Enforcing Multiple Security Policies for Android System
- 10.2991/3ca-13.2013.42How to use a DOI?
- security policy; access control; permission; Android
The popularity of Android makes it the prime target of the latest surge in mobile malware. Protecting privacy and integrity of information is helpful for Android users. Currently, malicious software often achieve the purpose of privacy theft and malicious chargeback by sending short messages, making phone calls or connecting Internet surreptitiously. We develop a novel solution that supports multiple security policies to provide much of the integrity and privacy that users desire. We present and implement a security framework for Android which consists of both mandatory access control in the kernel layer and role-based access control in the framework layer. It allows users to define their own security policy and provides fine-grained access control to (untrusted) applications. We implemented a prototype system MPdroid for Android 4.0 platform. Experiments show that we can apply this solution to really help users control applications, block malicious software without significant performance overhead.
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Tao Guo AU - Puhan Zhang AU - Hongliang Liang AU - Shuai Shao PY - 2013/04 DA - 2013/04 TI - Enforcing Multiple Security Policies for Android System BT - Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation PB - Atlantis Press SP - 165 EP - 169 SN - 1951-6851 UR - https://doi.org/10.2991/3ca-13.2013.42 DO - 10.2991/3ca-13.2013.42 ID - Guo2013/04 ER -