Nowadays, smartphones and tablets are replacing the personal computer for the
average user. As more activities move to these gadgets, so does the sensitive
data with which they operate. However, there are few data protection mechanisms
for the mobile world at the moment, especially for scenarios where the attacker
full access to the device (e.g. when the device is lost or stolen). In this
we tackle this problem and propose a novel encryption system for Android, the
top-selling mobile operating system.
Our investigation of the Android platform leads to a set of observations that
motivate our effort. Firstly, the existing defense mechanisms are too weak or
too rigid in terms of access control and granularity of the secured data unit.
Secondly, Android can be corrupted such that the default encryption solution
will reveal sensitive content via the debug interface. In response, we design
(partially) implement an encryption system that addresses these shortcomings
and operates in a manner that is transparent to the user. Also, by leveraging
hardware security mechanisms, our system offers security guarantees even when
running on a corrupted OS. Moreover, the system is conceptually designed to
operate in an enterprise environment where mobile devices are administered
by a central authority. Finally, we provide a prototypical implementation and
evaluate our system to show the practicality of our approach.