diff options
author | growupboron <shankhoghosh123@gmail.com> | 2020-10-09 00:19:18 +0530 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2020-10-14 11:19:53 +0000 |
commit | eefc3ab6cbb8a5901632f46d99e13c8d90b2415d (patch) | |
tree | 90815d532ed7b2d0962a1468aee29f05a4404eef /docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application | |
parent | 4aad369c9728061c97b3de792286e743ee884b09 (diff) |
rewrote quickstart, build-process
Revamped and updated documentation to install and build AGL images.
(removed whitespaces, added contribution guide, corrected rcar-gen3 section 7, added aglsetup.h flags to hardware support, some minor changes)
Bug-AGL: [SPEC-3633]
Signed-off-by: Shankho Boron Ghosh <shankhoghosh123@gmail.com>
Change-Id: Iedb6c7dc1661f4bc58b5f25ea5d188778c7ff908
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/documentation/+/25407
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Diffstat (limited to 'docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application')
6 files changed, 0 insertions, 180 deletions
diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.0_Abstract.md b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.0_Abstract.md deleted file mode 100644 index ae7b7dc..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.0_Abstract.md +++ /dev/null @@ -1,89 +0,0 @@ ---- -edit_link: '' -title: Introduction -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-6/0_Abstract.md ---- - -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - -# Part 6 - Application - -## Abstract - -**Application Hardening**: Best practices to apply to the build and release of -user space applications, in order to reduce the number of attack surfaces used -by potential attackers. - -The term of Application (App) has a very wide definition in **AGL**. Almost -anything which is not in the core Operating System (OS) is an Application. -Applications can be included in the base software package (image) or can be -added at run-time. - -Application containment is achieved using the following protections: - -- Linux Native protection - - Mandatory Access Control (**MAC**) -- AGL Platform protections - - Origin Tracking and Validation - - Application Privilege Management and Enforcement via Cynara - - Authenticated Transport via D-Bus - -## Application Types - -AGL provides a framework for applications to be written in different forms: - -- Web application: HTML5 + JavaScript -- Qt application: in a QML file -- Native application: in C - -While there is no harm in providing multiple types of applications, from a -security perspective this does increase the attack surface for an intruder. -The application framework (**AppFw**) consists of a number of utilities and -daemons which provide context for the applications. -Isolation is provided through **SMACK** labels. - -## Application Store - -Although the Tizen system has defined a [system of App signing and signing flow](https://wiki.tizen.org/Security/Tizen_3.X_Overview#Application_Singing_and_Certificates) -to avoid the spread of unauthorized Apps that might contain malware. -At this point, it is unclear how much of this flow AGL will adopt. -However, judging from the experience, it is an essential topic. For example, -the Google Play Store controls the authorization of Apps through signing, and still, -there are [many accounts of Apps containing malware on the store](http://www.eweek.com/mobile/researchers-find-132-malware-infected-android-apps-on-google-play). - -Tizen defines 5 levels of certificates and signing at each level, including an author, -testing distributor, public level store distributor, partner level store distributor, -and platform level store distributor. AGL may define a different number of third parties, -but at a minimum an author and store distributor should be defined. - -![App Signing Flow](App_signing_flow.png) - -Once the number of signatures has been established, verification of those signatures needs -to be done at a minimum at installation time on the AGL device. It is important to ensure -the robustness/integrity of the public key used for signature verification. If the public key is modified, -then this compromised key can be used to verify an attacker's private key signature. - -Further to this, installation-time verification is limited. Attacks can happen to apps in-memory -at runtime. Any modifications made after installation will be missed by installation-time verification. -Integrity verification that runs during execution makes for a more complete security story. - --------------------------------------------------------------------------------- - -## Acronyms and Abbreviations - -The following table lists the terms utilized within this part of the document. - -Acronyms or Abbreviations | Description -------------------------- | ---------------------------------------------------- -_3GPP_ | **3**rd **G**eneration **P**artnership **P**roject -_CASB_ | **C**loud **A**ccess **S**ecurity **B**roker -_DAST_ | **D**ynamic **A**pplication **S**ecurity **T**esting -_DPI_ | **D**eep **P**acket **I**nspection -_IDS_ | **I**ntrusion **D**etection **S**ystems -_IPS_ | **I**ntrusion **P**revention **S**ystems -_IPSec_ | **I**nternet **P**rotocol **Sec**urity -_LSM_ | **L**inux **S**ecurity **M**odule -_MITM_ | **M**an **I**n **T**he **M**iddle -_OSI_ | **O**pen **S**ystems **I**nterconnection -_SATS_ | **S**tatic **A**pplication **S**ecurity **T**esting diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.1_Installation.md b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.1_Installation.md deleted file mode 100644 index 70b572f..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.1_Installation.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -edit_link: '' -title: Installation -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-6/1-Installation.md ---- - -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - -# Local - -<!-- section-todo --> - -Domain | Improvement --------------------------- | ------------------------------ -Application-Installation-1 | Talk about AppFw offline mode. - -<!-- end-section-todo --> - -## Installation - -Applications can be delivered and installed with the base image using a special -offline-mode provided by the **AppFw**. Apps can also be installed at run time. - -<!-- section-note --> - -During early release, default Apps are installed on the image at first boot. - -<!-- end-section-note --> - -<!-- section-config --> - -Domain | Object | Recommendations --------------------------- | --------- | ----------------------------------------------------------------------- -Application-Installation-1 | AppFw | Provide offline-mode in order to install app with the base image. -Application-Installation-2 | Integrity | Allow the installation of applications only if their integrity is good. - -<!-- end-section-config --> diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.2_Privilege_Management.md b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.2_Privilege_Management.md deleted file mode 100644 index e085929..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.2_Privilege_Management.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -edit_link: '' -title: Privilege management -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-6/2-PrivilegeManagement.md ---- - -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - -# Local - -## Privilege Management - -Application privileges are managed by **Cynara** and the security manager in -the **AppFw**. For more details, please refer to the **AppFw** documentation -in Platform part. diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.3_Signature.md b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.3_Signature.md deleted file mode 100644 index 73c17f9..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.3_Signature.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -edit_link: '' -title: Signature -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-6/3-Signature.md ---- - -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - -# App Signature - -<!-- section-todo --> - -Domain | Improvement ------------------------ | ---------------------------------------------------------- -Application-Signature-1 | Add content (see secure build in Secure development part). - -<!-- end-section-todo --> diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.4_Services.md b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.4_Services.md deleted file mode 100644 index b9653a2..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/1.2.6.4_Services.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -edit_link: '' -title: Services -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-6/4-Services.md ---- - -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - -# Services - -<!-- section-todo --> - -Domain | Improvement ----------------------- | ------------ -Application-Services-1 | Add content (Which services?). -Application-Services-2 | Add Binder. - -<!-- end-section-todo --> diff --git a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/App_signing_flow.png b/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/App_signing_flow.png Binary files differdeleted file mode 100644 index 56a7c23..0000000 --- a/docs/1_Architecture_Guides/1.2_Security_Blueprint/6_Application/App_signing_flow.png +++ /dev/null |