为Android提供积极有效的隐私保护

2013 IEEE Third International Conference on Information Science and Technology (ICIST) Pub Date : 2013-03-23 DOI:10.1109/ICIST.2013.6747691

Yuhao Luo, Dawu Gu, Juanru Li

{"title":"为Android提供积极有效的隐私保护","authors":"Yuhao Luo, Dawu Gu, Juanru Li","doi":"10.1109/ICIST.2013.6747691","DOIUrl":null,"url":null,"abstract":"Although Android has introduced many security mechanisms, users often expose privacy information to attacker due to the system's defensive privacy protecting policy. The problem is that for most inexperienced users, no mandatory protection is provided. To address this issue, we propose a data-centric privacy enhancement design to actively restrict privacy violation on Android. The main idea is to first build trusted database by introducing secure enhanced kernel and data-at-rest encryption. Then, the system enforces an isolation of applications with privacy data access privilege mode. The design focuses on data protection and keeps persistent mandatory access control model from kernel to application layer, and could resist most common privacy leakage attacks. Compared with other heavyweight isolation scheme, the overhead is also controlled into an acceptable range due to our lightweight design principle.","PeriodicalId":415759,"journal":{"name":"2013 IEEE Third International Conference on Information Science and Technology (ICIST)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Toward active and efficient privacy protection for Android\",\"authors\":\"Yuhao Luo, Dawu Gu, Juanru Li\",\"doi\":\"10.1109/ICIST.2013.6747691\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Although Android has introduced many security mechanisms, users often expose privacy information to attacker due to the system's defensive privacy protecting policy. The problem is that for most inexperienced users, no mandatory protection is provided. To address this issue, we propose a data-centric privacy enhancement design to actively restrict privacy violation on Android. The main idea is to first build trusted database by introducing secure enhanced kernel and data-at-rest encryption. Then, the system enforces an isolation of applications with privacy data access privilege mode. The design focuses on data protection and keeps persistent mandatory access control model from kernel to application layer, and could resist most common privacy leakage attacks. Compared with other heavyweight isolation scheme, the overhead is also controlled into an acceptable range due to our lightweight design principle.\",\"PeriodicalId\":415759,\"journal\":{\"name\":\"2013 IEEE Third International Conference on Information Science and Technology (ICIST)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE Third International Conference on Information Science and Technology (ICIST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIST.2013.6747691\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Third International Conference on Information Science and Technology (ICIST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIST.2013.6747691","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

虽然Android引入了许多安全机制，但由于系统的防御性隐私保护策略，用户经常将隐私信息暴露给攻击者。问题是，对于大多数没有经验的用户，没有提供强制性保护。为了解决这个问题，我们提出了一个以数据为中心的隐私增强设计，以积极限制Android上的隐私侵犯。其主要思想是首先通过引入安全增强的内核和静态数据加密来构建可信数据库。然后，系统对具有隐私数据访问权限模式的应用程序实施隔离。该设计注重数据保护，保持了从内核到应用层的持久强制访问控制模型，能够抵御大多数常见的隐私泄露攻击。与其他重量级隔离方案相比，由于我们的轻量化设计原则，开销也被控制在可接受的范围内。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Toward active and efficient privacy protection for Android

Although Android has introduced many security mechanisms, users often expose privacy information to attacker due to the system's defensive privacy protecting policy. The problem is that for most inexperienced users, no mandatory protection is provided. To address this issue, we propose a data-centric privacy enhancement design to actively restrict privacy violation on Android. The main idea is to first build trusted database by introducing secure enhanced kernel and data-at-rest encryption. Then, the system enforces an isolation of applications with privacy data access privilege mode. The design focuses on data protection and keeps persistent mandatory access control model from kernel to application layer, and could resist most common privacy leakage attacks. Compared with other heavyweight isolation scheme, the overhead is also controlled into an acceptable range due to our lightweight design principle.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 IEEE Third International Conference on Information Science and Technology (ICIST)

自引率

0.00%

发文量