Trust binary

Secure boot

Make sure only boot image signed by Harman can be booted on our hardware device. The boot image is verified by the boot rom, is designed by OEM(TI).

depends on HW platform

Integrate SOC's secure boot support

verified boot

Verified boot guarantees the integrity of the device software starting from a hardware root of trust up to the system partition. During boot, each stage verifies the integrity and authenticity of the next stage before executing it.

Bootloader requirements and Green/Yellow/Red Boot state definition.

· "boot_signer" tool (system/extra/verify) to append signature to the boot image

· Adopt Linux kernel's "dm-verity" for block based partition, e.g. system, verification

· build/tools/releasetools/build_image.py now handles overall creation of
dm-verity signed filesystem images

· build/target/product/verity.mk

· PackageManager aware of verified boot by system/etc/permissions/android.software.verified_boot.xml

· Verify boot and recovery partition with HW fused OEM key as well as embeded ceritication

OTA update

Secure SW update.

Propose the Redbend solution

3rd APP install

Check the signature of 3rd APP, make sure the APP is valid.

Done by Google

Runtime security

Process sandbox

Using the DAC(Discretionary Access Control) and SELinux(Mandatory Access Control) to provide a fine granular access control mechanism to enforce the concept of least privilege.

Done by Google

Add the new rules for the new files and process

APP permission

Done by Google

Prefer to provide a HMI menu to manage the APP permission dynamically

Trust execute environment

Using hardware feature to provide a isolate execute environment

Done by Google and SOC supplier

If OEM need some new feature, should develop with the SOC supplier together.

Security data storage and exchange

Full disk encryption

Full disk encryption is the process of encoding all user data on an Android device using an encrypted key. Once a device is encrypted, all user-created data is automatically encrypted before committing it to disk and all reads automatically decrypt data before returning it to the calling process.

Done by Google

Keystore

The availability of a trusted execution environment in a system on a chip (SoC) offers an opportunity for Android devices to provide hardware-backed, strong security services to the Android OS, to platform services, and even to third-party apps.