Paper Info
Title
Constroid: data-centric access control for android
Abstract
We introduce Constroid, a data-centric security policy management framework for Android. It defines a new middleware which allows the developer to specify well defined data items of fine granularity. For these data items, Constroid administrates security policies which are based on the usage control model. They can only be modified by the user of an application not by the applications itself. We use Con-stroid's middle-ware to protect the security policies, ensure consistency between a data item and its corresponding security policy, and describe how our prototype implementation can enforce a subset of possible usage control policies. In this way, our contribution shows how we overcome the rigid API-driven approach to security in Android. The structure and implementation of our framework is presented and discussed in terms of security, performance, and usability.
Year
DOI
Venue
2012
10.1145/2245276.2232012
SAC
Keywords
Field
DocType
data-centric access control,data item,usage control model,corresponding security policy,constroid administrates security policy,new middleware,security policy,possible usage control policy,prototype implementation,fine granularity,data-centric security policy management,privacy,middleware,access control,android
Security testing,Network security policy,Computer security,Computer science,Information security standards,Security service,Cloud computing security,Human-computer interaction in information security,Security information and event management,Computer security model
Conference
Citations 
PageRank 
References 
4
0.40
14
Authors
3
Name
Order
Citations
PageRank
Daniel Schreckling1719.11
Joachim Posegga246049.12
Daniel Hausknecht340.40