Title: Preventing Information Leakage in Mobile Applications with Object-Oriented Access Control Lists and Security Monitor Encapsulation
Abstract: We propose a model and associated algorithms for information flow control to prevent information leakage in mobile computing environments. The model employs access control lists and encapsulated security monitors under a fully object-oriented framework. We show that our model prevents unauthorized direct access to sensitive information from a mobile user to the server, as well as any attempt on indirect access through intermediate entities. To understand the feasibility of our model, we suggest an event-driven approach and efficient implementation for the realization of the model. A Java-based preliminary implementation and performance evaluation results demonstrate that our model can successfully prevent information leakage with very low overhead.
Publication Year: 2009
Publication Date: 2009-01-01
Language: en
Type: article
Access and Citation
Cited By Count: 2
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot