Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Android authority management method and system based on calling chain

A technology of rights management and call chain, applied in the direction of digital data authentication, etc., can solve problems such as application loss of rights, affecting normal operation, single consideration, etc., to avoid redundancy, avoid rights escalation attacks, and ensure the effect of terminal privacy and security

Inactive Publication Date: 2013-08-28
HUAWEI TECH CO LTD +1
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method can avoid privilege escalation attacks by applications that do not have permissions, but it also causes many applications to lose their original permissions, which affects their normal operation.
Dietz et al. of Rice University published a research report titled "QUIRE: Lightweight Provenance for Smart Phone Operating Systems" on Proceedings of the 20th Usenix Security Symposium, 2011. The QUIRE system is proposed to avoid this attack by building a call chain , but the QUIRE system establishes a call chain for each component, and needs to safely pass the call chain of the caller to the callee as the basis for building the call chain when the components communicate. This method causes a large system burden, and When requesting access, only the permissions of the call chain components are considered, and the considerations are relatively simple
At present, there is no perfect and effective rights management method that can avoid privilege escalation attacks without affecting the normal operation of the system.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android authority management method and system based on calling chain
  • Android authority management method and system based on calling chain
  • Android authority management method and system based on calling chain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only some of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0053] Such as figure 2 As shown, it is a schematic flow chart of the rights management method in the embodiment of the present invention. Embodiments will now be given to describe the method of the present invention in detail. The authority management method of the present invention mainly involves the following three links:

[0054] (1) Call chain construction. During the running of the application components, there will be a c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an android authority management method and an android authority management system based on a calling chain. The system comprises a calling chain construction module, a strategy making module, a strategy judging module and a strategy executing module. The method comprises the following steps that 1) an application component requests for resources of a terminal system, a system application program interface (API) component is called for resource accessing, an application component calling chain is constructed, the property of the application component calling chain is set, and a system resource access strategy is made; 2) when the system API component is called, the calling chain to which the application component belongs is positioned, and strategy judgment and strategy execution are performed according to the property of the calling chain; and 3) if the property of the calling chain meets the strategy, the application component is permitted to call the system API component to successfully access the system resources, or otherwise, the application component is refused to access the system resources. According to the calling chain construction method, redundancy caused by the construction of calling chain for each component is avoided, and the system burden is reduced; the text environment of the calling chain and the authority requirement of all components of the calling chain are considered through the diversification of strategy elements; and therefore, the authority lifting attack is avoided.

Description

technical field [0001] The invention belongs to the field of mobile terminal security, and mainly relates to the authority management of the Android platform, and more precisely relates to a method for managing Android authority based on an application component call chain, and an Android authority management system based on the call chain. Background technique [0002] The rapid development of the mobile Internet has enabled the rapid penetration of smart mobile terminals in the market, showing a blowout growth. Among them, the market growth of smart mobile phones is particularly significant, and the penetration rate is rising rapidly. According to the survey data of the Internet Data Center, among several major mobile smart platforms, Android is in a leading position in terms of terminal shipments and market share. In the third quarter of 2012, Android accounted for 75% of the global market share. . According to the monitoring report released by Analysys Think Tank Indus...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/45
Inventor 汪丹张妍徐震于爱民吴晓昕周启慧
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com