Threat Analysis of the Android Market
| ANDROID MARKET
In keeping with the Open Handset Alliance goals of Android being the first open, complete, and free platform created specifically for mobile devices, Google offers the Android Market. The Android Market offers the ability for developers to create any application they choose with the community regulating whether the application is appropriate and safe, as opposed to relying on a formal screening process. The pros and cons of this open approach to an application store have been discussed in great detail. Notwithstanding, Spyware and other malicious applications have made their way onto even controlled application stores and these controls have not negated the need for mobile device security software, such as Anti-Malware applications. The desire for open source applications by mobile device owners on even strictly controlled operating systems is evidenced by the vast amount of iPhone devices that are jailbroken to allow for the running of out-of-market applications which have not been approved by Apple. The Android Market offers flexibility that markets such as the Apple App Store do not by allowing anyone to develop and publish an application to the Market’s consumers. This presents the opportunity to easily defraud innocent consumers for financial gain. Financial gain drives the paradigm of information security and attackers now see consumer and enterprise smartphones as targets. Since today’s Smartphone devices are the equivalent of mobile computers, it is logical that attackers have expanded their focus from PC-based malware to Smartphone malware and an open application repository lends itself to these types of attackers.
ANDROID MARKET SECURITY MODEL
The Android Market relies on the community to identify and flag applications that either malfunction or are malicious in nature. This would imply that there will always be a window where a number of consumers would need to use, test and determine if an...
Please join StudyMode to read the full document