• أر
  • 中文
  • EN
  • FR
  • PT
  • РУ
  • ES

You are here


Laying a Secure Foundation for Mobile Devices

Modern mobile devices such as smartphones and tablets have become fully general computing systems with a rich third party application ecosystem and user experience.  As such, the same security problems that have long plagued the personal computer (PC) industry are becoming increasingly evident on mobile devices.  Addressing these threats effectively requires a secure foundation, including both hardware and software mechanisms.  Device OEMs and mobile operating system developers have an opportunity to establish such a foundation by providing the right primitives for constructing secure systems and enabling their use in commodity mobile devices.  Many of the same security constructs that have been applied in the space of client and server PCs can and should be brought to the mobile arena.  In this talk, we lay out a vision for secure mobile computing, including a discussion of the roles that virtualization, trusted computing, and secure operating systems play in an overall security architecture and how these mechanisms can be realized in mobile devices today.


Stephen Smalley is a computer security researcher in the Trusted Systems Research organization of the US National Security Agency (NSA).  He presently leads the NSA's Security Enhanced Android (SE Android) project, which is advancing the state of the art in mobile operating system security.  Prior to his work on Android, Mr. Smalley led the development and successful technology transfer of Security-Enhanced Linux (SELinux) to mainline Linux and co-developed Flexible Mandatory Access Controls (FMAC) for the OpenSolaris project.