Practical and Lightweight Domain Isolation on Android Sven Bugiel † , Lucas Davi † , Alexandra Dmitrienko ‡ , Stephan Heuser ‡ , Ahmad-Reza Sadeghi † , ‡ , Bhargava Shastry ‡ † Technische Universität Darmstadt Darmstadt, Germany ‡ Fraunhofer SIT Darmstadt, Germany ABSTRACT In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among appli- cations of different trust levels (e.g., private and corporate). We present the design and implementation of our framework, TrustDroid , which in contrast to existing solutions enables isolation at different layers of the Android software stack: (1) at the middleware layer to prevent inter-domain applica- tion communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on Inter-Process Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3) allows network data to be only read by a particular domain, or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network. Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More- over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device (Nexus One). Our evaluation demonstrates that TrustDroid only adds a negligible overhead, and in contrast to contempo- rary full virtualization, only minimally affects the battery’s life-time. Categories and Subject Descriptors D.4.6 [ Operating Systems ]: Security and Protection General Terms Security 1. INTRODUCTION The market penetration of modern smartphones is high and sophisticated mobile devices are becoming an integral part of our daily life. Remarkably, smartphones are increasingly Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. SPSM’11, October 17, 2011, Chicago, Illinois, USA. Copyright 2011 ACM 978-1-4503-1000-0/11/10 ...$10.00. deployed in business transactions: They provide employees a means to remain connected to the company’s network thereby enabling on the road access to company’s data. In particular, they allow employees to read and send e-mails, synchronize calendars, organize meetings, attend telephone and video conferences, obtain news, and much more. On the other hand, mobile platforms have also become an appealing target for attacks threatening not only private/personal data but also corporate data.
- Spring '08
- Mobile operating system, android market