1
00:00:01,070 --> 00:00:07,310
In this lecture, we will talk about Android security structure and explaining Android security structure

2
00:00:07,310 --> 00:00:08,260
is a bit longer.

3
00:00:08,510 --> 00:00:12,250
So I have divided this ledger into three parts and this is part one.

4
00:00:12,260 --> 00:00:13,100
So let's start.

5
00:00:13,280 --> 00:00:19,250
Google actually input security features and work with developers and device implementers to keep the

6
00:00:19,250 --> 00:00:22,650
Android platform and the ecosystem in a safe environment.

7
00:00:22,850 --> 00:00:29,270
And again, it's not so much only about the actual Android platforms or your mobile device or your tablet

8
00:00:29,270 --> 00:00:31,250
or your refrigerator or whatever.

9
00:00:31,250 --> 00:00:33,230
The case is actually running Android.

10
00:00:33,410 --> 00:00:36,410
But also as far as actually ecosystem.

11
00:00:36,410 --> 00:00:36,770
Right.

12
00:00:36,920 --> 00:00:41,670
How you are connecting to the app stores, how you interact with apps and so on.

13
00:00:42,080 --> 00:00:47,800
Now, the beauty is that Android is designed to be open and one of the challenges is that it has a little

14
00:00:47,810 --> 00:00:52,190
less control when compared to the other alternatives like Apple US.

15
00:00:52,340 --> 00:00:58,580
Now, Google tries to maintain the Android platform to offer an application environment to help protect

16
00:00:58,580 --> 00:01:05,600
the confidentiality, integrity and availability of users and also of the data and the applications

17
00:01:05,600 --> 00:01:09,650
and the actual device itself and of course, the ecosystem as well.

18
00:01:09,890 --> 00:01:15,050
Now, both Apple and Google have dedicated a lot of resources to make their mobile operating systems

19
00:01:15,050 --> 00:01:15,990
fairly secure.

20
00:01:16,040 --> 00:01:22,730
Some of the main challenges in security is whenever users through their device, rather, or jailbreaking

21
00:01:22,730 --> 00:01:27,960
the devices and leaving them open to either malware or compromised applications.

22
00:01:27,990 --> 00:01:33,360
OK, now the main Android platform building blocks are, of course, the device hardware.

23
00:01:33,360 --> 00:01:33,740
Right.

24
00:01:33,770 --> 00:01:35,720
That runs on the terms of hardware.

25
00:01:35,960 --> 00:01:42,740
So that includes your smartphone, your tablet, your smartwatches, cars, smart device, gaming systems,

26
00:01:42,740 --> 00:01:43,430
etc..

27
00:01:43,580 --> 00:01:46,190
A lot of things actually run Android nowadays.

28
00:01:46,460 --> 00:01:50,480
Now, the other beauty is that Android is process or agnostic.

29
00:01:50,480 --> 00:01:50,810
Right.

30
00:01:50,960 --> 00:01:56,600
But it does take advantage of some of the hardware specific security capabilities, especially in the

31
00:01:56,960 --> 00:01:57,780
architecture.

32
00:01:58,160 --> 00:02:05,420
OK, and there's actually a security capability called execute never right there prevents the remote

33
00:02:05,420 --> 00:02:12,890
execution or arbitrary execution of any type of buffer overflow perhaps that actually can be exploited

34
00:02:12,890 --> 00:02:13,740
in the system.

35
00:02:13,880 --> 00:02:19,400
OK, now the Android operating system is the core operating system and it's actually built on top of

36
00:02:19,400 --> 00:02:20,300
the Linux kernel.

37
00:02:20,480 --> 00:02:28,010
So it's all based on Linux, all the device resources like the camera, Wi-Fi, Bluetooth, GPS telephony

38
00:02:28,010 --> 00:02:33,560
functions, the network connectivity, etc. are accessed via the operating system itself.

39
00:02:33,740 --> 00:02:37,590
OK, now you also have the Android application runtime.

40
00:02:37,940 --> 00:02:43,340
Android applications are actually most often written in Java programming language and they actually

41
00:02:43,340 --> 00:02:45,020
run in the Android run thing.

42
00:02:45,230 --> 00:02:45,620
Right.

43
00:02:45,860 --> 00:02:52,130
And there for this as the A.R.T., however, many applications, including the core Android services

44
00:02:52,130 --> 00:02:57,410
and other applications, are actually native applications or include native libraries within the operating

45
00:02:57,410 --> 00:02:58,440
system itself.

46
00:02:58,730 --> 00:03:04,280
Now the Android applications extend the code Android operating system, and there are two primary sources

47
00:03:04,280 --> 00:03:05,720
for these applications.

48
00:03:05,810 --> 00:03:10,480
OK, so the first is preinstalled applications that come with your device.

49
00:03:10,490 --> 00:03:16,550
And second is the user to install applications via the Google Play or any other stores that can be accessed,

50
00:03:16,700 --> 00:03:18,310
mostly if you use the device.

51
00:03:18,560 --> 00:03:22,160
And that leads to the problem with security, as I mentioned before.