- Volume 20 Issue 1
DOI QR Code
Selective Management of System-level Access Permission in Android-based Application
안드로이드 기반 애플리케이션의 시스템 수준 접근 권한에 대한 선택적 관리
Jeong, Jongmun;Lee, Hoon;Hwang, Mintae
- Received : 2015.09.17
- Accepted : 2015.10.13
- Published : 2016.01.31
In this paper, we propose a new method to enhance an android security by exploiting a selective management of application permission. To that purpose, we analyze behavior of the current android security, via which we draw out possible vulnerabilities. After that, we develop a tool to implement the selective management of the application permission, witch has a function to give a permission selectively for the application when we install a new application. Via experiment we show validity of the developed tool in solving the drawn vulnerability in the current android security.
Android security;Permission management;Selective Management;System-level security
- Doug Olenlck. (2015, May). Apple iOS And Google Android Smartphone Market Share Flattening: IDC [Internet]. Available: http://www.forbes.com/sites/dougolenick/2015/05/27/apple-ios-and-google-android-smartphone-market-share-flattening-idc/.
- Intel Security. (2015, May). McAfee Labs Threat Report [Internet]. Available: http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2015.pdf.
- Taizo Sueyasu, "Application permission model and its management in a new version of Android M," Nikkei Communications, pp. 46-47, Jul. 2015.
- Dongmin Kim, Heeyoul Kim, "A Novel Android Permission Model Based on User's Policies," The Journal of Korean Institute of Information Technology, vol. 12, no. 5, pp. 101-106, May. 2014.
- Youngdong Kim, Ikhwan Kim, Taehyoun Kim, "Analysis of Usage Patterns and Security Vulnerabilities in Android Permissions and Broadcast Intent Mechanism," Korea Institute of Information Security and Cryptology, vol. 22, no. 5, pp. 1145-1157, Oct. 2012.
- Jongmun Jeong, Hoon Lee, Mintae Hwang, "A Study on Vulnerability of Information Security for Android-based Mobile System," Proc. of electronics and communications symposium, vol.4, no.1, pp.99-102, June 2015.
- Daeil Yang, Information Security Introduction. Hanbit Academy Inc., ch. 7, pp. 323-342, 2013.
- Univercity of Seoul Industry Cooperation Foundation, Analysis of Android Mobile Platform Security Model, Korea Internet & Security Agency, Ch. 4, pp. 74-126, Aug. 2010.
[Internet]. Available: http://developer.android.com/guide/topics/manifest/manifes t-element.html.
- Min Jae Jo, Ji Sun Shin, "Study on Security Vulnerabilities of Implicit Intents in Android," Korea Institute of Information Security and Cryptology, vol. 24, no. 6, pp. 1175-1184, Dec. 2014. https://doi.org/10.13089/JKIISC.2014.24.6.1175
- Android Developers. Verifying App Behavior on the Android Runtime (ART) [Internet]. Available: http://developer.android.com/guide/practices/verifying-apps-art.html.
- Android Open Source Project. ART and Dalvik [Internet]. Available: https://source.android.com/devices/tech/dalvik/.
- Android Developers. Android 5.0 Behavior Changes [Internet]. Available: https://developer.android.com/about/versions/android-5.0-changes.html.
- Android Developers. Signing Your Applications [Internet]. Available: https://developer.android.com/tools/publishing/app-signing.html.
- Android Developers. System Permissions [Internet]. Available:http://developer.android.com/guide/topics/security/permissions.html.
- Android Developers. (2015, September) Dashboards [Internet]. Available: https://developer.android.com/about/dashboards/index.html.
Supported by : Changwon National University