Security Architecture – Android vs. iOS
This report serves as a high level architectural security assessment of Google Android and Apple iOS, two of the most popular mobile operating systems today.
Kernel Mode vs. User Mode
The Kernel is a computer program that acts as a bridge between software and hardware, it is essentially a gatekeeper, managing the input / output functions of software and hardware, and is a fundamental component of all modern operating systems. The kernel performs its tasks in kernel space, a protected area of the system designed for process execution and error management – all actions of a user, such as running an application or performing an action, is executed in user space. This prevents the core of the system required for operations, to be interrupted by user actions, preventing system crashes or degraded performance. The figure below is a pictorial representation.
Figure 1: User Mode & Kernel Mode
At a glance
• Android is a mobile operating system (OS) currently developed by Google
• Based on the Linux kernel, designed primarily for smartphones and tablets
• Google has further developed Android TV for televisions, Android Auto for cars, and Android Wear for watches, each with a specialized user interface.
• As of 2015, Android has the largest installed base of all mobile operating systems.
Initially developed by Android, Inc., which was acquired by Google in 2005, Google Android was unveiled in 2007, alongside the first “Google” phone. Android's source code is released by Google under open source licenses. Manufacturers typically add their own customizations which are closed source in nature.
The Google Android software architecture is comprised of a number of layers, applications, the app framework, libraries, core libraries and hypervisor and the Linux kernel. These can be seen visually in Figure 1.
Figure 2: Android Architecture
Linux is the foundation of the Android OS, the kernel facilitates core system services such as security and processes including networking, application process management as well as memory management. The kernel interacts directly with the device hardware and acts as a mediator between all software and hardware.
The core libraries and hypervisor – also known as the Android runtime provides the core functionality required to run Java based applications on Android. Within Android, each application runs as its own process, within its own virtual machine, this facilitates better allocation of resources, memory allocation and security. The Android virtual machine is register based.
The Android OS includes a set of C/C++ libraries, these libraries are used by the various components of the system, and are exposed to developers, these libraries provide a foundation on which for developers to build applications, utilizing the pre-existing libraries, these provide internal database functionality, security, graphics and media components and more.
Building upon the components provided in the library layer, the application framework layer provides a core set of applications including email, browser, calendar and more. Allowing developers to build applications reutilizing core component services. Without having to rebuild functionality or UI.
The framework is designed to allow easy reuse of components; a developer can reuse any capability within an application utilizing this framework. This extends to include data (graphics, local strings and layouts).
The Android OS has two significant failures – the first of which is its application distribution system “Google Play”, this system, which is aspirational of a “provenance system” does not require validation of application signatures prior to run. Enabling malicious users or attackers to create an anonymous digital signature and ultimately distribute malware. The other significant failure is the permission system, those familiar with the Android permission system will be familiar with the reliance of the system on user input – the system requires that the user makes important security decisions – the majority of end users are not technically capable.
Android has a policy of isolation, known as “sandboxing”, isolating applications from each other, and notably, the system kernel – however, there are exceptions to this – i.e. all applications can access data stored on an SD card. Similarly, as mentioned before, Android is dependent on user decisions, relying upon the user to decide upon application permissions – this can ultimately lead to a social engineering attack.
Figure 3: Proportion of devices running vulnerable versions of Android
At a glance
• iOS is a mobile operating system (OS) currently developed by Apple
• Based on the Unix (free-BSD) kernel, designed primarily for smartphones and tablets
• Apple have further developed iOS for televisions, cars, and watches, each with a specialized user interface.
• As of 2015, Apple has the second largest installed base of all mobile operating systems.
Initially developed by Apple Inc., iOS was unveiled in 2007, along with the Apple iPhone.
The iOS source code is “closed”, and proprietary, and, unlike Android, can only be installed upon software products created by its manufacturer (Apple).
Figure 4: iPhone Architecture
The iPhone has 6 different architectural layers, hardware, the Core OS, core services, media, cocoa touch (core UI) and the application layer. The iPhone OS (or iOS) is fundamentally the kernel, drivers and services that enable interaction between the user and the hardware.
On top of the OS – at the core services and media layer(s), objective-c runtimes and C libraries are provided, similarly to Android – these allow developers to quickly share application resources and core libraries to build and share applications and data quickly and efficiently. An API layer (referred to in figure 2 as Cocoa touch, allows dynamic linking between application processes and libraries at runtime, written in objective-c. Providing a more secure layer of communication through restrictive API calls.
iOS has been designed with security in mind, over its 8-year history, iOS has proven to be a robust model for mobile OS security. One fundamental reason for this is the control that apple presides over its app store. This provides enhanced providence of application distributions, ensuring that apple can validate the integrity and functionality of an application for both compatibility, functionality and security – ensuring confidentiality, availability and integrity of data.
This approach is not impregnable; it has proved to be a sufficient deterrent against a number of attacks. Similarly, to Android, the system implements an “isolation model” limiting the data that applications can access. Similarly, to Android devices, the device’s defenses are only as “strong” as it’s user’s, social engineering attacks ultimately remain a significant concern.
Conclusion - Android vs. iOS
Both Android and IOS are variants of Unix, Android of Linux and iOS of FreeBSD. Both operating security in mind, and specific tasks to be performed. The architectures have evolved over time to allow greater functionality with more stringent security. Both systems embody the following security controls:
• Access control – passwords, time-out locking to protect prevent “foreign” user access
• App Store integrity – both Google (Android) and Apple (iOS) provide mechanisms for testing, validation and “tamper-proofing” of applications, when combining this with the relevant identity mechanisms (secure signing).
• Device encryption – encryption of the device, preventing data and in some circumstances the device in the event of theft (or loss).
• Sandboxing – both Android and iOS provide mechanisms to “containerize” information, protecting sensitive data and resources. This prevents applications from accessing the directory and contents of other applications.
• Permissions based access – this feature, available on both Android and iOS, provides granular access control for specific data sets and or sub-systems.
...(download the rest of the essay above)