Recommended
More Related Content
Similar to 最先端の利用シーンからみるセキュリティリスク
Similar to 最先端の利用シーンからみるセキュリティリスク (20)
More from Akira Sasaki
More from Akira Sasaki (20)
Recently uploaded
Recently uploaded (20)
最先端の利用シーンからみるセキュリティリスク
- 1. Android Security GClue
- 2. Apple TV
- 3. iCloud AirPlay MacBook iPhone4S Apple TV
- 4. Android
- 5. Android • 55 /1 • 1 9000 • 400
- 6. Android Market • App • 30 • Download • 3000 DL/
- 7. AppStore iTunes AppStore Android Market 3300 DL/ 3300 DL/ 7600 DL/
- 8. AppStore 2014 1850 / 5 /
- 9. CPU/GPU 2
- 10. Android OS 4.0 Hangout
- 11. Android OS4 Android Beam WiFi Direct Bluetooth P2P Health
- 12. Galaxy Nexus
- 13. Android OS For Tablet 3.0 3.1 3.2 1.0 1.1 1.5 1.6 2.0 2.1 2.2 2.3 4.0 For SmartPhone 2.0 3.1 For TV
- 14. Store
- 15. Market Ameba AppMarket CyberAgent @ GMO Yahoo Market Yahoo Square Enix Market Square Enix au one Market au/kddi AndroApp Vector Bandai Namco
- 16. Market( ) 175000 GetJar Amazon AppStore Amazon AppStore
- 17. GetJar 300 / 175000 Java ME BlackBerry Symbian Windows Mobile Android
- 18. Amazon AppStore Android OS 2.3 Kindle Fire
- 19. Android Market iTunes Store Kill Switch
- 20. Android ?
- 21. Android
- 22. Android Security Model • Android OS Linux UserID GroupID
- 23. UID/GID /data/data # ls -l drwxr-x--x app_1 app_1 2011-10-20 17:46 com.android.backupconfirm drwxr-x--x app_2 app_2 2011-10-20 17:50 com.android.browser drwxr-x--x app_3 app_3 2011-10-20 17:46 com.android.calculator2 drwxr-x--x app_4 app_4 2011-10-20 17:50 com.android.calendar drwxr-x--x app_6 app_6 2011-10-20 17:46 com.android.camera drwxr-x--x app_7 app_7 2011-10-20 17:46 com.android.certinstaller drwxr-x--x app_0 app_0 2011-10-20 17:46 com.android.contacts drwxr-x--x app_9 app_9 2011-10-20 17:46 com.android.customlocale2 drwxr-x--x app_10 app_10 2011-10-20 17:46 com.android.defcontainer drwxr-x--x app_11 app_11 2011-10-20 17:49 com.android.deskclock drwxr-x--x app_12 app_12 2011-10-20 17:46 com.android.development drwxr-x--x app_14 app_14 2011-10-20 17:50 com.android.email drwxr-x--x app_8 app_8 2011-10-20 17:46 com.android.emulator.connectivity.test drwxr-x--x app_18 app_18 2011-10-20 17:46 com.android.emulator.gps.test drwxr-x--x app_15 app_15 2011-10-20 17:46 com.android.exchange drwxr-x--x app_16 app_16 2011-10-20 17:46 com.android.fallback UID/GID
- 24. • • ./android/debug.keystore
- 25. Android • com.gclue.app1 com.yokohama.app1 App A App B com.gclue.app1 com.yokohama.app1
- 26. ADK
- 27. Hardware • ADK • USB Host
- 28. Intent
- 29. Intent App B App A
- 30. Android
- 31. Android • Permission • URI Permission
- 32. Permission AndroidManifest.xml <uses-permission android:name="android.permission.READ_PHONE_STATE"/> 480px x 800px IMEI Samsung Galaxy S Phone No Software Version [Captivate] Sim Serial Subscriber Id Download Permission
- 33. Permission Permission android.permission.GET_ACCOUNTS GMail android.permission.READ_CALENDAR android.permission.READ_CONTACTS android.permission.READ_PHONE_STATE (IMEI, SubscriberID, SimSerial) android.permission.READ_PROFILE android.permission.RECEIVE_SMS android.permission.READ_SMS SMS / / android.permission.WRITE_SMS Android Google android.permission.USE_CREDENTIALS OAuth
- 34. Data • Content Provider(SQLite) • SharedPreference(KeyValueStore) • File I/O
- 35. Content Provider • Android • SQLite AndroidManifest.xml android:readPermission android:writePermission android:permission
- 36. URI Permission • • <grant-uri-permission> • AndroidManifest.xml <grant-uri-permission android:pathPrefix="/all_downloads/"/>
- 37. SharedPreference File I/O AndroidManifest.xml Context.MODE_PRIVATE Context.MODE_WORLD_READABLE Context.MODE_WORLD_WRITEABL
- 38. Cloud
- 39. Account Manager
- 40. Account Manager AndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/> AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "android", null, this, null, null); Android Market
- 41. Account Manager AndroidManifest.xml <uses-permission android:name="android.permission.USE_CREDENTIALS"/> AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "ah", null, this, null, null); Google App Engine
- 42. Cloud AcountManager Service Key Google Analytics Data analytics APIs Google Apps APIs apps (Domain Information Google Sites Data API jotspot & Management) Blogger Data API blogger Book Search Data API print Calendar Data API cl Google Code Search codesearch Data API Contacts Data API Content API for cp structuredcontent No Password Shopping Documents List Data writely API Finance Data API finance Gmail Atom feed mail Health Data API health Maps Data APIs local Picasa Web Albums lh2 Data API Sidewiki Data API annotateweb Spreadsheets Data API wise Webmaster Tools API sitemaps YouTube Data API youtube Android Market android
- 43. Google App
- 45. Google Apps
- 46. Google Apps Device Policy