The Android middleware has been a popular target for security extensions over the last few years. For instance, context-aware policies, DRM-like solution, developer-centric policies, or generic mandatory access control infrastructures have been brought forward, just to name a few. However, almost no consideration has been given on how to analyze or security test the large, highly complex code base of the Android middleware. In this project, we advance the state-of-the-art of analysis and security testing to enable various security- and privacy-focused investigations, such as permission mapping (Backes et al. 2016), fuzzing, or placement of access control hooks.
While the majority of Android security research has focused on the platform, market operators, and end-users as primary security principals, the Android ecosystem consists of many more stakeholders that have a (sometimes significant) influence on the security state of the overall ecosystem. (Acar et al. 2016) In this project, we investigate and quantify this influence of third-party stakeholders (Backes, Bugiel, and Derr 2016; Derr et al. 2017; Oltrogge et al. 2018) and propose new techniques and workflows that improve the overall security state of the Android ecosystem (Huang et al. 2017).
The LibScout tool as part of this research has been made publicly available at github.
Android Security Framework (ASF) is a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android’s software stack. ASF provides a novel security API that supports authors of Android security extensions in developing their modules. This overcomes the current unsatisfactory situation to provide security solutions as separate patches to the Android software stack or to embed them into Android’s mainline codebase. As a result, ASF provides different practical benefits such as a higher degree of acceptance, adaptation, and maintenance of security solutions than previously possible on Android. We present a prototypical implementation of ASF and demonstrate its effectiveness and efficiency by modularizing different security models from related work, such as context-aware access control, inlined reference monitoring, and type enforcement.
Source code, example security modules, and documentation can be retrieved from the project website.
Peer-reviewed publications with contributions by members of the Trusted Systems Group: