Security Framework ASM is expected to clean Android security chaos
As we all know, due to the proliferation of malware and operating system fragmentation, Android not only poses a serious threat to personal privacy and information security, but also makes it a headache for enterprise security management personnel to implement BYOD, however, the new Android security framework is expected to reverse this situation.
As we all know, due to the proliferation of malware and operating system fragmentation, Android not only poses a serious threat to personal privacy and information security, but also makes it a headache for enterprise security management personnel to implement BYOD, however, the new Android security framework is expected to reverse this situation.
Security experts in the United States and Germany have recently proposed a new Android Security framework, ASM (Android Security Modules), to facilitate enterprises or individuals to install new Security extensions for specific purposes. The new Android security framework is expected to help enterprises implement BYOD management for Android devices more easily.
ASM developers described the technical framework in detail in a technical whitepaper and plan to announce the technology at the USENIX security seminar in San Diego this Friday. ASM (http://www.androidsecuritymodules.org/) can now be installed in the root Android phone, but the researchers expect Google or a large Android phone factory to be able to implant the framework into the Android official system.
William Enck, one of ASM's authors and senior security expert, pointed out in a statement that many researchers have developed many Android security extensions, but these new extensions require users to refresh their mobile phone firmware or operating systems, it is difficult to popularize. The ASM framework allows users to install new security extension modules without changing the firmware.
The working principle of ASM is roughly as follows: whenever an APP tries to perform security-risky operations, it must obtain the permission of the ASM component installed by the user or enterprise on the mobile phone. For example, an enterprise can install a module (similar to Samsung's Knox system) to isolate personal data from corporate data on employee mobile phones ), when apps like WhatsApp ask for user contact information (a large number of Android apps with unknown names currently have such features ), you can set a filter rule to do not provide contact information marked as "business" groups, or even provide an empty contact list. For apps that are greedy for mobile phone permissions, this may be a fundamental solution for the Android system.
Although the contact filtering and mobile permission management functions of the Android system are not new things, the innovation of ASM is that it can be used as a public platform to develop and install all security extension modules, it is not only limited to contacts and application permissions. ASM can improve the security of almost all security-related operations in the Android system.
For example, the Kirin security module developed by ASM can implement application permission management, while aquifer provides a policy framework for information workflows between applications.
Enck, one of the authors of ASM, said that the ASM framework has been submitted to Google and several major mobile phone manufacturers. The best result is that it can be integrated into the Android open-source project (AOSP, this means that both the native Android system and the Android derivative operating system will deploy the ASM module.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
