@inproceedings{6338016e2eb04c8298aa91ece0f0a76e,
title = "An effective access control scheme for preventing permission leak in Android",
abstract = "In the Android system, each application runs in its own sandbox, and the permission mechanism is used to enforce access control to the system APIs and applications. However, permission leak could happen when an application without certain permission illegally gain access to protected resources through other privileged applications. We propose SPAC, a component-level system permission based access control scheme that can help developers better secure the public components of their applications. In the SPAC scheme, obscure custom permissions are replaced by explicit system permissions. We extend current permission checking mechanism so that multiple permissions are supported on component level. SPAC has been implemented on a Nexus 4 smartphone, and our evaluation demonstrates its effectiveness in mitigating permission leak vulnerabilities.",
keywords = "Permission leak, access control, smartphone security",
author = "Longfei Wu and Xiaojiang Du and Hongli Zhang",
note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 2015 International Conference on Computing, Networking and Communications, ICNC 2015 ; Conference date: 16-02-2015 Through 19-02-2015",
year = "2015",
month = mar,
day = "26",
doi = "10.1109/ICCNC.2015.7069315",
language = "英语",
series = "2015 International Conference on Computing, Networking and Communications, ICNC 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "57--61",
booktitle = "2015 International Conference on Computing, Networking and Communications, ICNC 2015",
address = "美国",
}