期刊文献+

一种Android平台隔离化权限控制方案

Research on Isolation Permission Control of the Android Platform
下载PDF
导出
摘要 随着移动互联技术的迅速发展,Android系统在移动智能终端的应用日趋广泛.但随之带来的恶意软件攻击、网络数据泄密、系统漏洞缺陷等安全问题也日益严重.权限管理机制是Android一项重要的安全保护机制,旨在约束应用程序的行为,限制其对系统资源的访问.但目前的权限机制不能很好地解决内核缺乏保护的问题,安全隐患依然存在.在结合权限机制的基础上,综合考虑应用层应用程序和内核层系统内核两方面的安全,将系统内核资源根据重要性进行分区隔离,提出了一个由应用层、虚拟机监控器层和可信根层组成的权限安全控制体系结构方案.实验结果表明该方案能很好地拦截带有敏感权限的应用程序,综合硬件机制来保障Android系统的安全. With the rapid development of mobile internet technology,the application of the Android system in mobile intelligent terminals is increasingly widespread.But the malware attacks,network data leakage,system vulnerabilities and other security issues are also increasingly serious.In Android,the permission management mechanism is an important security mechanism designed to constrain the applications'behaviors and limit the access to system resources.However,the current permission mechanism cannot properly solve the problem of protection lack in the kernel,and security risks still exist.Based on permission mechanism,and considering both the applications in the application layer and the system kernel in the kernel layer,the authors of this paper partition the kernel resources of the system according to the importance,and propose a control architecture of permissions security composed of application layer,hypervisor layer and trusted root layer.The experimental results show that the proposed architecture can intercept applications with sensitive permissions and integrate hardware mechanism to ensure the security of the Android system.
作者 赵敏强 赵娜 孙绍山 钱振江 殷旭东 孙高飞 张明新 ZHAO Minqiang;ZHAO Na;SUN Shaoshan;QIAN Zhenjiang;YIN Xudong;SUN Gaofei;ZHANG Mingxin(School of Computer Science and Engineering,Changshu Institute of Technology,Changshu 215500,China)
出处 《常熟理工学院学报》 2018年第5期33-38,共6页 Journal of Changshu Institute of Technology
基金 江苏省高校"青蓝工程"优秀青年骨干教师培养对象项目(2017) 江苏省"333高层次人才培养工程"培养对象项目(2018)
关键词 ANDROID平台 虚拟化 APEX扩展机制 隔离机制 Android platform virtualization APEX extensibility mechanism isolation mechanism
  • 相关文献

参考文献4

二级参考文献199

  • 1杨欢,张玉清,胡予濮,刘奇旭.基于权限频繁模式挖掘算法的Android恶意应用检测方法[J].通信学报,2013,34(S1):106-115. 被引量:47
  • 2Gartner. Worldwide smartphone sales in Q3 2013 [EB/OL]. [ 2014- 01-08 ]. http://www, gartner, com/newsroom/id/ 2623415.
  • 3AppBrian Stats. Number of available Android applications [EB/OL]. [2014-01-08]. http://www, appbrain, com/stats/.
  • 4Consumer Reports. Keep your phone safe-How to protect yourself from wireless threat [EB/OL].[ 2014-01-08 ]. http ://www. eonsumerreports, org/ero/net0613, htm # info.
  • 5TrustGo. BSides Las Vegas: Your droid has no clothes [EB/OL]. [2014-01-08]. http://blog, trustlook, corn/.
  • 6National Vulnerability Database. Vulnerability summary for eVE 2012-0056 [EB/OL]. [2013-12-09]. http..//web, nvd. nist. gov[view]vulnldetail?vulnId=CVE-2012-OO56&cid= 2.
  • 7Nakamura Y, Sameshima Y. SELinux for electronics devices [C]//Proe of Linux Symp. Ottawa:Linux Symp Inc, 2008: 125-133.
  • 8Bugiel S, Davi L, Dmitrienko A, et al. Practical and lightweight domain isolation on android [C] //Proc of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York: ACM, 2011:51-62.
  • 9Smalley S, Craig R. Security enhanced (SE) Android: bringing flexible MAC to Android [C/OL] //Proc of the 20th Annual Network and Distributed System Security Syrup. 2013 [2014-03-20]. http://www, internetsociety, org/events/ ndss-symposium- 2013 / papers-and- pr esentations.
  • 10Kim S H, Han D, Lee D H. Predictability of Android OpenSSL's pseudo random number generator [C] //Proc of the 2013 ACM SIGSAC Conf on Computer Communications Security. New York: ACM, 2013:659-668.

共引文献188

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部