This paper discuss the main security topic in mobile security area and this topic is protect user against the leakage of data. This work primarily contains the proposal of concept of dynamic permission mechanism for Android operating system. This mechanism deals with assignment or enforcement permissions to the application according to files that the application works with. Application has set of permissions that can use, but if the user opens confident files the application permissions should change its permission set and there should not be possible leakage of this secret data. The permissions set should be stricter according to opened confidential file or more open (without restriction) if the file is not secret file. The concept proposes the solution for protecting this data leakage. Idea covers rule that user should be avoided of change this permissions himself, but this behavior should be dynamic, automatic and independent. This proposal is mainly aimed to Android operating system, but the concept can be applied to other mobile platforms with some implementation changes.

1.
Top 10 Mobile phones operating systems
http://www.shoutmeloud.com/top-mobile-os-overview.html [retrieved:
July., 2015
]
2.
Kern
,
M.
, &
Sametinger
,
J.
(
2012
).
Permission Tracking in Android
. In
The Sixth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies UBICOMM
(pp.
148
155
).
3.
Developers
,
A.
(
2011
).
What is android
4.
Song
,
Y.
(
2014
). “
Bring Your Own Device (BYOD)” for seamless science inquiry in a primary school
.
Computers & Education
,
74
,
50
60
.
M. P.
Brown
and
K.
Austin
,
Appl. Phys. Letters
85
,
2503
2504
(
2004
).
5.
Oh
,
H. S.
,
Kim
,
B. J.
,
Choi
,
H. K.
, &
Moon
,
S. M.
(
2012, October
).
Evaluation of Android Dalvik virtual machine
. In
Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems
(pp.
115
124
).
ACM
.
6.
Cinar
,
O.
(
2015
). Android Platform. In
Android Quick APIs Reference
(pp.
1
14
).
Apress
.
7.
Developers
,
A.
(
2012
).
Android Manifest Permissions
.
8.
MacLean
,
D.
,
Komatineni
,
S.
, &
Allen
,
G.
(
2015
). Deploying Your Application: Google Play Store and Beyond. In
Pro Android 5
(pp.
677
696
).
Apress
.
9.
Nauman
,
M.
, &
Khan
,
S.
(
2011
).
Design and implementation of a fine-grained resource usage model for the android platform
.
Int. Arab J. Inf. Technol.
,
8
(
4
),
440
448
.
10.
Ongtang
,
M.
,
McLaughlin
,
S.
,
Enck
,
W.
, &
McDaniel
,
P.
(
2012
).
Semantically rich application-centric security in Android
.
Security and Communication Networks
,
5
(
6
),
658
673
.
11.
Beresford
,
A. R.
,
Rice
,
A.
,
Skehin
,
N.
, &
Sohan
,
R.
(
2011, March
).
Mockdroid: trading privacy for application functionality on smartphones
. In
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
(pp.
49
54
).
ACM
.
12.
Bugiel
,
S.
,
Davi
,
L.
,
Dmitrienko
,
A.
,
Fischer
,
T.
, &
Sadeghi
,
A. R.
(
2011
).
Xmandroid: A new android evolution to mitigate privilege escalation attacks
.
Technische Universität Darmstadt
,
Technical Report TR-2011-04
.
13.
Zhou
,
Y.
,
Zhang
,
X.
,
Jiang
,
X.
, &
Freeh
,
V. W.
(
2011
). Taming information-stealing smartphone applications (on android). In
Trust and Trustworthy Computing
(pp.
93
107
).
Springer
Berlin Heidelberg
.
14.
Sam Lu.
aSpotCat
(
app by
permission
). play.google.com/store/apps/details?id=com.a0soft.gphone.aSpotCat [retrieved:
July, 2015
]
15.
Team
,
C. Cyanogenmod
. www.cyanogenmod.org/ [retrieved:
July, 2015
]
16.
Holavanalli
,
S.
,
Manuel
,
D.
,
Nanjundaswamy
,
V.
,
Rosenberg
,
B.
,
Shen
,
F.
,
Ko
,
S. Y.
, &
Ziarek
,
L.
(
2013, November
).
Flow permissions for android
. In
Automated Software Engineering (ASE), 2013 IEEE/ACM 28th International Conference on
(pp.
652
657
).
IEEE
.
17.
Xu
,
R.
,
Saïdi
,
H.
, &
Anderson
,
R.
(
2012
, August).
Aurasium: Practical Policy Enforcement for Android Applications
. In
USENIX Security Symposium
(pp.
539
552
).
18.
Wei
,
X.
,
Gomez
,
L.
,
Neamtiu
,
I.
, &
Faloutsos
,
M.
(
2012, December
).
Permission evolution in the android ecosystem
. In
Proceedings of the 28th Annual Computer Security Applications Conference
(pp.
31
40
).
ACM
.
19.
Arzt
,
S.
,
Rasthofer
,
S.
,
Fritz
,
C.
,
Bodden
,
E.
,
Bartel
,
A.
,
Klein
,
J.
&
McDaniel
,
P.
(
2014, June
).
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps
. In
ACM SIGPLAN Notices
(Vol.
49
, No.
6
, pp.
259
269
).
ACM
.
20.
Pages
,
L. M.
Linux Manual Pages
. http://linux.die.net/man/ [retrieved:
July, 2015
]
21.
Schreckling
,
D.
,
Köstler
,
J.
, &
Schaff
,
M.
(
2013
).
Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android
.
Information Security Technical Report
,
17
(
3
),
71
80
.
22.
Au
,
K. W. Y.
,
Zhou
,
Y. F.
,
Huang
,
Z.
, &
Lie
,
D.
(
2012, October
).
Pscout: analyzing the android permission specification
. In
Proceedings of the 2012 ACM conference on Computer and communications security
(pp.
217
228
).
ACM
.
This content is only available via PDF.
You do not currently have access to this content.