CN108427880A - The method and device of program operation - Google Patents
The method and device of program operation Download PDFInfo
- Publication number
- CN108427880A CN108427880A CN201810211954.5A CN201810211954A CN108427880A CN 108427880 A CN108427880 A CN 108427880A CN 201810211954 A CN201810211954 A CN 201810211954A CN 108427880 A CN108427880 A CN 108427880A
- Authority
- CN
- China
- Prior art keywords
- program
- digital certificate
- signing messages
- described program
- authority information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
An embodiment of the present invention provides a kind of methods of program operation, are applied to mobile internet technical field, and this method includes:When detecting that program starts operation, the corresponding signing messages of reading program is then based on the corresponding signing messages of program, determine the corresponding digital certificate of signing messages, then the corresponding authority information of setting digital certificate, and the authority information based on setting, run program.An embodiment of the present invention provides a kind of method and devices of program operation to be suitable for system based on the authority information being arranged, and runs program.
Description
Technical field
The present invention relates to mobile internet technical fields, specifically, the present invention relates to a kind of program operation method and
Device.
Background technology
Binary signature mechanism is the method for proving program based on cryptography, and program is before not running, necessarily one
The form of kind binary file, system is when loading binary file, in order to confirm the legitimate origin of program, checking routine file
The digital signature of itself, and when be calculated according to Cryptography Principles as a result, and determine digital signature it is correct when, run the journey
Sequence, wherein digital signature it is practical be also program binary file a part.
After program sign test passes through, system determines the user information for executing the program, and is weighed based on user information and operation
Correspondence between limit information determines the corresponding operation authority information of the program, for example, the permission of a certain interface is called to believe
Breath, and the program is run based on determining operation authority information.
However, after program sign test passes through, the user that the corresponding authority information of the program as executes the program is corresponding
Authority information, i.e., the corresponding operation authority information all same of whole programs executed by the user, since user information is not
Certain safety, therefore determine that the operation authority information safety for whole programs that the user executes is relatively low by user information,
Safety so as to cause program operation is relatively low.
Invention content
To overcome above-mentioned technical problem or solving above-mentioned technical problem at least partly, spy proposes following technical scheme:
The embodiment of the present invention provides a kind of method of program operation according to the first aspect, including:
When detecting that program starts operation, the corresponding signing messages of reading program;
Based on the corresponding signing messages of program, the corresponding digital certificate of signing messages is determined;
The corresponding authority information of digital certificate, and the authority information based on setting are set, program is run.
Specifically, the step of being based on the corresponding signing messages of program, determining signing messages corresponding digital certificate, including:
Based on the digital certificate identification information carried in the corresponding signing messages of program, the corresponding number of signing messages is determined
Certificate;And/or
By each digital certificate for being stored in the system successively corresponding signing messages of sign test program, signing messages pair is determined
The digital certificate answered.
Specifically, the step of reading program corresponding signing messages, including:
The corresponding signing messages of reading program from external memory.
Specifically, the step of being based on authority information, running program, including:
Based on for digital certificate current setting authority information and/or be directed to the preset authority information of digital certificate, really
Determine the corresponding authority information of program;
Based on the corresponding authority information of fixed program, program is run.
Specifically, the signing messages of program further includes:The cipher text part of signing messages;Based on digital certificate sign test program pair
The mode for the signing messages answered, including:
Hash operation is carried out to the sequence instruction of program, obtain Hash operation as a result, and,
Based on the public key information in digital certificate, the cipher text part of signing messages is decrypted, decrypted result is obtained;
Compare Hash operation result and decrypted result;
When Hash operation result and identical decrypted result, the success of program sign test is determined.
The embodiment of the present invention additionally provides a kind of device of program operation according to the second aspect, including:
Read module, for when detect program start operation when, the corresponding signing messages of reading program;
Determining module, the corresponding signing messages of program for being read based on read module, determines that signing messages is corresponding
Digital certificate;
Setup module, for the corresponding authority information of digital certificate to be arranged;
Module is run, the authority information for being arranged based on setup module runs program.
Specifically, it is determined that module, specifically for identifying letter based on the digital certificate carried in the corresponding signing messages of program
Breath, determines the corresponding digital certificate of signing messages;
Determining module is specifically additionally operable to through each digital certificate for being stored in the system successively corresponding signature of sign test program
Information determines the corresponding digital certificate of signing messages.
Specifically, read module is specifically used for the corresponding signing messages of reading program from external memory.
Specifically, operation module specifically includes:Determination unit, running unit;
Determination unit, for based on for digital certificate current setting authority information and/or for digital certificate it is default
Authority information, determine the corresponding authority information of program;
Running unit runs program for being based on the corresponding authority information of fixed program.
Further, the signing messages of program further includes:The cipher text part of signing messages;The device further includes:Sign test mould
Block;
Sign test module, for carrying out Hash operation to the sequence instruction of program, obtain Hash operation as a result, and, be based on
Public key information in digital certificate is decrypted the cipher text part of signing messages, obtains decrypted result;
Sign test module is additionally operable to compare Hash operation result and decrypted result;
Sign test module is additionally operable to when Hash operation result and identical decrypted result, determines the success of program sign test.
The embodiment of the present invention additionally provides a kind of equipment, including memory, processor and storage according in terms of third
On a memory and the computer program that can run on a processor, which is characterized in that processor realizes first when executing program
The method that program shown in a aspect is run.
The present invention provides a kind of method and devices of program operation, and compared with prior art, the present invention, which works as, detects journey
When sequence starts operation, the corresponding signing messages of reading program is then based on the corresponding signing messages of program, determines signing messages pair
Then the digital certificate answered is arranged the corresponding authority information of digital certificate, and the authority information based on setting, runs program.I.e.
When Program each run of the present invention, it is required to carry out sign test to program by digital certificate, and after sign test passes through, be based on
The permission for the digital certificate being arranged in real time runs the program, therefore system is when program starts and runs, be just journey to be run
Sequence setting operation permission, and same user executes the possible difference of the corresponding operation permission of distinct program, and same program is every
The operation permission of secondary operation may also be different, so as to promote the safety of program operation.
The additional aspect of the present invention and advantage will be set forth in part in the description, these will become from the following description
Obviously, or practice through the invention is recognized.
Description of the drawings
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments
Obviously and it is readily appreciated that, wherein:
Fig. 1 is the method flow diagram that a kind of program of the embodiment of the present invention is run;
Fig. 2 is the apparatus structure schematic diagram that a kind of program of the embodiment of the present invention is run;
Fig. 3 is the apparatus structure schematic diagram that another program of the embodiment of the present invention is run.
Specific implementation mode
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end
Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached
The embodiment of figure description is exemplary, and is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one
It is a ", " described " and "the" may also comprise plural form.It is to be further understood that is used in the specification of the present invention arranges
It refers to there are the feature, integer, step, operation, element and/or component, but it is not excluded that presence or addition to take leave " comprising "
Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member
Part is " connected " or when " coupled " to another element, it can be directly connected or coupled to other elements, or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " may include being wirelessly connected or wirelessly coupling.It is used herein to arrange
Diction "and/or" includes that the whole of one or more associated list items or any cell are combined with whole.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific terminology), there is meaning identical with the general understanding of the those of ordinary skill in fields of the present invention.Should also
Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art
The consistent meaning of meaning, and unless by specific definitions as here, the meaning of idealization or too formal otherwise will not be used
To explain.
It includes wireless communication that those skilled in the art of the present technique, which are appreciated that " terminal " used herein above, " terminal device " both,
The equipment of number receiver, only has the equipment of the wireless signal receiver of non-emissive ability, and includes receiving and transmitting hardware
Equipment, have on bidirectional communication link, can carry out two-way communication reception and emit hardware equipment.This equipment
May include:Honeycomb or other communication equipments are shown with single line display or multi-line display or without multi-line
The honeycomb of device or other communication equipments;PCS (Personal Communications Service, PCS Personal Communications System), can
With combine voice, data processing, fax and/or communication ability;PDA (Personal Digital Assistant, it is personal
Digital assistants), may include radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, day
It goes through and/or GPS (Global Positioning System, global positioning system) receiver;Conventional laptop and/or palm
Type computer or other equipment, have and/or the conventional laptop including radio frequency receiver and/or palmtop computer or its
His equipment." terminal " used herein above, " terminal device " they can be portable, can transport, be mounted on the vehicles (aviation,
Sea-freight and/or land) in, or be suitable for and/or be configured in local runtime, and/or with distribution form, operate in the earth
And/or any other position operation in space." terminal " used herein above, " terminal device " can also be communication terminal, on
Network termination, music/video playback terminal, such as can be PDA, MID (Mobile Internet Device, mobile Internet
Equipment) and/or mobile phone with music/video playing function, can also be the equipment such as smart television, set-top box.
Embodiment one
An embodiment of the present invention provides a kind of methods of program operation, as shown in Figure 1, including:
Step 101, when detect program start operation when, the corresponding signing messages of reading program.
Specifically, the step of reading program corresponding signing messages, including:Reading program is corresponding from external memory
Signing messages.
For the embodiment of the present invention, external memory includes floppy disk, hard disk, CD, USB flash disk, mobile hard disk and disk etc..
For the embodiment of the present invention, when a certain program is run, which sends operation request message to system, works as system
When detecting the operation request message, sequence instruction information and the program that the program is read from external memory correspond to
Signing messages.
Step 102 is based on the corresponding signing messages of program, determines the corresponding digital certificate of signing messages.
For the embodiment of the present invention, a signing messages corresponds to a digital certificate.In embodiments of the present invention, in system
Store multiple digital certificates, after system reads the program corresponding signing messages, by using multiple digital certificates according to
Secondary sign test determines the corresponding digital certificate of the signing messages;And/or the mark based on the digital certificate carried in signing messages
Information determines the corresponding digital certificate of the signing messages.
Step 103, the corresponding authority information of setting digital certificate.
For the embodiment of the present invention, after system determines the signing messages of the program corresponding digital certificate, label should
The corresponding digital certificate of signing messages of program, and the corresponding authority information of the digital certificate is set.
For example, there is currently two programs to be run, including program 1 and program 2, wherein the signature of label program 1
The corresponding digital certificate of information is A, and the corresponding digital certificate of signing messages of label program 2 is B, and setting digital certificate A is corresponded to
Authority information be authority information 1, the corresponding authority informations of digital certificate B be authority information 2.
Include multiple Permission Levels for the embodiment of the present invention, in system, each Permission Levels can correspond to different power
Limit information.In embodiments of the present invention, after determining the signing messages of a certain program corresponding digital certificate, system can be
The digital certificate distributes Permission Levels, to according to Permission Levels, determine the corresponding operation authority information of the program.
For the embodiment of the present invention, after system determines the signing messages of the program corresponding digital certificate, label should
Digital certificate, and by label identical with digital certificate, mark the program.In embodiments of the present invention, in program operation
In the process, when the program needs to call a certain interface, or calls a certain function, the label based on the program, the program
Authority information, to determine whether the program can call a certain interface or a certain function of calling.
For the embodiment of the present invention, by the corresponding digital certificate of signing messages to program and the program into rower
Note, can be during program run, such as when calling a certain interface, rapidly and accurately determines that the permission of the program is believed
Breath, to determine whether to continue to run with the program, so as to further improve the safety of program operation.
Step 104, the authority information based on setting run program.
For the embodiment of the present invention, the sequence instruction information of the program based on reading and the authority information of setting, fortune
The row program.
An embodiment of the present invention provides a kind of methods of program operation, and compared with prior art, the embodiment of the present invention is when inspection
When measuring program startup operation, the corresponding signing messages of reading program is then based on the corresponding signing messages of program, determines signature
Then the corresponding digital certificate of information is arranged the corresponding authority information of digital certificate, and the authority information based on setting, runs journey
Sequence.I.e. Program of the embodiment of the present invention each run when, be required to carry out sign test to program by digital certificate, and in sign test
By rear, which is run based on the permission for the digital certificate being arranged in real time, therefore system is just when program starts and runs
Program setting operation permission to be run, and same user executes the possible difference of the corresponding operation permission of distinct program, and
The operation permission of same program each run may also be different, so as to promote the safety of program operation.
Embodiment two
The alternatively possible realization method of the embodiment of the present invention further includes implementing on the basis of shown in embodiment one
It is operated shown in example two, wherein
Step 102 specifically includes step 1021 (being not marked in figure) and/or step 1022 (being not marked in figure), wherein
Step 1021, based on the digital certificate identification information carried in the corresponding signing messages of program, determine signing messages
Corresponding digital certificate.
For the embodiment of the present invention, multiple digital certificates are stored in system, when system reads the corresponding signature of the program
After information, the identification information of the corresponding digital certificate of the signing messages is obtained from the signing messages, is based on the identification information
The corresponding digital certificate of the signing messages is determined from multiple digital certificates of storage.In embodiments of the present invention, it is somebody's turn to do when determining
After the corresponding digital certificate of signing messages, by the signing messages of the digital certificate authentication program, after sign test passes through,
The program can just be run.
For the embodiment of the present invention, by obtaining the identification information of digital certificate, Neng Gouji from the signing messages of program
The corresponding digital certificate of the signing messages of the program is directly determined in the identification information, and is passed through by the digital certificate sign test
Afterwards, the program is run, so as to reduce the time of program operation, and then user experience can be promoted.
Specifically, the signing messages of program includes:The cipher text part of digital certificate identification information and signing messages;It is based on
The mode of the corresponding signing messages of digital certificate sign test program, including:Hash operation is carried out to the sequence instruction of described program, is obtained
To Hash operation as a result, and, based on the public key information in digital certificate, the cipher text part of the signing messages is solved
It is close, obtain decrypted result;Compare Hash operation result and decrypted result;When Hash operation result and decrypted result are identical
When, determine the success of program sign test.
Step 1022, by each digital certificate for being stored in the system successively corresponding signing messages of sign test program, determine
The corresponding digital certificate of signing messages.
For the embodiment of the present invention, multiple digital certificates are store in system, when system reads the corresponding signature of the program
It is random from multiple digital certificates to choose a digital certificate successively after information, the corresponding signing messages of the program is carried out
Verification until being verified, and determines the digital certificate being verified to the corresponding signing messages of the program.Implement in the present invention
In example, system can carry out sign test from inner nuclear layer to the signing messages of program.
Specifically, the signing messages of program includes:The cipher text part of digital certificate identification information and signing messages;It is based on
The mode of the corresponding signing messages of digital certificate sign test program, including:Hash operation is carried out to the sequence instruction of program, is breathed out
Uncommon operation result, and, based on the public key information in digital certificate, the cipher text part of signing messages is decrypted, is solved
Close result;Compare Hash operation result and decrypted result;When Hash operation result and identical decrypted result, program is determined
Sign test success.
Embodiment three
The alternatively possible realization method of the embodiment of the present invention, on the basis of shown in embodiment one or embodiment two,
Further include being operated shown in embodiment three, wherein
- step 1042 (being not marked in figure) (is not marked in figure) including step 1041 in step 104, wherein
Step 1041, based on for digital certificate current setting authority information and/or be directed to the preset power of digital certificate
Limit information determines the corresponding authority information of program.
For the embodiment of the present invention, system can pre-set the corresponding authority information of each digital certificate.At this
Inventive embodiments, it is pre-set each based on this after system determines the signing messages of the program corresponding digital certificate
The corresponding authority information of a digital certificate, determines the corresponding authority information of the digital certificate, and this corresponds to digital certificate
Authority information be determined as the corresponding authority information of the program;System can also determine the corresponding with signing messages of the program
Digital certificate after, the corresponding authority information of the digital certificate, and the authority information being arranged for the digital certificate are set,
It is determined as the corresponding authority information of the program;Can also by based on for digital certificate current setting authority information and be directed to
The intersection of the preset authority information of digital certificate between the two, is determined as the corresponding authority information of the program.Implement in the present invention
It is not limited in example.
Step 1042 is based on the corresponding authority information of fixed program, runs program.
For the embodiment of the present invention, after system determines the program corresponding authority information, it is based on fixed power
Limit information runs the program.
An embodiment of the present invention provides a kind of devices of program operation, as shown in Fig. 2, the device includes:Read module 21,
Determining module 22, setup module 23, operation module 24, wherein
Read module 21, for when detect program start operation when, the corresponding signing messages of reading program.
Determining module 22, the corresponding signing messages of program for being read based on read module 21, determines signing messages pair
The digital certificate answered.
Setup module 23, for the corresponding authority information of digital certificate to be arranged.
Module 24 is run, the authority information for being arranged based on setup module 23 runs program.
Specifically, it is determined that module 22, specifically for being identified based on the digital certificate carried in the corresponding signing messages of program
Information determines the corresponding digital certificate of signing messages.
Determining module 22 is specifically additionally operable to through each digital certificate for being stored in the system successively corresponding label of sign test program
Name information, determines the corresponding digital certificate of signing messages.
Specifically, read module 21 are specifically used for the corresponding signing messages of reading program from external memory.
Specifically, module 24 is run, is specifically included:Determination unit 241, running unit 242;
Determination unit 241, for based on for digital certificate current setting authority information and/or for digital certificate it is pre-
If authority information, determine the corresponding authority information of program.
Running unit 242 runs program for being based on the corresponding authority information of fixed program.
Further, as shown in figure 3, the device further includes:Sign test module 31.
Sign test module 31, for carrying out Hash operation to the sequence instruction of program, obtain Hash operation as a result, and, base
Public key information in digital certificate is decrypted the cipher text part of signing messages, obtains decrypted result.
Wherein, the signing messages of program further includes:The cipher text part of signing messages.
Sign test module 31 is additionally operable to compare Hash operation result and decrypted result.
Sign test module 31 is additionally operable to when Hash operation result and identical decrypted result, determines the success of program sign test.
An embodiment of the present invention provides a kind of devices of program operation, and compared with prior art, the embodiment of the present invention is when inspection
When measuring program startup operation, the corresponding signing messages of reading program is then based on the corresponding signing messages of program, determines signature
Then the corresponding digital certificate of information is arranged the corresponding authority information of digital certificate, and the authority information based on setting, runs journey
Sequence.I.e. Program of the embodiment of the present invention each run when, be required to carry out sign test to program by digital certificate, and in sign test
By rear, which is run based on the permission for the digital certificate being arranged in real time, therefore system is just when program starts and runs
Program setting operation permission to be run, and same user executes the possible difference of the corresponding operation permission of distinct program, and
The operation permission of same program each run may also be different, so as to promote the safety of program operation.
An embodiment of the present invention provides a kind of devices of program operation, are suitable for above method embodiment.It does not limit herein
It is fixed.
An embodiment of the present invention provides a kind of equipment, including memory, processor and storage on a memory and can located
The computer program run on reason device, which is characterized in that processor realizes that embodiment one is any to embodiment three when executing program
The method of program operation shown in.
An embodiment of the present invention provides a kind of equipment, and compared with prior art, the embodiment of the present invention, which is worked as, detects that program opens
When dynamic operation, the corresponding signing messages of reading program is then based on the corresponding signing messages of program, determines that signing messages is corresponding
Then digital certificate is arranged the corresponding authority information of digital certificate, and the authority information based on setting, runs program.That is this hair
When bright embodiment Program each run, it is required to carry out sign test to program by digital certificate, and after sign test passes through, base
The program is run in the permission for the digital certificate being arranged in real time, therefore system just waits running when program starts and runs
Program setting operation permission, and same user executes the possible difference of the corresponding operation permission of distinct program, and same program
The operation permission of each run may also be different, so as to promote the safety of program operation.
An embodiment of the present invention provides a kind of equipment, are suitable for above method embodiment.It does not limit herein.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for executing in operation described herein
One or more equipment.These equipment can specially be designed and be manufactured for required purpose, or can also include general
Known device in computer.These equipment have the computer program being stored in it, these computer programs are selectively
Activation or reconstruct.Such computer program can be stored in equipment (for example, computer) readable medium or be stored in
It e-command and is coupled to respectively in any kind of medium of bus suitable for storage, the computer-readable medium includes but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memory), RAM (Random Access Memory, immediately memory), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or light card
Piece.It is, readable medium includes by any Jie of equipment (for example, computer) storage or transmission information in the form of it can read
Matter.
Those skilled in the art of the present technique be appreciated that can with computer program instructions come realize these structure charts and/or
The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology is led
Field technique personnel be appreciated that these computer program instructions can be supplied to all-purpose computer, special purpose computer or other
The processor of programmable data processing method is realized, to pass through the processing of computer or other programmable data processing methods
Device come execute structure chart and/or block diagram and/or flow graph disclosed by the invention frame or multiple frames in specify scheme.
Those skilled in the art of the present technique are appreciated that in the various operations crossed by discussion in the present invention, method, flow
Steps, measures, and schemes can be replaced, changed, combined or be deleted.Further, each with having been crossed by discussion in the present invention
Other steps, measures, and schemes in kind operation, method, flow may also be alternated, changed, rearranged, decomposed, combined or deleted.
Further, in the prior art to have and step, measure, the scheme in various operations, method, flow disclosed in the present invention
It may also be alternated, changed, rearranged, decomposed, combined or deleted.
The above is only some embodiments of the present invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.
Claims (10)
1. a kind of method of program operation, which is characterized in that including:
When detecting that program starts operation, the corresponding signing messages of described program is read;
Based on the corresponding signing messages of described program, the corresponding digital certificate of the signing messages is determined;
The corresponding authority information of the digital certificate, and the authority information based on setting are set, described program is run.
2. according to the method described in claim 1, it is characterized in that, the corresponding signing messages of described program is based on, described in determination
The step of signing messages corresponding digital certificate, including it is at least one of following:
Based on the digital certificate identification information carried in the corresponding signing messages of described program, determine that the signing messages is corresponding
Digital certificate;
By each digital certificate for being stored in the system successively corresponding signing messages of sign test described program, the A.L.S. is determined
Cease corresponding digital certificate.
3. method according to claim 1 or 2, which is characterized in that the step of reading described program corresponding signing messages,
Including:
The corresponding signing messages of described program is read from external memory.
4. according to claim 1-3 any one of them methods, which is characterized in that be based on authority information, run described program
Step, including:
Based on for the digital certificate current setting authority information and/or for the digital certificate preset permission letter
Breath, determines the corresponding authority information of described program;
Based on the corresponding authority information of fixed described program, described program is run.
5. according to the method described in claim 2, it is characterized in that, the signing messages of described program further includes:The A.L.S.
The cipher text part of breath;
Based on the mode of the corresponding signing messages of digital certificate sign test program, including:
Hash operation is carried out to the sequence instruction of described program, obtain Hash operation as a result, and,
Based on the public key information in digital certificate, the cipher text part of the signing messages is decrypted, decrypted result is obtained;
Compare the Hash operation result and the decrypted result;
When the Hash operation result and the identical decrypted result, the success of described program sign test is determined.
6. a kind of device of program operation, which is characterized in that including:
Read module, for when detecting that program starts operation, reading the corresponding signing messages of described program;
Determining module, the corresponding signing messages of described program for being read based on the read module, determines the A.L.S.
Cease corresponding digital certificate;
Setup module, for the corresponding authority information of the digital certificate to be arranged;
Module is run, the authority information for being arranged based on the setup module runs described program.
7. device according to claim 6, which is characterized in that
The determining module, specifically for based on the digital certificate identification information carried in the corresponding signing messages of described program,
Determine the corresponding digital certificate of the signing messages;
The determining module, is specifically additionally operable to that sign test described program is corresponding successively by each digital certificate for being stored in system
Signing messages determines the corresponding digital certificate of the signing messages.
8. according to claim 6-7 any one of them devices, which is characterized in that the operation module specifically includes:It determines single
Member, running unit;
The determination unit, for based on for the digital certificate current setting authority information and/or be directed to the number
The preset authority information of certificate determines the corresponding authority information of described program;
The running unit runs described program for being based on the corresponding authority information of fixed described program.
9. device according to claim 7, which is characterized in that the signing messages of described program further includes:The A.L.S.
The cipher text part of breath;
Described device further includes:Sign test module;
The sign test module, for carrying out Hash operation to the sequence instruction of described program, obtain Hash operation as a result, and,
Based on the public key information in digital certificate, the cipher text part of the signing messages is decrypted, decrypted result is obtained;
The sign test module is additionally operable to compare the Hash operation result and the decrypted result;
The sign test module is additionally operable to, when the Hash operation result and the identical decrypted result, determine described program
Sign test success.
10. a kind of equipment, including memory, processor and storage are on a memory and the computer journey that can run on a processor
Sequence, which is characterized in that the processor realizes the side of claim 1-5 any one of them programs operation when executing described program
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810211954.5A CN108427880B (en) | 2018-03-07 | 2018-03-07 | Program running method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810211954.5A CN108427880B (en) | 2018-03-07 | 2018-03-07 | Program running method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108427880A true CN108427880A (en) | 2018-08-21 |
| CN108427880B CN108427880B (en) | 2022-09-16 |
Family
ID=63158607
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810211954.5A Active CN108427880B (en) | 2018-03-07 | 2018-03-07 | Program running method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108427880B (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020144107A1 (en) * | 2001-02-28 | 2002-10-03 | International Business Machines Corporation | Password exposure elimination for digital signature coupling with a host identity |
| US20040111375A1 (en) * | 2002-02-07 | 2004-06-10 | Oracle International Corporation | Methods and systems for authentication and authorization |
| US7213266B1 (en) * | 2000-06-09 | 2007-05-01 | Intertrust Technologies Corp. | Systems and methods for managing and protecting electronic content and applications |
| CN101073098A (en) * | 2004-12-07 | 2007-11-14 | 皇家飞利浦电子股份有限公司 | System and method for application management on multi-application smart cards |
| CN101872399A (en) * | 2010-07-01 | 2010-10-27 | 武汉理工大学 | Dynamic digital copyright protection method based on dual identity authentication |
| CN102340398A (en) * | 2010-07-27 | 2012-02-01 | ***通信有限公司 | Security policy setting and determining method, and method and device for executing operation by application program |
| CN102468961A (en) * | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Distributive enterprise identification authentication method, system and embedded terminal |
| CN103034796A (en) * | 2012-12-19 | 2013-04-10 | 福建联迪商用设备有限公司 | Method for grading authority of application program of intelligent terminal |
| CN103226482A (en) * | 2013-03-22 | 2013-07-31 | 深圳市九洲电器有限公司 | Method and device for guiding and starting set top box |
| US20150304309A1 (en) * | 2014-04-18 | 2015-10-22 | Symantec Corporation | Transmitting encoded digital certificate data to certificate authority using mobile device |
| CN105335197A (en) * | 2015-11-12 | 2016-02-17 | 珠海市君天电子科技有限公司 | Starting control method and device for application program in terminal |
| CN106022098A (en) * | 2016-05-10 | 2016-10-12 | 青岛海信传媒网络技术有限公司 | Signature verification method and device for application |
| CN106130740A (en) * | 2016-08-31 | 2016-11-16 | 北京信安世纪科技有限公司 | Digital certificate synchronous method, digital signature server and digital certificate synchronize system |
| CN107360126A (en) * | 2016-08-22 | 2017-11-17 | 天地融科技股份有限公司 | A kind of method, system and terminal that client is logged in using pattern identification code |
-
2018
- 2018-03-07 CN CN201810211954.5A patent/CN108427880B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7213266B1 (en) * | 2000-06-09 | 2007-05-01 | Intertrust Technologies Corp. | Systems and methods for managing and protecting electronic content and applications |
| US20020144107A1 (en) * | 2001-02-28 | 2002-10-03 | International Business Machines Corporation | Password exposure elimination for digital signature coupling with a host identity |
| US20040111375A1 (en) * | 2002-02-07 | 2004-06-10 | Oracle International Corporation | Methods and systems for authentication and authorization |
| CN101073098A (en) * | 2004-12-07 | 2007-11-14 | 皇家飞利浦电子股份有限公司 | System and method for application management on multi-application smart cards |
| CN101872399A (en) * | 2010-07-01 | 2010-10-27 | 武汉理工大学 | Dynamic digital copyright protection method based on dual identity authentication |
| CN102340398A (en) * | 2010-07-27 | 2012-02-01 | ***通信有限公司 | Security policy setting and determining method, and method and device for executing operation by application program |
| CN102468961A (en) * | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Distributive enterprise identification authentication method, system and embedded terminal |
| CN103034796A (en) * | 2012-12-19 | 2013-04-10 | 福建联迪商用设备有限公司 | Method for grading authority of application program of intelligent terminal |
| CN103226482A (en) * | 2013-03-22 | 2013-07-31 | 深圳市九洲电器有限公司 | Method and device for guiding and starting set top box |
| US20150304309A1 (en) * | 2014-04-18 | 2015-10-22 | Symantec Corporation | Transmitting encoded digital certificate data to certificate authority using mobile device |
| CN105335197A (en) * | 2015-11-12 | 2016-02-17 | 珠海市君天电子科技有限公司 | Starting control method and device for application program in terminal |
| CN106022098A (en) * | 2016-05-10 | 2016-10-12 | 青岛海信传媒网络技术有限公司 | Signature verification method and device for application |
| CN107360126A (en) * | 2016-08-22 | 2017-11-17 | 天地融科技股份有限公司 | A kind of method, system and terminal that client is logged in using pattern identification code |
| CN106130740A (en) * | 2016-08-31 | 2016-11-16 | 北京信安世纪科技有限公司 | Digital certificate synchronous method, digital signature server and digital certificate synchronize system |
Non-Patent Citations (3)
| Title |
|---|
| WEN-TAO ZHU等: "Generating Correlated Digital Certificates:Framework and Applications", 《网页在线公开:HTTPS://IEEEXPLORE.IEEE.ORG/STAMP/STAMP.JSP?TP=&ARNUMBER=7378493》 * |
| 李欣: "一种基于智能卡的Android权限管理方法研究", 《第27次全国计算机安全学术交流会》 * |
| 贺慧萍等: "应用程序用户权限机制研究", 《微计算机信息》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108427880B (en) | 2022-09-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111224788B (en) | Electronic contract management method, device and system based on block chain | |
| CN106899570A (en) | The processing method of Quick Response Code, apparatus and system | |
| CN110879903A (en) | Evidence storage method, evidence verification method, evidence storage device, evidence verification device, evidence storage equipment and evidence verification medium | |
| US20020038290A1 (en) | Digital notary system and method | |
| CN111160915A (en) | Bus code verification method and device, traffic code scanning equipment and terminal equipment | |
| US20100077446A1 (en) | Center apparatus, terminal apparatus, and authentication system | |
| KR20130048695A (en) | An authentication system, authentication method and authentication server | |
| US20130117572A1 (en) | Portable electronic device, system and method for authenticating a document associated with a geographical location | |
| CN109978557A (en) | Method, system and the method for membership's verifying of member registration | |
| CN110955921A (en) | Electronic signature method, device, equipment and storage medium | |
| CN107733898A (en) | A kind of data based on chain of evidence save implementation method, system and equipment from damage | |
| CN106230702A (en) | Identity information verification method, Apparatus and system | |
| US20160078415A1 (en) | Method and apparatus for digital ticket inspection | |
| CN108833104A (en) | A kind of signature method, verification method and the device of file | |
| CN105471920A (en) | Identifying code processing method and device | |
| CN105933273A (en) | Data verification method and server | |
| CN108427880A (en) | The method and device of program operation | |
| CN102023827B (en) | Print control apparatus, image forming apparatus and print control method | |
| CN106446714A (en) | Data access method and device of multi-clipboard | |
| CN107154920A (en) | Encryption method, decryption method and the reception device to receive security information of security information | |
| CN103327028A (en) | Method, system, server and clients for sharing services on mobile equipment | |
| CN108600180A (en) | A kind of image verification method and device based on block chain | |
| JP4883778B2 (en) | Authentication method and authentication system for authenticating information device by authentication device | |
| CN105554685B (en) | A kind of automobile interconnected method, apparatus and system | |
| CN115879135B (en) | Bid data processing method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230516 Address after: Room 401, Floor 4, No. 2, Haidian East Third Street, Haidian District, Beijing 100080 Patentee after: Yuanxin Information Technology Group Co.,Ltd. Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Daxing District, Beijing Patentee before: YUANXIN TECHNOLOGY |
|
| TR01 | Transfer of patent right |