Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

Enhancing Android Security Through App Splitting

Download
227 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-319-78813-5_2,
    author={Drew Davidson and Vaibhav Rastogi and Mihai Christodorescu and Somesh Jha},
    title={Enhancing Android Security Through App Splitting},
    proceedings={Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
    proceedings_a={SECURECOMM},
    year={2018},
    month={4},
    keywords={Security Android Privilege separation Permissions},
    doi={10.1007/978-3-319-78813-5_2}
}
  • Drew Davidson
    Vaibhav Rastogi
    Mihai Christodorescu
    Somesh Jha
    Year: 2018
    Enhancing Android Security Through App Splitting
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-78813-5_2
Drew Davidson1,*, Vaibhav Rastogi2,*, Mihai Christodorescu3,*, Somesh Jha,*
  • 1: Tala Security
  • 2: University of Wisconsin-Madison
  • 3: Visa Research
*Contact email: drew@talasecurity.io, vrastogi@cs.wisc.edu, mihai.christodorescu@visa.com, jha@cs.wisc.edu

Abstract

The Android operating system provides a rich security model that specifies over 100 distinct permissions. Before performing a sensitive operation, an app must obtain the corresponding permission through a request to the user. Unfortunately, an app is treated as an opaque, monolithic security principal, which is granted or denied permission as a whole. This blunts the effectiveness of the permissions model. Even the recent enhancements in Android do not account for the interactions between multiple permissions or for multiple uses of a single permission for disparate functionality.

Keywords
Security Android Privilege separation Permissions
Published
2018-04-26
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-319-78813-5_2
Copyright © 2017–2024 EAI
EAI Logo

About EAI

Community

Publish with EAI