CN104298924A - Method and device for ensuring system safety and terminal - Google Patents

Method and device for ensuring system safety and terminal Download PDF

Info

Publication number
CN104298924A
CN104298924A CN201410512540.8A CN201410512540A CN104298924A CN 104298924 A CN104298924 A CN 104298924A CN 201410512540 A CN201410512540 A CN 201410512540A CN 104298924 A CN104298924 A CN 104298924A
Authority
CN
China
Prior art keywords
application program
risk
authority
specific data
environment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410512540.8A
Other languages
Chinese (zh)
Other versions
CN104298924B (en
Inventor
阳得常
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority to CN201410512540.8A priority Critical patent/CN104298924B/en
Publication of CN104298924A publication Critical patent/CN104298924A/en
Application granted granted Critical
Publication of CN104298924B publication Critical patent/CN104298924B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a method and device for ensuring system safety and a terminal. The device for ensuring system safety is used in the terminal which comprises a first system and a second system. The method for ensuring system safety comprises the steps that the first system is used for detecting whether there is a risk at the running environment of the second system or not, and when the first system detects that there is a risk at the running environment of the second system, the first system prompts a user about the risk and/or directly processes the risk. According to the technical scheme, safe and stable running of the second system in the terminal can be ensured, privacy data in the second system can be prevented from being given away or modified, and the safety of the double-system terminal is ensured.

Description

The method guaranteeing security of system, the device guaranteeing security of system and terminal
Technical field
The present invention relates to field of terminal technology, the method guaranteeing security of system in particular to a kind of, a kind ofly guarantee the device of security of system and a kind of terminal.
Background technology
Along with the development of terminal technology, the terminal having dual system is more and more general.In current dual system termi-nal, be normally responsible for externally mutual by a system, another system is responsible for basic function, as: call, note, preservation contact person etc.And the system being responsible for basic function not be responsible for externally mutual system and carry out alternately in same terminal, such dual system termi-nal cannot guarantee the security of the system of only responsible basic function, when there is program or the file of illegal acquisition data in the system being only responsible for basic function, user data may be caused to leak.
Therefore, how can guarantee the data security in dual system termi-nal, avoid the data leak in dual system termi-nal to become problem demanding prompt solution.
Summary of the invention
The present invention just based on above-mentioned technical matters one of at least, propose a kind of scheme of new insurance system safety really, make it possible to the security of system stable operation guaranteeing dual system termi-nal, and then the private data in system can be avoided to be leaked or revise, ensure that the security of dual system termi-nal.
In view of this, the present invention proposes a kind of method guaranteeing security of system, for comprising the terminal of the first system and second system, comprising: whether the running environment being detected described second system by described the first system exists risk; When detecting that the running environment of described second system exists risk by described the first system, point out described risk and/or the described risk of direct process by described the first system to user.
In this technical scheme, detected by the first system and point out and/or process second system running environment exist risk, make it possible to the safe and stable operation guaranteeing second system, and then the private data in second system can be avoided to be leaked or revise, ensure that the security of dual system termi-nal.Compared to dual system termi-nal of the prior art, there is the first system whether running environment that can detect and process second system exists risk, constantly to guarantee the security of data in second system in the application in the dual system termi-nal proposed.
In technique scheme, preferably, described running environment comprises startup environment, the step whether the startup environment then detecting described second system by described the first system exists risk is specially: start described the first system, when receiving the instruction starting described second system, detect in described second system whether there is the application program with super authority and/or the executable file with super authority by described the first system, if so, then determine that the execution environment of described second system exists risk; The described method guaranteeing security of system, also comprise: when detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system; And when detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
In this technical scheme, before startup second system, first can start the first system, detected by the startup environment of the first system to second system, and by the first system to whether there is the application program with super authority in second system and/or executable file detects, make it possible to detect in advance whether the startup environment of second system has risk, with when detecting that the startup environment of second system exists risk, prompting user carries out processing or directly reresents user after process, to guarantee the security of the startup environment of second system to greatest extent, and then effectively guarantee the security of user data.
Particularly, when the first system detects the application program in second system with super authority and/or the executable file with super authority, can assert that second system is by root, user then can be pointed out the need of processing, or directly delete the file with risk or the authority cancelling risk file.
In technique scheme, preferably, described running environment comprises execution environment, the step whether execution environment then detecting described second system by described the first system exists risk is specially: detected in described second system the application program that whether there is the illegal specific data obtained in described terminal in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
In this technical scheme, by the first system detect in real time in second system whether exist illegal obtain specific data in terminal application program, there is the application program of super authority and/or there is the executable file of super authority, make it possible to determine whether the execution environment of second system has risk, with when determining that the execution environment of second system exists risk, timely reminding user carries out processing or direct reminding user again after process, and then guarantee the security of execution environment of second system, guarantee the security of data in second system.
In technique scheme, preferably, the step being detected in described second system the application program that whether there is the illegal specific data obtained in described terminal by described the first system is specially: will the application program of accessing described specific data be needed in described terminal to classify, the classification residing for each application program of accessing described specific data as required judges whether described each application program has the authority of accessing described specific data; Arbitrary application program of if desired accessing in the application program of described specific data does not have the authority of accessing described specific data, then judge to there is the illegal application program obtaining described specific data in described second system.
In this technical scheme, classified by application programs, the authority whether each application program has access specific data can be judged classification residing for each application program, the authority that corresponding classification is concentrated more, whether the application program efficiently judged in terminal has access specific data can be contrasted simultaneously, and then judge in second system, whether to there is the illegal application program obtaining specific data.Wherein, specific data can be the private data that user is arranged, as address list etc.
Particularly, not there is as set game class application program the authority of contact person in access contacts list, when a certain game class application program accesses the contact person in contacts list, by judging that this application program is game class application program, just can judge that system exists risk.
In technique scheme, preferably, detect in described second system by described the first system the step that whether there is the application program with super authority and/or the executable file with super authority to be specially: under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
According to a second aspect of the invention, also propose a kind of device guaranteeing security of system, for terminal, described terminal comprises the first system and second system, comprise: detecting unit, whether there is risk for the running environment being detected described second system by described the first system; Tip element, for when by described the first system, described detecting unit detects that the running environment of described second system exists risk, points out described risk by described the first system to user; And/or processing unit, for when by described the first system, described detecting unit detects that the running environment of described second system exists risk, directly process described risk.
In this technical scheme, detected by the first system and point out and/or process second system running environment exist risk, make it possible to the safe and stable operation guaranteeing second system, and then the private data in second system can be avoided to be leaked or revise, ensure that the security of dual system termi-nal.Compared to dual system termi-nal of the prior art, there is the first system whether running environment that can detect and process second system exists risk, constantly to guarantee the security of data in second system in the application in the dual system termi-nal proposed.
In technique scheme, preferably, described running environment comprises startup environment, then described detecting unit specifically for: start described the first system, when receiving the instruction starting described second system, detect in described second system whether there is the application program with super authority and/or the executable file with super authority by described the first system, if so, then determine that the execution environment of described second system exists risk; Describedly guarantee that the device of security of system also comprises: control module, for when detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system, and for when detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
In this technical scheme, before startup second system, first can start the first system, detected by the startup environment of the first system to second system, and by the first system to whether there is the application program with super authority in second system and/or executable file detects, make it possible to detect in advance whether the startup environment of second system has risk, with when detecting that the startup environment of second system exists risk, prompting user carries out processing or directly reresents user after process, to guarantee the security of the startup environment of second system to greatest extent, and then effectively guarantee the security of user data.
Particularly, when the first system detects the application program in second system with super authority and/or the executable file with super authority, can assert that second system is by root, user then can be pointed out the need of processing, or directly delete the file with risk or the authority cancelling risk file.
In technique scheme, preferably, described running environment comprises execution environment, then described detecting unit specifically for: detected in described second system the application program that whether there is the illegal specific data obtained in described terminal in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
In this technical scheme, by the first system detect in real time in second system whether exist illegal obtain specific data in terminal application program, there is the application program of super authority and/or there is the executable file of super authority, make it possible to determine whether the execution environment of second system has risk, with when determining that the execution environment of second system exists risk, timely reminding user carries out processing or direct reminding user again after process, and then guarantee the security of execution environment of second system, guarantee the security of data in second system.
In technique scheme, preferably, described detecting unit comprises: taxon, for will the application program of accessing described specific data be needed in described terminal to classify; Judging unit, for access described specific data as required each application program residing for classification judge whether described each application program has the authority of accessing described specific data, and when needing arbitrary application program of accessing in the application program of described specific data not have the authority of accessing described specific data, judge in described second system, to there is the illegal application program obtaining described specific data.
In this technical scheme, classified by application programs, the authority whether each application program has access specific data can be judged classification residing for each application program, the authority that corresponding classification is concentrated more, whether the application program efficiently judged in terminal has access specific data can be contrasted simultaneously, and then judge in second system, whether to there is the illegal application program obtaining specific data.Wherein, specific data can be the private data that user is arranged, as address list etc.
Particularly, not there is as set game class application program the authority of contact person in access contacts list, when a certain game class application program accesses the contact person in contacts list, by judging that this application program is game class application program, just can judge that system exists risk.
In technique scheme, preferably, described detecting unit concrete also for: under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
According to a third aspect of the invention we, also proposed a kind of terminal, comprising: the first system; Second system; And the device of insurance system safety really described in above-mentioned any one technical scheme.
By above technical scheme, the safe and stable operation of second system can be guaranteed, and then the privacy of user data existed in second system can be avoided to be leaked or revise, thus ensure that the security of dual system termi-nal.
Accompanying drawing explanation
Fig. 1 shows the schematic flow diagram guaranteeing the method for security of system according to an embodiment of the invention;
Fig. 2 shows the schematic block diagram guaranteeing the device of security of system according to an embodiment of the invention;
Fig. 3 shows the schematic block diagram of terminal according to an embodiment of the invention;
Fig. 4 shows the schematic flow diagram of system start method in dual system termi-nal according to an embodiment of the invention;
Fig. 5 shows the processing flow chart of dual system termi-nal in operational process according to an embodiment of the invention.
Embodiment
In order to more clearly understand above-mentioned purpose of the present invention, feature and advantage, below in conjunction with the drawings and specific embodiments, the present invention is further described in detail.It should be noted that, when not conflicting, the feature in the embodiment of the application and embodiment can combine mutually.
Set forth a lot of detail in the following description so that fully understand the present invention; but; the present invention can also adopt other to be different from other modes described here and implement, and therefore, protection scope of the present invention is not by the restriction of following public specific embodiment.
Fig. 1 shows the schematic flow diagram guaranteeing the method for security of system according to an embodiment of the invention.
As shown in Figure 1, the method guaranteeing security of system according to an embodiment of the invention, for comprising the terminal of the first system and second system, comprising: step 102, and whether the running environment being detected described second system by described the first system exists risk; Step 104, when detecting that the running environment of described second system exists risk by described the first system, points out described risk and/or the described risk of direct process by described the first system to user.
In this technical scheme, detected by the first system and point out and/or process second system running environment exist risk, make it possible to the safe and stable operation guaranteeing second system, and then the private data in second system can be avoided to be leaked or revise, ensure that the security of dual system termi-nal.Compared to dual system termi-nal of the prior art, there is the first system whether running environment that can detect and process second system exists risk, constantly to guarantee the security of data in second system in the application in the dual system termi-nal proposed.
In technique scheme, preferably, described running environment comprises startup environment, the step whether the startup environment then detecting described second system by described the first system exists risk is specially: start described the first system, when receiving the instruction starting described second system, detected in described second system the application program and/or executable file that whether exist and there is super authority by described the first system, if so, then determine that the execution environment of described second system exists risk; The described method guaranteeing security of system, also comprise: when detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system; And when detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
In this technical scheme, before startup second system, first can start the first system, detected by the startup environment of the first system to second system, and by the first system to whether there is the application program with super authority in second system and/or executable file detects, make it possible to detect in advance whether the startup environment of second system has risk, with when detecting that the startup environment of second system exists risk, prompting user carries out processing or directly reresents user after process, to guarantee the security of the startup environment of second system to greatest extent, and then effectively guarantee the security of user data.
Particularly, when the first system detects the application program in second system with super authority and/or the executable file with super authority, can assert that second system is by root, user then can be pointed out the need of processing, or directly delete the file with risk or the authority cancelling risk file.
In technique scheme, preferably, described running environment comprises execution environment, the step whether execution environment then detecting described second system by described the first system exists risk is specially: detected in described second system the application program that whether there is the illegal specific data obtained in described terminal in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
In this technical scheme, by the first system detect in real time in second system whether exist illegal obtain specific data in terminal application program, there is the application program of super authority and/or there is the executable file of super authority, make it possible to determine whether the execution environment of second system has risk, with when determining that the execution environment of second system exists risk, timely reminding user carries out processing or direct reminding user again after process, and then guarantee the security of execution environment of second system, guarantee the security of data in second system.In technique scheme, preferably, the step being detected in described second system the application program that whether there is the illegal specific data obtained in described terminal by described the first system is specially: will the application program of accessing described specific data be needed in described terminal to classify, the classification residing for each application program of accessing described specific data as required judges whether described each application program has the authority of accessing described specific data; Arbitrary application program of if desired accessing in the application program of described specific data does not have the authority of accessing described specific data, then judge to there is the illegal application program obtaining described specific data in described second system.
In this technical scheme, classified by application programs, the authority whether each application program has access specific data can be judged classification residing for each application program, the authority that corresponding classification is concentrated more, whether the application program efficiently judged in terminal has access specific data can be contrasted simultaneously, and then judge in second system, whether to there is the illegal application program obtaining specific data.Wherein, specific data can be the private data that user is arranged, as address list etc.
Particularly, not there is as set game class application program the authority of contact person in access contacts list, when a certain game class application program accesses the contact person in contacts list, by judging that this application program is game class application program, just can judge that system exists risk.
In technique scheme, preferably, detect in described second system by described the first system the step that whether there is the application program with super authority and/or the executable file with super authority to be specially: under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
Fig. 2 shows the schematic block diagram guaranteeing the device of security of system according to an embodiment of the invention.
As shown in Figure 2, the device 200 guaranteeing security of system according to an embodiment of the invention, for comprising the terminal of the first system and second system, comprising: detecting unit 202, whether there is risk for the running environment being detected described second system by described the first system; Tip element 204, for when by described the first system, described detecting unit 202 detects that the running environment of described second system exists risk, points out described risk by described the first system to user; And/or processing unit 206, for when by described the first system, described detecting unit 202 detects that the running environment of described second system exists risk, directly process described risk.
In this technical scheme, detected by the first system and point out and/or process second system running environment exist risk, make it possible to the safe and stable operation guaranteeing second system, and then the private data in second system can be avoided to be leaked or revise, ensure that the security of dual system termi-nal.Compared to dual system termi-nal of the prior art, there is the first system whether running environment that can detect and process second system exists risk, constantly to guarantee the security of data in second system in the application in the dual system termi-nal proposed.
In technique scheme, preferably, described running environment comprises startup environment, then described detecting unit 202 specifically for: start described the first system, when receiving the instruction starting described second system, detect in described second system whether there is the application program with super authority and/or the executable file with super authority by described the first system, if so, then determine that the execution environment of described second system exists risk; Describedly guarantee that the device 200 of security of system also comprises: control module 208, for when detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system, and for when detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
In this technical scheme, before startup second system, first can start the first system, detected by the startup environment of the first system to second system, and by the first system to whether there is the application program with super authority in second system and/or executable file detects, make it possible to detect in advance whether the startup environment of second system has risk, with when detecting that the startup environment of second system exists risk, prompting user carries out processing or directly reresents user after process, to guarantee the security of the startup environment of second system to greatest extent, and then effectively guarantee the security of user data.
Particularly, when the first system detects the application program in second system with super authority and/or the executable file with super authority, can assert that second system is by root, user then can be pointed out the need of processing, or directly delete the file with risk or the authority cancelling risk file.
In technique scheme, preferably, described running environment comprises execution environment, then described detecting unit 202 specifically for: detected in described second system the application program that whether there is the illegal specific data obtained in described terminal in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
In this technical scheme, by the first system detect in real time in second system whether exist illegal obtain specific data in terminal application program, there is the application program of super authority and/or there is the executable file of super authority, make it possible to determine whether the execution environment of second system has risk, with when determining that the execution environment of second system exists risk, timely reminding user carries out processing or direct reminding user again after process, and then guarantee the security of execution environment of second system, guarantee the security of data in second system.
In technique scheme, preferably, described detecting unit 202 comprises: taxon 2022, for will the application program of accessing described specific data be needed in described terminal to classify; Judging unit 2024, for access described specific data as required each application program residing for classification judge whether described each application program has the authority of accessing described specific data, and when needing arbitrary application program of accessing in the application program of described specific data not have the authority of accessing described specific data, judge in described second system, to there is the illegal application program obtaining described specific data.
In this technical scheme, classified by application programs, the authority whether each application program has access specific data can be judged classification residing for each application program, the authority that corresponding classification is concentrated more, whether the application program efficiently judged in terminal has access specific data can be contrasted simultaneously, and then judge in second system, whether to there is the illegal application program obtaining specific data.Wherein, specific data can be the private data that user is arranged, as address list etc.
Particularly, not there is as set game class application program the authority of contact person in access contacts list, when a certain game class application program accesses the contact person in contacts list, by judging that this application program is game class application program, just can judge that system exists risk.
In technique scheme, preferably, described detecting unit 202 concrete also for: under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
Fig. 3 shows the schematic block diagram of terminal according to an embodiment of the invention.
As shown in Figure 3, terminal 300 according to an embodiment of the invention, comprising: the first system 302; Second system 304; And the device 200 of insurance system safety really shown in Fig. 2.
Wherein, the first system 302 of terminal is security system, and second system 304 is conventional system.
Security system can comprise: safety detection module, monitoring module and risk processing module.
Conventional system can comprise: Secure execution module, for performing the behavior after the process of security system risk processing module.
Wherein, security system can monitor conventional system in real time by monitoring module.When by safety detection module, security system detects that conventional system occurs by root situation, user can be pointed out: conventional system is by root, and data security exists risk, the need of process.If user selects to cancel root, then by risk processing module process security risk, as deleted the file with risk or the authority cancelling risk file.
When security system by safety detection module detect in conventional system there is rogue program time, similar following manner can be adopted to point out user: in conventional system, XX application obtains and reads contact data authority, may cause data leak.The need of forbidding? or the need of process this security risk: delete this application or cancel this application obtain the extra authority with risk? corresponding processing mode is selected for user.
Monitoring modular in security system has a security feature storehouse, and this security feature storehouse is the security feature of large quantitative statistics.
Wherein, security system can judge the running environment whether safety of conventional system by the feature in security feature storehouse.As detected in conventional system whether there is rogue program by security feature storehouse; And whether conventional system is by root.
Detection of malicious program technic: provide an application class list, carries out authority judgement to application according to classification, and as game class application access contact person, transmission information etc. is just judged to be the application with application additional risk authority, and points out user.
Detect root method: the application (as whether there is SuperUser.apk under system/app) that whether there is super authority under conventional system catalogue can be detected; And there is the executable file (as having the su of suid position under/xbin/) whether existing under the catalogue that can perform authority and have super authority.
In addition, monitoring module can also be monitored in real time to the application of conventional system, particularly, the application that security system monitors conventional system is in real time installed, when conventional system has application to need to install, starting Service Notification security system, carrying out authority inquiry to needing the application of installing, by risky authority prompting user, and provide the measure forbidding this authority.As navigation software needs to obtain contact data, this just can be defined as needs extra risk authority, now point out this authority of user risky, process for user, if user selects to ignore this risk, then navigation software added safe list and be kept in the first system, with when navigation software obtains contact data again, affecting the use of user without the need to reminding user again.
Meanwhile, when there being the operation of access private data in conventional system, judging whether this access allows with regard to the monitoring module starting security system, and processing according to risk processing mode.
And when start up system, first can start security system, and start conventional system in the security system, before starting conventional system, security system first scans conventional system and whether is in security context, if dangerous, restarts conventional environment by after risk processing module process risk.
The treatment scheme of the above scheme can with reference to shown in Fig. 4 and Fig. 5.
Fig. 4 shows the schematic flow diagram of system start method in dual system termi-nal according to an embodiment of the invention.
As shown in Figure 4, system start method in dual system termi-nal according to an embodiment of the invention, comprising:
Step 402, starts the monitoring module in security system.
Step 404, starts the safety detection module in security system.
Step 406, safety detection module judges that whether conventional system is by root, if so, then performs step 408; If not, then step 410 is performed.
Step 408, when safety detection module judges conventional system by root, starts risk processing module process risk.
In safety detection module, step 410, judges that conventional system is not by root, when namely the startup environment of conventional system does not exist risk, starts conventional system.
Fig. 5 shows the processing flow chart of dual system termi-nal in operational process according to an embodiment of the invention.
As shown in Figure 5, the treatment scheme of dual system termi-nal in operational process according to an embodiment of the invention, comprising:
, in conventional system, there is the behavior of application installation, data access in step 502.
Step 504, conventional system starts Service Notification security system.
Step 506, security system starts monitoring module and safety detection module.
Step 508, whether the monitoring modular in security system and safety detection module detect the behavior risky, if so, then perform step 510; If not, then step 512 is performed.
Step 510, when monitoring modular in the security system and safety detection module detect that the behavior is risky, starts the risk processing module process risk in security system.
Step 512, when monitoring modular in the security system and safety detection module detect that the behavior does not have a risk, the Secure execution module started in conventional system performs the behavior.
More than be described with reference to the accompanying drawings technical scheme of the present invention, the present invention proposes a kind of scheme guaranteeing security of system, detected by the first system and process the risk existed in second system, the safe and stable operation of second system can be guaranteed, and then the privacy of user data existed in second system can be avoided to be leaked or revise, thus ensure that the security of dual system termi-nal.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (11)

1. guarantee a method for security of system, for terminal, described terminal comprises the first system and second system, it is characterized in that, comprising:
Whether the running environment being detected described second system by described the first system exists risk;
When detecting that the running environment of described second system exists risk by described the first system, point out described risk and/or the described risk of direct process by described the first system to user.
2. the method guaranteeing security of system according to claim 1, is characterized in that, described running environment comprises startup environment, then the step whether the startup environment detecting described second system by described the first system exists risk is specially:
Start described the first system, when receiving the instruction starting described second system, detect in described second system whether there is the application program with super authority and/or the executable file with super authority by described the first system, if so, then determine that the execution environment of described second system exists risk;
The described method guaranteeing security of system, also comprises:
When detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system; And
When detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
3. the method guaranteeing security of system according to claim 1, is characterized in that, described running environment comprises execution environment, then the step whether execution environment detecting described second system by described the first system exists risk is specially:
The application program that whether there is the illegal specific data obtained in described terminal is detected in described second system in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
4. the method guaranteeing security of system according to claim 3, is characterized in that, the step being detected in described second system the application program that whether there is the illegal specific data obtained in described terminal by described the first system is specially:
To the application program of accessing described specific data be needed in described terminal to classify, the classification residing for each application program of accessing described specific data as required judges whether described each application program has the authority of accessing described specific data;
Arbitrary application program of if desired accessing in the application program of described specific data does not have the authority of accessing described specific data, then judge to there is the illegal application program obtaining described specific data in described second system.
5. the method for insurance system safety really according to Claims 2 or 3, it is characterized in that, detect in described second system by described the first system the step that whether there is the application program with super authority and/or the executable file with super authority and be specially:
Under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
6. guarantee a device for security of system, for terminal, described terminal comprises the first system and second system, it is characterized in that, comprising:
Whether detecting unit, exist risk for the running environment being detected described second system by described the first system;
Tip element, for when by described the first system, described detecting unit detects that the running environment of described second system exists risk, points out described risk by described the first system to user; And/or
Processing unit, for when by described the first system, described detecting unit detects that the running environment of described second system exists risk, directly processes described risk.
7. the device guaranteeing security of system according to claim 6, is characterized in that, described running environment comprises startup environment, then described detecting unit specifically for:
Start described the first system, when receiving the instruction starting described second system, detect in described second system whether there is the application program with super authority and/or the executable file with super authority by described the first system, if so, then determine that the execution environment of described second system exists risk;
Describedly guarantee that the device of security of system also comprises:
Control module, for when detecting that the startup environment of described second system exists risk by described the first system, and point out described risk to described user and after the feedback information of described user is responded at described the first system, and/or after the described risk of process, start described second system, and for when detecting that the startup environment of described second system does not exist risk by described the first system, start described second system.
8. the device guaranteeing security of system according to claim 6, is characterized in that, described running environment comprises execution environment, then described detecting unit specifically for:
The application program that whether there is the illegal specific data obtained in described terminal is detected in described second system in real time by described the first system, and/or detect in described second system whether there is the application program with super authority and/or the executable file with super authority in real time, if so, then determine to detect that the execution environment of described second system exists risk.
9. the device guaranteeing security of system according to claim 8, is characterized in that, described detecting unit comprises:
Taxon, for needing the application program of accessing described specific data to classify in described terminal;
Judging unit, for access described specific data as required each application program residing for classification judge whether described each application program has the authority of accessing described specific data, and
When needing arbitrary application program of accessing in the application program of described specific data not have the authority of accessing described specific data, judge in described second system, to there is the illegal application program obtaining described specific data.
10. the device of insurance system safety really according to claim 7 or 8, is characterized in that, described detecting unit concrete also for:
Under the catalogue of described second system, detect the application program described in whether existing with super authority, and/or in described second system there is the catalogue that can perform authority under detect whether exist described in there is the executable file of super authority.
11. 1 kinds of terminals, is characterized in that, comprising:
The first system;
Second system; And
The device of insurance system safety really according to any one of claim 6 to 10.
CN201410512540.8A 2014-09-28 2014-09-28 Ensure the method for system safety, ensure the device and terminal of system safety Active CN104298924B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410512540.8A CN104298924B (en) 2014-09-28 2014-09-28 Ensure the method for system safety, ensure the device and terminal of system safety

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410512540.8A CN104298924B (en) 2014-09-28 2014-09-28 Ensure the method for system safety, ensure the device and terminal of system safety

Publications (2)

Publication Number Publication Date
CN104298924A true CN104298924A (en) 2015-01-21
CN104298924B CN104298924B (en) 2017-12-12

Family

ID=52318647

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410512540.8A Active CN104298924B (en) 2014-09-28 2014-09-28 Ensure the method for system safety, ensure the device and terminal of system safety

Country Status (1)

Country Link
CN (1) CN104298924B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105468976A (en) * 2015-12-08 2016-04-06 北京元心科技有限公司 Container-based multi-system intrusion monitoring method and device
CN106203101A (en) * 2015-04-30 2016-12-07 北京壹人壹本信息科技有限公司 A kind of method for managing security and device
CN106776138A (en) * 2016-12-16 2017-05-31 广东美晨通讯有限公司 Data reconstruction method and Data Recapture Unit
CN110155839A (en) * 2019-05-22 2019-08-23 安徽奥里奥克科技股份有限公司 A kind of elevator maintenance data auditing system based on cloud platform

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101361077A (en) * 2006-02-07 2009-02-04 国际商业机器公司 Method for preventing malicious software installation on an internet-connected computer
US20110035574A1 (en) * 2009-08-06 2011-02-10 David Jevans Running a Computer from a Secure Portable Device
CN101997960A (en) * 2009-08-14 2011-03-30 黄金富 High-safety two-operating system mobile phone capable of resisting hackers and being used for Internet banking
WO2011051757A1 (en) * 2009-10-26 2011-05-05 Gmx Sas Transactor for use in connection with transactions involving secure and non-secure information
CN102546922A (en) * 2010-12-21 2012-07-04 Lg电子株式会社 Mobile terminal and method of controlling a mode switching therein
CN102571708A (en) * 2010-12-27 2012-07-11 联想(北京)有限公司 Security certification method, portable terminal and portable mobile equipment
CN103714459A (en) * 2013-12-26 2014-04-09 电子科技大学 Secure payment system and method of intelligent terminal
CN103914646A (en) * 2013-01-08 2014-07-09 三星电子株式会社 Touch event processing method and portable device implementing the same

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101361077A (en) * 2006-02-07 2009-02-04 国际商业机器公司 Method for preventing malicious software installation on an internet-connected computer
US20110035574A1 (en) * 2009-08-06 2011-02-10 David Jevans Running a Computer from a Secure Portable Device
CN101997960A (en) * 2009-08-14 2011-03-30 黄金富 High-safety two-operating system mobile phone capable of resisting hackers and being used for Internet banking
WO2011051757A1 (en) * 2009-10-26 2011-05-05 Gmx Sas Transactor for use in connection with transactions involving secure and non-secure information
CN102546922A (en) * 2010-12-21 2012-07-04 Lg电子株式会社 Mobile terminal and method of controlling a mode switching therein
CN102571708A (en) * 2010-12-27 2012-07-11 联想(北京)有限公司 Security certification method, portable terminal and portable mobile equipment
CN103914646A (en) * 2013-01-08 2014-07-09 三星电子株式会社 Touch event processing method and portable device implementing the same
CN103714459A (en) * 2013-12-26 2014-04-09 电子科技大学 Secure payment system and method of intelligent terminal

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106203101A (en) * 2015-04-30 2016-12-07 北京壹人壹本信息科技有限公司 A kind of method for managing security and device
CN105468976A (en) * 2015-12-08 2016-04-06 北京元心科技有限公司 Container-based multi-system intrusion monitoring method and device
CN105468976B (en) * 2015-12-08 2019-11-12 北京元心科技有限公司 A kind of method for monitoring instruction and device of the multisystem based on container
CN106776138A (en) * 2016-12-16 2017-05-31 广东美晨通讯有限公司 Data reconstruction method and Data Recapture Unit
CN110155839A (en) * 2019-05-22 2019-08-23 安徽奥里奥克科技股份有限公司 A kind of elevator maintenance data auditing system based on cloud platform

Also Published As

Publication number Publication date
CN104298924B (en) 2017-12-12

Similar Documents

Publication Publication Date Title
CN102663288B (en) Virus killing method and device thereof
CN106156619B (en) Application security protection method and device
CN108268771B (en) Apparatus and method for indicating malicious object and non-transitory computer readable medium
US11086983B2 (en) System and method for authenticating safe software
CN104462970A (en) Android application program permission abuse detecting method based on process communication
US20140096246A1 (en) Protecting users from undesirable content
CN106845223B (en) Method and apparatus for detecting malicious code
US20130145472A1 (en) Preventing Execution of Task Scheduled Malware
CN105205413B (en) A kind of guard method of data and device
KR101414084B1 (en) System and for Malicious Application Detection on Mobile Device and Method thereof
CN102254113A (en) Method and system for detecting and intercepting malicious code of mobile terminal
CN102081722A (en) Method and device for protecting appointed application program
CN107330328B (en) Method and device for defending against virus attack and server
CN105303107A (en) Abnormal process detection method and apparatus
CN104298924A (en) Method and device for ensuring system safety and terminal
CN104268470A (en) Security control method and security control device
CN105791250B (en) Application program detection method and device
KR101731312B1 (en) Method, device and computer readable recording medium for searching permission change of application installed in user's terminal
CN106302531B (en) Safety protection method and device and terminal equipment
WO2019037521A1 (en) Security detection method, device, system, and server
CN109284636B (en) Webpage tamper-proofing system and method
KR101324691B1 (en) System and method for detecting malicious mobile applications
KR101060596B1 (en) Malicious file detection system, malicious file detection device and method
CN106899977B (en) Abnormal flow detection method and device
US20190098038A1 (en) Reducing a possible attack on a weak point of a device via a network access point

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant