This paper discuss the main security topic in mobile security area and this topic is protect user against the leakage of data. This work primarily contains the proposal of concept of dynamic permission mechanism for Android operating system. This mechanism deals with assignment or enforcement permissions to the application according to files that the application works with. Application has set of permissions that can use, but if the user opens confident files the application permissions should change its permission set and there should not be possible leakage of this secret data. The permissions set should be stricter according to opened confidential file or more open (without restriction) if the file is not secret file. The concept proposes the solution for protecting this data leakage. Idea covers rule that user should be avoided of change this permissions himself, but this behavior should be dynamic, automatic and independent. This proposal is mainly aimed to Android operating system, but the concept can be applied to other mobile platforms with some implementation changes.

Topics
Software engineering
1.
Top 10 Mobile phones operating systems
http://www.shoutmeloud.com/top-mobile-os-overview.html [retrieved:
July., 2015
]
2.
Kern
,
M.
, &
Sametinger
,
J.
 (
2012
).
Permission Tracking in Android
. In
The Sixth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies UBICOMM
(pp.
148
155
).
Google Scholar
 
3.
Developers
,
A.
 (
2011
).
What is android
4.
Song
,
Y.
 (
2014
). “
Bring Your Own Device (BYOD)” for seamless science inquiry in a primary school
.
Computers & Education
,
74
,
50
60
.
https://doi.org/10.1016/j.compedu.2014.01.005
Crossref
Search ADS
Google Scholar
 
M. P.
Brown
 and
K.
Austin
,
Appl. Phys. Letters
85
,
2503
2504
(
2004
).
https://doi.org/10.1063/1.1786365
Crossref
Search ADS
5.
Oh
,
H. S.
,
Kim
,
B. J.
,
Choi
,
H. K.
, &
Moon
,
S. M.
 (
2012, October
).
Evaluation of Android Dalvik virtual machine
. In
Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems
(pp.
115
124
).
ACM
.
Crossref
Search ADS
 
6.
Cinar
,
O.
 (
2015
). Android Platform. In
Android Quick APIs Reference
(pp.
1
14
).
Apress
.
Google Scholar
 
7.
Developers
,
A.
 (
2012
).
Android Manifest Permissions
.
8.
MacLean
,
D.
,
Komatineni
,
S.
, &
Allen
,
G.
 (
2015
). Deploying Your Application: Google Play Store and Beyond. In
Pro Android 5
(pp.
677
696
).
Apress
.
Google Scholar
Crossref
Search ADS
 
9.
Nauman
,
M.
, &
Khan
,
S.
 (
2011
).
Design and implementation of a fine-grained resource usage model for the android platform
.
Int. Arab J. Inf. Technol.
,
8
(
4
),
440
448
.
Google Scholar
 
10.
Ongtang
,
M.
,
McLaughlin
,
S.
,
Enck
,
W.
, &
McDaniel
,
P.
 (
2012
).
Semantically rich application-centric security in Android
.
Security and Communication Networks
,
5
(
6
),
658
673
.
https://doi.org/10.1002/sec.360
Google Scholar
Crossref
Search ADS
 
11.
Beresford
,
A. R.
,
Rice
,
A.
,
Skehin
,
N.
, &
Sohan
,
R.
 (
2011, March
).
Mockdroid: trading privacy for application functionality on smartphones
. In
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
(pp.
49
54
).
ACM
.
Crossref
Search ADS
 
12.
Bugiel
,
S.
,
Davi
,
L.
,
Dmitrienko
,
A.
,
Fischer
,
T.
, &
Sadeghi
,
A. R.
 (
2011
).
Xmandroid: A new android evolution to mitigate privilege escalation attacks
.
Technische Universität Darmstadt
,
Technical Report TR-2011-04
.
Google Scholar
 
13.
Zhou
,
Y.
,
Zhang
,
X.
,
Jiang
,
X.
, &
Freeh
,
V. W.
 (
2011
). Taming information-stealing smartphone applications (on android). In
Trust and Trustworthy Computing
(pp.
93
107
).
Springer
Berlin Heidelberg
.
Google Scholar
Crossref
Search ADS
 
14.
Sam Lu.
aSpotCat
 (
app by
permission
). play.google.com/store/apps/details?id=com.a0soft.gphone.aSpotCat [retrieved:
July, 2015
]
15.
Team
,
C. Cyanogenmod
. www.cyanogenmod.org/ [retrieved:
July, 2015
]
16.
Holavanalli
,
S.
,
Manuel
,
D.
,
Nanjundaswamy
,
V.
,
Rosenberg
,
B.
,
Shen
,
F.
,
Ko
,
S. Y.
, &
Ziarek
,
L.
 (
2013, November
).
Flow permissions for android
. In
Automated Software Engineering (ASE), 2013 IEEE/ACM 28th International Conference on
(pp.
652
657
).
IEEE
.
Crossref
Search ADS
 
17.
Xu
,
R.
,
Saïdi
,
H.
, &
Anderson
,
R.
 (
2012
, August).
Aurasium: Practical Policy Enforcement for Android Applications
. In
USENIX Security Symposium
(pp.
539
552
).
Google Scholar
 
18.
Wei
,
X.
,
Gomez
,
L.
,
Neamtiu
,
I.
, &
Faloutsos
,
M.
 (
2012, December
).
Permission evolution in the android ecosystem
. In
Proceedings of the 28th Annual Computer Security Applications Conference
(pp.
31
40
).
ACM
.
Crossref
Search ADS
 
19.
Arzt
,
S.
,
Rasthofer
,
S.
,
Fritz
,
C.
,
Bodden
,
E.
,
Bartel
,
A.
,
Klein
,
J.
 &
McDaniel
,
P.
 (
2014, June
).
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps
. In
ACM SIGPLAN Notices
(Vol.
49
, No.
6
, pp.
259
269
).
ACM
.
Crossref
Search ADS
 
20.
Pages
,
L. M.
Linux Manual Pages
. http://linux.die.net/man/ [retrieved:
July, 2015
]
21.
Schreckling
,
D.
,
Köstler
,
J.
, &
Schaff
,
M.
 (
2013
).
Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android
.
Information Security Technical Report
,
17
(
3
),
71
80
.
https://doi.org/10.1016/j.istr.2012.10.006
Google Scholar
Crossref
Search ADS
 
22.
Au
,
K. W. Y.
,
Zhou
,
Y. F.
,
Huang
,
Z.
, &
Lie
,
D.
 (
2012, October
).
Pscout: analyzing the android permission specification
. In
Proceedings of the 2012 ACM conference on Computer and communications security
(pp.
217
228
).
ACM
.
Crossref
Search ADS
 
This content is only available via PDF.
© 2016 AIP Publishing LLC.
2016
AIP Publishing LLC
You do not currently have access to this content.