Abstract
This article describes and compares different approaches for smartphone security providing comprehensive information flow control. The basic application is to realize strong isolation between applications and data belonging to different security domains. E.g., separation of business and private apps and data. The article analyses the approaches and their basic technologies also with respect to their practicability.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Literatur
Alkassar, E., Hillebrand, M., Paul, W., and Petrova, E.: Automated Verifi cation of a Small Hypervisor. In: Proceedings of Verifi ed Soft ware: Th eories, Tools, Experiments. Lecture Notes in Computer Science, 2010, Volume 6217/2010, 40-54, Edinburgh, Scotland.
Bugiel, S., Davi, L., Dmitrienko, A., Heuser, S., Sadeghi, A., and Shastry, B.: Practical and Lightweight Domain Isolation on Android. In: Proceedings of the 1st ACM CCS Workshop on Security and Privacy in Mobile Devices (SPSM), ACM Press, Oct 2011.
Bugiel, S., Davi L., Dmitrienko, A., Fischer, T., Sadeghi, A., and Shastry, B.: Towards taming priviledge escalation attacks on Android. In: Annual Network & Distributed System Security Symposium (NDSS), February 2012
Catuogno, L., Löhr, H., Manulis, M., Sadeghi, A., Stüble, C., and Winandy, M.: Trusted Virtual Domains: Color Your Network. In: Datenschutz und Datensicherheit (DuD) 5/2010, pp. 289-294, Gabler Verlag, 2010.
Heisrath, S. and Stüble, C.: Sirrix AG Technical Report No 12/1102, August 2011.
Hornyack, P., Han, S., Jung, J., Schechter, S., and Wetherall, D.: “These Aren’t the Droids You’re Looking For”: Retroffiting Android to Protect Data from Imperious Applications. In: ACM Conference on Computer and Communication Security (CCS), Oct 2011
Lange, M., Liebergeld, S., Lackorzynski, A., Warg, A., and Peter, M.: L4Android: A Generic Operating System Framework for Secure Smartphones. In: Proceedings of the 2011 ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, Chicago, IL, USA, Oct 2011
Löhr, H., Sadeghi, A., Stüble, C., Weber, M., and Winandy, M.: Modeling Trusted Computing Support in a Protection Profile for High Assurance Security kernels. In: Proceedings der TRUST 2009, Oxford.
Sadeghi, A., Stüble, C., and Pohlmann, N.: European Multilateral Secure Computing Base - Open Trusted Computing for You and Me. In: Datenschutz und Datensicherheit (DUD) 9/2004, Vieweg Verlag, pp. 548-554, 2004.
Sirrix AG: High-Assurance Security Kernel Protection Profile (EAL5), according to the Common Criteria v3.1 R2, 2007, certified German Federal Office for Information Security (BSI) 2008.
Smalley, S.: The Case for SE Android, National Security Agency (NSA), 2011
Selhorst, P, Stüble, C., Feldmann, G: MoTrust.Embedded – Eine vertrauenswürdige Sicherheitsplattform für Smartphones. In: 12th German IT Security Congress, Bonn-Bad Godesberg, May 2011.
TECOM. “Trusted Embedded Computing (TECOM)” – TECOM SmartMeter. http://www.sirrix. com/content/tecom, 2011.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Alkassar, A., Schulz, S., Stüble, C., Wohlgemuth, S. (2012). Securing Smartphone Compartments: Approaches and Solutions. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_25
Download citation
DOI: https://doi.org/10.1007/978-3-658-00333-3_25
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00332-6
Online ISBN: 978-3-658-00333-3
eBook Packages: Computer ScienceComputer Science (R0)