Context Aware Dynamic Permission Model: A Retrospect of Privacy and Security in Android System

Android security has been a topic of concern lately in both academic and industrial research because of various occurrence of privacy leaks and security breach on these devices. The security model of Android operating system is based on a permission based mechanism which limits the access of any third-party application to critical resources of the mobile device. This mechanism has been broadly condemned for its coarse-grained control over system resources and inappropriate authorization of permissions by application developers, advertisers and end users. This paper inspects the emerging issues in permission based security mechanisms and proposes the concept of context aware dynamic permissions model (CAPM) for Android systems. The proposed model deals with the dynamic enforcement of permissions to a particular application according to the defined context without user's intervention. Our model assign profiles to different applications based on their functional groups and these profiles contain a set of permissions with some associated context. The context can be based upon system or sensor sources. This way, if the data is private or confidential, the permissions set ought to be stricter than usual. Our concept is unique as it associates context with permissions as opposed to the existing model of assigning permissions according to applications functionality. This concept can be proved helpful in protecting user's private data from being leaked simply by modifying the existing resource access mechanism.