CN105635066A - Management method and device of client application program - Google Patents

Management method and device of client application program Download PDF

Info

Publication number
CN105635066A
CN105635066A CN201410610481.8A CN201410610481A CN105635066A CN 105635066 A CN105635066 A CN 105635066A CN 201410610481 A CN201410610481 A CN 201410610481A CN 105635066 A CN105635066 A CN 105635066A
Authority
CN
China
Prior art keywords
position information
client application
application program
password
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410610481.8A
Other languages
Chinese (zh)
Other versions
CN105635066B (en
Inventor
陈凯宣
巫涛
高宏亮
宁檬
罗来峰
蔡拥军
陈义文
张丽妍
李晓明
刘擎
许焕逵
胡乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianyi Electronic Commerce Co Ltd
Original Assignee
Tianyi Electronic Commerce Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianyi Electronic Commerce Co Ltd filed Critical Tianyi Electronic Commerce Co Ltd
Priority to CN201410610481.8A priority Critical patent/CN105635066B/en
Publication of CN105635066A publication Critical patent/CN105635066A/en
Application granted granted Critical
Publication of CN105635066B publication Critical patent/CN105635066B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a management method and device of a client application program, relates to the technical field of communication networks and solves the account safety problem of the client application program of a mobile terminal edition. When a user is logging in or using the client application program, a server corresponding to the client application program receives account position information, uploaded by a mobile terminal, of an account (corresponding to the client application program); the account position information is matched with safe position information in a safe area database; when the matching is successful, the client application program is indicated to be started; and if the matching is not successful, a password to be verified uploaded by the mobile terminal is received, and when the password to be verified is matched with a verification password, the client application program is indicated to be started. The scheme provided by the embodiments of the invention is applicable to file control and management.

Description

Management method and device for client application program
Technical Field
The present invention relates to the field of communications network technologies, and in particular, to a method and an apparatus for managing a client application.
Background
With the increasing popularization of mobile terminals, more and more client application programs based on mobile terminal versions are provided, and the account security problem of the client application programs is highlighted. Generally, in the prior art, in order to ensure the account security of each client application program in a mobile terminal, an account in the client application program may be bound with the mobile terminal, so that after an account number of the client application program is stolen, login fails on an unbound mobile terminal.
However, binding an account in the client application with the mobile terminal requires an operation of unbinding the originally bound mobile terminal before the user needs to log in the account using another mobile terminal. When the mobile terminal is lost, other people can still use the binding mobile terminal to log in the account before the user releases the binding operation, so that the security problem of the account still exists.
Disclosure of Invention
The embodiment of the invention provides a management method and a management device for a client application program, which are used for solving the account security problem in the client application program of a mobile terminal version.
In one aspect, an embodiment of the present invention provides a method for managing a client application, where the method is applied to a server corresponding to the client application, where the server includes a secure area library, and the secure area library includes secure location information where an account for registering the client application is located, and the method includes:
when the client application program is in a login state or a use state, receiving account position information uploaded by a mobile terminal, wherein the mobile terminal is the mobile terminal where the account is located, and the account position information is the position information where the mobile terminal is located;
matching the account location information with the secure location information in the secure enclave store;
when the account location information is successfully matched with the secure location information, indicating the client application program to be opened;
and when the account position information is unsuccessfully matched with the safety position information, receiving a password to be verified uploaded by the mobile terminal, and when the password to be verified is matched with the verification password, indicating the client application program to be opened, wherein the verification password is used for verifying the password to be verified.
In another aspect, an embodiment of the present invention provides an apparatus for managing a client application, where the apparatus is applied to a server corresponding to the client application, and the server includes a secure area library including secure location information where an account for registering the client application is located, and the apparatus includes:
the receiving module is used for receiving account position information uploaded by a mobile terminal when the client application program is in a login state or a use state, and providing the account position information to the matching module, wherein the mobile terminal is the mobile terminal where the account is located, and the account position information is the position information where the mobile terminal is located;
the matching module is used for matching the account position information with the safety position information in the safety area library;
the indication opening module is used for indicating the client application program to be opened when the account position information is successfully matched with the safety position information;
the receiving module is further configured to receive a password to be verified uploaded by the mobile terminal when matching between the account location information and the secure location information fails, and provide the password to be verified to the matching module;
the matching module is further used for matching the password to be verified with a verification password, wherein the verification password is used for verifying the password to be verified;
the indication opening module is further configured to indicate the client application program to be opened when the password to be verified is matched with the verification password.
According to the method and the device for managing the client application program, when a user logs in or uses the client application program, a server corresponding to the client application program receives account position information of an account (an account corresponding to the client application program) uploaded by a mobile terminal, the account position information is matched with safety position information in a safety area library, when the matching is successful, the client application program is indicated to be opened, when the matching is failed, a password to be verified uploaded by the mobile terminal is received, and when the password to be verified is matched with the verification password, the client application program is indicated to be opened. Therefore, the invention is adopted on the premise of not limiting the mobile terminal, when the position of the account is determined to be contained in the safe region library for storing the position information allowed by the user, the client application program can be normally used, and when the position of the account is outside the safe region library, the use of the client application program is prevented, thereby ensuring the account safety problem of the client application program.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for managing a client application according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a management apparatus for a client application according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of another management apparatus for a client application according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a method for managing a client application, where the method is applied to a server corresponding to the client application, where the server includes a secure area library, and the secure area library includes secure location information where an account of the client application is registered, and the method specifically includes the following steps:
101, when the client application program is in a login state or a use state, receiving account location information uploaded by a mobile terminal, wherein the mobile terminal is a mobile terminal where an account is located, and the account location information is location information where the mobile terminal is located.
The position information (such as account position information) in the invention can be represented by latitude and longitude; or for building names, etc.
And 102, matching the account position information with the safety position information in the safety area library.
And 103, when the account position information is successfully matched with the safety position information, indicating the client application program to be opened.
And 104, when the account position information is unsuccessfully matched with the safety position information, receiving a password to be verified uploaded by the mobile terminal, and when the password to be verified is matched with the verification password, indicating the client application program to be opened, wherein the verification password is a password for verifying the password to be verified.
And when the account position information is unsuccessfully matched with the safety position information, the mobile terminal starts a verification mechanism corresponding to the client application program, displays a dialog box for inputting the verification password in a display screen of the mobile terminal, and indicates a user to input the password to be verified.
When the verification mechanism is established, a user is instructed to input a verification password as a criterion for authenticating the password to be verified.
According to the management method of the client application program, when a user logs in or uses the client application program, a server corresponding to the client application program receives account position information of an account (an account corresponding to the client application program) uploaded by a mobile terminal, the account position information is matched with safety position information in a safety area library, the client application program is opened when matching is successful, a password to be verified uploaded by the mobile terminal is received when matching is failed, and the client application program is opened when the password to be verified is matched with the verification password. Therefore, when the position of the account is determined to be contained in the safe area library by adopting the method and the device on the premise of not limiting the mobile terminal, the client application program can be normally used, so that the account safety problem of the client application program is ensured.
Further optionally, before receiving the account location information uploaded by the mobile terminal when logging in or using the client application, the server of the client application determines the secure location information in the secure area library in various ways, which are listed as the following four ways.
The first mode is as follows: the server receives the acquisition position information uploaded by the mobile terminal, and stores the acquisition position information meeting a first preset condition into a to-be-selected area library; and storing the safety position information to be selected in the area library to be selected, which meets the second preset condition, into a safety area library.
The mobile terminal comprises a to-be-selected area library, a first preset condition and a second preset condition, wherein the to-be-selected area library is used for storing to-be-selected safety position information required by a safety area library, the first preset condition is used for screening collected position information uploaded by the mobile terminal into to-be-selected safety position information, and the second preset condition is used for screening the to-be-selected safety position information in the to-be-selected area library into safety position information.
Optionally, the first predetermined condition includes a time limit condition, and/or a usage number limit condition of the client application program, and/or a usage number limit condition of a specific function of the client application program, and the like.
The second predetermined condition includes a time limit condition, and/or a usage number limit condition of the client application, and/or a usage number limit condition of a specific function of the client application, and the like.
The time limit condition is a limit condition in which the cumulative time for logging in the client application within a predetermined time is equal to or longer than a predetermined cumulative time. If the preset time of the area library to be selected is 24 hours, the preset accumulated time is 45 minutes; the predetermined time of the safety zone library is 24 hours, and the predetermined cumulative time is 60 minutes. Setting: and in 24 hours, the login time at the place A is accumulated for 60 minutes, the login time at the place B is accumulated for 40 minutes, and the login time at the place C is accumulated for 45 minutes, so that the position information corresponding to the place A and the place C is stored in the region library to be selected. And only the login time accumulation of the point A in the area library to be selected within 24 hours is more than or equal to 60 minutes, and the position information corresponding to the point A is stored in the safe area library.
The usage count limit condition of the client application is a limit condition in which the cumulative number of times the client application is used within a predetermined time is equal to or greater than a predetermined cumulative number of times of use. If the preset time of the area library to be selected is 48 hours, the preset use accumulated times are 5 times; the predetermined time of the safety area library is 24 hours, and the predetermined cumulative number of uses is 3. Setting: and in 48 hours, the accumulative times of using the client application program at the site A are 6 times, the accumulative times of using the client application program at the site B are 5 times, and the accumulative times of using the client application program at the site C are 2 times, so that the position information corresponding to the site A and the site B is stored in the candidate area library. And in 24 hours, the accumulative times of using the client application program at the site A are 3 times, and the accumulative times of using the client application program at the site B are 2 times, so that the position information corresponding to the site A is stored in the safe area library.
The limit condition for the number of times of use of the specific function of the client application is a limit condition in which the number of times of cumulative use of the specific function of the client application within a predetermined time is equal to or greater than the number of times of cumulative use of the specific function. Wherein the specific function may be a payment function, a check-in function, etc. If the concerned specific function is the check-in function, the preset time of the region library to be selected is 48 hours, and the accumulated times of the specific function are 5 times; the predetermined time of the safety area library is 48 hours, and the number of times of accumulation of the specific function is 8. Setting: within 48 hours, the cumulative number of times of using the check-in function of the client application program at the location a is 10 times, the cumulative number of times of using the check-in function of the client application program at the location B is 8 times, and the cumulative number of times of using the check-in function of the client application program at the location C is 2 times, and then the location information corresponding to the location a and the location B is stored in the candidate area library. And the accumulated times of using the check-in function in 48 hours of the site A and the site B in the area library to be selected are both more than or equal to 8 times, and the position information corresponding to the site A and the site B is stored in the safe area library.
Typically, the constraints of the second predetermined condition are stricter than the constraints of the first predetermined condition. In addition, the present invention does not limit the range of the predetermined time, the range of the predetermined cumulative time, the range of the predetermined usage cumulative count, and the range of the specific function cumulative count in the first predetermined condition and the second predetermined condition.
Of course, the secure position information in the secure area library may be screened out by arbitrarily combining the restriction conditions included in the first predetermined condition and the second predetermined condition.
The second mode is as follows: and the server receives the acquisition position information uploaded by the mobile terminal, and stores the acquisition position information meeting a third preset condition in the safe area library, wherein the third preset condition is used for screening the acquisition position information uploaded by the mobile terminal into safe position information.
Wherein the third predetermined condition comprises a time limit condition, and/or a usage number limit condition of the client application program, and/or a usage number limit condition of a specific function of the client application program, etc. It can be seen that the third predetermined condition is the same type as the first predetermined condition and the second predetermined condition set forth in the first mode. Therefore, the description of the time limitation condition, the usage time limitation condition of the client application program, and the usage time limitation condition of the specific function of the client application program in the third predetermined condition are not repeated one by one.
The restriction conditions included in the third predetermined condition may also be combined as desired to screen out the safety position information in the safety area library.
It should be noted that the difference between the first method and the second method is that the first method performs two-time screening on the collected location information uploaded by the mobile terminal, and the second method performs one-time screening on the collected location information uploaded by the mobile terminal.
The third mode is as follows: the server receives user-defined position information which is uploaded by the mobile terminal and input by a user, wherein the user is a user holding the mobile terminal; and receiving the password to be verified uploaded by the mobile terminal, and storing the user-defined position information into the safe area library when the password to be verified is matched with the verification password.
The user can select a relevant place or route on the map as safe position information, then inputs a password to be verified, the mobile terminal matches the password to be verified with the verification password, and when the matching is successful, the obtained position information corresponding to the relevant place or route selected by the user is used as user-defined position information and the user-defined position information is uploaded to the server.
The mode is a mode that a user manually inputs the safe position information, and the safety of the user-defined position information is ensured through the protection of a verification mechanism.
In the first three modes, the safety position information is a range formed by taking the determined safety position as a center and taking a first preset error range as a radius. The first predetermined error range is used to represent an error range of the secure position information in the secure area library.
If the point A is the center of a circle, the safety regions are all input in the circle formed by taking 500 meters as the radius.
The fourth mode is that: the server receives the BSSID (basic service set identity) to be selected uploaded by the mobile terminal, and stores the wireless network position information corresponding to the BSSID to be selected, which meets the fourth preset condition, into the security area library.
The BSSID includes a router ID (Identity), an ID of an electronic device such as a computer, a mobile phone, or a tablet when the electronic device becomes a hot spot, and the like.
The fourth predetermined condition includes a time limit condition, and/or a number of uses limit condition of the wireless network. The time limit condition and the wireless network usage number limit condition are the same as those of the first embodiment described above, except that the object of the first embodiment is a client application and the object of the second embodiment is a wireless network.
When the user uses the client application program, the mobile terminal detects whether the account logs in the client application program through a wireless network. When the account logs in the client application program through a wireless network, the wireless network is used as a wireless network to be selected, the BSSID to be selected is uploaded to a server, the server detects whether the BSSID to be selected meets a fourth preset condition, when the BSSID to be selected meets the fourth preset condition, the wireless network position corresponding to the BSSID to be selected is obtained, and the wireless network position information is stored in a safe area library.
In the fourth mode, the first predetermined error range corresponding to the secure location information in the secure area library is not a fixed value, but the coverage ranges of the wireless networks to be selected meeting the fourth predetermined condition are all secure areas.
It should be noted that, it can be seen that the first manner and the second manner are parallel, and the third manner and the fourth manner are not parallel to each other, and the first manner and the second manner are not parallel to each other, so that the first manner to the fourth manner can be regarded as a scheme for independently generating or updating the secure area library; or may be a complement of each other (wherein the first and second modes are not mutually complementary).
Further optionally, after step 104, the method may further include: the server periodically detects the use condition of the safe position information of the client application program in the safe area library; when the safety position information is the self-defined position information and is not used within the first preset detection time, deleting the safety position information which is not used within the first preset detection time from the safety area library; and when the safe position information is the non-self-defined position information and is not used within the second preset detection time, deleting the safe position information which is not used within the second preset detection time from the safe area library.
The invention does not limit the cycle time for detecting the safe area library, and different cycle times can be provided according to the actual situation, such as 30 days or 90 days.
The present invention also does not limit the scope of the first predetermined detection time and the second predetermined detection time. For example, the server detects the use condition of the secure location information (the location information corresponding to the location a, the location B, and the location C) of the client application program in the secure area library every 90 days, determines whether the location information corresponding to the location a is not used within 300 days when the location information corresponding to the location a is the custom location information (the location information manually input by the user), and deletes the location information corresponding to the location a from the secure area library if the location information corresponding to the location a is not used within 300 days; if the location information corresponding to the location a is used within 300 days, the location information corresponding to the location a is retained in the secure area library. And if the position information corresponding to the B site is not used in 100 days and the position information corresponding to the C site is used in 100 days, deleting the position information corresponding to the B site from the safe area library and reserving the position information corresponding to the C site.
As can be seen from the above example, the first predetermined time is 300 days, and the second predetermined time is 100 days. Of course, the ranges of the first predetermined time and the second predetermined time may coincide.
The first predetermined time is generally set to be greater than the second predetermined time, because the first predetermined time is used to filter the customized location information, and the customized location information is the location information manually input by the user, which indicates that the probability of using the location by the user is relatively high, so as to improve the user experience and prolong the detection and use condition of the customized location information.
Further optionally, after step 104, that is, after the method of the present invention further includes: and when the password to be verified is matched with the verification password, after the client application program is opened, the server stores the account position information which is unsuccessfully matched with the safety position information into the safety region library.
Further optionally, the verification password in the invention may be a visual operation password, mobile phone authentication information, mailbox binding information or real name authentication information.
For the convenience of user operation, the verification password in the invention is preferably a visual operation password. The visual operation password can be a map password, a graphic password and the like. Wherein the graphical password is a graphic input by the user. The map password is a password formed by the user selecting a place on the map carried by the client application program. Typically, at least one selected location may be included on the map password. Preferably, the selected place may be three points in case of safety and convenient operation. In the present invention, points in the map password may be represented by latitude and longitude.
Optionally, the predetermined error range is set, that is, the ranges are all correct ranges by taking the selected point as the center of a circle and taking the predetermined error range value as a radius. The value of the predetermined error range is different according to different situations, for example, the predetermined error range is 100 meters.
In step 104, when the password (password to be verified) in the verification mechanism is the map password, and the server matches the password to be verified with the verification password, when the error range of the password to be verified and the verification password is within the predetermined error range, the server considers that the password to be verified and the verification password are matched.
Specifically, after the checking mechanism is started, a map carried by the client application program is displayed on the mobile terminal, the mobile terminal receives a place selected by a user on the map, the longitude and latitude of the selected place are uploaded to the server, and then the server matches the longitude and latitude of the uploaded place with the longitude and latitude of the place in the map password. And when the longitude and latitude of the uploaded place are successfully matched with the longitude and latitude of the place in the map password, the server indicates the client application program to be opened, otherwise, indicates the client application program to be kept closed.
By adopting the embodiments of the invention, the account of the client application program is prevented from being bound with the mobile terminal, and the problem of cross-regional stealing of the account is prevented, so that the account security of the client application program is ensured.
As shown in fig. 2, an embodiment of the present invention provides an apparatus 20 for managing a client application, where the apparatus 20 is applied to a server corresponding to the client application, and the server includes a secure area library, where the secure area library includes secure location information where an account of the client application is registered, and the apparatus 20 includes: a receiving module 201, a matching module 202 and an indication opening module 203.
The receiving module 201 is configured to receive account location information uploaded by a mobile terminal when the client application is in a login state or a use state, and provide the account location information to the matching module 202, where the mobile terminal is a mobile terminal where an account is located, and the account location information is location information where the mobile terminal is located.
A matching module 202, configured to match the account location information with the secure location information in the secure enclave.
And the instruction opening module 203 is used for instructing the client application program to open when the account position information is successfully matched with the safety position information.
The receiving module 201 is further configured to receive a password to be verified uploaded by the mobile terminal when the account location information fails to match the secure location information, and provide the password to be verified to the matching module 202.
The matching module 202 is further configured to match the password to be verified with the verification password, where the verification password is a password used for verifying the password to be verified.
And the instruction starting module 203 is further configured to instruct the client application program to be started when the password to be verified matches the verification password.
As shown in fig. 3, an embodiment of the present invention provides another management apparatus 30 for a client application, where the apparatus 30 further includes: a storage module 204, a detection module 205 and a deletion module 206.
The receiving module 201 is further configured to receive the collection position information uploaded by the mobile terminal, and provide the collection position information to the storage module 204.
Optionally, the storage module 204 is configured to store the acquisition position information meeting the first predetermined condition in a to-be-selected area library; and storing the safety position information to be selected in the area library to be selected, which meets a second preset condition, into the safety area library, wherein the area library to be selected is used for storing the safety position information to be selected required by the safety area library.
Optionally, the storage module 204 is further configured to store the acquisition position information meeting a third predetermined condition in a safe area library, where the third predetermined condition is used to filter the acquisition position information uploaded by the mobile terminal into safe position information.
Further optionally, the receiving module 201 is further configured to receive user-defined location information uploaded by the mobile terminal and input by a user, and provide the user-defined location information to the storage module 204, where the user is a user holding the mobile terminal. When the password to be verified is matched with the verification password, the storage module 204 stores the user-defined position information into the safe area library.
Further optionally, the receiving module 201 is further configured to receive a candidate wireless network identity ID uploaded by the mobile terminal, and provide the candidate BSSID to the storage module 204. The storage module 204 stores the wireless network location information corresponding to the BSSID to be selected, which meets the fourth predetermined condition, into the secure area library.
Further optionally, after the unlocking module 203 is instructed to open the client application program when the password to be verified matches the verification password, the storage module 204 stores the account location information that fails to match the secure location information into the secure repository.
Further optionally, the detecting module 205 is configured to periodically detect a usage situation of the secure location information of the client application in the secure enclave.
When the secure location information is the custom location information and is not used within the first predetermined detection time, the deleting module 206 deletes the secure location information that is not used within the first predetermined detection time from the secure repository; and when the safe position information is the non-self-defined position information and is not used within the second preset detection time, deleting the safe position information which is not used within the second preset detection time from the safe area library.
Wherein the first predetermined condition comprises a time limit condition, and/or a use number limit condition of the client application program, and/or a use number limit condition of a specific function of the client application program; the second predetermined condition comprises a time limit condition, and/or a use number limit condition of the client application program, and/or a use number limit condition of a specific function of the client application program; the third predetermined condition comprises a time limit condition, and/or a use number limit condition of the client application program, and/or a use number limit condition of a specific function of the client application program; the fourth predetermined condition includes a time limit condition, and/or a number of uses limit condition of the wireless network. The detailed description about the first predetermined condition, the second predetermined condition, the third predetermined condition, and the fourth predetermined condition may refer to the description on the method side described above.
The invention avoids binding the account of the client application program with the mobile terminal, and prevents the problem of cross-region stealing of the account, thereby ensuring the account security of the client application program.
It will be clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to perform all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (11)

1. A management method of a client application program is applied to a server corresponding to the client application program, the server comprises a safe area library, the safe area library comprises safe position information of an account where the client application program is registered, and the method comprises the following steps:
when the client application program is in a login state or a use state, receiving account position information uploaded by a mobile terminal, wherein the mobile terminal is the mobile terminal where the account is located, and the account position information is the position information where the mobile terminal is located;
matching the account location information with the secure location information in the secure enclave store;
when the account location information is successfully matched with the secure location information, indicating the client application program to be opened;
and when the account position information is unsuccessfully matched with the safety position information, receiving a password to be verified uploaded by the mobile terminal, and when the password to be verified is matched with the verification password, indicating the client application program to be opened, wherein the verification password is used for verifying the password to be verified.
2. The method for managing a client application according to claim 1, wherein before receiving account location information uploaded by a mobile terminal at the time of the login or the use of the client application, the method further comprises:
receiving the acquisition position information uploaded by the mobile terminal, and storing the acquisition position information meeting a first preset condition into a to-be-selected area library; storing the safety position information to be selected in the area library to be selected, which meets a second preset condition, into the safety area library, wherein the area library to be selected is used for storing the safety position information to be selected required by the safety area library;
or,
and receiving the acquisition position information uploaded by the mobile terminal, and storing the acquisition position information meeting a third preset condition into the safe area library.
3. The method for managing a client application according to claim 1 or 2, further comprising:
periodically detecting usage of the secure location information of the client application in the secure enclave store;
when the safety position information is self-defined position information and is not used within a first preset detection time, deleting the safety position information which is not used within the first preset detection time from the safety area library;
when the safe position information is the non-user-defined position information and is not used within a second preset detection time, deleting the safe position information which is not used within the second preset detection time from the safe area library.
4. The method for managing a client application according to claim 3, wherein before receiving account location information uploaded by a mobile terminal at the time of the login or the use of the client application, the method further comprises:
receiving user-defined position information uploaded by the mobile terminal and input by a user, wherein the user is a user holding the mobile terminal; receiving the password to be verified uploaded by the mobile terminal, and storing the user-defined position information into the safe area library when the password to be verified is matched with the verification password;
or,
and receiving the basic service set identification BSSID (basic service set identification) to be selected uploaded by the mobile terminal, and storing the wireless network position information corresponding to the BSSID to be selected which meets a fourth preset condition into the safe area library.
5. The method for managing a client application according to claim 4,
the first preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the second preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the third preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the fourth predetermined condition includes a time limit condition, and/or a number of times of use limit condition of the wireless network.
6. The method for managing a client application according to any one of claims 1, 4 and 5, wherein after the client application is opened when the password to be verified matches the verification password, the method further comprises:
and storing the account position information which is failed to be matched with the safety position information into the safety area library.
7. The method for managing a client application according to any one of claims 6, wherein the verification password is a map password, the password to be verified is the map password, and the map password is a password formed by the user selecting a location on a map carried by the client application.
8. An apparatus for managing a client application, the apparatus being applied to a server corresponding to the client application, the server including a secure area repository including secure location information of an account where the client application is registered, the apparatus comprising:
the receiving module is used for receiving account position information uploaded by a mobile terminal when the client application program is in a login state or a use state, and providing the account position information to the matching module, wherein the mobile terminal is the mobile terminal where the account is located, and the account position information is the position information where the mobile terminal is located;
the matching module is used for matching the account position information with the safety position information in the safety area library;
the indication opening module is used for indicating the client application program to be opened when the account position information is successfully matched with the safety position information;
the receiving module is further configured to receive a password to be verified uploaded by the mobile terminal when matching between the account location information and the secure location information fails, and provide the password to be verified to the matching module;
the matching module is further used for matching the password to be verified with a verification password, wherein the verification password is used for verifying the password to be verified;
the indication opening module is further configured to indicate the client application program to be opened when the password to be verified is matched with the verification password.
9. The apparatus for managing client applications according to claim 8, wherein said apparatus further comprises: a storage module;
the receiving module is further configured to receive the acquisition position information uploaded by the mobile terminal, and provide the acquisition position information to the storage module;
the storage module is used for storing the acquisition position information meeting the first preset condition into a to-be-selected area library; storing the safety position information to be selected in the area library to be selected, which meets a second preset condition, into the safety area library, wherein the area library to be selected is used for storing the safety position information to be selected required by the safety area library;
the storage module is further used for storing the acquisition position information meeting a third preset condition into the safe area library;
the receiving module is further configured to receive user-defined location information uploaded by the mobile terminal and input by a user, and provide the user-defined location information to the storage module, where the user is a user holding the mobile terminal;
the storage module is further used for storing the user-defined position information into the safe area library when the password to be verified is matched with the verification password;
the receiving module is further configured to receive a BSSID of a basic service set identifier to be selected, which is uploaded by the mobile terminal, and provide the BSSID to be selected to the storage module;
the storage module is further configured to store wireless network location information corresponding to the BSSID to be selected, which meets a fourth predetermined condition, in the secure area library;
the storage module is further configured to store the account location information that fails to match the secure location information into the secure repository after the indication opening module opens the client application program when the password to be verified matches the verification password.
10. The apparatus for managing client applications according to claim 9, wherein said apparatus further comprises: a detection module and a deletion module;
the detection module is used for periodically detecting the use condition of the safe position information of the client application program in the safe area library;
the deleting module is used for deleting the safe position information which is not used in the first preset detection time from the safe area library when the safe position information is the self-defined position information and is not used in the first preset detection time; when the safe position information is the non-user-defined position information and is not used within a second preset detection time, deleting the safe position information which is not used within the second preset detection time from the safe area library.
11. The client application management apparatus according to claim 9 or 10,
the first preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the second preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the third preset condition comprises a time limit condition and/or a use number limit condition of the client application program and/or a use number limit condition of a specific function of the client application program;
the fourth predetermined condition includes a time limit condition, and/or a number of times of use limit condition of the wireless network.
CN201410610481.8A 2014-11-03 2014-11-03 A kind of management method and device of client application Active CN105635066B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410610481.8A CN105635066B (en) 2014-11-03 2014-11-03 A kind of management method and device of client application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410610481.8A CN105635066B (en) 2014-11-03 2014-11-03 A kind of management method and device of client application

Publications (2)

Publication Number Publication Date
CN105635066A true CN105635066A (en) 2016-06-01
CN105635066B CN105635066B (en) 2019-06-28

Family

ID=56049571

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410610481.8A Active CN105635066B (en) 2014-11-03 2014-11-03 A kind of management method and device of client application

Country Status (1)

Country Link
CN (1) CN105635066B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106101437A (en) * 2016-07-28 2016-11-09 宇龙计算机通信科技(深圳)有限公司 A kind of application defreezing method, device and mobile terminal
CN106453327A (en) * 2016-10-18 2017-02-22 北京深思数盾科技股份有限公司 Method and mobile terminal for logging in computer application with demand for identity authentication
CN106487798A (en) * 2016-10-25 2017-03-08 广东欧珀移动通信有限公司 Method of data synchronization and device
CN107248078A (en) * 2017-07-27 2017-10-13 广东欧珀移动通信有限公司 Mobile payment means of defence, mobile terminal and computer-readable recording medium
CN107733887A (en) * 2017-10-11 2018-02-23 四川省电科互联网加产业技术研究院有限公司 A kind of network safety system and method based on big data
CN109242480A (en) * 2017-07-10 2019-01-18 中国电信股份有限公司 Mobile terminal payment is counter to cheat method, fence control device and system
CN109714374A (en) * 2017-10-25 2019-05-03 朱铭赫 Building talkback method, apparatus and system
CN110162347A (en) * 2019-05-15 2019-08-23 苏州达家迎信息技术有限公司 A kind of application program launching method, device, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080052395A1 (en) * 2003-02-28 2008-02-28 Michael Wright Administration of protection of data accessible by a mobile device
CN101373528A (en) * 2007-08-21 2009-02-25 联想(北京)有限公司 Electronic payment system, device and method based on position authentication
CN102413074A (en) * 2011-11-30 2012-04-11 向进轮 Method for detecting login of instant messenger terminal in another place
CN102713953A (en) * 2010-07-29 2012-10-03 英特尔公司 Device, system, and method forlocation-based payment authorization
CN103167403A (en) * 2011-12-15 2013-06-19 ***通信集团四川有限公司 Authentication method and system of electronic channel service
CN103338188A (en) * 2013-06-08 2013-10-02 北京大学 Dynamic authentication method of client side suitable for mobile cloud
CN103532797A (en) * 2013-11-06 2014-01-22 网之易信息技术(北京)有限公司 Abnormity monitoring method and device for user registration

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080052395A1 (en) * 2003-02-28 2008-02-28 Michael Wright Administration of protection of data accessible by a mobile device
CN101373528A (en) * 2007-08-21 2009-02-25 联想(北京)有限公司 Electronic payment system, device and method based on position authentication
CN102713953A (en) * 2010-07-29 2012-10-03 英特尔公司 Device, system, and method forlocation-based payment authorization
CN102413074A (en) * 2011-11-30 2012-04-11 向进轮 Method for detecting login of instant messenger terminal in another place
CN103167403A (en) * 2011-12-15 2013-06-19 ***通信集团四川有限公司 Authentication method and system of electronic channel service
CN103338188A (en) * 2013-06-08 2013-10-02 北京大学 Dynamic authentication method of client side suitable for mobile cloud
CN103532797A (en) * 2013-11-06 2014-01-22 网之易信息技术(北京)有限公司 Abnormity monitoring method and device for user registration

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106101437A (en) * 2016-07-28 2016-11-09 宇龙计算机通信科技(深圳)有限公司 A kind of application defreezing method, device and mobile terminal
CN106453327A (en) * 2016-10-18 2017-02-22 北京深思数盾科技股份有限公司 Method and mobile terminal for logging in computer application with demand for identity authentication
CN106487798A (en) * 2016-10-25 2017-03-08 广东欧珀移动通信有限公司 Method of data synchronization and device
CN109242480A (en) * 2017-07-10 2019-01-18 中国电信股份有限公司 Mobile terminal payment is counter to cheat method, fence control device and system
CN107248078A (en) * 2017-07-27 2017-10-13 广东欧珀移动通信有限公司 Mobile payment means of defence, mobile terminal and computer-readable recording medium
CN107733887A (en) * 2017-10-11 2018-02-23 四川省电科互联网加产业技术研究院有限公司 A kind of network safety system and method based on big data
CN107733887B (en) * 2017-10-11 2020-12-08 四川省电科互联网加产业技术研究院有限公司 Network security system and method based on big data
CN109714374A (en) * 2017-10-25 2019-05-03 朱铭赫 Building talkback method, apparatus and system
CN110162347A (en) * 2019-05-15 2019-08-23 苏州达家迎信息技术有限公司 A kind of application program launching method, device, equipment and storage medium
CN110162347B (en) * 2019-05-15 2023-05-16 苏州达家迎信息技术有限公司 Application program starting method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN105635066B (en) 2019-06-28

Similar Documents

Publication Publication Date Title
CN105635066A (en) Management method and device of client application program
US11669338B2 (en) Device locator disable authentication
US10515203B2 (en) Method and system for improving security of a mobile terminal
US9703931B2 (en) Method and system for authenticating and monitoring home health interactions
CN104601324B (en) A kind of verification method, terminal and system for application
CN107689097B (en) Synchronizing Passwords based on frequency hopping generate and verify system and its application
CN104954383A (en) Application program login method and system
TR201810890T4 (en) A method and system that protects against identity theft or copy abuse.
CN104246785A (en) System and method for crowdsourcing of mobile application reputations
WO2012170489A2 (en) Situation aware security system and method for mobile devices
CN102497635A (en) Server, terminal and account password acquisition method
WO2013166886A1 (en) Anti-theft method, device and system for portable computer equipment
CN107154919B (en) Safe login method and device
CN105530356A (en) Mobile communication terminal and data protection method and device thereof
CN107872440B (en) Identity authentication method, device and system
CN102316132A (en) The network equipment login method and the network equipment
US20150094023A1 (en) Retroactively Securing a Mobile Device From a Remote Source
US20160142916A1 (en) Data Stitching For Networked Automation
CN105894640B (en) A kind of guest room door lock management method and device
CN110930561B (en) Control method and device of intelligent lock
CN107835162B (en) Software digital permit server gives the method and software digital permit server that permission is signed and issued in the license of software developer's software digital
WO2015102186A1 (en) Method for restricting use of terminal and system therefor
CN106507300A (en) A kind of method for giving loss terminal for change, device and terminal
Utomo et al. Multifactor authentication on mobile secure attendance system
CN110569671A (en) Privacy protection method and related device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant