Method and system for dynamic application program safety management based on SEAndroid platform

Abstract

The invention relates to SEAndroid platform based system safety management, in particular to a method and a system for dynamic application program safety management based on an SEAndroid platform. The method includes performing category classification on each permission in a system permission library to acquire a system template type library; during operation of an application program, capturing and intercepting progress creation of the application program, and judging whether the application program is started for the first time after being installed or not; if not, directly executing the progress creation; if yes, analyzing a configuration file of the application program, and acquiring a safety label set through matching and inquiring; based on the acquired safety label set, displaying a safety strategy selection interface to a user, generating a safety strategy setting file according to selection setting of the user, and executing the progress creation of the current application program according to the safety strategy setting file of the current application program. The invention further provides the dynamic application program safety management system corresponding to the method. The method and the system can be applied to SEAndroid based terminal equipment and have the advantages of convenience and safety.

Description

technical field [0001] The invention relates to system security management based on SEAndroid (Security Enhanced Android System) platform, in particular to a method and system for dynamic security management of application programs based on SEAndroid platform. Background technique [0002] SEAndroid is based on SELinux (Security Enhanced Linux System) by the US National Security Agency (NSA), modified and transplanted according to the characteristics of Android. In SELinux, by defining the allowed operations of each process in advance, it is forbidden to perform deviant operations. SEAndroid follows this mechanism, and by restricting the operating authority of each process, it can prevent malicious software from tampering with the system. Generally speaking, in order to take advantage of the usurped root authority (system super authority) for a long time, malicious software that attacks vulnerabilities will bury special commands in the Android system area (such as the su sw...

AI Technical Summary

Problems solved by technology

The biggest problem with the SEAndroid system itself is that it follows the inherent SELinux administrator operation mode. Only users who are familiar with the Linux system have the ability to customize the system's security policy library, that is, modify it based on the source code to change the application. security context, this operation method is difficult to transplant to mobile terminal operating systems for ordinary consumers, because the operation complexity of security policy modified based on source code makes it difficult for general end users to implement security policies on terminal devices. custom made

With the widespread application of Android, security issues have become more and more prominent. In addition, users have increased concerns about privacy and security. Users hope to participate in the system protection of terminal devices, and security policies based on source code modifications are increasing. This reduces the user's interaction cost (users need to be familiar with the corresponding operating instructions of the Linux system), so there is an urgent need for an easy-to-use and safe operation method for formulating security policies to reduce the user's interaction cost without reducing the cost of the system. security attribute

Images