论文信息 - MacDroid: 一种Android轻量级内核层强制访问控制框架 (MacDroid: A Lightweight Kernel-level Mandatory Access Control Framework for Android)

MacDroid: 一种Android轻量级内核层强制访问控制框架 (MacDroid: A Lightweight Kernel-level Mandatory Access Control Framework for Android)

Smart terminal has become an important information processing platform in the mobile Internet era, and its security threats are becoming more and more serious. The security protection architecture for traditional computers has been unable to meet the special needs of smart terminal security protection. By analyzing the characteristics and levels of the smart terminal operating system, a lightweight kernel-level mandatory access control framework (MacDroid) was de signed. The key issues of MacDroid security policy definition, security policy compilation, security policy implementation and so on were deeply studied in this paper. The MacDroid security policy description language(PSL) was proposed and the PSL lexical and grammar formal definition were given. Finally, the effect of MacDroid access control framework on the behavior of different layers of intelligent mobile terminals was evaluted. The experimental results show that the MacDroid framework has good control effect on application layer, native layer and kernel layer malware behavior of An droid smart terminal.

Lu Chen | Min Xu | Yuanyuan Ma | Nige Li | Mu Chen

[1] Bruno Crispo,et al. Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[2] Elisa Bertino,et al. Enforcing spatial constraints for mobile RBAC systems , 2010, SACMAT '10.

[3] Jean-Pierre Seifert,et al. A trusted mobile phone reference architecturevia secure kernel , 2007, STC '07.