English  |  正體中文  |  简体中文  |  Items with full text/Total items : 74010/74010 (100%)
Visitors : 24681114      Online Users : 234
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version

    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/72177

    Title: 基於自動化權限分析之 BYOD安全政策制定研究;Automated Permission-Based Analysis for Developing of BYOD Security Policy
    Authors: 林修妤;Lin,Xiu-Yu
    Contributors: 資訊管理學系
    Keywords: BYOD安全政策;Android權限分析;惡意程式;風險程式
    Date: 2016-07-25
    Issue Date: 2016-10-13 14:30:27 (UTC+8)
    Publisher: 國立中央大學
    Abstract: BYOD (Bring Your Own Device) 為企業節省採購成本,並使工作產能提升;另一方面也讓企業面臨新的資訊安全風險,因此如何制訂與實施BYOD安全政策成為一項重要的企業資訊安全議題。而在應用程式方面,值得注意的是能夠帶來危害的並不只有惡意程式,合法的應用程序也可能暴露隱密資訊,但面對逐漸增長的應用程式數量,已無法單靠資訊人員逐一分析應用程式是否對企業造成風險。為解決上述問題,本研究提出一個稱為「自動化BYOD安全政策制定」的平台,當員工安裝了一個新的應用程式時,本平台將自動地偵測員工新安裝的應用程式是否為惡意程式,對於合法的應用程式也會分析其宣告的權限是否會對企業帶來安全風險,並將以上分析的結果以安全政策來表示,提供給企業做為制定安全政策的參考。本研究經實驗證明確實可以滿足安全政策制定功能,且本平台也具有足夠高的效率可以進行大量的應用程式分析,幫助企業面對BYOD對於管理應用程式安全性上的挑戰。;BYOD (Bring Your Own Device) make enterprises reduce their cost of purchasing and improve work efficiency. On the other hand, they also face the risks of information security, such as stealing confidential business information by employee’s own device. Therefore, it’s an important issue that how to formulate and implement the BYOD security policy in the enterprises. In the application, it is worth to notice that not only malware has risk, legitimate applications may also expose the secret information. However, with the increasing applications, it’s impossible just to rely on IT analyzing applications one by one. In order to solve these problems which enterprise faces, we propose a platform of formulating security policy for Bring Your Own Device (BYOD) by analyzing Android permission. When employees install an unknown application, the platform will automatically detect the application if a malware, and if not, we are going to find out the application have possibility of having a business risk. The results of the above analysis will translate into security policy for enterprises as a reference. Finally, the experiment proved that we actually can give the security policy advice to enterprise, and our effectiveness in analyzing application is enough to handle the tremendous amount of Android applications.
    Appears in Collections:[資訊管理研究所] 博碩士論文

    Files in This Item:

    File Description SizeFormat

    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明