History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
GEO-RBAC: a spatially aware RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Automatic placement of authorization hooks in the linux security modules framework
Proceedings of the 12th ACM conference on Computer and communications security
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Retrofitting Legacy Code for Authorization Policy Enforcement
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
Understanding Android Security
IEEE Security and Privacy
Composing expressive runtime security policies
ACM Transactions on Software Engineering and Methodology (TOSEM)
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Spatial security policies for mobile agents in a sentient computing environment
FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Efficiency considerations in policy based management in resource constrained devices
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
Hi-index | 0.00 |
The dramatic rise in mobile applications has greatly increased threats to the security and privacy of users. Security mechanisms on mobile devices are currently limited, so users need more expressive ways to ensure that downloaded mobile applications do not act maliciously. Policy-specification languages were created for this purpose; they allow the enforcement of user-defined policies on third-party applications. We have implemented LoPSiL, a location-based policy-specification language for mobile devices. This article describes LoPSiL's design and implementation, several example policies, and experiments that demonstrate LoPSiL's viability for enforcing policies on mobile devices.