Cassandra: Towards a Certifying App Store for Android.

Modern mobile devices store and process an abundance of data. Although many users consider some of this data as private, they do not yet obtain satisfactory support for controlling what applications might do with their data. In this article, we propose Cassandra, a tool that enables users of mobile devices to check whether Android apps comply with their personal privacy requirements before installing these apps. Beyond this, Cassandra implements the core functionality of a conventional app store, including the browsing of available apps and the delivery of apps for installation. Cassandra performs the security analysis of apps on a server. However, a user does not need to trust this server because Cassandra employs the proof-carrying code paradigm such that the server's analysis result can be validated on the client. We have proven that Cassandra's security analysis soundly detects all potential information leaks, i.e., all flows of information that violate a user's privacy policy.