论文信息 - An SELinux-based intent manager for Android

An SELinux-based intent manager for Android

The support for Mandatory Access Control offered by SELinux has become a significant component of the security design of the Android operating system, offering robust protection and the ability to support system-level policies enforced by all the elements of the system. A well-known security-sensitive aspect of Android that currently SELinux does not cover is the abuse of intents, which represent the Android approach to inter-process communication. We propose SEIntentFirewall, an SELinux intent manager that provides fine-grained access control over Intent objects, permitting to cover within MAC policies the use of intents.

Stefano Paraboschi | Enrico Bacis | Simone Mutti

[1] Vivek Sarkar,et al. Automatic detection of inter-application permission leaks in Android applications , 2013, IBM J. Res. Dev..

[2] Patrick D. McDaniel,et al. Semantically Rich Application-Centric Security in Android , 2009, 2009 Annual Computer Security Applications Conference.

[3] Stephen Smalley,et al. Security Enhanced (SE) Android: Bringing Flexible MAC to Android , 2013, NDSS.

[4] Stefano Paraboschi,et al. AppPolicyModules: Mandatory Access Control for Third-Party Apps , 2015, AsiaCCS.