跳到主要內容

臺灣博碩士論文加值系統

(44.210.99.209) 您好!臺灣時間:2024/04/18 16:35
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:王亮鈞
研究生(外文):Wang, Liang-Chun
論文名稱:現存作業系統的安全強化議題:以Android Open Source Project為例
論文名稱(外文):Enhancing Security Features in Off-the-shelf Operating Systems: A Case Study with The Android Open Source Project
指導教授:吳育松
指導教授(外文):Wu, Yu-Sung
口試委員:吳育松許富皓黃俊穎
口試委員(外文):Wu, Yu-SungHsu, Fu-HauHuang, Chun-Ying
口試日期:2016-01-12
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊科學與工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2017
畢業學年度:105
語文別:中文
論文頁數:38
中文關鍵詞:行動裝置管理使用者管理AndroidSELinux
外文關鍵詞:mobile device manageuser manageAndroidSELinux
相關次數:
  • 被引用被引用:0
  • 點閱點閱:272
  • 評分評分:
  • 下載下載:35
  • 收藏至我的研究室書目清單書目收藏:0
智慧型行動裝置具備連網、照相、錄音、定位等能力,並可透過應用程式幻化出多樣的功能與型態,如收發訊息、電子郵件、地圖導航等,帶給了使用者許多的方便,卻也造成許多的資安隱憂。為了更完整地掌控整個行動裝置,市面上存在著許多現成的MDM(Mobile Device Management) App,透過MDM我們可以限制應用程式或是整部裝置進行照相、錄音等敏感行為,以符合企業的資安政策,或是當手機遺失之時,遠端清除裝置內的敏感資訊。
然而一般層級的應用程式並無法達到較為完整的掌控,所以我們將MDM client 提升為系統層級的應用程式,如此一來便能使用更為強力的API來控制裝置,並分析AOSP(Android Open Source Project)的原始碼,在掌控功能的關鍵位置插入我們自訂的程式碼,更進一步強化MDM對於整部裝置的掌控力,以及利用SELinux on Android來達到更為強力且完整的掌控。
Mobile devices have many function such as surfing the Internet, taking pictures, recording and locating. And can be turned to many functions and features like receiving and sending message, e-mail, GPS, etc. Mobile devices bring users a lot of convenience, but also bring us privacy-sensitive problem. For the full control of the whole mobile, there are many off-the-shelf MDM (Mobile Device Manager) App. Through MDM, we can limit sensitive behaviors of Apps or the whole device for the privacy policy of the corporate.
But normal Apps can’t take powerful control of the whole device. So we install MDM client on the device as system App, thus MDM can take advantage of system API. Then we trace the source code of AOSP (Android Open Source Project). And insert some hooks in the points which control the usage of sensitive behavior to make MDM more powerful. After that, we use SELinux on Android to achieve the goal of deeper control of the whole device.
Chapter 1. Introduction 1
Chapter 2. Background 2
2.1. Android Open Source Project 2
2.2. Permissions 2
2.2.1. Normal permission 2
2.2.2. Dangerous permission 2
2.2.3. Signature permission 3
2.2.4. SignatureOrSystem permission 3
Chapter 3. Enhancement of Security Features for Android 4
3.1. Use of system services by Android Apps 4
3.2. System App 5
3.3. User Manager 5
3.4. Enhanced Security Features 5
3.4.1. GPS 6
3.4.2. Wi-Fi 7
3.4.3. Hotspot 10
3.4.4. 3G network 11
3.4.5. VPN 12
3.4.6. Bluetooth 13
3.4.7. SD card access 14
3.4.8. USB 16
3.4.9. Microphone 17
3.4.10. Time lock 17
3.4.11. Device Admin registration 18
3.4.12. Limited network access 19
3.5. Enhancement Automation 20
Chapter 4. Implementation 23
4.1. MDM Client protection mechanism 23
4.1.1. Factory reset 23
4.1.2. Android Debug Bridge 24
Chapter 5. Evaluation 25
5.1. Testbed environment 25
5.2. Functionality check 25
Chapter 6. Related Work 36
Chapter 7. Conclusion 37
Reference 38
[1] Android Developers. Android Open Source Project. Available: http://source.android.com/
[2] Android Developers. Permissions. Available: http://developer.android.com/reference/android/Manifest.permission.html
[3] Android Developers. UserManager. Available: http://developer.android.com/reference/android/os/UserManager.html
[4] Wikipedia. FUSE. Available: https://en.wikipedia.org/wiki/Filesystem_in_Userspace
[5] Clang. Libtooling. Available: http://clang.llvm.org/docs/LibTooling.html
[6] Graphviz. Graphviz. Available: http://www.graphviz.org/
[7] Android Developers. Android Debug Bridge. Available: https://developer.android.com/studio/command-line/adb.html
[8] M. Nauman, S. Khan, and X. Zhang, "Apex: extending Android permission model and enforcement with user-defined runtime constraints," In proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 328-332, 2010.
[9] W. Enck, P. Gilbert, B.-g. Chun, L. P. Cox, J. Jung, P. McDaniel, et al., "TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones," In proceedings of the 9th USENIX conference on Operating systems design and implementation, pp. 393-407, 2010.
[10] S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, et al., "FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps," In proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 259-269, 2014.
[11] A. Developers. Android NDK. Available: https://developer.android.com/ndk/index.html
[12] M. Sun and G. Tan, "NativeGuard: protecting android applications from third-party native libraries," In proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networks, pp. 165-176, 2014.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top