What's in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources

To address this challenge, we present in this paper SEACAT, a new security system for fine-grained, flexible protection on external resources. SEACAT supports both MAC and DAC, and integrates their enforcement mechanisms across the Android middleware and the Linux kernel. It extends SEAndroid for specifying policies on external resources, and also hosts a DAC policy base. Both sets of policies are managed under the same policy engine and Access Vector Cache that support policy checks within the security hooks distributed across the framework and the Linux kernel layers, over different channels. This integrated security model was carefully designed to ensure that misconfigured DAC policies will not affect the enforcement of MAC policies, which manufacturers and system administrators can leverage to define their security rules. In the meantime, a policy management service is offered to the ordinary Android users for setting policies that protect the resources provided by the third party. This service translates simple user selections into SELinux-compatible policies in the background. Our implementation is capable of thwarting all known attacks on external resources at a negligible performance cost.

[1]  Lujo Bauer,et al.  Run-Time Enforcement of Information-Flow Properties on Android - (Extended Abstract) , 2013, ESORICS.

[2]  Stephen Smalley,et al.  Security Enhanced (SE) Android: Bringing Flexible MAC to Android , 2013, NDSS.

[3]  John R. White,et al.  Smartphone-Based Glucose Monitors and Applications in the Management of Diabetes: An Overview of 10 Salient “Apps” and a Novel Smartphone-Connected Blood Glucose Monitor , 2012, Clinical Diabetes.

[4]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[5]  Robert B. Miller,et al.  Response time in man-computer conversational transactions , 1899, AFIPS Fall Joint Computing Conference.

[6]  Ahmad-Reza Sadeghi,et al.  Practical and lightweight domain isolation on Android , 2011, SPSM '11.

[7]  Hongyang Li,et al.  Screenmilker: How to Milk Your Android Screen for Secrets , 2014, NDSS.

[8]  Carl A. Gunter,et al.  Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android , 2014, NDSS.

[9]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[10]  Ahmad-Reza Sadeghi,et al.  Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies , 2013, USENIX Security Symposium.

[11]  Christopher Krügel,et al.  PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[12]  Patrick D. McDaniel,et al.  Porscha: policy oriented secure content handling in Android , 2010, ACSAC '10.

[13]  Alastair R. Beresford,et al.  MockDroid: trading privacy for application functionality on smartphones , 2011, HotMobile '11.

[14]  Dawn Xiaodong Song,et al.  Contextual Policy Enforcement in Android Applications with Permission Event Graphs , 2013, NDSS.

[15]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[16]  Jock D. Mackinlay,et al.  The information visualizer, an information workspace , 1991, CHI.

[17]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.