O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
Mobile devices became the main repository of personal data and source of user-generated contents as well as the principal controller of our social networked life. In this scenario, malicious applications try to take advantage of all the possibilities left open by users and operating systems. In this paper, we propose SecureDroid: an extension of the Android security frame- work able to enforce flexible and declarative security policies at run-time, providing a fine-grained access control system. In particular, we focus on context dependent policies that allow the user to specify the way in which applications work according to current context.
SecureDroid: An Android Security Framework Extension for Context-Aware policy Enforcement
SecureDroid: An Android Security Framework Extension for Context-‐‑Aware policy Enforcement V.Arena, V. Catania,G. La Torre, S. MonteleoneDepartment of Electrical,Electronics and ComputerEngineeringUniversity of Catania - ItalyPRISM 2013, International Conference on Privacy and Security in Mobile Systems June 24-‐‑27, 2013 Atlantic City, NJ, USA F. RicciatoInnovation and IndustryRelationsTelecom Italia S.p.A. - Italy
What do we do with our smartphone? Call + Text = ~ 17%
Mobile Applications v Plenty of applications in online marketsv Loss of money, loss of personal informationv Users’ security depends on applications’ security
Applications’ Security in Mobile OSs v Apple – App Storev Microsoft – Windows Phone Storev Google – Google Playv Applications are signed and must specify permissionsv User consentv Isolationv Once an application has been installed it gets accessto required permissions until it will be uninstalled
Google’s guideline about application’s security Android has no mechanism for grantingpermissions dynamically (at run-time)because it complicates the userexperience to the detriment of securityPARTIALLY TRUE …
Android Security Framework v Permissions are granted only during installation v Accept all or cannot install v Users don’t pay aXention to them v Downloads’ count and users’ comments are more eﬀective.
Android Security Framework Android’s security framework checks for permissionswhen one of the following situations occurs.v An application wants to access to a particularfunctionality protected by a permission (e.g. GPSinformation),v An application tries to start an activity of anotherapplication,v Both when an application sends and receivesbroadcasts,v An application tries to access and operate on acontent provider andv When binding to or starting a service.
SecureDroid v Extends Android Security Frameworkv Standard security control still remainsv Compatible with applications from marketProvides the possibility to:v Check custom policies at runtimev Specify policies after an application has beeninstalledv Use context information as policy’s constraintsv Allow multiple parties to set policiesv Handle policy enforcement: PolicyDenyException
User’s Context v User Context: mobile devices follow the usersv Context from sensors, device status, …v Applications’ behavior may depend on user/device’scontextSome examplesv Deny notification from app X while my position is in therange (Lat, Lon, R)v Deny Internet access to App Y if my device is roamingv Allow only my girlfriend to call me when I’m running
Policy Model v Based on XACMLv Subject information from certificatev Package, author, distributor, …v Resource information from the applicationv Android permissions e.g android.permission.INTERNETv Content provider URIv Context information from sensorsv Battery levelv User’s Positionv Roamingv Accelerometer, gyroscope, …
SecureDroid’s Architecture Get capability 1. PEP sends to CH subject’s information about the App (e.g. Certiﬁcate) and the required capability (e.g. INTERNET) 2. CH asks the PAP which context information are required for the subject (e.g. Roaming) 3. CH asks to PIP the current value for context (Roaming) 4. CH creates a request and asks to PDP to evaluate the policy for given subject, resources and context App PEP PAP Security Manager Service Context Handler Policy PDP PIP Sensors, Device status 1 2 3 4 5 Read/ Write policies
Overall evaluation Android Check SecureDroid Check Application requires a capability at runtime 1. Is a system app/service? 2. Is the permission declared in the manifest? Policies evaluation order Manufacturer Operator Third-‐‑parties User Allow Deny SecureDroid won’t be invoked
Scenarios v User’s context-aware policiesv Companies: Bring Your Own Devicev Museum: Deny camera
Conclusions and Future Works Our contribute: SecureDroidv Acts at system level: platform extensionv Enforces context-aware policies at runtimev Allows multiple parties to set policiesFuture Workv Analysis of user-experience in dealing with PolicyManagement UIv Improve context selectionv Help users in choosing policiesv Similar applications Similar policy in similar context
Thanks for your aXention! Giuseppe La Torre PhD Student University of Catania (ITALY) email@example.com Q