Making Distributed Mobile Applications SAFE: Enforcing User Privacy Policies on Untrusted Applications with Secure Application Flow Enforcement

TL;DR

This paper introduces SAFE, a framework that leverages mobile OS trust to enforce user privacy policies on untrusted cloud services and applications, ensuring data privacy without modifying existing apps.

Contribution

The paper presents a novel SAFE framework that enforces privacy policies on untrusted cloud services and unmodified mobile applications by leveraging OS trust.

Findings

Successfully enforced privacy policies on unmodified apps

Implemented prototypes for mobile OS and cloud enforcement systems

Demonstrated feasibility of policy enforcement on real applications

Abstract

Today's mobile devices sense, collect, and store huge amounts of personal information, which users share with family and friends through a wide range of applications. Once users give applications access to their data, they must implicitly trust that the apps correctly maintain data privacy. As we know from both experience and all-too-frequent press articles, that trust is often misplaced. While users do not trust applications, they do trust their mobile devices and operating systems. Unfortunately, sharing applications are not limited to mobile clients but must also run on cloud services to share data between users. In this paper, we leverage the trust that users have in their mobile OSes to vet cloud services. To do so, we define a new Secure Application Flow Enforcement (SAFE) framework, which requires cloud services to attest to a system stack that will enforce policies provided by the mobile OS for user data. We implement a mobile OS that enforces SAFE policies on unmodified mobile apps and two systems for enforcing policies on untrusted cloud services. Using these prototypes, we demonstrate that it is possible to enforce existing user privacy policies on unmodified applications.