###
DOI:
Journal of Software:0.(0):0-0

标准模型下可证明安全的APK二次开发授权机制
李道丰,陈海强,梁家荣,赵搏文
(广西大学 计算机与电子信息学院, 广西 南宁 530004)
Provable Secure Authorization Mechanism for the APK Redevelopment in the Standard Model
LI Dao-Feng,CHEN Hai-Qiang,LIANG Jia-Rrong,ZHAO Bo-Wen
(Guangxi University, Nanning 530004, China)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 263   Download 183
Received:March 30, 2017    Revised:September 26, 2017
> 中文摘要: 为了解决Android APK文件有效性和版权问题,需要签名才能发布.然而当第三方申请对原生APK文件进行二次开发和修改授权时,如何指定第三方的开发和修改权限以及确定APK文件二次开发完成后出现的版权问题仍是有待解决的问题.为此,文中提出一种细粒度的在标准模型下可证明安全的APK授权机制(APK-SAN).APK-SAN授权机制主要采用基于身份的可净化签名技术的特有属性,允许原生APK文件的开发者授权给第三方(指定修改者)对APK文件的许可区域或位置进行二次开发或修改,且修改后生成的新APK文件的签名仍然有效.分析结果表明,所提的APK-SAN授权机制无需证书存储和管理、提供细粒度修改授权功能,可维护原开发者和修改者双方的合法权益,减少了开发者的通信开销和计算开销.
Abstract:Signatures are used to address the validation and authorization issues of the APK file before publishing. When the modifier apply for the right to redevelop APK files how to authorize and ascertain the authorization issues are very important problems which have not been solved. In this work, a new APK authorization mechanism (APK-SAN) is proposed using the sanitizable signature scheme. APK-SAN authorization mechanism utilizes unique properties of sanitizable signature technology that allows original developer to authorize specified modifier to redevelop the designated part of source code of the APK file without interaction between developer and modifier. Moreover, APK-SAN authorization mechanism does not require to storage and management of Certification. Our scheme reduces communication overhead and computational overheads of the original developer. The signature of new APK files after redevelopment is still valid. This maintains the copyright of original developer and modifier.
文章编号:     中图分类号:TP309.7    文献标志码:
基金项目:国家自然科学基金(61662004);广西自然科学基金(2016GXNSFAA380215) 国家自然科学基金(61662004);广西自然科学基金(2016GXNSFAA380215)
Foundation items:
Reference text:

李道丰,陈海强,梁家荣,赵搏文.标准模型下可证明安全的APK二次开发授权机制.软件学报,0,(0):0

LI Dao-Feng,CHEN Hai-Qiang,LIANG Jia-Rrong,ZHAO Bo-Wen.Provable Secure Authorization Mechanism for the APK Redevelopment in the Standard Model.Journal of Software,0,(0):0