An Object-Sensitive Type-Based Information-Flow Analysis for Android 
Applications - Intermediate Presentation


Cassandra is a certifying app store that employs a type-based security 
analysis to certify the security of Android applications. Up to date, 
Cassandra has mainly been used to certify the security of applications 
specially designed for this purpose, while the certification of 
applications from external sources remains problematic. The long-term 
vision is to make Cassandra applicable also to open-source applications 
in a fully automated manner.

The security analyses currently implemented in Cassandra are not 
object-sensitive. This means that they do not distinguish the 
confidentiality of information stored in different objects of the same 
class, or in different arrays.

This talk demonstrates that the lack of object-sensitivity in 
Cassandra is one of the main reasons that prevents the successful 
certification of intuitively secure applications. In particular, we 
present several patterns that are common in typical Android applications 
in which imprecision of the security analysis is caused by 
object-insensitivity. These results serve to motivate the extension of 
Cassandra by an object-sensitive security analysis.

Furthermore, we present problems with the existing implementation of 
Cassandra that have been discovered during the investigation, and 
document the major design decisions that have been taken in the 
process of addressing these problems.