Android Architecture
Before go in the depth of Android Security Model in the operating system, it is important to understand the current Android architecture overview. Android architecture make use of isolation model to build a operating system with security.
First thing first, Android operating system is built on top of Linux kernel, where the Linux kernel is responsible for executing core system services such as memory access, process management, power management & accessibility to physical devices through drivers & network management. (Mahmood, Amen & Mala Nabi, 2016)
On top of the Linux Kernel, there will be the Android run-time, native libraries, application framework & the application running in Android devices. Besides that, Dalvik VM is written to enable Android device can run multiple virtual machines efficiently. Thus, it allows Android application to run its own process with its own VM within the Dalvik VM.
From this point, we can see that each Android application runs in an isolation in a sandbox environment (Dalvik VM). Hence, an application executes in the Android mobile will unable to influence & modify the other running application since each of the application are running in different sandbox. Android had utilized standard Linux access control mechanisms to achieve isolation between each running Android application. (Mahmood, Amen & Mala Nabi, 2016)
Android Security Model
Android Security model is an isolation model which provides a secure environment for Android application execution. However, the isolation model does provide limitation which restricted the application functionality in Android application. (Elenkov, Root & Sawyer, 2015)
One of the limitations may occurred in Android application is lack of useful functionalities that could be achieve by accessing important system & drivers such as camera, location services, network services & others. Moreover, limiting application to exchange data will reduce the likelihood of enhancement of application capabilities & development framework.
To avoid these limitations, Android had introduced shared user ID & permission to allow application components talk to each other & enable application to access to critical system in Android devices.
Shared User ID
Shared user ID enables Android system to share data between application components. Both applications need to be signed with same digital certificate in order to be assigned a shared user ID as shown in image. Developers will able to pass through the restriction on isolation model & both applications will gain access to run in the same process. (Mahmood, Amen & Mala Nabi, 2016)
Permission
Normal Permission
Normal permission provide access on application level functionalities. It allows access data or resources outside the app’s sandbox where there is only minor risk involved which does not need explicit user’s approval. However, the user able to review which normal permission are grated after the application installation. (Mahmood, Amen & Mala Nabi, 2016)
Dangerous Permission
The second type of permission is dangerous permission, where this permission will provide application to access private data & critical system module in Android system. For example, the permission often involved on accessed to functionalities on photo gallery, location service or any system that able to gain user private data. Due to it high security risk, Android system promoted this permission to be confirmed by user at run-time. (Mahmood, Amen & Mala Nabi, 2016)
Signature Permission
Signature permission has to be granted for the application to sign with the same certificate as the application asked for permission. Signature permission works like shared user ID, nonetheless, it provides more control between applications when sharing same digital certificate. Android system will grant for permission before installation. (Mahmood, Amen & Mala Nabi, 2016)
In a nutshell, we had go through the Android architecture & Android security model overview in this article. Accessing critical system & applications in Android able to build powerful features, but it actually contains some security risks. Thus, knowing the Android security structure will help Android developers to plan on the development wisely in terms of security. Feel free to discussed if there is any corrections need to be shown in this article.
References
Cloudi 2018, Android security model and threat — All things in moderation, viewed 22 October 2019, <https://hydrasky.com/mobile-security/android-security-model-and-threat/>.
Elenkov, N, Root, K & Sawyer, J 2015, Android security internals, No Starch Press, Inc., San Francisco, p. 12.
Mahmood, S, Amen, B & Mala Nabi, R 2016, “Mobile Application Security Platforms Survey”, International Journal of Computer Applications, vol. 133, no. 2, pp. 40–46, viewed <https://www.researchgate.net/publication/290786688_Mobile_Application_Security_Platforms_Survey>.
