Research On Component Security Communication Based On Android System

Smartphones have has become an essential tool for the exchange of information for people's lives, such as shopping, social networking,browsing the latest information and other aspects are quietly changing people's daily behavior.The Android system launched by Google as one of the most popular intelligent terminal system, its market share and user usage is always increasing .Android system, however, due to its open platform, attracting major manufacturers, according to their own and user needs customized Android phone, at the same time, then the security threats are more and more prominent.Which people's daily lives, personal privacy and property security has led to a great deal of trouble, so the smart phone security issues are more and more attention.This paper mainly aims at the four major components of the Android system communication mechanism and the existence of the threat of research, then put forward reasonable and feasible design and specific implementation.This paper is a thorough analysis of the principle of communication between the four major components,, and then to study the two major security threats of Android system has appeared on the component: threat of data leakage by component hijacking and privilege escalation attacks. According to the principle of component communication and the characteristics of security threats, the following solutions are established: Component-based signature and data encryption ensure the security of component communication.1 .Firstly, the signature mechanism of the application in Android is applied to the component signature, Thus more fine-grained protection component communication security. and the key generation tool KeyTool is used to generate the public-private key pair needed for the signature,and the "package name+component name" is signed as the unique identifier and configured in AndroidManifest.xml.Visitors need to request a signature before they access, the process needs to be accessed through user authorization and system verification to be accessed.This program is a more fine-grained access to the operation on permissions, further ensuring secure access to components.2.On the basis of component signatures, both parties are authenticated and use data encryption to secure the data transmitted by the four components during communication.And according to the principle of communication components in the source code to achieve data security transmission program, Adding KeyStoreManagerService service,providing a series of encryption and decryption API and key management services,these datas that the component communication is transmitting in the form of ciphertext. The communication between the two sides can obtain the plaintext data on the basis of interdependence.For access between sensitive components, the first need to complete the component signature, the two sides on the basis of mutual trust, The transmitted data is encrypted, so even if the malicious attacker to intercept intent or vulnerable components to access sensitive components and access to sensitive information, the malicious attacker can not obtain the correct and effective information without the decryption of the correct private key.The implementation of this program is based on the Android Framework layer source code,providing developers with a variety of required interfaces, the developer can according to their own needs in the App components of the security protection, More fine-grained protection component security and better ensure the user's information and property security.