| Title | Fine Grained Confinement of Untrusted Third-Party Applications in Android |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Pande, Prateek, Mallaiah, Kurra, Gandhi, Rishi Kumar, Medatiya, Amit Kumar, Srinivasachary, S |
| Conference Name | 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS) |
| Keywords | Access Control, AOSP, composability, confinement, cyber security, Intelligent systems, Internet telephony, mobile applications, mobile security, performance evaluation, privacy, pubcrawl, resilience, Resiliency, SE-Android, smart phones, spyware, Third Party Applications |
| Abstract | Third party mobile applications are dominating the business strategies of organisations and have become an integral part of personal life of individuals. These applications are used for financial transactions, sharing of sensitive data etc. The recent breaches in Android clearly indicate that use of third party applications have become a serious security threat. By design, Android framework keeps all these applications in untrusted domain. Due to this a common policy of resource control exists for all such applications. Further, user discretion in granting permissions to specific applications is not effective because users are not always aware of deep functionalities, mala fide intentions (in case of spywares) and bugs/flaws in these third-party applications. In this regard, we propose a security scheme to mitigate unauthorised access of resources by third party applications. Our proposed scheme is based on SEAndroid policies and achieves fine grained confinement with respect to access control for the third party applications. To the best of our knowledge, the proposed scheme is unique and first of its kind. The proposed scheme is integrated with Android Oreo 8.1.0 for performance and security analysis. It is compatible with any Android device with AOSP support. |
| DOI | 10.1109/ICCCIS51004.2021.9397195 |
| Citation Key | pande_fine_2021 |
Fine Grained Confinement of Untrusted Third-Party Applications in Android