(2016) SEAndroid Policy Analysis and Improvement: SELint
SEAndroid became mandatory for OEMs in Android 5.0. OEMs make mistakes when writing policies (see SEAL below). In this project, we implemented a tool to help OEMs develop better SEAndroid policies.
SELint works with source SEAndroid policies; it can be configured in advance by an expert analyst and later used by a policy developer without expert knowledge. SELint uses plugins to implement analysis functionality: this way it can be easily extended by OEMs and third parties.
(2015) SEAndroid Analytics Library (SEAL)
SEAndroid became mandatory for OEMs in Android 5.0. In this project, we develop tools that can help an OEM or a researcher to analyze, understand or troubleshoot SEAndroid policies especially in the context of the target device where the policy is to be applied.
- Our paper is cited in the Writing SELinux Policy page in the Security section of the Android website.