the tools system. It is a custom libc implementation of and APIs necessary to develop an application general Linux libc, optimized for embedded use. using JAVA (which is a popular language amongst The advantage of this is that it is smaller in size the developers. The main advantage of Android and has faster code paths that are perfectly suited over Applie’s iOS is that it is open-source and is for mobile devices. This makes the system fast and based on Linux and is free to be used. Due the quick to respond to any request. One of the biggest presence of the Dalvik virtual machine (discussed disadvantages of this custom implementation is later) Android is fast; its hardware is independent, that it is not compatible with the standard Gnu which makes it portable [12]. Libc (glibc) [12]. Android Runtime: The development language that is used in this section is Java. The core Libraries of Android is very powerful, yet simple and familiar development platform as it is very similar to Linux. Dalvik Virtual Machine (DVM): This is one of the most important reasons why Android is so fast and suitable for mobile systems. Dalvik virtual machine focuses on two of the most important issues of mobile system: limited space, and limited power. It also increases the portability of the system because it can be implemented in any mobile system and is independent of the hardware. DVM converts all the files into smaller and more optimized (.dex) suitable for mobile systems [12]. One of the interesting features of DVM is that it Figure 2: Architecture of Android [12] supports multiple virtual machine processes meaning that if two applications are running at the Linux Kernel: Android is based on Linux but is same time, they may work on two separate virtual not Linux. The kernel of Android relies on Linux machines. This feature can improve the version 2.6 for core system services such as performance of the system. security, memory management, process management, network stack, and driver model. Application Framework and Application: The This is the abstraction layer between the hardware activity manager is responsible to keep track of and the rest of the software stack [12]. This means life cycle of any application. For example, suppose that as long as any device satisfies this layer a user is running an application and then she opens Android can be installed in that device. another application and minimizes the current application. She may forget about the minimized 568
  • 4. application later on. Activity manager does a very each and every method cannot be applied in good job by tracking the idle time of a minimized Android because Android libraries have been application and killing it when the system runs out modified to a large extent to make them suitable of memory. The content provider takes care of the for mobile systems. shared data between applications. Therefore, due to performance (speed), openness, and portability Detecting malicious application: The following of Android, it can be reasonably expected that it procedure needs to be performed in order to detect will lead the modern mobile computing [11]. a malicious software/application: 4. Security risks of Android OS 1. Identify executable files linking format executables installed on the Linux side of In the previous section we have discussed that the Android operating system (applications that presence of Dalvik Virtual Machine (DVM) are pre-installed in the system). improves the performance of Android operating 2. Perform a statistical analysis of the function system. With the increasing complexity of the calls by these applications and keep a record Android OS with each new release [12], it is of the analysis in a log file. becoming more capable to perform different tasks 3. Compare the result to the newly installed which may compromise security. applications for detecting significant difference. Security is a very important issue that was not 4. Create a decision tree to determine the level of given much considerations We have discussed suspicion. earlier that the openness of Android makes it more popular amongst the developers and end-users. In what follows, we attempt to find out if existing But, an operating system cannot be made open at tools can be adopted for Android based systems. the cost of the system’s security. For example, Since, Android is a Linux based operating system Rootkits are malware that modify operating it is possible to incorporate security measures system’s data to achieve malicious goals. In some designed for Linux based desktop operating cases, Rootkits can create even more devastating system. But, three important factors need to be effects by spying on conversations via GSM [2]. taken into consideration: 1)the processing power Since, Android can be installed in any mobile and memory of a mobile system is very low as hardware and for any carrier such as GSM and compared to a desktop/laptop; 2)mobile systems CDMA. As such, it is more vulnerable to these do not have enough space as compared to a kinds of threats. desktop; 3) android’s libraries has been highly modified to make it suitable for mobile systems. 5. Enhancing security of Android OS The antivirus tool that was selected is Clam Android allows modifications even in the AntiVirus which is an open source (GPL) anti- operating system level. The openness of the virus toolkit for UNIX [16]. Although all of the system can not only be a threat to the system but parameters were not tested but for the most part, it also can be used to protect the system from works. malicious intrusion. Since, a third party application developer has access to all the levels of Netfilter is an open source firewall tool that has software architecture; they can develop kernel- been selected for our purpose. It hooks inside the based low level security tools. In Android, Linux kernel. This is possible to be implemented malware detection techniques can be implemented in Android OS as it is an open-source OS [17]. even at the kernel level. Chkrootkit has been chosen for this work. It scans Linux is known for its security; there are security for signs of worms, rootkits and Linux Kernel software available for Linux based system. Since, Module (LKM) Trojans. It inspects binaries, Android is based on Linux; one can test the checks logs for suspicious interfaces and looks for applicability of existing signature and intrusion hidden files [18]. detection methods in Android environment. But, 569
  • 5. Snort is a well-known Linux tool which is used for we cannot slow down the performance of a system intrusion detection. It analyzes the traffic and in order to make the system more secure. packet logging on IP networks; it scans each and every port and checks for other suspicious In this section, we propose revised software behavior [19]. architecture to enhancing the security without compromising performance of Android by implementing intrusion detection techniques in the system itself. Figure 4 shows the software architecture without security improvement. Figure 4: Skeleton of Proposed Architecture Figure 5 shows the revised but improved software architecture of the Android to improve security. As can be seen from the figure, the proposed architecture includes a monitoring and a detection client security feature, and a control daemon. It has a database interface which allows the third party applications to access the database. The Figure 3: Decision tree; ‘y’ means it appears in the application framework level includes all the static table of an executable; ‘n’ means that it does functionalities needed to monitor any application’s not. activity. 6. Proposed Software Architecture A detection manager is included at this level; it In the previous sections, we noticed that the constantly monitors the behavior of all the running Android’s architecture has been designed to applications, which might include a malicious one. provide fast respond. For example, the inclusion of It also checks for any malicious behavior by any virtual machine and the fact that many virtual third-party application or from network. machines can be activated simultaneously, improves the performance significantly [12]. In The control daemon is responsible for constantly this section we attempt to extend the architecture checking the status of the detection manager. The of Android to incorporate some security measures. detection manager on the other hand, extracts Finally, we propose and modified layered information from Linux kernel and files systems architecture which makes the system fast and that are stored as reference and compares it with secure. the behavior of the third party application (discussed in ‘Detecting Malicious Application’). One way to make a system more secure is by For example, if it finds any anomalies and incorporating some of the security aspects at suspicious behaviors, it informs the control architectural level [10] [21]. Though some of the daemon about it. One needs to note that the above mentioned applications can be implemented detection manager itself does not do anything to in the Android operating system to boost security the malicious application (if found). There are two by detecting threats and mitigating against them, it major reasons behind this. First, if the detection is more cost effective to incorporate security manager itself tries to stop the malicious activity, mechanisms at architectural level [21] [10]. But it has to stop itself from monitoring the activities of other possible threats. Secondly, it will 570
  • 6. significantly hamper the performance of the Implications and Opportunities. HotMobile Rutgers system. University, Annapolis Maryland, 2010, pp. 1-6. [3] T. Gronli, J. Hansen, and G. Ghinea, Android vs. In Figure 5, the control daemon usually remains Windows Mobile vs Java ME. PETRA 2010, Brunel quiet and does not interfere with any of the University, 2010, pp. 37-44. system’s activities. However, as soon as it senses any abnormality from the detection manager, it [4] S. P. Hall, and E. Anderson. Operating Systems for Mobile Computing, Consortium Computing Sciences becomes active. Depending on the risk and in College: Rocky Mountain Conference, 2009, pp. 64- maliciousness of the activity it then stops the 71. malicious access to data. In case, an activity is severely malicious it immediately stops the [5] A. Litke, K. Zotos, and G. Stephanides. Energy consumption Analysis of Design Patterns. Applied applications access to the libraries and instantly Informatics, Greece, 2005, pp. 86-90. blocks the database interface layer’s door that can only be accessed by the control daemon. This [6] E. Oliver, A Survey of Platforms for Mobile feature, in turn, ensures that the data remains Networks Research. Mobile Computing and relatively secure. Communications Review, December 2008, pp. 56-63. [7] C. Thompson, J. White, and D.C. Schmidt. Analyzing Mobile Application Software Power Consumption via Model-Driven Engineering. ACM MobiSys, 2010, pp.1-15. [8] N. Vallina- Rodriguez, P. Hui, J. Crowcroft, and A. Rice. Exhausting Battery Statistics. Mobiheld, 2010, pp.9-14. [9] http://mobilewebsitewatch.com/page/2/ Figure 5: Modified architecture of Android [10] P. Clements, R. Kazman, and M. Klein. Evaluating 7. Conclusion and Future Work Software Archiecture: Methods and Case Studies. Addison Wesley, 2002. In this work, we discussed the importance of low- end computing, namely, mobile computing. [11] Canalys Report. http://www.canalys.org Toward this goal, we studied and analyzed five leading mobile phone operating systems. Our [12] Android. http://code.google.com/android/ study has shown that Android is a promising [13] iPhone. http://developer.apple.com/iphone/ platform because of its openness and portability. We also discussed some security issues related to [14] R. Quinlan. Induction of decision trees, Machine Android operating system. Toward this end, we Learning, vol. 1(1), pp. 81–106, 1986. proposed an enhancement that works with the [15] K.A. Yuksel, O. Kiraz. Enhancing security of software architecture of Android. Linux-based Android devices, Sabanci University, Istanbul pp. 4-8. The results in this study have not been empirically validated yet. Therefore, future work will attempt [16] Clam Antivirus. http://www.clamav.net/ the practicality of our hypothesis by experimenting [17] [17] Netfilter. http://www.netfilter.org our theories on real mobile computing systems. [18] ChkRootkit http://www.chkrootkit.org References [19] Snort http://www.snort.org [1] M. Anvaari, and S Jansen. Evaluating Architectural Openness in mobile Software Platforms. ESCA 2010, [20] M. Shaw and D. Garlan. Software architecture: Copenhagen, Dennmark,2010, pp. 85-92. perspectives on an emerging discipline, Pearson, 1996. [2] J. Bickford, R. O’hare, A. Baliga, V. Ganathapy, and L.Iftode. Rootkits on Smart Phones: Attacks, [21] H. Reza, E. Grant: Quality-Oriented Software Architecture. ITCC-2005 (1), pp:140-145, 2005. 571