1. Android Access Control Extension
- Author
-
Branislav Madoš, Anton Baláž, and Michal Ambróz
- Subjects
Computer access control ,Computer science ,Sandbox ,Access control ,Library and Information Sciences ,computer.software_genre ,Logical security ,Management Information Systems ,Discretionary access control ,Android ,Role-based access control ,MAC ,business.industry ,QA75.5-76.95 ,Computer security model ,Mandatory access control ,Computer Science Applications ,Policy ,Network Access Control ,Electronic computers. Computer science ,Operating system ,Security ,Profile ,business ,computer ,Information Systems - Abstract
The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC) based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.
- Published
- 2015