Abstract
This paper proposes MpDroid, an API-level multi-policy access control enforcement based on the ‘Rule Set Based Access Control’ (RSBAC) framework. In the MpDroid, we monitor and manage resources, services and Android inter-component communication (ICC) based on multiple policies mechanism, so as to restrict the applications access to the sensitive APIs and prevent privilege escalation attacks. When installing an application, we build the mapping relationships between sensitive APIs and the application capability. Each rule in the user-defined and context policies is regarded as a limitation of the application capability. Moreover, system policy is used for matching the illegal ICC communications. Experimental results showed that we can realize the API-level access control for Android middleware, and prevent the illegal ICC communication on the Android 4.1.4.
Author supplied keywords
Cite
CITATION STYLE
Tian, D., Li, X., Hu, J., Xu, G., & Feng, Z. (2015). POSTER: API-level multi-policy access control enforcement for android middleware. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (Vol. 164, pp. 559–562). Springer Verlag. https://doi.org/10.1007/978-3-319-28865-9_30
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
