SlideShare a Scribd company logo

Security models of modern mobile systems

D
Divya Raval

Mobile security is important to protect smartphones, tablets and other devices. The document discusses the security models of Android, iOS and Windows Phone operating systems. Android uses sandboxing and permissions to isolate apps. iOS focuses on device, data, network and app security using techniques like encryption, code signing and sandboxing. Windows Phone offers a robust security model but needs more work. The document provides best practices for users like enabling encryption and updating software. Overall, iOS is considered the most secure out of the box while Android requires more user decisions.

Technology
1 of 43
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
BY DIVYA RAVAL Security Models of Modern Mobile Systems
What is Mobile Security? Mobile security is the protection of smart phones, tablets, laptops and other portable computing devices and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless security.
Need of Mobile Security?  As Smartphones are becoming storage units for personal information through use of various social networking applications, personal organizers and e-mail clients.  So, smartphones are becoming primary target of attackers.  Mobile threats are endangering safety of individuals, companies and if measures are not taken, then the cybercrime can have impact on the security of the whole society.
Smartphone OS Market Share
Nielsen Report Smartphone operating system share
Security Challenges for Mobile Device Users  Insecure Data Storage.  Physical Security.  Mobile browsing.  Multiple User Logging.  Client side injection.  Improper session handling.  Weak Authentication and Brute Force Attack.
Mobile Threats and Vulnerabilities Mobile Threats 1. Physical threats - Bluetooth. - Lost or Stolen Mobile Devices.
2. Application based Threats -Spyware. - Malware. - Vulnerable Application. - Privacy Threats.
3. Network based threats -Denial of Service Attack (DoS). - Network Exploits. - Mobile Network Services. - Wi-Fi Sniffing.
4. Web based threats - Drive by downloads. - Browser Exploits. - Phishing Scams.
Mobile Vulnerabilities • Trojan horse. • Botnet. • Worm. • Rootkit.
ANDROID SECURITY MODEL
Introduction to Android  It is a open source software platform and operating system for mobile devices.  Based on Linux kernel.  Developed by Google and later the Open Handset Alliance.  Allows writing managed code in Java Language.  Android has its own virtual machine i.e DVM(Dalvik Virtual Machine),which is used for executing the android application.  Google purchased the initial developer of the software, android incorporated in 2005.
Android Architecture
Android Security Model
Application Permission  There are four permissions levels and they are as follows:  Normal (not a dangerous one and considered as an application-level permission).  Dangerous (a more risky permission could access, without the asking the user to confirm; a sensitive data or damaging functions).  Signature (a permission can be granted only to other packages that are signed with the same signature).  Signature-or-system (a special type of signature permission that's existing to manipulate with the legacy permissions).
Android Security Mechanism 1. Sandboxing Mechanism. 2. Application Permission Mechanism.
Improvements in the Existing Security Model Practically, there are a number of issues in such a model:- 1)The user must grant all of the required permissions in order to install the application, 2) Once the permissions are granted; there is no method of restricting an application to use the granted permissions, 3) There is no way of restricting access to the resources based on dynamic constraints as the permission model is based on install-time check only, 4) Granted permissions can only be revoked by uninstalling the application.
Proposed Framework for Android Security 1. Kirin:-install-time certification mechanism – that allows the mobile device to enforce a list of predefined security requirements prior to installation process of an application. 2. SCanDroid: Android to perform information flow analysis on applications in order to understand the flow of information from one component to another component.
Android Malware 1. Android.Pjapps / Android.Geinimi (January/February, 2010) 2. AndroidOS.FakePlayer (August, 2010) 3. Android.Root Cager (February, 2011) 4. Android.Bg Serv (March, 2011) 5. Acnetdoor. 6. Kemoge Malware.
Example of Malicious Application Malicious content delivery scenario for Android
Example of Malicious Application(cont’d) Example malicious application of android
 First Version of Android.  The focus of Android beta is testing incorporating usability.  Android beta will generally have many more problems on speed and performance.  First full version of android.  Released on September 23, 2008.  Wi-Fi and Bluetooth support.  Quite slow in operating.  copy and paste feature in the web browser is not present.
 Released on April 30, 2009.  Added auto-rotation option.  Copy and Paste feature added in the web browser.  Increased speed and performance but not upto required level.  Released on September 15, 2009.  Voice search and Search box were added.  Faster OS boot times and fast web browsing experience.  Typing is quite slower.  Released on October 26, 2009.  Bluetooth 2.1 support.  Improved typing speed on virtual keyboard, with smarter dictionary.  no Adobe flash media support.
 Released on May 20, 2010.  Support for Adobe Flash 10.1  Improved Application launcher with better browser  No internet calling.  Released on December 6, 2010.  Updated User Interface with high efficiency and speed  Internet calling  One touch word selection and copy/paste.  New keyboard for faster word input.  More successful version of Android than previous versions.  not supports multi-core processors.  Released on February 22, 2011.  Support for multi-core processors  Ability to encrypt all user data.  This version of android is only available for tablets.
 Released on November 14, 2011.  Virtual button in the UI.  A new typeface family for the UI, Roboto.  Ability to shut down apps that are using data in the background.  Released on June 27, 2012.  Latest version of Android.  Smoother user interface.
 Android Kitkat  Released on April 14,2014  Bug fixes.  Security enhancements.  Android Lollipop  Released on December 2,2014.  Speed improvement.  Battery consumption improvement.  Multiple SIM cards support.  Quick settings shortcuts to join Wi-Fi networks or control Bluetooth devices.
 Android Marshmallow  Fingerprint Authentication support.  Better battery life with "deep sleep".  Permissions dashboard.  Android Pay.  MIDI support.  Google now improvements.
iOS SECURITY MODEL
Introduction to iOS  iOS is the Operating System that run on Apple devices like iPhone, iPod, iPad & Apple TV.  Provides multi tasking.  Only allows to run Apple signed applications.  New features & Bug fixes with every release.  Current version is iOS 9.
iOS Security Model Two different views of iOS security model are presented. The first model stands on four pillars that are mentioned in and are as follows:  Device Security.  Data Security.  Network Security.  Application Security.
 Keychain Services.  CFNetwork.  The Certificate, Key, and Trust Services API.  Randomization Services.
 The second perspective discuss the security as a set of different techniques to ensure the security.  ASLR.  Code Signing.  Sandboxing.  Data Encryption.
iOS Malware  Aurora Feint (July, 2008)  Storm8 (November, 2009)  IPhoneOS.Ikee Worm (November, 2009)  iPhoneOS.Ikee.B (November, 2009)  KeyRaider (August 2015)  XcodeGhost (September 2015)  Youmi Ad SDK (October 2015)
Security Comparison of iOS 8 and iOS 9 1) Stronger passcodes 2) Two factor Authentication
Windows Phone Security Model
Introduction to Windows:  Microsoft’s new Mobile OS -Successor to the Windows Phone.  Based on Windows CE kernel.  Released on November 8,2010.  Supports 25 Languages.  Offers a new User Interface with its “metro” login.
Windows Phone Security Model
Which is safest: Android, iOS or Windows Phone?  iOS is the safest out of the box  Second place goes to Windows Phone: very robust and with excellent backup options, but still needs some work.  Android falls to third place, as it forces you to make more decisions and has a less consistent security landscape, with manufacturers adding their own security customizations.
Mobile security best practices 1. User Authentication. 2. Update Your Mobile OS with Security Patches. 3. Regularly Backup Your Mobile Device. 4. Utilize Encryption. 5. Enable Remote Data Wipe as an Option.
Mobile security best practices(cont’d) 6. Disable Wi-Fi and Bluetooth When Not Needed. 7. Don't Fall for Phishing Schemes. 8. Avoid All Jailbreaks. 9. Add a Mobile Security App. 10. Communicate Your Mobile Security Best Practices.
Conclusion • Modern Operating Systems come with a strong security background but there is nothing more important than the safety of the user’s data. • In these days there are a lot of known vulnerabilities in these operating systems, applications, internet browsers and specific teams and developers working on issues trying to fix known problems. • However, there is the weakest point at this security and that point is always the user of the current device.
Thank You!!

More Related Content

PPT
Mobile application development
Eric Cattoir
 
PPTX
Mobile application development ppt
tirupathinews
 
PPTX
Mobile operating system..
Aashish Uppal
 
PPTX
Day: 1 Introduction to Mobile Application Development (in Android)
Ahsanul Karim
 
PDF
Wireless Networking Security
Anshuman Biswal
 
PPTX
Wireless Networking
ruledbyrobotics2080
 
PPTX
Mobile operating system (os)
AMIT GUPTA
 
PPTX
Data enrichment
FabMinds
 
Mobile application development
Eric Cattoir
 
Mobile application development ppt
tirupathinews
 
Mobile operating system..
Aashish Uppal
 
Day: 1 Introduction to Mobile Application Development (in Android)
Ahsanul Karim
 
Wireless Networking Security
Anshuman Biswal
 
Wireless Networking
ruledbyrobotics2080
 
Mobile operating system (os)
AMIT GUPTA
 
Data enrichment
FabMinds
 

What's hot (20)

PPTX
Introduction To Mobile Computing
Madhuri Badgujar
 
PPTX
Cloud and Virtualization Security
Rubal Sagwal
 
PPTX
Sources of IoT (JNTUK - UNIT 1)
FabMinds
 
PPTX
Introduction To Mobile Application Development
Syed Absar
 
PPTX
J2ME
Kumar Gaurav
 
PPTX
Communication technologies
FabMinds
 
PPTX
Overview of IoT (JNTUK - UNIT 1)
FabMinds
 
PPT
HDLC
Newcovenant Muro
 
PPTX
Impact to it security of incorrect configuration of firewall policies and thi...
usman butt
 
PPTX
Routers.ppt
kirbadh
 
PPTX
The future of mobile computing
Rashid Shahariar
 
PPT
Basics Of Networking (Overview)
ashiesh0007
 
PPTX
Presentation on android
sonyhontok
 
PPT
Email Client Server System
zareena Zareena34
 
PPTX
Wormhole attack
Harsh Kishore Mishra
 
PPTX
Wireless application protocol ppt
OECLIB Odisha Electronics Control Library
 
PDF
FIREWALL
Akash R
 
PPTX
Mobile operating system ppt
Santosh Kumar
 
PPT
Android Architecture
deepakshare
 
PPTX
Wi Fi Security
yousef emami
 
Introduction To Mobile Computing
Madhuri Badgujar
 
Cloud and Virtualization Security
Rubal Sagwal
 
Sources of IoT (JNTUK - UNIT 1)
FabMinds
 
Introduction To Mobile Application Development
Syed Absar
 
J2ME
Kumar Gaurav
 
Communication technologies
FabMinds
 
Overview of IoT (JNTUK - UNIT 1)
FabMinds
 
HDLC
Newcovenant Muro
 
Impact to it security of incorrect configuration of firewall policies and thi...
usman butt
 
Routers.ppt
kirbadh
 
The future of mobile computing
Rashid Shahariar
 
Basics Of Networking (Overview)
ashiesh0007
 
Presentation on android
sonyhontok
 
Email Client Server System
zareena Zareena34
 
Wormhole attack
Harsh Kishore Mishra
 
Wireless application protocol ppt
OECLIB Odisha Electronics Control Library
 
FIREWALL
Akash R
 
Mobile operating system ppt
Santosh Kumar
 
Android Architecture
deepakshare
 
Wi Fi Security
yousef emami
 
Ad

Viewers also liked (20)

PDF
Inside NetQin Mobile Inc. (NYSE: NQ) - By iChinaStock
iChinaStock
 
PPT
Personal Data Privacy and Information Security
Charles Mok
 
PDF
andrew milroy - top security trends and takeaways for 2013
Graeme Wood
 
PPTX
The effects of Social Networking upon society
Bishrul Haq
 
PPTX
Teaching methods
cami20003
 
PPT
Android Security
Suminda Gunawardhana
 
PPTX
Lo teaching techniques
olympia
 
PPT
Implementing Effective Online Teaching And Learning
gellynn
 
PPTX
Modern approach in teaching
Arlene Chu
 
PPTX
Online teaching techniques
Juliana Antunes
 
DOCX
1 system security
Arjun Trivedi
 
PDF
It strategie-security-first
Ralph Belfiore
 
PDF
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
PPTX
Rbac
أحلام انصارى
 
ODP
Introduction to Selinux
Atul Jha
 
PDF
Rahmenbedingungen mobile security
Peter Teufl
 
PPTX
Impact Of IT on Society.
Monica Khatri
 
ZIP
Tradition vs. Innovation
montagues
 
PDF
Bootkits: past, present & future
Alex Matrosov
 
PPT
Security models
LJ PROJECTS
 
Inside NetQin Mobile Inc. (NYSE: NQ) - By iChinaStock
iChinaStock
 
Personal Data Privacy and Information Security
Charles Mok
 
andrew milroy - top security trends and takeaways for 2013
Graeme Wood
 
The effects of Social Networking upon society
Bishrul Haq
 
Teaching methods
cami20003
 
Android Security
Suminda Gunawardhana
 
Lo teaching techniques
olympia
 
Implementing Effective Online Teaching And Learning
gellynn
 
Modern approach in teaching
Arlene Chu
 
Online teaching techniques
Juliana Antunes
 
1 system security
Arjun Trivedi
 
It strategie-security-first
Ralph Belfiore
 
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
Rbac
أحلام انصارى
 
Introduction to Selinux
Atul Jha
 
Rahmenbedingungen mobile security
Peter Teufl
 
Impact Of IT on Society.
Monica Khatri
 
Tradition vs. Innovation
montagues
 
Bootkits: past, present & future
Alex Matrosov
 
Security models
LJ PROJECTS
 
Ad

Similar to Security models of modern mobile systems (20)

PDF
Penetration Testing for Android Smartphones
IOSR Journals
 
PDF
Android open-source operating System for mobile devices
IOSR Journals
 
DOCX
Write a scholarly review on the following topic. This assignment i
lorindajamieson
 
PDF
Implementing security on android application
IAEME Publication
 
DOC
Android
9994426949
 
PPTX
Mobile Application Development Handout by Tariku
TARIKU ENDALE
 
PPTX
Android and its applications
Soba Arjun
 
PPTX
Android security
Midhun P Gopi
 
PDF
Android report
blogger at indiandswad
 
PPTX
Android os ark 2 (2) copy
AnandRk4
 
PDF
Mobile Application Development with Android
IJAAS Team
 
PPTX
Introduction to Android
dipali badgujar
 
PPTX
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
Vince Verbeke
 
PDF
A017360104
IOSR Journals
 
PDF
Comparative Study on Intrusion Detection Systems for Smartphones
iosrjce
 
DOCX
Mobile testing
Raghavendra V
 
PDF
Mobile Security for Smartphones and Tablets
Vince Verbeke
 
PDF
Android Vs Iphone
Lucy Nader
 
PDF
OS-Project-Report-Team-8
shriram suryanarayanan
 
PPTX
Android vs iOS security
Sumanth Veera
 
Penetration Testing for Android Smartphones
IOSR Journals
 
Android open-source operating System for mobile devices
IOSR Journals
 
Write a scholarly review on the following topic. This assignment i
lorindajamieson
 
Implementing security on android application
IAEME Publication
 
Android
9994426949
 
Mobile Application Development Handout by Tariku
TARIKU ENDALE
 
Android and its applications
Soba Arjun
 
Android security
Midhun P Gopi
 
Android report
blogger at indiandswad
 
Android os ark 2 (2) copy
AnandRk4
 
Mobile Application Development with Android
IJAAS Team
 
Introduction to Android
dipali badgujar
 
NETC 2012_Mobile Security for Smartphones and Tablets (pptx)
Vince Verbeke
 
A017360104
IOSR Journals
 
Comparative Study on Intrusion Detection Systems for Smartphones
iosrjce
 
Mobile testing
Raghavendra V
 
Mobile Security for Smartphones and Tablets
Vince Verbeke
 
Android Vs Iphone
Lucy Nader
 
OS-Project-Report-Team-8
shriram suryanarayanan
 
Android vs iOS security
Sumanth Veera
 

Recently uploaded (20)

PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
KodekX | Application Modernization Development
KodekX
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 

Security models of modern mobile systems

  • 1. BY DIVYA RAVAL Security Models of Modern Mobile Systems
  • 2. What is Mobile Security? Mobile security is the protection of smart phones, tablets, laptops and other portable computing devices and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless security.
  • 3. Need of Mobile Security?  As Smartphones are becoming storage units for personal information through use of various social networking applications, personal organizers and e-mail clients.  So, smartphones are becoming primary target of attackers.  Mobile threats are endangering safety of individuals, companies and if measures are not taken, then the cybercrime can have impact on the security of the whole society.
  • 5. Nielsen Report Smartphone operating system share
  • 6. Security Challenges for Mobile Device Users  Insecure Data Storage.  Physical Security.  Mobile browsing.  Multiple User Logging.  Client side injection.  Improper session handling.  Weak Authentication and Brute Force Attack.
  • 7. Mobile Threats and Vulnerabilities Mobile Threats 1. Physical threats - Bluetooth. - Lost or Stolen Mobile Devices.
  • 8. 2. Application based Threats -Spyware. - Malware. - Vulnerable Application. - Privacy Threats.
  • 9. 3. Network based threats -Denial of Service Attack (DoS). - Network Exploits. - Mobile Network Services. - Wi-Fi Sniffing.
  • 10. 4. Web based threats - Drive by downloads. - Browser Exploits. - Phishing Scams.
  • 11. Mobile Vulnerabilities • Trojan horse. • Botnet. • Worm. • Rootkit.
  • 13. Introduction to Android  It is a open source software platform and operating system for mobile devices.  Based on Linux kernel.  Developed by Google and later the Open Handset Alliance.  Allows writing managed code in Java Language.  Android has its own virtual machine i.e DVM(Dalvik Virtual Machine),which is used for executing the android application.  Google purchased the initial developer of the software, android incorporated in 2005.
  • 16. Application Permission  There are four permissions levels and they are as follows:  Normal (not a dangerous one and considered as an application-level permission).  Dangerous (a more risky permission could access, without the asking the user to confirm; a sensitive data or damaging functions).  Signature (a permission can be granted only to other packages that are signed with the same signature).  Signature-or-system (a special type of signature permission that's existing to manipulate with the legacy permissions).
  • 17. Android Security Mechanism 1. Sandboxing Mechanism. 2. Application Permission Mechanism.
  • 18. Improvements in the Existing Security Model Practically, there are a number of issues in such a model:- 1)The user must grant all of the required permissions in order to install the application, 2) Once the permissions are granted; there is no method of restricting an application to use the granted permissions, 3) There is no way of restricting access to the resources based on dynamic constraints as the permission model is based on install-time check only, 4) Granted permissions can only be revoked by uninstalling the application.
  • 19. Proposed Framework for Android Security 1. Kirin:-install-time certification mechanism – that allows the mobile device to enforce a list of predefined security requirements prior to installation process of an application. 2. SCanDroid: Android to perform information flow analysis on applications in order to understand the flow of information from one component to another component.
  • 20. Android Malware 1. Android.Pjapps / Android.Geinimi (January/February, 2010) 2. AndroidOS.FakePlayer (August, 2010) 3. Android.Root Cager (February, 2011) 4. Android.Bg Serv (March, 2011) 5. Acnetdoor. 6. Kemoge Malware.
  • 21. Example of Malicious Application Malicious content delivery scenario for Android
  • 22. Example of Malicious Application(cont’d) Example malicious application of android
  • 23.  First Version of Android.  The focus of Android beta is testing incorporating usability.  Android beta will generally have many more problems on speed and performance.  First full version of android.  Released on September 23, 2008.  Wi-Fi and Bluetooth support.  Quite slow in operating.  copy and paste feature in the web browser is not present.
  • 24.  Released on April 30, 2009.  Added auto-rotation option.  Copy and Paste feature added in the web browser.  Increased speed and performance but not upto required level.  Released on September 15, 2009.  Voice search and Search box were added.  Faster OS boot times and fast web browsing experience.  Typing is quite slower.  Released on October 26, 2009.  Bluetooth 2.1 support.  Improved typing speed on virtual keyboard, with smarter dictionary.  no Adobe flash media support.
  • 25.  Released on May 20, 2010.  Support for Adobe Flash 10.1  Improved Application launcher with better browser  No internet calling.  Released on December 6, 2010.  Updated User Interface with high efficiency and speed  Internet calling  One touch word selection and copy/paste.  New keyboard for faster word input.  More successful version of Android than previous versions.  not supports multi-core processors.  Released on February 22, 2011.  Support for multi-core processors  Ability to encrypt all user data.  This version of android is only available for tablets.
  • 26.  Released on November 14, 2011.  Virtual button in the UI.  A new typeface family for the UI, Roboto.  Ability to shut down apps that are using data in the background.  Released on June 27, 2012.  Latest version of Android.  Smoother user interface.
  • 27.  Android Kitkat  Released on April 14,2014  Bug fixes.  Security enhancements.  Android Lollipop  Released on December 2,2014.  Speed improvement.  Battery consumption improvement.  Multiple SIM cards support.  Quick settings shortcuts to join Wi-Fi networks or control Bluetooth devices.
  • 28.  Android Marshmallow  Fingerprint Authentication support.  Better battery life with "deep sleep".  Permissions dashboard.  Android Pay.  MIDI support.  Google now improvements.
  • 30. Introduction to iOS  iOS is the Operating System that run on Apple devices like iPhone, iPod, iPad & Apple TV.  Provides multi tasking.  Only allows to run Apple signed applications.  New features & Bug fixes with every release.  Current version is iOS 9.
  • 31. iOS Security Model Two different views of iOS security model are presented. The first model stands on four pillars that are mentioned in and are as follows:  Device Security.  Data Security.  Network Security.  Application Security.
  • 32.  Keychain Services.  CFNetwork.  The Certificate, Key, and Trust Services API.  Randomization Services.
  • 33.  The second perspective discuss the security as a set of different techniques to ensure the security.  ASLR.  Code Signing.  Sandboxing.  Data Encryption.
  • 34. iOS Malware  Aurora Feint (July, 2008)  Storm8 (November, 2009)  IPhoneOS.Ikee Worm (November, 2009)  iPhoneOS.Ikee.B (November, 2009)  KeyRaider (August 2015)  XcodeGhost (September 2015)  Youmi Ad SDK (October 2015)
  • 35. Security Comparison of iOS 8 and iOS 9 1) Stronger passcodes 2) Two factor Authentication
  • 37. Introduction to Windows:  Microsoft’s new Mobile OS -Successor to the Windows Phone.  Based on Windows CE kernel.  Released on November 8,2010.  Supports 25 Languages.  Offers a new User Interface with its “metro” login.
  • 39. Which is safest: Android, iOS or Windows Phone?  iOS is the safest out of the box  Second place goes to Windows Phone: very robust and with excellent backup options, but still needs some work.  Android falls to third place, as it forces you to make more decisions and has a less consistent security landscape, with manufacturers adding their own security customizations.
  • 40. Mobile security best practices 1. User Authentication. 2. Update Your Mobile OS with Security Patches. 3. Regularly Backup Your Mobile Device. 4. Utilize Encryption. 5. Enable Remote Data Wipe as an Option.
  • 41. Mobile security best practices(cont’d) 6. Disable Wi-Fi and Bluetooth When Not Needed. 7. Don't Fall for Phishing Schemes. 8. Avoid All Jailbreaks. 9. Add a Mobile Security App. 10. Communicate Your Mobile Security Best Practices.
  • 42. Conclusion • Modern Operating Systems come with a strong security background but there is nothing more important than the safety of the user’s data. • In these days there are a lot of known vulnerabilities in these operating systems, applications, internet browsers and specific teams and developers working on issues trying to fix known problems. • However, there is the weakest point at this security and that point is always the user of the current device.