Document Overview
| Feature/Product: | Use System Storage on Android |
| Projected Feature Freeze Date: | Q4 2011 |
| Product Champions: | Doug Turner |
| Privacy Champions: | Sid Stamm, Ian Melven |
| Security Contact: | Curtis Koenig |
| Document State: | [NEW] |
Timeline:
| Architectural Overview: | 2-Nov-2011 |
| Recommendation Meeting: | (date TBD) |
| Review Complete ETA: | tbd |
Architecture
In this section, the product's architecture is described. Any individual components or actors are identified, their "knowledge" or what data they store is identified, and data flow between components and external entities is described.
The main objective of this feature/product is: to use the Android System database for storing sync data (bookmarks, history, form data, etc).
Design Documents: Link to any design or architectural documents here.
Components
There are four major parts to this system: the Sync Service, Firefox Mobile, and Google's Cloud Services.
Firefox Mobile
This component is the mobile browser application on Android. It is a sync client, and with this new feature, it will also be a Google sync client.
Stored Data:
The data stored in the browser will be kept in the Android Operating System's system storage. These databases are automatically accessible by the system default browser (and other apps) and synchronized with the phone's owner's google account.
| What | Where |
|---|---|
| bookmarks, history, passwords, form fill data | Android System Storage DB |
Communication with Sync Service
Firefox Mobile communicates with sync services as a sync client. The information it transmits is encrypted before transmission and the decryption key is not available to the Sync Service.
For details see http://docs.services.mozilla.com/storage/apis-1.1.html#apis -- this review documents only the bits of the API involved with storage of data in Android System Storage.
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | return from GET /storage/collection/id | encrypted sync object (bookmark, history item, form data, password, etc) | |
| return from GET /storage/collection | metadata about the users' data objects on the server | ||
| Out: | GET /storage/collection/id | sync object identifier (unique object ID) | |
| GET /storage/collection | optional parameters for filtering the query | (see the API) |
Communication with Android OS Storage
Sync Service (external)
This (external) component provides synchronization services for Firefox. The data on the server is kept encrypted, and synchronized with Firefox on mobile and desktop. For the purpose of this review, this Sync Service is a data provider for Firefox Mobile.
Stored Data:
The data stored in the Sync Service are all encrypted with a key that is not available to the service (it is kept on the clients).
| What | Where |
|---|---|
| bookmarks, history, passwords, form fill data | Mozilla sync server |
Communication with Firefox Mobile
Not all of the communication with Firefox Mobile will be documented here, only the communications relevant to using Android System Storage.
| Direction | Message | Data | Notes |
|---|---|---|---|
| In: | message 1 | types of data received from component Y with the message | |
| Out: | message 2 | types of data sent to component Y with the message |
Google Cloud Services (external)
Describe any major components in the system and how they interact. Also include any third-party APIs (those Mozilla does not control) and what type of data is sent or received via those APIs.
User Data Risk Minimization
In this section, the privacy champion will identify areas of user data risk and recommendations for minimizing the risk.
Alignment with Privacy Operating Principles
In this section, the privacy champion will identify how the feature lines up with Mozilla's privacy operating principles.
See Also: Privacy/Roadmap_2011#Operating_Principles:
Principle: Transparency / No Surprises
(How the feature addresses this)
Recommendations: (what can be improved)
Principle: Real Choice
Recommendations:
Principle: Sensible Defaults
Recommendations:
Principle: Limited Data
Recommendations:
Follow-up Tasks and tracking
| What | Who | Bug | Details |
|---|---|---|---|
| [NEW] Initial Overview Discussion | ? | Meeting time TBD |