Security Enforcement in Mobile Telephony Server

Open Access
Author:
Hassan, Mohamed N
Graduate Program:
Computer Science and Engineering
Degree:
Master of Science
Document Type:
Master Thesis
Date of Defense:
July 09, 2008
Committee Members:
  • Trent Ray Jaeger, Thesis Advisor
Keywords:
  • security
  • selinux
  • smartphones security
  • reference monitor
  • mobile telephony server
  • attention commands
  • openmoko
  • LSM
Abstract:
The increasing market share of Linux based mobile phones has motivated developers to make use of the Linux flexible environment to write applications that provide services for mobile users. These services vary from short messaging, calendar, phonebook management, internet browser, mobile games and email clients. These applications require cellular connectivity which is provided via the telephony server API. The telephony server, a part of the phone software architecture, converts these API calls to attention commands (AT) that are sent to the modem. AT commands pose a threat on user data, SIM data and the core cellular network. The current Linux security modules like SELinux enforce access control at the granularity of applications access to the telephony server. Therefore, we intend to design a reference monitor module inside the telephony server that enforces policy over AT+ commands sent to the phone modem. We introduce user level LSM that can decide which classes of application can access which telephony services.