A trusted ecosystem for Android applications based on context-aware access control


Autoria(s): Herpich, Markus; Batyuk, Leonid; Camtepe, Seyit A.; Albayrak, Sahin
Data(s)

01/10/2012

Resumo

Private data stored on smartphones is a precious target for malware attacks. A constantly changing environment, e.g. switching network connections, can cause unpredictable threats, and require an adaptive approach to access control. Context-based access control is using dynamic environmental information, including it into access decisions. We propose an "ecosystem-in-an-ecosystem" which acts as a secure container for trusted software aiming at enterprise scenarios where users are allowed to use private devices. We have implemented a proof-of-concept prototype for an access control framework that processes changes to low-level sensors and semantically enriches them, adapting access control policies to the current context. This allows the user or the administrator to maintain fine-grained control over resource usage by compliant applications. Hence, resources local to the trusted container remain under control of the enterprise policy. Our results show that context-based access control can be done on smartphones without major performance impact.

Identificador

http://eprints.qut.edu.au/58300/

Publicador

IEEE Conference Publications

Relação

DOI:10.1109/MALWARE.2012.6461011

Herpich, Markus, Batyuk, Leonid, Camtepe, Seyit A., & Albayrak, Sahin (2012) A trusted ecosystem for Android applications based on context-aware access control. In Proceedings of the 7th International Conference on Malicious and Unwanted Software (MALWARE 2012), IEEE Conference Publications, Fajardo, Puerto Rico, USA, pp. 73-78.

Direitos

Copyright 2012 IEEE

Fonte

School of Electrical Engineering & Computer Science; Information Security Institute; Science & Engineering Faculty

Palavras-Chave #080303 Computer System Security #authorisation #smart phones #trusted computing #context-aware access control #fine-grained control #malware attacks #trusted ecosystem
Tipo

Conference Paper