Smartphone Operating Systems: Evaluation & Enhancements

AbstractThe increasing number of mobile operating systems that operate

the small hand held devices collectively called Smartphones, have become
an integral part of our lives. The openness of these new environments has
lead to new domain of apps and markets and has enabled greater
integration with existing online services like e-banking etc. Smartphone
makers are competing in turns to outgun each other for storage, processor
speed, platform compatibility and camera megapixels but its the
predominantly software - the mobile OS - that makes the biggest divergence
to the popularity and market share of Smartphone. This paper evaluates the
popular Smartphone Operating Systems with the purpose of understanding
the user friendliness, popularity, user privacy, security and accessibility with
respect to the wide domain of apps. This paper focuses on the advantages
and limitations of the Smartphone operating systems with the intention to
determine if one of them has an edge over the other and, finally, we
propose broad enhancements aimed at making them more user-friendly and
secure. KeywordsMobile Operating Systems; Smartphone; Apps; Processor
speed; Megapixels; Security; Accessibility.
I. INTRODUCTION
Smartphone have become an indispensable part of our life. Smartphone
provide a wide variety of apps ranging from social networking to GPS
based location searching that are useful for everyone in their day-to-day
tasks. In a study of 1,600 people including managers and professionals
[1], Leslie Perlow, found the following observations: 70% Smartphone
users said they check their Smartphone within an hour of getting up in
the morning. 56% of the people check their Smartphone within an hour
before going to sleep. 48% check their smartphones over the weekend.
51% check frequently during their vacation. 44% said they would feel "a
great feeling of anxiety" if they somehow lost their Smartphone and
couldn't find a replacement for a week. It is evident that many
professionals are becoming dependent on using a Smartphone, which
has requisite ingredients of the computing platform: a core operating
system, applications and necessary hardware. The main component of a
Smartphone on which its functionality depends is the operating system.
A Smartphone, tablet or any other digital mobile device is operated by
the Operating system called the mobile OS. Modern mobile operating
systems include all the features of a personal computer operating
system and in addition to that include key features like a touch screen,
cellular, Bluetooth, WiFi, speech recognition, voice recorder, GPS mobile
navigation, camera, video camera, music player etc. The Smartphone
operating system (OS) evolution has grown to include contenders such
as Google, Microsoft, Apple, Symbian, and Palm with each of them trying
to make it more user friendly and secure. While these mobile operating
system platforms have ameliorated a lot since their origination, none of
these Smartphone developers provide a mobile OS that is perfect and
lives up to all the users in terms of user friendliness and privacy. They
argue that their platforms perform the best in all states of affairs and will
for sure not publicize any disadvantage with their Operating systems.
This makes it hard for end users particularly novice users to know which
platform is best fitted for their day to day need. In this paper, we present
a comprehensive analysis of each mobile operating system in order to
describe the effectiveness of one Operating System over others. Section
II gives the overview of various Smartphone operating systems. In
section III we identify the limitations of mobile operating systems. In
section IV we propose the enhancements which could be implemented in
the Smartphone Operating Systems and finally we describe our
conclusions in section V.
II. SMARTPHONE OPERATING SYSTEMS
A. ANDROID
Andy Rubin, Googles director of smartphones, said There should be
nothing that desktop users can access on their PCs that they cant
access on their smartphones [2]. With this imagination and vision, the
acceptance of smart phones having Googles Android Operating System
is continuously on the rise in the 21st century.
Android is an operating environment based on Linux kernel, it is also a
superimposed or layered system [3]; the comprehensive architecture of
Android system is shown in Figure 1. Application layer is the UI of all
Android applications including an Email, SMS, GPS, web browser and
others. All applications are developed using the Java programming
language and Java APIs. All Android apps are based on the application
framework. The Android application framework includes the following
components: A rich set of Views that can be implemented to build an app
with colorful UI, It includes set of lists, grid views, input boxes, buttons,
and also an engrafted browser. A variety of Content Providers that
facilitates the programmers to build the applications which can access
data from other apps, or to share their own data with other apps. A
Resource Manager that facilitates to provide access to resources such as
strings, and layouts. A Notification Manager that gives provision to all
applications to display user defined alarms in the status bar of the app.
An Activity Manager
that facilitates
the app to handle the
lifecycle of applications
and provides a common
navigation to the app
[1].
Some of the advantages of Android over other Smartphone operating
systems are summarized below.
The android is open source with its ability to run lacs of apps just like the
iPhone but with variety of phone models unlike iPhone whose apps can run
on iPhone only.
Android allows developers & programmers to develop apps (applications) in
an "application without borders" environment.
Android is beginner friendly and supremely customizable. Android has the
major share of the market because the user friendly experience and
improving quickly as per their needs.
Googles android now navigates user location and calendar to scientifically
show you pertinent info e.g. traffic to work, cafes, and flight information and
lets you explore with voice commands and replies with natural speech.
Android is an open source service. This means we can freely download it and
start building our own apps. Anyone can download to modify and enhance
the software quality by making it more effective and user friendly. Apps are
freely developed and designed by numerous app programmers worldwide
and these developed apps are freely available on the Android market. This
attractive feature of being open source has also attracted mobile phone
companies to manufacture attractive phones using Android OS.
Android is not just an operating system designed for individuals but it also
fulfills serious business needs at the same time. Android market offers wide
range of apps that are particularly designed to manage a business. It
enables a closer look at various business processes on the go with the help
of these apps.
B. IPHONE OS
iOS is the mobile operating system developed by Apple Inc. It is the second
most commonly used operating system behind Googles Android. Unlike
Android it can be installed only on Apples hardware.
The iPhone OS has seen a speedy advances in quality and earned a large
and devoted user base. The iPhone OS has risen so far and so fast mainly
due to the innovations on UI and accessibility of 3rd party applications [11].
Unlike the Android security system, iOS security architecture furnishes
different framework for achieving mobile device security and users security.
The iOS application platform empowers programmers to create new
applications and to add to the application store. However, each application
presented by a third party developer is submitted to the revision and
aleration process. During the revision process the application code is
exhaustively analyzed by proficient developers who make sure that the app
is dependable and secure before it is published to the application store.
However, such an application, when installed, gets all the permissions on a
mobile device. Application might access all the resources like local camera,
internet without user's knowledge. While Android allows users to manage
their security configuration as their own duty, the iOS platform makes
developers to develop safe apps by using iOS secure APIs and forbids unsafe
applications from getting into the app store. The iOS security APIs are well
dealt and settled in the operating system at the Core Services layer and are
dependent on services in the Core OS layer called the kernel of the
operating system [14]. Applications that need to accomplish a network task,
may use secure networking functions through the CFNetwork API located in
the Core Services layer. The iOS security implementation includes a daemon
called the Security Server that implements several security protocols. The
Security Server has no API with public access. Instead, applications use the
Keychain Services API, the Certificate, Key, and Trust services API, which in
turn provide access to the Security Server.

C. SYMBIAN
The Symbian OS was projected particularly for mobile devices with its little
memory footprint and takes low power. It is an open OS, enabling free
access to the third party developers to develop and install apps
independently from the device producers. A broad C++ API is furnished
which permits access to services such as calling and messaging, in addition
to basic OS functionality. The Symbian OS was planned so applications could
run for years without losing the user data. Also the OS has the capability of
being platform independent and platform independent [6, 7, 8, 9].
D. WINDOWS MOBILE
This platform is founded on Windows CE (WinCE). WinCE is a compact OS
specifically planned for pervasive computing devices. It is sharpened on
providing a uniform interface for applications on several hardware platforms
which stresses portability by providing the user with the Win32 API. The
hardware platforms include Tablets, Smartphones, and even onboard LEDs in
automobiles. The Windows Mobile OS was designed for flexibility and with
the programmer in mind. For that reason it was designed to support lots of
pre-emptive multitasking. It confirms a whopping 256 priority levels for
threads and up to 32 processes. It supports all of the standard mutual
exclusion and synchronization methods you would expect from a desktop
PC. This practicality makes it ideal for a Smartphone because the users
generally demand multitasking and want to be as fertile as possible [4, 7, 8,
9]. E. Palm OS Palm OS is a proprietary operating system in the first place
developed by Palm Inc. In the early versions (pre-Garnet), the Palm OS was
primarily utilized in Palm-developed Personal Digital Assistant (PDA) mobile
hardware units. At one point, Palm PDAs with the Palm OS held 85% of the
market share in the mobile device market [12]. However, in recent years,
Palm's market share has been in decline, mostly due to the dead nature of
the OS development and has conceded the contributing position to Symbian
[6, 7, 8, 12].
II. LIMITATIONS OF MOBILE OS
As discussed in the previous sections, the mobile operating systems are
competing for the major market share and are claiming to be the best for
the users, yet they have number of limitations in their platforms which
for obvious reasons they are not disclosing to their users. The malicious
apps directed at mobile devices have mounted from about 14,000 to
40,000 in less than a year. This rise in the malicious apps requires a
secure OS. The securityrelated limitations of the Mobile operating
systems are listed below:
All or No Permission: A user cannot grant single permissions, while
rejecting others in order to install the app. Among the list of permissions
an app might request a set of suspicious permissions among the other
legitimate permissions, will still be able to confirm the installation.
Mobile devices may download malware which the mobile OS is not able
to trace. The novice users may download apps that contain malware
unknowingly because it can be disguised as a popular game, security
patch released by the OS, utility service, or other useful application. It is
difficult for novice users to make any difference between a legitimate
app and one containing the security risk in the form of malware.
Often, the users of the app cannot judge the appropriateness and
legitimacy of permissions for the app they are installing. In some other
cases it may be well understood, for example when a popular game app
requests the privilege to access the contacts or to send SMS messages.
In many cases, however, users will simply not be able to understand the
appropriateness of the permission.
Functionality, which is supposed to be possible only given the number of
permissions, can still be performed with less number of appropriate
permissions or even with none at all. In case of the iOS, the user is not at
all informed about any of the permissions. The app can access any of the
resources without the permission of the user.
TABLE II. RESISTANCE OF ANDROID AND IOS AGAINST VARIOUS ATTACKS
[5].

III. PROPOSED OS ENHANCEMENTS

To enhance the security of the Smartphone operating systems we
propose the following Enhancements:
A. Need Based Permission System (NBS) The Need-Based Security (NBS)
system designed to enhance the privacy of the user at run time. The
main advantage of the proposed NBS system is that the user is informed
about the authorized and unauthorized access of the resources at run
time. The NBS system can be implemented in the operating system to
provide the permissions at run time. Currently the OS is either including
all the permissions without the information of the user as in case of iOS
or it forces the user to accept all the permissions at install time as in
case of the very popular Android OS. The most important file
AndroidManifest.xml which lists the permissions of the app can be
modified at run time by providing the need based permission system.
Whenever the app requests for the permission the user may be informed
at that moment. For example, let us examine the Dial Kashmir app
available on Google Play which gives all the details of Tourist places in
Kashmir and contact details of important places like universities,
government offices etc. The main permission this app may require is the
INTERNET. If it includes MANAGE_ACCOUNTS which is the permission that
allows the app to retrieve the user account information from the phone,
our operating system will get the permission from the user at run time to
access the resource. If the user permits only then the permission will be
granted. The main advantage of our NBS system is that it gives freedom
to the users and the programmers to write code which does not result in
usability issues. Need based permission system and getting permission
approvals at run time is a relatively new but promising approach as it
gives lot of fine-grained control to the novice users.
B. Security API In order to deal with the malicious apps downloaded by
the user, we propose a security API which can be integrated with the
existing security framework of mobile operating system. The objective is
to provide security against the Apps which are installed by the end user
and are given all the permissions at the time of installation. This
enhanced security has the suitable feature of not troubling a regular user
in any obtrusive way. In fact, the user need not even be aware that the
Security API has been applied. We must simply prevent the modification
and access of data from mobile phones by other external malicious
applications unknowingly. We propose an API which will enhance the
security of existing Android Framework.
The first step in our proposed security API is implemented by adapting an
encryption technique utilizing Advanced Encryption Algorithm (AES) and
applying it to all the personal files in the Smartphone. File operations
offered by the proposed Security API should aid in the detection of
potentially malicious Apps whose behavior matches that of Malware.
Malware recognition is usually achieved by signature matching, heuristic
analysis, or comparing hash-values
Fig. 2. Sequence Diagram of the System
IV. CONCLUSION
The increasing trend of Smartphone usage by individuals of all ages has
brought forward stiff competition between different Smartphone OSs
and Googles Android OS. However, recent research and reports revealed
that the novice users are not secure on these platforms because of the
limitations of these OS. We found different types of limitations in various
mobile operating systems and particularly in Android and iOS which are
the leading mobile Operating Systems. We found that there is a major
need of modification in the permission based model of security system
and we strongly recommended the implementation of Need based
security system in the mobile operating systems so that the novice user
can be informed at run time about the accesses being made to the
mobiles various resources.