Android has the application permission system available when new application is installed. User has to accept all the permissions that app requests and then installation proceeds.   There are chances that application might be using all the permissions OR may not be using OR user may not want that app to use some specific permissions.

With the new versions of Android, Google is increasing the security aspects of Android. In Android version 4.3 and 4.4, Google introduced AppOps application permission manager functionality, service which enables lot of application permission options during run time. AppOps functionality allow user to configure the control over data access, locations, call log, Send/Receive SMS and MMS, read/Write contacts, camera etc. But Google removed AppOps from android 4.4.2 because Google claims that AppOps was not for end user but for development. There could be many more reasons behind from business point of view also.

The AppOps manager is a hidden service which gets enabled with root access. This service has multiple options to configure for applications. To control the permissions AppOps allows to assign different modes like ALLOW, ERROR, and IGNORE. So based on the user preferences for permissions these mode are assigned. This Functionality also allows creating white list apps for which security permission control is not applicable. The typical flow for permission check would be,

Android Apps -> Sub system -> AppOpsManager -> AppOpsService -> Return to Subsystem if allowed or Pop Up dialog in case of ASK mode for user confirmation.

There is no denying that these services are enough to provide user full security. Based on the existing options, it is possible extend further for the user confirmation during runtime. By using AppOps services and enhancing the existing functionality, user can toggle the permissions for an app whenever app is going to access the service. CynogenMod ROM has its own application permission manager based on AppOps that allows user to control what application can do and couldn’t on the device.

There is possibility that toggling the permission might break the application. For example if user does not confirm GPS usage for an application then application might break or misbehave completely. So intelligent decision has to be made for permission handling and return status for service access.

Sasken is closely studying the changes and features appearing in different android flavors and implementing various features that will enable application level security for users.

Author: Vinay Harugop - Software Architect,  ERnD Practice