Deep Dive into Android Security: AnDevCon II



Marakana's own, Aleksandar Gargenta is going to give you an in-depth look at Android Security in this recording of his presentation at AnDevCon II.

Some of the topics SaÁa will cover inlcude:

  • Android's security model
  • Permission system and enforcement
  • Data protection features and encryption
  • Enterprise device administration
  • The security model through the Android stack
  • Weaknesses in Android's security model

 




The slides from this talk are available here:


Here's the full description of SaÁa's talk:
With Android activations reaching a million devices per day, it is no surprise that security threats against our favorite mobile platform have been on the rise.

In this session, you will learn all about Android's security model, including application isolation (sandboxing) and provenance (signing), its permission system and enforcement, data protection features and encryption, as well as enterprise device administration.

Together, we will dig into Android's own internals to see how its security model is applied through the entire Android stack - from the Linux kernel, to the native layers, to the Application Framework services, and to the applications themselves.

Finally, you'll learn about some of the weaknesses in the Android's model (including rooting, tap-jacking, malware, social-engineering) as well as what can be done to mitigate those threats, such as SE-Linux, memory protection, anti-malware, firewall, and developer best practices.

By the end of this session you will have a better understanding of what it takes to make Android a more trusted component of our personal and professional lives.



Want to learn more about Android Development?
Check out some of our training courses and videos

 

Published November 11, 2011