1. Steps to Improve Security of Smartphones:
Steps to improve smartphone security in this section, we plan to provide an overview of the security enhancements that can be used for Android and iOS smartphones. The security vulnerabilities of smartphones have been the main focus of many recent research studies. Android is by far the most intelligent smartphone (86.6% on the third quarter of 2016). IOS is the second major operating system. As a result, we focus in this section on the main features of these two systems, and discuss the different ways in which they are implemented in relation to their security. First, we focus on Android smartphones and discuss ways to improve Android smartphones. In particular, we focus on enhancing Android security and containers in order to improve the security of Android operating system. One of the main properties of Android apps is running in sandbox mode and container (an isolated area of the system that cannot access the rest of your system resources). The purpose of protection mode is to isolate an application to prevent malicious software, hackers, system resources, or other applications from interacting with the application and any of its sensitive information secured by the container. With the Security Mode security policy, Android tries to translate any security issues and prevent them from breaking into other sectors. This approach was successful. For example, Google Chrome using a sandbox approach which has made it one of the safest browsers.
1.1. Security Enhancement for Android (SEAndroid)
Security Enhancement for Android (SEAndroid) Enhanced Security for Android (SEAndroid) is a Linux kernel security module that provides centralized access control policy management for each device. it is a project to identify and address critical security gaps of Android. Initially, this project allows the use of SELinux in Android to reduce the damage that can be done by malicious or malicious applications and to implement separation safeguards between applications. Android SELinux is used to enforce Mandatory Access Control (MAC) on all processes that work with the root. In the Android Open Source Project, it includes SELinux in enforcing mode. In enforcement mode, illegal acts are prohibited and all violations are recorded. For other technical issues, Android is a Linux kernel based mobile operating system. On the top of which all Android layers are sitting Linux kernel provides a multi-user nature and Discretionary Access Control (DAC). Android uses a kernel-level sandboxing and isolation mechanism to separate applications from one to another and control communication between applications or resource accesses. However, Android has some inherent weaknesses associated with the DAC in its security model; these can cause vulnerabilities in system security. But Securities Enhancements for Android is introduced to mitigate the above shortcomings. These improvements have clearly improved the security of Android devices; however, there are still some security holes. Here are some important security features that are available as a result of Securities Enhancement for Android.
In order to control access many computing devices are equipped for different biometric measurements. Smartphones use low-cost devices such as fingerprint scanners to unlock with a single touch. For one-touch unlocking, smartphones use low-cost devices such as fingerprint scanners. In addition, in many smart phones, fingerprints can be used to lock and unlock encryption keys. Smartphones powered by Android are equipped with this technology. It is hoped that this technology will be able to make it impossible for other individuals to use the smartphone without the consent of the owner. However, this method has very false positive/negative result for now and is far from perfect.
Encrypted by default:
Android out-of-the-box has full disk encryption and can be enabled by default to improve data protection on lost or stolen devices.
Android offers flexibility to unlock devices. Device lock can be automatically unlocked when closed to another trusted device (via NFC, Bluetooth).
The various application programs are verified and checked by an application Check before being able to install them. App verification can alert the user if they are about to install an application that may be malicious. In fact, if the app might be harmful, it can be blocked.
Device Monitoring Warnings:
Android users can receive warning if a certificate has been added to the device certificate store which is capable of monitoring of encrypted network.
Encryption is used at the file level, rather than encrypting the entire storage area of a single unit. This will isolate and protect individual users and profiles better on the device.
Virtual Private Network (VPN) can be set so that applications will have access to the VPN network only after the VPN connection is established. This prevents applications from sending data over other networks. These steps clearly helped Android deal with many security threats. However, even after you follow these steps, Android remains vulnerable to attacks. In the next section, we’ll discuss some security flaws for Android and iOS operating systems.
1.2. Sandboxing, Containerization, and Air Watch
Sandboxing is an effective way to reduce the impact of malicious codes and other security threats by trying to localize and contain its effect. On the other hand, containerization is the method of securing a device for corporate use by putting a part of it behind some type of authentication. A secure data container is a third-party mobile application that is used to separate a portion of the device’s storage and secure it from the rest of the device. The purpose of sandboxing is to isolate an application to prevent malicious software, hackers, system resources, or other applications from interacting with the application and any of its sensitive information secured by the container. However, it should be understood that the sandboxing can not protect everything. The sandboxing is available on almost all smartphone operating systems such as Android, iOS, Blackberry, and Windows Phone, while the containerization is primarily used by an Android smartphone. Please note that iOS uses AirWatch to manage employee access, security, and privacy issues.
1.3. Security Enhancement for iOS
Apple is the provider of iOS operating systems that support devices such as the iPhone, iPad and iPod. When it comes to security, everyone who is in the field of IT or a non-IT field must feel good about the iOS system. Here are the measures Apple is talking about to provide a safe and convenient service to consumers.
– Users can authenticate enterprise applications without having to re-enter credentials each time they switch between applications.
– Apple can now block Wire Lurker by blocking the enterprise certificate it used to install malicious applications.
– Password protection is added to mail, calendar, contacts, messages, and third-party applications. ·
– The device name can be set remotely. Also, remotely disable, erase or restore features when necessary.
– Individual e-mail encryption is supported by the use of Secure/Multipurpose Internet Mail Extensions technology.
– To avoid being threatened by Masque Attack, install applications that come directly from the App Store, and do not press Install if you see a pop-up window on a website or if you see a prompt to install an update for an application such as Flappy Bird. Also, if iOS displays an alert that an application is from an untrusted developer, click Don’t Trust and uninstall it.