You are on page 1of 39

L4Android: A Generic Operating System Framework for Secure Smartphones

Presented by: Irfan sheikh Abu bakr Eirabie

 Smartphones  Four challenges in smartphone security  L4 Android Framework  Introduction of Android  Android Architecture  Threats in Android Architecture  Monolithic Architecture


 How L4 Android Frame work helps?  Virtual Machines  NFC  How L4 Android will solve the security problems?

 “A smartphone is a mobile phone built on a mobile

computing platform, with more advanced computing ability and connectivity then a feature phone” – Wikipedia  Smartphones are devices that can take care of all of your handheld computing and communication needs in a single, smart package.  When a different set of standards are applied for cellphones to fulfill your daily requirements, that becomes a smartphone

Advantages of Smartphones
 Never out of touch
 Better information sharing  Greater functionality

 Faster Communication etc

Smartphones replacing Computers
• Google believes that in three years or so smartphones will replace desktops as the primary way consumers retrieve information and entertainment

As this chart from Silicon Valley Insider shows smartphone sales are increasing rapidly

Four challenges in smartphone security
 Secure Software Smartcards: which is used for NFC

applications or software SIM cards  Unified Corporate and Private Phone: shows how the business and the private phone can be securely combined on one device  Mobile Rootkit Detection, a technology that was previously restricted to desktop computers  Hardware Abstraction Layer (HAL):giving programs direct access to the hardware resources.

What is NFC(near field communication)?
 Short range wireless communication technology b/w

electronic devices  Used in mobile devices

L4 Android:

“is a framework to maximize the security of Android. This framework help us how to solve Security problems “ Goal: is to run Android in a virtual machine on top of the microkernel

 Design principles

_maintenance of system security is implemented in kernel – Implement only functionality in kernel that cannot be implemented at user level Everything else in user space – Hardware enforced isolation boundaries Address spaces – Fast communication (IPC) –Improvements over monolithic kernels (such as Linux) – Fault isolation: limit scope of faults  Scheduling: execute real-time applications beside non-realtime applications
• • Open Source Project See for details

What is Android???

Android = operating system + middleware + key applications

 Android is an open source platform developed under

the open handset alliance to enable faster development of mobile applications and provisions of services to the users.
 Google is the leading company to develop and promote

android, however there are other companies as well who are involved in the development of android.

Android Architecture


 All applications are written using the java

programming language.  Core applications include –
 Email client  SMS program  calendar  Maps

 Browser
 Contacts etc.

Application Framework
 Underlying all applications is a set of services and

systems, including:
 Views  Content providers  Resource manager  Notification manager  Activity manager

Android Runtime
 Every android application runs in its own process, with

its own instance of the Dalvik Runtime machine.  Dalvik has been written so that a device can run multiple VMs efficiently.

Linux kernel
 Android relies on Linux version 2.6 for core system

services such as security, memory management, process management, network stack, and driver model.

 Includes a set of C/C++ libraries used by various

components of the android system.  Some of the core libraries are System C library, Media library, surface manager, libWebcore, SGL, 3D libraries, Freetype, SQLite.

Threats in this Android Architecture
Delayed System Updates
security critical software updates are delayed or not deployed at all In software security the time span from the discovery of a vulnerability until the deployment of the security patch is critical. During this time span the system is vulnerable and attackers race to create exploits

Linux Kernel:
    

Android is based on the Linux kernel. Linux implements a monolithic All kernel components, including device drivers, run in kernel mode no isolation between components is provided. Any kernel bug that can be exploited enables an attacker to modify kernel memory,

Rooted Phones
Rooting is the process that overcomes the kernel’s integrity barrier. The modified kernel might disable Android security measures, contain malware such as key loggers, or subtly alter the system’s behavior to leak private information.

Android Permission System
At installation time an application can request permission to access system resources such as location, Internet, or the cellular network, from the user. The user is then presented with a screen allowing him to either grant all the permissions or cancel the installation. It is not possible to selectively accept or deny accessprivileges. Thus, many users simply accept such permission requests without considering their implications

Monolithic Architecture
 Monolithic Architecture—the early operating systems
 Every component is contained in the kernel, can directly

communicate with other components
Applications System Calls User Space

OS Layer

Computer Hardware

Draw Backs?
 Monolithic architecture of Android is the main reason   

for its security problems A bug in one of them is enough for an attacker to tamper with any part of the component and to leverage all of its permissions. The design of our OS frameworks is based on the principle of divide and conquer. Dividing monolithic systems into smaller subsystems is a complex task, because these subsystems have complex dependencies with one another This problem is prominent with OS kernels. Therefore it is not possible to apply our OS construction mechanism to existing OSes.

So L4 Android framework provides Virtual Machines to run existing systems. Security conscious applications are implemented outside of the VM.

Virtual Machines  Can create the illusion
that there are more than one separate machines  An instance of Android is run inside a virtual machine to secure kernel from attacks.
User Space User Space User Space



VM1 VM1 Virtual machine implementation Host Operating System Computer Hardware

How L4 Android will solve the security problems?
 Software Smartcard L4 Android framework facilitates the secure implementation of smartcard functionality in software via download, thus minimizing the cost of including physical smartcards and their readers in phone housing.

Unified Corporate and Private Phone: It shows how a private and a business phone can be unified in one device in a secure manner, using virtual machines to run multiple instances of android.

Mobile Rootkit Detection: It describes how our framework enables rootkit detection on mobile devices. Rootkit detectors are isolated a layer below target OS so that a compromised kernel cannot be exploited further.

Hardware Abstraction: It’s purpose to implement device specific drivers in a layer below Android. This allows Google to supply generic kernel versions that are readily applicable to all devices, which allows for much faster security updates.