Abstract

Hybrid Mobile Applications are a new generation of mobile applications that have recently introduced new security challenges. In these applications, untrusted web content, such as an advertisement inside an embedded browser, has the same privileges as the entire application and can directly access the device resources. Unfortunately, existing access control mechanisms are very coarse-grained and do not provide adequate facilities for fine-grained access rule definition and enforcement in hybrid mobile applications. In this paper, we propose a fine-grained access control mechanism for privilege separation in hybrid mobile applications. Our proposed access control mechanism, called RestrictedPath, enables developers to define separate paths inside the application in which each path has restricted permissions. For preparing a fine-grained access control at the Android framework layer, RestrictedPath enforces access control at two different levels; browser level and Android access control system level. We have developed a proof-of-concept prototype of RestrictedPath for the Android open source project version 4.4.3 to illustrate its feasibility and to evaluate its overhead on the system. Our experiments show that RestrictedPath is practical, easy to use for developers, and has low performance overhead (in average 10 percent) on the device.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call