Differences Between the Security Models of Android and iOS

Seminar paper from the year 2018 in the subject Computer Science - IT-Security, grade: 1,0, Technical University of Munich, course: Seminar Mobile Application Security, language: English, abstract: Smartphones are being used as the preferred device for as many things as possible in today's world. This is why having secure phones that are resilient against attacks targeting their users' data, becomes more and more important. This paper tries to assess what measures device vendors have taken to ensure those attacks will not be successful. Because the market is mostly divided between Google's Android and Apple's iOS, we put our focus on those two operating systems and compare their respective security models. Additionally this comparison will be evaluating how those models have changed over time since the beginning of the smartphone era around 2010. The last part of this analysis will take a look at a different view on smartphones, the perspective of so-called 'power users': Those are people that do not only use their smartphone for downloading some apps and surfing the Internet but rather want to do some lower-level customization to the operating system, by rooting their Android device or jailbreaking their iPhone. This process of gaining full privileges on the phone not only creates advantages for the user but can also have rather negative implications on the device's security. How exactly does this affect the protections implemented by the vendor?