DALF proposes a new flexible permissions architecture for Android. In DALF, users may install plugins to control how apps may access on-device data. For example, a user may install a plugin to prevent apps from accessing the device location at night. The key difference between DALF and related work, such as Xposed, is that in DALF, plugins are regular, standalone apps. Plugins do not run with elevated privileges in the OS nor do they run within the address spaces of each app. For more information, please wait for the publication of our MobiSys 2019 paper.
At the moment, DALF is a research prototype that demonstrates the feasibility of our approach. Further work is required to integrate it with open-source Android ROMs and to expand the capabilities of plugins.
This repository centrally tracks all project issues. Visit the main dalfdroid organization page to view all project repositories.
DALF is built on top of AOSP (Android Open-Source Project), branch android-8.1.0_r1. This branch supports the following devices: Pixel 2 XL, Pixel 2, Pixel XL, Pixel, Pixel C, Nexus 6P, Nexus 5X. However, we have tested DALF only on the Pixel 2 XL device. If you test it on other devices, please feel free to open an issue to let us know your experience.
Please visit the wiki for the complete build instructions.
Please visit the wiki to view a guide on writing DALF plugins. We have also published some sample plugins:
-
GeoInd: Uses geo-indistinguishability, a differentially-private technique, to hide the user's current location.
-
ImageGuard: Uses techniques from PrivateEye to hide sensitive content in image frames.
-
EmailGuard: Hides email addresses of contacts when apps access the contacts book.