摘要
Android采用基于权限的访问控制方式对系统资源进行保护,其权限管控存在管控力度过粗的问题。同时,部分恶意程序会在用户不知情的情况下,在隐私场景下偷偷地对资源进行访问,给用户隐私和系统资源带来一定的威胁。在原有权限管控的基础上引入了访问控制列表(ACL)机制,设计并实现了一个基于ACL机制的Android细粒度权限管控系统。所提系统能根据用户的策略动态地设置应用程序的访问权限,避免恶意代码的访问,保护系统资源。对该系统的兼容性、有效性的测试结果表明,该系统能够为应用程序提供稳定的环境。
Android uses the permission-based access control method to protect the system resources,which has the problem of rough management.At the same time,some malicious applications can secretly access resources in a privacy scenario without the user s permission,bringing certain threats to user privacy and system resources.Based on the original permission management and control and with the introduction of Access Control List(ACL)mechanism,an Android fine-grained permission management and control system based on ACL mechanism was designed and implemented.The proposed system can dynamically set the access rights of the applications according to the user s policy,avoiding the access of malicious codes to protect system resources.Tests of compatibility and effectiveness show that the system provides a stable environment for applications.
作者
曹震寰
蔡小孩
顾梦鹤
顾小卓*
李晓伟
CAO Zhenhuan;CAI Xiaohai;GU Menghe;GU Xiaozhuo;LI Xiaowei(Gansu Information Center,Lanzhou Gansu 730030,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;Northwest Institute of Eco-Environment and Resources,Chinese Academy of Sciences,Lanzhou Gansu 730030,China;Information Center of Gansu Association for Science and Technology,Lanzhou Gansu 730030,China)
出处
《计算机应用》
CSCD
北大核心
2019年第11期3316-3322,共7页
journal of Computer Applications
基金
国家自然科学基金资助项目(61602475)
国家密码发展基金资助项目(MMJJ20170212)
甘肃省科技支撑计划项目(1504FKCA096)~~
