Android Security Model

• Android applies two security layers

  1. Linux Security Models (DAC - Discretionary Access Control)

  2. SELinux Security Model (MAC - Mandatory Access Control)

📌Linux Security Models (DAC)

DAC is a security model in which each system object (files, processes, etc.) has an owner who decides who is granted access to the object. In the context of Android, this model is implemented in the Linux kernel, forming the foundation of Android's security.

📌SELinux Security Model (MAC)

MAC is a security model where access permissions are set by a central authority, typically the operating system or a security policy. SELinux (Security-Enhanced Linux) is an implementation of MAC on the Linux kernel, providing an additional layer of security on top of DAC.

• Principle: Default Denied:

  • It is based on the principle of Default denied.

  • This means everything is denied, and this model chooses what is accepted

• SELinux States:

  • Enforce: Enforcing SELinux policies, denying any actions that violate the set policies.

    • logsاللي مش مسموحة و بيسجلها في ال actions بيمنع ال

  • Permissive: Logging violations but not enforcing them, allowing for policy testing without blocking actions.

    • logs مش مسموحة بس بيسجلها في ال actions بيسمح ب

  • Disabled: SELinux is turned off, and no security policies are applied.

📍Security application permissions categories

• Every permission has a protection level, which is a combination of one required protection and multiple optional protection flags.

• Permission protection level

  • normal Permissions: The permission will be granted to apps requesting it in their manifest.

    • ex: (vibrate - ACCESS_NETWORK_STATE)

  • dangerous Permissions: The permission will be a runtime permission.

    • ex: (gallery - contacts - camera...)

  • signature Permissions: The permission will be granted to apps being signed with the same certificate as the app defining the permission.

  • signatureOrsystem (deprecated in API 23)

---