Android Security

The authors continue by stating that in fact, ICC mediation defines the core security structure and is the article’s focus, but it improves on the assurances provided by the underlying Linux system (Enck, Ongtang and McDaniel 53). The rest of the subtopic goes deep into the security enforcement element of the Android operating system, covering the mandatory access control (MAC) among other features. The next subtopic is security refinements, with a short introduction. Under this comes a discussion of public vs. private components, implicitly open components, broadcast intent permissions, content provider permissions, service hooks, protected APIs, permission protection levels, pending intents, and URI permissions (Enck, Ongtang and McDaniel 54).
The final subtopic in the article is lessons in defining policy, which covers the results (experiences) the author have had after working with the Android security policy. They state that the results showed that Android security policy starts with a relatively simple easy-to-understand MAC enforcement model, but the number and subtlety of refinements make it hard for someone to discover an application’s policy by simply looking at it (Enck, Ongtang and McDaniel 56). Some refinements push policy into the application code while others add delegation, which combines discretionary controls into the otherwise typical MAC model (Enck, Ongtang and McDaniel 56). This scenario makes mustering a firm grasp on Android’s security model non-trivial.