| 基于动态权限集的Android强制访问控制模型 |
| |
| 引用本文: | 徐潜,谭成翔.基于动态权限集的Android强制访问控制模型[J].计算机科学,2015,42(11):191-196, 221. |
| |
| 作者姓名: | 徐潜 谭成翔 |
| |
| 作者单位: | 同济大学电子信息工程学院 上海201804,同济大学电子信息工程学院 上海201804 |
| |
| 摘 要: | 针对Android存在的特权提升攻击问题,提出了基于动态权限集的Android强制访问控制模型DP_ManDroid。该模型首先分析强连通分支的权限分布特性,构建动态的权限集划分;然后在信息流与权限集耦合的基础上,抽象权限提升路径;最后提出线性时间的访问控制算法,并通过动态追踪权限集,实现了细粒度的决策控制。与现有 安全模型的对比,以及在原型系统上的仿真结果表明,所提出的安全模型很好地抵御了特权提升攻击,同时降低了时间复杂度。
|
| 关 键 词: | 特权提升攻击 强连通分支 通信网络拓扑结构 权限提升路径 动态权限集 |
| 收稿时间: | 2014/11/7 0:00:00 |
| 修稿时间: | 2/9/2015 12:00:00 AM |
Mandatory Access Control Model for Android Based on Dynamic Privilege Set |
| |
| XU Qian and TAN Cheng-xiang.Mandatory Access Control Model for Android Based on Dynamic Privilege Set[J].Computer Science,2015,42(11):191-196, 221. |
| |
| Authors: | XU Qian and TAN Cheng-xiang |
| |
| Affiliation: | School of Electrical and Information,Tongji University,Shanghai 201804,China and School of Electrical and Information,Tongji University,Shanghai 201804,China |
| |
| Abstract: | In order to prevent Android platform from being attacked by the privilege escalation,this paper proposed a mandatory access control model based on the dynamic privilege set.The model analyzes the privilege characteristics of strongly connected component and constructes the privilege partition.Coupling the information flow together with privilege set,the privilege escalation path is abstracted.At last the access control algorithm which has linear complexity was proposed.With the help of tracking the privilege sets dynamically,the fine grained decision strategy was realized.The test result on the prototype system and the comparison with the existing models both show that the model proposed in this paper can fix the privilege escalation attack efficiently. |
| |
| Keywords: | Privilege escalation attack Strongly connected component Communication network topology Privilege escalation path Dynamic privilege set |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
