Unlock instant, AI-driven research and patent intelligence for your innovation.

Security policy configuration method and device applied to SEAndroid (Security-Enhanced Android) system

A technology of security policy and configuration method, applied in the field of system security, can solve problems such as cumbersome operation, and achieve the effect of convenient configuration process

Active Publication Date: 2016-04-20
TCL CORPORATION
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Although the above SEAndroid system security policy configuration method can realize the configuration of security policies in different security policy environments, the above method needs to prepare additional security TF cards, and each time the security policy needs to be inserted into the SEAndroid system, the operation cumbersome

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security policy configuration method and device applied to SEAndroid (Security-Enhanced Android) system
  • Security policy configuration method and device applied to SEAndroid (Security-Enhanced Android) system
  • Security policy configuration method and device applied to SEAndroid (Security-Enhanced Android) system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] see figure 1 , the security policy configuration method in the embodiment of the present invention includes:

[0030] Step 101, when the SEAndroid system starts, obtain the BundleContext in the OSGI framework;

[0031] The OSGI mentioned in the embodiment of the present invention will be described below.

[0032] The Open Service Gateway Protocol (OSGI, OpenService Gateway Initiative), also known as the dynamic module system of the Java language, defines an infrastructure for the development of modular applications.

[0033] OSGI consists of two parts: the OSGI framework and OSGI standard services. The OSGI framework is an operating environment that implements and provides OSGI functions, and OSGI standard services define many reusable application programming interfaces (API, Application Programming Interface) for performing common tasks. The specification of the OSGi framework and standard services is managed by the OSGi Alliance. The OSGi framework plays a central...

Embodiment 2

[0063] On the basis of Embodiment 1, the embodiment of the present invention further adds a security policy dynamic replacement scheme, so that after completing the configuration of the default security policy, the user can change the configuration of the security policy as needed, such as figure 2 As described, the security policy configuration method in the embodiment of the present invention includes:

[0064] Steps 201-205. For the specific implementation process of steps 201-205, reference may be made to the description of steps 101-105 in Embodiment 1, which will not be repeated here.

[0065] Step 206, if the input security policy configuration instruction is received, compare the name of the security policy to be configured contained in the above security policy configuration instruction with the name of the security policy currently configured by the SEAndroid system;

[0066] In the embodiment of the present invention, the terminal can provide the user with a securi...

Embodiment 3

[0074] On the basis of Embodiment 1, the embodiment of the present invention further adds a security policy dynamic replacement scheme, so that after completing the configuration of the default security policy, the user can change the configuration of the security policy as needed, and, through the preset The database stores the configured security policies, and the configured security policies can be installed locally without querying and downloading from the cloud server, which makes the security policy configuration faster. Specifically, such as image 3 As described, the security policy configuration method in the embodiment of the present invention includes:

[0075] Steps 301-304. For the specific implementation process of steps 301-304, reference may be made to the description of steps 101-104 in Embodiment 1, which will not be repeated here.

[0076] Step 305, binding and storing the bundle identifier of the currently installed bundle file and the name of the security...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security policy configuration method and device applied to a SEAndroid (Security-Enhanced Android) system. The security policy configuration method comprises the steps of obtaining BundleContext in an OSGI framework when the SEAndroid system is started up; downloading bundle files corresponding to a default security policy from a cloud server; calling a BundleContext.installBundle method based on the BundleContext to install the currently downloaded bundle files; obtaining bundle identifiers of the currently installed bundle files; and calling a BundleContext.start method based on the BundleContext and the currently obtained bundle identifiers to start the currently installed bundle files. According to the provided technical scheme, the security policy configuration becomes more convenient.

Description

technical field [0001] The invention relates to the technical field of system security, in particular to a security policy configuration method and device applied to SEAndroid system. Background technique [0002] Android is a free and open source operating system based on Linux, mainly used in mobile devices, such as smart phones and tablets, led and developed by Google and the Open Handset Alliance. SELinux (full name in English: Security-Enhanced Linux) system is the implementation of Mandatory Access Control (MAC, Mandatory Access Control) by the National Security Agency (NSA, National Security Agency), and is the most outstanding new security subsystem on Linux. The SELinux system is the most comprehensive and well-tested of the Linux security modules currently available, building on 20 years of MAC research. [0003] In order to enhance the security of the Android (Android) system, on the basis of the SELinux system, NSA modified and transplanted it according to the c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 孙向作
Owner TCL CORPORATION