Context-aware usage control for Android

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

Volumn 50 LNICST, Issue , 2010, Pages 326-343

  Bai, Guangdong ^a   Gu, Liang ^a   Feng, Tao ^a   Guo, Yao ^a   Chen, Xiangqun ^a  

^a Peking University   (China)

Author keywords

Access control; Android; Context aware; Mobile platform; Security

Indexed keywords

ANDROID; COARSE-GRAINED; CONTEXT INFORMATION; CONTEXT-AWARE; DATA PROTECTION; ITS EVALUATION; MOBILE APPLICATIONS; MOBILE ENVIRONMENTS; MOBILE PLATFORM; OPEN SOURCES; PERSONALIZATIONS; POLICY ENFORCEMENT; PRIVACY PROTECTION; RESOURCE USAGE; SECURITY; SECURITY AND PRIVACY; SECURITY CHALLENGES; SECURITY FRAMEWORKS; SECURITY MEASURE; SECURITY MECHANISM; SMART PHONES; TRADITIONAL COMPUTERS; USAGE CONTROL; USER EXPERIENCE;

ACCESS CONTROL; CELLULAR TELEPHONE SYSTEMS; MOBILE PHONES; SEMANTICS; TELECOMMUNICATION NETWORKS; TELEPHONE SETS;

ROBOTS;

EID: 84885884531     PISSN: 18678211     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-16161-2_19     Document Type: Conference Paper

References (34)

1. Aich, S., Sural, S., Majumdar, A.K.: STARBAC: Spatio temporal role based access control. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1567-1582. Springer, Heidelberg (2007)
2. Al-Muhtadi, J., Ranganathan, A., Campbell, R.H., Mickunas, M.D.: Cerberus: A context-aware security scheme for smart spaces. In: PerCom, p. 489 (2003)
3. Bandinelli, M., Paganelli, F., Vannuccini, G., Giuli, D.: A contextaware security framework for next generation mobile networks. In: MobiSec. Springer, Heidelberg (2009)
4. Bell, D., LaPadula, L.: Secure computer systems: Mathematical foundations. Technical Report ESD-TR-73-278, MITRE Corporation (1973)
5. Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An access control model supporting periodicity constraints and temporal reasoning. ACM Trans. Database Syst. 23(3), 231-285 (1998) (Pubitemid 128449274)
6. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. In: RBAC 2000, July 26-27, pp. 21-30. ACM Press, New York (2000)
7. Biba, K.J.: Integrity considerations for secure computer systems. MTR-3153, Rev. 1, The Mitre Corporation (1977)
8. Bose, A., Hu, X., Shin, K.G., Park, T.: Behavioral detection of malware on mobile handsets. In: MobiSys 2008, pp. 225-238. ACM, New York (2008)
9. Cheng, J., Wong, S.H.Y., Yang, H., Lu, S.: Smartsiren: virus detection and alert for smart-phones. In: MobiSys 2007, pp. 258-271. ACM, New York (2007) (Pubitemid 47620930)
10. Covington, M.J., Fogla, P., Zhan, Z., Ahamad, M.: A contextaware security architecture for emerging applications. In: ACSAC, pp. 249-260 (2002)
11. Covington, M.J., Moyer, M.J., Ahamad, M.: Generalized role-based access control for securing future applications (November 03, 2000)
12. Dagon, D., Martin, T., Starner, T.: Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Computing 3(4), 11-15 (2004) (Pubitemid 40010893)
13. Damiani, M.L., Bertino, E., Catania, B., Perlasca, P.: Geo-rbac: A spatially aware RBAC. ACM Trans. Inf. Syst. Secur. 10(1), 2 (2007)
14. Enck, W., Ongtang, M., McDaniel, P.D.: On lightweight mobile phone application certification. In: Proceedings of CCS 2009, pp. 235-245. ACM, New York (2009)
15. F-Secure. Cabir, http://www.f-secure.com/v-descs/cabir.shtml
16. F-Secure. Pbstealer. A., http://www.f-secure.com/v-descs/pbstealer-a. shtml
17. Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: Automated security certification of android applications
18. Google. Android, http://www.android.com
19. Hypponen, M.: Mobile Malware. In: USENIX Security Symposium (August 2007), http://www.usenix.org/events/sec07/tech/hypponen.pdf (Invited Talk)
20. Moyer, M.J., Abamad, M.: Generalized role-based access control. In: 21st International Conference on Distributed Computing Systems, pp. 391-398 (April 2001) (Pubitemid 32478297)
21. Mulliner, C.: Security of Smart Phones. Master's thesis, Department of Computer Science, University of California Santa Barbara (June 2006)
22. Nauman, M., Khan, S., Alam, M., Zhang, X.: Apex: Extending android permission model and enforcement with user-defined runtime constraints. In: ASIACCS 2010, Beijing, China, April 13-16. ACM, New York (2010)
23. ABC usage control model. ACM Transactions on Information and System Security 7(1), 128-174 (2004)
24. Park, J., Sandhu, R.S.: Towards usage control models: beyond traditional access control. In: SACMAT, pp. 57-64 (2002)
25. Ray, I., Kumar, M., Yu, L.: LRBAC: A location-aware role-based access control model. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 147-161. Springer, Heidelberg (2006)
26. Android reference. Develope Guide, http://developer.android.com/guide/ index.html
27. Sandhu, R.S., Park, J.: Usage control: A vision for next generation access control. In: MMMACNS (2003)
28. Sandhu, R.S.: Role-based access control. Advances in Computers 46, 238-287 (1998) (Pubitemid 128153726)
29. Schmidt, A.-D., Peters, F., Lamour, F., Albayrak, S.: Monitoring smartphones for anomaly detection. In: MOBILWARE 2008. ICST (2007)
30. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: A comprehensive security assessment. IEEE Security & Privacy (2010)
31. Stevenne, J., Niezette, M.: An efficient symbolic representation of periodic time. In: Finin, T.W., Yesha, Y., Nicholas, C. (eds.) CIKM 1992. LNCS, vol. 752. Springer, Heidelberg (1993)
32. Xie, L., Zhang, X., Chaugule, A., Jaeger, T., Zhu, S.: Designing system-level defenses against ellphone malware. In: SRDS 2009, pp. 83-90 (September 2009)
33. Zhang, X., Aciiçmez, O., Seifert, J.-P.: A trusted mobile phone reference architecture via secure kernel. In: STC, pp. 7-14. ACM, New York (2007)
34. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. TISSEC 8(4), 351-387 (2005) (Pubitemid 43951886)