Android Application Implementation Using Formal Method
Information security is becoming more and more importantnowadays. Companies, governments and militaries are con-necting themselves to the internet for various reasons suchas to provide certain services to public, to cooperate withpartners and to allow their staffs to work remotely and soon. However, when they connect to internet, they are alsoexposing a possible entrance for the adversaries to break intotheir internal networks and to access to their private data ifthere are vulnerabilities. It is also the same case when it comesto the individual person who connects oneself to the internetwith mobile devices. Personal data leak may cause troubles oreven financial lost [3], [4].As mobile devices are replacing traditional desktop as amain portal to internet, people rely on their mobile devicesto handle all sorts of daily activities such as online shopping,internet banking and subscribing to premium services, whichare almost impossible in the past on mobile devices. Onemight not even realize that its mobile device stores so much ofits personal information that the security of such informationon these mobile devices has become a critical and seriousproblem.Android operating system has become the most popularmobile operating system [5] , however, Android apps are notas secure as one might think it should be. The vulnerabilitiesmight come from flaws of protocol an Android applicationadopted [6], the misunderstandings when implementing proto-cols in the apps [7], not aware of the assumptions when usingcertain SDKs [8] and even from Android operating systemitself [9], [10].Many of the vulnerabilities are actually implementation spe-cific. Therefore, it’s imperative to study the security propertyof concrete implementation of Android apps to improve thesecurity level of them.In this dissertation, the author presents the preliminaryresults of his ongoing research project mainly in two scenarios:A formal analysis of Android apps that provide Single Sign-on (SSO) service and the initial analysis of information flowleak in Android appsThis section is about the formal analysis of SSO implemen-tation on Android. It first introduces background of SingleSign-on (SSO) protocol; then a typical SSO process; afterthat is the method used in analyzing SSO implementation onAndroid and finally the outcome of the analysis.A. SSO BackgroundWith the development of information technology, more andmore websites emerge and they have demands to record users’data. User needs to register at these websites before they canuse the services from them. However, the more accounts auser has, the more reluctant the user becomes to register newaccounts as this will increase the cost of managing differentaccounts across different websites. Therefore, the user maytend to use a same password for its different accounts. Never-theless, it will inevitably increase the risk that one passwordbeing compromised endangers its identities on other websites[11], [12]. The attacker can try to break user’s other accountswith brute-force attack. It even exacerbates this situation whenuser uses simple password.Single Sign-on is an authentication scheme which allowsa user to login to a third party application (service provider,SP) with the identity it registers in an identity provider (IdP).This protocol mainly involves three parties, namely, the user,the SP and the IdP. Although SSO protocol does not solve theproblem of using a same password across different websites,but it simplifies the account creation process or even skips ittotally, which eases the burden when a user uses a new website.It will also ease the cost of managing different accounts froma use’s perspective.As SSO becomes more and more popular, the securityof SSO is one of the concerns that recent researches focuson [6], [8], [13]. However, most prior studies only focuson SSO on desktop or web-based browser environment andfew of them have inspected the security of the concrete SSOimplementation in mobile platforms.Being a different platform other than the desktop or webbrowser, Android OS has its own attack surfaces and as-sumptions. Due to mobile device’s product orientation andthe physical limitation of a hand-held device, it is infeasibleor even impossible to deploy a real-time malware detectionsystem to protect Android from the attacks of virus or trojans[14]. Moreover, unlike the desktop browser, Android doesnot have important security mechanisms like the Same OriginPolicy (SOP) [1], [2] which is a standard on almost all modernbrowsers. This would let Android suffer from the vulnerabilitythat is not easy to exit in browser environment. Moreover, asmentioned above, there might be misunderstandings or hiddenassumptions regarding to the developer documentation of aprotocol which introduces more vulnerabilities to the concreteimplementation in Android apps. Therefore, it is important totake these factors into consideration and to inspect the concreteimplementation of SSO on Android OS in a systematic andrigorous manner.Formal analysis has been proved to be such an powerfulapproach which is systematic and partially automatic approachto analyze the design of a protocol or a system. Recentresearches adopting formal analysis have confirm its ability[9], [13], [15]. It can verify property CodeShoppy
Information security is becoming more and more importantnowadays. Companies, governments and militaries are con-necting themselves to the internet for various reasons suchas to provide certain services to public, to cooperate withpartners and to allow their staffs to work remotely and soon. However, when they connect to internet, they are alsoexposing a possible entrance for the adversaries to break intotheir internal networks and to access to their private data ifthere are vulnerabilities. It is also the same case when it comesto the individual person who connects oneself to the internetwith mobile devices. Personal data leak may cause troubles oreven financial lost [3], [4].As mobile devices are replacing traditional desktop as amain portal to internet, people rely on their mobile devicesto handle all sorts of daily activities such as online shopping,internet banking and subscribing to premium services, whichare almost impossible in the past on mobile devices. Onemight not even realize that its mobile device stores so much ofits personal information that the security of such informationon these mobile devices has become a critical and seriousproblem.Android operating system has become the most popularmobile operating system [5] , however, Android apps are notas secure as one might think it should be. The vulnerabilitiesmight come from flaws of protocol an Android applicationadopted [6], the misunderstandings when implementing proto-cols in the apps [7], not aware of the assumptions when usingcertain SDKs [8] and even from Android operating systemitself [9], [10].Many of the vulnerabilities are actually implementation spe-cific. Therefore, it’s imperative to study the security propertyof concrete implementation of Android apps to improve thesecurity level of them.In this dissertation, the author presents the preliminaryresults of his ongoing research project mainly in two scenarios:A formal analysis of Android apps that provide Single Sign-on (SSO) service and the initial analysis of information flowleak in Android appsThis section is about the formal analysis of SSO implemen-tation on Android. It first introduces background of SingleSign-on (SSO) protocol; then a typical SSO process; afterthat is the method used in analyzing SSO implementation onAndroid and finally the outcome of the analysis.A. SSO BackgroundWith the development of information technology, more andmore websites emerge and they have demands to record users’data. User needs to register at these websites before they canuse the services from them. However, the more accounts auser has, the more reluctant the user becomes to register newaccounts as this will increase the cost of managing differentaccounts across different websites. Therefore, the user maytend to use a same password for its different accounts. Never-theless, it will inevitably increase the risk that one passwordbeing compromised endangers its identities on other websites[11], [12]. The attacker can try to break user’s other accountswith brute-force attack. It even exacerbates this situation whenuser uses simple password.Single Sign-on is an authentication scheme which allowsa user to login to a third party application (service provider,SP) with the identity it registers in an identity provider (IdP).This protocol mainly involves three parties, namely, the user,the SP and the IdP. Although SSO protocol does not solve theproblem of using a same password across different websites,but it simplifies the account creation process or even skips ittotally, which eases the burden when a user uses a new website.It will also ease the cost of managing different accounts froma use’s perspective.As SSO becomes more and more popular, the securityof SSO is one of the concerns that recent researches focuson [6], [8], [13]. However, most prior studies only focuson SSO on desktop or web-based browser environment andfew of them have inspected the security of the concrete SSOimplementation in mobile platforms.Being a different platform other than the desktop or webbrowser, Android OS has its own attack surfaces and as-sumptions. Due to mobile device’s product orientation andthe physical limitation of a hand-held device, it is infeasibleor even impossible to deploy a real-time malware detectionsystem to protect Android from the attacks of virus or trojans[14]. Moreover, unlike the desktop browser, Android doesnot have important security mechanisms like the Same OriginPolicy (SOP) [1], [2] which is a standard on almost all modernbrowsers. This would let Android suffer from the vulnerabilitythat is not easy to exit in browser environment. Moreover, asmentioned above, there might be misunderstandings or hiddenassumptions regarding to the developer documentation of aprotocol which introduces more vulnerabilities to the concreteimplementation in Android apps. Therefore, it is important totake these factors into consideration and to inspect the concreteimplementation of SSO on Android OS in a systematic andrigorous manner.Formal analysis has been proved to be such an powerfulapproach which is systematic and partially automatic approachto analyze the design of a protocol or a system. Recentresearches adopting formal analysis have confirm its ability[9], [13], [15]. It can verify property CodeShoppy
One of the current state-of-the-art research on this problemis Droidsafe [22]. It claims to have developed a most full-fledged Android model so far to facilitate the information flowanalysis. Thus, it achieves the most precise and accurate resultcomparing to the former state-of-the-art framework FlowDroidon three sorts of benchmark: DroidBench and the other twosorts of benchmark developed by the same team of Droidsafe.However, one of the major drawbacks in this work isthat the information flow analysis is carried out in a flow-insensitive way. This, although covers all the possible eventorders and flows, decreases the precision of the analysis asnot all of the event orders are possible in Android operatingsystem. Therefore, one possible improvement to this work isto consider the possible event orders and to eliminate thoseflows that are impossible to occur. This contains two steps;first step is still using Droidsafe to detect all the informationflows between sources and sinks; then the second step is touse the possible event orders to eliminate the impossible flowsso that only the valid flows remain.Another drawback is Droidsafe still can not handle theimplicit flow.
https://codeshoppy.com/php-projects-titles-topics.html
No comments:
Post a Comment