计算机科学与应用

Vol.6 No.10 (October 2016)

组件间数据传输安全访问设计
Secure Access to Data Transmission for Inter-Component Communication

 

作者:

余丽芳 , 杨天长 , 牛少彰 :北京邮电大学智能通信软件与多媒体北京市重点实验室,北京

 

关键词:

安全特权提升攻击隐私敏感数据加密Security Privilege Escalation Attacks Privacy of Sensitive Data Encryption

 

摘要:

基于Android平台的手机用户量逐年增长,随即而来的安全问题也备受关注。Android安全机制中采用了沙箱机制,签名机制,权限机制等各种方式保证应用程序的安全性,但是也存在一些严重安全问题,比如特权提升攻击。本文提出的方案主要是基于权限的基础上,对传输的数据进行加密处理,如果存在特权提升攻击,但是访问者没有权限访问的情况下,则无法访问到隐私敏感数据。

With the Android platform of mobile phone subscribers increasing, the security problem is be-coming more serious and receives much concern. The security mechanisms, such as sandbox me-chanism, signature mechanism and permission mechanism, are adopted in the Android platform in various ways such as to ensure the security of application, but there are still some serious security issues, such as elevation of privilege attacks. The proposed scheme is to encrypt the transmission data mainly based on the permissions. If there is an elevation of privilege attacks, but the visitors do not have access to the case, then the sensitive data privacy cannot be accessed.

文章引用:

余丽芳 , 杨天长 , 牛少彰 (2016) 组件间数据传输安全访问设计。 计算机科学与应用, 6, 590-596. doi: 10.12677/CSA.2016.610073

 

参考文献

分享
Top