Ivonne Andrea Mantilla González wrote:
2010/12/22, BobMcCormick <[email protected]>:
What kind of sensitive data is it?
The idea is to store an identifier or credential that allows to
authenticate someone. Thus, the information should be known neither by
the phone user, malware nor third parties.
The ideal solution is to use some kind of hardware protection like
you have in the SIM-card. Apple will introduce this in the next or
next-next incarnation of the iPad:
http://www.smartcardstrends.com/det_atc.php?idu=13258
It is also possible to have the keys in a processes owned by the
OS. This is way better than in "user space".
A major problem with tying keys to apps directly is that the
provisioning of the key must be done by the app itself.
In a universally useful system there should be a common provisioning
facility and key-store where the issuer (in some way) can say:
"this key is only to be used by the following apps".
I plan to add this feature to:
http://webpki.org/auth-token-4-the-cloud.html
It seems that root of signer cert + subject DN + path should be
a suitable way to define an app. This access control must be
performed by the OS.
Anders
Now the question is: how to make possible to keep such a "secret"
secure inside the phone?, how to prevent that this information can be
copied and used by an illegitimate user?
Up to now, I consider the private folder of the application a suitable
place for this task. However, the fact that the user cannot obtain
direct access to it, does not mean that it is not vulnerable to being
copied or accessed by a privileged user.
If someone has ideas, welcome!
--
You received this message because you are subscribed to the Google Groups "Android
Security Discussions" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/android-security-discuss?hl=en.
