Abstract: Aiming at the fact that Xwodi, a kind of Trojan software, is fit in the users handsets by downloading software and threatens the privacy of user deadly. With analyzing security fault and cause in the solution of current software download. This paper puts forward the control policy for mobile equipment for downloading software, sets up politic model, carries out formalized description and analysis, designs implementing scheme of software loading policy from point of view of trusted mobile platform and makes security analysis for the model. Result indicates that the scheme can prevent Xwodi from being intruded effectively.

Key words: mobile platform, trusted computing, security analysis

摘要： 针对手机卧底等木马软件通过软件下载的途径安装到用户手机，使手机用户的隐私受到了巨大的威胁的实际。通过分析目前软件下载方案中存在的安全问题及产生的根源，提出移动终端软件载入的控制策略，建立了策略模型，采用形式化的描述与分析，并从可信移动平台技术的角度，设计软件载入策略的实现方案，对模型和方案进行安全性分析，结果证明，该方案能有效地防范手机卧底等恶意软件的侵入。

关键词: 移动平台, 可信计算, 安全分析

CLC Number: 

• TP309