Android安全综述-论文.pdf
计算 机研 究 与发展 DOI:10.7544/issn1OOO一1239.2014
JournalofComputerResearchandDevelopment 51(7):1385—1396。2014
Android安全综述
张玉清 王 凯 杨 欢 方苗君 王志强 曹 琛
(中国科学院大学 国家计算机 网络入侵防范中心 北京 101408)
(zhangyq@ucas.ac.cn)
SurveyofAndroidOSSecurity
ZhangYuqing,WangKai,YangHuan,FangZhejun,WangZhiqiang,andCaoChen
(NationalComputerNetworkIntrusionProtectionCenter,UniversityofChineseAcademyofSciences,Beijing101408)
Abstract Androidisanoperatingsystem appliedto smartmobiledevicewhichclaimsahugemarket
share.Thestudyofitssecurityhasattractedwideattention In thispaper,weintroduceAndroid’s
.
system architectureandsecuritymechanism ,discussitssecurityperformanceandthecurrentresearch
situationfrom twoperspectives:system securityand application security
. Android’ssystem security
includeskernelsecurity,architecture security and user authenticationsmechanism securitv
. The
threatsonkernelsecurityandarchitecturesecurityaremainlyfrom vulnerability
. Thestudyofkernel
securityisfocusedonhow tointroduceSELinuxintothekerneltoimprovethesecurityperformance,
andthestudyofarchitecturesecurity isfocusedonhow to improvetheperformanceofpermission
mechanism andhow to implementAPIs(applicationprogramming interface) securelyandtoguide
developersto use APIs normatively. User authenticationsmechanism is closely related to user’s
privacysecurityandcanbeimplementedflexibly,SOthatthestudyon itssecurityhasreceivedwide
attention.Android’Sapplication security includestWO technologieswhich aremaliciousapp