Abstract
In this paper we present PolEnA, an extension of the Android Security Framework (ASF). PolEnA enables a number of features that are not currently provided by the ASF. Among them, PolEnA allows for the definition of fine-grained security policies and their dynamic verification. The runtime enforcement of the policies is supported by a state-of-the-art SAT solver. One of the main features of our approach is the low invasiveness as it does not require modifications to the operating system.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
Sat4j, the boolean satisfaction and optimization library in Java: www.sat4j.org.
- 3.
Notice that we use sendBroadcast to send an explicit intent to the SCPcore. To do that we rely on a special permission having protection level “signature” (see https://developer.android.com/guide/topics/manifest/permission-element.html).
- 4.
For the bytecode we use the Jimple notation [9].
References
Armando, A., Carbone, R., Costa, G., Merlo, A.: Android permissions unleashed. In: IEEE 28th Computer Security Foundations Symposium, pp. 320–333 (2015)
Armando, A., Costa, G., Merlo, A., Verderame, L.: Enabling BYOD through secure meta-market. In: Proceedings of WiSec 2014, pp. 219–230 (2014)
Bartoletti, M., Costa, G., Zunino, R.: Jalapa: securing Java with local policies. Electron. Notes Theor. Comput. Sci. 253(5), 145–151 (2009)
Costa, G., Martinelli, F., Mori, P., Schaefer, C., Walter, T.: Runtime monitoring for next generation Java ME platform. Comput. Secur. 29(1), 74–87 (2010)
Cotterell, K., Welch, I., Chen, A.: An android security policy enforcement tool. Int. J. Electron. Telecommun. 61, 311–320 (2015)
Eén, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24605-3_37
Lam, P., Bodden, E., Lhoták, O., Hendren, L.: The soot framework for Java program analysis: a retrospective. In: Cetus Users and Compiler Infrastructure Workshop (2011)
Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints, ASIACCS (2010)
Vallee-Rai, R., Hendren, L.J.: Jimple: Simplifying Java bytecode for analyses and transformations. McGill University, Sable Research Group (1998)
Xu, R., Saïdi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: 21st USENIX Security Symposium, pp. 539–552 (2012)
Acknowledgements
This work has been partially supported by CINI Cybersecurity National Laboratory within the project FilieraSicura: Securing the Supply Chain of Domestic Critical Infrastructures from Cyber Attacks (www.filierasicura.it) funded by CISCO Systems Inc.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Costa, G., Sinigaglia, F., Carbone, R. (2017). PolEnA: Enforcing Fine-grained Permission Policies in Android. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security . SAFECOMP 2017. Lecture Notes in Computer Science(), vol 10489. Springer, Cham. https://doi.org/10.1007/978-3-319-66284-8_34
Download citation
DOI: https://doi.org/10.1007/978-3-319-66284-8_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66283-1
Online ISBN: 978-3-319-66284-8
eBook Packages: Computer ScienceComputer Science (R0)