The myths about and solutions for an android OS controlled and secure environment

Android is today’s most popular mobile operating system for both smartphones and tablets. This fact creates many risks which are not fully recognized. Even advanced users often naively think that by using antivirus software, a firewall, encryption and updates, as well as avoiding potentially risky sites and applications they will be secure. This list is not exhaustive, but nevertheless, in most cases, each item in it only provides the illusion of security. The authors have summarized and pointed out several actual Android security issues and have proposed a number of possible solutions. Practical experience as well as direct testing reveals that some Android applications may contain malware. The harmful characteristics of an application often become visible only after it has been run a few times, after an update, or after harmful web content has been downloaded and shown by the application. It has been observed that applications often try to get unauthorized or inattentively authorized access to user data and to send it outside the device. The situation with Android applications is getting more and more out of control. The authors have proposed a solution for overcoming security issues, while respecting the latest Google solutions. The target group of the proposal is users who use a smartphone or tablet both for private and corporate needs, i.e. a Bring Your Own Device (BYOD) case. The authors point out and compare four possible Android technical administration solutions based on the unified model for a BYOD case. The authors also propose changes to Android architecture to enhance its security. A look at the mobile operating system, as a web server, has been proposed. Such a principle allows the implementation of a number of security principles taken from web servers solutions.