Abstract
Android applications that manage sensitive data such as email and files downloaded from cloud storage services need to protect their data from malware installed on the phone. While prior security analyses have focused on protecting system data such as GPS locations from malware, not much attention has been given to the protection of application data. We show that many popular commercial applications incorrectly use Android authorization mechanisms leading to attacks that steal sensitive data. We argue that formal verification of application behaviors can reveal such errors and we present a formal model in ProVerif that accounts for a variety of Android authorization mechanisms and system services. We write models for four popular applications and analyze them with ProVerif to point out attacks. As a countermeasure, we propose Authzoid, a sample standalone application that lets applications define authorization policies and enforces them on their behalf.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Armando, A., Costa, G., Merlo, A.: Formal modeling and reasoning about the android security framework. In: 7th Intl Sym. on Trustworthy Global Computing (2012)
Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: 17th ACM Conf. on Computer and Comm. Security, CCS 2010 (2010)
Belenko, A., Sklyarov, D.: “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? Technical report, Elcomsoft Ltd. (2012)
Bhargavan, K., Delignat-Lavaud, A.: Web-based attacks on host-proof encrypted storage. In: 6th USENIX Workshop on Offensive Technologies, WOOT 2012 (2012)
Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: Computer Security Foundations Workshop, CSFW 2001 (2001)
Blanchet, B., Chaudhuri, A.: Automated formal analysis of a protocol for secure file sharing on untrusted storage. In: IEEE Sym. on Security and Privacy, SP 2008 (2008)
Bray, T.: Recent Android app update prevents third-party apps from using com.google.android.gm.permission.READ_GMAIL. Why? (July 29, 2011), productforums.google.com/d/msg/gmail/XD0C4sw9K7U/8KwuZl0Rl68J
Chan, P.P.F., Hui, L.C.K., Yiu, S.M.: Droidchecker: analyzing android applications for capability leak. In: ACM Conf. on Security and Privacy in Wireless and Mobile Networks, WISEC 2012 (2012)
Chaudhuri, A.: Language-based security on android. In: ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, PLAS 2009 (2009)
Chia, P.H., Yamamoto, Y., Asokan, N.: Is this app safe? A large scale study on application permissions and risk signals. In: WWW 2012 (2012)
Conti, M., Nguyen, V.T.N., Crispo, B.: CRePE: Context-Related Policy Enforcement for Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 331–345. Springer, Heidelberg (2011)
Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege Escalation Attacks on Android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011)
Dietz, M., Shekhar, S., Pisetsky, Y., Shu, A., Wallach, D.: Quire: Lightweight provenance for smart phone operating systems. In: 20th USENIX Conf. on Security (2011)
Hammer-Levy, E. (ed.): The OAuth 2.0 Authorization Protocol. IETF (September 22, 2011), draft-ietf-oauth-v2-22. Work in Progress (Expires March 25, 2012)
Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: 9th USENIX Conf. on Operating Systems Design and Implementation, OSDI 2010 (2010)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: 16th ACM Conf. on Computer and Comm. Security, CCS 2009 (2009)
Felt, A., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: 18th ACM Conf. on Computer and Comm. Security, CCS 2011 (2011)
Felt, A., Wang, H., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. In: 20th USENIX Conf. on Security, SEC 2011 (2011)
Fragkaki, E., Bauer, L., Jia, L., Swasey, D.: Modeling and Enhancing Android’s Permission System. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 1–18. Springer, Heidelberg (2012)
Fuchs, A., Chaudhuri, A., Foster, J.S.: SCanDroid: Automated security certification of android applications. Technical report, U. of Maryland College Park (2009)
Google. Android 4.1 Compatibility Definition. Android Compatibility Program, Rev. 2 (September 7, 2012)
Hornyack, P., Han, S., Jung, J., Schechter, S., Wetherall, D.: These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In: 18th ACM Conf. on Computer and Comm. Security, CCS 2011 (2011)
Nauman, M., Khan, S., Zhang, X.: Apex: extending android permission model and enforcement with user-defined runtime constraints. In: 5th ACM Symp. on Information, Computer and Communications Security, ASIACCS 2010 (2010)
NielsenWire. State of the appnation - a year of change and growth in U.S. smartphones (May 16, 2012), blog.nielsen.com/nielsenwire/online_mobile/state-of-the-appnation-%E2%80%93-a-year-of-change-and-growth-in-u-s-smartphones/
Schreckling, D., Posegga, J., Köstler, J., Schaff, M.: Kynoid: Real-Time Enforcement of Fine-Grained, User-Defined, and Data-Centric Security Policies for Android. In: Askoxylakis, I., Pöhls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 208–223. Springer, Heidelberg (2012)
Shekhar, S., Dietz, M., Wallach, D.: Adsplit: separating smartphone advertising from applications. In: 21st USENIX Conf. on Security, SEC 2012 (2012)
Stevens, R., Gibler, C., Crussell, J., Erickson, J., Chen, H.: Investigating user privacy in android ad libraries. In: MoST 2012: Mobile Security Technologies (2012)
Varma, K.: Security permissions in android. Krishnaraj Varma’s Blog (October 3, 2010), www.krvarma.com/2010/10/security-permissions-in-android/ (accessed October 9, 2012)
Xu, R., Saïdi, H., Anderson, R.: Aurasium: practical policy enforcement for android applications. In: 21st USENIX Conf. on Security, SEC 2012 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
May, M.J., Bhargavan, K. (2013). Towards Unified Authorization for Android. In: Jürjens, J., Livshits, B., Scandariato, R. (eds) Engineering Secure Software and Systems. ESSoS 2013. Lecture Notes in Computer Science, vol 7781. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36563-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-36563-8_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36562-1
Online ISBN: 978-3-642-36563-8
eBook Packages: Computer ScienceComputer Science (R0)