Jiaqi Tan, Utsav Drolia, Rolando Martins, R. Gandhi, P. Narasimhan
{"title":"STOVEPipe: Observable Access Control of User Data for Untrusted Applications on Mobile Devices","authors":"Jiaqi Tan, Utsav Drolia, Rolando Martins, R. Gandhi, P. Narasimhan","doi":"10.1109/CloudCom.2014.118","DOIUrl":null,"url":null,"abstract":"The rapid growth in mobile devices will give rise to the trend of the leasing out of compute and data resources on mobile devices to third-parties for applications to be run on multiple mobile devices. However, these third-party applications running on leased mobile devices are typically written by unknown entities, and cannot be trusted by mobile device owners. Current mobile device platforms (e.g. Android) have permissions and access control systems designed for mobile apps that are written by reputable developers and vetted by authoritative app stores, and they are not suitable for untrusted apps. We propose STOVEPipe, an observable access control system for user data on mobile devices for untrusted third-party applications. STOVEPipe ensures that untrusted code is isolated and cannot directly access system data, and performs all data accesses on behalf of untrusted apps. This enables STOVEPipe to observe all data accessed by untrusted apps, implement content-based access control, perform accounting and auditing on accessed data easily, and perform privacy-preserving data transformations.","PeriodicalId":249306,"journal":{"name":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CloudCom.2014.118","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The rapid growth in mobile devices will give rise to the trend of the leasing out of compute and data resources on mobile devices to third-parties for applications to be run on multiple mobile devices. However, these third-party applications running on leased mobile devices are typically written by unknown entities, and cannot be trusted by mobile device owners. Current mobile device platforms (e.g. Android) have permissions and access control systems designed for mobile apps that are written by reputable developers and vetted by authoritative app stores, and they are not suitable for untrusted apps. We propose STOVEPipe, an observable access control system for user data on mobile devices for untrusted third-party applications. STOVEPipe ensures that untrusted code is isolated and cannot directly access system data, and performs all data accesses on behalf of untrusted apps. This enables STOVEPipe to observe all data accessed by untrusted apps, implement content-based access control, perform accounting and auditing on accessed data easily, and perform privacy-preserving data transformations.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
