Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android

Authors:
Daniel Schreckling;Joachim Posegga;Johannes Köstler;Matthias Schaff
Affiliations:
Institute of IT-Security and Security Law, University of Passau, Germany;Institute of IT-Security and Security Law, University of Passau, Germany;Institute of IT-Security and Security Law, University of Passau, Germany;Institute of IT-Security and Security Law, University of Passau, Germany
Venue:
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Year:
2012

Citing 16
Cited 2

Symbian OS Platform Security

Symbian OS Platform Security
Making information flow explicit in HiStar

OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Information flow control for standard OS abstractions

Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Labels and event processes in the Asbestos operating system

ACM Transactions on Computer Systems (TOCS)
Panorama: capturing system-wide information flow for malware detection and analysis

Proceedings of the 14th ACM conference on Computer and communications security
Security-by-contract on the .NET platform

Information Security Tech. Report
Enforcing DRM policies across applications

Proceedings of the 8th ACM workshop on Digital rights management
Enhancing Java ME Security Support with Resource Usage Monitoring

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Understanding Android Security

IEEE Security and Privacy
On lightweight mobile phone application certification

Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Apex: extending Android permission model and enforcement with user-defined runtime constraints

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Porscha: policy oriented secure content handling in Android

Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
These aren't the droids you're looking for: retrofitting android to protect data from imperious applications

Proceedings of the 18th ACM conference on Computer and communications security
Constroid: data-centric access control for android

Proceedings of the 27th Annual ACM Symposium on Applied Computing

Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android

Information Security Tech. Report
Towards unified authorization for android

ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We introduce Kynoid, a real-time monitoring and enforcement framework for Android. Kynoid is based on user-defined security policies which are defined for data-items. This allows users to define temporal, spatial, and destination constraints which have to hold for single items. We introduce an innovative approach to allow for the real-time tracking and enforcement of such policies. In this way, Kynoid is the first extension of Android which enables the sharing of resources while respecting individual security policies for the data-items stored in these resources. We outline Kynoid's architecture, present its operation and discuss it in terms of applicability, performance, and usability. By providing a proof-of-concept implementation we further show the feasibility of our framework.