关键词: ARM-Android, 访问控制, 模型改进

Abstract: With the increasing dependence on mobile devices, the security of mobile platforms has aroused extensive attention. Android is a popular open source software stack for a wide range of embedded devices. As the core of system security, the access control mechanism of Android is always a hot spot. This paper focuses on access control mechanisms for the ARM-Android platform, including the hardware isolation, application sandbox and permission-based protection methods. Several model enhancements in different system levels are analyzed according to the comparison of specific control strategies. Then the status of research on multi-level comprehensive access control schemes is summarized. Furthermore, combining ARM TrustZone isolation environment, this paper proposes an access control model and its key technology. Mechanism specifications are obtained through the system analysis, and the formal method is applied to model abstraction and demonstration. Based on the vulnerability analysis and formal modeling work, directions for the relevant research are discussed at last.

Key words:  ARM-Android, access control, model enhancement