Smack (Simplified Mandatory Access Control Kernel) is a linux security module particularily well suited for small systems.
After presenting basic concepts and tools related to Smack, some concrete models for implementing Smack will be exposed.
I usually share my handset or my tablet to people of my family. Is it really secure?
Will my child install a backdoor? Will my dear spouse send jokes by SMS in my name? Will my mother destroy sensitive data? And me? How can I trust the policy manager? Will installed applications respect the contract? Even if native?
For Tizen, the implementation of Smack is declined for several targets: * for telephonic handsets (mostly dedicated for one person); * for notebooks (where multi-user is really need -think to your children-); * for automobiles (where multi-user and multi-session/multi-seat is targeted).
Also on Tizen, installable applications (coming from a store) must expose their requirement and then conform to it. That is even more important for Tizen because it currently allows native and/or mixed applications to be deployed.
The policy manager can rely on Smack to achieve the security for the whole system.
Speakers: José Bollo