Felix Rohrer
ABSTRACT
Android as an open platform dominates the booming mobile market. However its permission mechanism is inflexible and often results in over-privileged applications. This in turn creates severe security issues. Aiming to support the Principle of Least Privilege, we propose and implement a Dynamic Role Based Access Control for Android (DR BACA) model to enhance Android security, particularly in corporate environment. Our system offers multi-user management on Android mobile devices comparable to traditional workstations, and provides fine-grained Role Based Access Control (RBAC) to enhance Android security at both the application and permission level. Moreover, by leveraging context-aware capabilities of mobile devices and Near Field communication (NFC) technology, our solution supports dynamic RBAC to provide more flexible access control while still being able to mitigate some of the most serious security risks on mobile devices. The DR BACA system can easily be managed, even in large business environments with many mobile devices. We show that our DR BACA system can be deployed and used with ease. With a proper security policy, our evaluation shows that DR BACA can effectively mitigate the security risks posed by both malicious and vulnerable non-malicious applications while incurring only a small overall system overhead.
- M. Ballano. Android.mobiletx. http://www.symantec.com/security\_response/writeup.jsp?docid=2012-052807-4439-99, 2012.Google Scholar
- S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, and A.-R. Sadeghi. Xmandroid: A new android evolution to mitigate privilege escalation attacks. Technical Report TR-2011-04, Technische Universität Darmstadt, Apr 2011.Google Scholar
- S. Bugiel, L. Davi, A. Dmitrienko, S. Heuser, A.-R. Sadeghi, and B. Shastry. Practical and lightweight domain isolation on android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, SPSM '11, pages 51--62, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- B. Cai. Android.jifake. http://www.symantec.com/security\_response/writeup.jsp?docid=2012-073021-4247-99, 2012.Google Scholar
- L. Chen and J. Crampton. Inter-domain role mapping and least privilege. In Proceedings of the 12th ACM symposium on Access control models and technologies, pages 157--162. ACM, 2007. Google ScholarDigital Library
- M. Conti, V. Nguyen, and B. Crispo. Crepe: context-related policy enforcement for android. 2011.Google Scholar
- W. Enck, M. Ongtang, and P. McDaniel. Understanding android security. IEEE Security & Privacy Magazine, 7(1):50--57, 2009. Google ScholarDigital Library
- A. Felt, H. Wang, and A. Moshchuk. Permission re-delegation: Attacks and defenses. In USENIX, 2011. Google ScholarDigital Library
- D. Ferraiolo and R. Kuhn. Role-based access control. In In 15th NIST-NCSC National Computer Security Conference, pages 554--563, 1992.Google Scholar
- Gartner. Smartphone sales increased 47 percent. http://www.gartner.com/newsroom/id/2237315, Nov. 2012.Google Scholar
- Google. Jelly bean. http://developer.android.com/about/versions/jelly-bean.html, 2012.Google Scholar
- Google. Manifest.permission. http://developer.android.com/reference/android/Manifest.permission.html, 2013.Google Scholar
- Google. Signing your applications. http://developer.android.com/tools/publishing/app-signing.html, 2013.Google Scholar
- R. J. Hulsebosch, A. H. Salden, M. S. Bargh, P. W. G. Ebben, and J. Reitsma. Context sensitive access control. In Proceedings of the tenth ACM symposium on Access control models and technologies, SACMAT '05, pages 111--119, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
- McAfee-Labs. Mcafee threats report: Second quarter 2012. Technical report, 2012.Google Scholar
- R. B. Miller. Response time in man-computer conversational transactions. In Proceedings of the December 9-11, 1968, fall joint computer conference, part I, AFIPS '68 (Fall, part I), pages 267--277, New York, NY, USA, 1968. ACM. Google ScholarDigital Library
- H. Narayanan and M. Gunes. Ensuring access control in cloud provisioned healthcare systems. In Consumer Communications and Networking Conference (CCNC), 2011 IEEE, pages 247--251, jan. 2011.Google ScholarCross Ref
- M. Nauman, S. Khan, and X. Zhang. Apex: extending android permission model and enforcement with user-defined runtime constraints. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, pages 328--332, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- J. Nielsen. Usability Engineering. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA, 1993. Google ScholarDigital Library
- U. D. of Health & Human Services. Your medical records. http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/medicalrecords.html, 2013.Google Scholar
- M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel. Semantically rich application-centric security in android. Journal of Security and Communication Network, 2011. Google ScholarDigital Library
- E. Protalinski. New android malware uses google play icon to trick users, conduct ddos attacks and send spam texts. http://thenextweb.com/google/2012/12/27/new-android-malware-uses-google-play-icon-to-trick-users-conduct-ddos-attacks-and-send-spam-texts/, 2012.Google Scholar
- N. Provos, M. Friedl, and P. Honeyman. Preventing privilege escalation. In Proceedings of the 12th USENIX Security Symposium, volume 12, pages 231--242, 2003. Google ScholarDigital Library
- F. Rohrer. DR BACA: Dynamic role based access control for android. Master's thesis, Boston University Metropolitan College, 2013. Pending publication.Google Scholar
- F. Ruiz. 'Fakeinstaller' leads the attack on android phones. http://blogs.mcafee.com/mcafee-labs/fakeinstaller-leads-the-attack-on-android-phones, 2012.Google Scholar
- A. Saita. Mobile malware dubbed 'bill shocker' targets chinese android users. http://threatpost.com/en\_us/blogs/mobile-malware-dubbed-bill-shocker-targets-chinese-android-users-013013, 2013.Google Scholar
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. Computer, 29(2):38--47, 1996. Google ScholarDigital Library
- R. S. Sandhu and P. Samarati. Access control: principle and practice. Communications Magazine, IEEE, 32(9):40--48, 1994. Google ScholarDigital Library
- A. Shabtai, Y. Fledel, and Y. Elovici. Securing android-powered mobile devices using selinux. IEEE Security and Privacy, 8:36--44, May 2010. Google ScholarDigital Library
- B. Shneiderman. Response time and display rate in human performance with computers. ACM Computing Surveys, 16(3):265--285, Sept. 1984. Google ScholarDigital Library
- A. Yamamoto. Android.ackposts. http://www.symantec.com/security\_response/writeup.jsp?docid=2012-072302-3943-99, 2012.Google Scholar
- A. Yamamoto. Android.enesoluty. http://www.symantec.com/security\_response/writeup.jsp?docid=2012-090607-0807-99, 2012.Google Scholar
- T. T. W. Yee and N. Thein. Leveraging access control mechanism of android smartphone using context-related role-based access control model. In Networked Computing and Advanced Information Management (NCM), 2011 7th International Conference on, pages 54--61, june 2011.Google Scholar
Index Terms
- DR BACA: dynamic role based access control for Android
Recommendations
Dr. Android and Mr. Hide: fine-grained permissions in android applications
SPSM '12: Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devicesGoogle's Android platform includes a permission model that protects access to sensitive capabilities, such as Internet access, GPS use, and telephony. While permissions provide an important level of security, for many applications they allow broader ...
The ARBAC97 model for role-based administration of roles
Special issue on role-based access controlIn role-based access control (RBAC), permissions are associated with roles' and users are made members of roles, thereby acquiring the roles; permissions. RBAC's motivation is to simplify administration of authorizations. An appealing possibility is to ...
A Formal Access Control Model for SE-Floodlight Controller
SDN-NFVSec '19: Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function VirtualizationSoftware defined networking (SDN) offers a promising approach for the next generation of networking technology. However, at present there is no widely accepted model for network applications authorization. One reason for lack of access control system is ...
Comments