Detail výsledku
Dynamic Security Policy Enforcement on Android
VANČO, M.; ARON, L. Dynamic Security Policy Enforcement on Android. International Journal of Security and Its Applications, 2016, vol. 2016, no. 10, p. 141-148. ISSN: 1738-9976.
Typ
článek v časopise
Jazyk
anglicky
Autoři
Vančo Matúš, Ing., MSc
Aron Lukáš, Ing., Ph.D., FIT (FIT), UITS (FIT)
Aron Lukáš, Ing., Ph.D., FIT (FIT), UITS (FIT)
Abstrakt
This work presents the system for dynamic enforcement of access rights on Android.Each application will be repackaged by this system, so that the access to selected privatedata is restricted for the outer world. The system intercepts the system calls usingAurasium framework and adds an innovative approach of tracking the information flowsfrom the privacy-sensitive sources using tainting mechanism without need ofadministrator rights. There has been designed file-level and data-level taint propagationand policy enforcement based on Android binder.
Klíčová slova
private data, Aurasium framework, operating system, system call, binderdriver, Android security, policy enforcement, security policy
URL
Rok
2016
Strany
141–148
Časopis
International Journal of Security and Its Applications, roč. 2016, č. 10, ISSN 1738-9976
Kniha
International Journal of Security and Its Applications
Místo
Daejeon
DOI
UT WoS
000384818200016
EID Scopus
BibTeX
@article{BUT131023,
author="Matúš {Vančo} and Lukáš {Aron}",
title="Dynamic Security Policy Enforcement on Android",
journal="International Journal of Security and Its Applications",
year="2016",
volume="2016",
number="10",
pages="141--148",
doi="10.14257/ijsia.2016.10.9.15",
issn="1738-9976",
url="http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf"
}
Projekty
Spolehlivost a bezpečnost v IT, VUT, Vnitřní projekty VUT, FIT-S-14-2486, zahájení: 2014-01-01, ukončení: 2016-12-31, ukončen
Výzkumné skupiny
Výzkumná skupina bezpečnosti informačních technologií (VZ Security@FIT)
Pracoviště
Ústav inteligentních systémů
(UITS)