data flow

file

Visible to the public Multi-App Security Analysis: Looking for Android App Collusion

Abstract:

The Android security model was built from the ground up to combat potential attacks (or misuse) one app at a time. This model culminates in a user interface that asks for the user's approval each time an app is installed. While the interfaces enables users to avoid applications that may violate their security policy (by using combinations of permissions) applications can freely communicate with each other to share their permissions, achieving capabilities through collusion that astute users would not have approved.