porscha : policy oriented secure content handling in android
DESCRIPTION
Porscha : policy oriented secure content handling in android. Dhurakij Pundit University, University of Oregon, Pennsylvania State University ACSAC(2010 ). Machigar Ongtang , Kevin Butler, Patrick McDaniel. Agenda. Introduction Content on Smart Phone About Android Architecture - PowerPoint PPT PresentationTRANSCRIPT
PORSCHA : POLICY ORIENTED SECURE CONTENT HANDLING IN ANDROID
Machigar Ongtang, Kevin Butler, Patrick McDanielDhurakij Pundit University, University of Oregon, Pennsylvania State University ACSAC(2010)
Agenda Introduction Content on Smart Phone About Android Architecture Evaluation Discussion Conclusion
Android provide few direct protections for the content placed on the phone
DRM(Digital Right Management) Porscha:
content should only be accessible by explicitly authorized phones
content should only be accessed by provider endorsed applications
content should be subject to contextual constraints
Two phases of Porscha: in transit on platform
Introduction
Content on Smart Phone Personal and Business Documents Service-specific data
spy camera Mydroid
Financial Information
Content on Smart Phone DRM Policy Requirements
Binding content to the phone Binding content to endorsed applications Constraining continuing use of the content
About Android Four types of components Two groups of applications
Documents in transit & on-platform access
About Android On-platform access
Initial Document Recipients Documents at Rest Document Sharing
Architecture Constraints on Devices- binding to
specific devices identified by the users' International Mobile Subscriber Identity (IMSI) or WAP Identify Module (WIM).
Constraints on Applications- be restricted to applications with a given code fingerprint (hash of the application image)
Constraints on Use- support not only the regulation of simple accesses, but also differentiation of simple access from read, modify and delete rights
Architecture- in transit Identity-Based Encryption
(IBE):enables the senders to construct the public keys of the recipients from known identities, and contains a trusted Private Key Generator(PKG).
Encryption : inputting the message (data), public key string, and cryptosystem parameters
Decryption : inputting the ciphertext and private key to the decryption algorithm
Architecture- in transit sender(content source) : S receiver(phone) : R identity for participant s : Is public/private key of a : Ka
+/Ka-
content : m police for m : pm ------------------------------------------
Delivery of SMS/MMS:
Architecture- in transit Delivery of email: one-time 128-bit AES symmetric key : ke
Architecture- on platform Policy Enforcement on Initial
Recipients
Architecture- on platform Email traffic is opaque to Android Use the Apache Mime4j library to parse
the e-mail message streams in plain RFC-882 and MIME formats
Architecture- on platform Policy Enforcement on Documents
at Rest add an extra policy field to the structure of
each Content Provider record The Porscha mediator inserts the policy into
this field
Architecture- on platform Enforcement on Indirect Receivers
EVALUATION
Discussion Recipients Without Porscha
store all modifications such as decrypted emails and those with information removed, locally on the phone, and only reflect back to the IMAP server the original email
Application and Platform Trust Alternative Application Enforcement Infrastructures Digital Rights Management
Porscha is lightweight and designed with mobile solutions in mind; by contrast, many advanced DRM protocols are heavyweight and not transparent to applications.
Conclusion Porscha can protect SMS, MMS, Email
document. Porscha secures content delivery using
identity-based encryption and mediates on-platform content handling to ensure conformance with content policy
Thank you for listening