中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/74642
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 78937/78937 (100%)
造訪人次 : 39179630      線上人數 : 466
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/74642


    題名: DPC:A Dynamic Permission Control Mechanism for Android Third-party Libraries
    作者: 陳昌毅;Chen, Chang-Yi
    貢獻者: 資訊工程學系
    關鍵詞: 權限分離;Android系統第三方函式庫;動態控制權限
    日期: 2017-07-17
    上傳時間: 2017-10-27 14:34:38 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著智慧型手機的發展,具備各式功能的APP爭相上架,但為了降低開發時間及成本,許多開發者使用不安全或不熟悉的third-party library,而Android的權限機制卻給予third-party library擁有與host-app一模一樣的存取權限。因此如何阻止third-party library進行越權行為成了值得探討的問題。
    在先前的研究 [1]、 [2]都有提到了third-party library會有越權的行為,進一步地對使用者隱私造成威脅。為此本篇論文做出兩點貢獻(一)針對Android framework中的權限控制機制做出修改並且讓運行時的權限管理更加彈性。(二)阻擋third-party library的越權行為,開發者能夠動態的關閉/開啟APP所擁有的敏感權限,保護使用者隱私。
    為了證明此機制的可用性,本論文對許多Real-world APP進行實際測試,在Google Play商店中獲得熱門APP,將這些APP套用我們所開發出來的機制,提供開發者動態地阻止敏感功能運作藉此證明此機制,限制third-party library存取敏感權限。
    ;App with all kinds of features arise in today′s smart phone market, many developers use unsafe or unknown Third-party Library to reduce the development time and cost; however, host-app and Third-party Library has the same permissions, there is no clear distinctions between them. Therefore, how to prevent Third-party Libraries from overriding permissions has become an worth discussing issue.
    Previous research [1], [2] have mentioned the third-party library might have the issue of exceeding the permission and threat the users’ privacy. This thesis has two contributions: (1) Modify the permission mechanism of Android framework and achieve more dynamically control permission in the runtime. (2) Prevent third-party library from exceeding the permission. Developer enable to open/close permissions of the App have to protect users’ privacy.
    In order to prove the practicality of this mechanism, this thesis examines many Real-world APPs obtaining popular APPs in the Google Play store. The results of applying these APPs not only shows that our proposed mechanism successfully enables the developer to dynamically control permission in the runtime but being able to restrict third-party library to access sensitive permission.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML155檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明