Android Security Architecture
Android is an open mobile platform built on a robust security architecture. This architecture was designed to ensure the protection of users, data, applications, and devices by providing a secure development environment. The Android approach is to build multiplayer security for an open architecture while providing flexibility and protection for users of the platform. However, Android does have a developer’s interests in mind and has tried to reduce the burden on application developers by introducing many security controls that can be implanted into the software.
The Android security platform controls and features include the following:
- Security at the OS Linux kernel – This ensures that native code is constrained by the application sandbox.
- Mandatory sandboxing of applications – This prevents applications from interacting with each other and limits access to the operating system.
- Security inter-process communication – This provides standard and secure mechanisms for accessing file systems and other resources.
- Digital signing of applications – This identifies application authors and deters or prevents malware.
- User-granted application permissions – These require applications to obtain express permission from users before accessing resources such as camera functions, contact lists, or GPS.
The Android software stack contains the security measures required to secure applications, with each layer assuming that the components lower in the stack are secure. The top layer is the application layer, which hosts device-based applications such as the dialer, SMS/MMS, browser, camera, and so on. Below that are the application frameworks, which are the services provided. These include the activity manager and the package manager, among others. Below the frameworks are the libraries and the Android runtime virtual machines. This layer is built on the Linux kernel, which provides inter-process communications control and ensures that even native code is constrained by the application sandbox.
Android Application Architecture
Because Android is an open source platform, every application created for Android devices consists of essential building blocks. Therefore, every application can be decompiled and reviewed as blocks of source code. This is made easier because Android consists of basic software components that make up each application. These components are as follows:
- Activity – This is a user interface whereby a user can enter data or interact with the application in some other way.
- Service – A service performs operations in the background – for example, playing music.
- Content providers – These provide information to third-party applications. A content provider can be seen as an interface that processes data in one process and feeds it to another independent process.
- Broadcast receivers – These respond to system-wide notifications such as “battery low” or “microphone unplugged.” The OS normally initiates these notifications or broadcasts, but trusted applications can also issue broadcasts.
Apple iOS Security Challenges
The introduction of the iPhone in 2007 changed the mobile phone landscape. The arrival of the original iPhone, which was more of a handheld computer with a large touchscreen than merely a phone, sparked changes in mobility, computing, photography, and independent software development, to name just a few areas. It’s operating system, called iOS, ran a Safari Web browser and offered built-in Wi-Fi and Bluetooth in addition to traditional mobile communications.
The iPhone was one of the most disruptive devices of the new century. It certainly transformed the way we benchmark mobile phones and even the way we work and play. From a security aspect, however, it opened up a whole new way of thinking. The iPhone, along with other smartphones that were to follow, was not simply a mobile telephone, but a complex computer in a miniaturized format that carried with it a treasure trove of user information beyond what any other device had ever held.
When the iPhone was launched in 2007 and followed a year later by the iPhone 3G, it was clear that it would change the way people interacted with technology. The public embraced this change. Suddenly, mobile data and Internet, along with Web access from a mobile phone, became hugely popular. Indeed, it was so successful that within a few years, data usage levels skyrocketed and Internet access on mobile devices became the norm. It’s debatable whether the iPhone sparked the widespread adoption of smart devices or if the iPhone simply happened to appear at just the right time. Previous attempts at smartphones and tablets had failed due to a lack of applications and connectivity. Perhaps the difference-maker was the creation of the App Store, where users could download thousands of Apple-approved third-party applications. This was a major divergence from previous strategies pursued by the likes of Nokia, Blackberry, Windows and even Apple, and it sparked massive user interest and demand.
Before this, manufacturers of so-called smartphones made the development of third-party applications as difficult as possible for independent and small software houses. In contrast, Apple actively encouraged independents to develop applications for its product, resulting in a huge repository of applications available from the App Store. This freed Apple from having to guess which applications would be profitable from a development standpoint. It also kicked off a modern-day gold rush, as developers of popular apps became millionaires overnight.
Unlike Android, iOS is closed source and follows a philosophy that only verified applications from the App Store are available for download. Form a development standpoint, this has made the iOS less attractive to cybercriminals. Indeed, to download or side-load unauthorized applications, the user must jailbreak the device at which point Apple can claim innocence of any damage caused by attacks. From Apple’s perspective, this approach is a more secure choice and many security pros agree.
Like the Android OS, Apple iOS operating system has a component-layer model. The layers consist of the following:
- System architecture – This involves the OS platform and hardware used to protect the iOS device. It also relates to sandbox testing and application isolation. It includes a secure boot-chain, system software authorization, a secure enclave, and touch ID.
- Encryption and data protection – These are the techniques used to safeguard against theft.
- They include file data protection, passcodes, keychain data protection, and more.
- Network security – These are techniques used to protect data when it is transmitted across the open Internet. They include Secure Sockets Layer (SSL) and Transport Layer Security (TLS) security.
- Application Security – This includes digital authentication and verification, runtime process security, data protection within applications, sandboxes, and service isolation.
- Internet services – These include iMessage, Facetime, Siri, and iCloud.
- Device Access – These are the basic security tools such as passwords, PINs, remote wipe, mobile device management (MDM), and even remote access tools.
A key consideration with the iPhone was how it could be secured against theft or loss. After all, the mobile device held private user data, such as account information and passwords. For this, access control is always a good starting point. To that end, the iPhone had a password lock. In addition, it used many other access control techniques, such as application permission requests, which are similar to the permission per process control in Android.
Apple iOS Architecture
The iOS architecture is a layered model. At the highest level, iOS can be considered an intermediary between the underlying hardware and the applications running on the device. Applications do not talk directly to the hardware but rather go through the iOS and device drivers. Therefore, the iOS operating system is built on several layers that stack on each other, providing more sophistication at each subsequent layer. From the top down, the layers are as follows:
- Cocoa Touch Layer – This higher-level layer provides a level of abstraction from lower levels. It is where application development occurs. This makes it much easier to write code, as it reduces the amount and complexity of the code.
- Media Layer – This layer contains the graphics, audio and video technologies used to implement multimedia features in applications.
- Core Service Layer – This layer underpins the system services that applications require.
- It also supports technologies such as iCloud, social media and networking.
- Core OS Layer – This layer contains the low-level features that are the foundation of all the higher layers and their features.
To assist developers, Apple has supplied a developer library. It contains an application programming interface (API) references, programming guides, and many simple code blocks. The lesson for end users is that to retain secure, they should use the App Store to download applications. Apple has created this marketplace for developers to upload and sell verified applications on which end users can rely.
Windows Phone Security Challenges
The Windows Phone OS was the replacement for the Windows Mobile 6.5 OS. Although the Mobile 6.5 OS did not achieve huge market share, it was very business oriented. In fact, it was developed for that purpose. The Mobile 6.5 OS had very strong and granular permissions and features that could be controlled by a user or administrator. Unfortunately, its successor, Windows Phone 7, had none of these security and management features required by business network administrators. This was rectified in Windows Phone 8, however, Windows has now added security and management features comparable to the iPhone iOS.
Windows Phone Security Architecture
Windows Phone 8 has a large number of security controls to protect third-party applications. The system is heavily compartmentalized, using a sandboxing approach to applications. This prevents them from interacting with one another. File and protocol handlers exist to assist in app-to-app communication in cases where it is needed, but the interaction remains limited. In addition, there are other mechanisms for protecting data stored on the device itself. For example, Windows
Phone 8 uses BitLocker disk encryption to protect not only the storage areas but also the isolated data storage compartments that applications use.
Windows Phone Architecture
Like iOS, Windows Phone 8.1 is a closed system. The underlying OS code is not available to developers. Only APIs are used along with the Windows development kits. Windows Phone 8.1 is based on the Windows NT kernel and is a stripped down Windows system that boots, manages hardware and resources, authenticates, and communications just like any other Windows device. It also contains low-level security features and network components. Where Windows Phone 8.1 differs is that it contains additional mobile phone=specific binaries that form the Mobile Core.
The architecture itself is a layered model. Applications run on top of an operating layer, which provides the services and programming frameworks that applications can use to create the user experience. Below the operating layer are the system kernel, which controls the file/system and storage, input-output (I/O) manager, memory manager, and networking and security functions. Below the kernel are the device drivers, which talk directly to the original equipment manufacturer (OEM) hardware. Developers use the Windows Phone SDK 8.0, which contains tools and emulators necessary to create applications that run on the OS. It’s also important to know that unlike Apple and Android, Microsoft uses one OS for phones and another for tablets.