CN103778367A - Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server - Google Patents
Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server Download PDFInfo
- Publication number
- CN103778367A CN103778367A CN201310744120.8A CN201310744120A CN103778367A CN 103778367 A CN103778367 A CN 103778367A CN 201310744120 A CN201310744120 A CN 201310744120A CN 103778367 A CN103778367 A CN 103778367A
- Authority
- CN
- China
- Prior art keywords
- application
- certificate
- installation kit
- terminal
- storehouse
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000009434 installation Methods 0.000 title claims abstract description 139
- 238000000034 method Methods 0.000 title claims abstract description 83
- 238000001514 detection method Methods 0.000 claims abstract description 23
- 238000004458 analytical method Methods 0.000 claims description 55
- 238000012360 testing method Methods 0.000 claims description 24
- 238000011900 installation process Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 17
- 230000006399 behavior Effects 0.000 description 13
- 238000004891 communication Methods 0.000 description 12
- 238000012795 verification Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 7
- 238000012856 packing Methods 0.000 description 5
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 3
- 201000007750 congenital bile acid synthesis defect Diseases 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Stored Programmes (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a method and terminal for detecting the safety of an application installation package based on an application certificate and an auxiliary server. The method comprises the steps that (a) an application certificate repository is searched for an application certificate corresponding to an application contained in the application installation package to be detected; (b) the application certificate found from the application certificate repository and the application certificate contained in the application installation package are compared; (c) based on the comparison result, a corresponding detection result is provided according to one or more preset detection standards.
Description
Technical field
The present invention relates to application safety field, relate more specifically to detect based on Application Certificate on mobile terminal method, terminal and the secondary server of the security of application installation kit.
Background technology
Along with being widely current of mobile terminal, it has become people's indispensable part in productive life, and application (app) in terminal important component part wherein especially.At present, issue for the application market based on for example Android platform and application, the making of application and issue are conventionally relatively random and free.Particularly, any user, as long as use the certificate issuance mechanism of closing rule,, after the Application Certificate signature that needs are issued, by simple identifying procedure, just can issue smoothly and allow application to download and subsequent installation in application market.
Because the perfect authentication mechanism being provided by apple shop is provided shortage; so all kinds of legal official's application in various Android application markets often can be carried out secondary or repeatedly packing by malice third party; and for example, adding wherein malicious code or be excessively used as official's application issue again (, by some third party download websites etc.) after authority requirement etc.During due to installation application under Android system, lack complete application verification mechanism, so in installation process after the simple authority prompting of terminal, the malicious application of the illegal packing again of this process just can be installed smoothly in terminal, and the loss that finally causes user (for example, produce unauthorized flow, deduct fees, even sensitive information leaks etc.), even make user terminal become puppet's equipment (refer to utilize leak, and become the source of malicious attack or the equipment of springboard).
Summary of the invention
In order to address the above problem, the method, terminal and the corresponding secondary server that detect the security of application installation kit based on Application Certificate according to of the present invention are provided.
According to a first aspect of the invention, provide a kind of in terminal, carry out detect the method for security of application installation kit based on Application Certificate.The method comprises: (a) in Application Certificate storehouse, search the Application Certificate corresponding with the application comprising in application installation kit to be detected; (b) Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit is compared; And (c) result based on described comparison, provide corresponding testing result according to one or more predetermined detection standard.
In certain embodiments, described Application Certificate warehouse compartment, in described terminal, and is downloaded from remote server by described terminal.
In certain embodiments, described method also comprises: (d) send update request to described remote server, described update request is used for asking to upgrade described Application Certificate storehouse; (e) receive update request result and possible for upgrading the more new data in Application Certificate storehouse from described remote server.
In certain embodiments, described method also comprises afterwards in step (e): if the indication of described update request result exists the renewal for described Application Certificate storehouse, described terminal is upgraded described Application Certificate storehouse with the described more new data receiving.
In certain embodiments, described more new data is completely more new data or incremental update data.
In certain embodiments, each the Application Certificate record in described Application Certificate storehouse at least comprises: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, described predetermined detection standard comprises: between the Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit, whether the not occurrence that obtains of comparison comprises following one or more: version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, step (c) comprising: if determine that occurrence not comprises version information, sequence number, signature algorithm, issuer, certificate everyone, one or more in the signing messages of certificate of everyone public-key cryptography of certificate and certificate issue person, the illegal testing result of Application Certificate of the described application installation kit of indication is provided, otherwise the legal testing result of Application Certificate of the described application installation kit of indication is provided.
In certain embodiments, if described application installation kit is encrypted,, after described application installation kit is deciphered certainly, just perform step (a) and subsequent step thereof.
In certain embodiments, if described application installation kit is not encrypted,, after getting described application installation kit, just perform step (a) and subsequent step thereof.
In certain embodiments, described method also comprises before in step (a): described application installation kit is kept in the interim isolated area of storer.
In certain embodiments, described method also comprises afterwards in step (c): if described testing result indicates the Application Certificate of described application installation kit legal, described application installation kit is moved to former target download location and continues normal mounting step; And if described testing result indicates the Application Certificate of described application installation kit illegal, stop the installation process of described application installation kit and/or the user's alarm to described terminal.
In certain embodiments, if do not find the Application Certificate corresponding with the application comprising in application installation kit to be detected in step (a), described method comprises between step (a) and step (b): (a1) submit described application installation kit to and ask described remote server to upgrade Application Certificate storehouse to remote server; (a2) receive the more new data for described Application Certificate storehouse from described remote server; And (a3) upgrade described Application Certificate storehouse with the described more new data that receives.
According to a second aspect of the invention, provide a kind of terminal that detects the security of application installation kit based on Application Certificate.This terminal comprises: search unit, in Application Certificate storehouse, search the Application Certificate corresponding with the application comprising in application installation kit to be detected; Comparing unit, for comparing to the Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit; And unit is provided, for the result based on described comparison, provide corresponding testing result according to one or more predetermined detection standard.
In certain embodiments, described Application Certificate warehouse compartment, in described terminal, and is downloaded from remote server by described terminal.
In certain embodiments, described terminal also comprises: update request unit, and for sending update request to described remote server, described update request is used for asking to upgrade described Application Certificate storehouse; Upgrade receiving element, for receive update request result and possible for upgrading the more new data in Application Certificate storehouse from described remote server.
In certain embodiments, described terminal also comprises: updating block, if there is the renewal for described Application Certificate storehouse for described update request result indication, described terminal is upgraded described Application Certificate storehouse with the described more new data receiving.
In certain embodiments, described more new data is completely more new data or incremental update data.
In certain embodiments, each the Application Certificate record in described Application Certificate storehouse at least comprises: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, described predetermined detection standard comprises: between the Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit, whether the not occurrence that obtains of comparison comprises following one or more: version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, described provide unit also for: if determine occurrence not comprise version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography of certificate and the signing messages of certificate issue person to certificate one or more, the illegal testing result of Application Certificate of the described application installation kit of indication is provided, otherwise the legal testing result of Application Certificate of the described application installation kit of indication is provided.
In certain embodiments, described terminal also comprises: decryption unit, and in the situation that described application installation kit is encrypted, to described application installation kit deciphering.
In certain embodiments, described terminal also comprises: interim storage unit, and for described application installation kit being kept to the interim isolated area of storer.
In certain embodiments, described interim storage unit also for: if described testing result indicates the Application Certificate of described application installation kit legal, described application installation kit is moved to former target download location and continues normal mounting step; And if described testing result indicates the Application Certificate of described application installation kit illegal, stop the installation process of described application installation kit and/or the user's alarm to described terminal.
In certain embodiments, described terminal also comprises: application-specific update request unit, for submitting described application installation kit to remote server to and asking described remote server to upgrade Application Certificate storehouse; Application-specific is upgraded receiving element, for receiving the more new data for described Application Certificate storehouse from described remote server; And application-specific updating block, for upgrading described Application Certificate storehouse with the described more new data receiving.
A kind of method of security of the auxiliary detection application installation kit of carrying out in server is provided according to a third aspect of the invention we.The method comprises: (a) obtain described application from official's publication channel of application; (b) carry out one or more safety analysis for described application; (c) result based on described one or more safety analysis, judges the security of described application; And (d) Application Certificate that is judged as safe application is stored in Application Certificate storehouse.
In certain embodiments, described safety analysis comprises one or more in the following: certificate information analysis, authority require to analyze, network behavior analysis and crucial API Calls analysis.
In certain embodiments, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, each the Application Certificate record in described Application Certificate storehouse at least comprises: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, described method also comprises: (e) receive update request from terminal, described update request is for asking to upgrade the terminal applies certificate repository in described terminal; (f) version information comprising according to described update request, judges whether described terminal should upgrade its terminal applies certificate repository; And (g) based on described judgement, send update request result and possible for upgrading the more new data of terminal applies certificate repository of described terminal to described terminal.
In certain embodiments, described more new data is completely more new data or incremental update data.
In certain embodiments, described method also comprises: receive for upgrading the request in Application Certificate storehouse and the data of described application-specific installation kit for application-specific installation kit from terminal; Carry out one or more safety analysis for the application comprising in described application-specific installation kit; Based on the result of described one or more safety analysis, judge the security of the application comprising in described application-specific installation kit; And based on described judgement, upgrade the Application Certificate storehouse of described server, and send the more new data of the terminal applies certificate repository for described terminal relevant to described application-specific installation kit to described terminal.
A kind of server of security of auxiliary detection application installation kit is provided according to a forth aspect of the invention.This server comprises: acquiring unit, for obtaining described application from official's publication channel of application; Analytic unit, for carrying out one or more safety analysis for described application; Judging unit, for the result based on described one or more safety analysis, judges the security of described application; And storage unit, for the Application Certificate that is judged as safe application is stored in to Application Certificate storehouse.
In certain embodiments, described safety analysis comprises one or more in the following: certificate information analysis, authority require to analyze, network behavior analysis and crucial API Calls analysis.
In certain embodiments, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, each the Application Certificate record in described Application Certificate storehouse at least comprises: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, described server also comprises: update request receiving element, and for receiving update request from terminal, described update request is for asking to upgrade the terminal applies certificate repository in described terminal; Version judging unit, for the version information comprising according to described update request, judges whether described terminal should upgrade its terminal applies certificate repository; And upgrade result transmitting element, for based on described judgement, send update request result and possible for upgrading the more new data of terminal applies certificate repository of described terminal to described terminal.
In certain embodiments, described more new data is completely more new data or incremental update data.
In certain embodiments, described server also comprises: application-specific is upgraded receiving element, for receiving for upgrading the request in Application Certificate storehouse and the data of described application-specific installation kit for application-specific installation kit from terminal; Application-specific analytic unit, carries out one or more safety analysis for the application comprising for described application-specific installation kit; Application-specific is upgraded judging unit, for the result based on described one or more safety analysis, judges the security of the application comprising in described application-specific installation kit; And application-specific updating block, for based on described judgement, upgrade the Application Certificate storehouse of described server, and send the more new data of the terminal applies certificate repository for described terminal relevant to described application-specific installation kit to described terminal.
Method, terminal and the corresponding secondary server of the application of the invention, can provide the legal certificate storehouse based on mobile terminal to set up and application verification mechanism.From the installation being applied in terminal that is published to of application, the application that the present invention issues using official, as checking basis, realizes the legitimate verification mechanism to mobile application signature certificate.In addition, the present invention has guaranteed to be applied in the legitimacy being published in the process of installing and using, and avoids user installation through the illegal malicious application of packing again, reduces the various losses of user because using malicious application to cause, and improves the security of mobile terminal application.
Accompanying drawing explanation
By below in conjunction with accompanying drawing explanation the preferred embodiments of the present invention, will make of the present invention above-mentioned and other objects, features and advantages are clearer, wherein:
Fig. 1 shows the schematic diagram that detects the example application scene of the system of the security of application installation kit based on Application Certificate according to of the present invention.
Fig. 2 shows according to of the present invention and creates, manages and issue legal certificate information at server place and detect the example flow diagram of the security of application installation kit in end.
Fig. 3 show according to the embodiment of the present invention carry out in end detect the process flow diagram of exemplary method of the security of application installation kit based on Application Certificate.
Fig. 4 shows according to the block diagram of the exemplary terminal for method shown in execution graph 3 of the embodiment of the present invention.
Fig. 5 shows according to the process flow diagram of the exemplary method of the security for auxiliary detection application installation kit of carrying out at server place of the embodiment of the present invention.
Fig. 6 shows according to the block diagram of the example server for the method shown in execution graph 5 of the embodiment of the present invention.
Embodiment
To a preferred embodiment of the present invention will be described in detail, in description process, having omitted is unnecessary details and function for the present invention with reference to the accompanying drawings, obscures to prevent that the understanding of the present invention from causing.Below, the scene that is applied to mobile radio system take the present invention is example, and the present invention be have been described in detail.But the present invention is not limited thereto, the present invention also can be applied to fixed communications, wired communication system, or is applied to any mixed structure of mobile radio system, fixed communications, wired communication system etc.With regard to mobile communication system, the present invention is not limited to the concrete communication protocol of each related mobile communication terminal, can include, but is not limited to 2G, 3G, 4G, 5G network, WCDMA, CDMA2000, TD-SCDMA system etc., different mobile terminals can adopt identical communication protocol, also can adopt different communication protocol.In addition, the present invention is not limited to the specific operating system of mobile terminal, can include, but is not limited to iOS, Windows Phone, Symbian (Saipan), Android (Android) etc., different mobile terminals can adopt identical operating system, also can adopt different operating system.
Fig. 1 shows the schematic diagram of the application scenarios of application according to the present invention safety detecting system 1000.As shown in Figure 1, system 1000 can comprise terminal 100 and server 200.For the sake of clarity, in figure, only show a terminal 100, a server 200, but the present invention is not limited thereto, can comprise the terminal of two or more numbers and/or server etc.Terminal 100 can belong to user or can be operated by user.Terminal 100 and server 200 can communicate by communication network 300.The example of communication network 300 can include, but is not limited to: internet, mobile communications network, permanent haulage line (as xDSL, optical fiber etc.) etc.
In following embodiment of the present invention, take Android platform as example describes in detail inventive concept of the present invention.But the invention is not restricted to this, it also goes for other platforms, for example iOS, Windows Phone, Symbian etc.In addition, in following embodiment of the present invention, mainly realize by the program of writing with the computerese such as Python, Java.But the invention is not restricted to this, it also goes for other computereses and/or its combination.
Below with reference to Fig. 1 and 2 be described in detail in the Application Certificate storehouse of carrying out at server 200 places foundation, management (maintenances), flow process and the application installation kit security testing process based on Application Certificate in terminal 100 places execution such as issue.
The foundation in the Application Certificate storehouse at server 200 places, the flow process of managing and issuing
(a) first, can realize by Python " sample acquisition " module (being designated hereinafter simply as SFM, i.e. Sample Fetch Module).Official's publication channel that this module can be announced by application developer or Development institution, and/or be aided with the authoritative third parties such as Google Play shop and apply distribution channel, obtain the sample of application, to form basic application sample database (being designated hereinafter simply as BASD, i.e. Basic App Sample Database).Certainly, the invention is not restricted to this, it also can obtain the application as sample by other means, for example, copy etc. from the third party of trusted by SD card.
(b) then, can realize sample checking and build module (being designated hereinafter simply as SVBM, i.e. Sample Verification and Build Module) by Python.This module can be resolved the application sample from BASD, and it is carried out to various safety analysiss.Safety analysis can comprise one or more in the following: certificate information analysis, authority require analysiss, network behavior analysis, the analysis of crucial API Calls etc.Certainly, safety analysis can also comprise for other of security to be analyzed, for example, for the feature code analysis etc. of application.
If according to the result of above-mentioned one or more analyses, the sample of determining application meets legitimacy requirement, can be by the essential information of this application sample (for example, sample title, sample version and/or sign and issue the time) and corresponding certificate information (for example, certification authority, validity period of certificate and/or certificate file) be stored in legal sample database and (be designated hereinafter simply as LSD, be Legal Sample Database) in, to form LSD information;
(c) next, can realize by Python the documentation processing (being designated hereinafter simply as LSDF, i.e. LSD Filelize) of LSD information.This module parses up-to-date valid application sample and corresponding certificate information from LSD information, and these information are organized in XML mode, (be designated hereinafter simply as CLF to form certificate repository file, be Certificate Library File) (upgrading completely) and renewal certificate repository file (being designated hereinafter simply as UCLF, i.e. Updated Certificate Library File) (incremental update).Then, can and preserve positional information by CLF and UCLF file attribute information and write in certificate repository file management database and (be designated hereinafter simply as CLFM, i.e. CLF Management), recall for the filing management of certificate repository file and history etc.In other words, these updating files generate in advance, and are stored in CLFM.
In another embodiment, can not generate in advance various updating files, but in the time that terminal 100 is asked, according to the version information carrying in the update request of terminal 100 etc., generate in real time the more new data for terminal 100.In this case, can be by changing the mode in space with the time, sacrifice certain response speed the saving that realizes storage space.
(d) after the work of LSDF completes, can pass through message push mode (for example, sip message etc.), there is certificate repository updating file in notification terminal 100; Or carry out by other means notification terminal 100 and have certificate repository updating file, such as note, Email etc.Terminal 100 can be downloaded and/or pushed renewal (for example, CLF) completely from server 200, or can download and/or pushed incremental update (for example, UCLF).Downloading process can adopt cipher mode to carry out (for example, using HTTPS agreement)., can be encrypted CLF itself by for example 3DES cryptographic algorithm (or other any cryptographic algorithm) meanwhile, cause File lose etc. to prevent that man-in-the-middle attack from kidnapping.
Next, by describe in detail terminal 100 places based on Application Certificate verify application installation kit the flow process of security and the corresponding flow process of server 200.
(a) first, the certificate legitimate verification that can realize terminal 100 in conjunction with NDK and SDK by Java (is designated hereinafter simply as LCV, be Legal Certificate Verification), the main functional modules of LCV comprises that the management of CLF and renewal (are designated hereinafter simply as CLFC, be CLF Check), down load application certification authentication (is designated hereinafter simply as DACV, be Downloaded Application Certificate Verification), Application Certificate checking is installed and (is designated hereinafter simply as IACV, be Installed App Certificate Verification), server legitimacy Application Certificate obtains communication and (is designated hereinafter simply as CFS, be Certificate From Server) etc.These modules can adopt rear end service mode to move, and are operated in application layer.
Substantially, the working method of DACV and IACV is similar, just DACV is responsible for the unencrypted application installation kit downloading to carry out security detection, and IACV is responsible for the application installation kit of the encryption downloading to carry out security detection (because it is encrypted after this bag deciphering, therefore DACV can not carry out certificate to this application installation kit in encryption situation), hereinafter will be described in more detail this.
(b) whether system can load LCV in the time starting, and enables CLFC by LCV, exist to detect local CLF.If there is no, CLFC can ask CLF to server 200, after server 200 verification terminal 100 identity are effective, the complete CLF after encrypting can be passed to CLFC by HTTPS passage.The invention is not restricted to this, in fact in other embodiments, server 200 can not verified the identity of terminal 100.
If local CLF exists, CLFC can ask CLF to upgrade inspection to server 200, upgrade if existed, server 200 can, verification terminal information effectively rear (or can not verify), will pass to CLFC by HTTPS passage after determined the version information of the local CLF of the terminal based on comprising in update request 100 corresponding UCLF encryption.The determined UCLF of version information based on local CLF can guarantee that this UCLF can be for terminal 100, thereby has prevented renewal mismatch.
In another embodiment, after complete CLF can being encrypted, pass to CLFC by HTTPS passage, replace original CLF with entirety.In further embodiments, CLF and/or UCLF can not encrypt.
(c) next, CLFC can receive after the CLF or UCLF of encryption, uses counterpart keys to be decrypted by 3DES algorithm (or other corresponding decipherment algorithms), to obtain expressly CLF or UCLF.Certainly,, if CLF or UCLF are not encrypted, directly carry out subsequent step.
If UCLF, can be by up-to-date to local CLF, to form up-to-date CLF.Otherwise, can replace original CLF by CLF entirety.
(d) afterwards, CLFC can resolve CLF file, and in internal memory, forms fileinfo and certificate information MAP corresponding relation chained list (being designated hereinafter simply as ACM, i.e. Application and Certificate Mapping).In one embodiment of the invention, certificate information can comprise one or more in the following: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.In one embodiment, the form of every record in ACM can be as described below:
<SHA1[certificate information (version information, sequence number, signature algorithm ...)] >
Certainly, the invention is not restricted to this, also can use the extended formatting that can realize similar functions.For example can replace SHA1 value by MD5 value, or order that can swap data item etc.
(e) then, LCV can enable DACV and IACV, to monitor download behavior and installation behavior.
(f) in the time that DACV finds download behavior, it can take over download action, and downloading contents (is designated hereinafter simply as to DC, be Downloaded Content) be first kept at interim isolated area (being designated hereinafter simply as TIL, i.e. Temporary Isolation Location).Certainly, download is herein the download of broad sense, at least can comprise: pass through the Internet download, download by LAN (Local Area Network), download by bluetooth, download by WiFi, by removable memory card (for example, SD card) download (copy), download by USB port, download etc. by infrared port.
(g) afterwards, DACV can analyze DC, if this DC is not application installation file, DACV can discharge it to downloading the adapter of behavior, and DC is moved to former target download address from TIL, and carries out normal down operation.
For example, if DC is installation file and DACV can carry out information analysis to DC time (, because DC is not encrypted), first DACV can resolve the fileinfo of DC.Then DACV can be according to fileinfo (for example, title, digital digest MD5 or the SHA1 value of this application) inquire about ACM, to obtain corresponding complete file information and certificate information (being designated hereinafter simply as MCI, i.e. Matched Certificate Info).
If inquire match information, DACV can compare certificate content and MCI in DC.If when finding there is occurrence not and meeting the harmful grade in the examination criteria of setting, will provide system alert message, to notify user's down load application installation file certificate information illegal, have excessive risk.DC relevant information is after record this locality, by deleted.
Whether in one embodiment, examination criteria can be: comprise following one or more by the not occurrence that obtains of comparison between the Application Certificate in MCI and DC: version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate., examination criteria can be to judge that in certificate, whether the data item of other except the term of validity is consistent.
Cannot resolve if DACV discovery DC content is encrypted time, IACV will be activated, and take over the follow-up behavior of DC is detected.For example complete, from decrypting process (by the primary processor of terminal 100, it being decrypted) and produce the rear file of deciphering at DC and (be designated hereinafter simply as DDC, be Decrypted Download Content) and while starting to take behavior is installed, IACV will take over the installation behavior of DDC.It is analyzed DDC, obtains fileinfo, then according to fileinfo inquiry ACM, to obtain MCI.
Be similar to the operation of DACV, if inquire match information, IACV can compare certificate content and MCI in DDC, if when finding there is occurrence not and meeting the harmful grade in the examination criteria of setting, to provide system alert message, notify user's down load application installation file certificate information illegal, have excessive risk.DDC relevant information, after record this locality, will be terminated its installation behavior, and by operation process recording to specifying in journal file.
If DACV and IACV are normally the inspection of DC or DDC, this DC or DDC will be allowed to follow-up all operations.
(h), when cannot find match options in ACM time, DACV and/or IACV send CLF update request and upload corresponding DC and/or DDC information simultaneously to server 200.Then waiting for server 200 has generated renewal CLF for respective application and has been issued to after terminal 100, again searches ACM information by DACV and/or IACV, and then carries out all proof procedures in (g).
(i) all daily records that LCV, DACV, the IACV course of work produce can be recorded in the assigned address in SD card by clear-text way, for example "/sdcard/lcv/alllog ".File can be deposited by XML form.Certainly that, the invention is not restricted to this, also can encrypt with other/encryption format is not in any memory location of terminal 100 and/or server 200 separately and/or merge the daily record of storage modules.Journal file is regularly filed after packing, can upload onto the server and 200 carry out unified management.
Like this, by above-mentioned flow process, can provide the legal certificate storehouse based on terminal 100 to set up and application verification mechanism.It is published to from application the installation being applied in terminal 100, issues application as checking basis using official, realizes the legitimate verification mechanism to mobile application signature certificate.In addition, it guarantees to be applied in the legitimacy being published in the process of installing and using, and avoids user installation through the illegal malicious application of packing again, reduces the various losses of user because using malicious application to cause, and improves the security of mobile terminal application.
Fig. 3 show according to the embodiment of the present invention in terminal 100, carry out detect the process flow diagram of method 400 of the security of application installation kit based on Application Certificate.As shown in Figure 3, method 400 can comprise step S410, S420 and S430.According to the present invention, execution can be carried out separately or combine to some steps of method 400, and can executed in parallel or order carry out, be not limited to the concrete operations order shown in Fig. 3.In certain embodiments, method 400 can terminal 100 as shown in Figure 1 be carried out.
Fig. 5 shows according to the process flow diagram of the method 450 of the security of the auxiliary detection application installation kit of carrying out in server 200 of the embodiment of the present invention.As shown in Figure 5, method 450 can comprise step S460, S470, S480 and S490.According to the present invention, execution can be carried out separately or combine to some steps of method 450, and can executed in parallel or order carry out, be not limited to the concrete operations order shown in Fig. 5.In certain embodiments, method 450 can be carried out by server 200 as shown in Figure 1.
Fig. 4 shows and detects the block diagram of exemplary terminal 100 of the security of application installation kit according to the embodiment of the present invention based on Application Certificate.As shown in Figure 4, terminal 100 can comprise: search unit 110, comparing unit 120 and unit 130 is provided.
Searching unit 110 can be in Application Certificate storehouse, searches the Application Certificate corresponding with the application comprising in application installation kit to be detected.Search the CPU (central processing unit) that unit 110 can be terminal 100 (CPU), digital signal processor (DSP), microprocessor, microcontroller etc., its can with the communications portion of terminal 100 (for example, radio receiving-transmitting unit, Ethernet card, xDSL modulator-demodular unit etc.) and/or storage area is (for example, RAM, SD card etc.) match, in local Application Certificate storehouse and/or long-range Application Certificate storehouse, search the Application Certificate corresponding with the application comprising in application installation kit to be detected.
Comparing unit 120 can be for comparing to the Application Certificate comprising in the Application Certificate finding in Application Certificate storehouse and application installation kit.Comparing unit 110 can be CPU (central processing unit) (CPU), digital signal processor (DSP), microprocessor, microcontroller of terminal 100 etc., its can with the storage area of terminal 100 (for example, RAM, SD card etc.) match, the Application Certificate comprising in the Application Certificate finding in Application Certificate storehouse and application installation kit is compared.
Provide unit 130 for the result based on comparison, to provide corresponding testing result according to one or more predetermined detection standard.It can be CPU (central processing unit) (CPU), digital signal processor (DSP), microprocessor, microcontroller of terminal 100 etc. that unit 130 is provided, its can with the output of terminal 100 (for example, display, printer etc.) match, based on the result of comparison, provide corresponding testing result according to one or more predetermined detection standard.
In addition, terminal 100 can also comprise unshowned other unit in Fig. 4, and such as update request unit, renewal receiving element, updating block, decryption unit, interim storage unit, application-specific update request unit, application-specific are upgraded receiving element and application-specific updating block etc.In certain embodiments, update request unit can be for sending update request to remote server 200, and this update request is used for asking to upgrade Application Certificate storehouse.In certain embodiments, upgrading receiving element can be for receiving update request result and possible for upgrading the more new data in Application Certificate storehouse from remote server 200.In certain embodiments, if updating block can exist the renewal for Application Certificate storehouse for the indication of update request result, the more new data that terminal 100 use receive upgrades Application Certificate storehouse.In certain embodiments, decryption unit can be in the situation that application installation kit be encrypted, to this application installation kit deciphering.In certain embodiments, interim storage unit can be for being kept at application installation kit in the interim isolated area of storer.In certain embodiments, application-specific update request unit can be for submitting application installation kit to and ask remote server 200 to upgrade Application Certificate storehouse to remote server 200.In certain embodiments, application-specific renewal receiving element can be for receiving the more new data for Application Certificate storehouse from remote server 200.In certain embodiments, application-specific updating block can be for upgrading Application Certificate storehouse with the more new data receiving.
Fig. 6 shows according to the block diagram of the example server 200 of the security for auxiliary detection application installation kit of the embodiment of the present invention.As shown in Figure 6, server 200 can comprise: acquiring unit 210, analytic unit 220, judging unit 230 and storage unit 240.
Acquiring unit 210 can be for obtaining application from official's publication channel of application.Acquiring unit 210 can be CPU (central processing unit) (CPU), digital signal processor (DSP), microprocessor, microcontroller of server 200 etc., its can with the communications portion of server 200 (for example, radio receiving-transmitting unit, Ethernet card, xDSL modulator-demodular unit etc.) and/or storage area is (for example, RAM, SD card etc.) match, obtain application from official's publication channel of application.
Crucial API Calls analysis etc.
Judging unit 230 can, for the result based on one or more safety analysis, judge the security of this application.Judging unit 230 can be CPU (central processing unit) (CPU), digital signal processor (DSP), microprocessor, microcontroller of server 200 etc., its can be based on one or more safety analysis result, judge the security of this application.
In addition, server 200 can also comprise unshowned other unit in Fig. 6, and for example update request receiving element, version judging unit, renewal result transmitting element, application-specific are upgraded receiving element, application-specific analytic unit, application-specific renewal judging unit and application-specific updating block.In certain embodiments, update request receiving element can be for receiving update request from terminal 100, and this update request is for asking the terminal applies certificate repository on new terminal 100 more.In certain embodiments, version judging unit can be for the version information comprising according to update request, judges whether terminal 100 should upgrade its terminal applies certificate repository.In certain embodiments, upgrading result transmitting element can be for based on judgement, sends update request result and possible for the more new data of the terminal applies certificate repository of new terminal 100 more to terminal 100.In certain embodiments, application-specific renewal receiving element can be for receiving for upgrading the request in Application Certificate storehouse and the data of this application-specific installation kit for application-specific installation kit from terminal 100.In certain embodiments, application-specific analytic unit can be for carrying out one or more safety analysis for the application comprising in application-specific installation kit.In certain embodiments, application-specific renewal judging unit can, for the result based on one or more safety analysis, judge the security of the application comprising in application-specific installation kit.In certain embodiments, application-specific updating block can be based on this judgement, the Application Certificate storehouse of update server 200, and send the more new data of the terminal applies certificate repository for terminal 100 relevant to application-specific installation kit to terminal 100.
Below with reference to Fig. 3 and Fig. 4, method 400 and the terminal 100 of security that detects application installation kit based on Application Certificate of carrying out in terminal 100 according to the embodiment of the present invention is described in detail.
In step S420, can be compared to the Application Certificate comprising in the Application Certificate finding in Application Certificate storehouse and application installation kit by the comparing unit of terminal 100 120.
In step S430, can by terminal 100 provide unit 130 based on comparison result, provide corresponding testing result according to one or more predetermined detection standard.
In certain embodiments, Application Certificate storehouse can be arranged in terminal 100, and can be downloaded from remote server 200 by terminal 100.
In certain embodiments, method 400 can also comprise: (402) send update request to remote server 200, and update request is used for asking to upgrade Application Certificate storehouse; (404) receive update request result and possible for upgrading the more new data in Application Certificate storehouse from remote server 200.
In certain embodiments, method 400 can also comprise afterwards in step (404): if the indication of update request result exists the renewal for Application Certificate storehouse, the more new data that terminal 100 use receive upgrades Application Certificate storehouse.
In certain embodiments, more new data can be completely more new data or incremental update data.
In certain embodiments, each the Application Certificate record in Application Certificate storehouse can at least comprise: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, Application Certificate can comprise at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, predetermined detection standard can comprise: whether the not occurrence that between the Application Certificate that the Application Certificate finding in Application Certificate storehouse and application comprise in installation kit, comparison obtains comprises following one or more: version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, step S430 can comprise: if determine that occurrence not comprises version information, sequence number, signature algorithm, issuer, certificate everyone, one or more in the signing messages of certificate of everyone public-key cryptography of certificate and certificate issue person, the illegal testing result of Application Certificate of indication application installation kit is provided, otherwise the legal testing result of Application Certificate of indication application installation kit is provided.
In certain embodiments, if application installation kit is encrypted, can, at application installation kit after deciphering, just perform step S410 and subsequent step thereof.
In certain embodiments, if application installation kit is not encrypted, can, after getting application installation kit, just perform step S410 and subsequent step thereof.
In certain embodiments, method 400 can also comprise before step S410: application installation kit is kept in the interim isolated area of storer.
In certain embodiments, method 400 can also comprise after step S430: if the Application Certificate of testing result indication application installation kit is legal, application installation kit is moved to former target download location and continue normal mounting step; And if the Application Certificate of testing result indication application installation kit is illegal, stops the installation process of application installation kit and/or the user's alarm to terminal 100.
In certain embodiments, if do not find the Application Certificate corresponding with the application comprising in application installation kit to be detected in step S410, method 400 can comprise between step S410 and step S420: (S412) submit application installation kit to and ask remote server 200 to upgrade Application Certificate storehouse to remote server 200; (S414) receive the more new data for Application Certificate storehouse from remote server 200; And (S416) upgrade Application Certificate storehouse with the more new data that receives.
Below with reference to Fig. 5 and Fig. 6, to being described in detail according to method 450 and the server 200 of the security for the auxiliary detection application installation kit in server 200 places execution of the embodiment of the present invention.
Method 450 starts from step S460, in step S460, can obtain application from official's publication channel of application by the acquiring unit of server 200 210.
In step S470, can carry out one or more safety analysis for application by the analytic unit of server 200 220.
In step S480, can be by the judging unit of server 200 230 result based on one or more safety analysis, the security of judgement application.
In step S490, can the Application Certificate that be judged as safe application be stored in Application Certificate storehouse by the storage unit of server 200 240.
In certain embodiments, safety analysis can comprise one or more in the following: certificate information analysis, authority require to analyze, network behavior analysis and crucial API Calls analysis.
In certain embodiments, Application Certificate can comprise at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
In certain embodiments, each the Application Certificate record in Application Certificate storehouse can at least comprise: for identifying the application characteristic data of application; And the Application Certificate corresponding with this application.
In certain embodiments, method 450 can also comprise: (452) receive update request from terminal 100, and this update request is for asking the terminal applies certificate repository on new terminal 100 more; (454) version information comprising according to update request, judges whether terminal 100 should upgrade its terminal applies certificate repository; And (456) based on this judgement, send update request result and possible for the more new data of the terminal applies certificate repository of new terminal 100 more to terminal 100.
In certain embodiments, more new data can be completely more new data or incremental update data.
In certain embodiments, method 450 can also comprise: receive for upgrading the request in Application Certificate storehouse and the data of this application-specific installation kit for application-specific installation kit from terminal 100; Carry out one or more safety analysis for the application comprising in application-specific installation kit; Based on the result of one or more safety analysis, judge the security of the application comprising in application-specific installation kit; And based on this judgement, the Application Certificate storehouse of update server 200, and send the more new data of the terminal applies certificate repository for terminal 100 relevant to application-specific installation kit to terminal 100.
So far invention has been described in conjunction with the preferred embodiments.Should be appreciated that, those skilled in the art without departing from the spirit and scope of the present invention, can carry out various other change, replacement and interpolations.Therefore, scope of the present invention is not limited to above-mentioned specific embodiment, and should be limited by claims.
Claims (23)
1. that in terminal, carries out detects the method for security of application installation kit based on Application Certificate, comprising:
(a), in Application Certificate storehouse, search the Application Certificate corresponding with the application comprising in application installation kit to be detected;
(b) Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit is compared; And
(c) result based on described comparison, provides corresponding testing result according to one or more predetermined detection standard.
2. method according to claim 1, wherein, described Application Certificate warehouse compartment, in described terminal, and is downloaded from remote server by described terminal.
3. method according to claim 2, also comprises:
(d) send update request to described remote server, described update request is used for asking to upgrade described Application Certificate storehouse;
(e) receive update request result and possible for upgrading the more new data in Application Certificate storehouse from described remote server.
4. method according to claim 3, also comprises afterwards in step (e):
If described update request result indication exists the renewal for described Application Certificate storehouse, described terminal is upgraded described Application Certificate storehouse with the described more new data receiving.
5. method according to claim 3, wherein, described more new data is completely more new data or incremental update data.
6. method according to claim 1, wherein, each the Application Certificate record in described Application Certificate storehouse at least comprises:
For identifying the application characteristic data of application; And
The Application Certificate corresponding with this application.
7. method according to claim 1, wherein, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
8. method according to claim 7, wherein, described predetermined detection standard comprises: between the Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit, whether the not occurrence that obtains of comparison comprises following one or more: version information, sequence number, signature algorithm, issuer, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
9. method according to claim 8, wherein, step (c) comprising:
If determine that occurrence not comprises version information, sequence number, signature algorithm, issuer, certificate everyone, one or more in the signing messages of certificate of everyone public-key cryptography of certificate and certificate issue person, the illegal testing result of Application Certificate of the described application installation kit of indication is provided, otherwise the legal testing result of Application Certificate of the described application installation kit of indication is provided.
10. method according to claim 1, wherein, if described application installation kit is encrypted,, after described application installation kit is deciphered certainly, just performs step (a) and subsequent step thereof.
11. methods according to claim 1, wherein, if described application installation kit is not encrypted,, after getting described application installation kit, just perform step (a) and subsequent step thereof.
12. methods according to claim 1, also comprise before in step (a):
Described application installation kit is kept in the interim isolated area of storer.
13. methods according to claim 12, also comprise afterwards in step (c):
If described testing result indicates the Application Certificate of described application installation kit legal, described application installation kit is moved to former target download location and continues normal mounting step; And
If described testing result indicates the Application Certificate of described application installation kit illegal, stop the installation process of described application installation kit and/or the user's alarm to described terminal.
14. methods according to claim 1, wherein, if do not find the Application Certificate corresponding with the application comprising in application installation kit to be detected in step (a), described method comprises between step (a) and step (b):
(a1) submit described application installation kit to and ask described remote server to upgrade Application Certificate storehouse to remote server;
(a2) receive the more new data for described Application Certificate storehouse from described remote server; And
(a3) upgrade described Application Certificate storehouse with the described more new data receiving.
15. 1 kinds are detected the terminal of the security of application installation kit, comprising based on Application Certificate:
Search unit, in Application Certificate storehouse, search the Application Certificate corresponding with the application comprising in application installation kit to be detected;
Comparing unit, for comparing to the Application Certificate comprising in the Application Certificate finding in described Application Certificate storehouse and described application installation kit; And
Unit is provided, for the result based on described comparison, provides corresponding testing result according to one or more predetermined detection standard.
The method of the security of 16. 1 kinds of auxiliary detection application installation kits of carrying out in server, comprising:
(a) obtain described application from official's publication channel of application;
(b) carry out one or more safety analysis for described application;
(c) result based on described one or more safety analysis, judges the security of described application; And
(d) Application Certificate that is judged as safe application is stored in Application Certificate storehouse.
17. methods according to claim 16, wherein, described safety analysis comprises one or more in the following: certificate information analysis, authority require to analyze, network behavior analysis and crucial API Calls analysis.
18. methods according to claim 16, wherein, described Application Certificate comprises at least one in following data: version information, sequence number, signature algorithm, issuer, the term of validity, certificate everyone, everyone public-key cryptography and the signing messages of certificate issue person to certificate of certificate.
19. methods according to claim 16, wherein, each the Application Certificate record in described Application Certificate storehouse at least comprises:
For identifying the application characteristic data of application; And
The Application Certificate corresponding with this application.
20. methods according to claim 16, also comprise:
(e) receive update request from terminal, described update request is for asking to upgrade the terminal applies certificate repository in described terminal;
(f) version information comprising according to described update request, judges whether described terminal should upgrade its terminal applies certificate repository; And
(g), based on described judgement, send update request result and possible for upgrading the more new data of terminal applies certificate repository of described terminal to described terminal.
21. methods according to claim 20, wherein, described more new data is completely more new data or incremental update data.
22. methods according to claim 16, also comprise:
Receive for upgrading the request in Application Certificate storehouse and the data of described application-specific installation kit for application-specific installation kit from terminal;
Carry out one or more safety analysis for the application comprising in described application-specific installation kit;
Based on the result of described one or more safety analysis, judge the security of the application comprising in described application-specific installation kit; And
Based on described judgement, upgrade the Application Certificate storehouse of described server, and send the more new data of the terminal applies certificate repository for described terminal relevant to described application-specific installation kit to described terminal.
The server of the security of 23. 1 kinds of auxiliary detection application installation kits, comprising:
Acquiring unit, for obtaining described application from official's publication channel of application;
Analytic unit, for carrying out one or more safety analysis for described application;
Judging unit, for the result based on described one or more safety analysis, judges the security of described application; And
Storage unit, for being stored in Application Certificate storehouse by the Application Certificate that is judged as safe application.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310744120.8A CN103778367A (en) | 2013-12-30 | 2013-12-30 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
| PCT/CN2014/093443 WO2015101149A1 (en) | 2013-12-30 | 2014-12-10 | Application certificate-based method for detecting security of application installation package, terminal, and assisting server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310744120.8A CN103778367A (en) | 2013-12-30 | 2013-12-30 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103778367A true CN103778367A (en) | 2014-05-07 |
Family
ID=50570593
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310744120.8A Pending CN103778367A (en) | 2013-12-30 | 2013-12-30 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103778367A (en) |
| WO (1) | WO2015101149A1 (en) |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103995774A (en) * | 2014-05-16 | 2014-08-20 | 北京金山网络科技有限公司 | Method and device for detecting software installation package |
| CN104035874A (en) * | 2014-06-30 | 2014-09-10 | 深圳数字电视国家工程实验室股份有限公司 | Software program detecting method, device and system |
| CN104123491A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for detecting whether application program installation package is tempered |
| CN104123493A (en) * | 2014-07-31 | 2014-10-29 | 百度在线网络技术(北京)有限公司 | Method and device for detecting safety performance of application program |
| CN104267988A (en) * | 2014-09-26 | 2015-01-07 | 北京飞流九天科技有限公司 | System and method for packing mobile applications |
| CN104657634A (en) * | 2015-02-28 | 2015-05-27 | 百度在线网络技术(北京)有限公司 | Method and device for identifying pirate application |
| WO2015101149A1 (en) * | 2013-12-30 | 2015-07-09 | 北京网秦天下科技有限公司 | Application certificate-based method for detecting security of application installation package, terminal, and assisting server |
| CN104933355A (en) * | 2015-06-18 | 2015-09-23 | 上海斐讯数据通信技术有限公司 | Installation checkout system and checkout method thereof of trustable application of mobile terminal |
| CN105069646A (en) * | 2015-07-27 | 2015-11-18 | 立德高科(昆山)数码科技有限责任公司 | Business APP renewing method based on information sent by server and system |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN106778261A (en) * | 2015-11-20 | 2017-05-31 | 中兴通讯股份有限公司 | The treating method and apparatus of camouflage applications |
| CN106778190A (en) * | 2016-11-29 | 2017-05-31 | 艾体威尔电子技术(北京)有限公司 | A kind of system and method for strengthening Android system application installation and operation safety |
| CN106789897A (en) * | 2016-11-15 | 2017-05-31 | 沃通电子认证服务有限公司 | For the digital certificate authentication method and system of application program for mobile terminal |
| CN106971104A (en) * | 2015-09-22 | 2017-07-21 | 三星电子株式会社 | Perform the method for security function and support the electronic equipment of methods described |
| CN107341393A (en) * | 2016-04-29 | 2017-11-10 | 腾讯科技(深圳)有限公司 | The detection method and device of application program installation kit |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| CN107766716A (en) * | 2016-08-16 | 2018-03-06 | 阿里巴巴集团控股有限公司 | Certificate detection method and device, electronic equipment |
| CN107992742A (en) * | 2017-10-27 | 2018-05-04 | 维沃移动通信有限公司 | A kind of method and apparatus of installation kit identification |
| CN109379371A (en) * | 2018-11-20 | 2019-02-22 | 多点生活(成都)科技有限公司 | Certification authentication method, apparatus and system |
| CN109829292A (en) * | 2018-12-18 | 2019-05-31 | 福建新大陆支付技术有限公司 | A kind of sign test method and system in application program installation process |
| CN110059475A (en) * | 2018-01-18 | 2019-07-26 | 伊姆西Ip控股有限责任公司 | Method, equipment and computer program product for data protection |
| US10873466B2 (en) | 2015-11-06 | 2020-12-22 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| CN113591079A (en) * | 2020-04-30 | 2021-11-02 | 中移互联网有限公司 | Method and device for acquiring abnormal application installation package and electronic equipment |
| CN114938466A (en) * | 2022-04-28 | 2022-08-23 | 国家广播电视总局广播电视科学研究院 | Internet television application monitoring system and method |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112152961B (en) * | 2019-06-26 | 2023-01-31 | 北京观成科技有限公司 | Malicious encrypted traffic identification method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1845120A (en) * | 2006-05-16 | 2006-10-11 | 北京启明星辰信息技术有限公司 | Automatic analysis system and method for malicious code |
| CN101916344A (en) * | 2010-08-31 | 2010-12-15 | 北京深思洛克软件技术股份有限公司 | Method and system for verifying legality of software protection device |
| CN102222183A (en) * | 2011-04-28 | 2011-10-19 | 奇智软件(北京)有限公司 | Mobile terminal software package safety detection method and system thereof |
| CN102883324A (en) * | 2012-10-19 | 2013-01-16 | 广州市动景计算机科技有限公司 | Security verification method, security verification device and mobile terminal for plugin call in mobile terminal |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100396012C (en) * | 2006-02-23 | 2008-06-18 | 华为技术有限公司 | Software validity checking system and method based on device management protocol |
| CN102955700A (en) * | 2011-08-18 | 2013-03-06 | 腾讯科技(深圳)有限公司 | System and method for upgrading software |
| CN102891843B (en) * | 2012-09-18 | 2015-04-29 | 北京深思洛克软件技术股份有限公司 | Method for authorizing application program at android client side through local service unit |
| CN103778367A (en) * | 2013-12-30 | 2014-05-07 | 网秦(北京)科技有限公司 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
-
2013
- 2013-12-30 CN CN201310744120.8A patent/CN103778367A/en active Pending
-
2014
- 2014-12-10 WO PCT/CN2014/093443 patent/WO2015101149A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1845120A (en) * | 2006-05-16 | 2006-10-11 | 北京启明星辰信息技术有限公司 | Automatic analysis system and method for malicious code |
| CN101916344A (en) * | 2010-08-31 | 2010-12-15 | 北京深思洛克软件技术股份有限公司 | Method and system for verifying legality of software protection device |
| CN102222183A (en) * | 2011-04-28 | 2011-10-19 | 奇智软件(北京)有限公司 | Mobile terminal software package safety detection method and system thereof |
| CN102883324A (en) * | 2012-10-19 | 2013-01-16 | 广州市动景计算机科技有限公司 | Security verification method, security verification device and mobile terminal for plugin call in mobile terminal |
Cited By (34)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015101149A1 (en) * | 2013-12-30 | 2015-07-09 | 北京网秦天下科技有限公司 | Application certificate-based method for detecting security of application installation package, terminal, and assisting server |
| CN103995774A (en) * | 2014-05-16 | 2014-08-20 | 北京金山网络科技有限公司 | Method and device for detecting software installation package |
| CN103995774B (en) * | 2014-05-16 | 2017-04-26 | 北京猎豹网络科技有限公司 | Method and device for detecting software installation package |
| CN104035874A (en) * | 2014-06-30 | 2014-09-10 | 深圳数字电视国家工程实验室股份有限公司 | Software program detecting method, device and system |
| CN104123491A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for detecting whether application program installation package is tempered |
| CN104123493B (en) * | 2014-07-31 | 2017-09-26 | 百度在线网络技术(北京)有限公司 | The safety detecting method and device of application program |
| CN104123493A (en) * | 2014-07-31 | 2014-10-29 | 百度在线网络技术(北京)有限公司 | Method and device for detecting safety performance of application program |
| CN104267988A (en) * | 2014-09-26 | 2015-01-07 | 北京飞流九天科技有限公司 | System and method for packing mobile applications |
| CN104657634A (en) * | 2015-02-28 | 2015-05-27 | 百度在线网络技术(北京)有限公司 | Method and device for identifying pirate application |
| CN104657634B (en) * | 2015-02-28 | 2017-11-14 | 百度在线网络技术(北京)有限公司 | The recognition methods of piracy application and device |
| CN104933355A (en) * | 2015-06-18 | 2015-09-23 | 上海斐讯数据通信技术有限公司 | Installation checkout system and checkout method thereof of trustable application of mobile terminal |
| CN105069646A (en) * | 2015-07-27 | 2015-11-18 | 立德高科(昆山)数码科技有限责任公司 | Business APP renewing method based on information sent by server and system |
| CN106971104B (en) * | 2015-09-22 | 2021-12-07 | 三星电子株式会社 | Method of performing security function and electronic device supporting the same |
| CN106971104A (en) * | 2015-09-22 | 2017-07-21 | 三星电子株式会社 | Perform the method for security function and support the electronic equipment of methods described |
| US10873466B2 (en) | 2015-11-06 | 2020-12-22 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| US11637707B2 (en) | 2015-11-06 | 2023-04-25 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| CN106778261A (en) * | 2015-11-20 | 2017-05-31 | 中兴通讯股份有限公司 | The treating method and apparatus of camouflage applications |
| CN107341393A (en) * | 2016-04-29 | 2017-11-10 | 腾讯科技(深圳)有限公司 | The detection method and device of application program installation kit |
| US10868804B2 (en) | 2016-04-29 | 2020-12-15 | Tencent Technology (Shenzhen) Company Limited | Application package inspection method, inspection device and computer-readable storage medium |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| CN107766716A (en) * | 2016-08-16 | 2018-03-06 | 阿里巴巴集团控股有限公司 | Certificate detection method and device, electronic equipment |
| WO2018090481A1 (en) * | 2016-11-15 | 2018-05-24 | 沃通电子认证服务有限公司 | Method and system for verifying digital certificate of mobile terminal application |
| CN106789897A (en) * | 2016-11-15 | 2017-05-31 | 沃通电子认证服务有限公司 | For the digital certificate authentication method and system of application program for mobile terminal |
| CN106778190A (en) * | 2016-11-29 | 2017-05-31 | 艾体威尔电子技术(北京)有限公司 | A kind of system and method for strengthening Android system application installation and operation safety |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN107992742A (en) * | 2017-10-27 | 2018-05-04 | 维沃移动通信有限公司 | A kind of method and apparatus of installation kit identification |
| CN110059475A (en) * | 2018-01-18 | 2019-07-26 | 伊姆西Ip控股有限责任公司 | Method, equipment and computer program product for data protection |
| CN109379371A (en) * | 2018-11-20 | 2019-02-22 | 多点生活(成都)科技有限公司 | Certification authentication method, apparatus and system |
| CN109379371B (en) * | 2018-11-20 | 2021-11-23 | 多点生活(成都)科技有限公司 | Certificate verification method, device and system |
| CN109829292A (en) * | 2018-12-18 | 2019-05-31 | 福建新大陆支付技术有限公司 | A kind of sign test method and system in application program installation process |
| CN113591079A (en) * | 2020-04-30 | 2021-11-02 | 中移互联网有限公司 | Method and device for acquiring abnormal application installation package and electronic equipment |
| CN113591079B (en) * | 2020-04-30 | 2023-08-15 | 中移互联网有限公司 | Method and device for acquiring abnormal application installation package and electronic equipment |
| CN114938466A (en) * | 2022-04-28 | 2022-08-23 | 国家广播电视总局广播电视科学研究院 | Internet television application monitoring system and method |
| CN114938466B (en) * | 2022-04-28 | 2023-11-07 | 国家广播电视总局广播电视科学研究院 | Internet television application monitoring system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2015101149A1 (en) | 2015-07-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103778367A (en) | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server | |
| EP3032802B1 (en) | Method for sharing application between terminals, and terminals | |
| US10348756B2 (en) | System and method for assessing vulnerability of a mobile device | |
| US9843569B2 (en) | Method and apparatus for access credential provisioning | |
| US20160092190A1 (en) | Method, apparatus and system for inspecting safety of an application installation package | |
| US20190207813A1 (en) | Device provisioning system | |
| EP1907917B1 (en) | Secure software updates | |
| KR101238511B1 (en) | Publishing the status of and updating firmware components | |
| US9832651B2 (en) | System and method for verifying integrity of software package in mobile terminal | |
| US20140150096A1 (en) | Method for assuring integrity of mobile applications and apparatus using the method | |
| US11356425B2 (en) | Techniques for improving security of encrypted vehicle software updates | |
| CN110858249B (en) | Database file encryption method, database file decryption method and related devices | |
| CN104573435A (en) | Method for terminal authority management and terminal | |
| EP3318448B1 (en) | Vehicle data rewrite control device and vehicle data rewrite authentication system | |
| JP2008146479A (en) | Software component, software component management method and software component management system | |
| CN112579125B (en) | Firmware upgrading method and device, electronic equipment and storage medium | |
| US9910998B2 (en) | Deleting information to maintain security level | |
| US10397205B2 (en) | Recording data and using the recorded data | |
| CN111159712B (en) | Detection method, device and storage medium | |
| CN108322886B (en) | Authentication method and device for terminal positioning data | |
| CN111934882B (en) | Identity authentication method and device based on block chain, electronic equipment and storage medium | |
| CN111739190A (en) | Vehicle diagnostic file encryption method, device, equipment and storage medium | |
| CN114070603A (en) | Vehicle information encryption method and device, vehicle and computer readable storage medium | |
| JP2013109544A (en) | Information processing device and program | |
| CN112468544B (en) | Express data transmission method based on middleware and middleware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140507 |