CS 4401 (A12): Software Security Engineering
Assignment: Tech Memo on Mobile Platform Security Architectures

Due: Thursday, October 4 by 2pm (when class starts) under Turnin assignment phones.


Different mobile phone platforms have different architectures for managing application security. The architectural features affect how one develops applications for that platform. These features also affect how users install applications. Different platforms also have different policies for application developers that are designed to prevent malicious software from making it into a platform's marketplace (for downloading applications).

Write a tech memo describing the security architecture and marketplace security policies for ONE OF Apple iPhone iOS or Google Android (your choice). Describe how the architecture protects data and applications from one another. Evaluate the architecture against the usual concerns, such as threats, data confidentiality, and data integrity. Discuss the impact of the architectural decisions, if any, on application users. Basically, pull together the themes of the course into a clear summary of what a team would need to know as they set out to develop a mobile application for your chosen platform.

You are welcome to include diagrams in your memo, but make sure your prose augments the diagram content. (Basically, include text to convince us that you understand the diagram.)

As with all technical memo assignments, your answer should be 1-2 pages in length and written crisply for a technical audience.

For examples of the right level of detail and crispness on memos, see the three sample two-factor memos posted in Blackboard (Course Materials → Tech Memos → Sample Strong Two-Factor Memos).

What to Turn In

Turn in a single file whose title references the architecture you chose (i.e., ios-memo.docx, android-memo.pdf, etc). We will use the file names to sort your assignments by platform. Either Word or PDF formats is fine.