WO2014075504A1 - Security control method and device for running application - Google Patents

Security control method and device for running application Download PDF

Info

Publication number
WO2014075504A1
WO2014075504A1 PCT/CN2013/083621 CN2013083621W WO2014075504A1 WO 2014075504 A1 WO2014075504 A1 WO 2014075504A1 CN 2013083621 W CN2013083621 W CN 2013083621W WO 2014075504 A1 WO2014075504 A1 WO 2014075504A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
attribute
file
feature
terminal
Prior art date
Application number
PCT/CN2013/083621
Other languages
French (fr)
Chinese (zh)
Inventor
温铭
李宇
胡劲
张家柱
Original Assignee
北京奇虎科技有限公司
奇智软件(北京)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京奇虎科技有限公司, 奇智软件(北京)有限公司 filed Critical 北京奇虎科技有限公司
Publication of WO2014075504A1 publication Critical patent/WO2014075504A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow

Definitions

  • the present invention relates to the field of computer technologies, and in particular, to a security control method and apparatus for running an application. Background technique
  • the cloud is a metaphor for the Internet and the Internet. It represents the abstraction of the Internet and the underlying infrastructure. It can be roughly divided into public and private clouds.
  • a public cloud usually refers to a cloud that third-party vendors can use directly to external users through their own infrastructure.
  • Private clouds are placed in private environments, such as enterprises, governments, and other organizations that are established in the equipment room, or that operators are well-built, but are leased to an organization as a whole. Users outside the organization cannot access or use it.
  • a private cloud is built by an organization alone, providing the most effective control over data, security, and quality of service.
  • the terminal that can access the private cloud and the private cloud server are in the same local area network. They can be connected by network devices such as switches and routers.
  • the terminal needs to operate the file, the corresponding policy needs to be obtained from the private cloud. Specifically, the terminal accesses a certain terminal.
  • the private cloud needs to be requested to authenticate whether the program is executable. After receiving the authentication result of the private cloud, the program is further run or not executed.
  • the problem in the above prior art is that if a network failure occurs in a local area network to which the private cloud belongs, or a virus bursts, causing the terminal and the private cloud to be unable to connect, the terminal cannot determine whether the program is executable, and all the programs of the terminal are caused. Can not run, affecting the normal use of the terminal.
  • a security control method for running an application including:
  • the identity terminal obtains the identifier information of the application
  • the feature server is a server that performs security control on the feature terminal based on the intranet
  • the feature terminal loads and/or executes the application in accordance with the execution policy.
  • a security control device for running an application comprising:
  • the identifier information obtaining module is adapted to acquire the identifier information of the application when the feature terminal is unable to connect to the feature server, where the feature server is a server that performs security control on the specific terminal based on the intranet;
  • a first attribute obtaining module configured to extract, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes security for the application Classification
  • a second attribute obtaining module configured to extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes The execution strategy of the corresponding application;
  • a loading module adapted to load and/or execute the application according to the execution policy.
  • a computer program comprising computer readable code causing the server to perform any of claims 1-10 when run on a server The security control method of running the application.
  • a computer readable medium storing the computer program according to claim 21 is provided.
  • the first attribute identification database and the second genus are preset by the terminal
  • the terminal can directly identify the execution policy corresponding to the security classification of the application locally, and then load the application according to the execution policy, so that when the terminal cannot connect to the private cloud, The application can be authenticated to see if the application can execute without affecting user access to the application.
  • the security classification of the application may include a plurality of different attributes, such as a black file, a white file, and a gray file.
  • the second attribute configuration file may include corresponding to a plurality of different security categories. Execution strategy. The user can reset the second attribute configuration file in the private cloud according to his own needs, and then update the second attribute configuration file of the terminal.
  • the security classification of the application may be determined as a gray file, and then the corresponding information may be found in the second attribute configuration file.
  • the execution strategy avoids the problem that some of the programs are inaccessible when the first attribute authentication database is not perfect.
  • FIG. 1 is a flow chart schematically showing a method of security control for running an application according to an embodiment of the present invention
  • FIG. 2 is a block diagram schematically showing a security control device for running an application according to an embodiment of the present invention
  • Figure 3 schematically shows a block diagram of a server for performing the method according to the invention
  • Fig. 4 schematically shows a storage unit for holding or carrying program code implementing the method according to the invention.
  • FIG. 1 a flow chart of steps of an embodiment of a security control method for running an application according to an embodiment of the present invention is shown, which may specifically include the following steps:
  • Step 101 The feature terminal acquires the identifier information of the application when the feature terminal is unable to connect to the feature server, where the feature server is a server that performs security control on the feature terminal based on the intranet.
  • the feature server is a server accessible by a specific terminal, that is, a private cloud, and the feature terminal that can access the private cloud and the private cloud server are in the same intranet.
  • the private cloud is set up in the private network.
  • security control can be performed on each terminal of the intranet.
  • the embodiment of the present invention is mainly used in the scenario that the terminal and the private cloud cannot be connected.
  • the terminal can use the http packet to initiate a request to the private cloud server. If the terminal cannot connect to the private cloud server, the request will immediately return a failure, and the terminal determines that the terminal is unable to perform the request.
  • the application may be an application requested by the user, and the user may request access to the application by clicking a shortcut of the application or a program file, and the terminal receives the click of the user. , extract the identification information of the application for further authentication.
  • the application program may also be all application programs installed by the feature terminal.
  • the feature terminal determines that the feature server terminal cannot be connected, the identifier information of all the application programs may be extracted and authenticated locally in the feature terminal.
  • the application program may also be an application program that needs to be connected to the feature server when the feature terminal is installed.
  • the terminal determines that the feature server end cannot be connected, the terminal extracts the identification information of the application program, and performs localization on the feature terminal. Identification.
  • the step 101 may include: sub-step S1 l, the feature terminal extracts an application file corresponding to the application; sub-step S12, converting the application file by using a preset algorithm For the corresponding identification information.
  • the identification information of the application can be obtained by processing the application file, and the private cloud terminal is installed with a plurality of applications, and each program has a plurality of files, including the application files.
  • the application file is a file in the form of PE (or portable executable).
  • the PE file is a program on the Microsoft Windows operating system. Files, common EXE, DLL, OCX, SYS, COM are PE files, and each application has a corresponding PE file.
  • the PE file is composed of an MS-DOS executable body, a file header, an optional header, a data directory, a section header, and a section, wherein the file header includes the following structure:
  • SizeOfOptionalHeader is just the size of the "IMAGE-OPTIONAL-HEADER” item, which can be used to verify the correctness of the PE file structure;
  • the keywords of each structure in the file header of the PE file can be used as a preset keyword to determine whether each file corresponding to the application is an application file.
  • the application file can then be converted by a preset algorithm and the converted file can be used as the identification information of the application.
  • the corresponding identifier may be obtained by converting a PE file by using a preset algorithm.
  • the preset algorithm may be an MD5 algorithm, that is, a message digest algorithm (Message-Digest Algorithm 5), and the role of the MD5 is to enable large-capacity information.
  • the private key is "compressed" into a secret format, which is to convert a string of arbitrary length into a string of hexadecimal digits of a certain length to ensure complete and consistent information transmission.
  • Step 102 Extract, according to the identifier information, a first attribute of the application in a first attribute authentication database preset by the feature terminal, where the first attribute includes a security classification of the application.
  • the first attribute identification database is preset in the terminal, which includes the correspondence between the identification information of the application and the first attribute, and the corresponding first attribute may be extracted according to the identification information of the application, and the first attribute may be Includes a classification of the security of the application.
  • the security classification may be classified into three types, specifically, a black file, a gray file, and a white file. If the initial stage of the first attribute identification database construction may not be perfect, When the identification information of the application does not exist, in order to avoid affecting the user's use of the program, the security classification of the application may be determined as a gray file, which avoids the problem that some programs cannot be accessed when the first attribute authentication database is not perfect. In a specific implementation, the types and the number of security classifications may also be set as needed, and the present invention does not limit this.
  • present invention may further include:
  • the identification information of the application does not exist in the first attribute identification database, the identification information of the application is recorded.
  • the identification information of the application may be recorded.
  • the identification information of the application is sent to the private cloud for authentication.
  • the embodiment of the present invention may further Includes:
  • the identifier information of the application is obtained and sent to the feature server for authentication.
  • embodiment of the present invention may further include:
  • the private cloud is built with an application management database, that is, a private black and white library, which is referred to as a private library, which is customized by the enterprise organization where the private cloud is located, and includes the correspondence between the identification information of each application and the first attribute.
  • the private cloud server After receiving the identification information of the application sent by the terminal, the private cloud server authenticates the first attribute of the application through the private library, and returns the information to the terminal, where the terminal saves the correspondence between the first attribute of the application and the identification information.
  • the first attribute of the program can be directly determined by using the local first attribute identification database next time, so that the identification of the application is more accurate.
  • Step 103 Extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes an application corresponding to the security classification. Execution strategy.
  • the feature terminal may be installed with client software, and the second property profile may be built in an installation package of the client software.
  • the second attribute configuration file includes a correspondence between the first attribute and the second attribute of the application, and the second attribute may include an execution policy of the application corresponding to the security classification.
  • the security classification and execution attributes of the application may have the following correspondence: When the security of the application is classified into a black file, the corresponding execution policy is to load and execute the application;
  • the corresponding execution policy is a partial application function of executing the application.
  • the correspondence between the application security classification and the execution policy can be flexibly set according to the application environment and requirements.
  • the user can re-set the second attribute configuration file on the feature server according to the different needs of the user, and then update the second attribute configuration file of the feature terminal.
  • the method further includes:
  • the second attribute configuration file of the feature terminal is updated according to the second attribute configuration file of the feature server.
  • Step 104 The feature terminal loads and/or executes the application according to the execution policy.
  • the execution policy includes various security classifications, corresponding loading or execution modes. After the feature terminal identifies the execution policy of the application, it can decide whether to load the application according to the execution policy.
  • the security of the application can be directly identified locally.
  • the corresponding execution strategy of the classification and then the application can be loaded according to the execution strategy, so that when the terminal cannot connect to the private cloud, the terminal can still authenticate the application, and whether the application can be executed without affecting the user's access to the application. .
  • the security classification of the application may include a plurality of different attributes, such as a black file, a white file, and a gray file.
  • the second attribute configuration file may include an execution strategy corresponding to multiple different security classifications. . The customer can reset the second attribute configuration file in the private cloud according to his own needs, and then update the second attribute configuration file of the terminal.
  • FIG. 2 a structural block diagram of an embodiment of a security control apparatus for running an application according to an embodiment of the present invention is shown, which may specifically include the following modules:
  • the identifier information obtaining module 201 is adapted to obtain the identifier information of the application when the feature terminal is unable to connect to the feature server;
  • the first attribute obtaining module 202 is configured to extract, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes security for the application sexual classification
  • the second attribute obtaining module 203 is configured to extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes the security classification The corresponding execution strategy of the application;
  • the running module 204 is adapted to load and/or execute the application according to the execution policy by the feature terminal.
  • the application may include an application that requests access, or all applications installed by the feature terminal, or an application installed by the feature terminal that needs to be connected with the feature server.
  • the first attribute identification database may include a correspondence between the identification information of the application and the first attribute
  • the second attribute configuration file may include the first attribute of the application and the first The correspondence between the two attributes.
  • the security classification may include a black file, a white file, and a gray file
  • the first attribute authentication module may include:
  • the gray file identification submodule is adapted to determine that the security of the application is classified into a gray file if the identification information of the application does not exist in the first attribute identification database.
  • the corresponding execution policy is to load and execute the application
  • the corresponding execution policy is a partial application function of executing the application.
  • the device may further include: And a recording module, configured to: if the identification information of the application does not exist in the first attribute identification database, record the identification information of the application.
  • the device may further include:
  • the authentication module is configured to send the identifier information of the application to the feature server for authentication when the feature terminal is connected to the feature server.
  • the device may further include:
  • a saving module configured to receive the first attribute of the application returned by the feature server, and save the correspondence between the identification information of the application and the first attribute in the first attribute identification database.
  • the device may further include:
  • the update module is adapted to update the second attribute configuration file of the specific terminal according to the second attribute configuration file of the feature server.
  • the identifier information obtaining module may include: an application file extracting submodule, configured to extract, by the feature terminal, an application file corresponding to the application;
  • the conversion submodule is adapted to convert the application file into corresponding target information by using a preset algorithm.
  • the file header of the application file may include a preset keyword; the preset algorithm may include an information digest algorithm.
  • the various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components of the security control device that runs the application in accordance with an embodiment of the present invention. .
  • DSP digital signal processor
  • the invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein.
  • Such a program implementing the present invention may be stored on a computer readable medium or may have the form of one or more signals. Such signals may be downloaded from the Internet website, or provided on a carrier signal, or in any other form.
  • FIG. 3 illustrates a server, such as an application server, that can implement a security control method for running an application in accordance with the present invention.
  • the server conventionally includes a processor 310 and a computer program product or computer readable medium in the form of a memory 320.
  • Memory 320 can It is an electronic memory such as flash memory, EEPROM (Electrically Erasable Programmable Read Only Memory), EPROM, hard disk or ROM.
  • the memory 320 has a memory space 330 for program code 331 for performing any of the method steps described above.
  • storage space 330 for program code may include various program code 331 for implementing various steps in the above methods, respectively.
  • the program code can be read from or written to one or more computer program products.
  • These computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks.
  • Such computer program products are typically portable or fixed storage units as described with reference to FIG.
  • the storage unit may have a storage section, a storage space, and the like arranged similarly to the storage 320 in the server of FIG.
  • the program code can be compressed, for example, in an appropriate form.
  • the storage unit includes computer readable code 331 ', i.e., code that can be read by a processor, such as 310, which, when executed by a server, causes the server to perform various steps in the methods described above.
  • any reference signs placed between parentheses shall not be construed as a limitation.
  • the word “comprising” does not exclude the presence of the elements or steps that are not in the claims.
  • the word “a” or “an” preceding a component does not exclude the presence of a plurality of such elements.
  • the invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item.
  • the use of the words first, second, and third does not indicate any order. These words can be interpreted as names.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed are a security control method and device for running an application. The method comprises: a feature terminal, when unable to connect to a feature service end, obtaining identifier information of an application, the feature service end being a service end that performs security control on the feature terminal based on an internal network; according to the identifier information, extracting a first attribute of the application from a first attribute identification database preset by the feature terminal, the first attribute comprising a security classification of the application; according to the first attribute, extracting a second attribute of the application from a second attribute configuration file preset by the feature terminal, the second attribute comprising an execution policy of the application corresponding to the security classification; the feature terminal loading and/or executing the application according to the execution policy. The present invention can prevent running of the application from being affected by incapability of a terminal in connecting a private cloud.

Description

一种运行应用程序的安全控制方法和装置 技术领域  Safety control method and device for running application
本发明涉及计算机技术领域, 尤其涉及一种运行应用程序的安全控 制方法和装置。 背景技术  The present invention relates to the field of computer technologies, and in particular, to a security control method and apparatus for running an application. Background technique
云是互联网、 网络的一种比喻说法, 表示互联网和底层基础设施的 抽象, 大致可以分为公有云和私有云。  The cloud is a metaphor for the Internet and the Internet. It represents the abstraction of the Internet and the underlying infrastructure. It can be roughly divided into public and private clouds.
公有云通常指第三方供应商通过自己的基础设施, 直接向外部用户 提供服务能够使用的云。 私有云是放在私有环境中的, 比如企业、 政府 等组织自己在机房中建立的, 或者是运营商建设好, 但是整体租给某一 组织的。 组织之外的用户无法访问或无法使用。 私有云是一个组织单独 使用构建的, 因而可以提供对数据、 安全性和服务质量的最有效控制。  A public cloud usually refers to a cloud that third-party vendors can use directly to external users through their own infrastructure. Private clouds are placed in private environments, such as enterprises, governments, and other organizations that are established in the equipment room, or that operators are well-built, but are leased to an organization as a whole. Users outside the organization cannot access or use it. A private cloud is built by an organization alone, providing the most effective control over data, security, and quality of service.
可访问私有云的终端和私有云服务器处于同一个局域网, 可以使用 交换机、 路由器等网络设备连接, 当终端需要对文件进行操作时需要从 私有云获取相应策略, 具体而言, 在终端访问某个程序时, 需要请求私 有云鉴定该程序是否可执行, 接收到私有云的鉴定结果后, 才进一步运 行该程序或是不运行该程序。  The terminal that can access the private cloud and the private cloud server are in the same local area network. They can be connected by network devices such as switches and routers. When the terminal needs to operate the file, the corresponding policy needs to be obtained from the private cloud. Specifically, the terminal accesses a certain terminal. When the program is requested, the private cloud needs to be requested to authenticate whether the program is executable. After receiving the authentication result of the private cloud, the program is further run or not executed.
以上现有技术中存在的问题是, 如果私有云所属的局域网内出现网 络故障, 或者病毒爆发, 致使终端和私有云无法连接, 那么终端就无法 判断程序是否可执行, 会导致终端的所有程序都无法运行, 影响终端的 正常使用。  The problem in the above prior art is that if a network failure occurs in a local area network to which the private cloud belongs, or a virus bursts, causing the terminal and the private cloud to be unable to connect, the terminal cannot determine whether the program is executable, and all the programs of the terminal are caused. Can not run, affecting the normal use of the terminal.
因此, 目前需要本领域技术人员解决的一个技术问题就是, 提供一 种运行应用程序的安全控制机制, 避免终端无法连接私有云时影响应用 程序的运行。 发明内容  Therefore, a technical problem that needs to be solved by those skilled in the art is to provide a security control mechanism for running an application to prevent the terminal from affecting the operation of the application when the terminal cannot connect to the private cloud. Summary of the invention
鉴于上述问题, 提出了本发明以便提供一种克服上述问题或者至少 部分地解决或者减緩上述问题的运行应用程序的安全控制方法和相应的 运行应用程序的安全控制装置。 根据本发明的一个方面, 提供了一种运行应用程序的安全控制方法, 包括: In view of the above problems, the present invention has been made in order to provide a safety control method for a running application that overcomes the above problems or at least partially solves or alleviates the above problems, and a corresponding safety control device for running the application. According to an aspect of the present invention, a security control method for running an application is provided, including:
特征终端在无法连接特征服务端时, 获取应用程序的标识信息, 所 述特征服务端为基于内网对特征终端进行安全控制的服务端;  When the feature terminal is unable to connect to the feature server, the identity terminal obtains the identifier information of the application, and the feature server is a server that performs security control on the feature terminal based on the intranet;
依据所述标识信息, 在特征终端预置的第一属性鉴定数据库中提取 所述应用程序的第一属性, 所述第一属性包括对所述应用程序的安全性 分类;  And extracting, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes a security classification of the application;
依据所述第一属性, 在特征终端预置的第二属性配置文件中提取所 述应用程序的第二属性, 所述第二属性包括与所述安全性分类相对应的 应用程序的执行策略;  Determining, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes an execution policy of the application corresponding to the security classification;
特征终端依据所述执行策略加载和 /或执行所述应用程序。  The feature terminal loads and/or executes the application in accordance with the execution policy.
根据本发明的另一个方面, 提供了一种运行应用程序的安全控制装 置, 包括:  According to another aspect of the present invention, a security control device for running an application is provided, comprising:
标识信息获取模块, 适于特征终端在无法连接特征服务端时, 获取 应用程序的标识信息, 所述特征服务端为基于内网对特定终端进行安全 控制的服务端;  The identifier information obtaining module is adapted to acquire the identifier information of the application when the feature terminal is unable to connect to the feature server, where the feature server is a server that performs security control on the specific terminal based on the intranet;
第一属性获取模块, 适于依据所述标识信息, 在特征终端预置的第 一属性鉴定数据库中提取所述应用程序的第一属性, 所述第一属性包括 对所述应用程序的安全性分类;  a first attribute obtaining module, configured to extract, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes security for the application Classification
第二属性获取模块, 适于依据所述第一属性, 在特征终端预置的第 二属性配置文件中提取所述应用程序的第二属性, 所述第二属性包括与 所述安全性分类相对应的应用程序的执行策略;  a second attribute obtaining module, configured to extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes The execution strategy of the corresponding application;
加载模块, 适于特征终端依据所述执行策略加载和 /或执行所述应用 程序。  And a loading module adapted to load and/or execute the application according to the execution policy.
根据本发明的又一个方面, 提供了一种计算机程序, 其包括计算机 可读代码, 当所述计算机可读代码在服务器上运行时, 导致所述服务器 执行根据权利要求 1-10 中的任一个所述的运行应用程序的安全控制方 法。  According to still another aspect of the present invention, a computer program comprising computer readable code causing the server to perform any of claims 1-10 when run on a server The security control method of running the application.
根据本发明的再一个方面, 提供了一种计算机可读介质, 其中存储 了如权利要求 21所述的计算机程序。  According to still another aspect of the present invention, a computer readable medium storing the computer program according to claim 21 is provided.
本发明的有益效果为:  The beneficial effects of the invention are:
依据本发明实施例, 通过在终端预置第一属性鉴定数据库和第二属 性配置文件, 终端在无法连接特征服务端时, 可以直接在本地鉴定出应 用程序的安全性分类对应的执行策略, 进而可以依据执行策略来加载应 用程序, 从而使得终端无法连接私有云时, 依然可以对应用程序进行鉴 定, 得出应用程序是否可以执行, 不影响用户对应用程序的访问。 According to an embodiment of the present invention, the first attribute identification database and the second genus are preset by the terminal When the terminal is unable to connect to the feature server, the terminal can directly identify the execution policy corresponding to the security classification of the application locally, and then load the application according to the execution policy, so that when the terminal cannot connect to the private cloud, The application can be authenticated to see if the application can execute without affecting user access to the application.
本发明实施例中, 应用程序的安全性分类可以包括黑文件、 白文件 和灰文件等多种不同的属性, 相应的, 第二属性配置文件可以包括对多 种不同的安全性分类分別对应的执行策略。 用户可以按照自己不同的需 求在私有云重新设置第二属性配置文件, 然后对终端的第二属性配置文 件进行更新。  In the embodiment of the present invention, the security classification of the application may include a plurality of different attributes, such as a black file, a white file, and a gray file. Correspondingly, the second attribute configuration file may include corresponding to a plurality of different security categories. Execution strategy. The user can reset the second attribute configuration file in the private cloud according to his own needs, and then update the second attribute configuration file of the terminal.
本发明实施例在第一属性鉴定数据库不够完善, 无法对应用程序的 第一属性进行鉴定时, 可以将该应用程序的安全性分类判定为灰文件, 进而可以在第二属性配置文件中找到相应的执行策略, 避免了第一属性 鉴定数据库不够完善时, 造成部分程序无法访问的问题。  In the embodiment of the present invention, when the first attribute identification database is not perfect and the first attribute of the application cannot be authenticated, the security classification of the application may be determined as a gray file, and then the corresponding information may be found in the second attribute configuration file. The execution strategy avoids the problem that some of the programs are inaccessible when the first attribute authentication database is not perfect.
上述说明仅是本发明技术方案的概述, 为了能够更清楚了解本发明 的技术手段, 而可依照说明书的内容予以实施, 并且为了让本发明的上 述和其它目的、 特征和优点能够更明显易懂, 以下特举本发明的具体实 施方式。 附图说明  The above description is only an overview of the technical solutions of the present invention, and the technical means of the present invention can be more clearly understood, and can be implemented in accordance with the contents of the specification, and the above and other objects, features and advantages of the present invention can be more clearly understood. Specific embodiments of the invention are set forth below. DRAWINGS
通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于 本领域普通技术人员将变得清楚明了。 附图仅用于示出优选实施方式的 目的, 而并不认为是对本发明的限制。 而且在整个附图中, 用相同的参 考符号表示相同的部件。 在附图中:  Various other advantages and benefits will become apparent to those skilled in the art from a The drawings are only for the purpose of illustrating the preferred embodiments and are not to be construed as limiting. Throughout the drawings, the same reference numerals are used to refer to the same parts. In the drawing:
图 1 示意性示出了根据本发明一个实施例的运行应用程序的安全控 制方法的流程图;  FIG. 1 is a flow chart schematically showing a method of security control for running an application according to an embodiment of the present invention; FIG.
图 2 示意性示出了根据本发明一个实施例的运行应用程序的安全控 制装置的框图;  FIG. 2 is a block diagram schematically showing a security control device for running an application according to an embodiment of the present invention; FIG.
图 3 示意性地示出了用于执行根据本发明的方法的服务器的框图; 以及  Figure 3 schematically shows a block diagram of a server for performing the method according to the invention;
图 4 示意性地示出了用于保持或者携带实现根据本发明的方法的程 序代码的存储单元。 具体实施例 Fig. 4 schematically shows a storage unit for holding or carrying program code implementing the method according to the invention. Specific embodiment
下面结合附图和具体的实施方式对本发明作进一步的描述。  The invention is further described below in conjunction with the drawings and specific embodiments.
参考图 1, 示出了本发明实施例的一种运行应用程序的安全控制方法 实施例的步骤流程图, 具体可以包括以下步骤:  Referring to FIG. 1, a flow chart of steps of an embodiment of a security control method for running an application according to an embodiment of the present invention is shown, which may specifically include the following steps:
步骤 101、 特征终端在无法连接特征服务端时, 获取应用程序的标识 信息, 所述特征服务端为基于内网对特征终端进行安全控制的服务端。  Step 101: The feature terminal acquires the identifier information of the application when the feature terminal is unable to connect to the feature server, where the feature server is a server that performs security control on the feature terminal based on the intranet.
本发明实施例中, 特征服务端为特定终端可访问的服务端, 即私有 云, 可访问私有云的特征终端和私有云服务器处于同一个内网, 在具体 的实现中, 私有云多架设在企业内网中, 可以对内网的各个终端进行安 全控制。  In the embodiment of the present invention, the feature server is a server accessible by a specific terminal, that is, a private cloud, and the feature terminal that can access the private cloud and the private cloud server are in the same intranet. In a specific implementation, the private cloud is set up in the private network. In the intranet, security control can be performed on each terminal of the intranet.
本发明实施例主要用于终端与私有云无法连接场景下, 终端可以使 用 http 数据包向私有云服务器发起请求, 如果终端无法和私有云服务器 连接, 这个请求会立刻返回失败, 终端从而判断处于无法连接私有云的 环境。  The embodiment of the present invention is mainly used in the scenario that the terminal and the private cloud cannot be connected. The terminal can use the http packet to initiate a request to the private cloud server. If the terminal cannot connect to the private cloud server, the request will immediately return a failure, and the terminal determines that the terminal is unable to perform the request. An environment that connects to a private cloud.
本发明实施例中, 所述应用程序可以是用户请求访问的应用程序, 用户可以在终端通过点击应用程序的快捷方式或是程序文件等方式来请 求访问该应用程序, 终端接收到用户的点击之后, 提取该应用程序的标 识信息用于进一步进行鉴定。  In the embodiment of the present invention, the application may be an application requested by the user, and the user may request access to the application by clicking a shortcut of the application or a program file, and the terminal receives the click of the user. , extract the identification information of the application for further authentication.
本发明实施例中, 所述应用程序也可以是特征终端安装的所有应用 程序, 特征终端确定无法连接特征服务器端时, 可以提取所有应用程序 的标识信息, 在特征终端本地进行鉴定。  In the embodiment of the present invention, the application program may also be all application programs installed by the feature terminal. When the feature terminal determines that the feature server terminal cannot be connected, the identifier information of all the application programs may be extracted and authenticated locally in the feature terminal.
本发明实施例中, 所述应用程序也可以是特征终端安装的需要与特 征服务端保持连接的应用程序, 终端确定无法连接特征服务器端时, 提 取该应用程序的标识信息, 在特征终端本地进行鉴定。  In the embodiment of the present invention, the application program may also be an application program that needs to be connected to the feature server when the feature terminal is installed. When the terminal determines that the feature server end cannot be connected, the terminal extracts the identification information of the application program, and performs localization on the feature terminal. Identification.
在本发明的一种优选的实施例中, 所述步骤 101可以包括: 子步骤 Sl l、 特征终端提取应用程序对应的应用程序文件; 子步骤 S12、采用预设算法将所述应用程序文件转换为对应的标识信 息。  In a preferred embodiment of the present invention, the step 101 may include: sub-step S1 l, the feature terminal extracts an application file corresponding to the application; sub-step S12, converting the application file by using a preset algorithm For the corresponding identification information.
本发明中, 应用程序的标识信息可以通过对应用程序文件处理后得 到, 私有云终端安装有多个应用程序, 每个程序对应有多个文件, 其中 包括有应用程序文件。 应用程序文件即 PE ( ortable executable, 可移植 的可执行文件) 格式的文件, PE文件是微软 Windows操作***上的程序 文件, 常见的 EXE、 DLL, OCX, SYS、 COM都是 PE文件, 每个应用 程序都有对应的 PE文件。 In the present invention, the identification information of the application can be obtained by processing the application file, and the private cloud terminal is installed with a plurality of applications, and each program has a plurality of files, including the application files. The application file is a file in the form of PE (or portable executable). The PE file is a program on the Microsoft Windows operating system. Files, common EXE, DLL, OCX, SYS, COM are PE files, and each application has a corresponding PE file.
具体的, PE文件由 MS-DOS可执行体、 文件头、 可选头、 数据目录、 节头以及节等结构组成, 其中, 文件头中包含如下结构:  Specifically, the PE file is composed of an MS-DOS executable body, a file header, an optional header, a data directory, a section header, and a section, wherein the file header includes the following structure:
1 ) "Machine (机器) ", 用来指出该二进制文件预定运行于什么样 的***;  1) "Machine", used to indicate which system the binary is scheduled to run on;
2) "NumberOf Sections (节数) ", 它是紧跟在头后面的节的数目; 2) "NumberOf Sections", which is the number of sections immediately following the head;
3 ) " TimeDateStamp (时间戳) " , 用来给出文件建立的时间; 4-5 ) "PointerToSymbolTable (符号表指针) "和" NumberOfSymbols (符号数) " (都是 32位) 都用于调试信息的; 3) "TimeDateStamp (timestamp)", used to give the file creation time; 4-5) "PointerToSymbolTable (symbol table pointer)" and "NumberOfSymbols (symbol number)" (both 32 bits) are used for debugging information of;
6) " SizeOfOptionalHeader (可选头大小)"只是" IMAGE— OPTIONAL— HEADER (可选头) "项的大小, 可以用它去验证 PE文件结构的正确性; 6) "SizeOfOptionalHeader" is just the size of the "IMAGE-OPTIONAL-HEADER" item, which can be used to verify the correctness of the PE file structure;
7) "Characteristics (特性) " 是一个 16 位的, 由许多标志位形成 的集合组成, 但大多数标志位只对目标文件和库文件有效。 7) "Characteristics" is a 16-bit set consisting of a number of flags, but most flags are only valid for object files and library files.
本发明中可以通过 PE文件的文件头中各个结构的关键词作为预设关 键词, 来判断应用程序对应的各个文件是否为应用程序文件。 然后可以 通过预设算法对应用程序文件进行转换, 并将转换后的文件作为应用程 序的标识信息。  In the present invention, the keywords of each structure in the file header of the PE file can be used as a preset keyword to determine whether each file corresponding to the application is an application file. The application file can then be converted by a preset algorithm and the converted file can be used as the identification information of the application.
通过对 PE文件采用预设的算法进行转换可以得到对应的标识信息, 本发明中, 预设算法可以是 MD5算法, 即信息摘要算法( Message-Digest Algorithm 5 ) , MD5的作用是让大容量信息在用数字签名软件签署私人 密钥前被"压缩"成一种保密的格式,就是把一个任意长度的字节串变换成 一定长的十六进制数字串, 可以确保信息传输完整一致。 步骤 102、 依据所述标识信息, 在特征终端预置的第一属性鉴定数据 库中提取所述应用程序的第一属性, 所述第一属性包括对所述应用程序 的安全性分类。  The corresponding identifier may be obtained by converting a PE file by using a preset algorithm. In the present invention, the preset algorithm may be an MD5 algorithm, that is, a message digest algorithm (Message-Digest Algorithm 5), and the role of the MD5 is to enable large-capacity information. Before being signed by a digital signature software, the private key is "compressed" into a secret format, which is to convert a string of arbitrary length into a string of hexadecimal digits of a certain length to ensure complete and consistent information transmission. Step 102: Extract, according to the identifier information, a first attribute of the application in a first attribute authentication database preset by the feature terminal, where the first attribute includes a security classification of the application.
本发明中, 在终端预置了第一属性鉴定数据库, 其中包括应用程序 的标识信息和第一属性的对应关系, 依据应用程序的标识信息便可以提 取到相应的第一属性, 第一属性可以包括对所述应用程序的安全性分类。  In the present invention, the first attribute identification database is preset in the terminal, which includes the correspondence between the identification information of the application and the first attribute, and the corresponding first attribute may be extracted according to the identification information of the application, and the first attribute may be Includes a classification of the security of the application.
在本发明的一种实施例中, 安全性分类可以分为三种, 具体为黑文 件、 灰文件和白文件。 若第一属性鉴定数据库构建的初期可能不够完善, 不存在该应用程序的标识信息时, 为了避免影响用户使用该程序, 可以 该应用程序的安全性分类确定为灰文件, 避免了第一属性鉴定数据库不 够完善时, 造成部分程序无法访问的问题。 在具体的实现中, 安全性分 类的种类和个数也可以根据需要设定, 本发明对此并不做限制。 In an embodiment of the present invention, the security classification may be classified into three types, specifically, a black file, a gray file, and a white file. If the initial stage of the first attribute identification database construction may not be perfect, When the identification information of the application does not exist, in order to avoid affecting the user's use of the program, the security classification of the application may be determined as a gray file, which avoids the problem that some programs cannot be accessed when the first attribute authentication database is not perfect. In a specific implementation, the types and the number of security classifications may also be set as needed, and the present invention does not limit this.
进一步, 本发明还可以包括:  Further, the present invention may further include:
若所述第一属性鉴定数据库中不存在所述应用程序的标识信息, 则 记录所述应用程序的标识信息。  If the identification information of the application does not exist in the first attribute identification database, the identification information of the application is recorded.
对于鉴定为灰文件的应用程序, 可以将记录下该应用程序的标识信 息, 在可以连接上私有云时, 将该应用程序的标识信息发送到私有云进 行鉴定, 进一步, 本发明实施例还可以包括:  For an application that is identified as a gray file, the identification information of the application may be recorded. When the private cloud can be connected, the identification information of the application is sent to the private cloud for authentication. Further, the embodiment of the present invention may further Includes:
在特征终端连接上特征服务端时, 获取所述应用程序的标识信息发 送到所述特征服务端进行鉴定。  When the feature terminal is connected to the feature server, the identifier information of the application is obtained and sent to the feature server for authentication.
进一步, 本发明实施例还可以包括:  Further, the embodiment of the present invention may further include:
接收所述特征服务端返回的所述应用程序的第一属性, 并将所述应 用程序的标识信息和第一属性的对应关系保存在所述第一属性鉴定数据 库中。  Receiving a first attribute of the application returned by the feature server, and storing a correspondence between the identification information of the application and the first attribute in the first attribute identification database.
具体的, 私有云构建有应用程序管理数据库, 即私有黑白库, 简称 私有库, 由私有云所在的企业组织内部自己定制, 其中包括了各个应用 程序的标识信息和第一属性的对应关系。 私有云服务器接收到终端发送 的应用程序的标识信息后, 通过私有库对该应用程序的第一属性进行鉴 定, 并返回给终端, 终端将该应用程序的第一属性与标识信息的对应关 系保存在第一属性鉴定数据库中, 下次可以直接利用本地的第一属性鉴 定数据库确定该程序的第一属性, 使得对应用程序的鉴定更为准确。 步骤 103、 依据所述第一属性, 在特征终端预置的第二属性配置文件 中提取所述应用程序的第二属性, 所述第二属性包括与所述安全性分类 相对应的应用程序的执行策略。  Specifically, the private cloud is built with an application management database, that is, a private black and white library, which is referred to as a private library, which is customized by the enterprise organization where the private cloud is located, and includes the correspondence between the identification information of each application and the first attribute. After receiving the identification information of the application sent by the terminal, the private cloud server authenticates the first attribute of the application through the private library, and returns the information to the terminal, where the terminal saves the correspondence between the first attribute of the application and the identification information. In the first attribute identification database, the first attribute of the program can be directly determined by using the local first attribute identification database next time, so that the identification of the application is more accurate. Step 103: Extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes an application corresponding to the security classification. Execution strategy.
在具体的实现中, 特征终端可以安装有客户端软件, 第二属性配置 文件是可以内置在客户端软件的安装包中。 本发明中, 第二属性配置文 件包括了应用程序的第一属性和第二属性的对应关系, 第二属性可以包 括与所述安全性分类相对应的应用程序的执行策略。 在本发明的一种优 选实施例中, 应用程序的安全性分类与执行属性可以有如下对应关系: 所述应用程序的安全性分类为黑文件时, 对应的执行策略为加载并 执行所述应用程序; In a specific implementation, the feature terminal may be installed with client software, and the second property profile may be built in an installation package of the client software. In the present invention, the second attribute configuration file includes a correspondence between the first attribute and the second attribute of the application, and the second attribute may include an execution policy of the application corresponding to the security classification. In a preferred embodiment of the present invention, the security classification and execution attributes of the application may have the following correspondence: When the security of the application is classified into a black file, the corresponding execution policy is to load and execute the application;
所述应用程序的安全性分类为白文件时, 对应的执行策略为不加载 所述应用程序;  When the security of the application is classified into a white file, the corresponding execution policy is not loading the application;
所述应用程序的安全性分类为灰文件时, 对应的执行策略为执行所 述应用程序的部分应用功能。  When the security of the application is classified into a gray file, the corresponding execution policy is a partial application function of executing the application.
在具体的实现中, 应用程序安全性分类和执行策略的对应关系可以 根据应用环境和需求灵活设置。 并且, 用户可以按照自己不同的需求在 特征服务端重新设置第二属性配置文件, 然后对特征终端的第二属性配 置文件进行更新, 所述方法进一步还包括:  In a specific implementation, the correspondence between the application security classification and the execution policy can be flexibly set according to the application environment and requirements. In addition, the user can re-set the second attribute configuration file on the feature server according to the different needs of the user, and then update the second attribute configuration file of the feature terminal. The method further includes:
依据特征服务端的第二属性配置文件, 对特征终端的第二属性配置 文件进行更新。 步骤 104、 特征终端依据所述执行策略加载和 /或执行所述应用程序。 执行策略中包含了针对各种安全性分类, 对应的加载或执行的方式, 特征终端对应用程序的执行策略鉴定完后, 可以依据执行策略决定是否 加载该应用程序。 综上所述, 依据本发明, 通过在终端预置第一属性鉴定数据库和第 二属性配置文件, 终端在无法连接特征服务端时访问应用程序时, 可以 直接在本地鉴定出应用程序的安全性分类对应的执行策略, 进而可以依 据执行策略来加载应用程序, 从而使得终端无法连接私有云时, 终端依 然可以对应用程序进行鉴定, 得出应用程序是否可以执行, 不影响用户 对应用程序的访问。  The second attribute configuration file of the feature terminal is updated according to the second attribute configuration file of the feature server. Step 104: The feature terminal loads and/or executes the application according to the execution policy. The execution policy includes various security classifications, corresponding loading or execution modes. After the feature terminal identifies the execution policy of the application, it can decide whether to load the application according to the execution policy. In summary, according to the present invention, by presetting the first attribute authentication database and the second attribute configuration file in the terminal, when the terminal accesses the application when the feature server cannot be connected, the security of the application can be directly identified locally. The corresponding execution strategy of the classification, and then the application can be loaded according to the execution strategy, so that when the terminal cannot connect to the private cloud, the terminal can still authenticate the application, and whether the application can be executed without affecting the user's access to the application. .
本发明中, 应用程序的安全性分类可以包括黑文件、 白文件和灰文 件等多种不同的属性, 相应的, 第二属性配置文件可以包括对多种不同 的安全性分类分別对应的执行策略。 客户可以按照自己不同的需求在私 有云重新设置第二属性配置文件, 然后对终端的第二属性配置文件进行 更新。  In the present invention, the security classification of the application may include a plurality of different attributes, such as a black file, a white file, and a gray file. Correspondingly, the second attribute configuration file may include an execution strategy corresponding to multiple different security classifications. . The customer can reset the second attribute configuration file in the private cloud according to his own needs, and then update the second attribute configuration file of the terminal.
本发明在第一属性鉴定数据库不够完善, 无法对应用程序的第一属 性进行鉴定时, 可以将该应用程序的安全性分类判定为灰文件, 进而可 以在第二属性配置文件中找到相应的执行策略, 避免了第一属性鉴定数 据库不够完善时, 造成部分程序无法访问的问题。 参考图 2, 示出了本发明实施例的一种运行应用程序的安全控制装置 实施例的结构框图, 具体可以包括以下模块: When the first attribute identification database is not perfect enough to authenticate the first attribute of the application, the security classification of the application may be determined as a gray file, and the corresponding execution may be found in the second attribute configuration file. Strategy, avoiding the first attribute identification number When the database is not perfect, it causes problems that some programs cannot access. Referring to FIG. 2, a structural block diagram of an embodiment of a security control apparatus for running an application according to an embodiment of the present invention is shown, which may specifically include the following modules:
标识信息获取模块 201, 适于特征终端在无法连接特征服务端时, 获 取应用程序的标识信息;  The identifier information obtaining module 201 is adapted to obtain the identifier information of the application when the feature terminal is unable to connect to the feature server;
第一属性获取模块 202, 适于依据所述标识信息, 在特征终端预置的 第一属性鉴定数据库中提取所述应用程序的第一属性, 所述第一属性包 括对所述应用程序的安全性分类;  The first attribute obtaining module 202 is configured to extract, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes security for the application Sexual classification
第二属性获取模块 203, 适于依据所述第一属性, 在特征终端预置的 第二属性配置文件中提取所述应用程序的第二属性, 所述第二属性包括 与所述安全性分类相对应的应用程序的执行策略;  The second attribute obtaining module 203 is configured to extract, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes the security classification The corresponding execution strategy of the application;
运行模块 204, 适于特征终端依据所述执行策略加载和 /或执行所述 应用程序。  The running module 204 is adapted to load and/or execute the application according to the execution policy by the feature terminal.
本发明实施例中, 所述应用程序可以包括请求访问的应用程序、 或 特征终端安装的所有应用程序、 或特征终端安装的需要与特征服务端保 持连接的应用程序。  In the embodiment of the present invention, the application may include an application that requests access, or all applications installed by the feature terminal, or an application installed by the feature terminal that needs to be connected with the feature server.
在本发明的一种优选实施例中, 所述第一属性鉴定数据库可以包括 应用程序的标识信息和第一属性的对应关系, 所述第二属性配置文件可 以包括应用程序的第一属性和第二属性的对应关系。  In a preferred embodiment of the present invention, the first attribute identification database may include a correspondence between the identification information of the application and the first attribute, and the second attribute configuration file may include the first attribute of the application and the first The correspondence between the two attributes.
在本发明的一种优选实施例中, 所述安全性分类可以包括黑文件、 白文件和灰文件, 所述第一属性鉴定模块可以包括:  In a preferred embodiment of the present invention, the security classification may include a black file, a white file, and a gray file, and the first attribute authentication module may include:
灰文件鉴定子模块, 适于若所述第一属性鉴定数据库中不存在所述 应用程序的标识信息, 则判断所述应用程序的安全性分类为灰文件。  The gray file identification submodule is adapted to determine that the security of the application is classified into a gray file if the identification information of the application does not exist in the first attribute identification database.
在本发明的一种优选实施例中, 所述  In a preferred embodiment of the invention, the
应用程序的安全性分类为黑文件时, 对应的执行策略为加载并执行 所述应用程序;  When the security of the application is classified into a black file, the corresponding execution policy is to load and execute the application;
所述应用程序的安全性分类为白文件时, 对应的执行策略为不加载 所述应用程序;  When the security of the application is classified into a white file, the corresponding execution policy is not loading the application;
所述应用程序的安全性分类为灰文件时, 对应的执行策略为执行所 述应用程序的部分应用功能。  When the security of the application is classified into a gray file, the corresponding execution policy is a partial application function of executing the application.
在本发明的一种优选实施例中, 所述装置还可以包括: 记录模块, 适于若所述第一属性鉴定数据库中不存在所述应用程序 的标识信息, 则记录所述应用程序的标识信息。 In a preferred embodiment of the present invention, the device may further include: And a recording module, configured to: if the identification information of the application does not exist in the first attribute identification database, record the identification information of the application.
进一步, 在该实施例中, 所述装置还可以包括:  Further, in this embodiment, the device may further include:
鉴定模块, 适于在特征终端连接上特征服务端时, 将所述应用程序 的标识信息发送到所述特征服务端进行鉴定。  The authentication module is configured to send the identifier information of the application to the feature server for authentication when the feature terminal is connected to the feature server.
进一步, 在该实施例中, 所述装置还可以包括:  Further, in this embodiment, the device may further include:
保存模块, 适于接收所述特征服务端返回的所述应用程序的第一属 性, 并将所述应用程序的标识信息和第一属性的对应关系保存在所述第 一属性鉴定数据库中。  And a saving module, configured to receive the first attribute of the application returned by the feature server, and save the correspondence between the identification information of the application and the first attribute in the first attribute identification database.
在本发明的一种优选实施例中, 所述装置还可以包括:  In a preferred embodiment of the present invention, the device may further include:
更新模块, 适于依据特征服务端的第二属性配置文件, 对特定终端 的第二属性配置文件进行更新。  The update module is adapted to update the second attribute configuration file of the specific terminal according to the second attribute configuration file of the feature server.
在本发明的一种优选实施例中, 所述标识信息获取模块可以包括: 应用程序文件提取子模块, 适于特征终端提取所述应用程序对应的 应用程序文件;  In a preferred embodiment of the present invention, the identifier information obtaining module may include: an application file extracting submodule, configured to extract, by the feature terminal, an application file corresponding to the application;
转换子模块, 适于采用预设算法将所述应用程序文件转换为对应的 标、识信息。  The conversion submodule is adapted to convert the application file into corresponding target information by using a preset algorithm.
在本发明的一种优选实施例中, 所述应用程序文件的文件头中可以 包含预设关键词; 所述预设算法可以包括信息摘要算法。 本发明的各个部件实施例可以以硬件实现, 或者以在一个或者多个 处理器上运行的软件模块实现, 或者以它们的组合实现。 本领域的技术 人员应当理解, 可以在实践中使用微处理器或者数字信号处理器 (DSP) 来实现根据本发明实施例的运行应用程序的安全控制装置中的一些或者 全部部件的一些或者全部功能。 本发明还可以实现为用于执行这里所描 述的方法的一部分或者全部的设备或者装置程序 (例如, 计算机程序和 计算机程序产品) 。 这样的实现本发明的程序可以存储在计算机可读介 质上, 或者可以具有一个或者多个信号的形式。 这样的信号可以从因特 网网站上下载得到, 或者在载体信号上提供, 或者以任何其他形式提供。  In a preferred embodiment of the present invention, the file header of the application file may include a preset keyword; the preset algorithm may include an information digest algorithm. The various component embodiments of the present invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components of the security control device that runs the application in accordance with an embodiment of the present invention. . The invention can also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein. Such a program implementing the present invention may be stored on a computer readable medium or may have the form of one or more signals. Such signals may be downloaded from the Internet website, or provided on a carrier signal, or in any other form.
例如, 图 3 示出了可以实现根据本发明的运行应用程序的安全控制 方法的服务器, 例如应用服务器。 该服务器传统上包括处理器 310 和以 存储器 320 形式的计算机程序产品或者计算机可读介质。 存储器 320 可 以是诸如闪存、 EEPROM (电可擦除可编程只读存储器) 、 EPROM、 硬 盘或者 ROM之类的电子存储器。存储器 320具有用于执行上述方法中的 任何方法步骤的程序代码 331的存储空间 330。 例如, 用于程序代码的存 储空间 330 可以包括分別用于实现上面的方法中的各种步骤的各个程序 代码 331。这些程序代码可以从一个或者多个计算机程序产品中读出或者 写入到这一个或者多个计算机程序产品中。 这些计算机程序产品包括诸 如硬盘, 紧致盘 (CD) 、 存储卡或者软盘之类的程序代码载体。 这样的 计算机程序产品通常为如参考图 4 所述的便携式或者固定存储单元。 该 存储单元可以具有与图 3 的服务器中的存储器 320 类似布置的存储段、 存储空间等。 程序代码可以例如以适当形式进行压缩。 通常, 存储单元 包括计算机可读代码 331 ', 即可以由例如诸如 310 之类的处理器读取的 代码, 这些代码当由服务器运行时, 导致该服务器执行上面所描述的方 法中的各个步骤。 For example, FIG. 3 illustrates a server, such as an application server, that can implement a security control method for running an application in accordance with the present invention. The server conventionally includes a processor 310 and a computer program product or computer readable medium in the form of a memory 320. Memory 320 can It is an electronic memory such as flash memory, EEPROM (Electrically Erasable Programmable Read Only Memory), EPROM, hard disk or ROM. The memory 320 has a memory space 330 for program code 331 for performing any of the method steps described above. For example, storage space 330 for program code may include various program code 331 for implementing various steps in the above methods, respectively. The program code can be read from or written to one or more computer program products. These computer program products include program code carriers such as hard disks, compact disks (CDs), memory cards or floppy disks. Such computer program products are typically portable or fixed storage units as described with reference to FIG. The storage unit may have a storage section, a storage space, and the like arranged similarly to the storage 320 in the server of FIG. The program code can be compressed, for example, in an appropriate form. Typically, the storage unit includes computer readable code 331 ', i.e., code that can be read by a processor, such as 310, which, when executed by a server, causes the server to perform various steps in the methods described above.
本文中所称的"一个实施例 "、 "实施例"或者"一个或者多个实施例 "意 味着, 结合实施例描述的特定特征、 结构或者特性包括在本发明的至少 一个实施例中。 此外, 请注意, 这里"在一个实施例中"的词语例子不一定 全指同一个实施例。  "an embodiment," or "an embodiment," or "an embodiment," In addition, it is noted that the phrase "in one embodiment" herein does not necessarily refer to the same embodiment.
在此处所提供的说明书中, 说明了大量具体细节。 然而, 能够理解, 本发明的实施例可以在没有这些具体细节的情况下被实践。 在一些实例 中, 并未详细示出公知的方法、 结构和技术, 以便不模糊对本说明书的 理解。  Numerous specific details are set forth in the description provided herein. However, it is understood that the embodiments of the invention may be practiced without these specific details. In some instances, well known methods, structures, and techniques have not been shown in detail so as not to obscure the description.
应该注意的是上述实施例对本发明进行说明而不是对本发明进行限 制, 并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计 出替换实施例。 在权利要求中, 不应将位于括号之间的任何参考符号构 造成对权利要求的限制。单词"包含"不排除存在未列在权利要求中的元件 或步骤。 位于元件之前的单词 "一"或"一个"不排除存在多个这样的元件。 本发明可以借助于包括有若干不同元件的硬件以及借助于适当编程的计 算机来实现。 在列举了若干装置的单元权利要求中, 这些装置中的若干 个可以是通过同一个硬件项来具体体现。 单词第一、 第二、 以及第三等 的使用不表示任何顺序。 可将这些单词解释为名称。  It is to be noted that the above-described embodiments are illustrative of the invention and are not intended to limit the scope of the invention, and those skilled in the art can devise alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as a limitation. The word "comprising" does not exclude the presence of the elements or steps that are not in the claims. The word "a" or "an" preceding a component does not exclude the presence of a plurality of such elements. The invention can be implemented by means of hardware comprising several distinct elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item. The use of the words first, second, and third does not indicate any order. These words can be interpreted as names.
此外, 还应当注意, 本说明书中使用的语言主要是为了可读性和教 导的目的而选择的, 而不是为了解释或者限定本发明的主题而选择的。 因此, 在不偏离所附权利要求书的范围和精神的情况下, 对于本技术领 域的普通技术人员来说许多修改和变更都是显而易见的。 对于本发明的 范围, 对本发明所做的公开是说明性的, 而非限制性的, 本发明的范围 由所附权利要求书限定。 In addition, it should be noted that the language used in the specification has been selected for the purpose of readability and teaching, and is not intended to be construed or limited. Therefore, many modifications and variations will be apparent to those skilled in the art without departing from the scope of the invention. The disclosure of the present invention is intended to be illustrative, and not restrictive, and the scope of the invention is defined by the appended claims.

Claims

权 利 要 求 、 一种运行应用程序的安全控制方法, 包括: Claims, a method of security control for running applications, including:
特征终端在 法连接特征服务端时, 获取应用程序的标识信息, 所 还特征服务端为基于内网对特征终端进行安全控制的服务端;  When the feature terminal connects to the feature server, the identity information of the application is obtained, and the feature server is a server that performs security control on the feature terminal based on the intranet;
侬据所述标识信息, 在特征终端预置的第一属性鉴定数据库中提取 所述应用程序的第一属性, 所述.第一属性包括对所述应用程序的安全性 分类:  And extracting, according to the identifier information, a first attribute of the application in a first attribute identification database preset by the feature terminal, where the first attribute includes a security classification of the application:
依据所述第一属性, 在特征终端预置的第二属性配置文件中提取所 述应用程序的第二属性, 所述第二属性包括与所述安全性分类相对应的 应用程序的执行策.略;  Determining, according to the first attribute, a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes an execution policy of the application corresponding to the security classification. slightly;
特征终端依据所述执行策略加载和 /或执 If所述应用程序。  The feature terminal loads and/or executes the application according to the execution policy.
2、 如杈利要求 1所述的方法, 所述应用程序包括请求访问的应用程 序.、 或特征终端安装的所有应用程序、 或特征终端安装的需要与特征服 务端保持连接的应用程序。  2. The method of claim 1, wherein the application comprises an application requesting access, or all applications installed by the feature terminal, or an application installed by the feature terminal that needs to remain connected to the feature server.
3、 如权利要求〗 所述的方法, 所述安全性分类包括黑文件、 白文件 和灰文件, 若所述第一属性鉴定数据庳中不存在所迷应用程序的标识信 息, 则判断所迷应用程序的安全性分类为灰文件。  3. The method according to claim, wherein the security classification includes a black file, a white file, and a gray file. If the identification information of the application program does not exist in the first attribute identification data, the judgment is confusing. The security of the application is classified as a gray file.
4、 如权利要求 3所迷的方法, 所述应用程序的安全性分类为黑文件 时, 对应的执行策.略为加载并执 If所述应用程序;  4. The method as claimed in claim 3, wherein when the security of the application is classified into a black file, the corresponding execution policy is slightly loaded and executed as the application;
所述应用程序的安全性分类为白文件时, 对应的执行策略为不加载 所述应用程序;  When the security of the application is classified into a white file, the corresponding execution policy is not loading the application;
所述应用程序的安全性分类为灰文件时, 对应的执行策略为执行所 述.应用程序的部分应用功能。  When the security of the application is classified into a gray file, the corresponding execution strategy is to execute a part of the application function of the application.
5、 如权利要求〗 所述的方法, 还包括:  5. The method according to claim, further comprising:
若所迷第一属性鉴定数据库中不存在所述应用程序的标识信息, 则 记录所述应用程序的标识信息。  If the identification information of the application does not exist in the first attribute identification database, the identification information of the application is recorded.
6、 如权利要求: 1或 5所述的方法, 还包括:  6. The method of claim 1 or 5, further comprising:
在特征终端连接上特征服务端时, 获取应用程序的标识信息发送到 所迷特征服务端进疔签定。  When the feature terminal is connected to the feature server, the identification information of the acquired application is sent to the feature server for signing.
Ί、 如权利要求 6所述的方法, 还包括:  The method of claim 6, further comprising:
接收特征服务端返回的所述应用程序的第一属性, 并将所述应用程 序的标识信息和第一属性的对应关系保存在所述第一属性鉴定数据库 中。 Receiving a first attribute of the application returned by the feature server, and receiving the application The correspondence between the identification information of the sequence and the first attribute is stored in the first attribute identification database.
8、 如权利要求〗 所迷的方法, 还包括:  8. The method as claimed in the claims further comprises:
依据特征服务端的第二属性配置文件, 对特征终端的第二属性配置 文件进行更新。  The second attribute configuration file of the feature terminal is updated according to the second attribute configuration file of the feature server.
9、 如权利要求 1所述的方法, 所述特征终端获取应用程序的标识信 息的步璨包括:  9. The method according to claim 1, wherein the step of the feature terminal acquiring the identification information of the application comprises:
特征终端提取应用程序对应的应用程序文件;  The feature terminal extracts an application file corresponding to the application;
采用预设算法将所述应用程序文件转换为对应的标识信息。  The application file is converted into corresponding identification information by using a preset algorithm.
10、 如权利要求 9 所述的方法, 所述应用程序文件的文件头中包含 预设关键词: 所述预设算法包括信息摘要算法。  10. The method according to claim 9, wherein the file header of the application file includes a preset keyword: the preset algorithm includes an information digest algorithm.
1 1、 一种运行应用程序的安全控制裝置, 包括:  1 1. A security control device for running an application, comprising:
标识信息获取模块, 适于特征终端在无法连接特征服务端时, 获馭 应用程序的标识信息, 所迷特征服务端为基于内网对特定终端进行安全 控制的服务端;  The identifier information obtaining module is adapted to obtain the identifier information of the application when the feature terminal is unable to connect to the feature server, and the feature server is a server that performs security control on the specific terminal based on the intranet;
第一属性获取模块,, 适于依据所述标识信息, 在特征终端預:置的第 一属性鉴定数据库中提取所迷应用程序的第一属性, 所迷第一属性包括 对所述应用程序的安全性分类:  a first attribute obtaining module, configured to extract, according to the identifier information, a first attribute of the application program in a first attribute identification database preset by the feature terminal, where the first attribute includes the application Security classification:
第二属性获取模块, 追于依据所述第一属性, 在特征终端预置的第 二属性配置文件中提取所述应用程序的第二属性, 所述第二属性包括与 所述安全性分类相对应的应用程序的执行策略;  a second attribute obtaining module, according to the first attribute, extracting a second attribute of the application in a second attribute configuration file preset by the feature terminal, where the second attribute includes The execution strategy of the corresponding application;
运行模块, 逸于特征终端依据所述执行策略加载和 /或执行所述应用 程序 o  Running a module, the feature terminal loading and/or executing the application according to the execution policy o
12、 如权利要求 1 1 所述的装置, 所述应用程序包括请求访问的应用 程序、 或特征终端安装的所有应用程序、 或特征终端安装的需要与特征 服务端保持连接的应用程序。  12. The apparatus of claim 1, wherein the application comprises an application requesting access, or all applications installed by the feature terminal, or an application installed by the feature terminal that needs to remain connected to the feature server.
13、 如权利要求 1 1 所述的装置, 所述安全性分类包括黑文件、 白文 件和灰.文件, 所述第一属性鉴定模块包括:  13. The apparatus according to claim 1, wherein the security classification comprises a black file, a white file, and a gray file. The first attribute authentication module includes:
灰文件鉴定子模块, 适于若所述第一属性鉴定数据库中不存在所述 应用程序的标识信息, 则判断所述应用程,序的安全性分类为灰文件。  The gray file identification sub-module is adapted to determine, if the identification information of the application is not included in the first attribute identification database, the security of the application is classified into a gray file.
14、 如权利要求 13所述的装置, 所述应用程序的安全性分类为嚴文 件时, 对应的执行策略为加截并执疔所述应用程序; 所述应用程序的安全性分类为白文件时, 对应的执行策咯为不加载 所述应用程序; 14. The apparatus according to claim 13, wherein when the security of the application is classified into a strict file, the corresponding execution policy is to intercept and execute the application; When the security of the application is classified into a white file, the corresponding execution policy is not loading the application;
所述应用程序的安全性分类为灰文件时, 对应的执行策略为执行所 迷应用程序的部分应用功能。  When the security of the application is classified into a gray file, the corresponding execution strategy is a part of the application function of executing the application.
〗5、 如权利要求 Π所述的装置, 还包括:  The device according to claim ,, further comprising:
记录模块, 适于若所述第一属性鉴定数据库中不存在所述应用程序 的标识信息 , 则记录所述应用程序的标识信息。  And a recording module, configured to: if the identification information of the application does not exist in the first attribute identification database, record the identification information of the application.
16 , 如权利要求 11或 15所迷的装置, 还.包括:  16. The apparatus of claim 11 or 15, further comprising:
鉴定模块, 适于在特征终端连接上特征服务端时, , 获取所述应用 程序的标识信息发送到所述特征服务端进行鉴定。  The authentication module is configured to: when the feature terminal is connected to the feature server, obtain the identifier information of the application and send the identifier to the feature server for authentication.
17 s 如权利要求 6所述的装置, 还包括:  17 s The apparatus according to claim 6, further comprising:
保存镆块, 适于接收所述特征服务端返回的所述应用程序的第一属 性, 并将所述应用程序的标识信息和第一属性的对应关系保存在所迷第 —属性鍫定数据库中。  The saving block is adapted to receive the first attribute of the application returned by the feature server, and save the correspondence between the identification information of the application and the first attribute in the first attribute setting database .
18、 如权利要求 11所迷的装置, 还.包括:  18. The apparatus of claim 11 further comprising:
更新模块, 适于侬据特征服务端的第二属性配置文件, 对特征终端 的第二属性配置文件进行更新。  The update module is adapted to update the second attribute configuration file of the feature terminal according to the second attribute configuration file of the feature server.
19 , 如权利要求 Π 所述的装置, 所述标识信息获取模块包括: 应用程序文件提取子模块, 适于特征終端提取应用程序对应的应用 程序文件;  The device according to claim ,, wherein the identifier information obtaining module comprises: an application file extracting submodule, configured to extract, by the feature terminal, an application file corresponding to the application;
转换子模块, 适于采用预设算法将所述.应用程序文件转換为对应的 标识信息。  The conversion submodule is adapted to convert the application file into corresponding identification information by using a preset algorithm.
20、 如权利要求 19所述的装置, 所述应用程序文件的文件头中包含 预设关键词; 所述预设算法包括信息摘要算法。  20. The apparatus according to claim 19, wherein a file header of the application file includes a preset keyword; and the preset algorithm includes an information digest algorithm.
21、 一种计算机程序, 包括计算机可读代码, 当所述计算机可读代 码在服务器上运行时, 导致所迷服务器执行根据权利要求 1-10 中的任一 个所迷的运行应用程序的安全控制方法。  21. A computer program comprising computer readable code, when said computer readable code is run on a server, causing said server to perform security control of a running application according to any of claims 1-10 method.
22 , 一种计算机可读介质, 其中存储了如权利要求 21 所迷的计算机 程序 o  22. A computer readable medium storing a computer program as claimed in claim 21
PCT/CN2013/083621 2012-11-14 2013-09-17 Security control method and device for running application WO2014075504A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2012104571648A CN102982275A (en) 2012-11-14 2012-11-14 Security control method and device for running applications
CN201210457164.8 2012-11-14

Publications (1)

Publication Number Publication Date
WO2014075504A1 true WO2014075504A1 (en) 2014-05-22

Family

ID=47856279

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/083621 WO2014075504A1 (en) 2012-11-14 2013-09-17 Security control method and device for running application

Country Status (2)

Country Link
CN (1) CN102982275A (en)
WO (1) WO2014075504A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102982275A (en) * 2012-11-14 2013-03-20 北京奇虎科技有限公司 Security control method and device for running applications
CN103646207A (en) * 2013-12-02 2014-03-19 北京奇虎科技有限公司 Method and device for managing security attribute of application program
CN104850775B (en) * 2014-02-14 2019-06-28 北京奇安信科技有限公司 A kind of identification method and device of applications security
WO2015165057A1 (en) * 2014-04-30 2015-11-05 华为技术有限公司 Method and device for hard disk drive to execute application code
CN105630584A (en) * 2015-06-16 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Operation control method and system of application program and terminal
CN109558708B (en) * 2018-11-30 2020-10-09 北京八分量信息科技有限公司 Application program operation control method, device and system based on safe multi-party computing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050125494A1 (en) * 2003-12-04 2005-06-09 Tsubasa System Co., Ltd. System environment regulation violation detecting method for client device
CN1900941A (en) * 2006-04-28 2007-01-24 傅玉生 Computer safety protective method based on software identity identifying technology
CN102982275A (en) * 2012-11-14 2013-03-20 北京奇虎科技有限公司 Security control method and device for running applications

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7895651B2 (en) * 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
CN101950339B (en) * 2010-09-14 2012-01-25 上海置水软件技术有限公司 Security protection method and system of computer
CN102012992B (en) * 2010-11-19 2012-11-21 奇智软件(北京)有限公司 Method and device for monitoring real-time protection document
CN102034058B (en) * 2010-11-25 2013-08-21 中国联合网络通信集团有限公司 Method for controlling safety of application software and terminal
CN102195987B (en) * 2011-05-31 2014-04-30 成都七巧软件有限责任公司 Distributed credibility authentication method and system thereof based on software product library
CN102693388B (en) * 2012-06-07 2014-03-19 腾讯科技(深圳)有限公司 Data safety protection processing system, method and storage medium
CN102737203B (en) * 2012-07-13 2015-10-21 珠海市君天电子科技有限公司 Virus defense method and system based on program parent-child gene relationship

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050125494A1 (en) * 2003-12-04 2005-06-09 Tsubasa System Co., Ltd. System environment regulation violation detecting method for client device
CN1900941A (en) * 2006-04-28 2007-01-24 傅玉生 Computer safety protective method based on software identity identifying technology
CN102982275A (en) * 2012-11-14 2013-03-20 北京奇虎科技有限公司 Security control method and device for running applications

Also Published As

Publication number Publication date
CN102982275A (en) 2013-03-20

Similar Documents

Publication Publication Date Title
US11294983B2 (en) Inferred user identity in content distribution
US20210042108A1 (en) Software container registry service
US11777951B2 (en) Data and source validation for equipment output data or equipment failure prediction using blockchains
US11509537B2 (en) Internet of things device discovery and deployment
CN110414268B (en) Access control method, device, equipment and storage medium
US10320940B1 (en) Managing generic data
US11409884B2 (en) Security profiling of system firmware and applications from an OOB appliance at a differentiated trust boundary
US8413130B2 (en) System and method for self policing of authorized configuration by end points
JP5396051B2 (en) Method and system for creating and updating a database of authorized files and trusted domains
WO2014075504A1 (en) Security control method and device for running application
JP5970141B2 (en) Method, boot loader, user trusted device, and system for executing software modules on a computer
EP3552098A1 (en) Operating system update management for enrolled devices
US20070208826A1 (en) System and method of storing data files at a remote storage facility
US9058490B1 (en) Systems and methods for providing a secure uniform resource locator (URL) shortening service
US20180102904A1 (en) Method and system for checking revocation status of digital certificates in a virtualization environment
JP2015528168A (en) Method and apparatus for pre-provisioning an authentication token for a mobile application
WO2020181809A1 (en) Data processing method and system based on interface checking, and computer device
JP2008015733A (en) Log management computer
WO2021139261A1 (en) Application deployment method and device, and medium
US11095666B1 (en) Systems and methods for detecting covert channels structured in internet protocol transactions
US11675619B2 (en) System and method of utilizing platform applications with information handling systems
CN112214769B (en) Active measurement system of Windows system based on SGX architecture
WO2023092316A1 (en) Third-party service login method and apparatus, terminal device, and storage medium
CN115941217B (en) Method for secure communication and related products
WO2023093139A1 (en) Resource creation method and apparatus, and electronic device and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13855832

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13855832

Country of ref document: EP

Kind code of ref document: A1