Portal de Periódicos da CAPES

CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android

2012; Institute of Electrical and Electronics Engineers; Volume: 7; Issue: 5 Linguagem: Inglês

10.1109/tifs.2012.2204249

1556-6021

Mauro Conti, Bruno Crispo, Earlence Fernandes, Yury Zhauniarovich,

Access Control and Trust

Current smartphone systems allow the user to use only marginally contextual information to specify the behavior of the applications: this hinders the wide adoption of this technology to its full potential. In this paper, we fill this gap by proposing CRêPE, a fine-grained Context-Related Policy Enforcement System for Android. While the concept of context-related access control is not new, this is the first work that brings this concept into the smartphone environment. In particular, in our work, a context can be defined by: the status of variables sensed by physical (low level) sensors, like time and location; additional processing on these data via software (high level) sensors; or particular interactions with the users or third parties. CRêPE allows context-related policies to be set (even at runtime) by both the user and authorized third parties locally (via an application) or remotely (via SMS, MMS, Bluetooth, and QR-code). A thorough set of experiments shows that our full implementation of CRêPE has a negligible overhead in terms of energy consumption, time, and storage, making our system ready for a production environment.