[Busec] Seminar On Practical Security on JULY 1

Ari Trachtenberg trachten at bu.edu
Tue Jun 25 22:04:43 EDT 2013

We resume our seminar this Monday, July 1 from noon-1pm in PHO 339.
Our speaker will be Prof. Yuting Zhang:

Title:  Android Security


Android as an open platform dominates the booming mobile market. However, the popularity and the open nature also contribute to a sharp increase of security threats and privacy invasions. This talk will give an overview of how our research attempts to enhance Android security through preventing, avoiding, and detecting the threats from multiple different levels. This talk will briefly introduce three of our projects: 1) at the platform level, we propose a Dynamic Role Based Access Control for Android (DR BACA) model and implement the DR BACA system. Our system offers multi-user management on Android mobile devices comparable to traditional workstations, and provides fine-grained Role Based Access Control (RBAC) to enhance Android security at both application -and permission level. Moreover, by leveraging context-aware capabilities of mobile devices and Near Field communication (NFC) technology, our solution supports dynamic RBAC to provide more flexible access control while still being able to mitigate some of the most concerning security risks on mobile devices to date. 2) At the application level,  we propose a security analysis framework that takes account of a range of vulnerability metrics to provide a unified and quantifiable method to evaluate the security risk level of Android applications. We will show some analysis results of applications in finance and healthcare sectors from Google market. 3) We also propose to build an application development assistant tool to educate the developers best practices and help them to avoid the security exploits. A primitive prototype is built to capture some Android security bugs.
Prof. Ari Trachtenberg            ECE, Boston University
trachten at bu.edu                    http://people.bu.edu/trachten

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20130625/d1fc572a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20130625/d1fc572a/attachment.sig>

More information about the Busec mailing list