Today's mobile devices sense, collect, and store huge amounts of personal information, which users share with family and friends through a wide range of applications. Once users give applications access to their data, they must implicitly trust that the apps correctly maintain data privacy. As we know from both experience and all-too-frequent press articles, that trust is often misplaced. While users do not trust applications, they do trust their mobile devices and operating systems. Unfortunately, sharing applications are not limited to mobile clients but must also run on cloud services to share data between users. In this paper, we leverage the trust that users have in their mobile OSes to vet cloud services. To do so, we define a new Secure Application Flow Enforcement (SAFE) framework, which requires cloud services to attest to a system stack that will enforce policies provided by the mobile OS for user data. We implement a mobile OS that enforces SAFE policies on unmodified mobile apps and two systems for enforcing policies on untrusted cloud services. Using these prototypes, we demonstrate that it is possible to enforce existing user privacy policies on unmodified applications.

中文翻译：

---

使分布式移动应用程序安全：通过安全的应用程序流程强制执行不受信任的应用程序的用户隐私政策

当今的移动设备可以感知、收集和存储大量个人信息，用户可以通过各种应用程序与家人和朋友分享这些信息。一旦用户授予应用程序访问其数据的权限，他们就必须隐含地相信应用程序会正确维护数据隐私。正如我们从经验和过于频繁的新闻文章中了解到的那样，这种信任常常是错误的。虽然用户不信任应用程序，但他们确实信任他们的移动设备和操作系统。不幸的是，共享应用程序不仅限于移动客户端，还必须在云服务上运行才能在用户之间共享数据。在本文中，我们利用用户对其移动操作系统的信任来审查云服务。为此，我们定义了一个新的安全应用程序流执行 (SAFE) 框架，这需要云服务证明系统堆栈将强制执行移动操作系统为用户数据提供的策略。我们实施了一个移动操作系统，对未修改的移动应用程序执行 SAFE 策略，并实施两个系统，用于对不受信任的云服务执行策略。使用这些原型，我们证明可以对未修改的应用程序强制执行现有的用户隐私政策。