20 20

Transactions on
Data Privacy
Foundations and Technologies

http://www.tdp.cat


Articles in Press

Accepted articles here

Latest Issues

Year 2017

Volume 10 Issue 2
Volume 10 Issue 1

Year 2016

Volume 9 Issue 3
Volume 9 Issue 2
Volume 9 Issue 1

Year 2015

Volume 8 Issue 3
Volume 8 Issue 2
Volume 8 Issue 1

Year 2014

Volume 7 Issue 3
Volume 7 Issue 2
Volume 7 Issue 1

Year 2013

Volume 6 Issue 3
Volume 6 Issue 2
Volume 6 Issue 1

Year 2012

Volume 5 Issue 3
Volume 5 Issue 2
Volume 5 Issue 1

Year 2011

Volume 4 Issue 3
Volume 4 Issue 2
Volume 4 Issue 1

Year 2010

Volume 3 Issue 3
Volume 3 Issue 2
Volume 3 Issue 1

Year 2009

Volume 2 Issue 3
Volume 2 Issue 2
Volume 2 Issue 1

Year 2008

Volume 1 Issue 3
Volume 1 Issue 2
Volume 1 Issue 1


Volume 7 Issue 1


IdentiDroid: Android can finally Wear its Anonymous Suit

Bilal Shebaro(a),(*), Oyindamola Oluwatimi(b), Daniele Midi(c), Elisa Bertino(d)

Transactions on Data Privacy 7:1 (2014) 27 - 50

Abstract, PDF

(a) Computer Science, Cyber Center and CERIAS, Purdue University, West Lafayette, IN 47907, USA.

e-mail:bshebaro @purdue.edu; ooluwati @purdue.edu; dmidi @purdue.edu; bertino @purdue.edu


Abstract

Because privacy today is a major concern for mobile applications, network anonymizers are widely available on smartphones, such as Android. However despite the use of such anonymizers, in many cases applications are still able to identify the user and the device by different means than the IP address. The reason is that very often applications require device services and information that go beyond the capabilities of anonymous networks in protecting users' identity and privacy. In this paper, we propose two solutions that address this problem. The first solution is based on an approach that shadows user and application data, device information, and resources that can reveal the user identity. Data shadowing is executed when the smartphone switches to the 'anonymous modality'. Once the smartphone returns to work in the normal (i.e. non-anonymous) modality, application data, device information and resources are returned back to the state they had before the anonymous connection. The second solution is based on run-time modifications of Android application permissions. Permissions associated with sensitive information are dynamically revoked at run-time from applications when the smartphone is used under the anonymous modality. They are re-instated back when the smartphone returns to work in the normal modality. In addition, both solutions offer protection from applications that identify their users through traces left in the application's data storage or through exchanging identifying data messages.

We developed IdentiDroid, a customized Android operating system, to deploy these solutions and built IdentiDroid Profile Manager, a profile-based configuration tool that allows one to set different configurations for each installed Android application. With this tool, applications running within the same device are configured to be given different identifications and privileges to limit the uniqueness of device and user information. We analyzed 250 Android applications to determine what information, services, and permissions can identify users and devices. Our experiments show that when IdentiDroid is deployed and properly configured on Android devices, users' anonymity is better guaranteed by either of the proposed solutions with no significant impact on most device applications.

* Corresponding author.

Follow us




Supports





IIIA-CSIC




ISSN: 1888-5063; ISSN (Digital): 2013-1631; D.L.:B-11873-2008; Web Site: http://www.tdp.cat/
Contact: Transactions on Data Privacy; Vicenç Torra; U. of Skövde; PO Box 408; 54128 Skövde; (Sweden); e-mail:tdp@tdp.cat

 


Vicenç Torra, Last modified: 10 : 41 June 27 2015.