期刊名称:The International Arab Journal of Information Technology
印刷版ISSN:1683-3198
出版年度:2011
卷号:8
期号:4
出版社:Zarqa Private University
摘要:ndroid is among the new breed of smartphone software stacks. It is powerful yet friendly enough to be widely adopted by both the end users and the developer community. This adoption has led to the creation of a large number of third-party applications that run on top of the software stack accessing device resources and data. Users installing third party applications are provided information about which resources an application might use but have no way of restricting access to these resources if they wish to use the application. All permissions have to be granted or the application fails to install. In this paper, we present a fine-grained usage control model for Android that allows users to specify exactly what resources an application should be allowed access to. These decisions might be based on runtime constraints such as time of day or location of the device or on application attributes such as the number of SMSs already sent by the application. We give details of our implementation and describe an extended installer that provides an easy-to-use interface to the users for setting their policies. Our architecture only requires a minimal change to the existing code base and is thus compatible with the existing security mechanism. As a result, it has a high potential for adoption by the Android community at large
关键词:Security; mobile platforms; android; policy framework; and constraints
