You are here
The security model of the Android OS is based on the effective combination of a number of well-known security mechanisms. Although each security mechanism has been extensively tested and proved to be effective in isolation, their combination may suffer from unexpected security flaws.
We have contributed to the development of a systematic security analysis of the Android security model and discovered a severe vulnerability in Android that allows a malicious app to mount a Denial-of-Service attack on all Android devices.
We are also investigating solutions for supporting authentication and authorization protocols on mobile devices.