Security/Reviews/B2G/SecureElement
From MozillaWiki
Contents
Overview
FirefoxOS Review Details
- API: SecureElement API
- Review Date: March 3 2015
- Review Lead: Stephanie Ouillon
Context
- Secure element is being implemented as part for FxOS 2.2
- This extends NFC capability to handle secure element transactions.
- Details of the API can be found here: <ADD MDN LINK>
Scope
- This review covers the parts of specific to Secure Element API, including Gaia changes, the Web API and underlying gecko and gonk implementation.
- Access control enforcer ?
The following system components were reviewed:
- Gaia
- Changes in the system app?
- Changes in the settings app?
- Gecko
- mozXXX interface
- Gecko Permissions
- Messaging ( messages, system messages)
- Interface to XYZ service on IPC socket (JSON-based communication protocol)
- Gonk
- XYZ Service
The following items were deemed lower risk and not reviewed:
- Communication between XYZ and hardware
- etc etc
Components
See Web NFC review for example
Relevant Source Code
Permission Model
- Paste from Permissions Table.jsm (see below)
- Discuss anything special like access
- Discuss where permissions are enforced (access to object, on IPC messages, at each function call etc)
"wifi-manage": { 190 app: DENY_ACTION, 191 privileged: DENY_ACTION, 192 certified: ALLOW_ACTION 193 },
Review Notes
1. Content/Chrome Segregation
2. Process Segregation
3. Data validation & Sanitization
4. Denial of Service
Security Risks & Mitigating Controls
- At a minimum, something like Web NFC discussion
- Maybe more in-depth if needed e.g./Security/Reviews/Identity/browserid#Threat_Model BrowserID (persona)
Actions & Recommendations
- List of recommendations, and corresponding bug numbers
- For sensitive bugs, just put bug number (or omit entirely maybe it is really dangerous & obvious)