Android Security Underpinnings at AnDevCon



This presentation on Android Security Underpinnings explores how the Android security system is put together. We'll look at the following topics:
 
  • Security Architecture: overview of how Android security is put together
  • Application Signing: understanding signing and verification, multi-vendor signing, platform keys
  • User IDs: mapping from Android users to Linux UIDs, user ID management
  • File Access: overview of various file system partitions on a typical device
  • Multiuser Support: how it works, separation of data and apps, shared components
  • Permissions: using permissions, top 10 bad permissions, avoiding bad permissions
  • Permission enforcement: kernel, native layer, framework layer, and app components enforcement
Published May 29, 2013