CN103685138A - Method and system for authenticating application software of Android platform on mobile internet - Google Patents
Method and system for authenticating application software of Android platform on mobile internet Download PDFInfo
- Publication number
- CN103685138A CN103685138A CN201210315275.5A CN201210315275A CN103685138A CN 103685138 A CN103685138 A CN 103685138A CN 201210315275 A CN201210315275 A CN 201210315275A CN 103685138 A CN103685138 A CN 103685138A
- Authority
- CN
- China
- Prior art keywords
- application software
- application
- certificate
- signature
- pid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a method and a system for authenticating application software of an Android platform on the mobile internet. The authenticating method comprises receiving by an authentication server a signature request of the application software, generating a key pair and sending a public key and an application identifier to a certificate authority center, receiving a signature certificate, signing a digital signature on the application software by using a private key, downloading by a terminal the signed application software, inquiring the installation information of the application software according to a process identifier, acquiring a user identifier from the installation information, judging whether a corresponding relation of the application identifier, the process identifier and the user identifier of the application software is stored, if not, then verifying the signature certificate and using the public key to check, establishing and storing the corresponding relation of the application identifier, the process identifier and the user identifier of the application software when the checking is successful, processing the business request and returning the business processing result. When the technical scheme of the invention is implemented, the authenticity, the integrality and the anti-counterfeit property of the source of the application software are guaranteed.
Description
Technical field
The present invention relates to mobile Internet information security field, relate in particular to authentication method and the system of the Android platform application software on a kind of mobile Internet.
Background technology
Day by day universal along with the mobile terminal based on Android system, the application software quantity growth based on Android is rapid, and the business function of the each side such as game, amusement, social activity, commercial affairs, travelling can be provided for user.But can see, Android system itself is open, for the authentication of application software, only requiring is only from signature, to the authenticity in its source, legitimacy, do not provide authentication, so also the distribution for various Malwares provides opportunity, for user's interests, also can cause damage.So in order to guarantee the safety of terminal applies and business, be necessary that authenticity, the legitimacy to application software authenticates, guarantee to only have the legal software being authorized to can carry out Operational Visit.
At present, conventionally use the authentication of application ID to application software, be specially: business platform is that application software is distributed a unique string ID who represents application software identity, and applied software development person can apply ID by this and be written in application software package.When user uses this accessible with application software business platform, this application software is carried this application ID to business platform initiating business request, whether business platform verification Application ID is effective, if effectively, think that this application software is real, and follow-up service request is all associated with this application ID.But, there is larger potential safety hazard in the method that adopts dispensing applications ID to carry out application software authentication: in one case, developer will apply ID and reveal to other developers, other developers can with this apply ID develop another personation application software, and business platform without any way can identify application ID be transferred use; In another case, because application ID is built in application software package, exist victim to crack the possibility of usurping after program package, for holding the application developer of applying ID, have no to discover.
Summary of the invention
The technical problem to be solved in the present invention is, for the authentication method of the above-mentioned application software of prior art, there is the defect of larger potential safety hazard, a kind of authentication method of application software is provided, can guarantees source authenticity, integrality, the anti-counterfeit property of application software.
The technical solution adopted for the present invention to solve the technical problems is: construct the authentication method of the Android platform application software on a kind of mobile Internet, comprising:
A. signature step; And
B. sign test step; Wherein,
Described steps A comprises:
A1. certificate server receives the signature request of application software, and described signature request comprises the application identities that certificate server distributes for this application software before applied software development;
A2. certificate server generates key pair, and described key is to comprising PKI and private key, and described PKI, described application identities are sent to certificate granting center, to apply for making signing certificate;
A3. the signing certificate of certificate server acceptance certificate authorization center made, described signing certificate comprises described PKI and described application identities, and uses described private key to carry out digital signature to this application software, to generate the Summary file after encryption;
Described step B comprises:
B1. the application software after terminal downloads signature, the application software after described signature comprises application software, Summary file, signing certificate after encrypting;
B2. when terminal receives service request, described service request comprises application identities and the process identification (PID) of this application software, and terminal is inquired about the mount message of this application software according to described process identification (PID), and from mount message, obtains the user ID of this application software;
B3. whether terminal judges stores the corresponding relation of application identities, process identification (PID) and the user ID of this application software, if so, performs step B5; If not, perform step B4;
B4. terminal is used the public keys of certificate authorization center to verify described signing certificate, and from described signing certificate, obtain described PKI, and the application software after using described PKI to this signature is carried out sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve the corresponding relation of application identities, process identification (PID) and the user ID of this application software, and perform step B5; If checking, without passing through, is returned to application software identification error information;
B5. service request described in terminal processes, and return to service processing result.
In the authentication method of the Android platform application software on mobile Internet of the present invention,
In steps A 3, use RSA Algorithm to carry out digital signature to this application software;
In step B4, use RSA Algorithm to carry out sign test to the application software after signing.
The present invention also constructs the Verification System of the Android platform application software on a kind of mobile Internet, it is characterized in that, comprise terminal and certificate server, and described certificate server comprises:
Signature request receiving element, for receiving the signature request of application software, and described signature request comprises the application identities that certificate server distributes for this application software before applied software development;
Signing certificate application unit, for generating key pair, described key is to comprising PKI and private key, and described PKI, described application identities are sent to certificate granting center, to apply for making signing certificate;
Signature unit, for the signing certificate of acceptance certificate authorization center made, described signing certificate comprises described PKI and described application identities, and uses described private key to carry out digital signature to this application software, to generate the Summary file after encryption;
Described terminal comprises:
Download unit, for the application software after download signed, the application software after described signature comprises Summary file, the signing certificate after application software, encryption;
Service request receiving element, be used for receiving service request, described service request comprises application identities and the process identification (PID) of this application software, and terminal is inquired about the mount message of this application software according to described process identification (PID), and from mount message, obtains the user ID of this application software;
Judging unit, for judging whether to store the corresponding relation of application identities, process identification (PID) and the user ID of this application software;
Sign test unit, for when not storing the corresponding relation of application identities, process identification (PID) and user ID of this application software, use the public keys of certificate authorization center to verify described signing certificate, and from described signing certificate, obtain described PKI, and the application software after using described PKI to this signature is carried out sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve the corresponding relation of application identities, process identification (PID) and the user ID of this application software; If checking, without passing through, is returned to application software identification error information;
Processing unit, for the corresponding relation storing the application identities of application software, process identification (PID) and user ID constantly, processes service request, and returns to service processing result.
In the Verification System of application software of the present invention,
Described signature unit is used RSA Algorithm to carry out digital signature to this application software;
Described sign test unit is used RSA Algorithm to carry out sign test to this application software.
Implement technical scheme of the present invention, before issuing by application software, application software is issued signing certificate and application software is signed, the mode of carrying out sign test during accessible with application software business platform is identified the true identity of application software, thereby guarantees source authenticity, integrality, the anti-counterfeit property of application software.In addition, the cryptographic algorithm of this programme based on PKI key and signature sign test, the security mechanism of binding operation system to process identification (PID), user ID allocation manager again, not only there is very high fail safe, simultaneously except authenticate first to application software verify process consuming time, whether subsequent authentication is just inquired about application identities, process identification (PID), user ID group relation and is existed, thereby have very high handling property.Further, this programme is owing to providing safety guarantee for the service operation based on mobile Internet, thereby provides strong support for various mobile e-business and all kinds of value-added service.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the flow chart of the authentication method embodiment mono-of the Android platform application software on mobile Internet of the present invention;
Fig. 2 is the flow chart of signature step embodiment mono-in the authentication method of the Android platform application software on mobile Internet of the present invention;
Fig. 3 is the flow chart of the sign test step embodiment mono-while authenticating first in the authentication method of the Android platform application software on mobile Internet of the present invention;
Fig. 4 is the flow chart of the sign test step embodiment mono-during subsequent authentication in the authentication method of the Android platform application software on mobile Internet of the present invention;
Fig. 5 is the logic diagram of the Verification System embodiment mono-of the Android platform application software on mobile Internet of the present invention.
Embodiment
The flow chart of the authentication method embodiment mono-of the Android platform application software on mobile Internet of the present invention as shown in Figure 1, the authentication method of this application software comprises
A. signature step; And
B. sign test step; Wherein,
Signature step comprises:
A1. certificate server receives the signature request of application software, and signature request comprises APPID(application identification, application identities), should illustrate and be, this APPID is the unique identification that certificate server distributes for this application software before applied software development, when program development, this APPID is implanted in the program package of application software;
A2. certificate server generates key pair, and key is to comprising PKI and private key, and PKI, APPID are sent to CA(Certificate Authority certificate granting) center, to apply for making signing certificate.About CA center, it should be noted that CA center is that an energy is signed and issued signing certificate to confirm the third party management organization of user identity to user.In order to prevent the forgery of digital certificate, the public keys at CA center must be reliably, and CA center must be announced its public keys or be provided an electronic certificate to prove the validity of its public keys by the authentication center of higher level.CA center, when issuing signing certificate, is packaged into signing certificate APPID and PKI, the digital signature at the necessary YouCA of the afterbody center of signing certificate.Because the digital signature at CA center can not be forged, so the signing certificate of this application software can not be forged.After CA center is passed through the identity title examination of this application software, just applicant is issued to signing certificate, the identity of this application software and signing certificate are mapped;
A3. the signing certificate of certificate server acceptance certificate authorization center made, signing certificate comprises PKI and APPID, and uses private key to carry out digital signature to this application software, to generate the Summary file after encryption.About digital signature, it should be noted that the hashed value (i.e. summary) that first generates 128 from application software.Then, with the private key of cipher key pair, this summary is encrypted to form digital signature.Then, this digital signature sends to the developer of application software using the annex as application software together with application software;
Sign test step comprises:
B1. the application software after terminal downloads signature, the application software after signature comprises application software, Summary file, signing certificate after encrypting;
B2. when terminal receives service request, service request comprises APPID and the PID(Process Identifier of this application software, process identification (PID)), terminal is inquired about the mount message of this application software according to PID, and from mount message, obtain the UID(user identifier of this application software, user ID);
B3. whether terminal judges stores APPID, the PID of this application software and the corresponding relation of UID, if so, performs step B5; If not, perform step B4;
B4. terminal is used the public keys certifying signature certificate at CA center, and from signing certificate, obtain PKI, and use public-key the application software after this signature is carried out to sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve APPID, the PID of this application software and the corresponding relation of UID, execution step B5; If checking, without passing through, is returned to application software identification error information.About sign test, whether pass through, it should be noted that first terminal calculates the hashed value of 128 (i.e. summary) from the application software receiving, and is then decrypted the Summary file after encrypting with PKI again.If two hashed values are identical, so just can confirm that this digital signature is certificate server; On the contrary, if two hashed values are not identical, so just can confirm that this digital signature is not certificate server;
B5. terminal processes service request, and return to service processing result.
In a preferred embodiment of the authentication method of application software of the present invention, in steps A 3, can use RSA Algorithm to carry out digital signature to this application software; In step B4, use RSA Algorithm to carry out sign test to the application software after signing.
Fig. 2 is the flow chart of signature step embodiment mono-in the authentication method of the Android platform application software on mobile Internet of the present invention, in applied software development link, applied software development person uploads application software to certificate server, and ask this application software to be signed, in the program package of this application software, implanted prior the distributed APPID of certificate server; Certificate server generates PKI key pair, and the information such as APPID, Application Software Program bag name, PKI are submitted at Bing Xiang CA center to, Yi Xiang CA center application signing certificate.After the success of certificate server XiangCA center application signing certificate, use private key to carry out digital signature to application software, according to Android program package signing certificate form, be substituted into original exploitation Debug certificate, application signature completes, and person has signed to notify applied software development, the application software of developer from platform download signed, the application software after signature can be published to the enterprising enforcement of user terminal and use.
Fig. 3 is the flow chart of the sign test step embodiment mono-while authenticating first in the authentication method of the Android platform application software on mobile Internet of the present invention, first explanation is, authentication proxy is installation and operation software on customer mobile terminal, for the application software on terminal equipment, identifies and access control.Authenticating in link first, first terminal should download to the application software after signature in terminal.Then, the application software in terminal is to authentication proxy (Agent) initiating business request, and carries PID and the APPID of application software self.Then, authentication proxy, according to PID query manipulation system process information and mount message, obtains the program package information of the application software that PID is corresponding, comprises the UID information of package file path, application software in these information.Subsequently, authentication proxy is used the PKI at built-in platform CA center to verify signing certificate, guarantee the authenticity of certificate and the correctness of the APPID that the inside comprises, and to the application software sign test of signing, if sign test by; represent that application package is not tampered, is real, otherwise directly return to identification mistake.In addition, if checking is passed through, authentication proxy also sets up and preserves PID, UID, APPID triplet information.Finally, when sign test is passed through, authentication proxy is according to the authorisation process service request of application software and return to service processing result.
Fig. 4 is the flow chart of the sign test step embodiment mono-during subsequent authentication in the authentication method of the Android platform application software on mobile Internet of the present invention, in subsequent authentication link, application software, to authentication proxy's initiating business request, is carried PID and the APPID of application self.Then, authentication proxy is according to PID query manipulation system process information and application mount message, obtain APPID, the UID of the application software that PID is corresponding, then judge whether to have existed PID, UID, APPID triplet information, if tlv triple does not exist, represent that this application software, not yet by application authorization, proceeds to the sign test name handling process authenticating first in link, application software is re-started to authentication; If tlv triple exists, represent application software by application authorization, be real, continue Business Processing, authentication proxy is according to the authorisation process service request of application software and return to service processing result.
Fig. 5 is the logic diagram of the Verification System embodiment mono-of the Android platform application software on mobile Internet of the present invention, and the Verification System of this application software comprises certificate server 10 and terminal 20.And certificate server 10 comprises signature request receiving element 11, signing certificate application unit 12 and signature unit 13; Terminal 20 comprises download unit 21, service request receiving element 22, judging unit 23, sign test unit 24 and processing unit 25.Wherein, in software development link, signature request receiving element 11 is for receiving the signature request of application software, and signature request comprises the APPID that certificate server 10 distributes for this application software before applied software development; Signing certificate application unit 12 is for generating key pair, and key is to comprising PKI and private key, and PKI, APPID are sent to CA center, to apply for making signing certificate; Signature unit 13 is for receiving the signing certificate of CA center made, and signing certificate comprises PKI and APPID, and uses private key to carry out digital signature to this application software, to generate the Summary file after encryption.In authentication link, download unit 21 is for the application software after download signed, and the application software after signature comprises Summary file, the signing certificate after application software, encryption; Service request receiving element 22 is for receiving service request, and service request comprises APPID and the PID of this application software, and terminal is inquired about the mount message of this application software according to PID, and from mount message, obtains the UID of this application software; Judging unit 23 is for judging whether to store APPID, the PID of this application software and the corresponding relation of UID; Sign test unit 24 is not for when storing APPID, the PID of this application software and the corresponding relation of UID, use the public keys certifying signature certificate at CA center, and from signing certificate, obtain PKI, and use public-key the application software after this signature is carried out to sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve APPID, the PID of this application software and the corresponding relation of UID; If checking, without passing through, is returned to application software identification error information; Processing unit 25 for the corresponding relation storing the APPID of application software, PID and UID constantly, is processed service request, and is returned to service processing result.
In a preferred embodiment of the Verification System of application software of the present invention, signature unit 13 can be used RSA Algorithm to carry out digital signature to this application software; Sign test unit 24 can be used RSA Algorithm to carry out sign test to this application software.
These are only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., within all should being included in claim scope of the present invention.
Claims (4)
1. an authentication method for the Android platform application software on mobile Internet, is characterized in that, comprising:
A. signature step; And
B. sign test step; Wherein,
Described steps A comprises:
A1. certificate server receives the signature request of application software, and described signature request comprises the application identities that certificate server distributes for this application software before applied software development;
A2. certificate server generates key pair, and described key is to comprising PKI and private key, and described PKI, described application identities are sent to certificate granting center, to apply for making signing certificate;
A3. the signing certificate of certificate server acceptance certificate authorization center made, described signing certificate comprises described PKI and described application identities, and uses described private key to carry out digital signature to this application software, to generate the Summary file after encryption;
Described step B comprises:
B1. the application software after terminal downloads signature, the application software after described signature comprises application software, Summary file, signing certificate after encrypting;
B2. when terminal receives service request, described service request comprises application identities and the process identification (PID) of this application software, and terminal is inquired about the mount message of this application software according to described process identification (PID), and from mount message, obtains the user ID of this application software;
B3. whether terminal judges stores the corresponding relation of application identities, process identification (PID) and the user ID of this application software, if so, performs step B5; If not, perform step B4;
B4. terminal is used the public keys of certificate authorization center to verify described signing certificate, and from described signing certificate, obtain described PKI, and the application software after using described PKI to this signature is carried out sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve the corresponding relation of application identities, process identification (PID) and the user ID of this application software, and perform step B5; If checking, without passing through, is returned to application software identification error information;
B5. service request described in terminal processes, and return to service processing result.
2. the authentication method of the Android platform application software on mobile Internet according to claim 1, is characterized in that,
In steps A 3, use RSA Algorithm to carry out digital signature to this application software;
In step B4, use RSA Algorithm to carry out sign test to the application software after signing.
3. a Verification System for the Android platform application software on mobile Internet, is characterized in that, comprise terminal and certificate server, and described certificate server comprises:
Signature request receiving element, for receiving the signature request of application software, and described signature request comprises the application identities that certificate server distributes for this application software before applied software development;
Signing certificate application unit, for generating key pair, described key is to comprising PKI and private key, and described PKI, described application identities are sent to certificate granting center, to apply for making signing certificate;
Signature unit, for the signing certificate of acceptance certificate authorization center made, described signing certificate comprises described PKI and described application identities, and uses described private key to carry out digital signature to this application software, to generate the Summary file after encryption;
Described terminal comprises:
Download unit, for the application software after download signed, the application software after described signature comprises Summary file, the signing certificate after application software, encryption;
Service request receiving element, be used for receiving service request, described service request comprises application identities and the process identification (PID) of this application software, and terminal is inquired about the mount message of this application software according to described process identification (PID), and from mount message, obtains the user ID of this application software;
Judging unit, for judging whether to store the corresponding relation of application identities, process identification (PID) and the user ID of this application software;
Sign test unit, for when not storing the corresponding relation of application identities, process identification (PID) and user ID of this application software, use the public keys of certificate authorization center to verify described signing certificate, and from described signing certificate, obtain described PKI, and the application software after using described PKI to this signature is carried out sign test, to generate the Summary file after deciphering, if sign test is passed through, set up and preserve the corresponding relation of application identities, process identification (PID) and the user ID of this application software; If checking, without passing through, is returned to application software identification error information;
Processing unit, for the corresponding relation storing the application identities of application software, process identification (PID) and user ID constantly, processes service request, and returns to service processing result.
4. the Verification System of the Android platform application software on mobile Internet according to claim 3, is characterized in that,
Described signature unit is used RSA Algorithm to carry out digital signature to this application software;
Described sign test unit is used RSA Algorithm to carry out sign test to this application software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210315275.5A CN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210315275.5A CN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685138A true CN103685138A (en) | 2014-03-26 |
| CN103685138B CN103685138B (en) | 2016-12-21 |
Family
ID=50321479
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210315275.5A Active CN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685138B (en) |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103944903A (en) * | 2014-04-23 | 2014-07-23 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN104063656A (en) * | 2014-07-07 | 2014-09-24 | 浪潮软件集团有限公司 | Method for realizing application program management and control under Android platform |
| CN104298522A (en) * | 2014-09-22 | 2015-01-21 | 联想(北京)有限公司 | Information processing method and first electronic device |
| CN104811312A (en) * | 2015-05-25 | 2015-07-29 | 王旭东 | Terminal course identity authentication method based on center authorization |
| CN105095696A (en) * | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| CN105357012A (en) * | 2015-10-26 | 2016-02-24 | 上海易码信息科技有限公司 | Authentication method for mobile application not depending on local private key |
| CN105631249A (en) * | 2014-10-30 | 2016-06-01 | 江苏威盾网络科技有限公司 | Distributed software controllable authorization system and method |
| CN105701375A (en) * | 2016-01-04 | 2016-06-22 | 上海斐讯数据通信技术有限公司 | Password input processing method and system and electronic device |
| CN105786551A (en) * | 2014-12-26 | 2016-07-20 | 北京元心科技有限公司 | Application program operation access control method and system |
| CN106155663A (en) * | 2015-04-15 | 2016-11-23 | 中兴通讯股份有限公司 | The method and apparatus of application program loading code signature |
| CN106446612A (en) * | 2016-09-12 | 2017-02-22 | 珠海市魅族科技有限公司 | Subject trial method and device |
| CN106921496A (en) * | 2015-12-25 | 2017-07-04 | 卓望数码技术(深圳)有限公司 | A kind of digital signature method and system |
| CN107135074A (en) * | 2016-02-29 | 2017-09-05 | 中兴通讯股份有限公司 | A kind of advanced security method and apparatus |
| CN107231367A (en) * | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
| CN107241298A (en) * | 2016-03-29 | 2017-10-10 | 阿里巴巴集团控股有限公司 | One kind application management-control method, terminal and system |
| WO2017185889A1 (en) * | 2016-04-29 | 2017-11-02 | 腾讯科技(深圳)有限公司 | Application installation package detection method and detection device, and computer readable storage medium |
| CN107392589A (en) * | 2017-07-01 | 2017-11-24 | 武汉天喻信息产业股份有限公司 | Android system intelligence POS system, safe verification method, storage medium |
| CN107426149A (en) * | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN107506207A (en) * | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN107592202A (en) * | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
| CN107608678A (en) * | 2017-08-22 | 2018-01-19 | 深圳传音控股有限公司 | The determination methods and mobile terminal of relevance between process |
| CN107612697A (en) * | 2017-10-20 | 2018-01-19 | 阿里巴巴集团控股有限公司 | Applying digital certificate method and apparatus |
| CN107733636A (en) * | 2016-08-11 | 2018-02-23 | 中国电信股份有限公司 | Authentication method and Verification System |
| CN107743115A (en) * | 2016-12-22 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of identity identifying method of terminal applies, device and system |
| CN108121640A (en) * | 2017-12-29 | 2018-06-05 | 北京奇虎科技有限公司 | A kind of method and system for the operation data of acquisition application automatically |
| CN108141367A (en) * | 2015-09-30 | 2018-06-08 | 微软技术许可有限责任公司 | Code signing service |
| CN108282332A (en) * | 2018-01-23 | 2018-07-13 | 北京深思数盾科技股份有限公司 | A kind of data signature method and device |
| CN108322466A (en) * | 2018-02-02 | 2018-07-24 | 深圳市欧乐在线技术发展有限公司 | Verification method, server and the readable storage medium storing program for executing of APK based on Android |
| CN108595956A (en) * | 2018-04-26 | 2018-09-28 | 腾讯科技(深圳)有限公司 | The stolen recognition methods of digital signature and device, electronic equipment, storage medium |
| CN109450643A (en) * | 2018-11-05 | 2019-03-08 | 四川长虹电器股份有限公司 | The signature sign test method realized in Android platform based on native service |
| CN109522202A (en) * | 2017-09-18 | 2019-03-26 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of software test |
| CN110209416A (en) * | 2019-05-31 | 2019-09-06 | 彩讯科技股份有限公司 | Application software update method, device, terminal and storage medium |
| WO2019178828A1 (en) * | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
| CN110460588A (en) * | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
| CN110532796A (en) * | 2019-07-23 | 2019-12-03 | 深圳壹账通智能科技有限公司 | File encryption management method, system and computer readable storage medium |
| CN110599128A (en) * | 2019-09-12 | 2019-12-20 | 凡普数字技术有限公司 | Method, device and storage medium for checking attendance of staff |
| CN110674491A (en) * | 2019-09-29 | 2020-01-10 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN112131597A (en) * | 2019-10-22 | 2020-12-25 | 刘高峰 | Method and device for generating encrypted information and intelligent equipment |
| CN112805702A (en) * | 2019-03-07 | 2021-05-14 | 华为技术有限公司 | Counterfeit APP identification method and device |
| CN112956156A (en) * | 2021-03-08 | 2021-06-11 | 华为技术有限公司 | Certificate application method and device |
| CN114547593A (en) * | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
| CN115022091A (en) * | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
| WO2023103316A1 (en) * | 2021-12-07 | 2023-06-15 | 西安广和通无线通信有限公司 | Application management method and related product |
| US11909807B2 (en) | 2022-05-18 | 2024-02-20 | Demostack, Inc. | Local recording for demonstration of web-based software applications |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102215488A (en) * | 2011-05-27 | 2011-10-12 | 中国联合网络通信集团有限公司 | Smart phone digital certificate application method and system |
| JP2012063960A (en) * | 2010-09-15 | 2012-03-29 | Ricoh Co Ltd | Application development equipment and information processing equipment |
| CN102469092A (en) * | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Method and system for realizing safety protection mechanism in mobile phone application |
-
2012
- 2012-08-30 CN CN201210315275.5A patent/CN103685138B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012063960A (en) * | 2010-09-15 | 2012-03-29 | Ricoh Co Ltd | Application development equipment and information processing equipment |
| CN102469092A (en) * | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Method and system for realizing safety protection mechanism in mobile phone application |
| CN102215488A (en) * | 2011-05-27 | 2011-10-12 | 中国联合网络通信集团有限公司 | Smart phone digital certificate application method and system |
Cited By (63)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015161682A1 (en) * | 2014-04-23 | 2015-10-29 | 福建联迪商用设备有限公司 | Multi-party authorized apk signing method and system |
| CN103944903A (en) * | 2014-04-23 | 2014-07-23 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN103944903B (en) * | 2014-04-23 | 2017-02-15 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN104063656A (en) * | 2014-07-07 | 2014-09-24 | 浪潮软件集团有限公司 | Method for realizing application program management and control under Android platform |
| CN104298522A (en) * | 2014-09-22 | 2015-01-21 | 联想(北京)有限公司 | Information processing method and first electronic device |
| CN104298522B (en) * | 2014-09-22 | 2018-08-31 | 联想(北京)有限公司 | A kind of information processing method and the first electronic equipment |
| CN105631249A (en) * | 2014-10-30 | 2016-06-01 | 江苏威盾网络科技有限公司 | Distributed software controllable authorization system and method |
| CN105786551A (en) * | 2014-12-26 | 2016-07-20 | 北京元心科技有限公司 | Application program operation access control method and system |
| CN106155663A (en) * | 2015-04-15 | 2016-11-23 | 中兴通讯股份有限公司 | The method and apparatus of application program loading code signature |
| CN104811312A (en) * | 2015-05-25 | 2015-07-29 | 王旭东 | Terminal course identity authentication method based on center authorization |
| CN105095696A (en) * | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| CN105095696B (en) * | 2015-06-25 | 2018-10-16 | 三星电子(中国)研发中心 | Method, system and the equipment of safety certification are carried out to application program |
| CN108141367A (en) * | 2015-09-30 | 2018-06-08 | 微软技术许可有限责任公司 | Code signing service |
| CN105357012A (en) * | 2015-10-26 | 2016-02-24 | 上海易码信息科技有限公司 | Authentication method for mobile application not depending on local private key |
| CN106921496A (en) * | 2015-12-25 | 2017-07-04 | 卓望数码技术(深圳)有限公司 | A kind of digital signature method and system |
| CN105701375A (en) * | 2016-01-04 | 2016-06-22 | 上海斐讯数据通信技术有限公司 | Password input processing method and system and electronic device |
| CN107135074A (en) * | 2016-02-29 | 2017-09-05 | 中兴通讯股份有限公司 | A kind of advanced security method and apparatus |
| CN107241298B (en) * | 2016-03-29 | 2020-06-23 | 阿里巴巴集团控股有限公司 | Application control method, terminal and system |
| CN107241298A (en) * | 2016-03-29 | 2017-10-10 | 阿里巴巴集团控股有限公司 | One kind application management-control method, terminal and system |
| US10868804B2 (en) | 2016-04-29 | 2020-12-15 | Tencent Technology (Shenzhen) Company Limited | Application package inspection method, inspection device and computer-readable storage medium |
| WO2017185889A1 (en) * | 2016-04-29 | 2017-11-02 | 腾讯科技(深圳)有限公司 | Application installation package detection method and detection device, and computer readable storage medium |
| CN107733636B (en) * | 2016-08-11 | 2021-03-02 | 中国电信股份有限公司 | Authentication method and authentication system |
| CN107733636A (en) * | 2016-08-11 | 2018-02-23 | 中国电信股份有限公司 | Authentication method and Verification System |
| CN106446612A (en) * | 2016-09-12 | 2017-02-22 | 珠海市魅族科技有限公司 | Subject trial method and device |
| CN107743115A (en) * | 2016-12-22 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of identity identifying method of terminal applies, device and system |
| CN107743115B (en) * | 2016-12-22 | 2021-02-02 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system for terminal application |
| CN107426149A (en) * | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN107231367A (en) * | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
| CN107392589A (en) * | 2017-07-01 | 2017-11-24 | 武汉天喻信息产业股份有限公司 | Android system intelligence POS system, safe verification method, storage medium |
| CN107392589B (en) * | 2017-07-01 | 2023-08-01 | 武汉天喻信息产业股份有限公司 | Android system intelligent POS system, security verification method and storage medium |
| CN107506207A (en) * | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN107506207B (en) * | 2017-07-07 | 2021-04-20 | 上海汇尔通信息技术有限公司 | Security verification method of POS machine and terminal |
| CN107608678A (en) * | 2017-08-22 | 2018-01-19 | 深圳传音控股有限公司 | The determination methods and mobile terminal of relevance between process |
| CN109522202A (en) * | 2017-09-18 | 2019-03-26 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of software test |
| CN107592202A (en) * | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
| CN107592202B (en) * | 2017-09-20 | 2021-08-13 | 阿里巴巴(中国)有限公司 | Application signature method, device, system, computing equipment and storage medium |
| US11106776B2 (en) | 2017-10-20 | 2021-08-31 | Advanced New Technologies Co., Ltd. | Digital certificate application |
| US11106775B2 (en) | 2017-10-20 | 2021-08-31 | Advanced New Technologies Co., Ltd. | Digital certificate application |
| CN107612697A (en) * | 2017-10-20 | 2018-01-19 | 阿里巴巴集团控股有限公司 | Applying digital certificate method and apparatus |
| CN107612697B (en) * | 2017-10-20 | 2020-04-14 | 阿里巴巴集团控股有限公司 | Digital certificate application method and device |
| CN108121640A (en) * | 2017-12-29 | 2018-06-05 | 北京奇虎科技有限公司 | A kind of method and system for the operation data of acquisition application automatically |
| CN108282332A (en) * | 2018-01-23 | 2018-07-13 | 北京深思数盾科技股份有限公司 | A kind of data signature method and device |
| CN108322466A (en) * | 2018-02-02 | 2018-07-24 | 深圳市欧乐在线技术发展有限公司 | Verification method, server and the readable storage medium storing program for executing of APK based on Android |
| WO2019178828A1 (en) * | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
| CN108595956A (en) * | 2018-04-26 | 2018-09-28 | 腾讯科技(深圳)有限公司 | The stolen recognition methods of digital signature and device, electronic equipment, storage medium |
| CN108595956B (en) * | 2018-04-26 | 2023-02-17 | 腾讯科技(深圳)有限公司 | Method and device for identifying embezzlement of digital signature, electronic equipment and storage medium |
| CN110460588A (en) * | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
| CN110460588B (en) * | 2018-05-31 | 2022-11-22 | 腾讯科技(深圳)有限公司 | Method, device, computer system and storage medium for realizing information verification |
| CN109450643A (en) * | 2018-11-05 | 2019-03-08 | 四川长虹电器股份有限公司 | The signature sign test method realized in Android platform based on native service |
| CN112805702A (en) * | 2019-03-07 | 2021-05-14 | 华为技术有限公司 | Counterfeit APP identification method and device |
| CN110209416A (en) * | 2019-05-31 | 2019-09-06 | 彩讯科技股份有限公司 | Application software update method, device, terminal and storage medium |
| CN110532796A (en) * | 2019-07-23 | 2019-12-03 | 深圳壹账通智能科技有限公司 | File encryption management method, system and computer readable storage medium |
| WO2021012563A1 (en) * | 2019-07-23 | 2021-01-28 | 深圳壹账通智能科技有限公司 | File encryption management method and system, and computer readable storage medium |
| CN110599128A (en) * | 2019-09-12 | 2019-12-20 | 凡普数字技术有限公司 | Method, device and storage medium for checking attendance of staff |
| CN110674491A (en) * | 2019-09-29 | 2020-01-10 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN110674491B (en) * | 2019-09-29 | 2022-02-01 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN112131597A (en) * | 2019-10-22 | 2020-12-25 | 刘高峰 | Method and device for generating encrypted information and intelligent equipment |
| CN114547593A (en) * | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
| CN112956156A (en) * | 2021-03-08 | 2021-06-11 | 华为技术有限公司 | Certificate application method and device |
| WO2023103316A1 (en) * | 2021-12-07 | 2023-06-15 | 西安广和通无线通信有限公司 | Application management method and related product |
| US11909807B2 (en) | 2022-05-18 | 2024-02-20 | Demostack, Inc. | Local recording for demonstration of web-based software applications |
| CN115022091B (en) * | 2022-08-04 | 2022-12-16 | 亿次网联(杭州)科技有限公司 | Autonomous authorization method and system based on digital certificate |
| CN115022091A (en) * | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685138B (en) | 2016-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103685138A (en) | Method and system for authenticating application software of Android platform on mobile internet | |
| US10447486B2 (en) | Remote attestation of a security module's assurance level | |
| CN111429254B (en) | Business data processing method and device and readable storage medium | |
| CN110532735B (en) | Firmware upgrading method | |
| CN109819443B (en) | Registration authentication method, device and system based on block chain | |
| CN108834144B (en) | Method and system for managing association of operator number and account | |
| CN112311735B (en) | Credible authentication method, network equipment, system and storage medium | |
| CN103107996B (en) | Digital certificate download online method and system, digital certificate are provided platform | |
| CN110348853B (en) | Block chain off-line transaction method and system based on identification authentication | |
| CN103888252A (en) | UID, PID, and APPID-based control application access permission method | |
| JP2004265026A (en) | Application authentication system and device | |
| CN106230784A (en) | A kind of device authentication method and device | |
| CN106452782A (en) | Method and system for producing a secure communication channel for terminals | |
| CN104639506B (en) | Method, system and the terminal for carrying out management and control are installed to application program | |
| CN112115205B (en) | Cross-chain trust method, device, equipment and medium based on digital certificate authentication | |
| CN106936588B (en) | Hosting method, device and system of hardware control lock | |
| CN112165382B (en) | Software authorization method and device, authorization server side and terminal equipment | |
| CN110381075B (en) | Block chain-based equipment identity authentication method and device | |
| CN104753674A (en) | Application identity authentication method and device | |
| CN111311258B (en) | Block chain-based trusted transaction method, device, system, equipment and medium | |
| CN106060078A (en) | User information encryption method, user registration method and user validation method applied to cloud platform | |
| CN112291201B (en) | Service request transmission method and device and electronic equipment | |
| CN113312664B (en) | User data authorization method and user data authorization system | |
| CN111460457A (en) | Real estate property registration supervision method, device, electronic equipment and storage medium | |
| WO2011139135A1 (en) | System and method for issuing endorsement key credential in trusted computing environment using local certificate authority |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |