Security/Reviews/B2G/SecureElement

From MozillaWiki
< Security‎ | Reviews‎ | B2G
Jump to: navigation, search

Overview

FirefoxOS Review Details

  • API: SecureElement API
  • Review Date: March 3 2015
  • Review Lead: Stephanie Ouillon

Context

  • Secure element is being implemented as part for FxOS 2.2
  • This extends NFC capability to handle secure element transactions.
  • Details of the API can be found here: <ADD MDN LINK>

Scope

  • This review covers the parts of specific to Secure Element API, including Gaia changes, the Web API and underlying gecko and gonk implementation.
  • Access control enforcer ?

The following system components were reviewed:

  • Gaia
    • Changes in the system app?
    • Changes in the settings app?
  • Gecko
    • mozXXX interface
    • Gecko Permissions
    • Messaging ( messages, system messages)
    • Interface to XYZ service on IPC socket (JSON-based communication protocol)
  • Gonk
    • XYZ Service

The following items were deemed lower risk and not reviewed:

  • Communication between XYZ and hardware
  • etc etc

Components

See Web NFC review for example

Relevant Source Code

Permission Model

  • Paste from Permissions Table.jsm (see below)
  • Discuss anything special like access
  • Discuss where permissions are enforced (access to object, on IPC messages, at each function call etc)
 "wifi-manage": {
 190                              app: DENY_ACTION,
 191                              privileged: DENY_ACTION,
 192                              certified: ALLOW_ACTION
 193                            },

Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

Security Risks & Mitigating Controls

Actions & Recommendations

  • List of recommendations, and corresponding bug numbers
  • For sensitive bugs, just put bug number (or omit entirely maybe it is really dangerous & obvious)