Google improving long-term Android security by working with academic researchers
Google has a number of ongoing efforts to protect Android, ranging from monthly security patches to Play Store protections. The latest initiative is called Android Security and PrIvacy REsearch (ASPIRE) to increase collaboration between the company’s internal teams and outside researchers.
Customization is one of Android’s greatest strengths. Android’s open source nature has enabled thousands of device types that cover a variety of use cases. In addition to adding features to the Android Open Source Project, researchers, developers, service providers, and device and chipset manufacturers can make updates to improve Android security.
The open nature of Android has long allowed collaborators to contribute and improve OS security, with Google specifically noting the advancements provided by the academic community:
Investing and engaging in academic research advances the state-of-the-art security techniques, contributes to science, and delivers cutting edge security and privacy features into the hands of end users.
To foster more collaboration between the Android Security and Privacy team and the “wider academic and industrial community,” Google is forming ASPIRE (Android Security and PrIvacy REsearch).
The forward-looking initiative will develop new security and privacy technology that will come to fruition in the next 2-5 years, “but isn’t planned for mainline Android development.” This longer timeline allows more research and development before wide-scale adoption in the mobile OS.
This timeframe extends beyond the next annual Android release to allow adequate time to analyze, develop, and stabilize research into features before including in the platform. To collaborate with security researchers, we’re hosting events and creating more channels to contribute research.
Google will be hosting more events, and notes how researchers can get involved:
- Submit an Android security / privacy research idea or proposal to the Google Faculty Research Awards (FRA) program.
- Apply for a research internship as a student pursuing an advanced degree.
- Apply to become a Visiting Researcher at Google.
- If you have any security or privacy questions that may help with your research, reach out to us.
- Co-author publications with Android team members, outside the terms of FRA.
- Collaborate with Android team members to make changes to the Android Open Source Project.