大数据 (Jan 2020)
Same origin based fine-grained privacy protection for mobile applications
Abstract
Mobile systems,such as Android,use permission-based access control mechanism,which is at the granularity of each application.Apart from the code from developers themselves,applications also contain code from third-party libraries,which has led to serious overuse of application permissions.A novel origin-based (similar to browsers) and fine-grained control mechanism was introduced,which broke the boundary between applications in terms of access control and finegrained the granularity to the level of code source.The mechanism was implemented onto Android framework,and a set of tools to modify applications were also offered.Experiment results suggest that system can allow (or limit) certain developers to execute certain sensitive behaviors.