A common security architecture is based on the protection of certain
resources by permission checks (used e.g., in Android and Blackberry). It has
some limitations, for instance, when applications are granted more permissions
than they actually need, which facilitates all kinds of malicious usage (e.g.,
through code injection). The analysis of permission-based framework requires a
precise mapping between API methods of the framework and the permissions they
require. In this paper, we show that naive static analysis fails miserably when
applied with off-the-shelf components on the Android framework. We then present
an advanced class-hierarchy and field-sensitive set of analyses to extract this
mapping. Those static analyses are capable of analyzing the Android framework.
They use novel domain specific optimizations dedicated to Android.Comment: IEEE Transactions on Software Engineering (2014). arXiv admin note:
substantial text overlap with arXiv:1206.582