Android incorporates industry-leading safety options and works with developers and device implementers to stay the mechanical man platform and scheme safe. a robust security model is crucial to change Associate in Nursing spirited scheme of apps and devices engineered on and round the mechanical man platform and supported by cloud services. As a result, through its entire development lifecycle, mechanical man has been subject to a rigorous security program.

 mechanical man is supposed to be open. mechanical man apps use advanced hardware and code, conjointly as native and served information, exposed through the platform to bring innovation and worth to customers. to grasp that worth, the platform offers Associate in Nursing app setting that protects the confidentiality, integrity, and convenience of users, data, apps, the device, and conjointly the network. 

Securing Associate in Nursing open platform needs a durable security design and rigorous security programs. mechanical man was designed with multi bedded security that is versatile enough to support Associate in Nursing open platform whereas still protective all users of the platform. For info regarding news security problems and conjointly the update method, see Security Updates and Resources. 

Android is meant for developers. Security controls were designed to chop back the burden on developers. Security-savvy developers will simply work with and rely upon versatile security controls. Developers less reception with security area unit protected by safe defaults. 

In addition to providing a stable platform to make upon, mechanical man provides further support to developers throughout style of the method. The mechanical man security team appearance for potential vulnerabilities in apps and suggests ways in which to repair those problems. For devices with Google Play, Play Services delivers security updates for essential code libraries, like OpenSSL, that is employed to secure app communications. mechanical man security discharged a tool for testing SSL that helps developers notice potential security problems on whichever platform they are developing. 

 mechanical man is meant for users. Users area unit provided visibility into the permissions requested by every app and management over those permissions. This style includes the expectation that attackers would attempt to perform common attacks, like social engineering attacks to convert device users to put in malware, and attacks on third-party apps on mechanical man. mechanical man was designed to each scale back the chance of those attacks and greatly limit the impact of the attack inside the event that it had been successful. mechanical man security continues to progress when the device is inside the user’s hands. mechanical man works with partners and conjointly the final public to supply patches for any mechanical man device that is continued to receive security updates. 

More info for finish users may even be found inside the Nexus facilitate centre, pel facilitate centre, or your device manufacturer’s facilitate centre. 

This page outlines the goals of the mechanical man security program, describes the basics of the mechanical man security design, and answers the foremost pertinent queries for system architects and security analysts. It focuses on the protection options of Android’s core platform and does not discuss security problems that area unit distinctive to specific apps, like those associated with the browser or SMS app. 

Background

 mechanical man provides Associate in Nursing open supply platform and app setting for mobile devices. The sections and pages below describe the protection options of the mechanical man platform. 

Figure one illustrates the protection parts and issues of the varied levels of the mechanical man code stack. every part assumes that the parts below area unit properly secured. With the exception of a tiny low quantity of mechanical man OS code running as root, all code on top of the UNIX operating system kernel is restricted by the appliance Sandbox. 

The main mechanical man platform building blocks are:

 Device hardware:

 mechanical man runs on Associate in Nursing honest vary of hardware configurations together with mobile phones, tablets, watches, vehicles, smart TVs, OTT diversion boxes, and set-top-boxes. mechanical man is processor-agnostic, however it takes advantage of some hardware-specific security capabilities like ARM execute-Never.

 Android operating system:

 The core package is made on prime of the UNIX operating system kernel. All device resources, like camera functions, GPS data, Bluetooth functions, telecom functions, and network connections area unit accessed through the code.

 Android Application Runtime: mechanical man apps area unit most frequently written inside the Java language and run inside the mechanical man runtime (ART). However, many apps, together with core mechanical man services and apps, area unit native apps or embrace native libraries. each ART and native apps run inside the identical security setting, contained inside the appliance Sandbox. Apps get an infatuated a part of the organisation throughout that they will write personal information, together with databases and raw files. 

Android apps extend the core mechanical man code. There area unit 2 primary sources for apps: 

Preinstalled apps:

 mechanical man includes a gaggle of preinstalled apps together with phone, email, calendar, browser, and contacts. These perform as user apps that they provide key device capabilities which is able to be accessed by alternative apps. Preinstalled apps may even be a part of the open supply mechanical man platform, or they will be developed by a tool manufacturer for a selected device. 

User-installed apps: 

Android provides Associate in Nursing open development setting that supports any third-party app. Google Play offers users several thousands of apps