The Application’s Permissions Management Model Based On Android Platform

Nowadays Android is one of the most popular operating system for mobile platforms. Ithas a relatively good mechanism for security management. It inherits the security mechanismsof the Linux kernel and has a set of security mechanisms which have their own characteristics,but it still exists a certain security defects. Android uses the "All-Or-None" model for theauthorization of the application’s permissions, users must agree to all the privileges which theapplication asks for, otherwise the application will not be installed successfully. What’s more,after the installation is finished, the permissions of the application can’t be edited, users cannot edit the permissions of the application based on their needs.To solve the above problem, in this paper, we design and implement such a model named"The Application’s Permissions Management Model based on Android Platform"("TheApplication’s Permissions Management Model for short). In this model, after the applicationis installed successfully, users can edit all the permissions which the application has appliedfor. Users can cancel the application’s permissions, also can resume the permissions that hasbeen canceled. And these operations are dynamic, real effective without any otheroperations, such as rebooting the system.In this model, when the running application calls to an permission, if the permission hasnot been canceled, the system will call the original inspection mechanism, if the permissionhas been canceled by the user, then the system will refused the call of pe rmission or returnsome information that has been set. Here just when the permisson is one of the permissions toread phone state and the contact book information, the SMS and MMS information, thesystem will return the information that has been set, othe rwise the system will refuse thecall of permissions.In order to implement the model, we make several extensions in the original system,including an application for permission editing, a database for permission label, an authoritychecker, analog information provider and add a permission to read and write the database forpermission label. The application for permission editing is the only window for the user toedit the application permissions, the database for permission label is a place to store theprogram’s permissions information, permission checker is the core of the entire model, bymodifying the original Android permissions checking mechanism, when conducting an auditauthority the system will call the newly added checker, analog information pro vider is used toreturn the analog information which has been set, by adding a permission to read and writethe database for permission label, The application for permission editing do not need to get the root permission.Finally, we deploy the model in a development board and select the View wizard,micro-channel, QQ synchronization assistant from the Google Play as a sample to test thefeasibility of this model.