DR BACA: dynamic role based access control for Android
作者: Felix Rohrer , Yuting Zhang , Lou Chitkushev , Tanya Zlateva
关键词:
摘要: Android as an open platform dominates the booming mobile market. However its permission mechanism is inflexible and often results in over-privileged applications. This turn creates severe security issues. Aiming to support Principle of Least Privilege, we propose implement a Dynamic Role Based Access Control for (DR BACA) model enhance security, particularly corporate environment. Our system offers multi-user management on devices comparable traditional workstations, provides fine-grained (RBAC) at both application level. Moreover, by leveraging context-aware capabilities Near Field communication (NFC) technology, our solution supports dynamic RBAC provide more flexible access control while still being able mitigate some most serious risks devices. The DR BACA can easily be managed, even large business environments with many We show that deployed used ease. With proper policy, evaluation shows effectively posed malicious vulnerable non-malicious applications incurring only small overall overhead.
acm.org
sci-hub.se 参考文章(19)
Peter Honeyman, Niels Provos, Markus Friedl, Preventing privilege escalation usenix security symposium. pp. 16- 16 ,(2003)
Mauro Conti, Vu Thien Nga Nguyen, Bruno Crispo, CRePE: context-related policy enforcement for android international conference on information security. ,vol. 6531, pp. 331- 345 ,(2010) , 10.1007/978-3-642-18178-8_29
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel, Semantically rich application-centric security in Android Security and Communication Networks. ,vol. 5, pp. 658- 673 ,(2012) , 10.1002/SEC.360
Alexander Moshchuk, Adrienne Porter Felt, Helen J. Wang, Erika Chin, Steven Hanna, Permission re-delegation: attacks and defenses usenix security symposium. pp. 22- 22 ,(2011)
Nilar Thein, Thiri The'Wut Yee, Leveraging access control mechanism of Android smartphone using context-related role-based access control model networked computing and advanced information management. pp. 54- 61 ,(2011)
Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Stephan Heuser, Ahmad-Reza Sadeghi, Bhargava Shastry, Practical and lightweight domain isolation on Android Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 51- 62 ,(2011) , 10.1145/2046614.2046624
R.S. Sandhu, P. Samarati, Access control: principle and practice IEEE Communications Magazine. ,vol. 32, pp. 40- 48 ,(1994) , 10.1109/35.312842
R. J. Hulsebosch, A. H. Salden, M. S. Bargh, P. W. G. Ebben, J. Reitsma, Context sensitive access control symposium on access control models and technologies. pp. 111- 119 ,(2005) , 10.1145/1063979.1064000
Asaf Shabtai, Yuval Fledel, Yuval Elovici, Securing Android-Powered Mobile Devices Using SELinux ieee symposium on security and privacy. ,vol. 8, pp. 36- 44 ,(2010) , 10.1109/MSP.2009.144
Robert B. Miller, Response time in man-computer conversational transactions national computer conference. pp. 267- 277 ,(1968) , 10.1145/1476589.1476628