1 page.title=Security overview 2 @jd:body 3 <!-- 4 Copyright 2014 The Android Open Source Project 5 6 Licensed under the Apache License, Version 2.0 (the "License"); 7 you may not use this file except in compliance with the License. 8 You may obtain a copy of the License at 9 10 http://www.apache.org/licenses/LICENSE-2.0 11 12 Unless required by applicable law or agreed to in writing, software 13 distributed under the License is distributed on an "AS IS" BASIS, 14 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 See the License for the specific language governing permissions and 16 limitations under the License. 17 --> 18 <div id="qv-wrapper"> 19 <div id="qv"> 20 <h2>In this document</h2> 21 <ol id="auto-toc"></ol> 22 </div> 23 </div> 24 25 <h2 id="android-security-program-overview">Security Program Overview</h2> 26 <p>Early on in development, the core Android development team recognized that a 27 robust security model was required to enable a vigorous ecosystem of 28 applications and devices built on and around the Android platform and supported 29 by cloud services. As a result, through its entire development lifecycle, 30 Android has been subjected to a professional security program. The Android team 31 has had the opportunity to observe how other mobile, desktop, and server platforms 32 prevented and reacted to security issues and built a security 33 program to address weak points observed in other offerings.</p> 34 <p>The key components of the Android Security Program include:</p> 35 <ul> 36 <li><strong>Design Review</strong>: The Android security process begins early in the 37 development lifecycle with the creation of a rich and configurable security 38 model and design. Each major feature of the platform is reviewed by engineering 39 and security resources, with appropriate security controls integrated into the 40 architecture of the system.</li> 41 <li><strong>Penetration Testing and Code Review</strong>: During the development of the 42 platform, Android-created and open source components are subject to vigorous 43 security reviews. These reviews are performed by the Android Security Team, 44 Googles Information Security Engineering team, and independent security 45 consultants. The goal of these reviews is to identify weaknesses and possible 46 vulnerabilities well before the platform is open sourced, and to simulate the 47 types of analysis that will be performed by external security experts upon 48 release.</li> 49 <li><strong>Open Source and Community Review</strong>: The Android Open Source Project enables 50 broad security review by any interested party. Android also uses open source 51 technologies that have undergone significant external security review, 52 such as the Linux kernel. Google Play provides a forum for users and companies 53 to provide information about specific applications directly to users.</li> 54 <li><strong>Incident Response</strong>: Even with all of these precautions, security issues 55 may occur after shipping, which is why the Android project has created a 56 comprehensive security response process. A full-time Android security team 57 constantly monitors Android-specific and the general security community for 58 discussion of potential vulnerabilities. Upon the discovery of legitimate 59 issues, the Android team has a response process that enables the rapid 60 mitigation of vulnerabilities to ensure that potential risk to all Android 61 users is minimized. These cloud-supported responses can include updating the 62 Android platform (over-the-air updates), removing applications from Google 63 Play, and removing applications from devices in the field.</li> 64 </ul> 65 <h2 id="android-platform-security-architecture">Platform Security Architecture</h2> 66 <p>Android seeks to be the most secure and usable operating system for mobile 67 platforms by re-purposing traditional operating system security controls to:</p> 68 <ul> 69 <li>Protect user data</li> 70 <li>Protect system resources (including the network)</li> 71 <li>Provide application isolation</li> 72 </ul> 73 <p>To achieve these objectives, Android provides these key security features:</p> 74 <ul> 75 <li>Robust security at the OS level through the Linux kernel</li> 76 <li>Mandatory application sandbox for all applications</li> 77 <li>Secure interprocess communication</li> 78 <li>Application signing</li> 79 <li>Application-defined and user-granted permissions</li> 80 </ul> 81
