Security and Privacy for Untrusted Applications in Modern and Emerging Client Platforms
MetadataShow full item record
Today's computer users have the choice among an ever increasing variety of devices and platforms, including desktops, tablets, smartphones, and web browsers. In addition to these more traditional platforms, continuous sensing platforms have recently become commercially available, including augmented reality systems like Google Glass and in-home platforms like Xbox Kinect. Beyond built-in functionality, these platforms generally allow users to install and/or run applications of their choice. While these untrusted applications can provide great benefits to users, their presence also raises security and privacy risks. For example, users may accidentally install malware that secretly sends costly premium SMS messages, and even legitimate applications commonly leak or misuse users' private data. This dissertation identifies and characterizes two significant security and privacy challenges due to untrusted applications on modern client platforms. First, these platforms often allow applications to embed content from other applications, resulting in security and privacy implications for both the parent application and the embedded third-party content. Second, these platforms ask users to make decisions about which permissions an application should receive, including the ability to access the camera or the file system; unfortunately, existing permission granting approaches are neither sufficiently usable nor secure. This dissertation considers and tackles these two challenges--embedded third-party content and application permission granting--in the context of several modern and emerging client platforms. On the web, we study how embedded third-party content allows web applications to track users' browsing behaviors; our comprehensive measurement study informs our design of new tools and defenses. In modern operating systems (such as smartphones), we study how to secure embedded user interfaces in general, and then leverage these security properties to enable user-driven access control, a novel permission granting approach by which the operating system captures a user's permission granting intent from the way he or she naturally interacts with any application. Finally, for emerging continuous sensing platforms (such as augmented reality systems) in which explicit user input is sparse and applications rely on long-term access to sensor data, we develop world-driven access control to allow real-world objects to explicitly specify access policies, relieving the user's permission granting burden. Together, these works provide a foundation for addressing two fundamental challenges in computer security and privacy for modern and emerging client platforms.