Research And Implementation Of A Mobile Web Application Permission Management System

Mobile Web Application, is one of the new types of mobile applications. It is presented by the mobile web browser and ran in the mobile terminal. The main characteristic of mobile web application is "written once, runs everywhere.". Its good capability of cross-end running benefits both the user and the developer. With the development of mobile technology, mobile web apps have been more accessible to the local resources of mobile terminals. However, the shortage of permission management technique for mobile web application leads to great security danger. Therefore, in order to find a solution to solve the privacy protection problem of mobile web application, I design and implement a permission management system for mobile web applications based on Cordova. The system is integrated in a mobile web application platform based on Cordova and Android. The main work is as follows:Firstly, the concept, structure and classification of mobile web application are introduced, and some mobile web application middleware are studied and compared with one another. Then the framework and-principle of Cordova are discussed, and the mobile web application platform based on Cordova and Android is introduced. Furthermore, the difference between mobile web application permission management system and native application permission management system is researched in this thesis, and requirements of mobile web app permission management system are analyzed. In the end, The architecture and the modules of the system are designed and implemented.Secondly, the shortage of the traditional permission management methods of mobile application are analyzed, and then two new permission management strategies are proposed. One is based on roles, the other one is based on frequency. They are more suitable for satisfying the security needs of mobile web application. Moreover, corresponding model design and implementation are done.Thirdly, functional tests and performance tests are conducted to the system and the strategies. The experimental results show that the permission management system of mobile web application based on Cordova can realize dynamic, fine-grained permission management of the mobile web applications. Moreover, the role-based permission management strategy and frequency-based permission management strategy can lead to a better permission management effect. In conclusion, users are protected from privacy leak danger while using mobile web applications with the permission management system. A safer and more robust environment is made for mobile web applications to be ran in.