篇名 | 探討Android系統安全機制 |
---|---|
卷期 | 26 |
並列篇名 | Study in Android System Security Mechanisms |
作者 | 許博學 |
頁次 | 075-084 |
關鍵字 | Android 、 安全 、 權限 、 弱點 、 Android 、 Security 、 Permission 、 Vulnerability |
出刊日期 | 201310 |
Android系統安全機制的良窳,攸關龐大數量Android裝置在私人及企業使用上的安全性,影響至廣且深。妥善的應用程式隔離措施與權限管制資源存取是它的優點,但允許執行原生碼及未全面強制權限管制卻造成安全漏洞。本文提出對Android系統安全機制的改進建議,與現階段使用者可行的安全強化措施。
Whether Android system security is good enough will make a great impact on information security, since a huge amount of Android devices are currently used for security-critical private and business applications. Android system has advantages of a very good design of application isolation mechanism and permissions control for system resources, but it is flawed by native code execution and unenforced permissions checking for caller’s authority. Both suggestions for improvements on Android system security and feasible security consolidations for mobile users are major issues in this paper.