Detail publikace

Dynamic Security Policy Enforcement on Android

VANČO, M. ARON, L.

Originální název

Dynamic Security Policy Enforcement on Android

Typ

článek v časopise ve Web of Science, Jimp

Jazyk

angličtina

Originální abstrakt

This work presents the system for dynamic enforcement of access rights on Android. Each application will be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder. 

Klíčová slova

private data, Aurasium framework, operating system, system call, binder driver, Android security, policy enforcement, security policy 

Autoři

VANČO, M.; ARON, L.

Vydáno

4. 10. 2016

Místo

Daejeon

ISSN

1738-9976

Periodikum

International Journal of Security and Its Applications

Ročník

2016

Číslo

10

Stát

Korejská republika

Strany od

141

Strany do

148

Strany počet

8

URL

http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf

BibTex

@article{BUT131023,
  author="Matúš {Vančo} and Lukáš {Aron}",
  title="Dynamic Security Policy Enforcement on Android",
  journal="International Journal of Security and Its Applications",
  year="2016",
  volume="2016",
  number="10",
  pages="141--148",
  doi="10.14257/ijsia.2016.10.9.15",
  issn="1738-9976",
  url="http://www.sersc.org/journals/IJSIA/vol10_no9_2016/15.pdf"
}