Android data storage security: A review

“…In their paper, Altuwaijri and Ghouzali [6] presented a threat model for storing mobile device data of Android based devices, Figure 1. shows this threat model.…”

“…Altuwaijri and Ghouzali threat model classify threats into Physical and Software threats. [6] Physical threats are possible when mobile devices get into the hands of unauthorized people through loss or theft. These are three types [6]:  Cold boot attackassumes that ram memory is obtained and connected to another device to obtain data from that memory;  Evil maid attackassumes the unencrypted memory area; even if a password is used to encrypt data on your mobile device, the Android partitioning system can be modified with keylogging;  RowHammer attackassumes the use of management vulnerability at the lower levels of the operating system; is the most complex vulnerability of physical.…”

“…[6] Physical threats are possible when mobile devices get into the hands of unauthorized people through loss or theft. These are three types [6]:  Cold boot attackassumes that ram memory is obtained and connected to another device to obtain data from that memory;  Evil maid attackassumes the unencrypted memory area; even if a password is used to encrypt data on your mobile device, the Android partitioning system can be modified with keylogging;  RowHammer attackassumes the use of management vulnerability at the lower levels of the operating system; is the most complex vulnerability of physical. Software threats include malware attacks or poor mobile application development [7]:  Malware attackinvolves installing applications that contain malware, which then develops into the infected mobile device;  Poor app developmentin this category, developers' level of knowledge of security concepts and how they develop mobile applications; if developers do not implement community-approved security standards, the developed application will be very vulnerable in terms of security.…”

“…In [6] there are some solutions for mobile devices running Android OS. These are presented in Table 3.…”

“…Table 3. Hardware solutions for data security on mobile devices [6] No. From a software point of view, there are two options: FDE (Full Disk Encryption) and KeyChain available from Android 4.4 (API 19) and Android 4.0 (API 14), respectively.…”

Mobile Data Vulnerabilities

“…In their paper, Altuwaijri and Ghouzali [6] presented a threat model for storing mobile device data of Android based devices, Figure 1. shows this threat model.…”

“…Altuwaijri and Ghouzali threat model classify threats into Physical and Software threats. [6] Physical threats are possible when mobile devices get into the hands of unauthorized people through loss or theft. These are three types [6]:  Cold boot attackassumes that ram memory is obtained and connected to another device to obtain data from that memory;  Evil maid attackassumes the unencrypted memory area; even if a password is used to encrypt data on your mobile device, the Android partitioning system can be modified with keylogging;  RowHammer attackassumes the use of management vulnerability at the lower levels of the operating system; is the most complex vulnerability of physical.…”

“…[6] Physical threats are possible when mobile devices get into the hands of unauthorized people through loss or theft. These are three types [6]:  Cold boot attackassumes that ram memory is obtained and connected to another device to obtain data from that memory;  Evil maid attackassumes the unencrypted memory area; even if a password is used to encrypt data on your mobile device, the Android partitioning system can be modified with keylogging;  RowHammer attackassumes the use of management vulnerability at the lower levels of the operating system; is the most complex vulnerability of physical. Software threats include malware attacks or poor mobile application development [7]:  Malware attackinvolves installing applications that contain malware, which then develops into the infected mobile device;  Poor app developmentin this category, developers' level of knowledge of security concepts and how they develop mobile applications; if developers do not implement community-approved security standards, the developed application will be very vulnerable in terms of security.…”

“…In [6] there are some solutions for mobile devices running Android OS. These are presented in Table 3.…”

“…Table 3. Hardware solutions for data security on mobile devices [6] No. From a software point of view, there are two options: FDE (Full Disk Encryption) and KeyChain available from Android 4.4 (API 19) and Android 4.0 (API 14), respectively.…”

Mobile Data Vulnerabilities

Effectiveness of Mobile Wiping Applications

Security Threats and Protection Based on Android Platform