Dynamic Security Policy Enforcement on Android

被引:0
作者
Vanco, Matus [1 ]
Aron, Lukas [1 ]
机构
[1] Brno Univ Technol, Brno, Czech Republic
来源
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 09期
关键词
private data; Aurasium framework; operating system; system call; binder driver; Android security; policy enforcement; security policy;
D O I
10.14257/ijsia.2016.10.9.15
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This work presentss the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder.
引用
收藏
页码:141 / 148
页数:8
相关论文
共 50 条
  • [21] Analysis of Access Control Enforcement in Android
    Enck, William
    SACMAT'20: PROCEEDINGS OF THE 25TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2020, : 117 - 118
  • [22] RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems
    Aloulou, Houssem
    Loulou, Monia
    Kallel, Slim
    Kacem, Ahmed Hadj
    DATA PRIVACY MANAGEMENT AND AUTONOMOUS SPONTANEOUS SECURITY, 2010, 5939 : 237 - 252
  • [23] PerfSPEC: Performance Profiling-Based Proactive Security Policy Enforcement for Containers
    Kermabon-Bobinnec, Hugo
    Bagheri, Sima
    Gholipourchoubeh, Mahmood
    Majumdar, Suryadipta
    Jarraya, Yosr
    Wang, Lingyu
    Pourzandi, Makan
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2025, 22 (02) : 919 - 938
  • [24] A Proposal for Addressing Security Issues Related to Dynamic Code Loading on Android Platform
    Kelec, Aleksandar
    Djuric, Zoran
    COMPUTER SYSTEMS SCIENCE AND ENGINEERING, 2020, 35 (04): : 271 - 282
  • [25] Context Aware Dynamic Permission Model: A Retrospect of Privacy and Security in Android System
    Kumar, Sumit
    Shanker, Ravi
    Verma, Sahil
    2ND INTERNATIONAL CONFERENCE ON INTELLIGENT CIRCUITS AND SYSTEMS (ICICS 2018), 2018, : 324 - 329
  • [26] Opposing positions in Japan's security policy: Toward a new security dynamic
    DiFilippo A.
    East Asia, 2002, 20 (1) : 107 - 135
  • [27] Research and construction of dynamic awareness security protection model based on security policy
    Lu, Yiming
    Sheng, Wanxing
    Liu Riliang
    Jin, Peipei
    2017 IEEE INTERNATIONAL CONFERENCE ON SMART CLOUD (SMARTCLOUD), 2017, : 202 - 207
  • [28] The Android Platform Security Model
    Mayrhofer, Rene
    Vander Stoep, Jeffrey
    Brubaker, Chad
    Kralevich, Nick
    ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2021, 24 (03)
  • [29] 'Blackmailing the army' - 'Strategic Military Refusal' as policy and doctrine enforcement: the formation of a new security agent
    Lebel, Udi
    SMALL WARS AND INSURGENCIES, 2014, 25 (02) : 297 - 328
  • [30] Policy Enforcement Point Model
    Ben Mustapha, Yosra
    Debar, Herve
    Blanc, Gregory
    INTERNATIONAL CONFERENCE ON SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2014, PT I, 2015, 152 : 278 - 286
12345