Abstract:
The subject of the study is the most popular, at the present time, operating system for mobile Android devices in terms of its capacity to protect the processed personal and official data. The analysis revealed that the main threat are the applications that are installed on mobile devices. In order to evaluate the possibilities of the intruders, a client-server application is developed; it emulates a channel of information leakage, the task of which is to gain access to SMS and contacts of mobile device, as well as transfer the collected data to third-party web-service. Using the application legally placed in the online store Google Play, the imperfection of the applicable in Android discretionary model of access of the applications to the components and services of the mobile device is shown. The approaches to improve the model and to introduce additional protection mechanisms are given.
Keywords:discretionary policy of allocation of access rights, information security, operating system Android, mobile applications.