This article reports on our experiences in applying formal methods to verify the security mechanisms of Android. We have developed a comprehensive formal specification of Android's permission model, which has been used to state and prove properties that establish expected behavior of the procedures that enforce the defined access control policy. We are also interested in providing guarantees concerning actual implementations of the mechanisms. Therefore we are following a verification approach that combines the use of idealized models, on which fundamental properties are formally verified, with testing of actual implementations using lightweight model-based techniques. We describe the formalized model, present security properties that have ...
Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure ...
International audienceAndroid applications that manage sensitive data such as email and files downlo...
Modern smartphone operating systems (OSs) have been developed with a greater em-phasis on security a...
In this work we present a comprehensive formal specification of an idealized formulation of Android?...
The ever increasing expansion of mobile applications into nearly every aspect of modern life, from b...
Mobile applications build part of their security and privacy on a declarative permission model. In t...
This paper has three goals: to improve our understanding of enforcing security policies via Android-...
The need of providing a secure environment to the users of technology is necessary to keep it going....
Abstract. Several works have recently shown that Android’s security architecture cannot prevent many...
Abstract. Android OS is currently the most widespread mobile operating system and is very likely to ...
We propose a new attestation approach for the Android platform that integrates Trusted Computing con...
The ever increasing expansion of mobile applications into nearly every aspect of modern life, from b...
Abstract. Android applications that manage sensitive data such as email and files downloaded from cl...
The Android Security Framework controls the executions of applications through permissions which are...
The emerging Bring Your Own Device (BYOD) paradigm is pushing the adoption of employees\u2019 person...
Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure ...
International audienceAndroid applications that manage sensitive data such as email and files downlo...
Modern smartphone operating systems (OSs) have been developed with a greater em-phasis on security a...
In this work we present a comprehensive formal specification of an idealized formulation of Android?...
The ever increasing expansion of mobile applications into nearly every aspect of modern life, from b...
Mobile applications build part of their security and privacy on a declarative permission model. In t...
This paper has three goals: to improve our understanding of enforcing security policies via Android-...
The need of providing a secure environment to the users of technology is necessary to keep it going....
Abstract. Several works have recently shown that Android’s security architecture cannot prevent many...
Abstract. Android OS is currently the most widespread mobile operating system and is very likely to ...
We propose a new attestation approach for the Android platform that integrates Trusted Computing con...
The ever increasing expansion of mobile applications into nearly every aspect of modern life, from b...
Abstract. Android applications that manage sensitive data such as email and files downloaded from cl...
The Android Security Framework controls the executions of applications through permissions which are...
The emerging Bring Your Own Device (BYOD) paradigm is pushing the adoption of employees\u2019 person...
Current cybersecurity best practices, techniques, tactics and procedures are insufficient to ensure ...
International audienceAndroid applications that manage sensitive data such as email and files downlo...
Modern smartphone operating systems (OSs) have been developed with a greater em-phasis on security a...