This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, October 25 • 1:00pm - 1:45pm
Drawing the map: Outlining Android permissions mechanism

Sign up or log in to save this to your schedule and see who's attending!

The Android Open Source Project provides software stacks for mobile devices operating on the Android platform. The API provided by this project helps enforce restrictions on specific functions and process which are allowed to operate under the standard Android permission mechanism. Because of the fine-grained permissions of the model, combined with the lack of permissions maps, it is not clear which functions require which permissions to operate. Additionally, due to the constant development in the AOSP and API, required permissions change frequently, creating headaches for application security testers, app developers and security minded Android users. 

During this talk, Andrew Reiter, security researcher, Veracode, will introduce the various methodologies used for building an Android permission map, and discuss the inherent deficiencies in each. The audience will learn why it is important to create a single group responsible for generating a permission map, and why Reiter believes this group should be Google. The discussion will also cover why permission mapping is an important part of securing this ever growing environment. 

avatar for Andrew Reiter

Andrew Reiter

Principal Researcher, Veracode
Andrew Reiter is a Principal Researcher at Veracode focusing on both static | analysis of android apps, web app framework, et al., and the design of automated security analysis algorithms for Android. He holds a M.Sc. in Applied Mathematics from UMASS-Amherst.

Friday October 25, 2013 1:00pm - 1:45pm
HackersForCharity.org Room Norris Conference Center, 2525 W. Anderson Lane, Suite 365, Austin, Texas 78757

Attendees (10)