| The smart home APP system is a mobile intelligent terminal operating system with a relatively high market share,and its security has attracted the attention of all sectors of society.In recent years,security incidents caused by third-party libraries(TPLs)have occurred frequently.The root cause of this problem is that there is no security boundary between the third-party library and its host application,and the third-party library can obtain all permissions of the host application,thus posing a threat to user and system security.As third-party libraries are widely used in Android application development,how to effectively manage third-party library permissions is an urgent problem to be solved.Although a large number of relevant solutions have been proposed,they have not been applied in practice.The Android system of smart home APP is still unable to effectively manage the permissions of third-party libraries in the application.To solve the above problems,this paper proposes a security reinforcement scheme for Android third-party library in smart home,which can effectively assist developers to manage the permissions of third-party libraries in applications and curb their suspicious privileged behaviors.The main work is as follows:1)For Java type third-party libraries,a fine-grained permission mechanism is proposed,which extends the permission mechanism of the native smart home APP Android system and enables the smart home APP Android system to further manage the permissions of the modules in the application.2)A library isolation mechanism is proposed for native third-party libraries.This mechanism can load and run native libraries in an isolated environment and independently manage their permissions while ensuring the functionality of native libraries.3)Solve the problems of dynamic management of library permissions and creation of isolated environment,and implement the prototype system based on the Android system of the high-end smart home APP.4)The function of this scheme is verified through experiments,and the performance of this scheme is tested and evaluated.The results show that this scheme can effectively manage the authority of the third-party library,reduce the potential threat to user privacy security posed by the third-party library,and has reasonable performance overhead.This scheme can support the permission management of any type of third-party library;The scheme design is oriented to Android ART virtual machine of smart home,compatible with Android system version of mainstream smart home APP;The scheme is completely implemented from the bottom layer of the system,without the need for upper layer application developers to restructure applications,which is convenient to use.Compared with the existing work,this scheme has more complete functionality,higher applicability and better usability. |
PDF Full Text Request