Return to search

An extension to the Android access control framework

Several nice hardware functionalities located at the low level of operating system onmobile phones could be utilized in a better way if they are available to applicationdevelopers. With their help, developers are able to bring overall user experienceto a new level in terms of developing novel applications. For instance, one of thosehardware functionalities, SIM-card authentication is able to offer stronger andmore convenient way of authentication when compared to the traditional approach.Replacing the username-password combination with the SIM-card authentication,users are freed from memorizing passwords. However, since normally those kindsof functionalities are locked up at the low level, they are only accessible by a fewusers who have been given privileged access rights. To let the normal applicationsbe benefiting as well, they need to be made accessible at the application level. Onthe one hand, as we see the benefit it will bring to us, there is a clear intentionto open it up, however, on the other hand, there is also a limitation resultingfrom their security-critical nature that needs to be placed when accessing whichis restricting the access to trusted third parties. Our investigation is based on the Android platform. The problem that we havediscovered is the existing security mechanism in Android is not able to satisfy everyregards of requirements we mentioned above when exposing SIM-card authenticationfunctionality. Hence, our requirement on enhancing the access control modelof Android comes naturally. In order to better suit the needs, we proposed a solutionWhite lists & Domains (WITDOM) to improve its current situation in thethesis. The proposed solution is an extension to the existing access control modelin Android that allows alternative ways to specify access controls therefore complementingthe existing Android security mechanisms. We have both designedand implemented the solution and the result shows that with the service that weprovided, critical functionalities, such as APIs for the low-level hardware functionalitycan retain the same level of protection however in the meanwhile, with moreflexible protection mechanism.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-73064
Date January 2011
CreatorsHuang, Qing
PublisherLinköpings universitet, Institutionen för datavetenskap
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.002 seconds