摘要
针对APK二次开发涉及到的授权问题和安全问题,提出一种基于可净化签名方案的APK授权机制(APKSAN)。结合可净化签名技术的特有属性,允许APK开发者授权给指定修改者对APK文件的源代码进行二次开发,被授权者不需与开发者进行交互即可修改工程源代码的指定部分,修改后生成的APK文件的签名仍然有效,确保APK二次开发的合法性。安全分析结果表明,APK-SAN授权机制能有效解决APK二次开发的授权问题,保护开发者、修改者双方的权益。
To solve the authorization issues and security problems exist in re-development of APK files? an APK authorization mechanism based on sanitizable signature scheme (APK-SAN) was proposed Unique properties of sanitizable signature techno-logy were utilized that allowed APK original developer to authorize specified modifier to re-develop the designated part of source code of the APK file without interaction between developer and modifier. The signature of APK files after re-development was still valid and the legitimacy of APK files re-development was guaranteed Security analysis shows that, the proposed APK- SAN authorization mechanism can effectively solve the authorization issues of APK files re-development and protect the copyright of the original developer and modifier.
出处
《计算机工程与设计》
北大核心
2017年第9期2358-2362,共5页
Computer Engineering and Design
基金
国家自然科学基金项目(61662004)
广西自然科学基金项目(2011GXNSFA018152)
广西教育厅科研基金项目(YB2014008
2013YB007)
广西大学自然科学基金项目(XBZ110905)
广西研究生教育创新计划基金项目(YCSZ2015035)
