Visible to the public An Effective Usage and Access Control Scheme for Preventing Permission Leak in a Trusted Execution Environment

TitleAn Effective Usage and Access Control Scheme for Preventing Permission Leak in a Trusted Execution Environment
Publication TypeConference Paper
Year of Publication2016
AuthorsChang, Rui, Jiang, Liehui, Yin, Qing, Ren, Lu, Liu, Qingfeng
Conference NameProceedings of the 6th International Conference on Communication and Network Security
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4783-9
KeywordsAccess Control, composability, Permission, pubcrawl, Resiliency, sandbox, Sandboxing, Trusted Execution Environment, trusted platform modules
Abstract

In the universal Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. In order to address permission leak in a trusted execution environment, this paper designs security architecture which contains sandbox module, middleware module, usage and access control module, and proposes an effective usage and access control scheme that can prevent permission leak in a trusted execution environment. Security architecture based on the scheme has been implemented on an ARM-Android platform, and the evaluation of the proposed scheme demonstrates its effectiveness in mitigating permission leak vulnerabilities.

URLhttp://doi.acm.org/10.1145/3017971.3017973
DOI10.1145/3017971.3017973
Citation Keychang_effective_2016