Publication detail

Dynamic Security Policy Enforcement on Android

VANČO, M. ARON, L.

Original Title

Dynamic Security Policy Enforcement on Android

Type

journal article in Web of Science

Language

English

Original Abstract

This work presents the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder. 

Keywords

private data, Aurasium framework, operating system, system call, binder driver, Android security, policy enforcement, security policy 

Authors

VANČO, M.; ARON, L.

Released

4. 10. 2016

Location

Daejeon

ISBN

1738-9976

Periodical

International Journal of Security and Its Applications

Year of study

2016

Number

10

State

Republic of Korea

Pages from

141

Pages to

148

Pages count

8

URL

http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf

BibTex

@article{BUT131023,
  author="Matúš {Vančo} and Lukáš {Aron}",
  title="Dynamic Security Policy Enforcement on Android",
  journal="International Journal of Security and Its Applications",
  year="2016",
  volume="2016",
  number="10",
  pages="141--148",
  doi="10.14257/ijsia.2016.10.9.15",
  issn="1738-9976",
  url="http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf"
}