TY - GEN
T1 - Checking interaction-based declassification policies for android using symbolic execution
AU - Micinski, Kristopher
AU - Fetter-Degges, Jonathan
AU - Jeon, Jinseong
AU - Foster, Jeffrey S.
AU - Clarkson, Michael R.
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2015.
PY - 2015
Y1 - 2015
N2 - Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based declassification policies, in which the user’s interactions with the app constrain the release of sensitive information. Our policies are defined extensionally, so as to be independent of the app’s implementation, based on sequences of security-relevant events that occur in app runs. Policies use LTL formulae to precisely specify which secret inputs, read at which times, may be released. We formalize a semantic security condition, interaction-based noninterference, to define our policies precisely. Finally, we describe a prototype tool that uses symbolic execution of Dalvik bytecode to check interaction-based declassification policies for Android, and we show that it enforces policies correctly on a set of apps.
AB - Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based declassification policies, in which the user’s interactions with the app constrain the release of sensitive information. Our policies are defined extensionally, so as to be independent of the app’s implementation, based on sequences of security-relevant events that occur in app runs. Policies use LTL formulae to precisely specify which secret inputs, read at which times, may be released. We formalize a semantic security condition, interaction-based noninterference, to define our policies precisely. Finally, we describe a prototype tool that uses symbolic execution of Dalvik bytecode to check interaction-based declassification policies for Android, and we show that it enforces policies correctly on a set of apps.
KW - Information flow
KW - Program analysis
KW - Symbolic execution
UR - http://www.scopus.com/inward/record.url?scp=84951756575&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84951756575&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-24177-7_26
DO - 10.1007/978-3-319-24177-7_26
M3 - Conference contribution
AN - SCOPUS:84951756575
SN - 9783319241760
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 520
EP - 538
BT - Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings
A2 - Pernul, Günther
A2 - Ryan, Peter Y.A.
A2 - Weippl, Edgar
PB - Springer Verlag
T2 - 20th European Symposium on Research in Computer Security, ESORICS 2015
Y2 - 21 September 2015 through 25 September 2015
ER -