Security/Tizen 2.X csr-framework
The content security and reputation (CSR) framework provides checking content screening and blocking access of malicious web site. The CSR framework will be responsible for passing the security API calls to security plug-in, which could be provided by security vendor plug-in. The framework is also responsible for error handling when there is no security vendor plug-in installed.
Both content security framework and security plug-in are shared libraries in Tizen case. All the code is loaded in the application memory space. The authentication of those libraries will be covered by Tizen certificate process. Content security framework (libsecfw.so) will be linked directly to system component which is invoking the security API, while the security plug-in will be loaded in the runtime and installed along with security application package. The security application package should be signed with a trusted certificate which indicates that the package is authorized to carry security plug-in and is ready for use. And as a security consideration, Tizen installer will check this package whenever the application gets installed.
CSR Framework Functions
The CSR framework provides 2 types of functions.
- Tizen content screening
- - The CSR framework enables caller modules and applications to scan the content inside their logic data.
- - The content can be memory or a file.
- - Using this, the application installer checks the downloaded application against a virus or a malware before it is installed.
- Tizen web protection
- - Web Protection Service can protect users around the world from web-based malware threats, browser exploits, and identity theft. With the spread of connected devices and the popularity of related apps, mobile vendors and businesses are looking for new ways to use the 'cloud' in order to provide seamless and fully integrated web protection. This document has responded to these trends by introducing Web Protection Services. Partners and businesses can now protect their users by directly scanning all external, website links against Web Protection Services and assessing their safety.
- - Web Protection Services give direction about the reputation and category of any given URL. This provides site analysis protection to users without them having to install security software. The Web Protection Services SDK lets you use Web Reputation cloud to determine:
- - The reputation of one or more URLs
- - The category of one or more URLs
- - If URLs should be blocked, providing a URL to redirect users to a block page
- - The web browser embedded in Tizen platform uses this web protection service of CSR framework to protect a user's web environment.
The role of CSR Framework
- API standardizing
- - Content Security Framework will provide a set of APIs to other system modules with security features. Currently we have site engine and anti-virus engine API defined in this framework. Please refer to Tizen content screening and site engine API specification for detail. Each security vendor who wants to add their plug-in to Tizen platform, need to provide a plug-in library which conforms to the Framework API which we defined in the framework above their own engines
- Plug-in management
- - Content security framework is responsible for plug-in loading/reloading. It will always try to load the new plug-in from "/opt/usr/share/sec_plugin/libengine.so" when content security framework is reinitialized by library open API call, in this case it is tcs_library_open(). This is saying that the newly installed security plug-in will be loaded only when tcs_library_open() gets called. During the tcs_library_close() and tcs_library_open(), the caller will keep using the old security plug-in until it close the library and reopen it.
- Error handling
- - Content security framework will return not implemented error code to caller if there is no plug-in found at "/opt/usr/share/sec_plugin".
- Concurrent Scan Support:
- - The TCS security vendor plug-in must support concurrent scan in multi-tasking, so that Tizen component can have multiple threads to scan content concurrently.