University of Calgary
Mobile applications are a major force behind the explosive growth of mobile devices. While they greatly extend the functionality of mobile devices, they also raise security and privacy concerns, especially when they have not gone through a rigorous review process. To protect users from untrusted and potentially malicious applications, the authors design and implement a rewriting framework for embedding In-App Reference Monitors (I-ARM) into android applications. The framework user identifies a set of security-sensitive API methods and specifies their security policies, which may be tailored to each application.