CliSeAu for Android Applications: Design, Case Studies and Evaluation


Dynamic enforcement is a mechanism to ensure compliance of programs or
systems with a specified security policy. CliSeAu is a tool for
dynamically enforcing runtime policies for Java programs in a
decentralized and distributed fashion. This Master’s Thesis introduces
CliSeAu for Android – an extension to CliSeAu that can be used to
enforce decentralized and distributed runtime policies in Android
applications. 
CliSeAu for Android provides a unique and novel enforcement approach
for Android applications that has – to the best of our knowledge – not
yet been examined in the literature. While Android is based on Java,
it introduces some aspects that are platform specific and works with
a different format for executable applications than plain Java does.
The developed extension provides an accessible interface to Android’s
peculiarities like the Application lifecycle and interprocess
communication model. In realistic case studies, we show that CliSeAu
for Android offers an efficient enforcement process.