DOI QR코드

DOI QR Code

개인정보를 위한 안드로이드 저장장치 접근제어

Android Storage Access Control for Personal Information Security

  • 유재만 (중부대학교 정보과학과) ;
  • 박인규 (중부대학교 컴퓨터학과)
  • 투고 : 2013.10.16
  • 심사 : 2013.12.13
  • 발행 : 2013.12.31

초록

안드로이드 파일시스템은 임의적 접근제어 방식을 사용하여 시스템의 자원에 접근할 수 있는 오픈 시스템이기 때문에 상대적으로 저장장치에 대한 제어가 필요하다. 이러한 특성으로 인해 안드로이드의 VDC를 통해서 접근제어를 하는 경우 안드로이드가 VDC 기능을 제공하는 경우에만 가능하다는 문제점이 있다. 이를 개선하는 방법으로는 VDC의 기능을 시스템 콜(system call)을 통하여 직접 구현함으로써 OS와는 별도로 연동 모듈을 만들어 저장장치 제어기능을 추가하여야 한다. 본 논문에서는 일반적인 저장장치의 마운트 시스템에 대하여 VDC 기능을 이용하여 사용자에 대한 접근을 제어하는 방법을 제안하였다. SD, UMS 와 같은 저장장치에 대한 접근제어를 마운트 방식에 의하여 구현하였고 제안된 기법이 제어가 설정된 저장장치에 파일을 복사/저장하려면 쓰기가 금지되어 제어가 수행됨을 실험을 통하여 검증하였다.

Android file system is vulnerable to the external access of system resources via its arbitrary access mode and need user's control for SD and UMS medias due to its open architecture. In response to the device control, there is a drawback that its controlability is valid only in the case of embedded linux kernel with VDC function. Hence the solution is to directly implement VDC through system call, with another security module for device storage than system module being added to android system. In this paper the new method of android storage access control for personal information is proposed via VDC for mount system of storage. The access method for SD and UMS were implemented using VDC and mount mechanism. This access control system has been designed to control the granted users in kernel level if files are flowed out by copying. As a result, it was proved through testing that the access control system has exactly detected the write access operation.

키워드

참고문헌

  1. Anagha Kulkarni and Vandana Inamdaer, "CifrarFS-Encrypted File System Using FUSE". International Journal of Computer Science and Security, Vol. 3, No. 4, pp. 295-302, 2010
  2. Seong-hwa Jeong and Tae-Jung Lho, "A Study on Implementation of Android Security System Based on SELinux", The Korean Institute of Insustry and Technology, 2010. https://doi.org/10.5762/KAIS.2010.11.8.3005
  3. Soon-Seok Kwan and Young-Chan Kim, "A Study on the Android Security Kernel Module based on Mandatory Access Control", The Korean Institute of Communications and Onformation Sciences, 2010.
  4. K. D. Kim, Y. C. Kim, J. H. Kim, A Study on Reliability Evaluation for Embedded Software", The Institute of Internet, Broading and Communication, VOL. 9 No. 3, pp.209-215, June 2009
  5. Jung-Sun Kim, Jung-Min Kang, Hyung-Hyo Lee, Development of Security Problem Definition of Android-based Operating System for Personal Handheld Devices, Journal of Korean Institute of Information Technology Vol. 10 No.11, 2012.11, pp. 1-225
  6. Seong-Jik Choi, MIn-Ji KIm, Jeong Wook Han and Byeong Gu Ahn "Android Based Mobile Student Identity Card", Journal of The Institute of Internet, Braoding and Communication Vol.13 No.2, 2013, April., pp. 209-215 https://doi.org/10.7236/JIIBC.2013.13.2.209
  7. Youngseok Choi, Sunghoon Kim, Dong Hoon Lee, "Study to detect and block leakage of personal information : Android-platform environment", Journal of Korean Institute of Information Technology Vol. 23 No.4, 2013.8, pp. 757-766 https://doi.org/10.13089/JKIISC.2013.23.4.757
  8. Seong-Hwa Jeong, Tae-Jung Lho, "A Study on Implementation of Android Security System Based on SELinux", Journal of the Korea Academia- Industrial cooperation Society, Vol.11, No.8; 2010, pp.3005-3011 https://doi.org/10.5762/KAIS.2010.11.8.3005
  9. Hywong-Joo Song et al., "Inside Android", wikibooks
  10. http://developer.android.com
  11. http://www.kandroid.org/

피인용 문헌

  1. Application Study applied to the Encryption at Virtualization Launcher vol.14, pp.2, 2014, https://doi.org/10.7236/JIIBC.2014.14.2.87