Michael Backes
ABSTRACT
We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ASF provides a novel security API that supports authors of Android security extensions in developing their modules. This overcomes the current unsatisfactory situation to provide security solutions as separate patches to the Android software stack or to embed them into Android's mainline codebase. This system security extensibility is of particular benefit for enterprise or government solutions that require deployment of advanced security models, not supported by vanilla Android. We present a prototypical implementation of ASF and demonstrate its effectiveness and efficiency by modularizing different security models from related work, such as dynamic permissions, inlined reference monitoring, and type enforcement.
- M. D. Abrams, K. W. Eggers, L. J. LaPadula, and I. M. Olson. A generalized framework for access control: An informal description. In NIST NCSC'90, 1990.Google Scholar
- M. Backes, S. Bugiel, S. Gerling, and P. von Styp-Rekowsky. Android security framework: Enabling generic and extensible access control on android. Technical Report A/01/2014, Saarland University, April 2014.Google Scholar
- M. Backes, S. Gerling, C. Hammer, M. Maffei, and P. von Styp-Rekowsky. Appguard - enforcing user requirements on Android apps. In TACAS'13, 2013. Google ScholarDigital Library
- L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. Practical domain and type enforcement for UNIX. In IEEE SP'95. IEEE, 1995. Google ScholarDigital Library
- D. B. Baker. Fortresses built upon sand. In NSPW'96. ACM, 1996. Google ScholarDigital Library
- S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.-R. Sadeghi, and B. Shastry. Towards taming privilege-escalation attacks on Android. In NDSS'12. The Internet Society, 2012.Google Scholar
- S. Bugiel, L. Davi, A. Dmitrienko, S. Heuser, A.-R. Sadeghi, and B. Shastry. Practical and lightweight domain isolation on Android. In SPSM '11. ACM, 2011. Google ScholarDigital Library
- S. Bugiel, S. Heuser, and A.-R. Sadeghi. Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies. In USENIX Security'13. USENIX, 2013. Google ScholarDigital Library
- E. Chin, A. Porter Felt, K. Greenwood, and D. Wagner. Analyzing inter-application communication in Android. In MobiSys'11. ACM, 2011. Google ScholarDigital Library
- M. Conti, V. T. N. Nguyen, and B. Crispo. CRePE: Context-related policy enforcement for android. In ISC'10. Springer, 2010. Google ScholarDigital Library
- J. Edge. The return of loadable security modules? Online: http://lwn.net/Articles/526983/, Nov. 2012.Google Scholar
- A. Edwards, T. Jaeger, and X. Zhang. Runtime verification of authorization hook placement for the Linux security modules framework. In CCS'02. ACM, 2002. Google ScholarDigital Library
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI'10. USENIX, 2010. Google ScholarDigital Library
- Ú. Erlingsson and F. B. Schneider. IRM enforcement of Java stack inspection. In IEEE SP'00. IEEE, 2000. Google ScholarDigital Library
- T. Fraser. LOMAC: MAC you can live with. In USENIX ATC'01. USENIX, 2001. Google ScholarDigital Library
- T. Fraser, L. Badger, and M. Feldman. Hardening COTS software with generic software wrappers. In IEEE SP'99, 1999.Google Scholar
- V. Ganapathy, T. Jaeger, and S. Jha. Automatic placement of authorization hooks in the Linux Security Modules framework. In CCS'05. ACM, 2005. Google ScholarDigital Library
- V. Gligor, S. Gavrila, and D. Ferraiolo. On the formal definition of separation-of-duty policies and their composition. In IEEE SP'98. IEEE, 1998.Google ScholarCross Ref
- M. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In WISEC'12. ACM, 2012. Google ScholarDigital Library
- S. Heuser, A. Nadkarni, W. Enck, and A.-R. Sadeghi. Asm: A programmable interface for extending android security. Technical Report TUD-CS-2014-0063, Intel CRI-SC at TU Darmstadt, North Carolina State University, CASED/TU Darmstadt, Mar. 2014. To appear at USENIX Security'14. Google Scholar
- J. Jeon, K. K. Micinski, J. A. Vaughan, A. Fogel, N. Reddy, J. S. Foster, and T. Millstein. Dr. Android and Mr. Hide: Fine-grained security policies on unmodified Android. In SPSM '12. ACM, 2012.Google ScholarDigital Library
- B. W. Lampson. Protection. ACM SIGOPS Operating Systems Review, 8(1):18--24, Jan. 1974. Google ScholarDigital Library
- J. Ligatti, L. Bauer, and D. Walker. Edit automata: Enforcement mechanisms for run-time security policies. International Journal of Information Security, 4(1--2):2--16, 2005.Google ScholarDigital Library
- T. A. Linden. Operating system structures to support security and reliable software. ACM Computer Surveys, 8(4):409--445, Dec. 1976. Google ScholarDigital Library
- Linux Cross Reference. Linux Security Module framework. Online: http://lxr.free-electrons.com/source/Documentation/security/LSM.txt.Google Scholar
- P. A. Loscocco, S. D. Smalley, P. A. Muckelbauer, R. C. Taylor, S. J. Turner, and J. F. Farrell. The inevitability of failure: The flawed assumption of security in modern computing environments. In NISSC'98, 1998.Google Scholar
- P. McDaniel and A. Prakash. Methods and limitations of security policy reconciliation. In IEEE SP'02. IEEE, 2002. Google ScholarDigital Library
- M. Ongtang, S. E. McLaughlin, W. Enck, and P. McDaniel. Semantically rich application-centric security in Android. In ACSAC'09. ACM, 2009. Google ScholarDigital Library
- A. Porter Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission re-delegation: Attacks and defenses. In USENIX Security'11. USENIX, 2011. Google ScholarDigital Library
- N. Provos. Improving host security with system call policies. In USENIX Security'03. USENIX, 2003. Google ScholarDigital Library
- N. Provos, M. Friedl, and P. Honeyman. Preventing privilege escalation. In USENIX Security'03. USENIX, 2003. Google ScholarDigital Library
- V. Rao and T. Jaeger. Dynamic mandatory access control for multiple stakeholders. In SACMAT'09. ACM, 2009. Google ScholarDigital Library
- G. Russello, M. Conti, B. Crispo, and E. Fernandes. MOSES: supporting operation modes on smartphones. In SACMAT'12. ACM, 2012. Google ScholarDigital Library
- J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278--1308, 1975.Google ScholarCross Ref
- S. Shekhar, M. Dietz, and D. S. Wallach. Adsplit: Separating smartphone advertising from applications. In USENIX Security'12. USENIX, 2012. Google ScholarDigital Library
- S. Smalley and R. Craig. Security Enhanced (SE) Android: Bringing Flexible MAC to Android. In NDSS'13. The Internet Society, 2013.Google Scholar
- R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lepreau. The Flask security architecture: System support for diverse security policies. In USENIX Security'99. USENIX, 1999. Google ScholarDigital Library
- Y. Wang, S. Hariharan, C. Zhao, J. Liu, and W. Du. Compac: Enforce component-level access control in Android. In CODASPY'14. ACM, 2014. Google ScholarDigital Library
- R. Watson, W. Morrison, C. Vance, and B. Feldman. The TrustedBSD MAC Framework: Extensible kernel access control for FreeBSD 5.0. In USENIX ATC'03. USENIX, 2003.Google Scholar
- C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux Security Modules: General security support for the Linux kernel. In USENIX Security'02. USENIX, 2002. Google ScholarDigital Library
- Y. Zhou and X. Jiang. Dissecting Android malware: Characterization and evolution. In IEEE SP'12, 2012. Google ScholarDigital Library
- Y. Zhou, X. Zhang, X. Jiang, and V. Freeh. Taming information-stealing smartphone applications (on Android). In TRUST'11. Springer, 2011. Google ScholarDigital Library
- Android security framework: extensible multi-layered access control on Android
Comments