Computer
Access Control for Active Spaces
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Context-sensitive Access Control Model and Implementation
CIT '05 Proceedings of the The Fifth International Conference on Computer and Information Technology
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
A trusted mobile phone reference architecturevia secure kernel
Proceedings of the 2007 ACM workshop on Scalable trusted computing
A flexible security architecture to support third-party applications on mobile devices
Proceedings of the 2007 ACM workshop on Computer security architecture
Enforcing DRM policies across applications
Proceedings of the 8th ACM workshop on Digital rights management
Nuovo DRM Paradiso: Designing a Secure, Verified, Fair Exchange DRM Scheme
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
Understanding Android Security
IEEE Security and Privacy
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Google Android: A Comprehensive Security Assessment
IEEE Security and Privacy
A specification based intrusion detection framework for mobile phones
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Practical and lightweight domain isolation on Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Smartphone security limitations: conflicting traditions
Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies
Defending users against smartphone apps: techniques and future directions
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
MOSES: supporting operation modes on smartphones
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Aurasium: practical policy enforcement for Android applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
AdSplit: separating smartphone advertising from applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Dr. Android and Mr. Hide: fine-grained permissions in android applications
Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices
Practicality of accelerometer side channels on smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Information Security Tech. Report
Idea: callee-site rewriting of sealed system libraries
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Towards unified authorization for android
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Know your enemy: the risk of unauthorized access in smartphones by insiders
Proceedings of the 15th international conference on Human-computer interaction with mobile devices and services
POSTER: Preserving privacy and accountability for personal devices
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Preventing accidental data disclosure in modern operating systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
AFrame: isolating advertisements from mobile applications in Android
Proceedings of the 29th Annual Computer Security Applications Conference
FireDroid: hardening security in almost-stock Android
Proceedings of the 29th Annual Computer Security Applications Conference
SEC'13 Proceedings of the 22nd USENIX conference on Security
ACM SIGMOBILE Mobile Computing and Communications Review
Compac: enforce component-level access control in android
Proceedings of the 4th ACM conference on Data and application security and privacy
Transforming high-level requirements to executable policies for Android
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
| Hi-index | 0.00 |
Most of the research work for enforcing security policies on smartphones considered coarse-grained policies, e.g. either to allow an application to run or not. In this paper we present CRePE, the first system that is able to enforce fine-grained policies, e.g. that vary while an application is running, that also depend on the context of the smartphone. A context can be defined by the status of some variables (e.g. location, time, temperature, noise, and light), the presence of other devices, a particular interaction between the user and the smartphone, or a combination of these. CRePE allows context-related policies to be defined either by the user or by trusted third parties. Depending on the authorization, third parties can set a policy on a smartphone at any moment or just when the phone is within a particular context, e.g. within a building, or a plane.