Role Based Access Control Models for Android
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Android had been one of the most widely used mobile operating systems in recent times, owing to its intuitive UI, wide range of applications in the app store - Google Play, and easy to use APIs that enabled developers to design immersive and entertaining apps. As with any popular and successful OS, Android had suffered from design issues as pointed by several works in the past; however, in each case, Google has adopted an on-the-spot fix policy to resolve such issues, and had kept the permission-based access control mechanism, largely intact. Administration of permissions in Android had been an issue since the original Android was released in 2007. This issue is the direct assignment of permissions to applications in Android. Despite recent changes to the system, from the install time permissions, to the runtime permissions, this issue had not been dealt with, from a holistic perspective. However, before we dealt with this issue, we had to obtain a comprehensive understanding of permissions in Android. We analyzed URI permissions in Android, used by applications to facilitate inter-application data sharing; and, system permissions that granted access to hardware and software resources, to the applications. Our analysis of Android's URI permissions, which consisted of API 10 through API 22, and system permissions, for API 29, yielded quite a few peculiarities, that we have documented in this work. Following this, a formal mathematical model, denoted by ACiA\Nalpha (Access Control in Android model), which consisted of system and URI permissions in Android was built, from the source code and available documentation. This model was tested using carefully designed test-apps, to verify its accuracy. Our meticulous analysis yielded several issues with the permission-based mechanism, some of which corroborated with the previous works. In a bid to improve this model, we explored the role-based access control model (RBAC) for Android.RBAC worked by letting the administrators assign object rights to roles, and then assigning these roles to the subjects; Android, however, assigned permissions directly to applications, which is why Google chose to severely limit the number of permissions that were under user control. This indicated that, RBAC in Android would be beneficial, not only to ease the administration of permissions by users, but also, to overcome some of the well documented fatigue encountered by users as a result of their interaction with the permission prompts. To implement RBAC and its administration in Android, several models were constructed, and the best one, from our perspective was chosen. This scenario consisted of assigning roles directly to the applications, thereby adhering to the principle of least privilege. To build the user assignment (UA) and permission assignment (PA) relations, required for implementing the model into Android, we used several role-mining algorithms. Post comparing the generated roles from these algorithms, the MinNoise RMP algorithm was chosen because the roles generated by this algorithm were the most suitable for Android. Further analysis of the roles generated from this algorithm, revealed, that the above-mentioned fatigue could be mitigated, apart from enabling an easier mechanism for application developers to request access to resources using roles; this substantiated the claims of RBAC's benefits in Android. A core RBAC mechanism was implemented in Android along with sessions. Within RBAC for Android, Applications would be granted roles upon user acceptance and could activate them when required, during their runtime. Furthermore, we designed three administrative models for RBAC in Android, that relied on the principle of administering RBAC with another RBAC mechanism. One of these models was chosen, based on simplicity, and was implemented in Android version - S. This implementation and its features are documented in this work.