Determination and Enforcement of Least-Privilege Architecture in Android

@article{Hammad2017DeterminationAE,
  title={Determination and Enforcement of Least-Privilege Architecture in Android},
  author={Mahmoud Hammad and Hamid Bagheri and Sam Malek},
  journal={2017 IEEE International Conference on Software Architecture (ICSA)},
  year={2017},
  pages={59-68}
}
Modern mobile platforms rely on a permission model to guard the system's resources and apps. In Android, since the permissions are granted at the granularity of apps, and all components belonging to an app inherit those permissions, an app's components are typically over-privileged, i.e., components are granted more privileges than they need to complete their tasks. Systematic violation of least-privilege principle in Android has shown to be the root cause of many security vulnerabilities. To… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-7 OF 7 CITATIONS

References

Publications referenced by this paper.
SHOWING 1-10 OF 31 REFERENCES

COVERT: Compositional Analysis of Android Inter-App Permission Leakage

  • IEEE Transactions on Software Engineering
  • 2015
VIEW 8 EXCERPTS
HIGHLY INFLUENTIAL

Composite Constant Propagation: Application to Android Inter-Component Communication Analysis

  • 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
  • 2015
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Practical, Formal Synthesis and Automatic Enforcement of Security Policies for Android

  • 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  • 2016
VIEW 2 EXCERPTS

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

  • 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
  • 2015
VIEW 3 EXCERPTS

Similar Papers

Loading similar papers…