TY - GEN
T1 - An effective access control scheme for preventing permission leak in Android
AU - Wu, Longfei
AU - Du, Xiaojiang
AU - Zhang, Hongli
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2015/3/26
Y1 - 2015/3/26
N2 - In the Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. We propose SPAC, a component-level system permission based access control scheme that can help developers better secure the public components of their applications. In the SPAC scheme, obscure custom permissions are replaced by explicit system permissions. We extend current permission checking mechanism so that multiple permissions are supported on component level. SPAC has been implemented on a Nexus 4 smartphone, and our evaluation demonstrates its effectiveness in mitigating permission leak vulnerabilities.
AB - In the Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. We propose SPAC, a component-level system permission based access control scheme that can help developers better secure the public components of their applications. In the SPAC scheme, obscure custom permissions are replaced by explicit system permissions. We extend current permission checking mechanism so that multiple permissions are supported on component level. SPAC has been implemented on a Nexus 4 smartphone, and our evaluation demonstrates its effectiveness in mitigating permission leak vulnerabilities.
KW - Permission leak
KW - access control
KW - smartphone security
UR - http://www.scopus.com/inward/record.url?scp=84928040358&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84928040358&partnerID=8YFLogxK
U2 - 10.1109/ICCNC.2015.7069315
DO - 10.1109/ICCNC.2015.7069315
M3 - Conference contribution
AN - SCOPUS:84928040358
T3 - 2015 International Conference on Computing, Networking and Communications, ICNC 2015
SP - 57
EP - 61
BT - 2015 International Conference on Computing, Networking and Communications, ICNC 2015
T2 - 2015 International Conference on Computing, Networking and Communications, ICNC 2015
Y2 - 16 February 2015 through 19 February 2015
ER -