Research Article
FineDroid: Enforcing Permissions with System-Wide Application Execution Context
445 downloads
@INPROCEEDINGS{10.1007/978-3-319-28865-9_1, author={Yuan Zhang and Min Yang and Guofei Gu and Hao Chen}, title={FineDroid: Enforcing Permissions with System-Wide Application Execution Context}, proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2016}, month={2}, keywords={Permission enforcement Application context Policy framework}, doi={10.1007/978-3-319-28865-9_1} }
- Yuan Zhang
Min Yang
Guofei Gu
Hao Chen
Year: 2016
FineDroid: Enforcing Permissions with System-Wide Application Execution Context
SECURECOMM
Springer
DOI: 10.1007/978-3-319-28865-9_1
Abstract
To protect sensitive resources from unauthorized use, modern mobile systems, such as Android and iOS, design a permission-based access control model. However, current model could not enforce control over the dynamic permission use contexts, causing two severe security problems. First, any code package in an application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps. Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable application interactions. Although ad hoc solutions have been proposed, none could systematically solve these two issues within a unified framework.
Copyright © 2015–2024 ICST