Technische Universität Chemnitz
In this paper, the authors present the design and implementation of FlaskDroid, a policy-driven generic two-layer MAC framework on android-based platforms. They introduce their efficient policy language that is tailored for android's middleware semantics. They show the flexibility of their architecture by policy-driven instantiations of selected security models, including related work (Saint) and privacy-enhanced system components. They demonstrate the applicability of their design by prototyping it on android 4.0.4. Their evaluation shows that the clear API-oriented design of android benefits the effective and efficient implementation of a generic mandatory access control framework like FlaskDroid.