A root privilege management scheme with revocable authorization for Android devices. (1st April 2018)
- Record Type:
- Journal Article
- Title:
- A root privilege management scheme with revocable authorization for Android devices. (1st April 2018)
- Main Title:
- A root privilege management scheme with revocable authorization for Android devices
- Authors:
- Tan, Yu-an
Xue, Yuan
Liang, Chen
Zheng, Jun
Zhang, Quanxin
Zheng, Jiamin
Li, Yuanzhang - Abstract:
- Abstract: As a critical part in mobile cloud computing, the vulnerability of Android devices can directly affect the security of the mobile cloud. The unsecured Android can be potentially exploited by malwares to obtain the root privilege. Root privilege misuse is the critical issue for Android security, which breaks the integrity of Android security and rises the risk of permission escalation from malwares. The existing solutions still fail to balance the trade-off between the users desires on using root privilege and the Android security, which lays risks in leading to the root privilege misuse. To address this issue, a root privilege management scheme named Root Privilege Manager (RPM) is proposed, which adopts the root privilege access control to guarantee the exclusive root access opportunity of the authenticated apps. RPM verifies the authorization and integrity of root requesting apps based on the extracted authorization files during app installation, and then root access management controls the granting of root privilege based on the authenticated results. In this way, the end users are free from the embarrassment of appropriate decision-making while confront root access management. The prototype of RPM is implemented to evaluate its effectiveness, efficiency and performance. The experiments show RPM can effectively control the granting of root privilege and the time consumption in root access management is increased by 0.21%–0.94% respectively compared with the userAbstract: As a critical part in mobile cloud computing, the vulnerability of Android devices can directly affect the security of the mobile cloud. The unsecured Android can be potentially exploited by malwares to obtain the root privilege. Root privilege misuse is the critical issue for Android security, which breaks the integrity of Android security and rises the risk of permission escalation from malwares. The existing solutions still fail to balance the trade-off between the users desires on using root privilege and the Android security, which lays risks in leading to the root privilege misuse. To address this issue, a root privilege management scheme named Root Privilege Manager (RPM) is proposed, which adopts the root privilege access control to guarantee the exclusive root access opportunity of the authenticated apps. RPM verifies the authorization and integrity of root requesting apps based on the extracted authorization files during app installation, and then root access management controls the granting of root privilege based on the authenticated results. In this way, the end users are free from the embarrassment of appropriate decision-making while confront root access management. The prototype of RPM is implemented to evaluate its effectiveness, efficiency and performance. The experiments show RPM can effectively control the granting of root privilege and the time consumption in root access management is increased by 0.21%–0.94% respectively compared with the user management. … (more)
- Is Part Of:
- Journal of network and computer applications. Volume 107(2018)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 107(2018)
- Issue Display:
- Volume 107, Issue 2018 (2018)
- Year:
- 2018
- Volume:
- 107
- Issue:
- 2018
- Issue Sort Value:
- 2018-0107-2018-0000
- Page Start:
- 69
- Page End:
- 82
- Publication Date:
- 2018-04-01
- Subjects:
- Mobile cloud computing -- Android security -- Root privilege management -- Revocable authorization
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2018.01.011 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 5881.xml