The security architecture of consumer operating systems is currently undergoing a fundamental change. In platforms such as Android, iOS, and Windows 8, each application is a separate security principal that can own data. While this distinction is a vast improvement over traditional user-focused security architectures, sharing data between applications results in an unexpected loss of control of that data, potentially exposing security and privacy sensitive information. This research improves the security of these modern consumer operating systems by providing a holistic view of data protection. In particular, this work proposes a new operating system abstraction for transparently tracking and controlling access to all data, allowing policy to determine if a reader is given the true value, a fake or modified value, or no value at all. To efficiently and practically accomplish this goal, this work combines several existing and new techniques to track and control access to data. The new abstraction provided by this work not only solves a significant problem affecting modern consumer operating systems by enabling applications to retain pervasive control over their data, but also more broadly provides a new abstraction on which a variety of new security solutions can be built.
