Secure Android as a Service
By Wang Jiajun 2015/4/1
Background
Digital rights management
- Protect the contents from copying
- Estimates of cost impact of piracy is about $446 million to $250 billion
- Despite some shortcomings, like analog hole
DRM System
Implementation
- High-bandwidth Digital Copy Protection (HDCP) put this decryption into media playback hardware
- Lower-end devices use software solutions (e.g. PKI)
Android DRM
Architecture
DRM Schemes
- OMA
- Widevine
- …
OMA
- open DRM standard published by the Open Mobile Alliance
- Version 1 (Assume mobile terminal is reliable)
- Forward-lock
- Combined Delivery
- Separate Delivery
- Version 2
- Separate content and license into two objects
Widevine
- On Android >=3.0 the Widevine DRM plugin is integrated
- Uses hardware-backed protection to secure movie content and user credentials
Android DRM Detail
Architecture
DrmManagerClient
- All operations are done using DrmManagerClient to communicate with the DrmManagerServer
- Procedure:
- Register the device with an online DRM service.
- Acquire the license
- Extract constraint information from the license.
- Save rights info
acquireDrmInfo()
- Registration & Right acquisition
processDrmInfo()
- ?
Rights Management
- acquireRights()
- saveRights()
- removeRights()
Read data
- openConvertSession()
- convertData()
- closeConvertSession()
Device Support
Device support
- Widevine, OMA v1 Forward Lock on Nexus 5 & st70408
- No plugins on Virtual Android Devices
Related Work
T6 kernel using ARM trustzone
- Secure VNC
- Secure DRM
Steal This Movie
- Usenix Security 2013
- Attack the software implementation
SierraVMI Virtual Mobile Infrastructure
Thanks
Android DRM Framework
By Jiajun Wang
Android DRM Framework
- 148