Click here to load reader

Mr201305 tizen security_jpn

  • View
    319

  • Download
    1

Embed Size (px)

Text of Mr201305 tizen security_jpn

  • 1. Fourteenforty Research Institute, Inc. 1 Tizen Fourteenforty Research Institute, Inc. http://www.fourteenforty.jp

2. Fourteenforty Research Institute, Inc. iOS, AndroidOSTizenFirefox OS Tizen OS Android OS Tizen Tizen SDK 2.1 2 3. Fourteenforty Research Institute, Inc. OS Linux Foundation Linux Tizen 2.0WebNative(C/C++) Tizen 3 4. Fourteenforty Research Institute, Inc. Tizen 4 http://upload.wikimedia.org/wikipedia/commons/c/c3/What_is_tizen_architecture.png WebNative 5. Fourteenforty Research Institute, Inc. Tizen Package (.tpk) : Native Applications Tizen Web Package (.wgt) : Web Applications Tizen Package 5 6. Fourteenforty Research Institute, Inc. /opt/apps/(AppId) AppId10 /opt/apps/(AppId) bin/ data/ res/ Tizen Web/Native 6 7. Fourteenforty Research Institute, Inc. Tizen Web package 7 https://developer.tizen.org/documentation/articles/tizen-application-packaging-overview .wgt Zip .wgt binWeb RuntimeWRT) Web 8. Fourteenforty Research Institute, Inc. .tpk Zip .tpkAppId binNative Tizen Native package 8 https://developer.tizen.org/documentation/articles/tizen-application-packaging-overview 9. Fourteenforty Research Institute, Inc. 9 OS Content Security Framework Privileges Feature 10. Fourteenforty Research Institute, Inc. 10 root app WebNativeUID app SMACK Smack 11. Fourteenforty Research Institute, Inc. 2UID 11 Kernel Web App1 Web Runtime (UID: app) Web App2 Native App (UID: app) Service (UID: root) UID app root 12. Fourteenforty Research Institute, Inc. 12 UID app SMACK 13. Fourteenforty Research Institute, Inc. LSM(Linux Security Modules) Subject () Object () SMACK 13 TopSecretSubject TopSecret Secret rx SecretObject 14. Fourteenforty Research Institute, Inc. SMACK Label 14 Kernel Web App1 Web Runtime (UID: app) Web App2 Native App1 (UID: app) Service1 (UID: root) UID app root WebApp1 SMACK Label WebApp2 NativeApp1 File1 WebApp1 File2 WebApp2 WebApp2 Service1 15. Fourteenforty Research Institute, Inc. 15 Tizen 2.0Native (C/C++) ASLR DEP 16. Fourteenforty Research Institute, Inc. DEP 16 Tizen Native Application int func(){ int a = 10; int b = 20; return a+b; } _EXPORT_ int OspMain(int argc, char *pArgv[]) { AppLog("Application started."); char buf[1024]; int (*f)(); memcpy( buf, (char*)func, 1024); f = (int (*)())buf; int b = f(); ArrayList args(SingleObjectDeleter); args.Construct(); .. func DEP Tizen SDK 2.1 x86 Emulator) 17. Fourteenforty Research Institute, Inc. ASLR 17 /proc/sys/kernel/randomize_va_space 2 ASLR Tizen Native App 2/proc/[pid]/maps 2 Tizen SDK 2.1 x86 Emulator) /proc/self/personality 00040000 (ADDR_NO_RANDOMIZE) ASLR 09e0e000-09e70000 rw-p 00000000 00:00 0 [heap] 09e70000-09f80000 rw-p 00000000 00:00 0 [heap] b36e7000-b36ec000 r-xp 00000000 fe:00 73077 /opt/usr/apps/hNLQmS2Kl0/bin/MySample7.exe b36ec000-b36ed000 rw-p 00004000 fe:00 73077 /opt/usr/apps/hNLQmS2Kl0/bin/MySample7.exe b36ed000-b36f0000 r-xp 00000000 fe:00 73094 /opt/usr/apps/hNLQmS2Kl0/bin/MySample7 b36f0000-b36f1000 rw-p 00002000 fe:00 73094 /opt/usr/apps/hNLQmS2Kl0/bin/MySample7 bfdcf000-bfdf0000 rw-p 00000000 00:00 0 [stack] 18. Fourteenforty Research Institute, Inc. Applications Content Security Framework(CSF) 18 Tizen CSFAPIPlug-in Plug-in (libengine.so) Plug-inURLWeb(HTML, JavaScript) Plug-inSecurity Application Package) System Libraries Browser Call CSF APIs libengine.so Content Security Framework Installer Security Application Package libengine.so Install CSF Plugin 19. Fourteenforty Research Institute, Inc. Privilege TizenAPI3 Public - Partner - Tizen store Platform - Tizen PrivilegeAPI Privilege Feature Android Web RuntimeAccess Control Engine(ACE) ACE 19 20. Fourteenforty Research Institute, Inc. Web 20 Kernel Web Runtime Web Application JavaScript API System Call Web RuntimeSMACK2 SMACK(LSM) SMACK Rule WRT Access Control Engine Feature Web Runtime System Call WRT SMACK Rule 21. Fourteenforty Research Institute, Inc. SMACK WebWRTSMACK2 Content Security Framework ASLR/DEP 21 22. Fourteenforty Research Institute, Inc. http://download.tizen.org/misc/media/conference2012/tuesday/ballroom -c/2012-05-08-1600-1640-tizen_security_framework_overview.pdf http://download.tizen.org/misc/media/conference2012/wednesday/seacl iff/2012-05-09-0945-1025- understanding_the_permission_and_access_control_model_for_tizen_applicati on_sandboxing.pdf http://www.youtube.com/watch?v=GtiAQOo4beg 22