Publication Details

Dynamic Security Policy Enforcement on Android

VANČO Matúš and ARON Lukáš. Dynamic Security Policy Enforcement on Android. International Journal of Security and Its Applications, vol. 2016, no. 10, pp. 141-148. ISSN 1738-9976. Available from: http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf
Czech title
Dynamické vynucování práv na systému Android
Type
journal article
Language
english
Authors
Vančo Matúš, Ing. (FIT BUT)
Aron Lukáš, Ing., Ph.D. (DITS FIT BUT)
URL
Keywords
private data, Aurasium framework, operating system, system call, binder driver, Android security, policy enforcement, security policy 
Abstract
This work presents the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder. 
Published
2016
Pages
141-148
Journal
International Journal of Security and Its Applications, vol. 2016, no. 10, ISSN 1738-9976
Book
International Journal of Security and Its Applications
Publisher
Science & Engineering Research Support Center
Place
Daejeon, KR
DOI
BibTeX
@ARTICLE{FITPUB11287,
   author = "Mat\'{u}\v{s} Van\v{c}o and Luk\'{a}\v{s} Aron",
   title = "Dynamic Security Policy Enforcement on Android",
   pages = "141--148",
   booktitle = "International Journal of Security and Its Applications",
   journal = "International Journal of Security and Its Applications",
   volume = 2016,
   number = 10,
   year = 2016,
   location = "Daejeon, KR",
   ISSN = "1738-9976",
   doi = "10.14257/ijsia.2016.10.9.15",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/11287"
}
Back to top