Android storage application sandbox based on application program virtualization, and communication method thereof

An application program and virtualization technology, applied in the field of communication, can solve problems such as violation of the homology model and poor security, and achieve the effect of improving communication security

Active Publication Date: 2017-02-08
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As an alternative, inline reference monitoring moves the reference monitor to the application layer and allows users to install security extensions in the form of applications. However, the reference monitor and untrusted applications share the same process space, which is less secure, and at the same time The inline reference watcher needs to be modified and the application needs to be re-signed, which violates Android's signature-based same-origin model

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android storage application sandbox based on application program virtualization, and communication method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The technical solution of the present invention will be further described below in conjunction with the accompanying drawings.

[0031] like figure 1 As shown, the Android storage application sandbox based on application virtualization includes an agent running in a permission control process and one or more targets running in an isolated process. strong security circle;

[0032] The agent is an application program process, has all platform permissions assigned by the system, and can interact normally with the Android middleware as a mandatory agent for all interactions between the target and the Android system; the agent includes an API layer, a core logic layer and a virtual layer:

[0033] API layer: including inter-process communication receivers and system call receivers;

[0034] Core logic layer: Implement policy enforcement points for Binder inter-process communication and system calls, and provide basic functions for applications by replicating the functions ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android storage application sandbox based on application program virtualization. The Android storage application sandbox comprises an agent and a target, wherein a strong secure boundary used for securely isolating untrusted application programs exists between the target and the agent; the agent is an application program process, owns all platform permissions distributed by a system, can normally interact with Android middleware and is used as all interactive compulsory agents between the target and an Android system; the agent comprises an API (Application Program Interface) layer, a core logic layer and a virtual layer; and the target does not have a platform permission, can not access Android firmware, can not change a file system and comprises sandbox service, a Binder interprocess communication interceptor and a system calling interceptor. Safety provided by an isolation process is used, and the untrusted application programs are dynamically loaded and executed in the process to avoid revising an operating system and the untrusted application programs. Meanwhile, a controllable method is used for permitting the untrusted application programs to execute an input / output operation and access system resources, and the untrusted application programs are packaged in the sandbox environment.

Description

technical field [0001] The invention belongs to the technical field of communication, and in particular relates to an Android storage application sandbox based on application virtualization and a communication method. Background technique [0002] With the ubiquity of Android and the popularity of the open source system, the privacy of smartphone users, especially Android OS users, is compromised by many different threats. These threats include increasingly sophisticated malware and spyware, developer negligence, and the lack of fail-safe defaults in the Android SDK. To address this situation, developing new ways to protect end-user privacy has become an active topic in the Android security field in recent years. [0003] Existing methods for deploying Android Security Extensions are OS Security Extensions and Inline Reference Monitoring. OS Security Extensions demonstrates a user identifier-centric Android security architecture that, while providing strong security guaran...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 罗俊海刘佐婷吴琦付亮
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap