Wednesday, April 24, 2013

Comparison of Android and iOS Security Architectures

Similarities
1.     Data Encryption
2.     Memory Protection
a.      ASLR has been implemented as of iOS 6 and Android 4.1 JellyBean.
b.     DEP, Stack and Heap protection, XN.
3.     Sandboxing
a.      File permissions
b.     Application processes run in separate non-privileged user mode
4.     Secure KeyChain
a.      Android 4.0
Differences

Android
1.     Independent App Code Signing
a.      There is a need to have a independent third party sign applications such as VeriSign.
2.     Open Boot Architecture
3.     Applications request permissions to access:
a.      Address Book
b.     Network
c.      Send SMS messages
iOS
1.     Apple App Code Signing
a.      Apple personally vets and signs third party apps
2.     Secure Boot Chain
3.     Applications do not need permissions to access:
a.      Address Book
b.     Network
c.      Send SMS messages
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)