信息网络安全 ›› 2016, Vol. 16 ›› Issue (8): 54-60.doi: 10.3969/j.issn.1671-1122.2016.08.009

• • 上一篇    下一篇

一种增强型Android组件间安全访问控制方案

余丽芳, 杨天长(), 牛少彰   

  1. 北京邮电大学智能通信软件与多媒体北京市重点实验室,北京 100876
  • 收稿日期:2016-06-18 出版日期:2016-08-20 发布日期:2020-05-13
  • 作者简介:

    作者简介: 余丽芳(1989—),女,江西,硕士,主要研究方向为移动通信安全;杨天长(1983—),男,河南,博士,主要研究方向为信息安全、漏洞挖掘等;牛少彰(1963—) ,男,北京,教授,博士,主要研究方向为网络信息安全、网络攻防技术、软件安全、信息隐藏技术等。

  • 基金资助:
    国家自然科学基金[61370195];国家自然科学基金联合基金[U1536121]

An Enhanced Security Access Control Scheme for Inter-component Communication in Android

Lifang YU, Tianchang YANG(), Shaozhang NIU   

  1. Beijing Key Lab of Intelligent Telecommunication Software and Multimedia, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2016-06-18 Online:2016-08-20 Published:2020-05-13

摘要:

Android智能移动终端迅猛发展的同时,其安全问题也层出不穷,而且Android系统自身提供的沙箱机制,签名机制和权限访问控制也存在着缺陷,无法应对目前出现的各种安全问题。针对权限访问控制机制对组件通信保护存在的不足,文章提出了一种增强型安全访问控制方案,该方案利用签名机制对组件进行签名,在Android Framework层对需要进行安全保护的组件通信进行签名验证,以实现增强型的组件安全访问控制。实验结果表明,该方案能够对控制访问的通信过程进行有效地审核,提高了组件通信的安全性。

关键词: Android, 权限访问控制, 签名机制, 安全

Abstract:

With the rapid development of Android smart mobile devices, its security issues emerge in endlessly. However, the sandbox mechanism, signature mechanism and access control of permission provided by Android system has its drawbacks, and unable to cope with a variety of security problems at present. Given the lack of access control mechanisms for the protection of communication components, this paper presents an enhanced security access control scheme, in which signature mechanism is used to sign the components in the scheme and achieve enhanced security access control for components communication need to be protected, and certificate verification is checked in the Android Framework layer. Experimental results show that the scheme can be effective for the security access control of process validation, and improve the security of the communication component.

Key words: Android, access control, signature mechanism, security

中图分类号: