- ALL COMPUTER, ELECTRONICS AND MECHANICAL COURSES AVAILABLE…. PROJECT GUIDANCE SINCE 2004. FOR FURTHER DETAILS CALL 9443117328
Projects > COMPUTER > 2017 > NON IEEE > APPLICATION
We present a security analysis of our implementation of the CBAC system to analyze possible threats from a malicious user or applications that can bypass our policy restrictions. The aim of our security analysis is to identify possible threats by malicious users or applications that can bypass CBAC policies and to mitigate these threats. The purpose of this experiment is to measure the amount of memory overhead placed on the system after our modifications. Mainly, we aim to observe the changes in memory usage caused by our application restrictions and by the LocationService method that continuously run in the background for context updates.
Security for mobile operating systems focuses on restricting applications from accessing sensitive data and resources, but mostly lacks efficient techniques for enforcing those restrictions according to fine-grained contexts that differentiate between closely located subareas. Moreover, most of this work has focused on developing policy systems that do not restrict privileges per application and are only effective system-wide. With context-based device policies, employees may be allowed to use smartphones as they can disable all applications from using the camera and any device resources and privileges that employers restrict while at work, while the user device can retain all its original privileges outside the work area.
In this paper, we propose a context-based access control (CBAC) mechanism for Android systems that allows smartphone users to set configuration policies over their applications’ usage of device resources and services at different contexts. Through the CBAC mechanism, users can, for example, set restricted privileges for device applications when using the device at work, and device applications may re-gain their original privileges when the device is used at home. This change in device privileges is automatically applied as soon as the user device matches a pre-defined context of a user-defined policy. The user can also specify a default set of policies to be applied when the user is located in a non-previously defined location. Configured policy restrictions are defined according to the accessible device resources, services, and permissions that are granted to applications at installation time. Such policies define which services are offered by the device and limit the device and user information accessibility. Policy restrictions are linked to context and are configured by the device user. We define context according to location and time.
