Device Policy Manager in Android - International Journal of ...

ISSN:2229-6093 Sumaiya Patel et al , Int.J.Computer Technology & Applications,Vol 4 (3),374-377

Device Policy Manager in Android Sumaiya Patel1, Darshana Thakur2, Sujit Sherkar3, Priyanka Dhamane4, Nandkishor Karlekar5 1,2,3,4,5

Information Technology Department PadmabhushanVasantdadaPatilPratishthan’s College of Engineering, Mumbai, India

Abstract Android is a modern mobile platform that was designed to be truly open. Android has been subjected to a professional security program.Android uses permission based security model which has central role hence it creates security holes in Android OS. Hence we propose a security based application for Android OS. The application allows its user to have two accounts i.e. Administrator and Guest.This is similar to account we make in Desktop OS.The picture of user will be clicked using front camera if logged on using Guest account. Keywords: Android OS, Permission based security model, central role

1.Introduction Android provides an open source platform and application environment for mobile devices. Android core operating system[1] is built on top of the Linux kernel. All device resources, like camera functions, GPS data, Bluetooth functions, telephony functions, network connections, etc. are accessed through the operating system. It was designed with device users in mind. Users are provided visibility into how applications work, and control over those applications. This design includes the expectation that attackers would attempt to perform common attacks. The Android update service[2] delivers new

IJCTA | May-June 2013 Available [email protected]

capabilities and security updates to Android devices, including updates through the web. The need may arise for a person to share the mobile or tablet with other person. So the Owner of the device can secure it by having Administrator and Guest accounts, the same way in Desktop PC. Also the device can be accessed by the person who is not the owner of the device wants to make a call or share file. These features can be allowed for the guest.

2. Present System Android seeks to be the most secure and usable operating system for mobile platforms by repurposing traditional operating system security controls to:   

Protect user data Protect system resources (including the network) Provide application isolation.

By default the android phone having security that allows only a single user sign on. There is no guest option or the camera clicking option as well this person is the owner or the administrator for the phone. So there is chances to misuse of that data. The current android Operating System [3] does not have a facility to create user account.

374


3. Proposed System We are developing the application which provide more security for the android users. The prototype we implemented integrates the admin and guest environment with the shared preference environment and allows users to run applications as they used in computer.

There are two ways to create a User Interface in Android, either through XML or by creating the UI Programmatically using Eclipse. The diagram shows the different tools used in developing the application for different purposes. Thefirst step is GUI i.e. graphical user interface that is developed using the XML tags[7]. Each form in Android is an Activity.

This security-aware application manages access to its content by enforcing device management policies. The device can have Administrator and Guest Account. Every time a guest is logged in the device will capture his picture using front camera if available and save to the device. We define the kinds of policy to support at the functional level. Policies may cover screen, camera and call-lock password strength, expiration timeout or encryption[6].

XML Layout (GUI) XML Data (attributes)

The photo clicking feature will allow Administrator to keep a tab on who have accessed the device without his/her knowledge. Each declared policy corresponds to some number of related device policy methods in DevicePolicyManager. We declare the selected policy set, which will be enforced by the application, in the res/xml/device_admin.xml file. The Android manifest should also reference the declared policy set.

4. Tools Used Android API IDE SDK Emulator

: API 15 : Eclipse. : android SDK. : any android emulator.

5. Design The Android UI framework is organized around the common Model-View-Controller[4] pattern.


Function (Methods) Java Fig System Design To code for the function and for interconnection of the Activities we use Java. Java provides methods which will help to achieve all the task.

6. Architecture The Device Policy Manager which is built on Android API will setup the policies for the password such as Numeric or Alphanumeric. The block diagram shows the architecture of the Application. The user will interact through User Interface which will consist of: Setting up Password policies : The setting of password is shown by using the flowchart in figure 3.The first configuration of application will allow administrator to setup the policies.

375


Then the respective passwords for Administrator and Guest are entered by user. The policies are enforced

SQLite

Stora ge

on the device and the password are stored in database

User

Device Policy Manager

Interface

Android API Fig Architecture of Device Policy Manager

Logging on to device via Administrator or guest account It will also block the calling facility and camera if user is logged on as Guest. For the storage of policies we use Shared Preferences[5] where the policies are written to and read from while logging in.

Android platform includes the SQLite embedded database and provides out of the box support to use it via Android APIs. The user can be a  

Administrator Guest

The password of the Administrator and Guest is stored in the SQLite database[8] used in Android devices.

Set up password policies

Enter password for Admin and Guest

Enforce Policy

Save Password in Fig Initial Setup for Device Policy Manager Database Each will have different responses from Device Policy Manager. The administrator will have all the access


The Guest will have Call blocked and camera disabled. The picture will be clicked using the front

376


camera of device if available and then will be saved on to the device.’

7. Future Scope This application can be helpful in organizations where the owner provide the employees tablets. For maintaining the security and integrity of data handle in organizations folder and file like .pdf and .doc can also locked for guest implemented in Device policy Manager.

8. Conclusion In this paper, we presented full smart Android security over existing System that allows android users to create two account in phone and access these account easily without any security fear. And also the user share their phone with anyone without extra activities like SIM lock from their DPM application through our prototype, mobile security applications installed in the phone easily. The provided security is high level, because you can’t access any function till you does not enter the correct password. Our prototype also boosts the performance of mobile applications by providing face capturing and call locking resources for admin beneficial, without draining the device battery.

9. References [1] "Android.com," Available: http://www.android.com [2] W. Enck, M. Ongtang, and P. McDaniel. Understanding Android security. IEEE Security & Privacy Magazine,7(1):10–17, 2009. [3] Technical Blog of SaiGeetha dedicated to Android, http://saigeethamn.blogspot.com/ [4] Daecon, John. 2009. Model-View-Controller (MVC) Architecture. [5]Sayed Y Hashimi and SatyaKomatineni, “Pro Android”, Wiley India Pvt Ltd. (2009) [6]Android Developers official website, http://developer.android.com/guide/topics/ui/index.ht ml [7] A visual interface editor for Android, http://www.droiddraw.org/ [8]http://elinux.org/Android_Architecture.


377