SlideShare una empresa de Scribd logo

I018145157

IOSR Journals
IOSR Journals

Volume 18, Issue 1, Ver. IV (Jan – Feb. 2016)

Tecnología
1 de 7
Descargar para leer sin conexión
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 1, Ver. IV (Jan – Feb. 2016), PP 51-57 www.iosrjournals.org DOI: 10.9790/0661-18145157 www.iosrjournals.org 51 | Page Development of Security Based Reserved Agreement Blocker for Smartphone Ms. Shirin Ayisha Maryam. M1 , S. Arogya Swarna2 1 Assistant Professor/CSE S. Veerasamy Chettiar College of Engineering Puliangudi 2 Assosciate Professor and HoD/PG CSE S. Veerasamy Chettiar College of Engineering Puliangudi Abstract: Smart phones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. In Existing system, the location-based policy systems (LPS) are not accurate enough to differentiate between nearby locations without extra hardware or location devices. In most cases, such systems assume the context as given without providing or evaluating context detection methods of mobile devices. In order to overcome this issue, context-based access control (CBAC) mechanismhave been proposed. By means of CBAC, many privileges can be dynamically granted or revoked to applications based on the specific context of the user. The CBAC framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. It provides protection against device misuse using a dynamic device lock and protection against sensory malware. We have performed several experiments to assess the efficiency of our access control mechanism and the accuracy of context detections. Keywords: CBAC-Context Based Access Control, LPS-Location based policy system I. Introduction Android mobile devices are becoming a popular alternative to computers [4]. Our daily lives become more and more dependent upon smartphones due to their increased capabilities [5]. Smart phones are used in various ways from payment systems to assisting the lives of elderly or disabled people[3]. Security threats for these devices become increasingly dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level. Therefore, third-party developers have the opportunity to develop kernel-based low-level security tools which is not normal for smartphone platforms [4]. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open “Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs The rise in the number of tasks performed on smartphones means sensitive information is stored on the devices. II. Related Works Yury Zhauniarovich,Giovanni Russello,Bruno Crispo, Earlence Fernandes[2014] “MOSES: Supporting and Enforcing Security Profiles on Smartphones” IEEE transactions on dependable and secure computing, vol. 11, no. 3,pp 211 - 223 Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. [2] Jaeyeon Jung Seungyeop, David[2012]“Enhancing Mobile Application Permissions with Runtime Feedback and Constraints” Published by ACM Article , pp 45-50 They report on a field study that uses a combination of OS measurements and qualitative interviews to highlight gaps between user expectations with respect to privacy and the result of using the existing permissions architecture to install mobile apps. Most of our participants expected advertising and analytics behavior, yet they were often surprised by applications’ data collection in the background and the level of data sharing with third parties that actually occurred. Given participant feedback, we propose platform support to reduce this “expectation gap” with transparency of data usage and constrained permissions.
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 52 | Page [3] ShaikhSarim Asib1 and Prof. Anuja K. Pande[2014] “Study on Enhancing User Privacy on Android Mobile Device via Permission Removal” VOLUME-2, SPECIAL ISSUE-1,pp 276-279 Android mobile devices are becoming a popular alternative to computers. The rise in the number of tasks performed on mobile devices means sensitive information is stored on the devices. Consequently, Android devices are a potential vector for criminal exploitation. Existing research on enhancing user privacy on Android devices can generally be classified as Android modifications. These solutions often require operating system modifications, which significantly reduce their potential. This paper proposes the use of permissions removal, wherein a reverse engineering process is used to remove an app’s permission to a resource. The repackaged app will run on all devices the original app supported. These findings that are based on a study of seven popular social networking apps for Android mobile devices indicate that the difficulty of permissions removal may vary between types of permissions and how well-integrated a permission is within an app. III. Existing system Existing System work has focused on developing policy systems that do not restrict privileges per application and are only effective system-wide. Also, existing policy systems do not cover all the possible ways in which applications can access user data and device resources. Finally, existing location-based policy systems (LPS) are not accurate enough to differentiate between nearby locations withoutextra hardware or location devices. In most cases, such systems assume the context as given without providing or evaluating context detection methods of mobile devices. User-specified policies have the potential to correctly reflect the user's true security and privacy preferences, but the amount of work required to set up and maintain a comprehensive set of context-dependent policies is high .A study concerning location sharing policies showed that the initial accuracy of location disclosure rules specified by users was only 59% and improved to 65% after users modified the rules based on a review of concrete enforcement decisions resulting from these rules. Disadvantages Of Existing System  Not sufficient to capture the highly dynamic and highly personal nature of a user's context.  Need External devices to locate devices.  User need to share their privacy.  Threat arises when a device application acts maliciously and uses device resources to spy on the user or leak the user’s personal data without the user’s consent. Proposed Research A context-based access control (CBAC) mechanism has been proposed for Android systems that allow smartphone users to set configuration policies over their applications’ usage of device resources and services at different contexts. We present a context model used to extract context features reflecting the familiarity of contexts and the persons in the context. The context features are input for the Classifier and used for classifying contexts as having high or low privacy exposure and/or risk of time management. Here we use a scheduled protection for smartphone. The access permission of application is control by means of time. The access permission can denied or enabled by time. The contexts are not predefined in this project. Contexts are user defined in context based scheduled lock Advantages’ Of Proposed System  Time Based Access control provided us the environmental profits.  No need to share the user details.  Applications should not be able to fake the location or time of the device.  Can develop securer and more acceptable applications for end users.
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 53 | Page Fig 4.1 system architecture Data Flow Diagram Dfd Level 0 Fig 5.1 DFD level 0 A. Dfd Level 1 Fig 5.2 DFD level 1
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 54 | Page Fig 5.3 class diagram Experimental Environment And Output The Proposed CBAC Mechanism is implemented in JAVA 1.7.The experiment is initially tested in the andriod 4.2.2 Operating system on mobile.It can develop the securer and more acceptable applications for end user Fig 6.1.eclipse sdk Fig 6.2 Running project as android application
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 55 | Page Fig 6.3 Android emulator in eclipse Fig 6.4Running of application Fig 6.5 App displayer
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 56 | Page Fig 6.6.Time setter Fig 6.7. Apps permission denier Cbac Evaluation In this section, we report on the thorough experiments we ran to evaluate the performance of CBAC. For all the experiments, we used a Google Nexus S phone Energy Overhead To measure the energy overhead produced by CBAC, we performed the following tests. We charged the battery of our device to the 100 percent. Then, every 10 minutes we run four system applications (sequentially) via a monkey runner [7] Script: Calculator, Browser, Contacts and Email. For each of them the script performed common operations representative for the applications (multiplication of numbers in case of Calculator, browsing several webpages in case of Browser, calling a number and creating an account in case of Contacts, and composing and sending a email in case of Email application). Each experiment lasted for a total of 120 minutes. We executed this experiment for three types of systems: Stock Android, CBAC without SP changes, and CBAC with SP changes (the system switched between two profiles every 20 minutes). During each experiment, every 10 seconds, our service measured the level of the battery and wrote this value into a log file. For each of the three considered systems, we executed the test 10 times and averaged the obtained values. The results of this experiment are reported in Fig. 6.7. We note that the curves for the three considered systems behave similarly. This shows that the fact that CBAC is just running, or even switching between context does not incur a noticeable energy overhead.
Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 57 | Page Fig7.1 Comparative analysis of Energy Overhead between LPC and CBAC System During each experiment, every 10 seconds, our service measured the level of the battery and wrote this value into a log file. For each of the three considered systems, we executed the test 10 times and averaged the obtained values. The results of this experiment are reported in Fig. 7.1. We note that the curves for the three considered systems behave similarly. This shows that the fact that CBAC is just running, or even switching between contexts does not incur a noticeable energy overhead IV. Conclusion From these results, it can be determined that it is indeed possible to remove permission requests from apps via reverse engineering and result in a usable and privacy friendly app. Removing the READ_PHONE_STATE permission from Face book and LinkedIn had a similar result to removing location access from them. With Tango Text, which required this permission in order to identify the phone, the app would instead display an error message. This means that successful removal of this permission would depend on the app in question. Future Work All the research undertaken in this paper on permissions removal was manually completed; therefore future research recommendations include automating this process. By using heuristic methods, it may be possible to locate sections within the source code where permissions resources are used automatically. The decompilation, modification and recompilation process could then be completely autonomous. This leads onto a further future work or research that could be undertaken where this automated system would be implemented onto an Android device. This would result in a self-functioning system that could enhance the privacy of apps on the device. References [1]. MOSES: Supporting and Enforcing Security Profiles on Smartphones(2014)Yury Zhauniarovich, Giovanni Russello Mauro Conti, Member, IEEE,Bruno Crisp and Earlence Fernandes. ieee transactions on dependable and secure computing, vol. 11, no. 3, may- june 2014 [2]. M. Oleaga, 2013, "OS vs. Android Market Share 2013: Google Mobile Platform Dominating Apple Worldwide in March Figures", http://www. latinospost.com/articles/15039/20130322/ios-vs-android-market-share-2013-google- mobile-platform-dominating.htm, accessed 25 March 2013. [3]. O.Hou, 2012, "A Look at Google Bouncer", http://blog. trendmicro.com/trendlabs-security-intelligence/a-look-at-google-bouncer/, accessed 14 April 2013 [4]. FY. Rashid, 2012, "Researchers upload dangerous app to Google Play store", http://www.scmagazine.com.au/News/310192,blackhat-researchers- upload-dangerous-app-to-google-play-store.aspx, accessed 14 April 2013 [5]. Y. Zhou, X. Zhang, X. Jiang & V. Freeh, "Taming information-stealing smartphone applications (on Android)", TRUST 2011, pp. 93-107. [6]. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev & C. Glezer, "Google Android: A Comprehensive Security Assessment", IEEE Security & Privacy Magazine, Vol. 8, no. 2, 2012, pp. 35-44. [7]. Monkey runner, http://developer.android.com/tools/help/ monkeyrunner_concepts.html, 2014 60 65 71 20 40 60 90 96 100 0 20 40 60 80 100 120 0 50 100 Battery% Time(m) Battery leve CBAC Battery level

Recomendados

Attribute-based Permission Model for Android Smartphones
Attribute-based Permission Model for Android SmartphonesAttribute-based Permission Model for Android Smartphones
Attribute-based Permission Model for Android SmartphonesIJCSIS Research Publications
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsSteph Cliche
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
IJET-V3I1P9
IJET-V3I1P9IJET-V3I1P9
IJET-V3I1P9IJET - International Journal of Engineering and Techniques
 
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...IJCSIS Research Publications
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesIRJET Journal
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 

Recomendados

Attribute-based Permission Model for Android Smartphones
Attribute-based Permission Model for Android SmartphonesAttribute-based Permission Model for Android Smartphones
Attribute-based Permission Model for Android SmartphonesIJCSIS Research Publications
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsSteph Cliche
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesLeMeniz Infotech
 
IJET-V3I1P9
IJET-V3I1P9IJET-V3I1P9
IJET-V3I1P9IJET - International Journal of Engineering and Techniques
 
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...
F-LOCKER: An Android Face Recognition Applocker Using Local Binary Pattern Hi...IJCSIS Research Publications
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
Android Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesAndroid Security: A Survey of Security Issues and Defenses
Android Security: A Survey of Security Issues and DefensesIRJET Journal
 
Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
Study reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutesStudy reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutesWaqas Amir
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security SurveyBee_Ware
 
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...ijtsrd
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionCSCJournals
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesshanofa sanu
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesAbhishek BV
 
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
 
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...IRJET Journal
 
Survey mobile app
Survey mobile appSurvey mobile app
Survey mobile appeSAT Journals
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 
e-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st articlee-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st articleAizharkyn Burkanova
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
Cloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor AuthenticationCloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor AuthenticationIRJET Journal
 
Android security
Android securityAndroid security
Android securityDr Amira Bibo
 
IRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost MobileIRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost MobileIRJET Journal
 
Ijmet 10 01_095
Ijmet 10 01_095Ijmet 10 01_095
Ijmet 10 01_095IAEME Publication
 
Detect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructureDetect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructureeSAT Publishing House
 
Spe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesSpe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesLeMeniz Infotech
 
Behavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning TechniquesBehavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning Techniquesgerogepatton
 
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for SmartphonesComparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
 

Más contenido relacionado

La actualidad más candente

Study reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutesStudy reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutesWaqas Amir
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security SurveyBee_Ware
 
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...ijtsrd
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionCSCJournals
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelCSCJournals
 
Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesshanofa sanu
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesAbhishek BV
 
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
 
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...IRJET Journal
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devicesIOSR Journals
 
e-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st articlee-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st articleAizharkyn Burkanova
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
Cloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor AuthenticationCloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor AuthenticationIRJET Journal
 
IRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost MobileIRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost MobileIRJET Journal
 
Detect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructureDetect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructureeSAT Publishing House
 

La actualidad más candente (19)

Study reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutesStudy reveals we are being tracked by our smartphones --- every 3 minutes
Study reveals we are being tracked by our smartphones --- every 3 minutes
 
2013 Mobile Application Security Survey
2013 Mobile Application Security Survey2013 Mobile Application Security Survey
2013 Mobile Application Security Survey
 
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
Security and Privacy Enhancement Framework for Mobile Devices using Active Au...
 
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice InteractionA Smart Receptionist Implementing Facial Recognition and Voice Interaction
A Smart Receptionist Implementing Facial Recognition and Voice Interaction
 
A Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment ModelA Bring Your Own Device Risk Assessment Model
A Bring Your Own Device Risk Assessment Model
 
Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...Software reusabilitydevelopment through NFL approach For identifying security...
Software reusabilitydevelopment through NFL approach For identifying security...
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devices
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
 
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSIS
 
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
IRJET- A Review on Several Vulnerabilities Detection Techniques in Androi...
 
Survey mobile app
Survey mobile appSurvey mobile app
Survey mobile app
 
Android open-source operating System for mobile devices
Android open-source operating System for mobile devicesAndroid open-source operating System for mobile devices
Android open-source operating System for mobile devices
 
e-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st articlee-AGE 2014 Proceedings_1st article
e-AGE 2014 Proceedings_1st article
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
Cloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor AuthenticationCloud Service Security using Two-factor or Multi factor Authentication
Cloud Service Security using Two-factor or Multi factor Authentication
 
Android security
Android securityAndroid security
Android security
 
IRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost MobileIRJET- Sniffer for Tracking Lost Mobile
IRJET- Sniffer for Tracking Lost Mobile
 
Ijmet 10 01_095
Ijmet 10 01_095Ijmet 10 01_095
Ijmet 10 01_095
 
Detect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructureDetect and immune mobile cloud infrastructure
Detect and immune mobile cloud infrastructure
 

Similar a I018145157

Spe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesSpe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesLeMeniz Infotech
 
Behavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning TechniquesBehavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning Techniquesgerogepatton
 
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for SmartphonesComparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
 
Effective risk communication for android apps
Effective risk communication for android appsEffective risk communication for android apps
Effective risk communication for android appsJPINFOTECH JAYAPRAKASH
 
DasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperDasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperMichael Murphy
 
Mitigating Privilege-Escalation Attacks on Android Report
Mitigating Privilege-Escalation Attacks on Android ReportMitigating Privilege-Escalation Attacks on Android Report
Mitigating Privilege-Escalation Attacks on Android ReportVinoth Kanna
 
Android Application For Decentralized Family Locator
Android Application For Decentralized Family LocatorAndroid Application For Decentralized Family Locator
Android Application For Decentralized Family LocatorIRJET Journal
 
Permission based malware detection by using k means algorithm in Android OS
Permission based malware detection by using k means algorithm in Android OSPermission based malware detection by using k means algorithm in Android OS
Permission based malware detection by using k means algorithm in Android OSBRNSSPublicationHubI
 
CNS_2016_Poster_Ming.pdf
CNS_2016_Poster_Ming.pdfCNS_2016_Poster_Ming.pdf
CNS_2016_Poster_Ming.pdfBorisIvanov42
 
JPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile DevicesJPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile Deviceschennaijp
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesJPINFOTECH JAYAPRAKASH
 
Technology overview of_mobil_247134-1
Technology overview of_mobil_247134-1Technology overview of_mobil_247134-1
Technology overview of_mobil_247134-1lverb
 
IRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET Journal
 
IRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET Journal
 
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...IRJET Journal
 
Android_Nougats_security_issues_and_solutions.pdf
Android_Nougats_security_issues_and_solutions.pdfAndroid_Nougats_security_issues_and_solutions.pdf
Android_Nougats_security_issues_and_solutions.pdfTalha Naqash
 
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...IRJET Journal
 

Similar a I018145157 (20)

Spe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesSpe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devices
 
Behavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning TechniquesBehavior-Based Security for Mobile Devices Using Machine Learning Techniques
Behavior-Based Security for Mobile Devices Using Machine Learning Techniques
 
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for SmartphonesComparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphones
 
A017360104
A017360104A017360104
A017360104
 
Effective risk communication for android apps
Effective risk communication for android appsEffective risk communication for android apps
Effective risk communication for android apps
 
DasGreenPerezMurphy_Paper
DasGreenPerezMurphy_PaperDasGreenPerezMurphy_Paper
DasGreenPerezMurphy_Paper
 
Mitigating Privilege-Escalation Attacks on Android Report
Mitigating Privilege-Escalation Attacks on Android ReportMitigating Privilege-Escalation Attacks on Android Report
Mitigating Privilege-Escalation Attacks on Android Report
 
Android Application For Decentralized Family Locator
Android Application For Decentralized Family LocatorAndroid Application For Decentralized Family Locator
Android Application For Decentralized Family Locator
 
Permission based malware detection by using k means algorithm in Android OS
Permission based malware detection by using k means algorithm in Android OSPermission based malware detection by using k means algorithm in Android OS
Permission based malware detection by using k means algorithm in Android OS
 
CNS_2016_Poster_Ming.pdf
CNS_2016_Poster_Ming.pdfCNS_2016_Poster_Ming.pdf
CNS_2016_Poster_Ming.pdf
 
OS-Project-Report-Team-8
OS-Project-Report-Team-8OS-Project-Report-Team-8
OS-Project-Report-Team-8
 
JPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile DevicesJPA1404 Context-based Access Control Systems for Mobile Devices
JPA1404 Context-based Access Control Systems for Mobile Devices
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devices
 
Technology overview of_mobil_247134-1
Technology overview of_mobil_247134-1Technology overview of_mobil_247134-1
Technology overview of_mobil_247134-1
 
Android security
Android securityAndroid security
Android security
 
IRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET- Root Security Firewall
IRJET- Root Security Firewall
 
IRJET- Root Security Firewall
IRJET- Root Security FirewallIRJET- Root Security Firewall
IRJET- Root Security Firewall
 
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...
IRJET- App Misbehaviour Check: Development of Virus Modeling, Propagation...
 
Android_Nougats_security_issues_and_solutions.pdf
Android_Nougats_security_issues_and_solutions.pdfAndroid_Nougats_security_issues_and_solutions.pdf
Android_Nougats_security_issues_and_solutions.pdf
 
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...
 

Más de IOSR Journals

Más de IOSR Journals (20)

A011140104
A011140104A011140104
A011140104
 
M0111397100
M0111397100M0111397100
M0111397100
 
L011138596
L011138596L011138596
L011138596
 
K011138084
K011138084K011138084
K011138084
 
J011137479
J011137479J011137479
J011137479
 
I011136673
I011136673I011136673
I011136673
 
G011134454
G011134454G011134454
G011134454
 
H011135565
H011135565H011135565
H011135565
 
F011134043
F011134043F011134043
F011134043
 
E011133639
E011133639E011133639
E011133639
 
D011132635
D011132635D011132635
D011132635
 
C011131925
C011131925C011131925
C011131925
 
B011130918
B011130918B011130918
B011130918
 
A011130108
A011130108A011130108
A011130108
 
I011125160
I011125160I011125160
I011125160
 
H011124050
H011124050H011124050
H011124050
 
G011123539
G011123539G011123539
G011123539
 
F011123134
F011123134F011123134
F011123134
 
E011122530
E011122530E011122530
E011122530
 
D011121524
D011121524D011121524
D011121524
 

Último

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Último (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

I018145157

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 1, Ver. IV (Jan – Feb. 2016), PP 51-57 www.iosrjournals.org DOI: 10.9790/0661-18145157 www.iosrjournals.org 51 | Page Development of Security Based Reserved Agreement Blocker for Smartphone Ms. Shirin Ayisha Maryam. M1 , S. Arogya Swarna2 1 Assistant Professor/CSE S. Veerasamy Chettiar College of Engineering Puliangudi 2 Assosciate Professor and HoD/PG CSE S. Veerasamy Chettiar College of Engineering Puliangudi Abstract: Smart phones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. In Existing system, the location-based policy systems (LPS) are not accurate enough to differentiate between nearby locations without extra hardware or location devices. In most cases, such systems assume the context as given without providing or evaluating context detection methods of mobile devices. In order to overcome this issue, context-based access control (CBAC) mechanismhave been proposed. By means of CBAC, many privileges can be dynamically granted or revoked to applications based on the specific context of the user. The CBAC framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. It provides protection against device misuse using a dynamic device lock and protection against sensory malware. We have performed several experiments to assess the efficiency of our access control mechanism and the accuracy of context detections. Keywords: CBAC-Context Based Access Control, LPS-Location based policy system I. Introduction Android mobile devices are becoming a popular alternative to computers [4]. Our daily lives become more and more dependent upon smartphones due to their increased capabilities [5]. Smart phones are used in various ways from payment systems to assisting the lives of elderly or disabled people[3]. Security threats for these devices become increasingly dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level. Therefore, third-party developers have the opportunity to develop kernel-based low-level security tools which is not normal for smartphone platforms [4]. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open “Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs The rise in the number of tasks performed on smartphones means sensitive information is stored on the devices. II. Related Works Yury Zhauniarovich,Giovanni Russello,Bruno Crispo, Earlence Fernandes[2014] “MOSES: Supporting and Enforcing Security Profiles on Smartphones” IEEE transactions on dependable and secure computing, vol. 11, no. 3,pp 211 - 223 Smartphones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and be always updated while on the move. Companies are willing to support employee-owned smartphones because of the increase in productivity of their employees. However, security concerns about data sharing, leakage and loss have hindered the adoption of smartphones for corporate use. In this paper we present MOSES, a policy-based framework for enforcing software isolation of applications and data on the Android platform. In MOSES, it is possible to define distinct Security Profiles within a single smartphone. Each security profile is associated with a set of policies that control the access to applications and data. [2] Jaeyeon Jung Seungyeop, David[2012]“Enhancing Mobile Application Permissions with Runtime Feedback and Constraints” Published by ACM Article , pp 45-50 They report on a field study that uses a combination of OS measurements and qualitative interviews to highlight gaps between user expectations with respect to privacy and the result of using the existing permissions architecture to install mobile apps. Most of our participants expected advertising and analytics behavior, yet they were often surprised by applications’ data collection in the background and the level of data sharing with third parties that actually occurred. Given participant feedback, we propose platform support to reduce this “expectation gap” with transparency of data usage and constrained permissions.
  • 2. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 52 | Page [3] ShaikhSarim Asib1 and Prof. Anuja K. Pande[2014] “Study on Enhancing User Privacy on Android Mobile Device via Permission Removal” VOLUME-2, SPECIAL ISSUE-1,pp 276-279 Android mobile devices are becoming a popular alternative to computers. The rise in the number of tasks performed on mobile devices means sensitive information is stored on the devices. Consequently, Android devices are a potential vector for criminal exploitation. Existing research on enhancing user privacy on Android devices can generally be classified as Android modifications. These solutions often require operating system modifications, which significantly reduce their potential. This paper proposes the use of permissions removal, wherein a reverse engineering process is used to remove an app’s permission to a resource. The repackaged app will run on all devices the original app supported. These findings that are based on a study of seven popular social networking apps for Android mobile devices indicate that the difficulty of permissions removal may vary between types of permissions and how well-integrated a permission is within an app. III. Existing system Existing System work has focused on developing policy systems that do not restrict privileges per application and are only effective system-wide. Also, existing policy systems do not cover all the possible ways in which applications can access user data and device resources. Finally, existing location-based policy systems (LPS) are not accurate enough to differentiate between nearby locations withoutextra hardware or location devices. In most cases, such systems assume the context as given without providing or evaluating context detection methods of mobile devices. User-specified policies have the potential to correctly reflect the user's true security and privacy preferences, but the amount of work required to set up and maintain a comprehensive set of context-dependent policies is high .A study concerning location sharing policies showed that the initial accuracy of location disclosure rules specified by users was only 59% and improved to 65% after users modified the rules based on a review of concrete enforcement decisions resulting from these rules. Disadvantages Of Existing System  Not sufficient to capture the highly dynamic and highly personal nature of a user's context.  Need External devices to locate devices.  User need to share their privacy.  Threat arises when a device application acts maliciously and uses device resources to spy on the user or leak the user’s personal data without the user’s consent. Proposed Research A context-based access control (CBAC) mechanism has been proposed for Android systems that allow smartphone users to set configuration policies over their applications’ usage of device resources and services at different contexts. We present a context model used to extract context features reflecting the familiarity of contexts and the persons in the context. The context features are input for the Classifier and used for classifying contexts as having high or low privacy exposure and/or risk of time management. Here we use a scheduled protection for smartphone. The access permission of application is control by means of time. The access permission can denied or enabled by time. The contexts are not predefined in this project. Contexts are user defined in context based scheduled lock Advantages’ Of Proposed System  Time Based Access control provided us the environmental profits.  No need to share the user details.  Applications should not be able to fake the location or time of the device.  Can develop securer and more acceptable applications for end users.
  • 3. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 53 | Page Fig 4.1 system architecture Data Flow Diagram Dfd Level 0 Fig 5.1 DFD level 0 A. Dfd Level 1 Fig 5.2 DFD level 1
  • 4. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 54 | Page Fig 5.3 class diagram Experimental Environment And Output The Proposed CBAC Mechanism is implemented in JAVA 1.7.The experiment is initially tested in the andriod 4.2.2 Operating system on mobile.It can develop the securer and more acceptable applications for end user Fig 6.1.eclipse sdk Fig 6.2 Running project as android application
  • 5. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 55 | Page Fig 6.3 Android emulator in eclipse Fig 6.4Running of application Fig 6.5 App displayer
  • 6. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 56 | Page Fig 6.6.Time setter Fig 6.7. Apps permission denier Cbac Evaluation In this section, we report on the thorough experiments we ran to evaluate the performance of CBAC. For all the experiments, we used a Google Nexus S phone Energy Overhead To measure the energy overhead produced by CBAC, we performed the following tests. We charged the battery of our device to the 100 percent. Then, every 10 minutes we run four system applications (sequentially) via a monkey runner [7] Script: Calculator, Browser, Contacts and Email. For each of them the script performed common operations representative for the applications (multiplication of numbers in case of Calculator, browsing several webpages in case of Browser, calling a number and creating an account in case of Contacts, and composing and sending a email in case of Email application). Each experiment lasted for a total of 120 minutes. We executed this experiment for three types of systems: Stock Android, CBAC without SP changes, and CBAC with SP changes (the system switched between two profiles every 20 minutes). During each experiment, every 10 seconds, our service measured the level of the battery and wrote this value into a log file. For each of the three considered systems, we executed the test 10 times and averaged the obtained values. The results of this experiment are reported in Fig. 6.7. We note that the curves for the three considered systems behave similarly. This shows that the fact that CBAC is just running, or even switching between context does not incur a noticeable energy overhead.
  • 7. Development Of Security Based Reserved Agreement Blocker For Smartphone DOI: 10.9790/0661-18145157 www.iosrjournals.org 57 | Page Fig7.1 Comparative analysis of Energy Overhead between LPC and CBAC System During each experiment, every 10 seconds, our service measured the level of the battery and wrote this value into a log file. For each of the three considered systems, we executed the test 10 times and averaged the obtained values. The results of this experiment are reported in Fig. 7.1. We note that the curves for the three considered systems behave similarly. This shows that the fact that CBAC is just running, or even switching between contexts does not incur a noticeable energy overhead IV. Conclusion From these results, it can be determined that it is indeed possible to remove permission requests from apps via reverse engineering and result in a usable and privacy friendly app. Removing the READ_PHONE_STATE permission from Face book and LinkedIn had a similar result to removing location access from them. With Tango Text, which required this permission in order to identify the phone, the app would instead display an error message. This means that successful removal of this permission would depend on the app in question. Future Work All the research undertaken in this paper on permissions removal was manually completed; therefore future research recommendations include automating this process. By using heuristic methods, it may be possible to locate sections within the source code where permissions resources are used automatically. The decompilation, modification and recompilation process could then be completely autonomous. This leads onto a further future work or research that could be undertaken where this automated system would be implemented onto an Android device. This would result in a self-functioning system that could enhance the privacy of apps on the device. References [1]. MOSES: Supporting and Enforcing Security Profiles on Smartphones(2014)Yury Zhauniarovich, Giovanni Russello Mauro Conti, Member, IEEE,Bruno Crisp and Earlence Fernandes. ieee transactions on dependable and secure computing, vol. 11, no. 3, may- june 2014 [2]. M. Oleaga, 2013, "OS vs. Android Market Share 2013: Google Mobile Platform Dominating Apple Worldwide in March Figures", http://www. latinospost.com/articles/15039/20130322/ios-vs-android-market-share-2013-google- mobile-platform-dominating.htm, accessed 25 March 2013. [3]. O.Hou, 2012, "A Look at Google Bouncer", http://blog. trendmicro.com/trendlabs-security-intelligence/a-look-at-google-bouncer/, accessed 14 April 2013 [4]. FY. Rashid, 2012, "Researchers upload dangerous app to Google Play store", http://www.scmagazine.com.au/News/310192,blackhat-researchers- upload-dangerous-app-to-google-play-store.aspx, accessed 14 April 2013 [5]. Y. Zhou, X. Zhang, X. Jiang & V. Freeh, "Taming information-stealing smartphone applications (on Android)", TRUST 2011, pp. 93-107. [6]. Shabtai, Y. Fledel, U. Kanonov, Y. Elovici, S. Dolev & C. Glezer, "Google Android: A Comprehensive Security Assessment", IEEE Security & Privacy Magazine, Vol. 8, no. 2, 2012, pp. 35-44. [7]. Monkey runner, http://developer.android.com/tools/help/ monkeyrunner_concepts.html, 2014 60 65 71 20 40 60 90 96 100 0 20 40 60 80 100 120 0 50 100 Battery% Time(m) Battery leve CBAC Battery level