Research And Implementation Of A Fine-grained Permission Control Method Based On Context For Mobile Applications

With the rapid increase in smart devices,the number of mobile applications has exploded.The rapid growth of mobile applications has stimulated the continuous innovation of the Internet and the continuous improvement of functions,bringing users a great experience.But it also introduces many issues,such as using user-granted permissions for ad recommendations or revealing user privacy data.The mobile operating system uses a permission system to protect system integrity and user privacy,but the access control mechanism is too granular to meet the users' control needs and privacy requirements.Considering that the user interface(UI)acts as a carrier for user interaction with the application,it is often used by the application to reflect its potential functions.Therefore,the context information triggered by the sensitive permission request can be used to determine whether the permission request is legal.Thus,this paper proposes the fine-grained mobile application permission control method based on context.The method calculates the usage of the control permission by checking the running environment when the sensitive permission request is triggered,and intercepts and processes the sensitive permission request at the runtime.Meanwhile,the model evolves over time by continually pacing and learning from the users',decision-making to better cater to user preferences.Therefore,the model can implement context-based runtime permission control with less user participation,and process the request in combination with user preferences,which not only protects user privacy,but also implements finer-grained access control.The main work of this paper is as follows:(1)Mining the association characteristics of the sensitive permission request context,considering that similar controls often have the same function,this paper analyses the context which triggers sensitive permission requests includes the control information that triggers the sensitive permission request and the Activity information of the control to build the mapping between controls and sensitive permissions.Firstly,collect apps and try to analyze statically to extract the API corresponding to the sensitive permission and the Activity information corresponding to the control which is triggered.Then the extracted information is clustered and analyzed to obtain a similar control group,and finally calculate the sensitive API usage to build the mapping.(2)For the runtime sensitive permission request,this paper uses the common control-sensitive permission mapping as the cornerstone to implement accurate interception by triggering the context information of the sensitive permission request.Firstly,the target application is statically analyzed to extract all the context information that may trigger the sensitive permission request,and then classify to get the controls group and the corresponding permission usage by using the clustering information obtained in the common control-sensitive permission mapping construction process.Then the sensitive API and related monitoring methods are intercepted at runtime to obtain the detailed context information,the control clusters and the corresponding sensitive permissions.Processing in this way not only utilizes the comprehensiveness of static analysis,but also utilizes the real-time and accuracy of runtime interception.(3)For the intercepted sensitive permission request,considering that the user tends to perform the same processing on the same permission request triggered by the similar control,this paper adopts the method of recording the user decision,and only needs the user for the same permission under the same control cluster.Make a decision once.After the runtime intercepts and obtains the context of the sensitive permission request,it first determines whether the permission request has been decided under the same control cluster,and if the decision has been made,the same decision is taken;otherwise,the pop-up warning box is made by the user,and the user is recorded.In this way,the initial setting of all permissions is avoided,and the user preference is combined,which reduces user participation and ensures a better user experience.Based on common control to sensitive permission mapping,runtime sensitive permission request interception and decision-making,fine grained mobile application permission control method is proposed to achieve fine-grained runtime permission control combined with user preferences,reducing user participation and protecting user privacy.