Achieving optional Android permissions without operating system modifications

Paul, Greig and Irvine, James (2015) Achieving optional Android permissions without operating system modifications. In: 2015 IEEE 81st Vehicular Technology Conference, 2015-05-11 - 2015-05-14, University of Strathclyde. (https://doi.org/10.1109/VTCSpring.2015.7145666)

[thumbnail of Paul-Irvine-VTC2015-5G-optional-Android-permissions-without-operating-system-modifications] PDF. Filename: Paul_Irvine_VTC2015_5G_optional_Android_permissions_without_operating_system_modifications.pdf
Accepted Author Manuscript

Download (327kB)

Abstract

Since the release of the open-source Android operating system in 2009, considerable research has been carried out into various factors affecting the security and privacy of user data. As these devices become more widespread in usage, such as in vehicles with the announcement of Android Auto, the need for users to have control over the data available to applications is becoming important. A recurring theme from other works into this topic is that a more granular permissions model for Android applications would be beneficial, allowing users to understand which permissions their apps actually need, and to make decisions, rather than be forced to accept all of the requested permissions. A number of effective solutions have been presented, but these have required modifications be made to the core operating system, to enforce the existence of these new, optional permissions. We present an approach which permits an application developer to add optional permissions to their application, without any modifications being made to the underlying operating system. By not requiring rooting or other modifications to the device, this technique makes use of native Android functionality, and thus should remain operative between Android versions (which are increasingly difficult to gain root access on), unlike alternative techniques.