The Myths of and Solutions for Android OS Controlled and Secure Environment

Imants Gorbāns, Ivans Kulesovs, Uldis Straujums, Jānis Buls
2015 Environment Technology Resources Proceedings of the International Scientific and Practical Conference  
<p class="R-AbstractKeywords"><span lang="EN-US">Android is the most popular mobile operating system nowadays both for smartphones and tablets. This fact creates many not fully recognized risks. Often even advanced users naive think that using antivirus software, firewall, encryption, updates, as well as avoiding potentially risky sites and applications are enough for security. This list is not full, but nevertheless each its item in most cases only conceals an illusion of reaching the
more » ... aching the security. Authors have summarized and pointed out several actual Android security issues and have proposed a number of possible solutions.</span></p><p class="R-AbstractKeywords"><span lang="EN-US">The practical experience as well as direct testing show that part of Android applications may contain a malware. The harmful characteristics of an application often become visible only after some runs, or after an update, or after a harmful web content is downloaded and shown by the application. It is observed that applications often try to get an unauthorized or inattentively authorized access to user data and send it outside the device. </span></p><p class="R-AbstractKeywords"><span lang="EN-US">The situation with Android applications gets more and more out of the control. The authors propose a solution to overcome the security issues, while respecting the latest Google solutions. Target group of the proposal are users that use smartphone or tablet both for private and corporate needs, i.e. Bring Your Own Device (BYOD) case.</span></p><p class="R-AbstractKeywords"><span lang="EN-US">The authors point out and compare four possible Android technical administration solutions based on the unified model for BYOD case. The authors also propose the changes to Android architecture to enhance its security. It is proposed to look at the mobile operating system as a web server. Such principle allows implementing in Android a number of security principles taken from the web servers solutions.</span></p>
doi:10.17770/etr2015vol3.184 fatcat:uw4lh6b7o5bqfj3zsexsys47gu