Android Security Senior Design Project.docx
- 文档编号:24917877
- 上传时间:2023-06-02
- 格式:DOCX
- 页数:11
- 大小:237.38KB
Android Security Senior Design Project.docx
《Android Security Senior Design Project.docx》由会员分享,可在线阅读,更多相关《Android Security Senior Design Project.docx(11页珍藏版)》请在冰豆网上搜索。
AndroidSecuritySeniorDesignProject
IowaStateuniversity
AndroidSecurity
SeniorDesignProject
AlexFrisvold,AlexMeyer,NazmusSakib,EricVanBuren
9/27/2011
Advisors:
GeorgeAmaricaiofIowaStateandVictorLukasikofBoeing
Contents
1.1Problem/NeedStatement2
1.2ConceptSketch3
1.3SystemBlockDiagram3
1.4OperatingEnvironment4
1.5ExpectedEndProduct4
1.6UserInterfaceDescription4
1.7FunctionalRequirements5
1.8Non-FunctionalRequirements5
2.WorkPlan5
2.1WorkBreakdownStructure5
2.2ResourceRequirements5
2.2aTimeCommitments5
2.2bFinancialResources6
2.2cDocumentationResources6
2.2dOtherResources6
2.3ProjectSchedule6
2.3aAcquiringDocumentation,InitialResearch,andSetup6
2.3bDiggingDeeper–ACompleteUnderstanding7
2.3cImplementation8
2.3dTestingandMaintenance8
2.3eBeyond9
3RisksandRiskManagement9
3.1NotPossibletoImplement9
3.2TimeConstraints9
3.3ResourcesandDocumentation9
3.4OtherRisks9
1.Introduction
ThisprojectplanwilloutlinetherequirementsandexpectationsoftheISUEngineeringCollegeandBoeingforthedevelopmentofanAndroidemulatorthatreplicatesTrustZoneinstructionexecution.Thisprojectplanwillchangethroughoutthecourseofthisprojectandwillemphasizechallengesthatariseaswellassolutionstothoseproblems.
1.1Problem/NeedStatement
Thisdocumentwilldetailthecurrentplanofimplementationforourseniordesignproject.OurprojectistodevelopaworkingemulatorforanAndroiddevice,beitacellphoneortablet,suchthatitisabletoaccuratelyrepresentanARMTrustZone.UsingthisTrustZonewewouldliketoimplementaTrustedPlatformModule(TPM)service.Theserviceswearemostinterestedinarearandomnumbergeneratorandapublic/privatekeygeneratorusingthepreviouslymentionedrandomnumbergenerator.
AsofrightnowtherearenocommercialAndroidemulatorsthatcancorrectlydepicttheworkingsofanARMTrustZone.Thereforeapplicationdevelopersareforcedtotesttheirdevicesonactualhardwaretoseeiftheircodeworks.Thisisbothdangeroustothedeviceandtimeconsuming.Thelogicalnextstepistotryandemulatetheinnerworkingsofthishardwaresothatdeveloperscanthenstartwritingapplicationstouseit.
1.1IntendedAudience
Theintendedaudienceofthisthisdocumentwillbetheseniordesignteam,thereviewboard,ouradvisor,andourclientTheBoeingCompany.
1.2ProductScope
ThisemulatorwouldbeabletobeusedbyanyonedesigningapplicationsonanAndroiddevicethatwouldliketoaddanotherlayerofsecuritytotheirapplicationdesign.
1.2ConceptSketch
Thisconceptsketchshowshowoursoftwarestackwilloperate.AtthebottommostlayerwillbetheQEMUemulatorwithTrustZoneimplemented,thiswillbeourhardwareemulatorlayer.Abovethatwillbeourkernellayer,thiswillstartourFiascofamilyofthesoftwarestackthatwillincludetheFiascomicrokernelandextendtoincludetheL4ReRun-TimeEnvironmentandL4Androidlayer.AllofthiswillbethebaseforourAndroidapplicationthatwilltestthesoftwarestackforthecorrectuseoftheTrustZone.
1.3SystemBlockDiagram
WemusttaketheexistingQEMUemulatorandextendittomimictheresultsofhardwarethatnativelyimplementsTrustZonesforsecureinstructions.Thisideaofchangingworldswillgranttheapplication,andthereforetheuser,anextralayerofsecurity.
1.4OperatingEnvironment
TheextendedAndroidQEMUemulatorwillallowforthefullsystememulationoftheL4AndroidoperatingsystemonavirtualARMCPUthatimplementstheTrustZonearchitectureonanx86Linuxhostmachine.TheexistingQEMUsourceiswritteninCandanynecessarymodificationswillalsobewritteninthatlanguage.TheFiasco.OCmicrokernelandtheL4ReruntimeenvironmentareimplementedinCandC++sowewillbeusingthoselanguagestomakeanychangestothosetwocomponents.TheAndroidapplicationswewilldevelopwillbewritteninJavausingtheEclipseIDE.
1.5ExpectedEndProduct
ThefinaldeliverableforthisprojectwillbeafunctioningsoftwarestackthatemulatestheARMTrustZoneandallowsAndroidapplicationstomakeuseoftheTrustZone.SpecificallywewillbetestingthefunctionalityandsecurityoftheRNGandkeygenerator.Androidapplicationsthatdemonstratethiswillalsobepartoftheendproduct.
1.6UserInterfaceDescription
ThemodificationsproposedinthisprojectplanshouldnotaffecttheGUIcurrentlyimplementedasapartoftheAndroidQEMUemulator.Ascreenshotoftheemulatorisgivenbelow(imagefrom:
1.7FunctionalRequirements
1.ThemodifiedFiasco.OCmicrokernelwillrunseamlesslyoverMr.Winter’sextendedversionofQEMU.
2.ThemodifiedL4ReruntimeenvironmentwillrunseamlesslyoverthemodifiedFiasco.OCmicrokernel.
3.TheL4AndroidoperatingsystemwillrunseamlesslyoverthemodifiedL4Reruntimeenvironment.
4.OurdevelopedAndroidsecurityapplicationwillrunontheL4AndroidoperatingsystemandwillprovideaspecifiedTPMservices.
5.AnotherAndroidapplicationwillbeabletousetheTPMservicesprovidedbythedevelopedAndroidsecurityapplication.
6.Modificationsmadetoanyofthevariouscomponentsofthesoftwarestackshouldnotadverselyaffectanyoftheexistingfunctionalityofanyofthecomponents.
1.8Non-FunctionalRequirements
1.Themodifiedsoftwarestackshouldrunatausablespeed.
2.Themodifiedsoftwarestackshouldbestableandrunreliably.
3.ModificationstoQEMU,Fiasco.OCandL4ReshouldbewritteninCandC++programminglanguageonaLinuxplatform.
2.WorkPlan
2.1WorkBreakdownStructure
Acollaborativeapproachwillbetakenamongteammembersinthisproject.Thisapproachwillhavetheteamworkingonthesametasks.Theteamwillallworktogetherduringeachphaseoftheprojectasopposedtohavingcertainmembersassignedtocertainphases(eg.Implementationgoestotwomembersandtestinggoestotwoothermembers).
2.2ResourceRequirements
2.2aTimeCommitments
Eachofthefour-teammembershastheirownconstraintontheamountoftimeavailabletocommittotheproject,astheyhaveotherclassesand/orjobs.Eachmemberhasagreedupona6-hourperweekdedicationtotheproject,whichisacombined24hoursperweek.Thisisveryflexibleandwillmostlikelychangedependinguponwhatstageoftheprojecttheteamiscurrentlyon.Theteamwillalsomeetonceweeklyasagroupandwithfacultyadvisor,GeorgeAmariucai.Bi-weeklymeetingsarealsoscheduledwithourBoeingcontact.
2.2bFinancialResources
Financialresourcesforthisprojectareminimal.QEMU,Fiasco.OC,L4Re,L4Android,AndroidSDKandEclipseIDEareallopen-sourceandwereavailabletotheteamatnocost.Asofnow,theonlyrequireditemsforthisprojectincludeaLinuxboxwithalltheaforementionedrequiredsoftwareinstalledonit.AnAndroidOSphonefortestingthesoftwarestackonisalsorequiredhowevertheteamhasalreadymanagedtocheckoutanAndroidOSphonefromtheCSGatnocost.
2.2cDocumentationResources
Averylargeamountofthetimetheteamwillspendonthisprojectwillbededicatedtoresearching.Understandinghowtheallthevarioussoftwarecomponentsworkareallkeyforthisprojecttobesuccessful.DocumentationonAndroidOSandtheL4AndroidvariantoftheOSisreadilyavailablebecausetheyareopen-source.TogetdocumentationonARMTrustZone,theteam’sBoeingcontacthasreferencedafewdocumentsandtheteamhasalsosigneduponARM’swebsitewhichenablesthemaccesstosuchdocumentation.QEMU,Fiasco.OC,L4Rearealsoopen-sourceanddocumentationcanbefoundonline.WearealsolookingintothepaperswrittenbyJohannesWinterasheistheleadresearcherinthisfield.
2.2dOtherResources
OtherpossibleresourcesthathavebeenproposedincludeaDebianmachinewithaNXMachineclientonit.Thiswouldallowustoonlyhavetosetuponemachinewiththerequiredsoftwarestackaswellasallowustoworkfromanywhereonoroffcampus.Thiswillgiveusgreaterflexibilityforworktimesasagroup.
2.3ProjectSchedule
Theteam’sdesignmethodologywillfollowtheSpiralmodel.Thestepsofthisprocessaredetermineobjectives,identifyandresolverisks,developmentandtests,andfinallytoplanthenextiteration.Webelievethiswillgiveusthebestchancetosucceedasitallowsustomovetheprojectforwardevenifwemeetanunavoidablerisk.
2.3aAcquiringDocumentation,InitialResearch,andSetup
Gainingabasicunderstandingfortheprojectandhoweachelementintheprojecttiestogetheristhefirstthingtheteammustdo.ThisinitialresearchincludeshowTrustZone,TPM,AndroidOS,andQEMUallworkonaverybasiclevel.EachteammemberwillalsosetupaLinuxpartitionontheirmachineandinstalltheAndroidSDKthatrunsQEMU.ThisfirstphaseoftheprojectwilltakeplacebetweenlateSeptemberandmid-October.
2.3aiTrustZoneandTrustedPlatformModule
Theteam’sBoeingcontacthasreferencedafewdocumentsrelatingtoARM’sTrustZoneandTPM.InitialresearchandbasicunderstandingofTrustZonesandTPMareapriorityintheearlystagesoftheproject.
2.3aiiTheAndroidOS
DocumentationfortheAndroidOSisreadilyavailableandeasilyfound.InitialresearchrequirestheteamtogainabasicunderstandingofthestructureoftheAndroidOS.
2.3aiiiGoogle’sQEMU
QEMUisanopen-sourceAndroidOSemulator.However,GooglehasitsownversionofQEMUthatitusesandthisversionisincludedintheAndroidSDK.TheteamwillacquiretheneededamountofdocumentationonGoog
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Android Security Senior Design Project
![提示](https://static.bdocx.com/images/bang_tan.gif)