The recent dramatic increase in the popularity of "smart-phones" has led to increased interest in smartphone security research. Prom the perspective of a security researcher the noteworthy attributes of a modern smartphone are the ability to install new applications, possibility to access Internet and presence of private or sensitive information such as messages or location. These attributes are also present in a large class of more traditional "feature phones." Mobile platform security architectures in these types of devices have seen a much larger scale of deployment compared to platform security architectures designed for PC platforms. In this paper we start by describing the business, regulatory and end-user requirements which paved the way for this widespread deployment of mobile platform security architectures. We briefly describe typical hardware-based security mechanisms that provide the foundation for mobile platform security. We then describe and compare the currently most prominent open mobile platform security architectures and conclude that many features introduced recently are borrowed, or adapted with a twist, from older platform security architectures. Finally, we identify a number of open problems in designing effective mobile platform security.
展开▼