Abstract
Software architecture modeling is important for analyzing system quality attributes, particularly security. However, such analyses often assume that the architecture is completely known in advance. In many modern domains, especially those that use plugin-based frameworks, it is not possible to have such a complete model because the software system continuously changes. The Android mobile operating system is one such framework, where users can install and uninstall apps at run time. We need ways to model and analyze such architectures that strike a balance between supporting the dynamism of the underlying platforms and enabling analysis, particularly throughout a system’s lifetime. In this paper, we describe a formal architecture style that captures the modifiable architectures of Android systems, and that supports security analysis as a system evolves. We illustrate the use of the style with two security analyses: a predicate-based approach defined over architectural structure that can detect some common security vulnerabilities, and inter-app permission leakage determined by model checking. We also show how the evolving architecture of an Android device can be obtained by analysis of the apps on a device, and provide some performance evaluation that indicates that the architecture can be amenable for use throughout the system’s lifetime.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
The most recent version of Android, Marshmallow, has a more dynamic form of permission granting, which allows permissions to be granted as they are needed dynamically by the app. This paper discusses the Lollipop version of Android.
- 3.
- 4.
- 5.
- 6.
References
Abi-Antoun, M., Barnes, J.M.: Analyzing security architectures. In: Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, ASE 2010, pp. 3–12. ACM, New York (2010)
Almorsy, M., Grundy, J., Ibrahim, A.S.: Automated software architecture security risk analysis using formalized signatures. In: 2013 35th International Conference on Software Engineering (ICSE), pp. 662–671, May 2013
Bagheri, H., Garcia, J., Sadeghi, A., Malek, S., Medvidovic, N.: Software architectural principles in contemporary mobile software: from conception to practice. J. Syst. Softw. 119, 31–44 (2016)
Bagheri, H., Kang, E., Malek, S., Jackson, D.: Detection of design flaws in the Android permission protocol through bounded verification. In: Bjørner, N., de Boer, F. (eds.) FM 2015. LNCS, vol. 9109, pp. 73–89. Springer, Heidelberg (2015). doi:10.1007/978-3-319-19249-9_6
Bagheri, H., Kang, E., Malek, S., Jackson, D.: A formal approach for detection of security flaws in the Android permission system. Formal Aspects Comput. (2016)
Bagheri, H., Sadeghi, A., Garcia, J., Malek, S.: COVERT: compositional analysis of Android inter-app permission leakage. IEEE Trans. Software Eng. 41(9), 866–886 (2015)
Bagheri, H., Sadeghi, A., Jabbarvand, R., Malek, S.: Practical, formal synthesis and automatic enforcement of security policies for Android. In: Proceedings of the 46th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 514–525 (2016)
Bodei, C., Degano, P., Nielson, F., Nelson, H.R.: Security analysis using flow logics. In: Current Trends in Theoretical Computer Science, pp. 525–542. World Scientific (2000)
Cheng, S.-W.: Rainbow: cost-effective software architecture-based self-aaptation. PhD thesis, Carnegie Mellon University, Institute for Software Research Technical Report CMU-ISR-08-113, May 2008
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 239–252. ACM, New York (2011)
Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on Android. In: Proceedings of the 13th International Conference on Information Security (ISC) (2010)
Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling, analysis of security system architectures. IEEE Trans. Knowl., Data Eng. 15(5), 1099–1119 (2003)
Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Fernandez, E.B., Larrondo-Petrie, M.M., Sorgente, T., Vannhist, M.: A methodology to develop secure systems using patterns. In: Integrating Security and Software Engineering: Advances and Future Visions. Idea Group Inc. (2007)
Garg, K., Garlan, D., Schmerl, B.: Architecture based information flow analysis for software security (2008). http://acme.able.cs.cmu.edu/pubs/uploads/pdf/ArchSTRIDE08.pdf
Garlan, D., Cheng, S.-W., Huang, A.-C., Schmerl, B., Steenkiste, P.: Rainbow: Architecture-based self adaptation with reusable infrastructure. IEEE Comput. 37(10), 46–54 (2004)
Garlan, D., Monroe, R.T., Wile, D.: Acme: architectural description of component-based systems. In: Foundations of Component-Based Systems, pp. 47–67. Cambridge University Press, New York (2000)
Jackson, D., Abstractions, S.: Logic, Language, and Analysis, 2nd edn. MIT Press, London (2012)
Ren, J., Taylor, R.: A secure software architecture description language. In: Workshop on Software Security Assurance Tools, Techniques, and Metrics, pp. 82–89 (2005)
Sadeghi, A., Bagheri, H., Malek, S.: Analysis of Android inter-app security vulnerabilities using COVERT. In: Proceedings of the 37th International Conference on Software Engineering, ICSE 2015, vol. 2, pp. 725–728. IEEE Press, Piscataway (2015)
Shaw, M., Garlan, D.: Software Architecture: Perspectives on and Emerging Discipline. Prentice Hall, Englewood Cliffs, NJ (1996)
Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press, Redmond (2004)
Vallée-Rai, R., Co, P., Gagnon, E., Hendren, L., Lam, P., Sundaresan, V.: Soot-a Java bytecode optimization framework. In: Proceedings of the Conference of the Centre for Advanced Studies on Collaborative Research, p. 13. IBM Press (1999)
Acknowledgments
This work is supported in part by awards H98230-14-C-0140 from the National Security Agency, CCF-1252644 from the National Science Foundation, FA95501610030 from the Air Force Office of Scientific Research, and HSHQDC-14-C-B0040 from the Department of Homeland Security. The views and conclusions contained herein are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the National Security Agency or the U.S. government.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Schmerl, B. et al. (2016). Architecture Modeling and Analysis of Security in Android Systems. In: Tekinerdogan, B., Zdun, U., Babar, A. (eds) Software Architecture. ECSA 2016. Lecture Notes in Computer Science(), vol 9839. Springer, Cham. https://doi.org/10.1007/978-3-319-48992-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-48992-6_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48991-9
Online ISBN: 978-3-319-48992-6
eBook Packages: Computer ScienceComputer Science (R0)