Access Control in Mobile Software Stacks: Can we do fundamentally better?

Location: TU Wien, FAV Hörsaal 1 Helmut Veith (Favoritenstr. 9-11, Erdgeschoß, Room HEEG02)
Date & Time: 2024-07-05; 10:00 - 11:00

Abstract: A cornerstone of mobile privacy and security is the permission system that enables users to selectively grant or revoke apps’ access to data. This pivotal role of permissions has earned them a lot of attention over the last 15 years by the research community, who identified its shortcomings and suggested improvements to it. In this talk, we briefly recap the access control model of the permission system “under the hood” and then take a step back to question whether we can do fundamentally better at the system design level. Central to this question is the existence of an ambient authority as the root of many problems and how we can get rid of it. To give food for thought, we base this discussion on a recent research work that proposes object capabilities as alternative access control model for Android and on looking at Google Fuchsia, Google’s latest operating system that is capability-based. We present some early results that show that even Fuchsia’s design is still not a sufficient solution and what the challenges are for such a paradigm shift in access control for (mobile) software stacks.

Bio: Sven Bugiel is a security researcher focusing on (mobile) operating system security and trusted computing. In the past, he was particularly looking into mandatory access control systems for the Android OS and integrating hardware security building blocks into mobile operating systems. This interest has extended to object-capability systems and developing new confidential computing solutions. More recently, he also worked on the intersection of those topics with human-centered studies, authentication, and data science. Sven is a tenured faculty at the CISPA Helmholtz Center for Information Security in Saarbrücken, Germany since end of 2021.