Administrative Models for Role Based Access Control in Android

Samir Talegaon⁺ and Ram Krishnan
 

The University of Texas at San Antonio, San Antonio, Texas 78249 USA
{samir.talegaon, ram.krishnan}@utsa.edu

Abstract

Prior works propose new models for role based access control (RBAC) in Android; this paper adds on to that body of research. Despite RBAC’s inherent administrative ease, managing roles for Android applications is tedious for the device user, owing to their lack of knowledge in access control. To realize the full potential of RBAC and to equip the user with ability to effectively manage Android permissions, we introduce three new models for administration of RBAC in Android. These models are based on an in-depth analysis of applications in Android and support the principle of least privilege to reduce unwanted permission exposure.

Keywords: Role based access control, Android, access control, administration

+: Corresponding author: Samir Talegaon
Electrical and Computer Engineering Department, The University of Texas at San Antonio, One UTSA Circle,
San Antonio, Texas, 78249, USA, Tel: +1-210-660-8859

Journal of Internet Services and Information Security (JISIS), 10(3): 31-46, August 2020

DOI: 10.22667/JISIS.2020.08.31.031 [pdf]