DR BACA: dynamic role based access control for Android
Source: DR BACA: dynamic role based access control for Android
Android, as an open platform, dominates the booming mobile market. However, its permission mechanism is inflexible and often results in over-privileged applications. This in turn creates severe security issues. Aiming to support the Principle of Least Privilege, we propose a Dynamic Role Based Access Control for Android (DR BACA) model and implement the DR BACA system to address these problems. Our system offers multi-user management on Android mobile devices, comparable to traditional workstations, and provides fine-grained Role Based Access Control (RBAC) to en- hance Android security at both the application and permission level. Moreover, by leveraging context-aware capabilities of mobile devices and Near Field communication (NFC) technology, our solution supports dynamic RBAC that provides more flexible access control while still being able to mitigate some of the most serious security risks on mobile devices. The DR BACA system is highly scalable, suitable for both end- users and large business environments. It simplifies configuration and management of Android devices and can help enterprises to deal with security issues by implementing a uniform security policy. We show that our DR BACA system can be deployed and used with eet:se. With a proper security policy, our evaluation shows that DR BACA can effectively mitigate the security risks posed by both malicious and vulnerable non-malicious applications while incurring only a small overall system overhead.