Semantically Rich Application-Centric Security in Android

Author

Ongtang, Machigar ; McLaughlin, Stephen ; Enck, William ; McDaniel, Patrick

Author_Institution

Dept. of Comput. Sci. & Eng., Pennsylvania State Univ., University Park, PA, USA

fYear

2009

fDate

7-11 Dec. 2009

Firstpage

340

Lastpage

349

Abstract

Smartphones are now ubiquitous. However, the security requirements of these relatively new systems and the applications they support are still being understood. As a result, the security infrastructure available in current smartphone operating systems is largely underdeveloped. In this paper, we consider the security requirements of smartphone applications and augment the existing Android operating system with a framework to meet them. We present Secure Application INTeraction (Saint), a modified infrastructure that governs install-time permission assignment and their run-time use as dictated by application provider policy. An in-depth description of the semantics of application policy is presented. The architecture and technical detail of Saint is given, and areas for extension, optimization, and improvement explored. As we show through concrete example, Saint provides necessary utility for applications to assert and control the security decisions on the platform.

Keywords

mobile computing; mobile radio; operating systems (computers); security of data; telecommunication security; Android operating system; Saint; Secure Application Interaction; install-time permission assignment; moble phone security; smartphone; Application software; Communication system control; Computer science; Computer security; Concrete; Mediation; Operating systems; Permission; Protection; Runtime; Android; application interactions; mediation; mobile phone security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 2009. ACSAC '09. Annual

Conference_Location

Honolulu, HI

ISSN

1063-9527

Print_ISBN

978-0-7695-3919-5

Type

conf

DOI

10.1109/ACSAC.2009.39

Filename

5380692