| Android is taking a more important role in smart phone operating system. It is truly getting more and more popular since its first appearance at2007because it’s the first mass-produced consumer-market open source mobile platform. However, every coin has two sides. The users got the ability to install third-part packages and likely to install the applications written by hackers and saboteurs. At the other hand, there are some deficiencies on Android Permission model thus drawn researcher’s attention.We can see all the permissions an application request while in installing, then we trust it because the number of permissions really in use is not more than requires. We have no choice but to allow the application to access all the permissions if we wish to use it. There is no way to grant some permissions and deny others, only we can do is just yes or no. Another terrible question is that some applications can request permissions in batches, and then pass the results together, do whatever they want.In this paper, I present an extended permission model for Android:firstly, find out the really used permissions in an application and make them replace for those request ones. Secondly, impose constraints on the usages of permissions, record the communication of applications and combine their permissions to figure out whether the operation is secure or not. |
PDF Full Text Request