1 00:00:01,070 --> 00:00:07,310 In this lecture, we will talk about Android security structure and explaining Android security structure 2 00:00:07,310 --> 00:00:08,260 is a bit longer. 3 00:00:08,510 --> 00:00:12,250 So I have divided this ledger into three parts and this is part one. 4 00:00:12,260 --> 00:00:13,100 So let's start. 5 00:00:13,280 --> 00:00:19,250 Google actually input security features and work with developers and device implementers to keep the 6 00:00:19,250 --> 00:00:22,650 Android platform and the ecosystem in a safe environment. 7 00:00:22,850 --> 00:00:29,270 And again, it's not so much only about the actual Android platforms or your mobile device or your tablet 8 00:00:29,270 --> 00:00:31,250 or your refrigerator or whatever. 9 00:00:31,250 --> 00:00:33,230 The case is actually running Android. 10 00:00:33,410 --> 00:00:36,410 But also as far as actually ecosystem. 11 00:00:36,410 --> 00:00:36,770 Right. 12 00:00:36,920 --> 00:00:41,670 How you are connecting to the app stores, how you interact with apps and so on. 13 00:00:42,080 --> 00:00:47,800 Now, the beauty is that Android is designed to be open and one of the challenges is that it has a little 14 00:00:47,810 --> 00:00:52,190 less control when compared to the other alternatives like Apple US. 15 00:00:52,340 --> 00:00:58,580 Now, Google tries to maintain the Android platform to offer an application environment to help protect 16 00:00:58,580 --> 00:01:05,600 the confidentiality, integrity and availability of users and also of the data and the applications 17 00:01:05,600 --> 00:01:09,650 and the actual device itself and of course, the ecosystem as well. 18 00:01:09,890 --> 00:01:15,050 Now, both Apple and Google have dedicated a lot of resources to make their mobile operating systems 19 00:01:15,050 --> 00:01:15,990 fairly secure. 20 00:01:16,040 --> 00:01:22,730 Some of the main challenges in security is whenever users through their device, rather, or jailbreaking 21 00:01:22,730 --> 00:01:27,960 the devices and leaving them open to either malware or compromised applications. 22 00:01:27,990 --> 00:01:33,360 OK, now the main Android platform building blocks are, of course, the device hardware. 23 00:01:33,360 --> 00:01:33,740 Right. 24 00:01:33,770 --> 00:01:35,720 That runs on the terms of hardware. 25 00:01:35,960 --> 00:01:42,740 So that includes your smartphone, your tablet, your smartwatches, cars, smart device, gaming systems, 26 00:01:42,740 --> 00:01:43,430 etc.. 27 00:01:43,580 --> 00:01:46,190 A lot of things actually run Android nowadays. 28 00:01:46,460 --> 00:01:50,480 Now, the other beauty is that Android is process or agnostic. 29 00:01:50,480 --> 00:01:50,810 Right. 30 00:01:50,960 --> 00:01:56,600 But it does take advantage of some of the hardware specific security capabilities, especially in the 31 00:01:56,960 --> 00:01:57,780 architecture. 32 00:01:58,160 --> 00:02:05,420 OK, and there's actually a security capability called execute never right there prevents the remote 33 00:02:05,420 --> 00:02:12,890 execution or arbitrary execution of any type of buffer overflow perhaps that actually can be exploited 34 00:02:12,890 --> 00:02:13,740 in the system. 35 00:02:13,880 --> 00:02:19,400 OK, now the Android operating system is the core operating system and it's actually built on top of 36 00:02:19,400 --> 00:02:20,300 the Linux kernel. 37 00:02:20,480 --> 00:02:28,010 So it's all based on Linux, all the device resources like the camera, Wi-Fi, Bluetooth, GPS telephony 38 00:02:28,010 --> 00:02:33,560 functions, the network connectivity, etc. are accessed via the operating system itself. 39 00:02:33,740 --> 00:02:37,590 OK, now you also have the Android application runtime. 40 00:02:37,940 --> 00:02:43,340 Android applications are actually most often written in Java programming language and they actually 41 00:02:43,340 --> 00:02:45,020 run in the Android run thing. 42 00:02:45,230 --> 00:02:45,620 Right. 43 00:02:45,860 --> 00:02:52,130 And there for this as the A.R.T., however, many applications, including the core Android services 44 00:02:52,130 --> 00:02:57,410 and other applications, are actually native applications or include native libraries within the operating 45 00:02:57,410 --> 00:02:58,440 system itself. 46 00:02:58,730 --> 00:03:04,280 Now the Android applications extend the code Android operating system, and there are two primary sources 47 00:03:04,280 --> 00:03:05,720 for these applications. 48 00:03:05,810 --> 00:03:10,480 OK, so the first is preinstalled applications that come with your device. 49 00:03:10,490 --> 00:03:16,550 And second is the user to install applications via the Google Play or any other stores that can be accessed, 50 00:03:16,700 --> 00:03:18,310 mostly if you use the device. 51 00:03:18,560 --> 00:03:22,160 And that leads to the problem with security, as I mentioned before.