了解 Security Posture
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
securityPosture
是设备的安全评估,由当前设备状态决定。当前设备状态取决于设备是否已启用 root 权限、是否运行自定义 ROM 等因素。
securityPosture
在响应中会细分为 devicePosture
和包含字段 securityRisk
的额外 postureDetails
列表。
securityRisk
字段可让您了解设备未被视为处于最安全状态的原因,而 advice
列表可帮助您执行操作来改善设备的安全状态。例如:
{
"devicePosture": "POTENTIALLY_COMPROMISED",
"postureDetails": [
{
"securityRisk": "UNKNOWN_OS",
"advice": [
{
"defaultMessage": "The user should lock their device's bootloader."
}
]
},
{
"securityRisk": "HARDWARE_BACKED_EVALUATION_FAILED"
}
]
}
评估安全状况
默认情况下,系统会使用密钥认证(具体而言,如果适用,则使用硬件支持的密钥认证 [HBKA])来评估 securityPosture
,并在安全硬件中生成和签署认证,从而提供可信的安全判定结果。
有时,HBKA 可能无法用于此评估。为反映这一点,securityRisk
将返回“HARDWARE_BACKED_EVALUATION_FAILED”。这意味着,可以评估 securityPosture
,但不能使用 HBKA,这意味着设备的启动完整性状态可能会遭到破坏(例如,设备可能会被取得 root 权限),并且不会被基于软件的检测检测到。
了解安全状况判定结果
您可以通过解读 devicePosture
和 securityRisk
的不同组合来了解设备的整体安全性。请注意,以下列表并未涵盖所有可能的原因:
- 如果
devicePosture
返回“SECURE”且 securityRisk
返回“HARDWARE_BACKED_EVALUATION_FAILED”,则表示设备的完整性是安全的,但 HBKA 无法确认这一点。
- 如果
devicePosture
返回“POTENTIALLY_COMPROMISED”且未返回 securityRisk
结果,则在评估中使用 HBKA,并将设备视为已遭到入侵。
- 如果
devicePosture
返回“POTENTIALLY_COMPROMISED”且 securityRisk
返回“HARDWARE_BACKED_EVALUATION_FAILED”,则只能执行基于软件的检查,但完整性威胁信号足以将设备视为已遭破解。
- 如果
devicePosture
返回“POSTURE_UNSPECIFIED”,则无法完成安全评估。我们建议您等待 HBKA 重新签发(在返回新判定结果时发生),看看它能否返回特定值。不过,在首次安装时,预计会短时间出现“POSTURE_UNSPECIFIED”。
Android Management API 与 Play Integrity API 的映射
下表提供了 AM API 判定结果与 Play Integrity API 判定响应之间的对应关系。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-07-26。
[null,null,["最后更新时间 (UTC):2025-07-26。"],[[["\u003cp\u003e\u003ccode\u003esecurityPosture\u003c/code\u003e provides a security evaluation of an Android device based on factors like rooting, custom ROMs, and key attestation.\u003c/p\u003e\n"],["\u003cp\u003eIt uses \u003ccode\u003edevicePosture\u003c/code\u003e and \u003ccode\u003esecurityRisk\u003c/code\u003e fields to determine if a device is secure, potentially compromised, or if evaluation failed.\u003c/p\u003e\n"],["\u003cp\u003eHardware-backed key attestation (HBKA) provides a trustworthy security verdict, but software-based checks are used if HBKA fails.\u003c/p\u003e\n"],["\u003cp\u003eDifferent combinations of \u003ccode\u003edevicePosture\u003c/code\u003e and \u003ccode\u003esecurityRisk\u003c/code\u003e values offer insight into the specific security state of a device.\u003c/p\u003e\n"],["\u003cp\u003eThe Android Management API security verdicts have corresponding mappings to Play Integrity API verdict responses.\u003c/p\u003e\n"]]],["`securityPosture` evaluates device security based on factors like rooting or custom ROMs. It breaks down into `devicePosture` and `postureDetails`, the latter including `securityRisk` and `advice`. `securityRisk` highlights potential security issues. Evaluations use hardware-backed key attestation (HBKA) when possible; failures are marked by `HARDWARE_BACKED_EVALUATION_FAILED` in `securityRisk`. Different `devicePosture` and `securityRisk` combinations indicate varying security levels, such as \"SECURE\" with HBKA failure, or \"POTENTIALLY_COMPROMISED\". It also maps the AM API verdicts to the Play Integrity API.\n"],null,["# Understanding Security Posture\n\n[`securityPosture`](/android/management/reference/rest/v1/enterprises.devices#securityposture) is the security evaluation of a device, determined by the current device status.\nCurrent device status is determined by factors such as if the device has been rooted, if it is running a custom ROM, and more.\n\n`securityPosture` is broken down in the response into [`devicePosture`](/android/management/reference/rest/v1/enterprises.devices#deviceposture) and an additional list of [`postureDetails`](/android/management/reference/rest/v1/enterprises.devices#posturedetail) which contains the field [`securityRisk`](/android/management/reference/rest/v1/enterprises.devices#securityrisk).\n\nThe `securityRisk` field gives an idea of why the device is not considered to be in the most secure state, while the `advice` list can help perform actions to improve the security posture of the device.\nFor example: \n\n```gdscript\n {\n \"devicePosture\": \"POTENTIALLY_COMPROMISED\",\n \"postureDetails\": [\n {\n \"securityRisk\": \"UNKNOWN_OS\",\n \"advice\": [\n {\n \"defaultMessage\": \"The user should lock their device's bootloader.\"\n }\n ]\n },\n {\n \"securityRisk\": \"HARDWARE_BACKED_EVALUATION_FAILED\"\n }\n ]\n}\n```\n\nEvaluating Security Posture\n---------------------------\n\nBy default, `securityPosture` is evaluated using key attestation, specifically [hardware-backed key attestation (HBKA)](https://developer.android.com/training/articles/security-key-attestation) if applicable, providing a trustworthy security verdict as it generates and signs the attestation in secure hardware.\n\nIt may sometimes be the case that HBKA cannot be used for this evaluation. To reflect this, `securityRisk` will return \"HARDWARE_BACKED_EVALUATION_FAILED\". This means that `securityPosture` can be evaluated but not with HBKA, meaning that the device's boot integrity state could be compromised (e.g. the device could be rooted) and go undetected by software-based detection.\n\nUnderstanding Security Posture Verdicts\n---------------------------------------\n\nDifferent combinations of `devicePosture` and `securityRisk` can be interpreted to understand the overall security of the device. Please be aware that the list below is not exhaustive:\n\n- If `devicePosture` returns \"SECURE\" and `securityRisk` returns \"HARDWARE_BACKED_EVALUATION_FAILED\" the device's integrity is secure, but this could not be confirmed by HBKA.\n- If `devicePosture` returns \"POTENTIALLY_COMPROMISED\" and no `securityRisk` result is returned, then HBKA is used in the evaluation and considers the device as compromised.\n- If `devicePosture` returns \"POTENTIALLY_COMPROMISED\" and `securityRisk` returns \"HARDWARE_BACKED_EVALUATION_FAILED\" then only software based checks could be performed, yet the integrity threat signals are strong enough to consider the device as compromised.\n- If `devicePosture` returns \"POSTURE_UNSPECIFIED\" then the security evaluation could not be completed. We recommend waiting for the re-issuance of the HBKA, which occurs when a new verdict is returned, to see if it can return a specific value. However, it is expected for \"POSTURE_UNSPECIFIED\" to occur on initial install for a short period of time.\n\n### Android Management API to Play Integrity API mappings\n\nThe following table provides the mapping equivalence between AM API verdict and\nthe Play Integrity API verdict response.\n\n| [AM API DevicePosture](/android/management/reference/rest/v1/enterprises.devices#deviceposture) | [AM API Posture.Detail.SecurityRisk](/android/management/reference/rest/v1/enterprises.devices#PostureDetail.FIELDS.security_risk) | [Play Integrity API verdict equivalent](/google/play/integrity/verdicts#device-integrity-field) |\n|------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------|\n| [`SECURE`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.SECURE) | [`SECURITY_RISK_UNSPECIFIED`](/android/management/reference/rest/v1/enterprises.devices#SecurityRisk.ENUM_VALUES.SECURITY_RISK_UNSPECIFIED) | `MEETS_STRONG_INTEGRITY` |\n| [`SECURE`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.SECURE) | contains: [`HARDWARE_BACKED_EVALUATION_FAILED`](/android/management/reference/rest/v1/enterprises.devices#SecurityRisk.ENUM_VALUES.HARDWARE_BACKED_EVALUATION_FAILED) | `MEETS_DEVICE_INTEGRITY` |\n| [`AT_RISK`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.AT_RISK) | contains: [`HARDWARE_BACKED_EVALUATION_FAILED`](/android/management/reference/rest/v1/enterprises.devices#SecurityRisk.ENUM_VALUES.HARDWARE_BACKED_EVALUATION_FAILED) | `MEETS_DEVICE_INTEGRITY` |\n| [`POTENTIALLY_COMPROMISED`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.POTENTIALLY_COMPROMISED) | contains: [`UNKNOWN_OS`](/android/management/reference/rest/v1/enterprises.devices#SecurityRisk.ENUM_VALUES.UNKNOWN_OS) | `MEETS_BASIC_INTEGRITY` |\n| [`POTENTIALLY_COMPROMISED`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.POTENTIALLY_COMPROMISED) | contains: [`COMPROMISED_OS`](/android/management/reference/rest/v1/enterprises.devices#SecurityRisk.ENUM_VALUES.COMPROMISED_OS) | `\u003cunset\u003e` |\n| [`POSTURE_UNSPECIFIED`](/android/management/reference/rest/v1/enterprises.devices#DevicePosture.ENUM_VALUES.POSTURE_UNSPECIFIED) | `\u003cany\u003e` | `\u003cunset\u003e` |"]]