Home Publications Business Premium Content Delivery on Android: how to guard an open platform

Premium Content Delivery on Android: how to guard an open platform

Author: Riscure Team

Delivering premium content on a consumer device in a flexible and secure manner requires considerable investment in the software stack. Meanwhile, Android has become the operating system of choice for many embedded devices, both stationary and portable due to its broad hardware support, relative ease of customization and application development. Android also brings new risks that are different from the traditional STB security scenarios.

Defending an Android implementation of a secure media path also requires a unique set of methods. This whitepaper provides a high-level overview of Android security risks for the content protection and mitigations required to increase its robustness against common attacks.

Multiple ways to repurpose the device

The Android platform gives the user a variety of options to interface with the device. Even though this gives the user more freedom, it also gives the user the ability to repurpose the device. Additionally, it widens the attack surface immensely compared to traditional STBs. Since Android is open source, everything an attacker needs to know can be found online. Additionally, Android is supported by a vast community with extensive knowledge of the platform. Before running the Android OS, a secure boot implementation has to be in place that authenticates each boot stage up to and including the Android OS.

Any vulnerability in one of these boot stages can compromise all the following steps. The secure boot must be developed with security in mind and needs to implement secure coding practices to prevent logical errors. It should also include mechanisms to defend against fault injection and side channel analysis if those mechanisms are not sufficiently provided by the hardware. Android provides a feature called dm-verity to support the secure boot process. However, there are tools available to bypass the secure boot of the Android OS and the following stages, e.g., TWRP. At Riscure, we are helping our customers to mitigate this risk by ensuring a desired level of security during the earlier boot stages.

Content protection in Android: security foundations

Securing the premium content on an open platform is a challenge that can only be overcome with layered defenses in hardware and software. This can be done through multiple-level security evaluation, for example, using white-box and black-box assessments. Additional advice for premium content application developers can be found in the full whitepaper. Register to access it for free via the form below.

Recent publications

Share This