The Android Platform Security Model

René Mayrhofer; Jeffrey Vander Stoep; Chad Brubaker; Nick Kralevich

doi:10.1145/3448609

The Android Platform Security Model

ACM Transactions on Privacy and Security ◽

10.1145/3448609 ◽

2021 ◽

Vol 24 (3) ◽

pp. 1-35

Author(s):

René Mayrhofer ◽

Jeffrey Vander Stoep ◽

Chad Brubaker ◽

Nick Kralevich

Keyword(s):

System Architecture ◽

Control Mechanisms ◽

Android Security ◽

Security Model ◽

Abstract Model ◽

Security Measures ◽

End User ◽

Special Cases ◽

Mitigation Techniques ◽

Definition Of

Android is the most widely deployed end-user focused operating system. With its growing set of use cases encompassing communication, navigation, media consumption, entertainment, finance, health, and access to sensors, actuators, cameras, or microphones, its underlying security model needs to address a host of practical threats in a wide variety of scenarios while being useful to non-security experts. The model needs to strike a difficult balance between security, privacy, and usability for end users, assurances for app developers, and system performance under tight hardware constraints. While many of the underlying design principles have implicitly informed the overall system architecture, access control mechanisms, and mitigation techniques, the Android security model has previously not been formally published. This article aims to both document the abstract model and discuss its implications. Based on a definition of the threat model and Android ecosystem context in which it operates, we analyze how the different security measures in past and current Android implementations work together to mitigate these threats. There are some special cases in applying the security model, and we discuss such deliberate deviations from the abstract model.

Download Full-text

Security of Cyber-Physical Systems: A Generalized Algorithm for Intrusion Detection and Determining Security Robustness of Cyber Physical Systems using Logical Truth Tables

Vanderbilt Undergraduate Research Journal ◽

10.15695/vurj.v9i0.3765 ◽

2013 ◽

Vol 9 ◽

Cited By ~ 4

Author(s):

Curtis G. Northcutt

Keyword(s):

Intrusion Detection ◽

Cyber Security ◽

Logical Truth ◽

Cyber Physical Systems ◽

Security Model ◽

Security Measures ◽

Physical Systems ◽

Multiple Signal ◽

Security Attack ◽

Truth Tables

The recent proliferation of embedded cyber components in modern physical systems [1] has generated a variety of new security risks which threaten not only cyberspace, but our physical environment as well. Whereas earlier security threats resided primarily in cyberspace, the increasing marriage of digital technology with mechanical systems in cyber-physical systems (CPS), suggests the need for more advanced generalized CPS security measures. To address this problem, in this paper we consider the first step toward an improved security model: detecting the security attack. Using logical truth tables, we have developed a generalized algorithm for intrusion detection in CPS for systems which can be defined over discrete set of valued states. Additionally, a robustness algorithm is given which determines the level of security of a discrete-valued CPS against varying combinations of multiple signal alterations. These algorithms, when coupled with encryption keys which disallow multiple signal alteration, provide for a generalized security methodology for both cyber-security and cyber-physical systems.

Download Full-text

Hermite–Hadamard-type inequalities for the interval-valued approximately h-convex functions via generalized fractional integrals

Journal of Inequalities and Applications ◽

10.1186/s13660-020-02488-5 ◽

2020 ◽

Vol 2020 (1) ◽

Cited By ~ 1

Author(s):

Dafang Zhao ◽

Muhammad Aamir Ali ◽

Artion Kashuri ◽

Hüseyin Budak ◽

Mehmet Zeki Sarikaya

Keyword(s):

Convex Functions ◽

Fractional Integrals ◽

Special Cases ◽

Definition Of ◽

The Given ◽

Class Of Functions ◽

Interval Valued ◽

New Inequalities

Abstract In this paper, we present a new definition of interval-valued convex functions depending on the given function which is called “interval-valued approximately h-convex functions”. We establish some inequalities of Hermite–Hadamard type for a newly defined class of functions by using generalized fractional integrals. Our new inequalities are the extensions of previously obtained results like (D.F. Zhao et al. in J. Inequal. Appl. 2018(1):302, 2018 and H. Budak et al. in Proc. Am. Math. Soc., 2019). We also discussed some special cases from our main results.

Download Full-text

DCSS Protocol for Data Caching and Sharing Security in a 5G Network

Network ◽

10.3390/network1020006 ◽

2021 ◽

Vol 1 (2) ◽

pp. 75-94

Author(s):

Ed Kamya Kiyemba Edris ◽

Mahdi Aiash ◽

Jonathan Loo

Keyword(s):

Mobile Networks ◽

Service Providers ◽

Security Analysis ◽

Mobile Network ◽

End Users ◽

Third Party ◽

Control Mechanisms ◽

Security Measures ◽

Data Caching ◽

Pi Calculus

Fifth Generation mobile networks (5G) promise to make network services provided by various Service Providers (SP) such as Mobile Network Operators (MNOs) and third-party SPs accessible from anywhere by the end-users through their User Equipment (UE). These services will be pushed closer to the edge for quick, seamless, and secure access. After being granted access to a service, the end-user will be able to cache and share data with other users. However, security measures should be in place for SP not only to secure the provisioning and access of those services but also, should be able to restrict what the end-users can do with the accessed data in or out of coverage. This can be facilitated by federated service authorization and access control mechanisms that restrict the caching and sharing of data accessed by the UE in different security domains. In this paper, we propose a Data Caching and Sharing Security (DCSS) protocol that leverages federated authorization to provide secure caching and sharing of data from multiple SPs in multiple security domains. We formally verify the proposed DCSS protocol using ProVerif and applied pi-calculus. Furthermore, a comprehensive security analysis of the security properties of the proposed DCSS protocol is conducted.

Download Full-text

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

INTERNATIONAL JOURNAL OF NEXT-GENERATION COMPUTING ◽

10.47164/ijngc.v12i3.808 ◽

2021 ◽

Vol 12 (3) ◽

Author(s):

Nitin Vishnu Choudhari ◽

Dr. Ashish B Sasankar

Keyword(s):

Cloud Computing ◽

Service Delivery ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

End Users ◽

Security Architecture ◽

Security Measures ◽

End User ◽

Cloud Service Providers

Abstract –Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level. Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

Download Full-text

Final coalgebras as greatest fixed points in ZF set theory

Mathematical Structures in Computer Science ◽

10.1017/s0960129599002790 ◽

1999 ◽

Vol 9 (5) ◽

pp. 545-567 ◽

Cited By ~ 3

Author(s):

LAWRENCE C. PAULSON

Keyword(s):

Fixed Points ◽

Set Theory ◽

Theorem Prover ◽

Infinite Length ◽

Special Cases ◽

Definition Of ◽

Recursive Definitions ◽

Ordered Pairs

A special final coalgebra theorem, in the style of Aczel (1988), is proved within standard Zermelo–Fraenkel set theory. Aczel's Anti-Foundation Axiom is replaced by a variant definition of function that admits non-well-founded constructions. Variant ordered pairs and tuples, of possibly infinite length, are special cases of variant functions. Analogues of Aczel's solution and substitution lemmas are proved in the style of Rutten and Turi (1993). The approach is less general than Aczel's, but the treatment of non-well-founded objects is simple and concrete. The final coalgebra of a functor is its greatest fixedpoint.Compared with previous work (Paulson, 1995a), iterated substitutions and solutions are considered, as well as final coalgebras defined with respect to parameters. The disjoint sum construction is replaced by a smoother treatment of urelements that simplifies many of the derivations.The theory facilitates machine implementation of recursive definitions by letting both inductive and coinductive definitions be represented as fixed points. It has already been applied to the theorem prover Isabelle (Paulson, 1994).

Download Full-text

On the Dynamic Isotropy of Mechanisms With Two Degrees of Freedom

Volume 6: 5th International Conference on Multibody Systems, Nonlinear Dynamics, and Control, Parts A, B, and C ◽

10.1115/detc2005-85023 ◽

2005 ◽

Author(s):

Raffaele Di Gregorio ◽

Alessandro Cammarata ◽

Rosario Sinatra

Keyword(s):

Finite Number ◽

Degrees Of Freedom ◽

Point Of View ◽

Closed Curves ◽

Special Cases ◽

Dynamic Performances ◽

Definition Of ◽

Geometric Locus

The comparison of mechanisms with different topology or with different geometry, but with the same topology, is a necessary operation during the design of a machine sized for a given task. Therefore, tools that evaluate the dynamic performances of a mechanism are welcomed. This paper deals with the dynamic isotropy of 2-dof mechanisms starting from the definition introduced in a previous paper. In particular, starting from the condition that identifies the dynamically isotropic configurations, it shows that, provided some special cases are not considered, 2-dof mechanisms have at most a finite number of isotropic configurations. Moreover, it shows that, provided the dynamically isotropic configurations are excluded, the geometric locus of the configuration space that collects the points associated to configurations with the same dynamic isotropy is constituted by closed curves. This results will allow the classification of 2-dof mechanisms from the dynamic-isotropy point of view, and the definition of some methodologies for the characterization of the dynamic isotropy of these mechanisms. Finally, examples of applications of the obtained results will be given.

Download Full-text

Generalized Knaster-Kuratowski-Mazurkiewicz type theorems and applications to minimax inequalities

Science and Technology Development Journal ◽

10.32508/stdj.v20ik2.459 ◽

2017 ◽

Vol 20 (K2) ◽

pp. 131-140

Author(s):

Linh Manh Ha

Keyword(s):

Variational Inequalities ◽

Equilibrium Problems ◽

Applied Mathematics ◽

Sufficient Conditions ◽

Topological Spaces ◽

Minimax Theorems ◽

Minimax Inequalities ◽

Special Cases ◽

Kkm Mappings ◽

Definition Of

Knaster-Kuratowski-Mazurkiewicz type theorems play an important role in nonlinear analysis, optimization, and applied mathematics. Since the first well-known result, many international efforts have been made to develop sufficient conditions for the existence of points intersection (and their applications) in increasingly general settings: Gconvex spaces [21, 23], L-convex spaces [12], and FCspaces [8, 9]. Applications of Knaster-Kuratowski-Mazurkiewicz type theorems, especially in existence studies for variational inequalities, equilibrium problems and more general settings have been obtained by many authors, see e.g. recent papers [1, 2, 3, 8, 18, 24, 26] and the references therein. In this paper we propose a definition of generalized KnasterKuratowski-Mazurkiewicz mappings to encompass R-KKM mappings [5], L-KKM mappings [11], T-KKM mappings [18, 19], and many recent existing mappings. Knaster-KuratowskiMazurkiewicz type theorems are established in general topological spaces to generalize known results. As applications, we develop in detail general types of minimax theorems. Our results are shown to improve or include as special cases several recent ones in the literature.

Download Full-text

Uma proposta de reestruturação dos canais de distribuição como vantagem competitiva no varejo de alimentos

Revista de Administração da UFSM ◽

10.5902/198346592504 ◽

2011 ◽

Vol 3 (3) ◽

pp. 361-374

Author(s):

Marcos Livato ◽

Gideon Carvalho de Benedicto

Keyword(s):

Supply Chain ◽

Observational Study ◽

Competitive Advantage ◽

Sao Paulo ◽

The State ◽

End User ◽

Efficient Management ◽

Operational Costs ◽

Additional Costs ◽

Definition Of

The new "molds" of competitiveness have suggested that the attentions should be focused on an efficient management of the supply chain in the supermarket departments, starting from the producer until the end user of the products, reducing the operational costs. It's known that the elimination of some of these stages of intermediation of the ways of distribution can represent to the small and mediums retailers an important competitive advantage, with the elimination of the additional costs charged by the intermediaries. The objective of this work is to propose a model of restructuring of the ways of distribution in the brazilian retail of food through of the strategy, inducing the elimination of the intermediaries. The search of the bibliography was used like basement to the definition of the methodology of this search, that was realized through of an observational study realized with nineteen Central Business Supermarket s in the state of São Paulo. To do the collection of the datas was prepared a questionary with specific questions. After the collection of the datas and tab, were used techniques quantitive of analysis of datas through of SAS system. The study intends to discuss the proposal of the cooperation's networks like a strategic alternative, with the possibility of elimination of some phases of intermediation of the distribuition's ways.

Download Full-text

Kennzeichnung, Erfassung und Steuerung von Risikokultur

10.5771/9783748924197 ◽

2021 ◽

Author(s):

Franziska Grieser

Keyword(s):

Middle Management ◽

Control Mechanisms ◽

Structured Interviews ◽

Ownership Structures ◽

Risk Culture ◽

Definition Of ◽

Constituent Elements ◽

Corporate Risk ◽

Targeted Approach

Events such as the financial crisis in 2008/09 and the Volkswagen scandal about diesel engines in 2015 show that the existence of a risk management system does not sufficiently protect companies from risks. An inadequate corporate risk culture is often used to explain the causes of such crises. The aim of this study is to create access to a more targeted approach to risk culture. This is achieved through a methodical combination of conceptual developments and semi-structured interviews with companies from different industries and ownership structures. To start with, the author develops a definition of risk culture, identifies its constituent elements and derives a risk culture framework from these elements. In doing so, she identifies both ways of assessing risk culture and risk culture control mechanisms. Among other things, her findings point to the central role of top and middle management in this regard and reveal a variety of risk culture control mechanisms.

Download Full-text

Declarative User-Defined Feature Classes

Volume 6: 18th Computers in Engineering Conference ◽

10.1115/detc98/cie-5705 ◽

1998 ◽

Author(s):

Rafael Bidarra ◽

Abdelfettah Idri ◽

Alex Noort ◽

Willem F. Bronsvoort

Keyword(s):

Graphical User Interface ◽

Expressive Power ◽

Application Area ◽

End User ◽

Process Validation ◽

Mechanical Parts ◽

Cad System ◽

Class Definition ◽

Definition Of ◽

Unified Description

Abstract Designing mechanical parts using a feature vocabulary is a very effective and rich paradigm. Its expressive power, however, is severely limited if the set of feature types available in a feature library is fixed. It is, therefore, desirable to be able to extend and configure a feature library according to particular requirements, either of an end-user of a CAD system or of an application area. These requirements are not limited to topologic and parametric aspects of a generic feature definition, but include also validity conditions to be verified for each feature instance in a model. This paper proposes a new declarative scheme for the definition of feature classes. This scheme provides a unified description of the shape and validity issues of a feature class, as well as a flexible configuration of the feature class interface. In the definition process, the various constraint classes available play a central role, whereas an inheritance mechanism structures the feature library hierarchy. At the end of the process, validation of the class is performed, in order to avoid over- and underconstrained specifications. A graphical user interface supports the whole feature class definition process. Once defined, a feature class is automatically made available for use in a feature library of the modeling system.

Download Full-text