Stephen Smalley with NSA announced the public release of the SE Android platform earlier this month. The SE Android is based on work NSA has been doing on the SE Linux project, which is a security-hardened version of Linux that the agency released in 2000.
The SE Android project enables the use of SE Linux in order “to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps”, according to an explanation posted on the SE Linux project website.
In a slide presentation, Smalley explained that SE Android security is based on an application-level permissions model, which controls access to app components and system resources, and is specified by the app writers and seen by the users.
There is kernel-level sandboxing and isolation technology that isolates apps from each other and the system, prevents bypass of application-level controls, relies on Linux discretionary access control (DAC), and is normally invisible to the users and app writers. Smalley explained that DAC is the typical form of access control in Linux in which access to data is at the discretion of the owner/creator of the data.