Abstract
It can be difficult to find mobile apps that respect one’s security and privacy. Businesses rely on employees enforcing company mobile device policies correctly. Users must judge apps by the information shown to them by the store. Studies have found that most users do not pay attention to an apps permissions during installation [19] and most users do not understand how permissions relate to the capabilities of an app [30]. To address these problems and more, we present AppPAL: a machine-readable policy language for Android that describes precisely when apps are acceptable. AppPAL goes beyond existing policy enforcement tools, like Kirin [16], adding delegation relationships to allow a variety of authorities to contribute to a decision. AppPAL also acts as a “glue”, allowing connection to a variety of local constraint checkers (e.g., static analysis tools, packager manager checks) to combine their results. As well as introducing AppPAL and some examples, we apply it to explore whether users follow certain intended policies in practice, finding privacy preferences and actual behaviour are not always aligned in the absence of a rigorous enforcement mechanism.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Users are replaced with incrementing numbers, app names are replaced with hashes to protect sensitive names.
References
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. Program. Lang. Des. Implementation 49(6), 259–269 (2014)
Aziz, B., Arenas, A., Wilson, M.: SecPAL4DSA. In: Cloud Computing and Intelligence Systems (2011)
Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – enforcing user requirements on android apps. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013 (ETAPS 2013). LNCS, vol. 7795, pp. 543–548. Springer, Heidelberg (2013)
Barrera, D., Clark, J., McCarney, D., van Oorschot, P.C.: Understanding and improving app installation security mechanisms through empirical analysis of android. In: Security and Privacy in Smartphones and Mobile Devices, pp. 81–92, October 2012
Becker, M.Y.: Secpal formalization and extensions. Technical report, Microsoft Research (2009)
Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: design and semantics of a decentralized authorization language. Comput. Secur. Found. (2006)
Becker, M.Y., Malkis, A., Bussard, L.: A framework for privacy preferences and data-handling policies. Technical report, Microsoft Research (2009)
Becker, M.Y., Sewell, P.: Cassandra: flexible trust management, applied to electronic health records. In: Computer Security Foundations, pp. 139–154 (2004)
Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: trust management for public-key infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Security and Privacy, pp. 164–173 (1996)
Bugiel, S., Davi, L., Dmitrienko, A.: Towards taming privilege-escalation attacks on Android. In: Network and Distributed System Security Symposium (2012)
Chia, P.H., Yamamoto, Y., Asokan, N.: Is this App Safe? World Wide Web, April 2012
Desnos, A.: Androguard. https://github.com/androguard/androguard
Ellison, C., Frantz, B., Lainpson, B., Rivest, R., Thomas, B.: RFC 2693: SPKI certificate theory. In: The Internet Society (1999)
Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Operating Systems Design and Implementation (2010)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Computer and Communications Security, pp. 235–245, November 2009
Fahl, S., Harbach, M., Muders, T., Baumgärtner, L., Freisleben, B., Smith, M.: Why eve and mallory love Android. In: ASIA Computer and Communications Security, pp. 50–61, October 2012
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Computer and Communications Security, pp. 627–638, October 2011
Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Symposium On Usable Privacy and Security, p. 3, July 2012
Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of Android malware through static analysis. In: Foundations of Software Engineering, pp. 576–587. ACM Request Permissions, New York, New York, USA, November 2014
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: SCanDroid: automated security certification of Android applications. In: USENIX Security Symposium (2009)
Google: Android Auto. com.google.android.projection.gearhead
Google: Google Apps Device Policy. com.google.android.apps.enterprise.dmagent
Gurevich, Y., Neeman, I.: DKAL: distributed-knowledge authorization language. In: Computer Security Foundations, pp. 149–162 (2008)
Gurevich, Y., Neeman, I.: DKAL 2. Technical report, MSR-TR-2009-11, Microsoft Research, February 2009
Hallett, J., Aspinall, D.: Towards an authorization framework for app security checking. In: ESSoS Doctoral Symposium. University of Edinburgh, February 2014
Hornyack, P., Han, S., Jung, J., Schechter, S.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: Computer and Communications Security (2011)
Humphrey, M., Park, S.M., Feng, J., Beekwilder, N., Wasson, G., Hogg, J., LaMacchia, B., Dillaway, B.: Fine-grained access control for GridFTP using SecPAL. In: Grid Computing (2007)
Jeon, J., Micinski, K.K., Vaughan, J.A., Fogel, A., Reddy, N., Foster, J.S., Millstein, T.: Dr. Android and Mr. Hide: fine-grained permissions in android applications. In: Security and Privacy in Smartphones and Mobile Devices, pp. 3–14, October 2012
Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions. In: Useable Security, February 2012
Kim, J., Yoon, Y., Yi, K., Shin, J., Center, S.: ScanDal: static analyzer for detecting privacy leaks in android applications. In: Mobile Security Technologies (2012)
Krane, D., Light, L., Gravitch, D.: Privacy on and off the internet. Harris Interact. 18(5), 345–359 (2002)
Li, L., et al.: IccTA: detecting inter-component privacy leaks in Android apps. In: IEEE/ACM 37th IEEE International Conference on Software Engineering (2015)
Li, N., Mitchell, J.C.: Design of a role-based trust-management framework. In: Security and Privacy, pp. 114–130 (2002)
Lin, J., Liu, B., Sadeh, N., Hong, J.I.: Modeling users’ mobile app privacy preferences. In: Symposium On Usable Privacy and Security (2014)
Necula, G.C., Lee, P.: Proof-carrying Code. Technical report, CMU-CS-96-165, Carniegie Mellon University (1996)
Oasis: eXtensible Access Control Markup Language (XACML) Version 3.0, January 2013
Oliner, A.J., Iyer, A.P., Stoica, I., Lagerspetz, E.: Carat: collaborative energy diagnosis for mobile devices. In: Embedded Network Sensor Systems (2013)
Petnel, R.: The Official EasyList Website. https://easylist.adblockplus.org/en/ (2016)
Poiesz, B.: Android M permissions. In: Google I/O (2015)
Scarfone, K., Hoffman, P., Souppaya, M.: NIST Special Publication 800–46: Guide to Enterprise Telework and Remote Access Security, June 2009
Seghir, M.N., Aspinall, D.: EviCheck: digital evidence for android. In: Finkbeiner, B., et al. (eds.) ATVA 2015. LNCS, vol. 9364, pp. 221–227. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24953-7_17
Smalley, S., Craig, R.: Security enhanced (SE) android: bringing flexible MAC to Android. In: Network and Distributed System Security (2013)
Souppaya, M., Scarfone, K.: NIST Special Publication 800–124: Guidelines for Managing the Security of Mobile Devices in the Enterprise, June 2013
Svajcer, V., McDonald, S.: Classifying PUAs in the Mobile Environment, October 2013. sophos.com
Thompson, C., Johnson, M., Egelman, S., Wagner, D., King, J.: When it’s better to ask forgiveness than get permission. In: The Ninth Symposium, p. 1, New York, USA. ACM, New York (2013)
Truong, H.T.T., Lagerspetz, E., Nurmi, P., Oliner, A.J., Tarkoma, S., Asokan, N., Bhattacharya, S.: The Company You Keep. In: World Wide Web, pp. 39–50, April 2014
Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the Android ecosystem. In: Anual Computer Security Applications Conference, pp. 31–40. ACM Request Permissions, New York, New York, USA, December 2012
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Network and Distributed System Security (2012)
Acknowledgements
Thanks to Igor Muttik at McAfee, and N Asokan at Aalto University and the University of Helsinki for discussions and providing us with data used in Sect. 5. Thanks also to the App Guarden project and colleagues at the University of Edinburgh for their comments, and the referees for their feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Hallett, J., Aspinall, D. (2016). AppPAL for Android. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds) Engineering Secure Software and Systems. ESSoS 2016. Lecture Notes in Computer Science(), vol 9639. Springer, Cham. https://doi.org/10.1007/978-3-319-30806-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-30806-7_14
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-30805-0
Online ISBN: 978-3-319-30806-7
eBook Packages: Computer ScienceComputer Science (R0)