{"title":"Checking Intent-based Communication in Android with Intent Space Analysis","authors":"Yiming Jing, Gail-Joon Ahn, Adam Doupé, J. Yi","doi":"10.1145/2897845.2897904","DOIUrl":null,"url":null,"abstract":"Intent-based communication is an inter-application communication mechanism in Android. While its importance has been proven by plenty of security extensions that protect it with policy-driven mandatory access control, an overlooked problem is the verification of the security policies. Checking one security extension's policy is indeed complex. Furthermore, intent-based communication introduces even more complexities because it is mediated by multiple security extensions that respectively enforce their own incompatible, distributed, and dynamic policies. This paper seeks a systematic approach to address the complexities involved in checking intent-based communication. To this end, we propose intent space analysis. Intent space analysis formulates the intent forwarding functionalities of security extensions as transformations on a geometric intent space. We further introduce a policy checking framework called IntentScope that proactively and automatically aggregates distributed policies into a holistic and verifiable view. We evaluate our approach against customized Android OSs and commodity Android devices. In addition, we further conduct experiments with four security extensions to demonstrate how our approach helps identify potential vulnerabilities in each extension.","PeriodicalId":166633,"journal":{"name":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2897845.2897904","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 19
Abstract
Intent-based communication is an inter-application communication mechanism in Android. While its importance has been proven by plenty of security extensions that protect it with policy-driven mandatory access control, an overlooked problem is the verification of the security policies. Checking one security extension's policy is indeed complex. Furthermore, intent-based communication introduces even more complexities because it is mediated by multiple security extensions that respectively enforce their own incompatible, distributed, and dynamic policies. This paper seeks a systematic approach to address the complexities involved in checking intent-based communication. To this end, we propose intent space analysis. Intent space analysis formulates the intent forwarding functionalities of security extensions as transformations on a geometric intent space. We further introduce a policy checking framework called IntentScope that proactively and automatically aggregates distributed policies into a holistic and verifiable view. We evaluate our approach against customized Android OSs and commodity Android devices. In addition, we further conduct experiments with four security extensions to demonstrate how our approach helps identify potential vulnerabilities in each extension.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
