Authorization configuration file generation method and device, equipment and storage medium

A configuration file and file technology, applied in the direction of program control device, computer security device, program control design, etc., can solve the problems of low efficiency and time-consuming, and achieve the effect of saving human resources and improving authorization efficiency

Active Publication Date: 2020-01-24
SHENZHEN SKYWORTH RGB ELECTRONICS CO LTD
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

According to the method of adding SELinux authorization according to the log information, the application needs to be tested in advance to obtain the log information, and the test is a very time-consuming operation, and the way of manually adding SELinux authorization is obviously inefficient, and it is harmful to developers. There are high requirements for qualifications, and currently most developers do not have this ability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authorization configuration file generation method and device, equipment and storage medium
  • Authorization configuration file generation method and device, equipment and storage medium
  • Authorization configuration file generation method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] figure 1 It is a schematic flowchart of a method for generating an authorization configuration file provided in Embodiment 1 of the present invention. The method for generating an authorization configuration file provided in this embodiment is applicable to the scenario of automatically performing SELinux authorization on programs on the Android platform, so as to ensure the security of the Android system. The SELinux authorization syntax format is: allow subType(:process) objType:objResType permission, which means: allow the subType type of authorization subject (usually a certain type of process) to have certain permissions on objects of type objType:objResType ( Specifically, the permission is, for example, operations such as reading or writing). The technical solution of the embodiment of the present invention aims to determine the target fields (subType, objType, objResType, and permission) in the authorization syntax format through an automated way of source code...

Embodiment 2

[0093] image 3 It is a schematic structural diagram of an apparatus for generating an authorization configuration file provided by Embodiment 2 of the present invention. see image 3 As shown, the device includes: a first determination module 310, a second determination module 320, an analysis module 330, an authorization statement generation module 340 and an authorization configuration file generation module 350;

[0094] Among them, the first determination module 310 is used to determine the source code authorization mapping table, and the source code authorization mapping table includes the functions with standard functions that are allowed to be matched, the object types that are allowed to be operated, and the allowed operation types. Mapping relationship; the second determination module 320 is used to determine the security context file, and the security context file includes the owner type to which the operated object is allowed to operate; the parsing module 330 is ...

Embodiment 3

[0111] Figure 4 It is a schematic structural diagram of an electronic device provided by Embodiment 3 of the present invention. Figure 4 A block diagram of an exemplary electronic device 12 suitable for use in implementing embodiments of the invention is shown. Figure 4 The electronic device 12 shown is only an example, and should not limit the functions and scope of use of the embodiments of the present invention.

[0112] Such as Figure 4 As shown, electronic device 12 takes the form of a general-purpose computing device. Components of electronic device 12 may include, but are not limited to, one or more processors or processing units 16, system memory 28, bus 18 connecting various system components including system memory 28 and processing unit 16.

[0113] Bus 18 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an authorization configuration file generation method and device, equipment and a storage medium, and the method comprises the steps: determining a source code authorization mapping table which comprises a function which is allowed to be matched and has a standard function, an object type which is allowed to be operated by the function, and a mapping relation between allowed operation types; determining a security context file, wherein the security context file comprises an owner type to which the operated object allowed to be operated belongs; analyzing a to-be-authorized application program, and combining the source code authorization mapping table and the security context file through a key field identification technology to obtain each target field in an authorization syntax format; filling each target field into a corresponding position of the authorization grammar format to generate an authorization statement; and generating an authorization configuration file based on the authorization statement. By adopting the technical scheme, the purposes of automatically generating the SELinux authorization configuration file, improving the authorization efficiency and saving human resources are achieved.

Description

technical field [0001] The embodiment of the present invention relates to the technical field of software development, and in particular to a method, device, electronic device and storage medium for generating an authorization configuration file. Background technique [0002] Due to the flexibility and good compatibility of the Android system, more and more terminals adopt the Android system, and a large number of Android applications also appear. Most of the applications may involve the user's privacy information. In order to ensure the security of the Android system, the kernel of the Android system integrates SELinux (Security-Enhance Linux, Security Enhancement System). The main role of SELinux is to minimize the resources accessible to service processes in the system. [0003] In the process of realizing the present invention, the inventor finds that there are at least the following problems in the prior art: [0004] At present, the SELinux authorization method of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/445G06F21/12
CPCG06F9/4451G06F21/125
Inventor 郭楚鹏
Owner SHENZHEN SKYWORTH RGB ELECTRONICS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap