【摘要】：隨著移動(dòng)終端的發(fā)展進(jìn)入智能化時(shí)代,其性能得到極大提高的同時(shí),功能也日益豐富多彩。用戶將很多重要敏感信息和隱私數(shù)據(jù)直接存儲(chǔ)在移動(dòng)智能終端上,一旦這些信息和數(shù)據(jù)被泄露,會(huì)直接影響到用戶的經(jīng)濟(jì)利益,因此這些數(shù)據(jù)的安全顯得尤為重要。本文針對(duì)以上現(xiàn)狀,研究了敏感信息的防泄漏方法,以用戶為中心,設(shè)計(jì)實(shí)現(xiàn)一款全方位保護(hù)敏感信息的安全防護(hù)系統(tǒng)。課題設(shè)計(jì)實(shí)現(xiàn)了包括源端敏感信息加密處理隱私空間模塊、程序運(yùn)行中惡意行為檢測(cè)模塊、基于訪問(wèn)控制的軟件鎖模塊和終端丟失后敏感信息的控制防盜模塊。論文主要內(nèi)容和創(chuàng)新點(diǎn)如下:(1)提出了基于分層架構(gòu)的敏感信息安全防護(hù)模型。模型通過(guò)數(shù)據(jù)層、系統(tǒng)交互層、應(yīng)用層和功能層的設(shè)計(jì),協(xié)同保護(hù)終端上敏感信息的安全。數(shù)據(jù)層保證了敏感信息的安全存儲(chǔ);系統(tǒng)交互層對(duì)終端操作者的訪問(wèn)進(jìn)行控制;通過(guò)應(yīng)用層劃分不同的功能,為功能層防護(hù)技術(shù)的實(shí)現(xiàn)提供了接口。(2)研究了 Android移動(dòng)智能終端圖片、視頻、文件和短信加密、存儲(chǔ)、提取的方法,設(shè)計(jì)了敏感信息加密隱私空間模塊�；贏ES算法對(duì)終端上敏感信息進(jìn)行加密存儲(chǔ),保證此類信息的安全。(3)分析了 Android移動(dòng)智能終端應(yīng)用程序訪問(wèn)控制機(jī)制,提出了基于黑白名單保護(hù)程序應(yīng)用的軟件鎖方案。通過(guò)設(shè)置黑名單,對(duì)攜帶有個(gè)人敏感信息的軟件進(jìn)行鎖定保護(hù);通過(guò)臨時(shí)設(shè)置白名單,保證了合法用戶對(duì)黑名單鎖定軟件的正常使用。(4)設(shè)計(jì)并實(shí)現(xiàn)了移動(dòng)智能終端智能防盜功能。通過(guò)監(jiān)聽SIM卡狀態(tài)和獲取終端位置信息,為終端找回提供了線索;通過(guò)對(duì)終端敏感信息的遠(yuǎn)程操作,實(shí)現(xiàn)對(duì)終端敏感信息的擦除,保證了移動(dòng)智能終端丟失后敏感信息依然處于可控狀態(tài)。(5)設(shè)計(jì)了基于權(quán)限分析的惡意軟件監(jiān)控模塊。通過(guò)逆向應(yīng)用程序安裝文件,解析權(quán)限申請(qǐng),對(duì)程序安裝時(shí)的敏感權(quán)限申請(qǐng)給予提示;并通過(guò)監(jiān)測(cè)程序的訪問(wèn),對(duì)敏感信息操作行為進(jìn)行控制;通過(guò)對(duì)Android系統(tǒng)內(nèi)部文件內(nèi)容的修改,實(shí)現(xiàn)對(duì)程序應(yīng)用權(quán)限的重新授權(quán)。本文通過(guò)對(duì)Android智能終端敏感信息安全防護(hù)技術(shù)的研究,實(shí)現(xiàn)了基于分層架構(gòu)的敏感信息安全防護(hù)系統(tǒng)。經(jīng)測(cè)試表明,系統(tǒng)在功能和性能上都能很好的滿足實(shí)際需求,驗(yàn)證了系統(tǒng)的可行性、實(shí)用性和安全性,對(duì)同類敏感信息安全防護(hù)系統(tǒng)具有一定的參考意義。
[Abstract]:With the development of mobile terminal into the era of intelligence, its performance has been greatly improved, and its functions have become increasingly colorful. Users store a lot of important sensitive information and privacy data directly on mobile intelligent terminals. Once these information and data are leaked, it will directly affect the economic interests of users, so these data. In view of the above situation, this paper studies the anti-leakage methods of sensitive information, designs and implements a user-centered security protection system for all-round protection of sensitive information. The main contents and innovations of this paper are as follows: (1) A layered sensitive information security protection model is proposed. The model protects the security of sensitive information on the terminal through the design of data layer, system interaction layer, application layer and function layer. The data layer guarantees the safe storage of sensitive information; the system interaction layer controls the access of terminal operators; the application layer divides different functions to provide an interface for the implementation of functional layer protection technology. (2) The encryption, storage and extraction methods of Android mobile intelligent terminal pictures, videos, files and short messages are studied, and the sensitive information is designed. Information Encryption Privacy Space Module. Encrypt and store sensitive information on the terminal based on AES algorithm to ensure the security of this kind of information. (3) Analyze the access control mechanism of Android mobile intelligent terminal application program, put forward a software lock scheme based on black and white list protection program application. (4) Intelligent anti-theft function of mobile intelligent terminal is designed and implemented. By monitoring the status of SIM card and acquiring terminal location information, clues are provided for the terminal to retrieve. Remote manipulation of sensitive information of terminal is carried out. (5) Designed a malicious software monitoring module based on privilege analysis. Through reverse application program installation file, parsed the privilege application, prompted the sensitive privilege application when the program was installed; and through the monitoring process. By modifying the contents of the files in the Android system, the application authority of the program is re-authorized. Through the research on the sensitive information security protection technology of Android intelligent terminal, the sensitive information security protection system based on hierarchical structure is realized. The function and performance of the system can meet the actual needs very well, which verifies the feasibility, practicability and security of the system. It has a certain reference significance for similar sensitive information security protection systems.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP309;TP316

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 袁萌;;Android計(jì)劃為什么要懸賞1000萬(wàn)[J];信息系統(tǒng)工程;2007年12期

2 林耕宇;;觀摩50名Google Android程序開發(fā)競(jìng)賽作品[J];電子與電腦;2008年08期

3 樹子;;Android中文版不完全體驗(yàn)[J];互聯(lián)網(wǎng)天地;2009年04期

4 Jason Whitmire;;產(chǎn)業(yè)軟件專家如何協(xié)助解決Android的分裂困境[J];電子與電腦;2010年02期

5 蔣彬;;10款A(yù)ndroid手機(jī)必備應(yīng)用——Android操作系下的軟件評(píng)測(cè)[J];微電腦世界;2010年04期

6 ;PCWorld Windows Phone 7挑戰(zhàn)Android 毅然崛起的AndroidⅠ洗心革面的Windows Phone 7[J];微電腦世界;2010年08期

7 韓青;;Android平臺(tái)發(fā)展的動(dòng)力與挑戰(zhàn)[J];中國(guó)電子商情(基礎(chǔ)電子);2010年09期

8 方智勇;;Android手機(jī)這樣用[J];電腦迷;2010年15期

9 缺少浪漫;;Android的另一面[J];電腦迷;2010年13期

10 ;ZTE and Three Release Android ，

本文編號(hào)：2184823