Extending Mandatory Access Control Policies in Android
Solutions like SELinux have recently regenerated interest toward Mandatory Access Control (MAC) models. The role of MAC models can be expected to increase in modern systems, which are exposed to significant threats and manage high-value resources, due to the stronger protection they are able to offer. Android is a significant representative of these novel systems and the integration of MAC models is an important recent development in its security architecture. Opportunities indeed exist to further enrich the support offered by MAC models, increasing their flexibility and integrating them with other components of the system. We discuss a number of proposals that have recently been made in this domain.
First, we illustrate the integration of SELinux and SQLite, named SeSQLite, which permits to apply MAC permissions at a fine granularity into relational databases, offering both a schema-level and row-level support. Then, AppPolicyModules are presented, which let app developers specify extensions to the system-level policy that protect the resources of each specific app. Finally, an integration between SELinux and the interprocess communication services is proposed, to further regulate the cooperation among separate apps and services. All these enhancements lead to a stronger and more detailed support of the complex security requirements that characterize modern environments.
The authors would like to thank Ivo Carminati, Paolo Carrara, Stefano Cattaneo, Valentina Centurelli, Andrea Durelli, Kevin Gotti, Niccoló Mangiagalli, Giada Mariani, Francesco Marrazzo, Simone Opreni, Jacopo Ratti, Marco Rosa, Gabriele Scotti, Paolo Vavassori, and Davide Vimercati for support in the implementation of the systems and in the experimental evaluation. This work was partially supported by a Google Research Award (winter 2014), by the Italian Ministry of Research within the PRIN project “GenData 2020” and by the EC within the 7FP and H2020 program, respectively, under projects PoSecCo (257129) and EscudoCloud (644579).
- 1.Arrigoni Neri, M., Guarnieri, M., Magri, E., Mutti, S., Paraboschi, S.: Conflict detection in security policies using semantic web technology. In: Proceedings of IEEE ESTEL - Security Track (2012)Google Scholar
- 2.Bacis, E., Mutti, S., Paraboschi, S.: AppPolicyModules: mandatory access control for third-party Apps. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 309–320. ACM (2015)Google Scholar
- 3.Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing inter-application communication in Android. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, pp. 239–252. ACM (2011)Google Scholar
- 4.Denning, D.E., Akl, S.G., Morgenstern, M., Neumann, P.G., Schell, R.R., Heckman, M.: Views for multilevel database security. In: 1986 IEEE Symposium on Security and Privacy, p. 156. IEEE (1986)Google Scholar
- 5.Guarnieri, M., Arrigoni Neri, M., Magri, E., Mutti, S.: On the notion of redundancy in access control policies. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies, pp. 161–172. ACM (2013)Google Scholar
- 6.Knox, D.: Effective Oracle Database 10g Security by Design. McGraw-Hill Inc., New York (2004)Google Scholar
- 7.Lepreau, J., Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D.: The flask security architecture: system support for diverse security policies. In: Secure Computing Corp, Saint Paul, MN (2006)Google Scholar
- 8.Mutti, S., Bacis, E., Paraboschi, S.: An SELinux-based Intent manager for Android. In: IEEE Conference on Communications and Network Security, Florence, Italy, September 2015Google Scholar
- 9.Mutti, S., Bacis, E., Paraboschi, S.: Policy specialization to support domain isolation. In: SafeConfig 2015: Automated Decision Making for Active Cyber Defense, Denver, Colorado, USA, October 2015Google Scholar
- 10.Mutti, S., Bacis, E., Paraboschi, S.: SeSQLite: security enhanced SQLite. In: Annual Computer Security Applications Conference 2015 (ACSAC 2015), Los Angeles, California, USA, December 2015Google Scholar
- 11.Mutti, S., Neri, M.A., Paraboschi, S.: An eclipse plug-in for specifying security policies in modern information systems. In: Proceedings of the Eclipse-IT (2011)Google Scholar
- 14.Schaufler, C.: Smack in embedded computing. In: Proceedings of the Ottawa Linux Symposium (2008)Google Scholar
- 15.Smalley, S., Craig, R.: Security Enhanced (SE) Android: bringing flexible MAC to Android. In: Network and Distributed System Security Symposium (NDSS 13) (2013)Google Scholar