Privilege isolation method and device of Android third-party class library

A permission and class library technology, applied in the field of system security, can solve the problems of abuse of host application permissions, inability to use it in a wide range, user privacy leakage, etc., and achieve the effect of simple use.

Inactive Publication Date: 2017-02-22
UNIVERSITY OF CHINESE ACADEMY OF SCIENCES +1
View PDF7 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Because Android permissions are granted at the application level, when an Android application including a third-party library is installed, the host application and the third-party library it uses will share all permissions, including those that do not belong to the third-party application. Caused over-privilege of third-party libraries
Third-party libraries may abuse the permissions of the host application, leading to security issues such as user privacy leakage
However, these works either modify the application installation package or the Android framework, and cannot be widely used

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Privilege isolation method and device of Android third-party class library
  • Privilege isolation method and device of Android third-party class library
  • Privilege isolation method and device of Android third-party class library

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0037] In order to solve the problems in the prior art, this embodiment provides a method and device for isolating permissions of an Android third-party class library. The following firstly introduces a method for isolating permissions of an Android third-party class library provided by an embodiment of the present invention.

[0038] figure 1 It is a schematic flow chart of the Android third-party class library permission isolation method provided by the embodiment of the present invention. The method includes the following steps,

[0039] Step 1. Configure permission information, including the dangerous permissions applied for by the application, the third-party class library information used, and the permissions granted.

[0040] Among them, dangerous permissions refer to permissions that may obtain user privacy data, including the contents shown ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a privilege isolation method and device of an Android third-party class library. The method comprises the following steps of: configuring the privilege information of an application, wherein the privilege information comprises adopted third-party class library information and the privilege endowed to the third-party class library; when the application is started, replacing a sensitive method or function, and calling and redirecting the sensitive method or function to an agent method or function; and obtaining the caller of the sensitive method or function, judging whether the calling is legal or not, if the calling is legal, calling back an original method or function, and otherwise, stopping the calling. The device comprises an interception module, a control module, a checking module and a privilege file. By use of the privilege isolation method and device of the Android third-party class library, the privileges of the Android third-party class library and a host application during operation can be effectively isolated, and therefore, the third-party class library can not use the privilege of the host application.

Description

technical field [0001] The invention belongs to the technical field of system security, and relates to a third-party class library authority isolation method and device, in particular to an Android third-party class library authority isolation method and device. Background technique [0002] The Android third-party class library is widely used in the Android application development process to simplify and accelerate the program development process, provide some better performance or additional functions, etc. However, unlike system class libraries, the security of third-party class libraries cannot be guaranteed. When developers use third-party class libraries, they often focus on the functions they provide, while ignoring their security. [0003] Because Android permissions are granted at the application level, when an Android application including a third-party library is installed, the host application and the third-party library it uses will share all permissions, inclu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F21/74
CPCG06F21/53G06F21/74
Inventor 王发波张玉清
Owner UNIVERSITY OF CHINESE ACADEMY OF SCIENCES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap