| 基于访问控制列表机制的Android权限管控方案 |
| |
| 引用本文: | 曹震寰,蔡小孩,顾梦鹤,顾小卓,李晓伟.基于访问控制列表机制的Android权限管控方案[J].计算机应用,2019,39(11):3316-3322. |
| |
| 作者姓名: | 曹震寰 蔡小孩 顾梦鹤 顾小卓 李晓伟 |
| |
| 作者单位: | 1. 甘肃省信息中心, 兰州 730030;2. 中国科学院 信息工程研究所, 北京 100093;3. 中国科学院 西北生态环境资源研究院, 兰州 730000;4. 甘肃省科协信息中心, 兰州 730070 |
| |
| 基金项目: | 国家自然科学基金资助项目(61602475);国家密码发展基金资助项目(MMJJ20170212);甘肃省科技支撑计划项目(1504FKCA096)。 |
| |
| 摘 要: | Android采用基于权限的访问控制方式对系统资源进行保护,其权限管控存在管控力度过粗的问题。同时,部分恶意程序会在用户不知情的情况下,在隐私场景下偷偷地对资源进行访问,给用户隐私和系统资源带来一定的威胁。在原有权限管控的基础上引入了访问控制列表(ACL)机制,设计并实现了一个基于ACL机制的Android细粒度权限管控系统。所提系统能根据用户的策略动态地设置应用程序的访问权限,避免恶意代码的访问,保护系统资源。对该系统的兼容性、有效性的测试结果表明,该系统能够为应用程序提供稳定的环境。
|
| 关 键 词: | Android 数据安全 细粒度权限管控 访问控制列表机制 系统资源 |
| 收稿时间: | 2019-04-23 |
| 修稿时间: | 2019-07-25 |
Android permission management and control scheme based on access control list mechanism |
| |
| CAO Zhenhuan,CAI Xiaohai,GU Menghe,GU Xiaozhuo,LI Xiaowei.Android permission management and control scheme based on access control list mechanism[J].journal of Computer Applications,2019,39(11):3316-3322. |
| |
| Authors: | CAO Zhenhuan CAI Xiaohai GU Menghe GU Xiaozhuo LI Xiaowei |
| |
| Affiliation: | 1. Gansu Information Center, Lanzhou Gansu 730030, China;2. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;3. Northwest Institute of Eco-Environment and Resources, Chinese Academy of Sciences, Lanzhou Gansu 730030, China;4. Information Center of Gansu Association for Science and Technology, Lanzhou Gansu 730030, China |
| |
| Abstract: | Android uses the permission-based access control method to protect the system resources, which has the problem of rough management. At the same time, some malicious applications can secretly access resources in a privacy scenario without the user's permission, bringing certain threats to user privacy and system resources. Based on the original permission management and control and with the introduction of Access Control List (ACL) mechanism, an Android fine-grained permission management and control system based on ACL mechanism was designed and implemented. The proposed system can dynamically set the access rights of the applications according to the user's policy, avoiding the access of malicious codes to protect system resources. Tests of compatibility and effectiveness show that the system provides a stable environment for applications. |
| |
| Keywords: | Android information security fine-grained permission control Access Control List (ACL) mechanism system resource |
|
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
