ASM CH0 - Outline of following blogs

Enclave NO.0X7971

2024-08-06

ASM

This blog is a comprehensive review of the paper  [Android Security Model](https://arxiv.org/pdf/1904.05572), based on the content ot the paper, some personal thoughts are also added to this blog including the personal perspective of the author to ASM and the summarization of the content and so on.

1. The context an basis of ASM

1.1 Android is an opensource ecosystem

1.2 Android is defined by compatibility requirements

1.3 Threat model

2. General Security Model

3. Implementation on various layers of the OS

3.1 Enforced authorization

3.2 User authentication

3.3 Isolation and containment

3.4 By-default encryption at rest

3.5 In transit

3.6 Exploit mitigation

3.7 Integrity

3.8 Patching/Updates

3.9 Cellular network security

5. EASTER EGG

On Android version above 11.x

Open your settings
Go to “About Phone”
Press “Android Version” button for couple of times or press it for a few seconds
Have fun

1. The context an basis of ASM

1.1 Android is an opensource ecosystem

1.2 Android is defined by compatibility requirements

1.3 Threat model

2. General Security Model

3. Implementation on various layers of the OS

3.1 Enforced authorization

3.2 User authentication

3.3 Isolation and containment

3.4 By-default encryption at rest

3.5 In transit

3.6 Exploit mitigation

3.7 Integrity

3.8 Patching/Updates

3.9 Cellular network security

4. Special cases and related academic work on Android security

5. EASTER EGG