Abstract
Android devices are increasingly used in corporate settings. Although openness and cost-effectiveness are key factors to opt for the platform, its level of data protection is often inadequate for corporate use. This paper presents a strategy for secure credential and data storage in Android. It is supplemented by a context-aware mechanism that restricts data availability according to predefined policies. Our approach protects stored data better than iOS in case of device theft. Contrary to other Android-based solutions, we do not depend on device brand, hardware specs, price range or platform version. No modifications to the operating system are required. The proposed concepts are validated by a contextaware file management prototype.
Chapter PDF
References
iOS security (October 2012), https://ssl.apple.com/iphone/business/docs/iOS_Security_Oct12.pdf
Android Security Overview - Android Open Source (May 2013), https://source.android.com/tech/security/
Samsung Knox (June 2013), http://www.samsung.com/global/business/business-images/resource/white-paper/2013/06/Samsung_KNOX_whitepaper_June-0.pdf
Windows Phone 8 Security Guide (September 2013), http://go.microsoft.com/fwlink/?LinkId=266838
Bai, G., Gu, L., Feng, T., Guo, Y., Chen, X.: Context-aware usage control for android. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 326–343. Springer, Heidelberg (2010), http://dx.doi.org/10.1007/978-3-642-16161-2_19
Barker, E.B., Johnson, D., Smid, M.E.: NIST SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography. Technical report, Gaithersburg, MD, United States (2013)
Belenko, A., Sklyarov, D.: secure password managers” and “military-grade encryption. on smartphones: Oh, really? Technical report, Elcomsoft, Amsterdam (March 2012)
Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 239–252. ACM, New York (2011)
Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI 2010, pp. 1–6. USENIX Association, Berkeley (2010)
Fahl, S., Harbach, M., Oltrogge, M., Muders, T., Smith, M.: Hey, you, get off of my clipboard. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 144–161. Springer, Heidelberg (2013)
Feth, D., Jung, C.: Context-aware, data-driven policy enforcement for smart mobile devices in business environments. In: Schmidt, A.U., Russello, G., Krontiris, I., Lian, S. (eds.) MobiSec 2012. LNICST, vol. 107, pp. 69–80. Springer, Heidelberg (2012)
May, M.J., Bhargavan, K.: Towards unified authorization for android. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 42–57. Springer, Heidelberg (2013)
Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application-centric security in android. Security and Communication Networks 5(6), 658–673 (2012)
Riva, O., Qin, C., Strauss, K., Lymberopoulos, D.: Progressive authentication: deciding when to authenticate on mobile phones. In: Proceedings of the 21st USENIX Conference on Security Symposium, Security 2012, p. 15. USENIX Association, Berkeley (2012)
Teufl, P., Zefferer, T., Stromberger, C.: Mobile device encryption systems. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IFIP AICT, vol. 405, pp. 203–216. Springer, Heidelberg (2013)
Tiwari, M., Mohan, P., Osheroff, A., Alkaff, H., Shi, E., Love, E., Song, D., Asanović, K.: Context-centric security. In: Proceedings of the 7th USENIX Conference on Hot Topics in Security, HotSec 2012, p. 9. USENIX Association, Berkeley (2012)
Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Malicious android applications in the enterprise: What do they do and how do we fix it? In: 2012 IEEE 28th International Conference on Data Engineering Workshops (ICDEW), pp. 251–254 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Boukayoua, F., Lapon, J., De Decker, B., Naessens, V. (2014). Secure Storage on Android with Context-Aware Access Control. In: De Decker, B., Zúquete, A. (eds) Communications and Multimedia Security. CMS 2014. Lecture Notes in Computer Science, vol 8735. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44885-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-662-44885-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44884-7
Online ISBN: 978-3-662-44885-4
eBook Packages: Computer ScienceComputer Science (R0)