research-article

Porscha: policy oriented secure content handling in Android

Authors:

Machigar Ongtang,

Kevin Butler,

Patrick McDanielAuthors Info & Claims

ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference

Pages 221 - 230

https://doi.org/10.1145/1920261.1920295

Published: 06 December 2010 Publication History

Get Access

Abstract

The penetration of cellular networks worldwide and emergence of smart phones has led to a revolution in mobile content. Users consume diverse content when, for example, exchanging photos, playing games, browsing websites, and viewing multimedia. Current phone platforms provide protections for user privacy, the cellular radio, and the integrity of the OS itself. However, few offer protections to protect the content once it enters the phone. For example, MP3-based MMS or photo content placed on Android smart phones can be extracted and shared with impunity. In this paper, we explore the requirements and enforcement of digital rights management (DRM) policy on smart phones. An analysis of the Android market shows that DRM services should ensure: a) protected content is accessible only by authorized phones b) content is only accessible by provider-endorsed applications, and c) access is regulated by contextual constraints, e.g., used for a limited time, a maximum number of viewings, etc. The Porscha system developed in this work places content proxies and reference monitors within the Android middleware to enforce DRM policies embedded in received content. A pilot study controlling content obtained over SMS, MMS, and email illustrates the expressibility and enforcement of Porscha policies. Our experiments demonstrate that Porscha is expressive enough to articulate needed DRM policies and that their enforcement has limited impact on performance.

References

[1]

Android Community ROM. http://www.cyanogenmod.com/, March 2010.

Google Scholar

[2]

I hate DRM: A site dedicated to reclaiming consumer digital rights. http://ihatedrm.com, June 2010.

Google Scholar

[3]

Mobile Watchdog. http://www.mymobilewatchdog.com/, January 2010.

Google Scholar

[4]

SMS Trap. http://www.smstrap.com/, January 2010.

Google Scholar

[5]

Stealth SMS. http://stealthsms.trusters.com/s_features.htm, January 2010.

Google Scholar

[6]

A5/1 Security Project. Creating A5/1 Rainbow Tables. http://reflextor.com/trac/a51, 2009.

Google Scholar

[7]

Apache Software Foundation. Apache James Mime4j. http://james.apache.org/mime4j/, March 2010.

Google Scholar

[8]

G. Appenzeller, L. Martin, and M. Schertler. Identity-Based Encryption Architecture and Supporting Data Structures, Jan. 2009. IETF RFC 5408.

Google Scholar

[9]

L. Bauer, S. Garriss, J. M. Mccune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled authorization in the grey system. In Proceedings of the 8th Information Security Conference (ISC'05), pages 431--445, 2005.

Digital Library

Google Scholar

[10]

E. Becker, W. Buhse, D. Günnewig, and N. Rump, editors. Digital Rights Management Technological, Economic, Legal and Political Aspects. Springer, 1 edition, 2003.

Digital Library

Google Scholar

[11]

D. Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing. In Proceedings of CRYPTO, 2001.

Digital Library

Google Scholar

[12]

J. Clause, W. Li, and A. Orso. Dytan: A Generic Dynamic Taint Analysis Framework. In Proceedings of the 2007 International Symposium on Software Testing and Analysis (ISSTA), pages 196--206, 2007.

Digital Library

Google Scholar

[13]

D. E. Denning. A Lattice Model of Secure Information Flow. Commun. ACM, 19(5):236--243, May 1976.

Digital Library

Google Scholar

[14]

O. Dunkelman, N. Keller, and A. Shamir. A Practical-Time Attack on the A5/3 Cryptosystem Used in Third Generation GSM Telephony. In Proceedings of the 30th Annual Cryptology Conference (CRYPTO 2010), 2010.

Digital Library

Google Scholar

[15]

J.-E. Ekberg and M. Kyläanpää. Mobile Trusted Module (MTM) - An Introduction. Technical Report NRC-TR-2007-015, Nokia Research Center, Helsinki, Finland, Nov. 2007.

Google Scholar

[16]

W. Enck, M. Ongtang, and P. McDaniel. On Lightweight Mobile Phone Application Certification. In Proceedings of ACM CCS, November 2009.

Digital Library

Google Scholar

[17]

Free Software Foundation, Inc. The Campaign to Eliminate DRM. http://www.defectivebydesign.org/, June 2010.

Google Scholar

[18]

Gartner. Gartner Says Worldwide Mobile Phone Sales to End Users Grew 8 Per Cent in Fourth Quarter 2009; Market Remained Flat in 2009. http://www.gartner.com/it/page.jsp?id=1306513, Feb. 2010.

Google Scholar

[19]

C. Gentry. Certificate-Based Encryption and the Certificate-Revocation Problem. Advances in Cryptology, 2656, January 2003.

Digital Library

Google Scholar

[20]

M. Gholami, S. M. Hashemi, and M. Teshnelab. A Framework for Secure Message Transmission Using SMS-Based VPN. Research and Practical Issues of Enterprise Information Systems II, 1:503--511, 2008.

Google Scholar

[21]

GigaOm. The Apple App Store Economy. http://gigaom.com/2010/01/12/the-apple-app-store-economy, Jan. 2010.

Google Scholar

[22]

J. Horwitz and B. Lynn. Toward Hierarchical Identity-Based Encryption. In Proceedings of EUROCRYPT '02, pages 466--481, London, UK, 2002. Springer-Verlag.

Digital Library

Google Scholar

[23]

J.-S. Hwu, R.-J. Chen, and Y.-B. Lin. An Efficient Identity-Based Cryptosystem for End-to-End Mobile Security. IEEE Trans. Wireless Comm., 5(9):2586--2593, September 2006.

Digital Library

Google Scholar

[24]

R. Iannella. Digital Rights Management (DRM) Architectures. D-Lib Magazine, 7(6), 2001.

Crossref

Google Scholar

[25]

IETF Network Working Group. Post Office Protocol - Version 3. http://www.ietf.org/rfc/rfc1939.txt, May 1996.

Google Scholar

[26]

IETF Network Working Group. Internet Message Access Protocol - Version 4, rev1. http://www.ietf.org/rfc/rfc1939.txt, March 2003.

Google Scholar

[27]

IETF Network Working Group. DNS Security Introduction and Requirements. http://www.ietf.org/rfc/rfc4033.txt, March 2005.

Google Scholar

[28]

ITU. Measuring the Information Society. http://www.itu.int/ITU-D/ict/publications/idi/2010/index.html, 2010.

Google Scholar

[29]

S. Jobs. Thoughts on Music. http://www.apple.com/hotnews/thoughtsonmusic/, February 2007.

Google Scholar

[30]

M. Kirkpatrick and E. Bertino. Enforcing Spatial Constraints for Mobile RBAC Systems. In Proceedings of the 15th ACM symposium on Access control models and technologies, 2010.

Digital Library

Google Scholar

[31]

B. Lee, C. Boyd, E. Dawson, K. Kim, J. Yang, and S. Yoo. Secure Key Issuing in ID-based Cryptography. In Proceedings of the ACSW Frontiers Workshop, 2004.

Digital Library

Google Scholar

[32]

P. A. Loscocco, P. W. Wilson, J. A. Pendergrass, and C. D. McDonell. Linux Kernel Integrity Measurement Using Contextual Inspection. In Proceedings of ACM STC, 2007.

Digital Library

Google Scholar

[33]

Microsoft Corporation. ActiveSync HTTP Protocol Specification, version 6.0. http://msdn.microsoft.com/en-us/library/dd299446(EXCHG. 80).aspx, May 2010.

Google Scholar

[34]

Microsoft Corporation. Microsoft PlayReady. http://www.microsoft.com/playready/default.mspx, June 2010.

Google Scholar

[35]

D. Muthukumaran, A. Sawani, J. Schiffman, B. M. Jung, and T. Jaeger. Measuring Integrity on Mobile Phone Systems. In Proceedings of ACM SACMAT, June 2008.

Digital Library

Google Scholar

[36]

M. Ongtang, S. McLaughlin, W. Enck, and P. McDaniel. Semantically Rich Application-Centric Security in Android. In Proceedings of Annual Computer Security Applications Conference (ACSAC), December 2009.

Digital Library

Google Scholar

[37]

Open Mobile Alliance Ltd. Rights Expression Language Version 1.0. Technical Report OMA-Download-DRMREL-V1_0-20040615-A, Open Mobile Alliance, June 2004.

Google Scholar

[38]

Open Mobile Alliance Ltd. DRM Architecture 2.0.1. Technical Report OMA-AD-DRM-V2_0_1-20080226-A, Open Mobile Alliance, February 2008.

Google Scholar

[39]

Open Mobile Alliance Ltd. DRM Rights Expression Language Version 2.0.2. Technical Report OMA-TS-DRM_REL-V2_0_2-20080723-A, Open Mobile Alliance, July 2008.

Google Scholar

[40]

PacketVideo Corporation. Content Policy Manager Developer's Guide OHA 1.0 r.1. November 2008.

Google Scholar

[41]

PacketVideo Corporation. PV Android DivX Premium Package. July 2009.

Google Scholar

[42]

PacketVideo Corporation. PV Android Windows Media Package. November 2009.

Google Scholar

[43]

Portio Research. Mobile Messaging Futures 2010--2014: Analysis and Growth Forecsts for Mobile Messaging Markets Worldwide, 2010.

Google Scholar

[44]

V. Rao and T. Jaeger. Dynamic Mandatory Access Control for Multiple Stakeholders. In Proceedings of ACM SACMAT, June 2009.

Digital Library

Google Scholar

[45]

R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. In Proceedings of the 13th USENIX Security Symposium, Aug. 2004.

Digital Library

Google Scholar

[46]

A. Shabtai, Y. Fledel, and Y. Elovici. Securing Android-Powered Mobile Devices Using SELinux. IEEE Security and Privacy, 8:36--44, 2010.

Digital Library

Google Scholar

[47]

S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a Linux Security Module. Technical Report 01--043, NAI Labs, 2001.

Google Scholar

[48]

M. Smith, C. Schridde, B. Agel, and B. Freisleben. Securing Mobile Phone Calls with Identity-Based Cryptography. LNCS: Advances in Information Security and Assurance, 5576:210--222, June 2009.

Digital Library

Google Scholar

[49]

TCG. TPM Main: Part 1 - Design Principles. Specification Version 1.2, Level 2 Revision 103. 2007.

Google Scholar

[50]

P. Traynor, P. McDaniel, and T. La Porta. Security for Telecommunications Networks. Advances in Information Security. Springer, July 2008.

Digital Library

Google Scholar

[51]

Z. Wan, K. Ren, and B. Preneel. A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for Mobile Networks. In Proceedings of ACM WiSec, 2008.

Digital Library

Google Scholar

[52]

H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: Capturing System-Wide Information Flow for Malware Detection and Analysis. In Proceedings of ACM CCS, 2007.

Digital Library

Google Scholar

Cited By

View all

V.T JAmala Bai V(2023)Analysis of Security and Privacy Challenges Associated with Byod in the Education Sector: State-of-the-Art Strategy2023 7th International Conference on Trends in Electronics and Informatics (ICOEI)10.1109/ICOEI56765.2023.10125767(665-675)Online publication date: 11-Apr-2023
https://doi.org/10.1109/ICOEI56765.2023.10125767
Salles-Loustau GSadhu VGarcia LJoshi KPompili DZonouz S(2022)Don't Just BYOD, Bring-Your-Own-App Too! Protection via Virtual Micro Security PerimetersIEEE Transactions on Mobile Computing10.1109/TMC.2020.300085221:1(76-92)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TMC.2020.3000852
Li YLei LWang YJing JZhou Q(2022)TrustSAMP: Securing Streaming Music Against Multivector Attacks on ARM PlatformIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.317027417(1709-1724)Online publication date: 2022
https://doi.org/10.1109/TIFS.2022.3170274
Show More Cited By

Index Terms

Porscha: policy oriented secure content handling in Android

Recommendations

An automated testing approach for inter-application security in Android
AST 2014: Proceedings of the 9th International Workshop on Automation of Software Test

Recently, Google Android has occupied a major market share of mobile phone systems as a result of its openness for developers and richness for users. By the distribution channels of the Android market, both development and use of Android applications ...
Analyzing inter-application communication in Android
MobiSys '11: Proceedings of the 9th international conference on Mobile systems, applications, and services

Modern smartphone operating systems support the development of third-party applications with open system APIs. In addition to an open API, the Android operating system also provides a rich inter-application message passing system. This encourages inter-...
An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide Web

With the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...

Reviews

Reviewer: Eduardo B. Fernandez

There is little protection for the content downloaded to cell phones. In Android, it is up to the programmers to define what their applications can access-malicious applications can exploit this in order to access unauthorized data. The Open Mobile Alliance (OMA), a consortium of phone manufacturers, defined digital rights management (DRM) requirements to enforce control of access to content. However, its granularity is too coarse: it does not protect content that is already on a phone because the rights are assigned to the whole phone, not to specific applications. To improve this situation, this paper proposes a policy-based access control system (Porscha) that protects the content when it is delivered to the phone and once it is on the phone. This clear and well-written paper provides a concise survey of the main system and application features of Android architectures, with particular emphasis on security. It starts with a description of a phone's uses, trying to understand its threats and define security requirements for the system; a set of DRM policies is defined from this analysis. The authors then analyze how content is delivered and used by applications, as well as any threats. They define a trusted computing base (TCB) and consider the network to be untrusted because of the deficiencies of current encryption approaches. In order to protect content in transit, they define a type of public key infrastructure (PKI) that uses identity-based public keys. They also propose a mediator to enforce policies for the content on the phone. The paper evaluates the cost (overhead) of policy enforcement and finds it to be reasonable. The authors' security evaluation includes protecting the private key, dealing with recipients without Porscha, and their assumptions about the level of trust on the platform, including Android and the Linux kernel. They also discuss Porscha as an access control system for content. The paper includes a good set of references. This excellent paper will be very useful to readers who work in this field or who are concerned with the security of wireless applications. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACSAC '10: Proceedings of the 26th Annual Computer Security Applications Conference

December 2010

419 pages

ISBN:9781450301336

DOI:10.1145/1920261

Conference Chair:
Carrie Gates
CA Labs
,
Program Chairs:
Michael Franz
University of California, Irvine
,
John McDermott
Naval Research Lab

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ACSAC '10

Sponsor:

ACSA

ACSAC '10: 2010 Annual Computer Security Applications Conference

December 6 - 10, 2010

Texas, Austin, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

51
Total Citations
View Citations
1,858
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

V.T JAmala Bai V(2023)Analysis of Security and Privacy Challenges Associated with Byod in the Education Sector: State-of-the-Art Strategy2023 7th International Conference on Trends in Electronics and Informatics (ICOEI)10.1109/ICOEI56765.2023.10125767(665-675)Online publication date: 11-Apr-2023
https://doi.org/10.1109/ICOEI56765.2023.10125767
Salles-Loustau GSadhu VGarcia LJoshi KPompili DZonouz S(2022)Don't Just BYOD, Bring-Your-Own-App Too! Protection via Virtual Micro Security PerimetersIEEE Transactions on Mobile Computing10.1109/TMC.2020.300085221:1(76-92)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TMC.2020.3000852
Li YLei LWang YJing JZhou Q(2022)TrustSAMP: Securing Streaming Music Against Multivector Attacks on ARM PlatformIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.317027417(1709-1724)Online publication date: 2022
https://doi.org/10.1109/TIFS.2022.3170274
Wang YChen YYe FLiu HYang J(2019)Implications of smartphone user privacy leakage from the advertiser’s perspectivePervasive and Mobile Computing10.1016/j.pmcj.2018.12.00653(13-32)Online publication date: Feb-2019
https://doi.org/10.1016/j.pmcj.2018.12.006
Bakour KÜnver HGhanem R(2019)The Android malware detection systems between hope and realitySN Applied Sciences10.1007/s42452-019-1124-x1:9Online publication date: 29-Aug-2019
https://doi.org/10.1007/s42452-019-1124-x
Farinella GNapoli CNicotra GRiccobene S(2019)A context-driven privacy enforcement system for autonomous media capture devicesMultimedia Tools and Applications10.1007/s11042-019-7376-z78:10(14091-14108)Online publication date: 1-May-2019
https://dl.acm.org/doi/10.1007/s11042-019-7376-z
Stach CMitschang BHaddad HWainwright RChbeir R(2018)Curator --- a secure shared object storeProceedings of the 33rd Annual ACM Symposium on Applied Computing10.1145/3167132.3167190(533-540)Online publication date: 9-Apr-2018
https://dl.acm.org/doi/10.1145/3167132.3167190
Hussain MZaidan AZidan BIqbal SAhmed MAlbahri OAlbahri A(2018)Conceptual framework for the security of mobile health applications on Android platformTelematics and Informatics10.1016/j.tele.2018.03.00535:5(1335-1354)Online publication date: Aug-2018
https://doi.org/10.1016/j.tele.2018.03.005
Muhammad MAyesh AZadeh P(2017)Developing an Intelligent Filtering Technique for Bring Your Own Device Network Access ControlProceedings of the International Conference on Future Networks and Distributed Systems10.1145/3102304.3105573(1-8)Online publication date: 19-Jul-2017
https://dl.acm.org/doi/10.1145/3102304.3105573
Costa MDuarte NSantos NFerreira P(2017)TrUbiProceedings of the 18th ACM International Symposium on Mobile Ad Hoc Networking and Computing10.1145/3084041.3084066(1-10)Online publication date: 10-Jul-2017
https://dl.acm.org/doi/10.1145/3084041.3084066
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

An automated testing approach for inter-application security in Android

Analyzing inter-application communication in Android

An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective

Reviews

Access critical reviews of Computing literature here