An SELinux-based Intent manager for Android

Simone Mutti, Enrico Bacis, Stefano Paraboschi

In Proceedings of the 3rd IEEE Conference on Communications and Network Security (CNS), Florence, Italy, September 28-30, 2015

The support for Mandatory Access Control offered by SELinux has become a significant component of the security design of the Android operating system, offering robust protection and the ability to support system-level policies enforced by all the elements of the system. A well-known security-sensitive aspect of Android that currently SELinux does not cover is the abuse of intents, which represent the Android approach to inter-process communication. We propose SEIntentFirewall, an SELinux intent manager that provides fine-grained access control over Intent objects, permitting to cover within MAC policies the use of intents.

Get the paper [BibTeX]

Poster
IEEE CNS15 Best Poster Award