More Like this

1. Intent-aware Permission Architecture: A Model for Rethinking Informed Consent for Android Apps [Intent-aware Permission Architecture: A Model for Rethinking Informed Consent for Android Apps]

   https://doi.org/10.5220/0010882900003120  

   Rahman Md, R. ; Miller, E. ; Hossain, M. ; Ali-Gombe, A. ( January 2022 , ICISSP 2022)

   As data privacy continues to be a crucial human-right concern as recognized by the UN, regulatory agencies have demanded developers obtain user permission before accessing user-sensitive data. Mainly through the use of privacy policies statements, developers fulfill their legal requirements to keep users abreast of the requests for their data. In addition, platforms such as Android enforces explicit permission request using the permission model. Nonetheless, recent research has shown that service providers hardly make full disclosure when requesting data in these statements. Neither is the current permission model designed to provide adequate informed consent. Often users have no clear understanding of the reason and scope of usage of the data request. This paper proposes an unambiguous, informed consent process that provides developers with a standardized method for declaring Intent. Our proposed Intent-aware permission architecture extends the current Android permission model with a precise mechanism for full disclosure of purpose and scope limitation. The design of which is based on an ontology study of data requests purposes. The overarching objective of this model is to ensure end-users are adequately informed before making decisions on their data. Additionally, this model has the potential to improve trust between end-users and developers. 

   more » « less
2. TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications

   https://doi.org/10.14722/ndss.2020.24287  

   Shezan, Faysal Hossain ; Cheng, Kaiming ; Zhang, Zhen ; Cao, Yinzhi ; Tian, Yuan ( January 2020 , Network and Distributed Systems Security (NDSS) Symposium)

   Permission-based access control enables users to manage and control their sensitive data for third-party applications. In an ideal scenario, third-party application includes enough details to illustrate the usage of such data, while the reality is that many descriptions of third-party applications are vague about their security or privacy activities. As a result, users are left with insufficient details when granting sensitive data to these applications. Prior works, such as WHYPER and AutoCog, have addressed the aforementioned problem via a so-called permission correlation system. Such a system correlates third-party applications' description with their requested permissions and determines an application as overprivileged if a mismatch is found. However, although prior works are successful on their own platforms, such as Android eco-system, they are not directly applicable to new platforms, such as Chrome extensions and IFTTT, without extensive data labeling and parameter tuning. In this paper, we design, implement, and evaluate a novel system, called TKPERM, which transfers knowledges of permission correlation systems across platforms. Our key idea is that these varied platforms with different use cases---like smartphones, IoTs, and desktop browsers---are all user-facing and thus allow the knowledges to be transferrable across platforms. Particularly, we adopt a greedy selection algorithm that picks the best source domains to transfer to the target permission on a new platform. TKPERM achieves 90.02% overall F1 score after transfer, which is 12.62% higher than the one of a model trained directly on the target domain without transfer. Particularly, TKPERM has 91.83% F1 score on IFTTT, 89.13% F1 score on Chrome-Extension, and 89.1% F1 score on SmartThings. TKPERM also successfully identified many real-world overprivileged applications, such as a gaming hub requesting location permissions without legitimate use. 

   more » « less
3. Containing Malicious Package Updates in npm with a Lightweight Permission System

   https://doi.org/10.1109/ICSE43902.2021.00121  

   Ferreira, Gabriel ; Jia, Limin ; Sunshine, Joshua ; Kastner, Christian ( May 2021 , 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE))

   The large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by pushing malicious updates to their package dependencies. Studying the npm repository, we observed that many packages in the npm repository that are used in Node.js applications perform only simple computations and do not need access to filesystem or network APIs. This offers the opportunity to enforce least-privilege design per package, protecting applications and package dependencies from malicious updates. We propose a lightweight permission system that protects Node.js applications by enforcing package permissions at runtime. We discuss the design space of solutions and show that our system makes a large number of packages much harder to be exploited, almost for free. 

   more » « less
4. Hardware Supported Permission Checks on Persistent Objects for Performance and Programmability

   https://doi.org/10.1109/ISCA.2018.00046  

   Wang, Tiancong ; Sambasivam, Sakthikumaran ; Tuck, James ( June 2018 , International Symposium on Computer Architecture)

   Non-Volatile Memory technologies are advancing rapidly and may augment or replace DRAM in future systems. However, a key question is how programmers will use them to construct and manipulate persistent data. One possible approach gives programmers direct access to persistent memory using relocatable persistent pools that hold persistent objects which can be accessed using persistent pointers, called ObjectIDs. Prior work has shown that hardware-supported address translation for ObjectIDs provides significant performance improvement and simplifies programming, however these works did not consider the large overheads incurred to check permissions before accessing persistent objects. In this paper, we identify permission checking in hardware as a critical mechanism that must be included when translating ObjectIDs to addresses in order to simplify programming and fully benefit from hardware translation. To support it, we add a System Persistent Object Table (SPOT) to support translation and permissions checks on ObjectIDs. The SPOT holds all known pools, their physical address, and their permissions information in memory. When a program attempts to access a persistent object, the SPOT is consulted and permissions are verified without trapping to the operating system. We have implemented our new design in a cycle accurate simulator and compared it with software only approaches and prior work. We find that our design offers a compelling 2.9x speedup on average for microbenchmarks that access pools with the RANDOM pattern and 1.4x and 1.8x speedup on TPC-C and vacation, respectively, for the SEPARATE pattern. 

   more » « less
5. Heap Memory Snapshot Assisted Program Analysis for Android Permission Specification

   https://doi.org/10.1109/SANER48275.2020.9054795  

   Luo, Lannan ( February 2020 , IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER))