ABSTRACT
Android's permission system follows an "all or nothing" approach when installing an application. The end user has no way to know how the permissions are actually used by the application, and how the sensitive data flows during its execution. With this work we present OASIS (Operational Access Sandboxes for Information Security), a trusted component that allows developers to execute operations on sensitive data while keeping that data confidential. OASIS allows the end user to have full control over the data available to applications, and also grants policy based regulation of sensitive data flows. Moreover, our system can be deployed via a simple application installation, and does not require any modification to the stock Android OS.
- S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings PLDI. ACM, 2014. Google ScholarDigital Library
- A. R. Beresford, A. Rice, N. Skehin, and R. Sohan. Mockdroid: trading privacy for application functionality on smartphones. In Hotmobile. ACM, 2011. Google ScholarDigital Library
- M. Conti, B. Crispo, E. Fernandes, and Y. Zhauniarovich. Crêpe: A system for enforcing fine-grained context-related policies on android. TIFS, 7(5):1426--1438, 2012.Google Scholar
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI. USENIX, 2010. Google ScholarDigital Library
- W. Enck, M. Ongtang, and P. McDaniel. Mitigating android software misuse before it happens. Technical report, 2008.Google Scholar
- M. Fredrikson and B. Livshits. Repriv: Re-imagining content personalization and in-browser privacy. In Oakland, pages 131--146. IEEE, 2011. Google ScholarDigital Library
- S. Heuser, A. Nadkarni, W. Enck, and A.-R. Sadeghi. Asm: A programmable interface for extending Android security. Technical Report TUD-CS-2014-0063, CASED / TU Darmstadt, 2014.Google ScholarDigital Library
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the droids you're looking for: Retrofitting Android to protect data from imperious applications. In CCS, 2011. Google ScholarDigital Library
- M. Lange, S. Liebergeld, A. Lackorzynski, A. Warg, and M. Peter. L4Android: a generic operating system framework for secure smartphones. In SPSM. ACM, 2011. Google ScholarDigital Library
- M. Nauman, S. Khan, and X. Zhang. Apex: extending Android permission model and enforcement with user-defined runtime constraints. In CCS. ACM, 2010. Google ScholarDigital Library
- F. Roesner and T. Kohno. Securing embedded user interfaces: Android and beyond. In USENIX Security, 2013. Google ScholarDigital Library
- G. Russello, M. Conti, B. Crispo, and E. Fernandes. Moses: supporting operation modes on smartphones. In SACMAT. ACM, 2012. Google ScholarDigital Library
- G. Sarwar, O. Mehani, R. Boreli, and M. A. Kaafar. On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices. In SECRYPT, 2013.Google Scholar
- R. Xu, H. Saïdi, and R. Anderson. Aurasium: Practical policy enforcement for android applications. In USENIX Security Symposium, 2012. Google ScholarDigital Library
- Y. Zhou, X. Zhang, X. Jiang, and V. W. Freeh. Taming information-stealing smartphone applications (on Android). In TRUST. Springer, 2011. Google ScholarDigital Library
Index Terms
- OASIS: Operational Access Sandboxes for Information Security
Recommendations
Short paper: WifiLeaks: underestimated privacy implications of the access_wifi_state android permission
WiSec '14: Proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networksOn Android, installing an application implies accepting the permissions it requests, and these permissions are then enforced at runtime. In this work, we focus on the privacy implications of the ACCESS_WIFI_STATE permission. For this purpose, we ...
Droid M+: Developer Support for Imbibing Android's New Permission Model
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications SecurityIn Android 6.0, Google revamped its long criticized permission model to prompt the user during runtime, and allow her to dynamically revoke granted permissions. Towards steering developers to this new model and improve user experience, Google also ...
Usability versus privacy instead of usable privacy: Google's balancing act between usability and privacy
A smartphone is an indispensible device that also holds a great deal of personal and private data. Contact details, party or holiday photos and emails --- all carried around in our pockets and easily lost. On Android, the most widely-used smartphone ...
Comments