Biblio

In the universal Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. In order to address permission leak in a trusted execution environment, this paper designs security architecture which contains sandbox module, middleware module, usage and access control module, and proposes an effective usage and access control scheme that can prevent permission leak in a trusted execution environment. Security architecture based on the scheme has been implemented on an ARM-Android platform, and the evaluation of the proposed scheme demonstrates its effectiveness in mitigating permission leak vulnerabilities.