Taint-marking based access control model and its implementation on Android
WU Zezhi1,XHEN Xingyuan1,YANG Zhi2,DU Xuehui2
1. College of Cryptogram Engineering, Information Engineering University, Zhengzhou Henan 450001, China; 2. College of Network Space Security, Information Engineering University, Zhengzhou Henan 450001, China
Abstract:For protecting the sensitive data on mobile operation system, a Taint-marking Based Access Control (TBAC) model was presented and a Taint-marking Information Flow Control (TIFC) framework was proposed. To improve fine-grained data sharing, labels were designed for each data. To support for least privilege characteristic, capacities were defined to each subject. To avoid accumulating of contamination, decontamination capacities of trust subjects were introduced. Compared with BLP, TBAC is more available, flexible and fine-grained. The results show TIFC is an effective, flexible and accurate framework in tracking and controlling the information flow at runtime, and TIFC solves the problem of covert channel caused by control flow during program execution.
吴泽智 陈性元 杨智 杜学绘. 基于污点标记的访问控制模型及其安卓实现[J]. 计算机应用, 2014, 34(2): 473-476.
WU Zezhi XHEN Xingyuan YANG Zhi DU Xuehui. Taint-marking based access control model and its implementation on Android. Journal of Computer Applications, 2014, 34(2): 473-476.