Result Details
Dynamic Security Policy Enforcement on Android
VANČO, M.; ARON, L. Dynamic Security Policy Enforcement on Android. International Journal of Security and Its Applications, 2016, vol. 2016, no. 10, p. 141-148. ISSN: 1738-9976.
Type
journal article
Language
English
Authors
Vančo Matúš, Ing., MSc
Aron Lukáš, Ing., Ph.D., DITS (FIT)
Aron Lukáš, Ing., Ph.D., DITS (FIT)
Abstract
This work presents the system for dynamic enforcement of access rights on Android.Each application will be repackaged by this system, so that the access to selected privatedata is restricted for the outer world. The system intercepts the system calls usingAurasium framework and adds an innovative approach of tracking the information flowsfrom the privacy-sensitive sources using tainting mechanism without need ofadministrator rights. There has been designed file-level and data-level taint propagationand policy enforcement based on Android binder.
Keywords
private data, Aurasium framework, operating system, system call, binderdriver, Android security, policy enforcement, security policy
URL
Published
2016
Pages
141–148
Journal
International Journal of Security and Its Applications, vol. 2016, no. 10, ISSN 1738-9976
Book
International Journal of Security and Its Applications
Place
Daejeon
DOI
UT WoS
000384818200016
EID Scopus
BibTeX
@article{BUT131023,
author="Matúš {Vančo} and Lukáš {Aron}",
title="Dynamic Security Policy Enforcement on Android",
journal="International Journal of Security and Its Applications",
year="2016",
volume="2016",
number="10",
pages="141--148",
doi="10.14257/ijsia.2016.10.9.15",
issn="1738-9976",
url="http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf"
}
Projects
Spolehlivost a bezpečnost v IT, BUT, Vnitřní projekty VUT, FIT-S-14-2486, start: 2014-01-01, end: 2016-12-31, completed
Research groups
IT Security Research Group (RG Security@FIT)
Departments