National ICT R&D Fund

Technical R&D Projects

Funded Projects

Constrained Intents: Extending Android Security for Intent Policies (EASIP)

Principal Investigator:
Institute of Management Sciences, Peshawar www.imsciences.edu.pk
Project Directors:
Dr. Masoom Alam	masoom.alam@gmail.com
Dr. Xinwen Zhang	xinwen.z@sisa.samsung.com
Project Details:
Start Date: July, 2009	Duration: 24 months
Project Cost: PKR 14.84 million	Project Funding: PKR 14.84 million
Project Status: In progress.
Technical Progress Reports Submitted: Project Commencement Report, Q1 report. Pending Reports: None. Deliverables Submitted: 1: Analysis report on VM and class path capabilities Pending Deliverables: None.
Financial Audit Reports Submitted: Q1 financial report.
Project URL: NA
Detailed proposal is available here.

Executive Summary

Recent years have seen a significant increase of computing power, ubiquitous connectivity, connection bandwidth, and data storage on mobile devices. Consequently, more applications and services are also deployed on these devices which bring new business processes, pervasive information and content creation and sharing, and mobile medical systems. With the increase in use of open mobile architecture, security risks and attacks are also increasing on these devices. In the current scenario of mobile platforms, Android is one of the most anticipated smart phone operating systems, introduced by Google as an open source operating system that provides a complete software stack for mobile devices that includes an operating system, system utilities, middleware in the form of virtual machine, and key applications.

The existing architecture of Android does not provide any policy enforcement while communicating with internal processes and consuming external resources. Android developed its own mechanism for any operation to be performed by introducing Intents. Intent is an abstract description of an operation to be performed and provides a facility for performing late runtime binding between the components of different applications.

One of the drawbacks of the existing Android architecture is that there is no security policy framework attached to intents. To address these and similar security issues this project proposes a Policy Enforcement Framework (PEF) for intents. PEF will provide a Policy Enforcement Engine (runtime environment) and a policy language based on existing standards. The project plans to extend the existing Android architecture of Intents to evaluate the user's policy before any activity can be performed. If the policy of the calling application and that of the called application allow the activity, the Intent will be allowed by the Android framework.

The approach of this project will be a dynamic runtime framework with minimal trade-off of performance and aims to bring the benefits of access policies to the Android platform and develop a policy enforcement framework which can be plugged into the existing architecture of Android.

The key benefits of this project are:

It will develop a comprehensive access control framework and a policy language for the Android platform.
The project will also implement a policy enforcement framework and policy writing tool to facilitate the policy writing for the application owners and developers.
The comprehensive policy enforcement framework for the android platform can be used in local and international market and this work is on the cutting edge of research related to open source mobile platforms.