Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android

Authors:
Daniel Schreckling;Johannes KöStler;Matthias Schaff
Affiliations:
Institute of IT-Security and Security Law, University of Passau, Germany;Institute of IT-Security and Security Law, University of Passau, Germany;Institute of IT-Security and Security Law, University of Passau, Germany
Venue:
Information Security Tech. Report
Year:
2013

Citing 18
Cited 0

Symbian OS Platform Security

Symbian OS Platform Security
Making information flow explicit in HiStar

OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Information flow control for standard OS abstractions

Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Labels and event processes in the Asbestos operating system

ACM Transactions on Computer Systems (TOCS)
Panorama: capturing system-wide information flow for malware detection and analysis

Proceedings of the 14th ACM conference on Computer and communications security
Security-by-contract on the .NET platform

Information Security Tech. Report
Enforcing DRM policies across applications

Proceedings of the 8th ACM workshop on Digital rights management
Enhancing Java ME Security Support with Resource Usage Monitoring

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Understanding Android Security

IEEE Security and Privacy
On lightweight mobile phone application certification

Proceedings of the 16th ACM conference on Computer and communications security
Semantically Rich Application-Centric Security in Android

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Apex: extending Android permission model and enforcement with user-defined runtime constraints

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Porscha: policy oriented secure content handling in Android

Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
CRePE: context-related policy enforcement for android

ISC'10 Proceedings of the 13th international conference on Information security
These aren't the droids you're looking for: retrofitting android to protect data from imperious applications

Proceedings of the 18th ACM conference on Computer and communications security
Constroid: data-centric access control for android

Proceedings of the 27th Annual ACM Symposium on Applied Computing
Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android

WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We introduce Kynoid, a real-time monitoring and enforcement framework for Android. Kynoid is based on user-defined security policies which are defined for data-items. This allows users to define temporal, spatial, and destination constraints which have to hold for single items. We introduce an innovative approach to allow for the real-time tracking and enforcement of such policies. In this way, Kynoid is the first extension for Android which enables the enforcement of security policies of data-items stored in shared resources. We outline Kynoid's architecture, present its operation and discuss it in terms of applicability, and performance. By providing a proof-of-concept implementation we further show the feasibility of our framework.