Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Control method and system of restricted access in Android application multi-running environment

A technology that restricts access and control methods. It is applied in the directions of instruments, calculations, and electrical digital data processing. It can solve the problems of different application isolation and privacy information leakage, and achieve the effect of low overall system overhead.

Inactive Publication Date: 2018-12-04
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, it has the same file system access rights as the host application, including access to read and write access to other important application file directories in a multi-open environment, resulting in leakage of private information
[0007] To sum up, no one has proposed a solution to control application permissions in a multi-open environment. Previous research mainly focused on isolating malicious applications to restricted environments, which is also different from application isolation on the Android operating system. Access control in an application multi-open environment is resource access control for multiple processes running as a single user

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Control method and system of restricted access in Android application multi-running environment
  • Control method and system of restricted access in Android application multi-running environment
  • Control method and system of restricted access in Android application multi-running environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0063] Below at first explain and illustrate with regard to the technical terms of the present invention:

[0064] Android: The mobile operating system based on the Linux kernel developed by Google has a relatively high market share in the mobile operating system market due to its openness.

[0065] Virtual machine: refers to the runtime of the application program in the Android system, specifi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a control method and system of restricted access in an Android application multi-running environment, an open source virtualization framework is extended, and a privilege escalation attack initiated by a ClientApp due to the sharing of a permission of a HostApp is limited. The method includes a step of judging whether a current sensitive API call operation is legal or not with the combination of loaded policy information if a current operation is the sensitive API call operation when the ClientApp is running, and allowing the ClientApp to call a real API if so, a step of triggering an IOHook module to obtain a currently accessed file directory if the current operation belongs to a file access operation, then allowing an IoCheck module to check whether current accessis legal or not with the combination of a policy library, and calling a real system for file operation if so, and a step of analyzing a permission list to be a default quasi-permission authorizationset while the HostApp loads the ClientApp, and forming an authorization set with the integration of a developer-configured policy. According to the method and the system, the sensitive API access control in a third-party application multi-running environment is achieved.

Description

technical field [0001] The present invention relates to the fields of mobile security and access control, and more specifically, to a control method and system for restricting access in an Android application multi-open environment. Background technique [0002] As a personal personal handheld device, an Android mobile phone stores a lot of personalized user privacy data. Some of these data are generated when the user uses an application developed by a third party, such as the account number and password for logging in to a social application, and browsing information generated by a browser. Records, etc., and some data such as GPS, mobile device ID, etc. are provided by the Android phone itself. On the native Android system, in order to ensure the security of user privacy data, each application runs an instance with the same UID. The security sandbox technology is used to isolate the application and the application. The implementation of the security sandbox is based on the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/51
CPCG06F21/51
Inventor 李瑞轩代德顺汤俊伟韩洪木辜希武张婧涂建伟
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com