【中英雙語】511關(guān)于計(jì)算機(jī)專業(yè)安卓app安全隱私性防護(hù)的畢業(yè)設(shè)計(jì)論文英文英語外文文獻(xiàn)翻譯成品資料：解密android應(yīng)用程序框架：重新訪問android權(quán)限規(guī)范分析（中英文雙語對(duì)照）

1、此文檔是畢業(yè)設(shè)計(jì)外文翻譯成品（ 含英文原文+中文翻譯），無需調(diào)整復(fù)雜的格式！下載之后直接可用，方便快捷！本文價(jià)格不貴,也就幾十塊錢！一輩子也就一次的事！外文標(biāo)題：On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis外文作者：Michael Backes，Sven Bugiel，Eri

2、k Derr文獻(xiàn)出處:IEEE security,2018 (如覺得年份太老，可改為近 2 年，畢竟很多畢業(yè)生都這樣做)英文 5530 單詞，35129 字符(字符就是印刷符)，中文 9411 漢字。（如果字?jǐn)?shù)多了，可自行刪減，大多數(shù)學(xué)校都是要求選取外文的一部分內(nèi)容進(jìn)行翻譯的。）On Demystifying the Android Application Framework: Re-Visiting Android Permissi

3、on Specification AnalysisAbstract: In contrast to the Android application layer, Android’s application framework’s internals and their influence on the platform security and user privacy are still largely a black box for

4、 us. In this paper, we establish a static runtime model of the application framework in order to study its internals and provide the first high-level classification of the framework’s protected resources. We thereby unco

5、ver design patterns that differ highly from the runtime model at the application layer. We demonstrate the benefits of our insights for security-focused analysis of the framework by re-visiting the important use-case of

6、mapping Android permissions to framework/ SDK API methods. We, in particular, present a novel map- ping based on our findings that significantly improves on prior results in this area that were established based on insuf

7、ficient knowledge about the framework’s internals. Moreover, we introduce the concept of permission locality to show that although frame- work services follow the principle of separation of duty, the accompanying permiss

8、ion checks to guard sensitive operations violate it.1Introductionmodelling the Android app life-cycle[25, 6]). Together those results form a strong foundation on which effective security- and privacy-oriented analysis is

9、 built upon. In contrast to the app layer, for the application framework we have an intuitive understanding of what constitutes its entry points, but no in-depth technical knowledge has been established on the runtime mo

10、del, and almost no insights exist on what forms the security and privacy relevant targets of those flows (i.e., what technically forms the sinks or “protected resources”).Our Contributions. This paper contributes to the

11、demystification of the application framework from a security perspective by addressing technical questions of the underlying problem on how to statically analyze the framework’s code base. Similar to the development of a

12、pplication layer analyses, we envision that our results contribute some of the first results to a growing knowledge base that helps future analyses to gain a deeper understanding of the application framework and its secu

13、rity challenges.2BackgroundWe first provide necessary technical background in- formation on the Android software stack and the abstract control and data flows in the system. Android OS is an open source software stack on

14、 top of the Linux OS. Between the apps at the top of the stack and the Linux kernel at the bottom is the Android middleware. This middleware consists of the application runtime environment, default native libraries (like

15、 SSL), and the Java-based application framework (see Figure 1).2.1 Android Application FrameworkThe application framework consists of the various services that implement the Android app API (e.g., retrieving location d

16、ata or telephony functionality). Every framework service is responsible for providing access to one specific system resource, such as geolocation, radio interface, etc. Bound services. These services are implemented as b