D2T2-Ajin-Abraham-Hacking-Tizen-The-OS-of-Everything

More documents

Recommendations

Info

HYBRID APP(.TPK)
TIZEN SECURITY MODEL• Non root applications• All applications run under same non-root user ID, app.• Most of the middleware daemons will run asnon-root user.• Application sandboxing• All applications are sandboxed by SMACK.• An application is allowed to read or write files in it’s home directory andshared media directory (/opt/usr/media)• Each application unable to send IPC andsockets, r/w other application files.• Permission Model/Least privilege• All applications will have manifest file describing privileges.• Manifest file describes also SMACK labels and rule.• Application Signing – Author and Distributor• Tizen CSP for Web Apps –Web Apps have additional layer of securitywith Content Security Policy.• Encrypt HTML, JS and CSS stored in Device - Encrypts at Install timeand Runtime decryption.• Content Security Framework – Provides API for AVs.
Page 1 and 2: HACKING TIZENTHE OS OF EVERYTHINGAJ
Page 3 and 4: DISCLAIMER• All Images, Logos and
Page 5: TIZEN : The OS of EverythingIoT (In
Page 8 and 9: Source: h$p://' mesofindia.india'
Page 10 and 11: Source: h*p://www./zenexperts.com/
Page 12 and 13: THE FAMILY
Page 14 and 15: TIZEN ARCHITECTURETizen Web App
Page 16 and 17: TIZEN APPLICATION STRUCTURE
Page 18 and 19: NATIVE APPS (.TPK).tpk Install Loca
Page 22 and 23: SMACKSIMPLIFIED MANDATORY ACCESS CO
Page 24 and 25: SMACK TERMS- Subject à Any Running
Page 26 and 27: WEB APPS - CONFIG.XML
Page 28: QUICK COMPARISON• Apps identified
Page 31 and 32: OVER PRIVILEGED ANDROID APP VS TIZE
Page 33 and 34: LIKE ANY LINUX DISTRO : SHELLS
Page 35 and 36: eDEMO
Page 43 and 44: STATIC ANALYSIS• Certificate Sign
Page 47 and 48: NETWORK ANALYSIS• Installing SSL
Page 49 and 50: MOBILE SECURITY FRAMEWORK○ Automa
Page 51 and 52: CONCLUSION• Security Model/Archit
Page 53: QUESTIONS?Ajin Abraham@ajinabrahamh

D2T2-Ajin-Abraham-Hacking-Tizen-The-OS-of-Everything

Create successful ePaper yourself

Delete template?

Save as template?