XACML的移动应用安全策略及测试方法  被引量:1

Mobile Application Security Policies and Testing Research on XACML

在线阅读下载全文

作  者:曹宛恬 于鹏飞 

机构地区:[1]全球能源互联网研究院信息通信研究所,南京210003 [2]信息网络安全国网重点实验室,南京210003

出  处:《计算机科学》2017年第11期134-145,共12页Computer Science

基  金:面向电力移动终端的应用测试技术研究(5455HT150029)资助

摘  要:随着移动互联网技术的发展,具有计算功能的移动终端被大量部署,并在大量移动应用的支撑下完成各项任务;愈来愈多的企业允许员工带着他们的个人设备进入工作环境(BYOD模式)。但不同的人员有不同的角色,不同的资源有不同的访问权限,敏感资源一旦被泄露,将可能给企业带来重大的损失。因此,要想全面支持BYOD,保障数据和系统的安全,需要相应移动应用对敏感资源的访问控制进行明确的规定,并在移动应用运行过程中执行。XACML是访问控制策略的统一描述语言,但目前还未见其对移动应用和BYOD的支持。提出基于XACML语言描述移动应用的访问控制策略,研究XACML访问控制策略的测试方法;在此基础上,面向BYOD,针对Android平台上的项目管理APP进行了实例研究,结果展示了所提方法的有效性。With the development of mobile Internet technology,the mobile terminals that have the ability to compute are deployed in great quantities.They can complete various tasks with the support of a large number of mobile applications.More and more companies allow employees to bring their own devices into the work environment,and this can be called BYOD(Bring Your Own Device).But different people have different characters,and different resources have different access permissions.The leak of sensitive resources will lead to significant losses of the enterprise.If BYOD wants to be supported perfectly,it is important to ensure the security of data and system.The access control rules that are defined for access to sensitive resources from the corresponding mobile applications need to be clearly and to be implemented in the running process of mobile applications.XACML is an unified description language of access control policies.Until now,it is unable to support mobile applications and BYOD.In this paper,we proposed a study method of testing XACML policies based on that XACML can describe access control policies of mobile applications.We conducted a case study with a project management app facing BYOD on the Android platform and showed the validity of our method.

关 键 词:BYOD 安全 访问控制 XACML 策略 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象