IIT Home Page CNR Home Page

Enhancing Android Permission through Usage Control: A BYOD Use-Case

The Bring Your Own Device (BYOD) paradigm, where the employees of a company install an application on their mobile devices to access company privileged information, is becoming very popular in the business environment. In order to perform their tasks, BYOD applications typically require a large set of rights which, in Android mobile devices, must be statically granted in order to have the application installed. However, this access control model is too coarse grained for the BYOD scenario, because employees would like to have a finer control on the rights granted to such  applications, for instance to protect their privacy when they are not on duty. To address this issue, we propose to enhance the Android permission system through a Usage Control-based framework enabling employees to write policies which are continuously enforced while BYOD applications are running. This framework acts as a dynamic permission manager, where usage control policies grants, revokes and restores permissions to running applications on the base of mutable attributes describing the current context. Context is observed by using Android device standard APIs to monitor attributes such as mobile device location, WiFi status, battery level, current date and time, and so on.  External trusted attribute providers can also be exploited.

 


31st ACM Symposium on Applied Computing (SAC 2016), Pisa, 2016

IIT authors:

Type: Contributo in atti di convegno
Field of reference: Information Technology and Communication Systems

File: sac.pdf

Activity: Sicurezza nel Cloud Computing
Architetture, protocolli e meccanismi di sicurezza per sistemi e servizi distribuiti