Secure Storage on Android with Context-Aware Access Control
نویسندگان
چکیده
Android devices are increasingly used in corporate settings. Although openness and cost-effectiveness are key factors to opt for the platform, its level of data protection is often inadequate for corporate use. This paper presents a strategy for secure credential and data storage in Android. It is supplemented by a context-aware mechanism that restricts data availability according to predefined policies. Our approach protects stored data better than iOS in case of device theft. Contrary to other Android-based solutions, we do not depend on device brand, hardware specs, price range or platform version. No modifications to the operating system are required. The proposed concepts are validated by a contextaware file management prototype.
منابع مشابه
CAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملImproving Mobile Device Security with Operating System-Level Virtualization
In this paper, we propose a lightweight mechanism to isolate one or more Android userland instances from a trustworthy and secure entity. This entity controls and manages the Android instances and provides an interface for remote administration and management of the device and its software. Our approach includes several security extensions for secure network access, integrity protection of data...
متن کاملA Benchmark for Context Data Management in Mobile Context-Aware Applications
Over the last few years, computational power, storage capacity, and sensing capabilities of mobile devices have significantly improved. As a consequence, they have undergone a rapid development from pure telecommunication devices to small and ubiquitous computing platforms. Most importantly, these devices are able to host context-aware applications, i.e., applications that are automatically adj...
متن کامل