Android安全框架:可扩展的多层访问控制
需积分: 9 172 浏览量
更新于2024-09-15
收藏 300KB PDF 举报
"Android Security Framework: Extensible Multi-Layered Access Control on Android"
本文介绍了一个名为Android Security Framework (ASF)的通用、可扩展的安全框架,它为Android系统提供了一种开发和集成各种安全模型的方式,这些模型以代码为基础的模块形式存在。ASF的设计借鉴了如Linux Security Modules和BSD MAC Framework等成熟安全框架的理论,并结合了Android软件栈特有的需求和挑战。该框架提出了一种新颖的安全API,使得Android安全扩展的开发者能够更方便地构建自己的模块,从而解决了当前将安全解决方案作为单独补丁添加到Android软件栈或嵌入主线代码库的不理想状况。这种系统级的安全可扩展性对于需要部署高级安全模型的企业或政府解决方案尤其有利,因为这些模型是原生Android系统所不支持的。
在文中,作者展示了ASF的原型实现,并通过模块化实现动态权限、内联引用监控和类型强制等相关的安全模型来证明其有效性和效率。动态权限允许在运行时动态地管理应用的权限,增强了权限控制的灵活性;内联引用监控则可以实时监控对象间的引用,提高安全防护的精度;类型强制是一种强制执行数据和操作类型规则的安全机制,有助于防止意外的数据泄露或恶意行为。
ASF的引入还意味着开发者能够更容易地创建和整合新的安全策略,而无需深入修改Android的核心代码,这降低了维护和更新的复杂性。此外,这种模块化的安全框架还便于不同组织根据自身特定的安全需求进行定制,提供了更大的灵活性和可定制性。
Android Security Framework为Android平台带来了更加灵活和强大的多层访问控制能力,为开发者和企业提供了扩展和定制安全策略的新途径,从而更好地保护用户数据和系统的安全性。
Android Security Framework:
Extensible Multi-Layered Access Control on Android
Michael Backes, Sven Bugiel, Sebastian Gerling, Philipp von Styp-Rekowsky
{backes,bugiel,sgerling,styp-rekowsky}@cs.uni-saarland.de
Saarland University/CISPA, Germany
ABSTRACT
We introduce the Android Security Framework (ASF),a
generic, extensible security framework for Android that en-
ables the development and integration of a wide spectrum of
security models in form of code-based security modules. The
design of ASF reflects lessons learned from the literature
on established security frameworks (such as Linux Security
Modules or the BSD MAC Framework) and intertwines them
with the particular requirements and challenges from the
design of Android’s software stack. ASF provides a novel
security API that supports authors of Android security ex-
tensions in developing their modules. This overcomes the
current unsatisfactory situation to provide security solutions
as separate patches to the Android software stack or to em-
bed them into Android’s mainline codebase. This system
security extensibility is of particular benefit for enterprise or
government solutions that require deployment of advanced se-
curity models, not supported by vanilla Android. We present
a prototypical implementation of ASF and demonstrate its
effectiveness and efficiency by modularizing different secu-
rity models from related work, such as dynamic permissions,
inlined reference monitoring, and type enforcement.
1. INTRODUCTION
For several decades now, the need for operating system
security mechanisms to provide strong security and privacy
guarantees has been well understood [24, 34, 26, 5]. Yet, re-
cent classes of attacks against smartphone end-user’s privacy
and security [19, 41, 29, 9] have shown that the fairly new
smart device operating systems fail to provide these strong
guarantees, for instance, with respect to access control or
information flow control. To remedy this situation, security
research has proposed a wide spectrum of security models and
extensions for mobile operating systems, most of them for the
popular open-source Android OS. These extensions include
context-related access control [10], developer-centric security
policies [28], and dynamic, fine-grained permissions [42, 21,
3]. They also comprise security models [7, 33, 36, 8] such as
Permission to make digital or hard copies of all or part of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for profit or commercial advantage and that copies bear this notice and the full cita-
tion on the first page. Copyrights for components of this work owned by others than
ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or re-
publish, to post on servers or to redistribute to lists, requires prior specific permission
and/or a fee. Request permissions from Permissions@acm.org.
ACSAC’14, December 08–12, 2014, New Orleans, LA, USA
Copyright is held by the owner/author(s). Publication rights licensed to ACM.
ACM 978-1-4503-3005-6/14/12 ...$15.00.
http://dx.doi.org/10.1145/2664243.2664265.
domain isolation and type enforcement, which are usually at
the heart of enterprise and governmental security solutions.
However, the lack of a comprehensive security API for
the development and modularization of security extensions
on Android has created the unsatisfactory situation that
all of these novel and warranted security models are either
provided as model-specific patches to the Android software
stack, or they became an integrated component of the An-
droid OS design [36]. When considering the body of literature
on established security frameworks, such as Linux Security
Modules (LSM) [40] or the BSD MAC Framework [39], their
history has taught that the need to patch the OS or the hard-
wiring of a specific security model impairs both the practical
and theoretical benefits of security solutions. First, there
is in general no consensus on the “right” security model,
as demonstrated by the broad range of Android security
extensions [10, 28, 3, 42, 7, 36]. Thus, OS security mecha-
nisms should not limit policy authors to one specific security
model by embedding it into the OS design. Second, providing
security solutions as “security-model-specific Android forks”
impedes their maintainability across different OS versions,
because every update to the Android software stack has to
be re-evaluated for and applied to each fork separately.
Contributions.
In this paper, we propose the design and
implementation of Android Security Framework (ASF),
which allows security experts to develop and deploy their
security models in form of modules as part of Android’s
platform security. This provides the means to easily extend
the Android security mechanisms and avoids that security
designers have to choose “the right Android security fork” or
that the OS vendor has to impose a specific security model.
In the design of ASF we transfer the lessons learned and
guiding principles from the literature on established OS secu-
rity infrastructures to Android and intertwine them with new
requirements for efficient security policies for multi-tiered
software stacks of smart devices. In contrast to concurrent,
independent work [20], which introduced extensibility for
security apps (i.e., add-ons), our design establishes a generic
and extensible security framework that allows instantiating
security models by design as part of Android’s platform se-
curity and enables not only extending but also replacing
Android’s default security mechanisms. This is particularly
beneficial when tailoring Android for higher-security deploy-
ments like enterprise phones, where the default mechanisms
are insufficient or even obsolete (e.g., when the IT department
is an additional stakeholder that decides on apps’ privileges
and installation). We make the following contributions:
下载后可阅读完整内容,剩余9页未读,立即下载
2020-04-11 上传
2023-05-12 上传
2023-03-30 上传
2023-05-04 上传
2023-05-12 上传
2024-04-03 上传
2023-06-06 上传
2023-06-10 上传
懒人学编程
- 粉丝: 2
- 资源: 19
我的内容管理
展开
最新资源
- ASP.NET数据库高级操作:SQLHelper与数据源控件
- Windows98/2000驱动程序开发指南
- FreeMarker入门到精通教程
- 1800mm冷轧机板形控制性能仿真分析
- 经验模式分解:非平稳信号处理的新突破
- Spring框架3.0官方参考文档:依赖注入与核心模块解析
- 电阻器与电位器详解:类型、命名与应用
- Office技巧大揭秘:Word、Excel、PPT高效操作
- TCS3200D: 可编程色彩光频转换器解析
- 基于TCS230的精准便携式调色仪系统设计详解
- WiMAX与LTE:谁将引领移动宽带互联网?
- SAS-2.1规范草案:串行连接SCSI技术标准
- C#编程学习:手机电子书TXT版
- SQL全效操作指南:数据、控制与程序化
- 单片机复位电路设计与电源干扰处理
- CS5460A单相功率电能芯片:原理、应用与精度分析
