Skip to Main content Skip to Navigation

Contrôle d'accès dynamique et architecture de sécurité pour la protection des applications sous Android

Guillaume Averlant 1
1 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique
LAAS - Laboratoire d'analyse et d'architecture des systèmes
Abstract : In this thesis, we specifically focus on the Android environment. Indeed, we noticed a lack in the capabilities of the Android permission model against a number of emerging threats. To address these threats, we propose a security policy that complements the current Android permission system. This policy aims at restricting dynamically, i.e. based on the current smartphone execution context, the execution rights and the ability to access smartphone resources for each installed application. Besides the security benefits, the use of such a policy allows a user to have a tighter control over the access ofapplications to privacy-related data. This security policy is the first contribution of this thesis. Furthermore, we designed a security architecture that implements the access control mechanisms required to carry out such a policy. This second contribution is based on a so-called "multi-level" architecture, i.e. made up of several components of different privilege levels. Specifically, these have been implemented both in the Android framework, in the Linux kernel, and in a hypervisor. The last contribution of this thesis involves the realization of a prototype of this architecture on a development board, associated with the presentation of tests that showcase the effectiveness and relevance of the approach.
Document type :
Complete list of metadata

Cited literature [68 references]  Display  Hide  Download
Contributor : Abes Star :  Contact
Submitted on : Wednesday, March 4, 2020 - 5:26:07 PM
Last modification on : Thursday, June 10, 2021 - 3:02:55 AM
Long-term archiving on: : Friday, June 5, 2020 - 3:28:51 PM


Version validated by the jury (STAR)


  • HAL Id : tel-02440787, version 2


Guillaume Averlant. Contrôle d'accès dynamique et architecture de sécurité pour la protection des applications sous Android. Cryptographie et sécurité [cs.CR]. INSA de Toulouse, 2019. Français. ⟨NNT : 2019ISAT0026⟩. ⟨tel-02440787v2⟩



Record views


Files downloads