Formal Modeling of Security Concerns in Android
The need of providing a secure environment to the users of technology is necessary to keep it going. Android devices are used by most of the population worldwide, to keep it working and developing it should be secure for the users. Applications are installed on the device by the user for specific purposes. Different applications interact with each other to perform some specific functions e.g. an application that doesn't have its built-in Calendar functionality asks for the permission to access it externally from another application/s installed on the device and this inter-application communication can result in data theft vulnerabilities because of communication with a malicious application directly or indirectly. We present a defense mechanism model named PBAD (Permission Based Attack Defense) Model, which protects the applications from interacting with malicious applications and protecting the permission protected interfaces of the innocuous applications. Our main focus is on the permission related security measures because the permission model of the Android OS is coarse-grained and it is vulnerable to attacks. The presented model is a PROMELA based model.