There is little protection for the content downloaded to cell phones. In Android, it is up to the programmers to define what their applications can access--malicious applications can exploit this in order to access unauthorized data. The Open Mobile Alliance (OMA), a consortium of phone manufacturers, defined digital rights management (DRM) requirements to enforce control of access to content. However, its granularity is too coarse: it does not protect content that is already on a phone because the rights are assigned to the whole phone, not to specific applications. To improve this situation, this paper proposes a policy-based access control system (Porscha) that protects the content when it is delivered to the phone and once it is on the phone.
This clear and well-written paper provides a concise survey of the main system and application features of Android architectures, with particular emphasis on security. It starts with a description of a phone’s uses, trying to understand its threats and define security requirements for the system; a set of DRM policies is defined from this analysis. The authors then analyze how content is delivered and used by applications, as well as any threats. They define a trusted computing base (TCB) and consider the network to be untrusted because of the deficiencies of current encryption approaches.
In order to protect content in transit, they define a type of public key infrastructure (PKI) that uses identity-based public keys. They also propose a mediator to enforce policies for the content on the phone. The paper evaluates the cost (overhead) of policy enforcement and finds it to be reasonable. The authors’ security evaluation includes protecting the private key, dealing with recipients without Porscha, and their assumptions about the level of trust on the platform, including Android and the Linux kernel. They also discuss Porscha as an access control system for content. The paper includes a good set of references.
This excellent paper will be very useful to readers who work in this field or who are concerned with the security of wireless applications.