基于污点标记的访问控制模型及其安卓实现

为保护移动操作系统平台中存储的用户隐私数据,提出一个基于污点标记的访问控制(TBAC)模型,并设计了一个基于污点跟踪的信息流控制框架(TIFC)。为数据添加污点标记,控制力度细化到数据;引入主体能力保证最小特权原则;主体能力独立于数据污染与可信去污防止污点积累。该模型与BLP模型相比更加可用、灵活与细粒度。该框架能细粒度地、灵活地、准确地实时跟踪并控制隐私信息的流向,并解决了程序执行中因控制流产生的隐蔽通道问题。

Taint-marking based access control model and its implementation on Android

For protecting the sensitive data on mobile operation system, a Taint-marking Based Access Control (TBAC) model was presented and a Taint-marking Information Flow Control (TIFC) framework was proposed. To improve fine-grained data sharing, labels were designed for each data. To support for least privilege characteristic, capacities were defined to each subject. To avoid accumulating of contamination, decontamination capacities of trust subjects were introduced. Compared with BLP, TBAC is more available, flexible and fine-grained. The results show TIFC is an effective, flexible and accurate framework in tracking and controlling the information flow at runtime, and TIFC solves the problem of covert channel caused by control flow during program execution.