Re: [agl-dev-community] AGL Security features Implemented #automotive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 19/12/2019 19:46, Janaki wrote:

Hi Jose,

Thank you for the response. I think the presentation link you provided should give me a good start.

I am not meaning security in sense of yocto but instead I am thinking of security at each layer in  AGL architecture (like AppHMI, Application Framework layer, Services Layer and Operating System Layer). I have attached image for reference. Please let me know if there is high level bullet points of security features which are implemented at each layer.

Thanks & Regards,
Janaki


Hi Janaki,

There is no documentation that summarizes all.
The 2 higher layers, App/HMI and Application Framework, are protected by permissions managed by cynagora and by standard user and group.
The layer of services is divided in 2 parts in fact. Most of the services represented on the image are splited in two parts:
- a low level service provided by some implementation specific software stack - a high level service that expose the lower service to AGL to AGL framework and that use AGL framework to check permissions of the clients.
The access to the high level service is protected AGL framework system of permission.
The access to the low level service is defined by the implementer of the platform.
This way of dividing services allows an implementer of AGL platform to pick the low level service from its preferred provider. For example, AGL provides BLUEZ as BLE software stack implementation. An implementer may choose to get an other implementation.
The high level service is adapted to the low level service and expose a standard AGL API to applications.
Implementer choose how this is achieved: same process or different processes. It ensure security using DAC and Smack settings. 

Best regards
José Bollo







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#7931): https://lists.automotivelinux.org/g/agl-dev-community/message/7931
Mute This Topic: https://lists.automotivelinux.org/mt/68831276/2167316
Mute #automotive: https://lists.automotivelinux.org/mk?hashtag=automotive&subid=4543822
Group Owner: agl-dev-community+owner@xxxxxxxxxxxxxxxxxxxxxxxxx
Unsubscribe: https://lists.automotivelinux.org/g/agl-dev-community/leave/4543822/883735764/xyzzy  [list-automotive-discussions82@xxxxxxxxxxx]
-=-=-=-=-=-=-=-=-=-=-=-
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux