| Android System has become one of main stream operating systems because of its openness and usability. However, the privacy data is saved as plaintexts in Android devices, which makes them vulnerable to protect user’s privacy.In order to solve the problem of user privacy leakage when the device is lost or stolen, this thesis customized the original version of Android system to enhance the privacy protection. Firstly, the privacy data in Android system has been classified. The storage position and storage mechanism will be concluded, which will be analyzed detail in following steps. The weakness needs to be strengthened will be found out. Secondly, security levels of Android lock screen authentication, SQLite database and external SD card will be consolidated after these analysis. The brute force password breaking of the lock screen will be avoided with the introduction of time delaying penalties comparing to the original authentication method. A transparent database encryption function has also been implemented to solve the security problem of plaintext storage. To protect the privacy data stored in the SD card, an optional SD card encryption function has been introduced in this article as well. As a result of this encryption, photos and videos user saved in this card will be well protected.The result of tests shows the encryption technology implemented in this thesis can protect the user privacy data effectively. The database files are transparently encrypted, which means information stored in the database cannot be read out without a password authentication. Meanwhile, the SD card is full disk encrypted, thus makes the stored data cannot be acquired even using a professional data recovery software. Our experiments also analyzed the system performance influence of the security enhancement used in this thesis. Comparing to systems without data encryption, the accessing performance of the database has been lowered about 30%, while it dropped about 50%in the SD card accessing. However, we think this performance degradation is acceptable in the field with a high level security requirement. |
PDF Full Text Request