An effective access control scheme for preventing permission leak in Android

Author

Longfei Wu ; Xiaojiang Du ; Hongli Zhang

Author_Institution

Dept. of Comput. & Inf. Sci., Temple Univ., Philadelphia, PA, USA

fYear

2015

fDate

16-19 Feb. 2015

Firstpage

57

Lastpage

61

Abstract

In the Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. We propose SPAC, a component-level system permission based access control scheme that can help developers better secure the public components of their applications. In the SPAC scheme, obscure custom permissions are replaced by explicit system permissions. We extend current permission checking mechanism so that multiple permissions are supported on component level. SPAC has been implemented on a Nexus 4 smartphone, and our evaluation demonstrates its effectiveness in mitigating permission leak vulnerabilities.

Keywords

Android (operating system); application program interfaces; authorisation; Android system; Nexus 4 smartphone; SPAC scheme; component-level system permission based access control scheme; permission checking mechanism; permission leak prevention; permission leak vulnerabilities; permission mechanism; public components; system API; Access control; Androids; Google; Humanoid robots; Information security; Receivers; Permission leak; access control; smartphone security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing, Networking and Communications (ICNC), 2015 International Conference on

Conference_Location

Garden Grove, CA

Type

conf

DOI

10.1109/ICCNC.2015.7069315

Filename

7069315