Dynamic Security Policy Enforcement on Android

被引：0

作者：

Vanco, Matus ^{[1
]}

Aron, Lukas ^{[1
]}

机构：

[1] Brno Univ Technol, Brno, Czech Republic

来源：

INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 09期

关键词：

private data; Aurasium framework; operating system; system call; binder driver; Android security; policy enforcement; security policy;

D O I：

10.14257/ijsia.2016.10.9.15

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This work presentss the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder.

引用

页码：141 / 148

页数：8

共 50 条

[21] Analysis of Access Control Enforcement in Android [J].

Enck, William .

SACMAT'20: PROCEEDINGS OF THE 25TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2020, :117-118

[22] RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems [J].

Aloulou, Houssem ;

Loulou, Monia ;

Kallel, Slim ;

Kacem, Ahmed Hadj .

DATA PRIVACY MANAGEMENT AND AUTONOMOUS SPONTANEOUS SECURITY, 2010, 5939 :237-252

[23] PerfSPEC: Performance Profiling-Based Proactive Security Policy Enforcement for Containers [J].

Kermabon-Bobinnec, Hugo ;

Bagheri, Sima ;

Gholipourchoubeh, Mahmood ;

Majumdar, Suryadipta ;

Jarraya, Yosr ;

Wang, Lingyu ;

Pourzandi, Makan .

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2025, 22 (02) :919-938

[24] A Proposal for Addressing Security Issues Related to Dynamic Code Loading on Android Platform [J].

Kelec, Aleksandar ;

Djuric, Zoran .

COMPUTER SYSTEMS SCIENCE AND ENGINEERING, 2020, 35 (04) :271-282

[25] Context Aware Dynamic Permission Model: A Retrospect of Privacy and Security in Android System [J].

Kumar, Sumit ;

Shanker, Ravi ;

Verma, Sahil .

2ND INTERNATIONAL CONFERENCE ON INTELLIGENT CIRCUITS AND SYSTEMS (ICICS 2018), 2018, :324-329

[26] Attacks on Android-Based Smartphones and Impact of Vendor Customization on Android OS Security [J].

Kumar, Sudesh ;

Kittur, Lakshmi Jayant ;

Pais, Alwyn Roshan .

INFORMATION SYSTEMS SECURITY, ICISS 2020, 2020, 12553 :241-252

[27] Research and construction of dynamic awareness security protection model based on security policy [J].

Lu, Yiming ;

Sheng, Wanxing ;

Liu Riliang ;

Jin, Peipei .

2017 IEEE INTERNATIONAL CONFERENCE ON SMART CLOUD (SMARTCLOUD), 2017, :202-207

[28] Opposing positions in Japan's security policy: Toward a new security dynamic [J].

DiFilippo A. .

East Asia, 2002, 20 (1) :107-135

[29] The Android Platform Security Model [J].

Mayrhofer, Rene ;

Vander Stoep, Jeffrey ;

Brubaker, Chad ;

Kralevich, Nick .

ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2021, 24 (03)

[30] 'Blackmailing the army' - 'Strategic Military Refusal' as policy and doctrine enforcement: the formation of a new security agent [J].

Lebel, Udi .

SMALL WARS AND INSURGENCIES, 2014, 25 (02) :297-328

← 1 2 3 4 5 →