User-driven access control: Rethinking permission granting in modern operating systems

Proceedings - IEEE Symposium on Security and Privacy

Volumn , Issue , 2012, Pages 224-238

  Roesner, Franziska ^a   Kohno, Tadayoshi ^a   Moshchuk, Alexander ^b   Parno, Bryan ^b   Wang, Helen J ^b   Cowan, Crispin ^c  

^a UNIVERSITY OF WASHINGTON   (United States)

^b MICROSOFT RESEARCH   (United States)

^c MICROSOFT   (United States)

Author keywords

access control; access control gadgets; ACGs; least privilege; operating systems; permission granting; permissions; user intent; user driven access control; user owned resources

Indexed keywords

WEB BROWSERS;

ACCESS CONTROL GADGET; LEAST PRIVILEGE; OPERATING SYSTEM; PERMISSION; PERMISSION GRANTING; USER DRIVEN; USER INTENT; USER-DRIVEN ACCESS CONTROL; USER-OWNED RESOURCE;

ACCESS CONTROL;

EID: 84874840847     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2012.24     Document Type: Conference Paper

References (40)

1. ADOBE. User-initiated action requirements in Flash Player 10. http://www.adobe.com/devnet/flashplayer/articles/fplayer10-uia-requirements. html, 2008.
2. ANDROID OS. http://www.android.com/.
3. APPLE. App sandbox and the Mac app store. https://developer.apple.com/ videos/wwdc/2011/ Nov. 2011.
4. APPLE. iOS4, 2011. http://www.apple.com/iphone/.
5. BALLANO, M. Android Threats Getting Steamy. Symantec Official Blog, Febuary 2011. http://www.symantec.com/connect/blogs/android-threats-getting- steamy.
6. BARTH, A., FELT, A. P., SAXENA, P., AND BOODMAN, A. Protecting Browsers from Extension Vulnerabilities. In Network and Distributed System Security Symposium (NDSS) (Feb. 2010).
7. CHROMIUM. Security Issues. https://code.google.com/p/chromium/issues/ list?q=label:Security, Feb. 2011.
8. COX, R. S., GRIBBLE, S. D., LEVY, H. M., AND HANSEN, J. G. A Safety-Oriented Platform for Web Applications. In IEEE Symposium on Security and Privacy (2006).
9. DOWDELL, JOHN. Clipboard pollution. http://blogs.adobe.com/jd/2008/08/ clipboard-pollution.html, 2008.
10. FACEBOOK. Apps on Facebook.com, 2011. http://developers.facebook.com/ docs/guides/.
11. FELT, A. P., GREENWOOD, K., AND WAGNER, D. The effectiveness of application permissions. In USENIX WebApps (June 2011).
12. FELT, A. P., HA, E., EGELMAN, S., HANEY, A., CHIN, E., AND WAGNER, D. Android permissions: User attention, comprehension, and behavior. Tech. Rep. UCB/EECS-2012-26, UC Berkeley, 2012.
13. FELT, A. P., .WANG, H. J., MOSHCHUK, A., HANNA, S., AND CHIN, E. Permission Re-Delegation: Attacks and Defenses. In USENIX Security Symposium (2011).
14. FESKE, N., AND HELMUTH, C. A Nitpicker's guide to a minimal-complexity secure GUI. In ACSAC (2005).
15. GRIER, C., TANG, S., AND KING, S. T. Secure Web Browsing with the OP Web Browser. In IEEE Symp. on Security & Privacy (2008).
16. HOWELL, J., AND SCHECHTER, S. What You See Is What They Get: Protecting Users from Unwanted Use of Microphones, Camera, and Other Sensors. In Web 2.0 Security and Privacy Workshop (2010).
17. KARGER, P. A., ZURKO, M. E., BONIN, D. W., MASON, A. H., AND KAHN, C. E. A retrospective on the VAX VMM security kernel. IEEE Transactions on Software Engineering 17, 11 (Nov. 1991).
18. LU, L., YEGNESWARAN, V., PORRAS, P., AND LEE, W. Blade: an attack-agnostic approach for preventing drive-by malware infections. In ACM CCS (2010).
19. MACKENZIE, I. S. Fitts' Law as a Research and Design Tool in Human-Computer Interaction. Human-Computer Interaction (HCI) 7(1) (1992), 91-139.
20. MICROSOFT. Accessing files with file pickers. http://msdn.microsoft.com/ en-us/library/windows/apps/hh465174.aspx.
21. MICROSOFT. What is User Account Control?, 2011. http://windows.microsoft. com/en-US/windows-vista/What-is-User-Account-Control.
22. MILLER, M. S. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD thesis, Johns Hopkins University, Baltimore, MD, USA, 2006.
23. MOTIEE, S., HAWKEY, K., AND BEZNOSOV, K. Do Windows Users Follow the Principle of Least Privilege?: Investigating User Account Control Practices. In Symposium on Usable Privacy & Security (2010).
24. MOZILLA FOUNDATION. Known Vulnerabilities in Mozilla Products, February 2011. http://www.mozilla.org/security/known-vulnerabilities/.
25. NOVAK, B. Accessing the System Clipboard with JavaScript: A Holy Grail? http://brooknovak.wordpress.com/2009/07/28/accessing-the-system-clipboard-with- javascript/.
26. NSA CENTRAL SECURITY SERVICE. Security-Enhanced Linux. http://www.nsa.gov/research/selinux/, Jan. 2009.
27. PETRONI, J R ., N. L., AND HICKS, M. Automated detection of persistent kernel control-flow attacks. In ACM CCS (2007).
28. RUDERMAN, J. The Same Origin Policy. http://www.mozilla.org/projects/ security/components/same-origin.html, 2011.
29. RUTKOWSKA, J., AND WOJTCZUK, R. Qubes OS. Invisible Things Lab. http://qubes-os.org.
30. SESHADRI, A., LUK, M., QU, N., AND PERRIG, A. SecVisor: A tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In ACM SOSP (2007).
31. SHAPIRO, J. S., VANDERBURGH, J., NORTHUP, E., AND CHIZMADIA, D. Design of the EROS Trusted Window System. In USENIX Security Symposium (2004).
32. SHIRLEY, J., AND EVANS, D. The User is Not the Enemy: Fighting Malware by Tracking User Intentions. In New Security Paradigms Workshop (2008).
33. STIEGLER, M., KARP, A. H., YEE, K.-P., CLOSE, T., AND MILLER, M. S. Polaris: Virus-Safe Computing for Windows XP. Communications of the ACM 49 (Sept. 2006), 83-88.
34. TANG, S., MAI, H., AND KING, S. T. Trust and Protection in the Illinois Browser Operating System. In USENIX OSDI (2010).
35. W3C. Device APIs and Policy Working Group, 2011. http://www.w3.org/2009/ dap/.
36. WANG, H. J., GRIER, C., MOSHCHUK, A., KING, S. T., CHOUDHURY, P., AND VENTER, H. The Multi-Principal OS Construction of the Gazelle Web Browser. In USENIX Security Symposium (2009).
37. WANG, H. J., MOSHCHUK, A., AND BUSH, A. Convergence of Desktop and Web Applications on a Multi-Service OS. In USENIX Hot Topics in Security (2009).
38. YEE, K.-P. User interaction design for secure systems. In 4th Conference on Information and Communications Security (2002).
39. YEE, K.-P. Aligning Security and Usability. IEEE Security and Privacy 2(5) (Sept. 2004), 48-55.
40. ZELDOVICH, N., BOYD-WICKIZER, S., KOHLER, E., AND MAZIÈRES, D. Making information flow explicit in HiStar. In USENIX OSDI (2006).