Android Access Control Extension

Anton Baláž; Branislav Madoš; Michal Ambróz

doi:10.18267/j.aip.77

Acta Informatica Pragensia (Dec 2015)

Android Access Control Extension

Anton Baláž,
Branislav Madoš,
Michal Ambróz

Affiliations

Anton Baláž: Department of Computers and Informatics, Faculty of Electrical Engineering and Informatics, Technical University of Košice
Branislav Madoš: Department of Computers and Informatics, Faculty of Electrical Engineering and Informatics, Technical University of Košice
Michal Ambróz: Department of Computers and Informatics, Faculty of Electrical Engineering and Informatics, Technical University of Košice

DOI: https://doi.org/10.18267/j.aip.77
Journal volume & issue: Vol. 4, no. 3
pp. 310 – 317

Abstract

Read online

The main objective of this work is to analyze and extend security model of mobile devices running on Android OS. Provided security extension is a Linux kernel security module that allows the system administrator to restrict program's capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. Module supplements the traditional Android capability access control model by providing mandatory access control (MAC) based on path. This extension increases security of access to system objects in a device and allows creating security sandboxes per application.

Published in Acta Informatica Pragensia

ISSN: 1805-4951 (Online)
Publisher: Prague University of Economics and Business
Country of publisher: Czechia
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://aip.vse.cz/

About the journal

Abstract

Keywords