Constroid: data-centric access control for android

Authors:
Daniel Schreckling;Joachim Posegga;Daniel Hausknecht
Affiliations:
University of Passau, Passau, Germany;University of Passau, Passau, Germany;University of Passau, Passau, Germany
Venue:
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Year:
2012

Citing 15
Cited 2

The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
Symbian OS Platform Security

Symbian OS Platform Security
Panorama: capturing system-wide information flow for malware detection and analysis

Proceedings of the 14th ACM conference on Computer and communications security
A Virtual Machine Based Information Flow Control System for Policy Enforcement

Electronic Notes in Theoretical Computer Science (ENTCS)
Security-by-contract on the .NET platform

Information Security Tech. Report
Enforcing DRM policies across applications

Proceedings of the 8th ACM workshop on Digital rights management
Enhancing Java ME Security Support with Resource Usage Monitoring

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Understanding Android Security

IEEE Security and Privacy
Fabric: a platform for secure distributed computation and storage

Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Android Application Development: Programming with the Google SDK

Android Application Development: Programming with the Google SDK
On lightweight mobile phone application certification

Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Apex: extending Android permission model and enforcement with user-defined runtime constraints

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Porscha: policy oriented secure content handling in Android

Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation

Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android

WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android

Information Security Tech. Report

Quantified Score

Hi-index	0.00

Visualization

Abstract

We introduce Constroid, a data-centric security policy management framework for Android. It defines a new middleware which allows the developer to specify well defined data items of fine granularity. For these data items, Constroid administrates security policies which are based on the usage control model. They can only be modified by the user of an application not by the applications itself. We use Con-stroid's middle-ware to protect the security policies, ensure consistency between a data item and its corresponding security policy, and describe how our prototype implementation can enforce a subset of possible usage control policies. In this way, our contribution shows how we overcome the rigid API-driven approach to security in Android. The structure and implementation of our framework is presented and discussed in terms of security, performance, and usability.