The Android Platform Security Model (and the security status of actual devices)

Abstract

Android defines not only an operating system / platform, but a complete ecosystem with more form factors than just smart phones. In this talk, we will look at the Android ecosystem mostly for mobile devices as well as security goals the platform tries to achieve. A specific example is the upcoming mobile driving license that relies on some of the hardware security guarantees modern mobile devices can give. Finally, verifying the security status of actual OEM devices in the lab or in the field is challenging, and we introduce a new project towards crowd-sourcing such data collection in a collaboration between Cambridge University and Johannes Kepler University Linz.