Exploring SE for Android
暫譯: 探索 Android 的 SE

Discover Security Enhancements (SE) for Android to build your own protected Android-based systems

About This Book

• Learn the fundamental security models and motivations behind Linux, SELinux, and SE for Android.
• Build and enable current security enhancements from the SE for Android project onto a working embedded UDOO board.
• Discover how to leverage SE for Android to secure your own projects in powerful ways using this step by step guide.

Who This Book Is For

This book is intended for developers and engineers with some familiarity of operating system concepts as implemented by Linux. A basic background in C code would be helpful. Their positions range from hobbyists wanting to secure their Android powered creations to OEM engineers building handsets to engineers of emerging areas where Android is seeing growth.

What You Will Learn

• Experiment with Linux and SELinux access controls
• Build custom Android kernels
• Backport SE for Android patches to different Android versions
• Explore binder and property services, what they are, and how and why SELinux integrates them
• Work with Android core internal systems like init and zygote
• Learn how to keep pace with and navigate the details of fast moving open source projects
• Overcome obstacles in policy development through directed experimentation

In Detail

You will start by exploring the nature of the security mechanisms behind Linux and SELinux, and as you complete the chapters, you will integrate and enable SE for Android into a System on Chip (SoC), a process that, prior to this book, has never before been documented in its entirety! Discover Android's unique user space, from its use of the common UID and GID model to promote its security goals to its custom binder IPC mechanism. Explore the interface between the kernel and user space with respect to SELinux and investigate contexts and labels and their application to system objects.

This book will help you develop the necessary skills to evaluate and engineer secured products with the Android platform, whether you are new to world of Security Enhanced Linux (SELinux) or experienced in secure system deployment.