Design and Implementation of a Fine-grained Resource Usage Model for the Android Platform
Mohammad Nauman1 and Sohail Khan2
1Department of Computer Science, University of Peshawar, Pakistan
2School of Electrical Engineering and Computer Science, NUST, Pakistan
1Department of Computer Science, University of Peshawar, Pakistan
2School of Electrical Engineering and Computer Science, NUST, Pakistan
Abstract: ndroid is among the new breed of smartphone software stacks. It is powerful yet friendly enough to be widely adopted by both the end users and the developer community. This adoption has led to the creation of a large number of third-party applications that run on top of the software stack accessing device resources and data. Users installing third party applications are provided information about which resources an application might use but have no way of restricting access to these resources if they wish to use the application. All permissions have to be granted or the application fails to install. In this paper, we present a fine-grained usage control model for Android that allows users to specify exactly what resources an application should be allowed access to. These decisions might be based on runtime constraints such as time of day or location of the device or on application attributes such as the number of SMSs already sent by the application. We give details of our implementation and describe an extended installer that provides an easy-to-use interface to the users for setting their policies. Our architecture only requires a minimal change to the existing code base and is thus compatible with the existing security mechanism. As a result, it has a high potential for adoption by the Android community at large.
Keywords: Security, mobile platforms, android, policy framework, and constraints.
Received February 1, 2010; accepted March 9, 2010