谷歌浏览器插件
订阅小程序
在清言上使用

DR BACA: dynamic role based access control for Android

ACSAC '13: Proceedings of the 29th Annual Computer Security Applications Conference(2013)

引用 31|浏览1
暂无评分
摘要
Android as an open platform dominates the booming mobile market. However its permission mechanism is inflexible and often results in over-privileged applications. This in turn creates severe security issues. Aiming to support the Principle of Least Privilege, we propose and implement a Dynamic Role Based Access Control for Android (DR BACA) model to enhance Android security, particularly in corporate environment. Our system offers multi-user management on Android mobile devices comparable to traditional workstations, and provides fine-grained Role Based Access Control (RBAC) to enhance Android security at both the application and permission level. Moreover, by leveraging context-aware capabilities of mobile devices and Near Field communication (NFC) technology, our solution supports dynamic RBAC to provide more flexible access control while still being able to mitigate some of the most serious security risks on mobile devices. The DR BACA system can easily be managed, even in large business environments with many mobile devices. We show that our DR BACA system can be deployed and used with ease. With a proper security policy, our evaluation shows that DR BACA can effectively mitigate the security risks posed by both malicious and vulnerable non-malicious applications while incurring only a small overall system overhead.
更多
查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要