| With the rapid development of processor technology, storage technology, andbattery performance, smart mobile terminals, led by smart phones and tablet PCs havebeen accepted by public quickly since the powerful features and user-friendlyinterface. While Android OS has the highest penetration rate among the various smartmobile terminals, Android-based applications and services is becoming increasinglydiverse and more difficult to control. Viruses, worms, Trojans, spyware and malicioussoftware in this situation frequently lead to the privacy data leakage and maliciousdebits, etc.For some specific security sensitive areas, this kind of malicious software isvery likely to cause the confidential information, such as conference, converse,surrounding environment, be eavesdropped and spread. In order to solve suchproblems, an effective way is to monitor and manage these applications running onthe Android system. Controlling applications running on Android system timely willprevent unsecure application executing. However, this method is confronted animportant challenge-how to avoid malicious software bypassing, deceiving andtampering the applications.Aiming at the above problem, this paper put forward a technical program usingof trust computing integrity measurement framework to build smart mobile terminaltrusted running environment. By using this technical program, I construct a smartmobile terminal trusted running control system. It does not only guarantee thecredibility of Android initial environment and avoid the malicious software bypassing,deceiving and tampering applications, but also protect confidentiality of sensitiveinformation within such areas. This paper’s work and achievements includefollowings: 1. Analyzing Android system security architecture and inherent securityproblems, concluding the solutions proposed by scholars; Summarizing the researchstatus of trusted computing, and detail its current situation in mobile terminals; Briefthe scholar’s achievements in smart mobile terminals using integrity measurements;Emphasize a technology program to solve Android system security issues.2. Transplanting IBM’s IMA framework into Android system, and constructingthe trust chain to verify the measurements of executables, thereby start Androidsystem safely.3. Adding the function of measuring Android apps’.dex executable into theframework, utilizing the measurement values of apps identify the application. Mobileterminals in the sensitive areas report application measurement values list tomonitoring centre automatically, so that the apps running on terminals can becontrolled and managed remotely.Smart mobile terminal trusted running control system is tested successfully bydeploying it on terminals and computers. This system realizes the Android terminalssafely start, as well as it displays the result of verification after the terminal enteredthe sensitive area. It avoids important information in these areas being eavesdroppedand disclosed. |
PDF Full Text Request