We propose a new attestation approach for the Android platform that integrates Trusted Computing concepts and Android's permission-based access control features. Recent research in the field of mobile security has shown that malware is a real threat. Trusted Computing in general and especially the concept of remote attestation can be leveraged to counter both the dissemination and the potential impact of such malware. However, current attestation approaches are not well suited for mobile platforms and crucial Trusted Computing components are still missing for them. Our approach introduces the necessary Trusted Computing building blocks for the Android platform. Furthermore, we detail how the permissions that are used by an Android phone's installed apps can be attested to a remote party at runtime. Additionally, we highlight areas that are subject of future work. © 2011 Springer-Verlag.
CITATION STYLE
Bente, I., Dreo, G., Hellmann, B., Heuser, S., Vieweg, J., Von Helden, J., & Westhuis, J. (2011). Towards permission-based attestation for the android platform (Short paper). In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6740 LNCS, pp. 108–115). Springer Verlag. https://doi.org/10.1007/978-3-642-21599-5_8
Mendeley helps you to discover research relevant for your work.