CRePE: Context-Related Policy Enforcement for Android
نویسندگان
چکیده
Most of the research work for enforcing security policies on smartphones considered coarse-grained policies, e.g. either to allow an application to run or not. In this paper we present CRePE, the first system that is able to enforce fine-grained policies, e.g. that vary while an application is running, that also depend on the context of the smartphone. A context can be defined by the status of some variables (e.g. location, time, temperature, noise, and light), the presence of other devices, a particular interaction between the user and the smartphone, or a combination of these. CRePE allows context-related policies to be defined either by the user or by trusted third parties. Depending on the authorization, third parties can set a policy on a smartphone at any moment or just when the phone is within a particular context, e.g. within a building, or a plane.
منابع مشابه
DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices
It is becoming a global trend for company employees equipped with mobile devices to access company’s assets. Besides enterprise apps, lots of personal apps from various untrusted app stores may also be installed on those devices. To secure the business environment, policy enforcement on what, how, and when certain apps can access system resources is required by enterprise IT. However, Android, ...
متن کاملCRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android
Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CRêPE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this ...
متن کاملKratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
The Android framework utilizes a permission-based security model, which is essentially a variation of the ACL-based access control mechanism. This security model provides controlled access to various system resources. Access control systems are known to be vulnerable to anomalies in security policies, such as inconsistency. In this work, we focus on inconsistent security enforcement within the ...
متن کاملFineDroid: Enforcing Permissions with System-Wide Application Execution Context
To protect sensitive resources from unauthorized use, modern mobile systems, such as Android and iOS, design a permission-based access control model. However, current model could not enforce fine-grained control over the dynamic permission use contexts, causing two severe security problems. First, any code package in an application could use the granted permissions, inducing attackers to embed ...
متن کاملTowards a Framework for Android Security Modules: Extending SE Android Type Enforcement to Android Middleware
Smartphones and tablets have become an integral part of our daily life. They increasingly store and process security and privacy sensitive data which makes them attractive targets for attackers. In particular for the popular Android OS, a number of security extensions have been proposed that target specific security and privacy problems caused by Android’s lack of a fine-grained, dynamic and sy...
متن کامل