Design And Implementation Of Android Platform-Oriented Extensible Security Model

Android OS has the largest market share of mobile phone in the world. Meanwhile, with the fast development of Mobile Internet, more and more fields such as finance and telecom involved in it, while a large amount of government organization use mobile device in their daily lifer and work which leads a high requirement on security of Android OS. However, that Android App is easily accessible and decompiled makes core code and data of APP vulnerable as reported by Google Team and Tencent Mobile Security Laboratory. Meanwhile the intent of Android is always disturbed by many Apps. What’s more, some APIs about Android’s security are useful for a large amount of developers.In order to solve those three problems, an Android Platform-oriented Extensible Security Model is proposed which is using Android System Service Layer and HAL Layer. Then Self-uninstall Service Module, Hidden File Module and Intent Listener Module are designed and implemented according to the Security Model. The Self-uninstall Service Module makes an encapsulation of Package System Service on System Service Implementation Layer to provide a service of uninstalling while Hidden File Module makes an encapsulation of Android Library to read, write and encrypt files in hidden partition. Moreover, some SDK APIs based on Binder are developed in order to reuse codes. What’s more, the Intent Listener Module is proposed to monitor call, SMS and MMS on Application Layer.Then a development environment on Linux OS is implemented in order to compile ROM and deploy it to the Mobile Phone. Then we demonstrate that the model is reliable and extensible through developing some Apps about Self- uninstall Service Module, Hidden File Module and Intent Listener Module. Then we also make some tests and demonstration. What’s more, we make a comparison between App based on System Service Layer and App based on Application Layer when we test Intent Listener Module. In the end, after a thoughtful analysis of experiments and tests, a summary of Extensible Security Model Based on Android OS is proposed. Then we refer to three shortcomings of model, including diversity of System Service, diversified versions of ROM and high cost of iteration.