Safe development method for application middleware of mobile internet intelligent terminal

A mobile Internet and smart terminal technology, applied in the development security of smart terminal application middleware and mobile Internet security, can solve the problems of user privacy data theft, unrevocable permissions, uncontrollable API sequence, etc., to achieve the effect of protecting security

Active Publication Date: 2013-01-30
HARBIN INST OF TECH SHENZHEN GRADUATE SCHOOL
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Existing smartphone systems cannot withdraw permissions and cannot control the s

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safe development method for application middleware of mobile internet intelligent terminal
  • Safe development method for application middleware of mobile internet intelligent terminal
  • Safe development method for application middleware of mobile internet intelligent terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The present invention will be further described below in conjunction with the accompanying drawings.

[0055] The security framework uses static code detection technology to determine the security level of the program and the program's security holes, and uses dynamic active defense technology to realize the real-time withdrawal of the permissions given to the application program during installation according to the user's choice.

[0056] Static code detection technology is adopted on the platform side, and we have designed a security detection client (HIT_Security Guard) to realize dynamic and active defense. The overall structure of the framework is as figure 1 and 2 Shown:

[0057] On the platform side, before the source code of MoSync is packaged, the semantic verification of the source code is firstly performed using model checking technology. First, use the multi-pattern matching algorithm to determine the security level of the program (this step is mainly to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a safe development method for application middleware of a mobile internet intelligent terminal. The safe development method includes: A, modeling: A1, determining the safety level of a program through a multi-pattern matching algorithm and screening out a subfunction containing sensitive application program interfaces (API), A2, analyzing the subfunction, and A3, constructing a system migration picture of the subfunction to complete modeling of the system; B, specification: using standard language complementary transistor logic (CTL) to describe malicious actions of a program to construct a syntax tree of a CTL formula, and performing translation, analyzing, EF replacing and variable binding on the CTL formula; and C, verification: using a non-recursive marker algorithm to achieve model verification. The safe development method for the application middleware of the mobile internet intelligent terminal remedies shortcomings of traditional Android systems in authority endowment and can effectively protect safety of user private data, actual active defense is achieved, and all access to the private data needs to be chosen by users.

Description

technical field [0001] The present invention relates to the field of mobile Internet security, in particular to the field of security of smart terminal application middleware development. Background technique [0002] Existing smartphone systems cannot withdraw permissions and cannot control the sequence of API calls, which leads to security issues such as theft of users' private data. Contents of the invention [0003] In order to solve the problems in the prior art, the present invention uses static code detection technology to detect sensitive functions in the developer's code during the packaging and compiling stage of the developer's project, and marks the source code with a security level; the adopted technologies include: Pattern matching technology (AC), model checking technology, lexical analysis, syntax analysis, single pattern matching technology (KMP). [0004] In the software running stage, dynamic defense technology is used to detect sensitive APIs and sensi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/44G06F21/62
Inventor 王轩张加佳赵海楠吴绍梅
Owner HARBIN INST OF TECH SHENZHEN GRADUATE SCHOOL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap