A small but non-negligible flaw in the android permission scheme

Proceedings - 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, Policy 2010

Volumn , Issue , 2010, Pages 107-110

  Shin, Wook ^a   Kwak, Sanghoon ^b   Kiyomoto, Shinsaku ^a   Fukushima, Kazuhide ^a   Tanaka, Toshiaki ^a  

^a KDDI CORPORATION   (Japan)

^b Seoul National University   (South Korea)

Author keywords

Android; Permission; Vulnerability

Indexed keywords

ANDROID; AUTHORIZATION DECISION; DYNAMIC ADJUSTMENT; PERMISSION; PERMISSION-BASED SECURITY; SECURITY FLAWS; VULNERABILITY;

ROBOTS;

NETWORK SECURITY;

EID: 79951899261     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2010.11     Document Type: Conference Paper

References (4)

1. W. Shin, S. Kiyomoto, K. Fukushima, and T. Tanaka, "A formal model to analyze the permission authorization and enforcement in the android framework," in International Symposium on Secure Computing (SecureCom-10) (to appear), 2010.
2. Google, Inc., "Security and permissions," http://code.google. com/android/devel/security.html (Retrieved 2010-05-13).
3. -, "The Android open source project," http://source.android.com (Retrieved 2010-05-13).
4. "about the signature permission - what happen if the declaring app is uninstalled," Android Security Discussions, https://groups.google.com/ group/android-security-discuss/browse-thread/thread/ef6f267434622418 (Retrieved 2010-05-13).