CRêPE

A system for enforcing fine-grained context-related policies on android

Mauro Conti, Bruno Crispo, Earlence Fernandes, Yury Zhauniarovich

Research output: Contribution to journalArticle

57 Citations (Scopus)

Abstract

Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CRêPE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this is the first work that brings this concept into the smartphone environment. In particular, in our work, a context can be defined by: the status of variables sensed by physical (low level) sensors, like time and location; additional processing on these data via software (high level) sensors; or particular interactions with the users or third parties. CRêPE allows context-related policies to be set (even at runtime) by both the user and authorized third parties locally (via an application) or remotely (via SMS, MMS, Bluetooth, and QR-code). A thorough set of experiments shows that our full implementation of CRêPE has a negligible overhead in terms of energy consumption, time, and storage, making our system ready for a production environment.

Original languageEnglish
Article number6215040
Pages (from-to)1426-1438
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Volume7
Issue number5
DOIs
Publication statusPublished - 20 Sep 2012
Externally publishedYes

Fingerprint

Smartphones
Bluetooth
Sensors
Access control
Energy utilization
Processing
Experiments
Android (operating system)

Keywords

  • Android security
  • context policy
  • smartphone security

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

CRêPE : A system for enforcing fine-grained context-related policies on android. / Conti, Mauro; Crispo, Bruno; Fernandes, Earlence; Zhauniarovich, Yury.

In: IEEE Transactions on Information Forensics and Security, Vol. 7, No. 5, 6215040, 20.09.2012, p. 1426-1438.

Research output: Contribution to journalArticle

@article{5a8166b5529045adb1e8b4d48a65aa5a,
title = "CR{\^e}PE: A system for enforcing fine-grained context-related policies on android",
abstract = "Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CR{\^e}PE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this is the first work that brings this concept into the smartphone environment. In particular, in our work, a context can be defined by: the status of variables sensed by physical (low level) sensors, like time and location; additional processing on these data via software (high level) sensors; or particular interactions with the users or third parties. CR{\^e}PE allows context-related policies to be set (even at runtime) by both the user and authorized third parties locally (via an application) or remotely (via SMS, MMS, Bluetooth, and QR-code). A thorough set of experiments shows that our full implementation of CR{\^e}PE has a negligible overhead in terms of energy consumption, time, and storage, making our system ready for a production environment.",
keywords = "Android security, context policy, smartphone security",
author = "Mauro Conti and Bruno Crispo and Earlence Fernandes and Yury Zhauniarovich",
year = "2012",
month = "9",
day = "20",
doi = "10.1109/TIFS.2012.2204249",
language = "English",
volume = "7",
pages = "1426--1438",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "5",

}

TY - JOUR

T1 - CRêPE

T2 - A system for enforcing fine-grained context-related policies on android

AU - Conti, Mauro

AU - Crispo, Bruno

AU - Fernandes, Earlence

AU - Zhauniarovich, Yury

PY - 2012/9/20

Y1 - 2012/9/20

N2 - Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CRêPE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this is the first work that brings this concept into the smartphone environment. In particular, in our work, a context can be defined by: the status of variables sensed by physical (low level) sensors, like time and location; additional processing on these data via software (high level) sensors; or particular interactions with the users or third parties. CRêPE allows context-related policies to be set (even at runtime) by both the user and authorized third parties locally (via an application) or remotely (via SMS, MMS, Bluetooth, and QR-code). A thorough set of experiments shows that our full implementation of CRêPE has a negligible overhead in terms of energy consumption, time, and storage, making our system ready for a production environment.

AB - Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CRêPE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this is the first work that brings this concept into the smartphone environment. In particular, in our work, a context can be defined by: the status of variables sensed by physical (low level) sensors, like time and location; additional processing on these data via software (high level) sensors; or particular interactions with the users or third parties. CRêPE allows context-related policies to be set (even at runtime) by both the user and authorized third parties locally (via an application) or remotely (via SMS, MMS, Bluetooth, and QR-code). A thorough set of experiments shows that our full implementation of CRêPE has a negligible overhead in terms of energy consumption, time, and storage, making our system ready for a production environment.

KW - Android security

KW - context policy

KW - smartphone security

UR - http://www.scopus.com/inward/record.url?scp=84866302360&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84866302360&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2012.2204249

DO - 10.1109/TIFS.2012.2204249

M3 - Article

VL - 7

SP - 1426

EP - 1438

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

IS - 5

M1 - 6215040

ER -