Overview
Explore the intricacies of Android permissions mechanisms in this 44-minute LASCON conference talk from the Mobile Track. Delve into the challenges posed by the fine-grained permissions model of the Android Open Source Project (AOSP) and the lack of comprehensive permissions maps. Learn about various methodologies for building Android permission maps and their inherent deficiencies. Understand the importance of creating a centralized group responsible for generating permission maps, with a focus on why Google should take on this role. Gain insights into why permission mapping is crucial for securing the rapidly evolving Android environment, and how it impacts application security testers, app developers, and security-conscious Android users. Discover how frequent changes in required permissions due to ongoing AOSP and API development create challenges for the Android ecosystem.
Syllabus
2013 - Drawing the map - Outlining Android permissions mechanism - Andrew Reiter
Taught by
LASCON