Towards a Framework for Android Security Modules: Extending SE Android Type Enforcement to Android Middleware

Smartphones and tablets have become an integral part of our daily life. They increasingly store and process security and privacy sensitive data which makes them attractive targets for attackers. In particular for the popular Android OS, a number of security extensions have been proposed that target specific security and privacy problems caused by Android’s lack of a fine-grained, dynamic and system-wide mandatory access control. In this paper, we tackle the challenge of providing a generic security architecture for the Android OS that can serve as a flexible and effective ecosystem to instantiate different security solutions. In contrast to prior work our security architecture, termed FlaskDroid, provides mandatory access control simultaneously on both Android’s middleware and kernel layers in a consolidated manner. The synchronization of policy enforcement between the two layers is non-trivial due to their completely different semantics. We present an efficient policy language (inspired by SELinux) tailored to the specifics of Android’s middleware semantics. We show the flexibility of our architecture by policy-driven instantiations of selected security models: one is from the existing work (Saint) while the other one is a new privacy-protecting, userdefined and fine-grained per-app access control model. Other possible instantiations include phone booth mode, or dual persona phone. Finally we evaluate our implementation on SE Android 4.0.4 illustrating its efficiency and effectiveness.