CN104331658A - Installing verification method for intelligent terminal application program and system - Google Patents
Installing verification method for intelligent terminal application program and system Download PDFInfo
- Publication number
- CN104331658A CN104331658A CN201410646170.7A CN201410646170A CN104331658A CN 104331658 A CN104331658 A CN 104331658A CN 201410646170 A CN201410646170 A CN 201410646170A CN 104331658 A CN104331658 A CN 104331658A
- Authority
- CN
- China
- Prior art keywords
- application program
- pki
- intelligent terminal
- stored
- described application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an installing verification method for an intelligent terminal application program. The method comprises the following steps: acquiring a first public key pre-stored in an intelligent terminal system layer; judging if a to-be-installed application program meets an installing condition according to the pre-stored first public key; if yes, allowing to install the to-be-installed application program; if not, forbidding the installing for the to-be-installed application program. The invention also provides a system for realizing the method. According to the installing verification method for the intelligent terminal application program provided by the invention, before the application program is installed, the pre-stored first public key of the system layer is utilized to judge if the application program meets the installing condition, and the application program can be installed when the installing condition is met, so that the application program on the terminal equipment being an authenticated legal program can be ensured; the installing for an illegal application program can be effectively prevented; the manageable and controllable terminal application can be ensured; the illegal entry and spreading of harmful information can be prevented; the benefits of operators and users can be protected.
Description
Technical field
The present invention relates to application program installing area, particularly relate to a kind of Installation Validation method and system of intelligent terminal application program.
Background technology
Intelligent terminal product, as smart mobile phone, intelligent television and intelligent box are popularized fast, they generally all adopt the intelligent operating system platforms such as Android, user can unrestricted choice from different channel set up applications, along with customer volume increases, rogue program becomes the key factor of harm terminal user safety and privacy, serious infringement user legitimate rights and interests.Embed malicious code in application development link or be the Main Means making rogue program at present by distorting application program that other people write and embedding malicious code.In addition, by brush machine replace whole system and all application program be a kind of crack method of formula of taking away the firewood under the cauldron.
Current android system requires that each is installed into systematic difference program will through digital certificate signature.The principle of signature as shown in Figure 1, all unsigned files in exploitation person private key 11 pairs of original application program bags 12, comprise program file and resource file, sign by RSA Algorithm 13 one by one, Base64 is adopted to encode to digital signature information again, obtain signed data 14, the SHA1 of signed data 14, each file summary 15 and developer's PKI 16 are kept at the file 17 li that is called META-INF, META-INF file 17 and original application program bag 11, comprise program file and resource file, form release application program bag 18.Private key for signing is kept in the hand of program developer, is packaged in application file for the PKI verified.Wherein, application file is a zip compressed package.
Checking before application program is installed utilizes the PKI application programs be packaged in application file to verify.Therefore, the digital certificate that Android application file uses does not need the digital certificate signature agency qualification of authority, it is only used to allow application program self identity, be used for identification application author and to break the wall of mistrust among applications relation, instead of be used for controlling user can set up applications.Because digital certificate PKI is just packaged in application file, anyone can generate a pair new key, and uses private key again to sign, and new PKI is substituted in application file.There is the instrument of a lot of picture APKtool and Auto-sign and so at present, application programs decompiling can be easy to and carry out application signature.Inconsistent meeting of signing is considered as the application program situation of private key (have except) of different developer exploitation by android system, but cannot prevent these rogue programs of user installation.From safety perspective, current Android application program data signature mechanism performs practically no function, and effectively can not prevent the installation of unauthorized applications, and intelligent terminal can be caused to install illegal application program.
Summary of the invention
The present invention completes to solve above-mentioned deficiency of the prior art, the object of the invention is to the Installation Validation method and system proposing a kind of intelligent terminal application program, the method can solve the problem that existing application signature mechanism effectively can not prevent the installation of unauthorized applications.
For reaching this object, the present invention by the following technical solutions:
First aspect, the invention discloses a kind of Installation Validation method of intelligent terminal application program, comprises the following steps:
Obtain the first PKI of pre-stored in intelligent terminal system layer;
Judge whether application program to be installed meets mounting condition according to the first PKI of described pre-stored, if met, then allow described application program to be installed is installed, if do not met, then forbid described application program to be installed is installed.
Further, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain the application data bag carrying described application program to be installed, in described application data bag, also carry the first signed data utilizing the first private key to obtain,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
According to the first PKI of described pre-stored and described first signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid described application program to be installed is installed.
Further, described first signed data utilizes RSA signature algorithm to obtain, and the algorithm of described checking is RSA verification algorithm.
Further, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain the application data bag carrying described application program to be installed, in described application data bag, also carry the second signed data and application program PKI that utilize the first private key to obtain,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
Judge whether the first PKI of described pre-stored mates with described application program PKI, if coupling, then continue the described application program to be installed of checking and whether meet mounting condition, if do not mated, then forbid described application program to be installed is installed.
Further, described second signed data utilizes RSA signature algorithm to obtain.
Further, described continuation verifies whether described application program to be installed meets mounting condition and comprise the following steps:
According to described application program PKI and described second signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
Further, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain and carry the application data bag of described application program to be installed, the 3rd signed data that the person's private key that also carries exploitation in described application data bag obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
Utilize the first PKI of described pre-stored to verify described certificate, if be proved to be successful, then continued the described application program to be installed of checking and whether meet mounting condition, if authentication failed, then forbid described application program to be installed is installed.
Further, described 3rd signed data utilizes RSA signature algorithm to obtain.
Further, described continuation verifies whether described application program to be installed meets mounting condition and comprise the following steps:
According to described developer's PKI and described 3rd signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed to be installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
Further, in described acquisition intelligent terminal system layer pre-stored the first PKI before further comprising the steps of:
Obtain the second PKI of pre-stored in intelligent terminal Boot layer;
According to the signed data in the second PKI of described pre-stored and system layer, system layer is verified, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbid performing next step.
Further, further comprising the steps of before the second PKI prestored in described acquisition intelligent terminal Boot layer:
Obtain the 3rd PKI of pre-stored in intelligent terminal chip;
According to the signed data in the 3rd PKI of described pre-stored and Boot layer to the checking of Boot layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbid performing next step.
Second aspect, the invention discloses a kind of Installation Validation system of intelligent terminal application program, comprising:
First public key acquisition module, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
Application program mounting condition judge module, for judging whether application program to be installed meets mounting condition according to the first PKI of described pre-stored, if met, then allow described application program to be installed is installed, if do not met, then forbid described application program to be installed is installed.
Further, also comprise:
First application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, also carries the first signed data utilizing the first private key to obtain in described application data bag,
Described application program mounting condition judge module comprises:
First application program verification module, for verifying described application program to be installed according to the first PKI of described pre-stored and described first signed data, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid described application program to be installed is installed.
Further, described first signed data utilizes RSA signature algorithm to obtain, and the algorithm of described checking is RSA verification algorithm.
Further, also comprise:
Second application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, also carries the second signed data and application program PKI that utilize the first private key to obtain in described application data bag,
Described application program mounting condition judge module comprises:
Second application matches module, for judging whether the first PKI of described pre-stored mates with described application program PKI, if coupling, then continue the described application program to be installed of checking and whether meet mounting condition, if do not mated, then forbid described application program to be installed is installed.
Further, described second signed data utilizes RSA signature algorithm to obtain.
Further, also comprise:
Second application program verification module, during the first PKI and described application program public key match for described pre-stored, according to described application program PKI and described second signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
Further, also comprise:
3rd application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, the 3rd signed data that the person's private key that also carries exploitation in described application data bag obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing
Described application program mounting condition judge module comprises:
Certification authentication module, for utilizing the first PKI of described pre-stored to verify described certificate, if be proved to be successful, then continued the described application program to be installed of checking and whether meet mounting condition, if authentication failed, then forbid described application program to be installed is installed.
Further, described 3rd signed data utilizes RSA signature algorithm to obtain.
Further, also comprise:
3rd application program verification module, for verifying described application program to be installed according to described developer's PKI and described 3rd signed data, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
Further, also comprise:
Second public key acquisition module, for obtaining the second PKI of pre-stored in intelligent terminal Boot layer;
System layer authentication module, for verifying system layer according to the signed data in the second PKI of described pre-stored and system layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step.
Further, also comprise:
3rd public key acquisition module, for obtaining the 3rd PKI of pre-stored in intelligent terminal chip;
Boot layer authentication module, for verifying Boot layer according to the signed data in the 3rd PKI of described pre-stored and Boot layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step.
The Installation Validation method of intelligent terminal application program of the present invention first used the first PKI of system layer pre-stored to judge whether application program to be installed meets mounting condition before set up applications; only have when meeting and just allow to install; the application program can guaranteeing on the terminal device is through the legal procedure of certification; effectively prevent from illegal application program is installed; guarantee that terminal applies is controlled; forcible entry and the propagation of harmful information can be prevented, the interests of protection operator and user.
Accompanying drawing explanation
In order to the technical scheme of exemplary embodiment of the present is clearly described, one is done to the accompanying drawing used required for describing in embodiment below and simply introduce.Obviously, the accompanying drawing introduced is the accompanying drawing of a part of embodiment that the present invention will describe, instead of whole accompanying drawings, for those of ordinary skill in the art, under the prerequisite not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the signature principle schematic of application program in prior art.
Fig. 2 is the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention one provides.
Fig. 3 is the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention two provides.
Fig. 4 utilizes RSA signature algorithm to carry out the principle schematic of signing in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention two provides.
Fig. 5 utilizes RSA verification algorithm to carry out the principle schematic verified in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention two provides.
Fig. 6 is the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention three provides.
Fig. 7 utilizes RSA signature algorithm to carry out the principle schematic of signing in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention three provides.
Fig. 8 carries out in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention three provides mating and utilize RSA verification algorithm to carry out the principle schematic verified.
The schematic flow sheet of the Installation Validation method of the intelligent terminal application program that Fig. 9 embodiment of the present invention four provides.
Figure 10 utilizes RSA signature algorithm to carry out the principle schematic of signing in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention four provides.
Figure 11 carries out in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention four provides mating and utilize RSA verification algorithm to carry out the principle schematic verified.
Figure 12 is the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention five provides.
Figure 13 is the schematic diagram of the bottom-up trust chain in the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention five provides.
Figure 14 is the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention six provides.
Figure 15 is the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention seven provides.
Figure 16 is the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention eight provides.
Figure 17 is the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention nine provides.
Figure 18 is the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention ten provides.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below with reference to the accompanying drawing in the embodiment of the present invention, by embodiment, technical scheme of the present invention is intactly described.Obviously; described embodiment is a part of embodiment of the present invention, instead of whole embodiments, based on embodiments of the invention; the every other embodiment that those of ordinary skill in the art obtain under the prerequisite not making creative work, all falls within protection scope of the present invention.
Embodiment one:
Fig. 2 gives the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention one provides.
As Fig. 2, the Installation Validation method of the intelligent terminal application program that the present embodiment one provides comprises the following steps:
First PKI of pre-stored in step S21, acquisition intelligent terminal system layer;
In this step, the first PKI of acquisition is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Step S22, judge whether application program to be installed meets mounting condition according to the first PKI, if do not met, then perform step S23, forbid application program to be installed is installed; If met, then perform step S24, allow application program to be installed is installed.
The Installation Validation method of the intelligent terminal application program that the embodiment of the present invention one provides utilizes the first PKI of system layer pre-stored to judge whether application program meets mounting condition before set up applications; only have when meeting and could install; the application program can guaranteeing on the terminal device is through the legal procedure of certification; effectively prevent from illegal application program is installed; guarantee that terminal applies is controlled; forcible entry and the propagation of harmful information can be prevented, the interests of protection operator and user.
Embodiment two:
Fig. 3 gives the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention two provides.
As shown in Figure 3, the Installation Validation method of intelligent terminal application program that the embodiment of the present invention two provides comprises the following steps:
First PKI of pre-stored in step S31, acquisition intelligent terminal system layer;
In this step, the first PKI of acquisition is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Step S32, obtain and carry the application data bag of application program to be installed;
In this step, the application data bag of acquisition is except carrying application program to be installed, and also carry the first signed data utilizing the first private key to obtain, signer needs to maintain secrecy to the first private key.
In this step, first signed data can utilize RSA signature algorithm to obtain, RSA is rivest, shamir, adelman, as shown in Figure 4, the release application program bag 18 issued for developer adds file header HEADER41 to its signature principle, re-uses the first private key 42, RSA signature algorithm 43 is utilized to sign to it, generate the first signed data 44, the first signed data 44 is put hereof, form application data bag 45.
Wherein, RSA signature algorithm can adopt RSASSA-PKCS1_V1_5/SHA1 standard, and PKI length can be 2048bit, and public exponent can be 3 or 65537.
Wherein, the size of the first signed data can be 256Byte.HEADER comprises Magic-Word, type identification (Type), version identifier (Version) and length mark (Length).Wherein, the size of Magic-Word can be 4Byte; The size of type identification can be 4Byte, and it is used for identifying the type of application program to be installed, and for the application program to be installed of Android system, its value can be 0; The size of version identifier can be 4Byte, and it is used for identifying the version number of application program to be installed, and it can adopt small end form to store, and its form can be 84 binary-coded decimals, such as: YYMMDDHH; The size of length mark can be 4Byte, and it is used for identifying the length of application program to be installed, and it can adopt small end form to store.HEADER and original application program are the regional extent needing signature, and be called in " region to be verified ", the first signed data is generated through signature algorithm by the digest value in " region to be verified ", is placed on the first signed data region.Apk_to_sign.bin to be signed (i.e. " region to be verified ") form is: Magic-Word (4Byte)+Type (4Byte)+Version (4Byte)+Length (4Byte)+original application program.Apk_signed.bin form after signature is: the first signed data (256Byte)+apk_to_sign.bin.
Step S33, treat set up applications according to the first PKI of pre-stored and the first signed data and verify, if authentication failed, then perform step S34, forbid application program to be installed is installed; If be proved to be successful, then performed step S35, allow application program to be installed is installed.
In this step, checking completes on intelligent terminal, the porch of installing in application program is verified, the algorithm of checking can be RSA verification algorithm, its checking principle as shown in Figure 5, application programs packet 45 decomposes, decomposite the first signed data 44 and the other parts 51 carrying application program to be installed, use the first PKI 52 and the first signed data 44 of pre-stored in system layer, whether application program to be installed is proved to be successful 54 to utilize RSA verification algorithm 53 to judge, if be proved to be successful, then remove HEADER to allow application program 55 to be installed is installed, if authentication failed, then forbid application program 56 to be installed is installed.
In the present embodiment, step S32 also can before step S31.
The Installation Validation method of the intelligent terminal application program that the present embodiment two provides guarantees that the application program on intelligent terminal is through the legal procedure of certification; effectively can resist malice compressed package to attack; prevent from illegal application program is installed; guarantee that terminal applies is controlled; forcible entry and the propagation of harmful information can be prevented, the interests of protection operator and user.
Embodiment three:
Fig. 6 gives the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention three provides.
As shown in Figure 6, the Installation Validation method of intelligent terminal application program that the embodiment of the present invention three provides comprises the following steps:
First PKI of pre-stored in step S61, acquisition intelligent terminal system layer;
In this step, the first PKI of acquisition is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Step S62, obtain and carry the application data bag of application program to be installed;
In this step, in the application data bag of acquisition except carrying application program to be installed, also carry the second signed data and application program PKI that utilize the first private key to obtain, signer needs to maintain secrecy to the first private key.
In this step, second signed data can utilize RSA signature algorithm to obtain, use the first private key, utilize RSA signature algorithm to its signature principle of signing as shown in Figure 7, the release application program bag 18 that developer issues is decomposed, decomposite original application program bag 11, first private key 71 is used to original application program bag 11, RSA signature algorithm 72 is utilized to sign to it, generate the second signed data 73, second signed data 73 and application program PKI 74 are put hereof, forms application data bag 75.
Step S63, judge whether the first PKI of pre-stored mates with application program PKI;
In this step, whether the first PKI of pre-stored is mated with application program PKI and judges, if do not mated, then perform step S64, forbid application program to be installed is installed; If coupling, then perform step S65, treat set up applications according to application program PKI and the second signed data and verify, if authentication failed, then perform step S64, forbid application program to be installed is installed; If be proved to be successful, then performed step S65, allow application program to be installed is installed.
The algorithm of the checking in step S65 can be RSA verification algorithm, its coupling and checking principle are as shown in Figure 8, application programs packet 75 decomposes, decomposite application program PKI 74, second signed data 73 and original application program bag 11, first judge whether the first PKI 81 and the application program PKI 74 of pre-stored in system layer mate 82, if do not mated, then forbid application program 83 to be installed is installed; If coupling, then use application program PKI 74, second signed data 73, whether application program to be installed is proved to be successful 85 to utilize RSA verification algorithm 84 to judge, if authentication failed, then forbids installing application program 83 to be installed; If be proved to be successful, then allow application program 86 to be installed is installed.
Embodiment four:
Fig. 9 gives the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention four provides.
As shown in Figure 9, the Installation Validation method of intelligent terminal application program that the embodiment of the present invention four provides comprises the following steps:
First PKI of pre-stored in step S91, acquisition intelligent terminal system layer;
In this step, the first PKI of acquisition is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Step S92, obtain and carry the application data bag of application program to be installed;
In this step, in the application data bag obtained except carrying application program to be installed, the 3rd signed data that the person's private key that also carries exploitation obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing, signer needs to maintain secrecy to the first private key.
In this step, the 3rd signed data can utilize RSA signature algorithm to obtain; Certificate can utilize the first private key to carry out signature to developer's PKI and obtain, and the algorithm of signature can be RSA signature algorithm.Use developer's private key, utilize RSA signature algorithm to sign to it and utilize the first private key to its signature principle of signing as shown in Figure 10, on the one hand, utilize RSA signature algorithm 101, use developer's private key 102 pairs of original application program bags 103 to sign, obtain the 3rd signed data 104; On the other hand, utilize RSA Algorithm 105, use the first private key 106 pairs of developer's PKIs 107 to sign, obtain certificate 108, the 3rd signed data 104 and certificate 108 are put into routine package, form application data bag 109.
Step S93, the first PKI of pre-stored is utilized to verify certificate;
In this step, utilize the certificate in the first PKI application programs packet of pre-stored to verify, if authentication failed, then perform step S94, forbid application program to be installed is installed; If be proved to be successful, then performed step S95, treat set up applications according to developer's PKI and the 3rd signed data and verify, if authentication failed, then perform step S94, forbid application program to be installed is installed; If be proved to be successful, then performed step S95, allow application program to be installed is installed.
The algorithm of the checking in step S95 can be RSA verification algorithm, its checking principle as shown in figure 11, application programs packet 109 decomposes, decomposite certificate 108, the 3rd signed data 104 and original application program bag 103, first the first PKI 111 pairs of certificates 108 of pre-stored in system layer are utilized to carry out checking 112, if authentication failed, then forbid application program 113 to be installed is installed; If be proved to be successful, then certificate 108 is decomposed, obtain developer's PKI 107, use developer's PKI 107 and the 3rd signed data 104, whether application program to be installed is proved to be successful 115 to utilize RSA verification algorithm 114 to judge, if authentication failed, then forbids installing application program 113 to be installed; If be proved to be successful, then allow application program 116 to be installed is installed.
Embodiment five:
Figure 12 gives the schematic flow sheet of the Installation Validation method of the intelligent terminal application program that the embodiment of the present invention five provides.
As shown in figure 12, the Installation Validation method of intelligent terminal application program that the embodiment of the present invention five provides comprises the following steps:
3rd PKI of pre-stored in step S121, acquisition intelligent terminal chip;
In this step, the 3rd PKI of acquisition is stored in advance in the BootROM of chip, is used for verifying Boot layer.
Step S122, according to the signed data in the 3rd PKI of pre-stored and Boot layer to the checking of Boot layer, be only proved to be successful rear just permission and perform next step;
In this step, checking Boot layer comprises chip checking Boot, Boot checking and recovers module (Recovery) and recover module (Recovery) to verify AKU.
Second PKI of pre-stored in step S123, acquisition intelligent terminal Boot layer;
In this step, the second PKI of acquisition is stored in advance in Boot layer, is used for verification system layer.
Step S124, according to the signed data in the second PKI of pre-stored and system layer, system layer to be verified, be only proved to be successful rear just permission and perform next step;
In this step, verification system layer comprises validation of kernel (Kernel) and system (System), and the kernel of safety can the safety of the first PKI of protection system subregion and pre-stored, prevents the first PKI to be tampered or to replace.
First PKI of pre-stored in step S125, acquisition intelligent terminal system layer;
In this step, the first PKI of acquisition is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Step S126, judge whether application program to be installed meets mounting condition according to the first PKI, if do not met, then perform step S127, forbid application program to be installed is installed; If met, then perform step S128, allow application program to be installed is installed.
The Installation Validation method of the intelligent terminal application program that the present embodiment five provides is by signing each assembly in advance; and signature is added in assembly; the verification public key of a rear link is kept in last link in advance; and verified by last link; achieve the protection of the clean boot mechanism from bottom; clean boot mechanism is based on the bottom-up trust chain of one; as shown in figure 13; each assembly in trust chain; all after verifying the assembly success loaded thereafter, then control should be transferred.From underlying security chip to upper level applications, adopt digital signature technology to break the wall of mistrust chain, after before only in trust chain, link all passes through signature check, a rear link of trust chain could start.The method application program not only ensured on intelligent terminal is through the legal procedure of certification, also ensures the security of the operating system on intelligent terminal.
Embodiment six:
Figure 14 gives the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention six provides.
As shown in figure 14, the Installation Validation system of intelligent terminal application program that the embodiment of the present invention six provides comprises:
First public key acquisition modules A 141, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
In the present embodiment, the first PKI is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Application program mounting condition judge module A142, for judging whether application program to be installed meets mounting condition according to the first PKI of pre-stored, if met, then allows to install application program to be installed, if do not met, then forbids installing application program to be installed.
The Installation Validation system of the intelligent terminal application program that the present embodiment six provides utilizes the first PKI of system layer pre-stored to judge whether application program meets mounting condition before set up applications; only have when meeting and could install; the application program can guaranteeing on the terminal device is through the legal procedure of certification; effectively prevent from illegal application program is installed; guarantee that terminal applies is controlled; forcible entry and the propagation of harmful information can be prevented, the interests of protection operator and user.
Embodiment seven:
Figure 15 gives the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention seven provides.
As shown in figure 15, the Installation Validation system of intelligent terminal application program that the embodiment of the present invention seven provides comprises:
First public key acquisition modules A 151, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
In the present embodiment, the first PKI is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
First application data bag acquisition module A152, for obtaining the application data bag carrying application program to be installed;
In the present embodiment, application data bag, except carrying application program to be installed, also carries the first signed data utilizing the first private key to obtain.First signed data can utilize RSA signature algorithm to obtain, and its signature principle is as described in embodiment two.
First application program verification modules A 153, verifying for treating set up applications according to the first PKI of pre-stored and the first signed data, if be proved to be successful, then allowing application program to be installed is installed, if authentication failed, then forbid application program to be installed is installed.
In the present embodiment, checking completes on intelligent terminal, and the porch of installing in application program is verified, the algorithm of checking can be RSA verification algorithm, and its checking principle is as described in embodiment two.
The Installation Validation system of the intelligent terminal application program that the present embodiment seven provides guarantees that the application program on intelligent terminal is through the legal procedure of certification; effectively can resist malice compressed package to attack; prevent from illegal application program is installed; guarantee that terminal applies is controlled; forcible entry and the propagation of harmful information can be prevented, the interests of protection operator and user.
Embodiment eight:
Figure 16 gives the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention eight provides.
As shown in figure 16, the Installation Validation system of intelligent terminal application program that the embodiment of the present invention eight provides comprises:
First public key acquisition modules A 161, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
In the present embodiment, the first PKI is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
Second application data bag acquisition module A162, for obtaining the application data bag carrying application program to be installed;
In the present embodiment, in application data bag except carrying application program to be installed, also carry the second signed data and application program PKI that utilize the first private key to obtain.Second signed data can utilize RSA signature algorithm to obtain, and its signature principle is as described in embodiment three.
Second application matches modules A 163, for judging whether the first PKI of pre-stored mates with application program PKI, if coupling, then continues checking application program to be installed and whether meets mounting condition, if do not mated, then forbid installing application program to be installed;
Second application program verification modules A 164, during the first PKI and application program public key match for pre-stored, treat set up applications according to application program PKI and the second signed data to verify, if be proved to be successful, then allow application program to be installed is installed, if authentication failed, then forbid application program to be installed is installed.
In the present embodiment, the algorithm of checking can be RSA verification algorithm, and its checking principle is as described in embodiment three.
Embodiment nine:
Figure 17 gives the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention nine provides.
As shown in figure 17, the Installation Validation system of intelligent terminal application program that the embodiment of the present invention nine provides comprises:
First public key acquisition modules A 171, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
In the present embodiment, the first PKI is stored in advance in system layer, is used for judging whether application program to be installed meets mounting condition.
3rd application data bag acquisition module A172, for obtaining the application data bag carrying application program to be installed;
In the present embodiment, in application data bag except carrying application program to be installed, the 3rd signed data that the person's private key that also carries exploitation obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing.3rd signed data can utilize RSA signature algorithm to obtain, and its signature principle is as described in embodiment four.
Certification authentication modules A 173, for utilizing the first PKI of described pre-stored to verify described certificate, if be proved to be successful, then continued the described application program to be installed of checking and whether meet mounting condition, if authentication failed, then forbid described application program to be installed is installed;
3rd application program verification modules A 174, for verifying described application program to be installed according to described developer's PKI and described 3rd signed data, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
In the present embodiment, the algorithm of checking can be RSA verification algorithm, and its checking principle is as described in embodiment four.
Embodiment ten:
Figure 18 gives the structural representation of the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention ten provides.
As shown in figure 18, compared with embodiment six, the Installation Validation system of the intelligent terminal application program that the embodiment of the present invention ten provides also comprises:
3rd public key acquisition modules A 181, for obtaining the 3rd PKI of pre-stored in intelligent terminal terminal chip;
In the present embodiment, the 3rd PKI is stored in advance in the BootROM of chip, is used for verifying Boot layer.
Boot layer authentication module A182, for verifying Boot layer according to the signed data in the 3rd PKI of described pre-stored and Boot layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step;
In the present embodiment, checking Boot layer comprises chip checking Boot, Boot checking and recovers module (Recovery) and recover module (Recovery) to verify AKU.
Second public key acquisition modules A 183, for obtaining the second PKI of pre-stored in intelligent terminal Boot layer;
In the present embodiment, the second PKI is stored in advance in Boot layer, is used for verification system layer.
System layer authentication module A184, for verifying system layer according to the signed data in the second PKI of described pre-stored and system layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step.
In the present embodiment, verification system layer comprises validation of kernel (Kernel) and system (System), and the kernel of safety can the safety of the first PKI of protection system subregion and pre-stored, prevents the first PKI to be tampered or to replace.
The Installation Validation system of the intelligent terminal application program that the present embodiment ten provides is by signing each assembly in advance; and signature is added in assembly; the verification public key of a rear link is kept in last link in advance; and verified by last link; achieve the protection of the clean boot mechanism from bottom, clean boot mechanism is based on the bottom-up trust chain of one, each assembly in trust chain; all after verifying the assembly success loaded thereafter, then control should be transferred.From underlying security chip to upper level applications, adopt digital signature technology to break the wall of mistrust chain, after before only in trust chain, link all passes through signature check, a rear link of trust chain could start.The method application program not only ensured on intelligent terminal is through the legal procedure of certification, also ensures the security of the operating system on intelligent terminal.
The know-why that above are only preferred embodiment of the present invention and use.The invention is not restricted to specific embodiment described here, the various significant changes can carried out for a person skilled in the art, readjust and substitute all can not depart from protection scope of the present invention.Therefore, although be described in further detail invention has been by above embodiment, the present invention is not limited only to above embodiment, when not departing from the present invention's design, can also comprise other Equivalent embodiments more, and scope of the present invention is determined by the scope of claim.
Claims (22)
1. an Installation Validation method for intelligent terminal application program, is characterized in that, comprise the following steps:
Obtain the first PKI of pre-stored in intelligent terminal system layer;
Judge whether application program to be installed meets mounting condition according to the first PKI of described pre-stored, if met, then allow described application program to be installed is installed, if do not met, then forbid described application program to be installed is installed.
2. the Installation Validation method of intelligent terminal application program according to claim 1, is characterized in that, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain the application data bag carrying described application program to be installed, in described application data bag, also carry the first signed data utilizing the first private key to obtain,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
According to the first PKI of described pre-stored and described first signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid described application program to be installed is installed.
3. the Installation Validation method of intelligent terminal application program according to claim 2, is characterized in that, described first signed data utilizes RSA signature algorithm to obtain, and the algorithm of described checking is RSA verification algorithm.
4. the Installation Validation method of intelligent terminal application program according to claim 1, is characterized in that, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain the application data bag carrying described application program to be installed, in described application data bag, also carry the second signed data and application program PKI that utilize the first private key to obtain,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
Judge whether the first PKI of described pre-stored mates with described application program PKI, if coupling, then continue the described application program to be installed of checking and whether meet mounting condition, if do not mated, then forbid described application program to be installed is installed.
5. the Installation Validation method of intelligent terminal application program according to claim 4, is characterized in that, described second signed data utilizes RSA signature algorithm to obtain.
6. the Installation Validation method of intelligent terminal application program according to claim 5, is characterized in that, whether the described application program to be installed of described continuation checking meets mounting condition comprises the following steps:
According to described application program PKI and described second signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
7. the Installation Validation method of intelligent terminal application program according to claim 1, is characterized in that, in described acquisition intelligent terminal system layer pre-stored the first PKI before or after further comprising the steps of:
Obtain and carry the application data bag of described application program to be installed, the 3rd signed data that the person's private key that also carries exploitation in described application data bag obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing,
Described the first PKI according to described pre-stored judges whether application program to be installed meets mounting condition and comprise the following steps:
Utilize the first PKI of described pre-stored to verify described certificate, if be proved to be successful, then continued the described application program to be installed of checking and whether meet mounting condition, if authentication failed, then forbid described application program to be installed is installed.
8. the Installation Validation method of intelligent terminal application program according to claim 7, is characterized in that, described 3rd signed data utilizes RSA signature algorithm to obtain.
9. the Installation Validation method of intelligent terminal application program according to claim 8, is characterized in that, whether the described application program to be installed of described continuation checking meets mounting condition comprises the following steps:
According to described developer's PKI and described 3rd signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed to be installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
10., according to the Installation Validation method of the arbitrary described intelligent terminal application program of claim 1-9, it is characterized in that, in described acquisition intelligent terminal system layer pre-stored the first PKI before further comprising the steps of:
Obtain the second PKI of pre-stored in intelligent terminal Boot layer;
According to the signed data in the second PKI of described pre-stored and system layer, system layer is verified, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbid performing next step.
The Installation Validation method of 11. intelligent terminal application programs according to claim 10, is characterized in that, further comprising the steps of before the second PKI prestored in described acquisition intelligent terminal Boot layer:
Obtain the 3rd PKI of pre-stored in intelligent terminal chip;
According to the signed data in the 3rd PKI of described pre-stored and Boot layer to the checking of Boot layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbid performing next step.
The Installation Validation system of 12. 1 kinds of intelligent terminal application programs, is characterized in that, comprising:
First public key acquisition module, for obtaining the first PKI of pre-stored in intelligent terminal system layer;
Application program mounting condition judge module, for judging whether application program to be installed meets mounting condition according to the first PKI of described pre-stored, if met, then allow described application program to be installed is installed, if do not met, then forbid described application program to be installed is installed.
The Installation Validation system of 13. intelligent terminal application programs according to claim 12, is characterized in that, also comprise:
First application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, also carries the first signed data utilizing the first private key to obtain in described application data bag,
Described application program mounting condition judge module comprises:
First application program verification module, for verifying described application program to be installed according to the first PKI of described pre-stored and described first signed data, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid described application program to be installed is installed.
The Installation Validation system of 14. intelligent terminal application programs according to claim 13, is characterized in that, described first signed data utilizes RSA signature algorithm to obtain, and the algorithm of described checking is RSA verification algorithm.
The Installation Validation system of 15. intelligent terminal application programs according to claim 12, is characterized in that, also comprise:
Second application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, also carries the second signed data and application program PKI that utilize the first private key to obtain in described application data bag,
Described application program mounting condition judge module comprises:
Second application matches module, for judging whether the first PKI of described pre-stored mates with described application program PKI, if coupling, then continue the described application program to be installed of checking and whether meet mounting condition, if do not mated, then forbid described application program to be installed is installed.
The Installation Validation system of 16. intelligent terminal application programs according to claim 15, is characterized in that, described second signed data utilizes RSA signature algorithm to obtain.
The Installation Validation system of 17. intelligent terminal application programs according to claim 16, is characterized in that, also comprise:
Second application program verification module, during the first PKI and described application program public key match for described pre-stored, according to described application program PKI and described second signed data, described application program to be installed is verified, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
The Installation Validation system of 18. intelligent terminal application programs according to claim 12, is characterized in that, also comprise:
3rd application data bag acquisition module, for obtaining the application data bag carrying described application program to be installed, the 3rd signed data that the person's private key that also carries exploitation in described application data bag obtains and utilize the first private key to carry out to developer's PKI the certificate obtained of signing
Described application program mounting condition judge module comprises:
Certification authentication module, for utilizing the first PKI of described pre-stored to verify described certificate, if be proved to be successful, then continued the described application program to be installed of checking and whether meet mounting condition, if authentication failed, then forbid described application program to be installed is installed.
The Installation Validation system of 19. intelligent terminal application programs according to claim 18, is characterized in that, described 3rd signed data utilizes RSA signature algorithm to obtain.
The Installation Validation system of 20. intelligent terminal application programs according to claim 19, is characterized in that, also comprise:
3rd application program verification module, for verifying described application program to be installed according to described developer's PKI and described 3rd signed data, if be proved to be successful, then allow described application program to be installed is installed, if authentication failed, then forbid installing described application program to be installed, the algorithm of described checking is RSA verification algorithm.
21., according to the Installation Validation system of the arbitrary described intelligent terminal application program of claim 11-20, is characterized in that, also comprise:
Second public key acquisition module, for obtaining the second PKI of pre-stored in intelligent terminal Boot layer;
System layer authentication module, for verifying system layer according to the signed data in the second PKI of described pre-stored and system layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step.
The Installation Validation system of 22. intelligent terminal application programs according to claim 21, is characterized in that, also comprise:
3rd public key acquisition module, for obtaining the 3rd PKI of pre-stored in intelligent terminal chip;
Boot layer authentication module, for verifying Boot layer according to the signed data in the 3rd PKI of described pre-stored and Boot layer, if be proved to be successful, then allowed to perform next step, if authentication failed, then forbids performing next step.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410646170.7A CN104331658A (en) | 2014-11-14 | 2014-11-14 | Installing verification method for intelligent terminal application program and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410646170.7A CN104331658A (en) | 2014-11-14 | 2014-11-14 | Installing verification method for intelligent terminal application program and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104331658A true CN104331658A (en) | 2015-02-04 |
Family
ID=52406380
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410646170.7A Pending CN104331658A (en) | 2014-11-14 | 2014-11-14 | Installing verification method for intelligent terminal application program and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104331658A (en) |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105227545A (en) * | 2015-09-07 | 2016-01-06 | 上海联彤网络通讯技术有限公司 | The system and method that user and developer divide control is realized in intelligent operating platform |
| CN105354050A (en) * | 2015-09-30 | 2016-02-24 | 深圳市九洲电器有限公司 | Application software calling method for intelligent terminal |
| CN105893837A (en) * | 2016-03-31 | 2016-08-24 | 北京智能果技术有限公司 | Application program installation method, security encryption chip and terminal |
| WO2016177172A1 (en) * | 2015-10-21 | 2016-11-10 | 中兴通讯股份有限公司 | Management method, system and terminal, key management system and terminal manufacturer system |
| CN106230598A (en) * | 2016-07-29 | 2016-12-14 | 深圳兆日科技股份有限公司 | Mobile terminal third-party application safety certifying method and device |
| CN106484484A (en) * | 2016-10-20 | 2017-03-08 | 广东欧珀移动通信有限公司 | Application program installs management method and terminal unit |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN106650322A (en) * | 2016-12-15 | 2017-05-10 | Tcl集团股份有限公司 | Authorization method and system for apk installation under Android system |
| CN106778190A (en) * | 2016-11-29 | 2017-05-31 | 艾体威尔电子技术(北京)有限公司 | A kind of system and method for strengthening Android system application installation and operation safety |
| CN106804035A (en) * | 2015-11-26 | 2017-06-06 | 东莞酷派软件技术有限公司 | A kind of electronic equipment brush machine control method and system |
| CN106971105A (en) * | 2017-03-30 | 2017-07-21 | 电子科技大学 | A kind of application program based on iOS meets with the defence method of flank attack |
| CN107391166A (en) * | 2017-06-05 | 2017-11-24 | 深圳市优***科技股份有限公司 | The installation method and system of Android applications, computer installation and readable storage medium storing program for executing |
| CN107463806A (en) * | 2017-06-20 | 2017-12-12 | 国家计算机网络与信息安全管理中心 | The signature and sign test method of a kind of Android application programs installation kit |
| CN107483523A (en) * | 2016-11-02 | 2017-12-15 | 深圳市波普安创技术有限公司 | Legal the firmware debugging system and its method of information safety devices |
| CN107506207A (en) * | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN108037936A (en) * | 2017-12-08 | 2018-05-15 | 郑州云海信息技术有限公司 | The method and relevant apparatus of a kind of system upgrade |
| CN109660353A (en) * | 2018-12-12 | 2019-04-19 | 新华三技术有限公司 | A kind of application program installation method and device |
| CN109977662A (en) * | 2019-03-01 | 2019-07-05 | 晋商博创(北京)科技有限公司 | Processing method, device, terminal and the storage medium of application program |
| CN110737985A (en) * | 2019-10-15 | 2020-01-31 | 上海联影医疗科技有限公司 | Running data verification method and device, computer equipment and readable storage medium |
| CN112257033A (en) * | 2020-10-14 | 2021-01-22 | 郑州阿帕斯数云信息科技有限公司 | Application packaging method, device and equipment |
| CN115292746A (en) * | 2022-07-28 | 2022-11-04 | 南京国电南自电网自动化有限公司 | Credible compiling and running method for application program |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102446106A (en) * | 2010-09-30 | 2012-05-09 | 联想(北京)有限公司 | Installation management method, server and terminal for application program |
| CN102509047A (en) * | 2011-11-09 | 2012-06-20 | 北京赛科世纪数码科技有限公司 | Method and system for verifying program code in set-top box |
| CN103577206A (en) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | Method and device for installing application software |
| CN104023032A (en) * | 2014-06-23 | 2014-09-03 | 北京握奇智能科技有限公司 | Application limited unloading method based on dependable execution environment technology, server and terminal |
-
2014
- 2014-11-14 CN CN201410646170.7A patent/CN104331658A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102446106A (en) * | 2010-09-30 | 2012-05-09 | 联想(北京)有限公司 | Installation management method, server and terminal for application program |
| CN102509047A (en) * | 2011-11-09 | 2012-06-20 | 北京赛科世纪数码科技有限公司 | Method and system for verifying program code in set-top box |
| CN103577206A (en) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | Method and device for installing application software |
| CN104023032A (en) * | 2014-06-23 | 2014-09-03 | 北京握奇智能科技有限公司 | Application limited unloading method based on dependable execution environment technology, server and terminal |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105227545A (en) * | 2015-09-07 | 2016-01-06 | 上海联彤网络通讯技术有限公司 | The system and method that user and developer divide control is realized in intelligent operating platform |
| CN105354050A (en) * | 2015-09-30 | 2016-02-24 | 深圳市九洲电器有限公司 | Application software calling method for intelligent terminal |
| CN105354050B (en) * | 2015-09-30 | 2019-05-17 | 深圳市九洲电器有限公司 | A kind of application software call method of intelligent terminal |
| WO2016177172A1 (en) * | 2015-10-21 | 2016-11-10 | 中兴通讯股份有限公司 | Management method, system and terminal, key management system and terminal manufacturer system |
| CN106804035A (en) * | 2015-11-26 | 2017-06-06 | 东莞酷派软件技术有限公司 | A kind of electronic equipment brush machine control method and system |
| CN105893837A (en) * | 2016-03-31 | 2016-08-24 | 北京智能果技术有限公司 | Application program installation method, security encryption chip and terminal |
| CN105893837B (en) * | 2016-03-31 | 2019-04-30 | 北京智能果技术有限公司 | Application program installation method, security encryption chip and terminal |
| CN106230598A (en) * | 2016-07-29 | 2016-12-14 | 深圳兆日科技股份有限公司 | Mobile terminal third-party application safety certifying method and device |
| CN106230598B (en) * | 2016-07-29 | 2019-03-15 | 深圳兆日科技股份有限公司 | Mobile terminal third-party application safety certifying method and device |
| CN106484484A (en) * | 2016-10-20 | 2017-03-08 | 广东欧珀移动通信有限公司 | Application program installs management method and terminal unit |
| CN107483523A (en) * | 2016-11-02 | 2017-12-15 | 深圳市波普安创技术有限公司 | Legal the firmware debugging system and its method of information safety devices |
| CN106778190A (en) * | 2016-11-29 | 2017-05-31 | 艾体威尔电子技术(北京)有限公司 | A kind of system and method for strengthening Android system application installation and operation safety |
| CN106650322A (en) * | 2016-12-15 | 2017-05-10 | Tcl集团股份有限公司 | Authorization method and system for apk installation under Android system |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN106971105A (en) * | 2017-03-30 | 2017-07-21 | 电子科技大学 | A kind of application program based on iOS meets with the defence method of flank attack |
| CN106971105B (en) * | 2017-03-30 | 2020-02-18 | 电子科技大学 | IOS-based application program defense method against false face attack |
| CN107391166A (en) * | 2017-06-05 | 2017-11-24 | 深圳市优***科技股份有限公司 | The installation method and system of Android applications, computer installation and readable storage medium storing program for executing |
| CN107463806A (en) * | 2017-06-20 | 2017-12-12 | 国家计算机网络与信息安全管理中心 | The signature and sign test method of a kind of Android application programs installation kit |
| CN107463806B (en) * | 2017-06-20 | 2020-08-14 | 国家计算机网络与信息安全管理中心 | Signature and signature verification method for Android application program installation package |
| CN107506207A (en) * | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN108037936A (en) * | 2017-12-08 | 2018-05-15 | 郑州云海信息技术有限公司 | The method and relevant apparatus of a kind of system upgrade |
| CN109660353A (en) * | 2018-12-12 | 2019-04-19 | 新华三技术有限公司 | A kind of application program installation method and device |
| CN109977662A (en) * | 2019-03-01 | 2019-07-05 | 晋商博创(北京)科技有限公司 | Processing method, device, terminal and the storage medium of application program |
| CN110737985A (en) * | 2019-10-15 | 2020-01-31 | 上海联影医疗科技有限公司 | Running data verification method and device, computer equipment and readable storage medium |
| CN112257033A (en) * | 2020-10-14 | 2021-01-22 | 郑州阿帕斯数云信息科技有限公司 | Application packaging method, device and equipment |
| CN115292746A (en) * | 2022-07-28 | 2022-11-04 | 南京国电南自电网自动化有限公司 | Credible compiling and running method for application program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104331658A (en) | Installing verification method for intelligent terminal application program and system | |
| KR101296483B1 (en) | Validation and/or authentication of a device for communication with a network | |
| KR101795457B1 (en) | Method of initializing device and method of updating firmware of device having enhanced security function | |
| US8677144B2 (en) | Secure software and hardware association technique | |
| CN101145906B (en) | Method and system for authenticating legality of receiving terminal in unidirectional network | |
| US7694139B2 (en) | Securing executable content using a trusted computing platform | |
| CA2694201C (en) | Preventing unauthorized poaching of set top box assets | |
| CN103995991B (en) | Method for binding hardware information and secret keys in software copyright protection | |
| US7886355B2 (en) | Subsidy lock enabled handset device with asymmetric verification unlocking control and method thereof | |
| CN101194229B (en) | Updating of data instructions | |
| CN112464271B (en) | Method and system for constructing high-reliability execution environment of power Internet of things edge Internet of things agent | |
| CN109802825A (en) | A kind of data encryption, the method for decryption, system and terminal device | |
| CN107733636B (en) | Authentication method and authentication system | |
| CN105099705B (en) | A kind of safety communicating method and its system based on usb protocol | |
| WO2010076987A2 (en) | Remote update method for firmware | |
| CN111404696A (en) | Collaborative signature method, security service middleware, related platform and system | |
| CN104636680A (en) | Verification of authenticity of a maintenance means and provision and obtainment of a license key for use therein | |
| WO2013185724A2 (en) | Mobile terminal and software upgrade method thereof | |
| CN104992082A (en) | Software authorization method and device and electronic equipment | |
| CN101471915A (en) | Encipher method and encipher device | |
| CN105068824A (en) | Method and device for dividing terminal development mode and product mode | |
| US9660863B2 (en) | Network connecting method and electronic device | |
| EP2704393A1 (en) | Network connecting method and electronic device | |
| JP6869104B2 (en) | Authentication method | |
| US11809528B2 (en) | Terminal hardware configuration system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150204 |