Paper Title
The Transitivity Of Trust Problem In The Interaction Of Android Applications

Mobile phones have developed into complex platforms with large numbers of installed applications and awide range of sensitive data. Application security policies limitthe permissions of each installed application. As applicationsmay interact, restricting single applications may create a falsesense of security for the end users while data may still leavethe mobile phone through other applications. Instead, theinformation flow needs to be policed for the composite system ofapplications in a transparent and usable manner. In this paper,we propose to employ static analysis based on the softwarearchitecture and focused data flow analysis to scalable detectsinformation flows between components. Specifically, we aim toreveal transitivity of trust problems in multicomponent mobileplatforms. We demonstrate the feasibility of our approach with Android applications, although the generalization of theanalysis to similar composition-based architectures, such as Service-oriented Architecture, can also be explored in the future.