Discover Security Enhancements (SE) for Android to build your own protected Android-based systems
About This Book
- Learn the fundamental security models and motivations behind Linux, SELinux, and SE for Android.
- Build and enable current security enhancements from the SE for Android project onto a working embedded UDOO board.
- Discover how to leverage SE for Android to secure your own projects in powerful ways using this step by step guide.
Who This Book Is For
This book is intended for developers and engineers with some familiarity of operating system concepts as implemented by Linux. A basic background in C code would be helpful. Their positions range from hobbyists wanting to secure their Android powered creations to OEM engineers building handsets to engineers of emerging areas where Android is seeing growth.
What You Will Learn
- Experiment with Linux and SELinux access controls
- Build custom Android kernels
- Backport SE for Android patches to different Android versions
- Explore binder and property services, what they are, and how and why SELinux integrates them
- Work with Android core internal systems like init and zygote
- Learn how to keep pace with and navigate the details of fast moving open source projects
- Overcome obstacles in policy development through directed experimentation
In Detail
You will start by exploring the nature of the security mechanisms behind Linux and SELinux, and as you complete the chapters, you will integrate and enable SE for Android into a System on Chip (SoC), a process that, prior to this book, has never before been documented in its entirety! Discover Android's unique user space, from its use of the common UID and GID model to promote its security goals to its custom binder IPC mechanism. Explore the interface between the kernel and user space with respect to SELinux and investigate contexts and labels and their application to system objects.
This book will help you develop the necessary skills to evaluate and engineer secured products with the Android platform, whether you are new to world of Security Enhanced Linux (SELinux) or experienced in secure system deployment.
William Confer
William Confer has been engineering embedded and mobile systems since 1997. He has worked for Samsung Mobile as a managing staff engineer and currently teaches computer science at SUNY Polytechnic Institute. He holds a patent in low-cost character recognition for extremely resource-limited devices and has multiple other patents pending for mobile technologies.
William Roberts
William Roberts is a software engineer who is focused on OS-level security and platform enhancements. He is one of the engineers who founded the Samsung KNOX product and an early adopter of SE for Android. He has made contributions to several open source projects, such as SE for Android, the Android Open Source Project, the Linux Kernel, CyanogenMod, and OpenSC. His recent interests have taken him to Smart Card technologies and the virtualization of smart cards. In his spare time, he works with Dr. Confer on the Miniat project (http://www.miniat.org), a virtual, embedded architecture simulator.
