Abstract

Mobile devices became the main repository of personal data and source of user-generated contents as well as the principal controller of our social networked life. In this scenario, malicious applications try to take advantage of all the possibilities left open by users and operating systems. In this paper, we propose SecureDroid: an extension of the Android security framework able to enforce flexible and declarative security policies at run-time, providing a fine-grained access control system. In particular, we focus on context dependent policies that allow the user to specify the way in which applications work according to current context.