Securing Enterprise Data on Smartphones Using Run Time Information Flow Control

Kodeswaran, P., Nandakumar, V., Kapoor, S.,Kamaraju, P.

Mobile Data Management(2012)

引用 54|浏览0
暂无评分
摘要
There is an increasing penetration of smart phones within enterprises. Most smart phone users now run both enterprise as well as personal applications simultaneously on their phones. However, most of the personal apps that are downloaded from public market places are hardly tested for enterprise grade security, and there have been instances of malware appearing in public markets that steal sensitive user information. Smart phone platforms such as Android require users to explicitly provide permissions to applications at install time, yet lack run time monitoring of permission usage by applications. In this paper, we present a framework for the run time enforcement of privacy policies on smart phones, in particular, protecting the privacy of enterprise data on smart phones. Our privacy policies are defined in terms of permissible information flows on the phone during different contexts. This arms users with finer grained control over information access by different applications. In our policy framework, an information flow is defined based on the entities involved in the corresponding inter-process communication(IPC) viz, the caller, callee and the associated IPC data. The information flow policy specifies the conditions under which an IPC flow may be permitted (or denied). Our system tracks information flows at run time and enforces that only flows satisfying all the current policies are permitted on the phone. We describe the design and implementation of our policy based framework in Android, and present performance evaluation results measuring the overhead imposed by our framework.
更多
查看译文
关键词
business data processing,data privacy,invasive software,operating systems (computers),smart phones,Android,enterprise data security,enterprise grade security,information flow policy,inter-process communication,malware,performance evaluation,permission usage,personal application,personal apps,privacy protection,public market place,run time enforcement,run time information flow control,run time monitoring,smartphone,policy,privacy,security,smart phones
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要