Mobile Simplified Security Framework Overview

The purpose of the Mobile Simplified Security Framework (MSSF) is to protect the owner of mobile device from getting his personal, private data and passwords from being stolen and used for malicious purposes, to prevent a malware from misusing a device and incurring costs on user, to prevent a user from accidentally breaking the device and to make the platform meet the requirements set by such third party software that requires a safe execution environment (i.e. copy protection SW).

This it does by the following means:
• A fine-grained configurable access control framework, by which the set of allowed operations can be restricted according to the source and identity of each application.
• Extensive integrity checking to ensure the authenticity of all executable files, starting from the bootloader and the kernel all the way up to the least significant applications.
• Protection of sensitive data by means of encryption and signing of configuration files using a key derived from a hardware-protected device-specific secret.
• Protection of the software deployment chain by cryptography-based source authentication and ranking to prevent attacks via malicious repositories.
The main design goal is to have all this accomplished without any significant penalty in terms of performance or usability, by using established open standards and having as much of the implementation open-sourced as possible. Another goal is to minimize an entry barrier for 3rd party programmers by reusing the existing Linux programming environment and introducing only needed additional features.