Enforcing File System Permissions on Android External Storage
Proceedings of 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, September 2014, IEEE Computer Society Press, Forthcoming
6 Pages Posted: 22 Jul 2014
Date Written: July 21, 2014
Mobile devices are fast becoming critical information management tools often storing a range of personal and corporate confidential data often synced from online and cloud based storage services. Mobile device operating system designers are increasing the security available to users, not only from traditional security risk vectors, but also to protect their privacy from the various apps (with potential malicious intent) installed on their device. In this paper, we developed a process for enforcing file system permissions on Android external storage (with minimal modifications to the operating system). Our process makes use of the application sandboxing supported on this platform to restrict parts of the external file system to a particular app or multiple apps holding a particular permission. We present an Android File system Permissions (AFP) prototype demonstrating the applicability of this work and demonstrate its utility using the ownCloud app for Android. We then highlight a number of limitations with the current permission enforcement capabilities for external storage on the platform.
Keywords: Android, external storage, file system, file system permissions, mobile device, mobile security, privacy, SD card
JEL Classification: C88, C89, K42, K49
Suggested Citation: Suggested Citation