AppShield: Enabling multi-entity access control cross platforms for mobile app management

Zhengyang Qu*, Guanyu Guo, Zhengyue Shao, Vaibhav Rastogi, Yan Chen, Hao Chen, Wangjun Hong

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Bring-your-own-device (BYOD) is getting popular. Diverse personal devices are used to access enterprise resources, and deployment of the solutions with customized operating system (OS) dependency will thus be restricted. Moreover, device utilization for both business and personal purposes creates new threats involving leakage of sensitive data. As for functionalities, a BYOD solution should isolate an arbitrary number of entities, such as those relating to business and personal uses and provide fine-grained access control on multi-entity management. Existing BYOD solutions lack in these aspects; we propose a system, called App-Shield, which supports multi-entity management and role-based access control with file-level granularity, apart from local data sharing/isolation. AppShield includes (1) application rewriting framework for Android apps, which builds Mobile Application Management (MAM) features into app automatically with complete mediation, (2) cross-platform proxy-based data access mechanism, which can enforce arbitrary access control policies. The fully functional controller with data proxy is implemented for both Android and iOS. AppShield allows for enterprise policy management without modifying device OS. The evaluation shows that App-Shield is successful at policy enforcement and is reliable. It induces little impact on application’s performance and size, for example, our app rewriting introduces less than 5% code size increment in over 95% apps in our evaluation.

Original languageEnglish (US)
Title of host publicationSecurity and Privacy in Communication Networks -12th International Conference, SecureComm 2016, Proceedings
EditorsRobert Deng, Vinod Yegneswaran, Jian Weng, Kui Ren
PublisherSpringer Verlag
Pages3-23
Number of pages21
ISBN (Print)9783319596075
DOIs
StatePublished - Jan 1 2017
Event12th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2016 - Guangzhou, China
Duration: Oct 10 2016Oct 12 2016

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume198 LNICST
ISSN (Print)1867-8211

Other

Other12th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2016
CountryChina
CityGuangzhou
Period10/10/1610/12/16

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'AppShield: Enabling multi-entity access control cross platforms for mobile app management'. Together they form a unique fingerprint.

Cite this