Back to Search
Start Over
Analysis of SEAndroid Policies
- Source :
- ACSAC
- Publication Year :
- 2017
- Publisher :
- ACM, 2017.
-
Abstract
- Android has become a dominant computing platform, and its popularity has coincided with a surge of malware. The incorporation of Security-Enhanced Linux in Android (SEAndroid) is an important security enhancement to the platform. While SEAndroid adds the benefits of mandatory protection that SELinux brought to desktops and servers, the protection is only as good as the policy. Existing Android devices contain a wide variety of SEAndroid policies, depending on both the version of Android as well as the device manufacturer. In this paper, we present an approach to analyze SEAndroid policies in conjunction with the underlying Linux/Unix Discretionary Access Control policies. We apply our approach to four different versions of Android Open Source Project (AOSP) as well as devices from seven different manufacturers, and find several forms of unintentional privilege assignments.
- Subjects :
- Unix
021110 strategic, defence & security studies
Software_OPERATINGSYSTEMS
Computer science
0211 other engineering and technologies
020207 software engineering
02 engineering and technology
computer.software_genre
Policy analysis
Popularity
Discretionary access control
Open source
Server
0202 electrical engineering, electronic engineering, information engineering
Operating system
Malware
Android (operating system)
computer
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- Proceedings of the 33rd Annual Computer Security Applications Conference
- Accession number :
- edsair.doi...........f09b9a60f07b62a44f98ae6d9a3301ae
- Full Text :
- https://doi.org/10.1145/3134600.3134638