Isolating Host Environment by Booting Android from OTG Devices

With the integration of smartphone into daily life, end users store a large amount of sensitive information into Android device. For protecting the sensitive information, a method of multi-booting Android OS from On-The-Go (OTG) device is proposed to meet the requirements of end users in different scenarios. The proposed method utilizes system domain isolation to guarantee the security of sensitive information on different Android OS. The difference with other solutions is that our proposed solution does not add additional components to Android OS, which makes the overhead of Android runtime has been effectively controlled. A prototype of the proposed method is implemented and deployed into the real android device to evaluate the effectiveness, the efficiency and the performance overhead. The experiment results show that the performance overhead is reasonable and our method can effectively mitigate the risk of sensitive information leakage when booting different Android instance in the same Android device.