“Originally developed by programmers from the National Security Agency, SELinux enforces a much finer-grained series of mandatory access control policies. the other big security enhancement introduced in Android 4.3 is a more robust way to store cryptographic credentials used to access sensitive information and resources. ‘With the keychain enhancements, the system-wide keys are bound to a hardware-based root of trust process devices that support this,’ said Pau Oliva Fora, senior mobile security engineer at viaForensics. ‘The phone needs to have a secure element such as a Trusted Platform Module so that private keys can’t be stolen.’”
