Android’s operating system is extremely safe and really
hard for malicious users to get into other peoples phones and corrupt them
without the user granting them permission but this wasn’t always the case. As
the Linux kernel can be accessed directly this means developers have to use
advanced software and hardware to ensure integrity of applications, data and
the network is kept also confidentiality.

Android has improved their
security features greatly, with Nougat v7 being released this was a big jump.
It included

Main security features
incorporated by Android to protect the phone or tablet is the Google Play app
this where users download majority their applications from. Google play now has
a license verification and Google Play Protect which scans apps when you
download them from the app store. Android also have an app and a website to
locate if a device is stolen/lost. It also has a feature that when you download
from a website for example and the device can’t verify the application
certificate it has a pop up that users have to untick to allow installation
from an unknown source. Also the device if enabled can go through periodic
scans that will inform a user of potentially harmful apps. This is shown in the

Androids basic security features
presented is a pin, password and pattern or in some of the newer devices can be
unlocked via the users face.

One service that Android phones offer is device encryption.
This involves scrabbling the data on the device and only when the device is
presented with the correct key could you access the data for example a password
or pin. If a user doesn’t enter the correct pass after a certain amount of
tries users are sometimes able to set an erase all option. Android uses
dm-crypt to encrypt the data. This encrypts data all the way down to the root
file system thus working at the kernel level and has a 128 bit algorithm. It
allows the whole disk to be encrypted. However once this encryption key is set
there is no option to change it without a hard reset of the device and losing
all of the data. Newer Android versions have incorporated fast encryption
meaning you are prompted to enter your key in at start up, this leads to a
slightly long time to get the device started.

On the application level
Android has introduced sandbox security and permission. Sandbox is an old
concept and originated from the UNIX operating system which would split file
permissions from processes.  This means
once the application is up and running unless granted permission by the user
the application stays in its parameters and run on a virtual machine. This
ensures one app doesn’t have access to another app. It sort of works like a
sand toy i.e. once sand is in the toy unless the child allows the sand to come
out the sand will never leave the sand boxes walls. This is seen when users
first download their app from the Play Store or once downloaded the go to the
applications settings and can edit it from there. For example simple
applications like a photo editing application shouldn’t be accessing your phone
but however it may need to access your storage such as photos or videos, it may
also ask for permission to access your camera. With Android there isn’t a
specific way an app has to enforce its security. Due to the apps being
“sandboxed” at OS memory corruption doesn’t occur, this also means the native
code at the Linux kernel is just as secure as the code operating on the
“virtual machine”. This “Sandbox” feature also stops memory corruption error occurring
in all applications for example if one app fails it won’t affect the other processes.

Authentication is being able to identify the user or users
and allowing them access to the system. Android uses “user-authentication-gated
cryptographic keys”. On initial start-up authenticator tokens are available to
receive information from the user. Users on Android must use a pin/pattern or
password. This then generates a 64bit User SID. This works as the “key to the
lock”. This 64Bit code is paired with the users’ password/pin or pattern. When
users want to change this they must provide the original password thus giving
the original 64bit user SID. If they don’t provide the exact key all the
information hidden by the key is lost and this is what is known as an “untrusted enrol”.

When a user enters his or her
credentials to access the device it sends the data over to the “gatekeeperd” it
looks through its authtoken and looks for the user SID and sends this data onto
the keystore service. It sends on these tokens onto the keymaster and verifies
this with the data already provided. This is how you are able to record your
authentication details and recall them when you want to access your device.

Android has another security feature called verified boot.
This was made available from Android version 4.4+. This does it through the
kernel command “dm-verify”. This is so if users root their phone and the
software is harmful manufacturers i.e. Samsung or HTC would have a key embedded
on the device and can’t be altered once it’s shipped. This will stop software
compromising occurring. Another feature of dm-verify is that it ensures the
device is in the condition when it was used. dm-verify uses SHA256 hash. SHA
256 is a secure hash algorithm. It is effectively a stamp for data and uses
32byte hash (256 bit) thus where the 256 comes from. Hash is a one way
operation and can’t be decrypted. This would tighten the security on the phone
because software’s of user’s choice won’t be allowed on the phone for example
you wouldn’t be able to load IOS on a Google device as the hash codes would
match. This also means if users were able to implement a version of Linux i.e.
Ubuntu that runs on your desktop on the device it would reject this as the
manufacturer hasn’t allowed this Only a top level root hash code could allow
access of the other codes as the figure shows.

As Android OS is just like
having a miniature PC in your hand the same way you could boot in safe mode the
same could be done for Android. Just like your desktop PC would be set to read
only so would your device. This would mean if an app is misbehaving or causing
harm to your device once booted in safe mood you can deal with app without it
giving you issues that may stop you opening apps or using the phones features.