Android Permission System Violation: Case Study and Refinement

Android Permission System Violation: Case Study and Refinement

Kyoung Soo Han, Yeoreum Lee, Biao Jiang, Eul Gyu Im
Copyright: © 2013 |Pages: 12
DOI: 10.4018/jeei.2013010102
OnDemand:
(Individual Articles)
Available
$37.50
Current Special Offers
No Current Special Offers
TOTAL SAVINGS: $37.50

Abstract

Android uses permissions for application security management. Android also allows inter-application communication (IAC), which enables cooperation between different applications to perform complex tasks by using some components and Intents. In other words, Android provides more flexibility and places less restriction on application development. This is a major feature that differentiates Android from its competitors. However, IAC also facilitates malicious applications that can collude in attacks of privilege escalation. In this paper, the authors demonstrate with case studies that all IAC channels can potentially be utilized for privilege escalation attacks, and the authors propose a refinement to solve this problem by enforcing IAC permissions and exposing IAC to users.
Article Preview
Top

The Importance Of Security For E-Business And E- Entrepreneur

Globally, smartphone markets are growing every year and diverse smartphone models, operation systems, and applications are being developed. Smartphones have the advantage of being small in size but have high computing capacity to the extent that they are regarded as portable computers, and they can be utilized for diverse purposes by configuring users’ own customized devices through various applications.

Since various companies develop applications and sell in application markets, such as Play Store (Google) and App Store (Apple), revenue can be also generated by loading advertisements on individual applications. The current trend in e-business and e-entrepreneur is a move to mobile devices.

However, applications containing malicious codes are not the only things being distributed illegally, sensitive information such as personal information and payment information is being leaked. The damages are increasing with the increase in the smartphone trends. Therefore, security for smartphones is becoming an issue.

Android aspires to more open environments than the other operating systems to allow more convenient communication among applications. Therefore, many related vulnerabilities exist. In particular, the permission system is the likely to be misused.

The purpose of the present paper is to analyze attack models that may occur in the Android permission system to explore vulnerabilities and offer suggestions for improving the situation.

Complete Article List

Search this Journal:
Reset
Volume 14: 1 Issue (2024)
Volume 13: 1 Issue (2023)
Volume 12: 2 Issues (2022)
Volume 11: 2 Issues (2021)
Volume 10: 2 Issues (2020)
Volume 9: 2 Issues (2019)
Volume 8: 2 Issues (2018)
Volume 7: 2 Issues (2017)
Volume 6: 2 Issues (2016)
Volume 5: 2 Issues (2015)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing