DELDroid is an automated system for determination of least privilege architecture in Android and its enforcement at runtime. A key contribution of our approach is the ability to limit the privileges granted to apps without the need to modify them.
DELDroid utilizes static program analysis techniques to extract the exact privileges each component needs for providing its functionality. A Multiple-Domain Matrix representation of the system's architecture is then used to automatically analyze the security posture of the system and derive its least-privilege architecture.
The dynamic nature of markets wherein business relationships are established and dissolved continuously demands systems that can cope with constant change, and do so with security paramount. These relationships are reified as services that are offered by organizations and used within a spectrum of domains and use contexts. Current service technologies fail to meet the requirements, however; interfaces are rigid, non-secure, and “one-size-fits-all solutions” which hardly meet the demands of any of its users.