Construcción semiautomática de políticas de seguridad SEAndroid para aplicaciones móviles
"When users install an application on an Android mobile phone, they accept or deny a set of permissions that are required by the application. This scheme has a problem for the protection of sensitive information, because users don't have the adequate training to take this type of decisions...
- Autores:
-
Mancipe Díaz, María Paula
- Tipo de recurso:
- Trabajo de grado de pregrado
- Fecha de publicación:
- 2017
- Institución:
- Universidad de los Andes
- Repositorio:
- Séneca: repositorio Uniandes
- Idioma:
- spa
- OAI Identifier:
- oai:repositorio.uniandes.edu.co:1992/61339
- Acceso en línea:
- http://hdl.handle.net/1992/61339
- Palabra clave:
- Aplicaciones móviles
- Rights
- openAccess
- License
- http://creativecommons.org/licenses/by-nc-nd/4.0/
| Summary: | "When users install an application on an Android mobile phone, they accept or deny a set of permissions that are required by the application. This scheme has a problem for the protection of sensitive information, because users don't have the adequate training to take this type of decisions. Security Enhanced Android or SEAndroid is the integration of SELinux on Android to improve the access control. However, the complexity of constructing a policy on SEAndroid and the lack of experience of developers have led to defining rules that grant more privileges than those strictly necessary for the application. This project aims to guide developers on the construction of security policies on SEAndroid, to maintain the integrity and confidentiality of an application information, through a criteria model that evaluates the permissions set required by an application. The criteria model is implemented by means of a semiautomatic tool that evaluates the permissions manifest of an application and generates a high-level security policy. This policy is a guide to define the SEAndroid policy".-- Tomado del Formato de Documento de Grado. |
|---|