Enforcing File System Permissions on Android External Storage

Proceedings of 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, September 2014, IEEE Computer Society Press, Forthcoming

6 Pages Posted: 22 Jul 2014

See all articles by Quang Do

Quang Do

University of South Australia

Ben Martini

University of South Australia

Kim-Kwang Raymond Choo

The University of Texas at San Antonio

Date Written: July 21, 2014

Abstract

Mobile devices are fast becoming critical information management tools often storing a range of personal and corporate confidential data often synced from online and cloud based storage services. Mobile device operating system designers are increasing the security available to users, not only from traditional security risk vectors, but also to protect their privacy from the various apps (with potential malicious intent) installed on their device. In this paper, we developed a process for enforcing file system permissions on Android external storage (with minimal modifications to the operating system). Our process makes use of the application sandboxing supported on this platform to restrict parts of the external file system to a particular app or multiple apps holding a particular permission. We present an Android File system Permissions (AFP) prototype demonstrating the applicability of this work and demonstrate its utility using the ownCloud app for Android. We then highlight a number of limitations with the current permission enforcement capabilities for external storage on the platform.

Keywords: Android, external storage, file system, file system permissions, mobile device, mobile security, privacy, SD card

JEL Classification: C88, C89, K42, K49

Suggested Citation

Do, Quang and Martini, Ben and Choo, Kim-Kwang Raymond, Enforcing File System Permissions on Android External Storage (July 21, 2014). Proceedings of 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, September 2014, IEEE Computer Society Press, Forthcoming. Available at SSRN: https://ssrn.com/abstract=2469604

Quang Do

University of South Australia ( email )

37-44 North Terrace, City West Campus
Adelaide, South Australia 5001
Australia

Ben Martini

University of South Australia ( email )

37-44 North Terrace, City West Campus
Adelaide, South Australia 5001
Australia

Kim-Kwang Raymond Choo (Contact Author)

The University of Texas at San Antonio ( email )

San Antonio, TX 78249
United States
+12104587867 (Phone)

HOME PAGE: http://https://sites.google.com/site/raymondchooau/

Register to save articles to
your library

Register

Paper statistics

Downloads
61
Abstract Views
482
rank
349,348
PlumX Metrics