CN105184163A - Security protection method and apparatus for software system - Google Patents
Security protection method and apparatus for software system Download PDFInfo
- Publication number
- CN105184163A CN105184163A CN201510546485.9A CN201510546485A CN105184163A CN 105184163 A CN105184163 A CN 105184163A CN 201510546485 A CN201510546485 A CN 201510546485A CN 105184163 A CN105184163 A CN 105184163A
- Authority
- CN
- China
- Prior art keywords
- software systems
- article
- destination software
- type system
- numerical value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The disclosure relates to a security protection method and apparatus for a software system, and belongs to the technical field of software. The method comprises: during software compiling, calling a specified type system to perform static check on a target software system; and if the target software system does not pass static check, then determining that the software system is unsecure, wherein the specified type system is a type system corresponding to a programming language adopted by the target software system. According to the security protection method and apparatus, the specified type system is called to perform static check on the target software system during software compiling; it is determined that the software system is unsecure if the target software system does not pass static check; the static check is performed during compiling through the type system, so that errors can be discovered during compiling, and misoperations and dirty data are prevented from being generated as far as possible; and once software compiling is passed, the correctness can be ensured, runtime errors and attacks do not occur, and the security of the software system is ensured logically.
Description
Technical field
The disclosure relates to software technology field, particularly a kind of safety protecting method of software systems and device.
Background technology
Software systems refer to the computer software be made up of system software, support programs and application software, and it is the part be made up of software in computer system.Along with the fast development of internet and improving constantly of the level of informatization, software systems are widely used in the every field such as politics, finance, culture, military project, therefore ensure that the security of software systems highlights day by day.
Correlation technique, when carrying out security protection to software systems, relies on QA (QualityAssurance, quality assurance) to test or unit testing realization usually.Wherein, QA test refers to and the test point of specifying at some is tested.Unit testing refers to and checks the most I test cell in software and verify.The two test phase all after having compiled carries out.
Summary of the invention
For overcoming Problems existing in correlation technique, the disclosure provides a kind of safety protecting method and device of software systems.
According to the first aspect of disclosure embodiment, provide a kind of safety protecting method of software systems, described method comprises:
During software translating, call specified type system and static check is carried out to destination software systems;
If described destination software systems is not by described static check, then determine that described software systems are dangerous;
Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
In another embodiment, described in call specified type system static check carried out to destination software systems, comprising:
Call described specified type system, primary sources operation inspection is carried out to described destination software systems;
If described destination software systems is non-feedback error prompting when performing the operation of described primary sources, then determine that described destination software systems does not pass through static check;
Wherein, described primary sources are operating as the operation except secondary sources operation, and described secondary sources operation is the operation that described destination software systems allows to perform.
In another embodiment, when described destination software systems is article trading software systems, described secondary sources operation comprises:
Once set is selected to article and carry out numerical value jump operation; Or,
To the article selected set executable operations not completing numerical value jump operation; Or,
Set is selected to the article of stores and carries out numerical value jump operation; Or,
Interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or,
Never carry out removing article in the selected set of article of numerical value jump operation; Or,
Set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
In another embodiment, described in call described specified type system static check carried out to described destination software systems, comprising:
Call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article add operation; If do not receive the first operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or,
Call described specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or,
Call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check.
In another embodiment, described method also comprises:
If described destination software systems is by described static check, then determine described destination software systems safety.
According to the second aspect of disclosure embodiment, provide a kind of safety device of software systems, described device comprises:
Checking module, for during software translating, calls specified type system and carries out static check to destination software systems;
Determination module, for when described destination software systems is not by described static check, determines that described destination software systems is dangerous;
Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
In another embodiment, described device also comprises: described checking module, for calling described specified type system, carries out primary sources operation inspection to described destination software systems; If described destination software systems is non-feedback error prompting when performing the operation of described primary sources, then determine that described destination software systems does not pass through static check; Wherein, described primary sources are operating as the operation except secondary sources operation, and described secondary sources operation is the operation that described destination software systems allows to perform.
In another embodiment, when described destination software systems is article trading software systems, described secondary sources operation comprises: once select set to article and carry out numerical value jump operation; Or, to the article selected set executable operations not completing numerical value jump operation; Or, set is selected to the article of stores and carries out numerical value jump operation; Or interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or, never carry out removing article in the selected set of article of numerical value jump operation; Or, set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
In another embodiment, described checking module, for calling described specified type system, carrying out article and adding operation in the selected set of the article completing numerical value jump operation; If do not receive the first operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or, call described specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or, call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check.
In another embodiment, described checking module, for when described destination software systems is by described static check, determines described destination software systems safety.
According to the third aspect of disclosure embodiment, a kind of safety device of software systems is provided, comprises:
Processor;
For the storer of storage of processor executable instruction;
Wherein, described processor is configured to: during software translating, calls specified type system and carries out static check to destination software systems; If described destination software systems is not by described static check, then determine that described software systems are dangerous; Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
The technical scheme that embodiment of the present disclosure provides can comprise following beneficial effect:
During software translating, call specified type system and static check is carried out to destination software systems; If destination software systems does not pass through static check, then determine that software systems are dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
Should be understood that, it is only exemplary and explanatory that above general description and details hereinafter describe, and can not limit the disclosure.
Accompanying drawing explanation
Accompanying drawing to be herein merged in instructions and to form the part of this instructions, shows embodiment according to the invention, and is used from instructions one and explains principle of the present invention.
Fig. 1 is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment.
Fig. 2 a is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment.
Fig. 2 b is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment.
Fig. 3 is the block diagram of the safety device of a kind of software systems according to an exemplary embodiment.
Fig. 4 is the block diagram of the safety device of a kind of software systems according to an exemplary embodiment.
Embodiment
Here will be described exemplary embodiment in detail, its sample table shows in the accompanying drawings.When description below relates to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawing represents same or analogous key element.Embodiment described in following exemplary embodiment does not represent all embodiments consistent with the present invention.On the contrary, they only with as in appended claims describe in detail, the example of apparatus and method that aspects more of the present invention are consistent.
Fig. 1 is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment, as shown in Figure 1, comprises the following steps.
In a step 101, during software translating, call specified type system and static check is carried out to destination software systems.
Wherein, specified type system is the type system corresponding with the programming language that destination software systems adopts.
In a step 102, if destination software systems is not by static check, then determine that software systems are dangerous.
The method that disclosure embodiment provides, during software translating, calls specified type system and carries out static check to destination software systems; If destination software systems does not pass through static check, then determine that software systems are dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
In another embodiment, call specified type system and static check carried out to destination software systems, comprising:
Call specified type system, primary sources operation inspection is carried out to destination software systems;
If destination software systems is non-feedback error prompting when performing primary sources operation, then determine that destination software systems does not pass through static check;
Wherein, primary sources are operating as the operation except secondary sources operation, and secondary sources operation is the operation that destination software systems allows to perform.
In another embodiment, when destination software systems is article trading software systems, secondary sources operation comprises:
Once set is selected to article and carry out numerical value jump operation; Or,
To the article selected set executable operations not completing numerical value jump operation; Or,
Set is selected to the article of stores and carries out numerical value jump operation; Or,
Interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or,
Never carry out removing article in the selected set of article of numerical value jump operation; Or,
Set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
In another embodiment, call specified type system and static check carried out to destination software systems, comprising:
Call specified type system, in the selected set of the article completing numerical value jump operation, carry out article add operation; If do not receive the first operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or,
Call specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or,
Call specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check.
In another embodiment, the method also comprises:
If destination software systems by static check, then determines destination software systems safety.
Above-mentioned all alternatives, can adopt and combine arbitrarily formation embodiment of the present disclosure, this is no longer going to repeat them.
Fig. 2 a is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment, see Fig. 2 a, comprises the following steps.
In step 201a, during software translating, call specified type system and primary sources operation inspection is carried out to destination software systems.
Wherein, primary sources are operating as the operation except secondary sources operation, and secondary sources operation is the operation that destination software systems allows to perform.Also namely, secondary sources operation is echoed mutually with the design requirement of destination software systems.Secondary sources operate the correspondence expectation function of software requirement person to destination software systems.And primary sources operation is by chance the operation not allowing in destination software systems to perform.Also namely, primary sources operation is opposed with the design requirement of destination software systems.Primary sources operation is corresponding, and software requirement person does not wish the function that destination software systems occurs.
Wherein, destination software systems can be article trading software systems, Net silver software systems etc., and disclosure embodiment does not specifically limit this.Different software system design demands is different, and namely secondary sources operation is different.Such as, when destination software systems is article trading software systems, design requirement can be once to be selected set to article and carries out numerical value jump operation; Set is selected to the article completing numerical value jump operation and does not carry out any operation; Set is selected to the article of non-stores and does not carry out numerical value jump operation etc.When destination software systems is Net silver software systems, design requirement can be every day transfer amounts not higher than 5000 yuan, dynamic password input error 6 secondary account locking etc., and disclosure embodiment does not limit this.
In the disclosed embodiments, call specified type system and static check is carried out to destination software systems.Such as, for article trading software systems, call specified type system, judge whether the article trading software systems designed can realize the function etc. of " select set to the article completing numerical value jump operation and do not carry out any operation ".For Net silver software systems, call specified type system, judge whether the Net silver software systems that design can the realize function etc. of " dynamic password input error 6 times after account locking ".
In step 202a, if destination software systems non-feedback error prompting when performing primary sources operation, then determine that destination software systems is not by static check, destination software systems is dangerous.
Because primary sources are operating as software requirement, person does not wish the operation that destination software systems performs, and so for the destination software systems of an excellent in design, is that success will follow when performing primary sources operation, and can feedback error prompting.Accordingly, disclosure embodiment is based on whether feedback error prompting judges whether destination software systems passes through static check.If arbitrary phenomenon not meeting design requirement has appearred in the destination software systems designed, then determine that destination software systems is not by static check, determines that destination software systems is dangerous.
The method that disclosure embodiment provides, during software translating, calls specified type system and carries out static check to destination software systems; If destination software systems does not pass through static check, then determine that software systems are dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
Fig. 2 b is the process flow diagram of the safety protecting method of a kind of software systems according to an exemplary embodiment, with destination software systems be article trading software systems as shown in Figure 2 b, comprise the following steps.
In step 201b, obtain the design requirement of article trading software systems.
In the disclosed embodiments, the secondary sources operation in design requirement and corresponding above-described embodiment.Wherein, the design requirement of article trading software systems includes but not limited to:
Once set is selected to article and carry out numerical value jump operation; Or,
Set is selected to the article completing numerical value jump operation and does not carry out any operation; Or,
Set is selected to the article of non-stores and does not carry out numerical value jump operation; Or,
Interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or,
Never carry out removing article in the selected set of article of numerical value jump operation; Or,
Set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
Wherein, article are selected set and are referred to shopping cart.In other words, above-mentioned design requirement defines and once only can carry out delivery operation to a shopping cart.A shopping cart is once be paid and just cannot be carried out any change.Empty shopping cart can not pay.When encoded articles transaction software system, can by abstract for the demand be a state machine: shopping cart, to there being three kinds of states, being respectively non-stores state, not carrying out numerical value transfering state, completing numerical value transfering state.When interpolation article are to empty shopping cart, by non-stores State Transferring for not carry out numerical value transfering state.When removing last part article from shopping cart, be converted to non-stores state by not carrying out numerical value transfering state.After the shopping cart one not being carried out to numerical value jump operation performs numerical value jump operation, be converted to complete numerical value transfering state by not carrying out numerical value transfering state.Wherein, numerical value jump operation refers to the ideal money be worth with article etc. to the businessman's transfer having article.
Wherein, design requirement can derive from user or businessman to some original demands of software systems, also can derive from the demand of adding in subsequent process, such as above-mentioned rear three design requirements can be the new design rules added, and disclosure embodiment does not specifically limit this.
In step 202b, during software translating, call specified type system, according to design requirement, static check is carried out to article trading software systems.
How numerical value in programming language and expression formula are classified as many different types for defining by type system, and how to operate these types, how these types interact.Wherein, specified type system is the type system corresponding with the programming language that article trading software systems adopt, and ensures that the performance of software is good, and gets rid of behavior in violation of rules and regulations.Type can confirm that a value or one group have specific meaning and object value.Such as, the programming languages such as Haskell, scala, F# all provide powerful type system, and type system is for string processing, and state-maintenance etc. all can provide very large help.Such as, can ensure that a character string is plain text or other type of codes; The character string of let us define styles safety easily can carry out escape; Safety can be ensured at establishment grammer sugar by metaprogramming; Catch at compiling duration and report exception etc.We to catch and report is abnormal is described for example at compiling duration mainly for type system in the disclosed embodiments.
Calling specified type system, when carrying out static check according to design requirement to article trading software systems, following three kinds of modes at least can taked to realize:
First kind of way, call specified type system, in the selected set of the article completing numerical value jump operation, carry out article add operation; If do not receive the first operating mistake prompting of article trading software systems feedback, then determine that article trading software systems do not pass through static check.
Wherein, the first operating mistake prompting can be " ERROR: the selected set of article having completed numerical value jump operation ", and disclosure embodiment does not specifically limit this.Owing to comprising " shopping cart is once just cannot be carried out any change by paying " such design requirement, therefore according to this design requirement, type system can check whether the article trading software systems of encoding check by this.If pass through, then prove that this demand realizes and correctly, can proceed the next item down inspection.
The second way, call specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of article trading software systems feedback, then determine that article trading software systems do not pass through static check.
Wherein, the second operating mistake prompting can be " ERROR: the selected set of article of non-stores ", and disclosure embodiment does not specifically limit this.Owing to comprising " empty shopping cart can not pay " such design requirement, therefore according to this design requirement, type system can check whether the article trading software systems of encoding check by this.If pass through, then prove that this demand realizes and correctly, can proceed the next item down inspection.
The third mode, call specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of article trading software systems feedback, then determine that article trading software systems do not pass through static check.
Wherein, the 3rd operating mistake prompting can be " ERROR: the selected set of article having completed numerical value jump operation ", and disclosure embodiment does not specifically limit this.Owing to comprising " shopping cart is once just cannot be carried out any change by paying " such design requirement, therefore according to this design requirement, type system can check whether the article trading software systems of encoding check by this.If pass through, then prove that this demand realizes and correctly, can proceed the next item down inspection.
In step 203b, if article trading software systems are not by any one static check, then determine that software systems are dangerous.
In the disclosed embodiments, if article trading software systems are not by above-mentioned any one static check, then prove not pass through at compiling duration software translating, determine that software systems are dangerous.If article trading software systems are by above-mentioned all item static checks, then prove to pass through at compiling duration software translating, determine destination software systems safety.Article can be added to the selected set of the article not carrying out numerical value jump operation, never carry out removing article in the selected set of article of numerical value jump operation, also selected set can perform numerical value jump operation to the article not carrying out numerical value jump operation.In addition, knowing to help user the details that article select set in time, also can show the details that different conditions article select set.Such as, the selected set of the article for non-stores, shows the mark that such as " empty shopping cart " is such; For the selected set of the article not carrying out numerical value jump operation, display such as " has * * part not carry out the article of numerical value jump operation " in shopping cart; For the selected set of the article carrying out numerical value jump operation, display such as " has * * part to complete the article of numerical value jump operation, payment * * " in shopping cart.If article trading software systems by static check, then can not be compiled at compiling duration software and pass through, determine that software systems are dangerous.Achieve the security that logically be ensure that software systems by type system.
The safety protecting method of the software systems shown in Implementation of pseudocode disclosure embodiment that we can adopt F# programming language to write, false code is as follows:
The method that disclosure embodiment provides, during software translating, calls specified type system and carries out static check to article trading software systems; If article trading software systems do not pass through static check, then determine that software systems are dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
Fig. 3 is the block diagram of the safety device of a kind of software systems according to an exemplary embodiment.With reference to Fig. 3, this device comprises checking module 301, determination module 302.
Wherein, checking module 301 is connected with determination module 302, for during software translating, calls specified type system and carries out static check to destination software systems; Determination module, for when destination software systems is not by static check, determines that software systems are dangerous; Wherein, specified type system is the type system corresponding with the programming language that destination software systems adopts.
In another embodiment, checking module, for calling specified type system, carries out primary sources operation inspection to destination software systems; If destination software systems is non-feedback error prompting when performing primary sources operation, then determine that destination software systems does not pass through static check; Wherein, primary sources are operating as the operation except secondary sources operation, and secondary sources operation is the operation that destination software systems allows to perform.
In another embodiment, when destination software systems is article trading software systems, secondary sources operation comprises: once select set to article and carry out numerical value jump operation; Or, to the article selected set executable operations not completing numerical value jump operation; Or, set is selected to the article of stores and carries out numerical value jump operation; Or interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or, never carry out removing article in the selected set of article of numerical value jump operation; Or, set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
In another embodiment, checking module, for calling specified type system, carrying out article and adding operation in the selected set of the article completing numerical value jump operation; If do not receive the first operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or, call specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or, call specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check.
In another embodiment, checking module, for when destination software systems is by static check, determines destination software systems safety.
The device that disclosure embodiment provides, during software translating, calls specified type system and carries out static check to destination software systems; If destination software systems does not pass through static check, then determine that destination software systems is dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
About the device in above-described embodiment, wherein the concrete mode of modules executable operations has been described in detail in about the embodiment of the method, will not elaborate explanation herein.
Fig. 4 is the block diagram of a kind of software systems safety device 400 according to an exemplary embodiment.Such as, device 400 can be computing machine.
With reference to Fig. 4, device 400 can comprise following one or more assembly: processing components 402, storer 404, power supply module 406, multimedia groupware 408, audio-frequency assembly 410, I/O (Input/Output, I/O) interface 412, sensor module 414, and communications component 416.
The integrated operation of the usual control device 400 of processing components 402, such as with display, data communication and record operate the operation be associated.Processing components 402 can comprise one or more processor 420 to perform instruction, to complete all or part of step of above-mentioned method.In addition, processing components 402 can comprise one or more module, and what be convenient between processing components 402 and other assemblies is mutual.Such as, processing components 402 can comprise multi-media module, mutual with what facilitate between multimedia groupware 408 and processing components 402.
Storer 404 is configured to store various types of data to be supported in the operation of device 400.The example of these data comprises for any application program of operation on device 400 or the instruction of method, message, picture, video etc.Storer 404 can be realized by the volatibility of any type or non-volatile memory device or their combination, as SRAM (StaticRandomAccessMemory, static RAM), EEPROM (Electrically-ErasableProgrammableRead-OnlyMemory, Electrically Erasable Read Only Memory), EPROM (ErasableProgrammableReadOnlyMemory, Erasable Programmable Read Only Memory EPROM), PROM (ProgrammableRead-OnlyMemory, programmable read only memory), ROM (Read-OnlyMemory, ROM (read-only memory)), magnetic store, flash memory, disk or CD.
The various assemblies that power supply module 406 is device 400 provide electric power.Power supply module 406 can comprise power-supply management system, one or more power supply, and other and the assembly generating, manage and distribute electric power for device 400 and be associated.
Multimedia groupware 408 is included in the screen providing an output interface between described device 400 and user.In certain embodiments, screen can comprise LCD (LiquidCrystalDisplay, liquid crystal display) and TP (TouchPanel, touch panel).If screen comprises touch panel, screen may be implemented as touch-screen, to receive the input signal from user.Touch panel comprises one or more touch sensor with the gesture on sensing touch, slip and touch panel.Described touch sensor can the border of not only sensing touch or sliding action, but also detects the duration relevant to described touch or slide and pressure.In certain embodiments, multimedia groupware 408 comprises a front-facing camera and/or post-positioned pick-up head.When device 400 is in operator scheme, during as screening-mode or video mode, front-facing camera and/or post-positioned pick-up head can receive outside multi-medium data.Each front-facing camera and post-positioned pick-up head can be fixing optical lens systems or have focal length and optical zoom ability.
Audio-frequency assembly 410 is configured to export and/or input audio signal.Such as, audio-frequency assembly 410 comprises a MIC (Microphone, microphone), and when device 400 is in operator scheme, during as call model, logging mode and speech recognition mode, microphone is configured to receive external audio signal.The sound signal received can be stored in storer 404 further or be sent via communications component 416.In certain embodiments, audio-frequency assembly 410 also comprises a loudspeaker, for output audio signal.
I/O interface 412 is for providing interface between processing components 402 and peripheral interface module, and above-mentioned peripheral interface module can be keyboard, some striking wheel, button etc.These buttons can include but not limited to: home button, volume button, start button and locking press button.
Sensor module 414 comprises one or more sensor, for providing the state estimation of various aspects for device 400.Such as, sensor module 414 can detect the opening/closing state of device 400, the relative positioning of assembly, such as assembly is display and the keypad of device 400, the position of all right pick-up unit 400 of sensor module 414 or device 400 1 assemblies changes, the presence or absence that user contacts with device 400, the temperature variation of device 400 orientation or acceleration/deceleration and device 400.Sensor module 414 can comprise proximity transducer, be configured to without any physical contact time detect near the existence of object.Sensor module 414 can also comprise optical sensor, as CMOS (ComplementaryMetalOxideSemiconductor, CMOS (Complementary Metal Oxide Semiconductor)) or CCD (Charge-coupledDevice, charge coupled cell) imageing sensor, for using in imaging applications.In certain embodiments, this sensor module 414 can also comprise acceleration transducer, gyro sensor, Magnetic Sensor, pressure transducer or temperature sensor.
Communications component 416 is configured to the communication being convenient to wired or wireless mode between device 400 and other equipment.Device 400 can access the wireless network based on communication standard, as WiFi, 2G or 3G, or their combination.In one exemplary embodiment, communications component 416 receives from the broadcast singal of external broadcasting management system or broadcast related information via broadcast channel.In one exemplary embodiment, described communications component 416 also comprises NFC (NearFieldCommunication, near-field communication) module, to promote junction service.Such as, can based on RFID (RadioFrequencyIdentification in NFC module, radio-frequency (RF) identification) technology, IrDA (Infra-redDataAssociation, Infrared Data Association) technology, UWB (UltraWideband, ultra broadband) technology, BT (Bluetooth, bluetooth) technology and other technologies realize.
In the exemplary embodiment, device 400 can by one or more ASIC (ApplicationSpecificIntegratedCircuit, application specific integrated circuit), DSP (DigitalsignalProcessor, digital signal processor), DSPD (DigitalsignalProcessorDevice, digital signal processing appts), PLD (ProgrammableLogicDevice, programmable logic device (PLD)), FPGA) (FieldProgrammableGateArray, field programmable gate array), controller, microcontroller, microprocessor or other electronic components realize, for performing said method.
In the exemplary embodiment, additionally provide a kind of non-transitory computer-readable recording medium comprising instruction, such as, comprise the storer 404 of instruction, above-mentioned instruction can perform said method by the processor 420 of device 400.Such as, described non-transitory computer-readable recording medium can be ROM, RAM (RandomAccessMemory, random access memory), CD-ROM (CompactDiscRead-OnlyMemory, compact disc read-only memory), tape, floppy disk and optical data storage devices etc.
A kind of non-transitory computer-readable recording medium, when the instruction in described storage medium is performed by the processor of computing machine, make mobile terminal can perform a kind of safety protecting method of software systems, described method comprises:
During software translating, call specified type system and static check is carried out to destination software systems;
If destination software systems by static check, then determines destination software systems safety;
Wherein, specified type system is the type system corresponding with the programming language that destination software systems adopts.
In another embodiment, call specified type system and static check carried out to destination software systems, comprising:
Call specified type system, primary sources operation inspection is carried out to destination software systems;
If destination software systems is non-feedback error prompting when performing primary sources operation, then determine that destination software systems does not pass through static check;
Wherein, primary sources are operating as the operation except secondary sources operation, and secondary sources operation is the operation that destination software systems allows to perform.
In another embodiment, when destination software systems is article trading software systems, secondary sources operation comprises:
Once set is selected to article and carry out numerical value jump operation; Or,
To the article selected set executable operations not completing numerical value jump operation; Or,
Set is selected to the article of stores and carries out numerical value jump operation; Or,
Interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or,
Never carry out removing article in the selected set of article of numerical value jump operation; Or,
Set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
In another embodiment, call specified type system and static check carried out to destination software systems, comprising:
Call specified type system, in the selected set of the article completing numerical value jump operation, carry out article add operation; If do not receive the first operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or,
Call specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check; Or,
Call specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of destination software systems feedback, then determine that destination software systems does not pass through static check.
In another embodiment, the method also comprises:
If destination software systems by static check, then determines destination software systems safety.
The non-transitory computer-readable recording medium that disclosure embodiment provides, during software translating, calls specified type system and carries out static check to destination software systems; If destination software systems does not pass through static check, then determine that destination software systems is dangerous, owing to having carried out static check by type system at compile duration, so just can mistake be found at compile duration, can avoid to greatest extent generating maloperation and dirty data, software, once compiling is by just ensureing correctness, there will not be run-time errors and attack, logically ensure that the security of software systems.
Those skilled in the art, at consideration instructions and after putting into practice invention disclosed herein, will easily expect other embodiment of the present invention.The application is intended to contain any modification of the present invention, purposes or adaptations, and these modification, purposes or adaptations are followed general principle of the present invention and comprised the undocumented common practise in the art of the disclosure or conventional techniques means.Instructions and embodiment are only regarded as exemplary, and true scope of the present invention and spirit are pointed out by claim below.
Should be understood that, the present invention is not limited to precision architecture described above and illustrated in the accompanying drawings, and can carry out various amendment and change not departing from its scope.Scope of the present invention is only limited by appended claim.
Claims (11)
1. a safety protecting method for software systems, is characterized in that, described method comprises:
During software translating, call specified type system and static check is carried out to destination software systems;
If described destination software systems is not by described static check, then determine that described software systems are dangerous;
Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
2. method according to claim 1, is characterized in that, described in call specified type system static check carried out to destination software systems, comprising:
Call described specified type system, primary sources operation inspection is carried out to described destination software systems;
If described destination software systems is non-feedback error prompting when performing the operation of described primary sources, then determine that described destination software systems does not pass through static check;
Wherein, described primary sources are operating as the operation except secondary sources operation, and described secondary sources operation is the operation that described destination software systems allows to perform.
3. method according to claim 2, is characterized in that, when described destination software systems is article trading software systems, described secondary sources operation comprises:
Once set is selected to article and carry out numerical value jump operation; Or,
To the article selected set executable operations not completing numerical value jump operation; Or,
Set is selected to the article of stores and carries out numerical value jump operation; Or,
Interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or,
Never carry out removing article in the selected set of article of numerical value jump operation; Or,
Set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
4. method according to claim 3, is characterized in that, described in call described specified type system static check carried out to described destination software systems, comprising:
Call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article add operation; If do not receive the first operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or,
Call described specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or,
Call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check.
5. method according to claim 1, is characterized in that, described method also comprises:
If described destination software systems is by described static check, then determine described destination software systems safety.
6. a safety device for software systems, is characterized in that, described device comprises:
Checking module, for during software translating, calls specified type system and carries out static check to destination software systems;
Determination module, for when described destination software systems is not by described static check, determines that described software systems are dangerous;
Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
7. device according to claim 6, is characterized in that, described checking module, for calling described specified type system, carries out primary sources operation inspection to described destination software systems; If described destination software systems is non-feedback error prompting when performing the operation of described primary sources, then determine that described destination software systems does not pass through static check; Wherein, described primary sources are operating as the operation except secondary sources operation, and described secondary sources operation is the operation that described destination software systems allows to perform.
8. device according to claim 7, is characterized in that, when described destination software systems is article trading software systems, described secondary sources operation comprises: once select set to article and carry out numerical value jump operation; Or, to the article selected set executable operations not completing numerical value jump operation; Or, set is selected to the article of stores and carries out numerical value jump operation; Or interpolation article are selected set to the article of non-stores or are not carried out in the selected set of article of numerical value jump operation; Or, never carry out removing article in the selected set of article of numerical value jump operation; Or, set is selected to the article not carrying out numerical value jump operation and carries out numerical value jump operation.
9. device according to claim 8, is characterized in that, described checking module, for calling described specified type system, carrying out article and adding operation in the selected set of the article completing numerical value jump operation; If do not receive the first operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or, call described specified type system, in the selected set of the article of non-stores, carry out article remove operation; If do not receive the second operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check; Or, call described specified type system, in the selected set of the article completing numerical value jump operation, carry out article remove operation; If do not receive the 3rd operating mistake prompting of described destination software systems feedback, then determine described destination software systems not by described static check.
10. device according to claim 6, is characterized in that, described checking module, for when described destination software systems is by described static check, determines described destination software systems safety.
The safety device of 11. 1 kinds of software systems, is characterized in that, comprising:
Processor;
For the storer of storage of processor executable instruction;
Wherein, described processor is configured to: during software translating, calls specified type system and carries out static check to destination software systems; If described destination software systems is not by described static check, then determine that described software systems are dangerous; Wherein, described specified type system is the type system corresponding with the programming language that described destination software systems adopts.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510546485.9A CN105184163A (en) | 2015-08-31 | 2015-08-31 | Security protection method and apparatus for software system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510546485.9A CN105184163A (en) | 2015-08-31 | 2015-08-31 | Security protection method and apparatus for software system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105184163A true CN105184163A (en) | 2015-12-23 |
Family
ID=54906237
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510546485.9A Pending CN105184163A (en) | 2015-08-31 | 2015-08-31 | Security protection method and apparatus for software system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105184163A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110532768A (en) * | 2019-08-21 | 2019-12-03 | 东软医疗系统股份有限公司 | System safety encryption and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1305609A (en) * | 1998-06-16 | 2001-07-25 | 太阳微系统公司 | Method of implementing parameterized types to be compatible with existing unparameterized libraries |
| US20090019431A1 (en) * | 2006-03-02 | 2009-01-15 | Nxp B.V. | Optimised compilation method during conditional branching |
| CN102222012A (en) * | 2010-04-14 | 2011-10-19 | 微软公司 | Static type checking against external data sources |
| CN102750469A (en) * | 2012-05-18 | 2012-10-24 | 北京邮电大学 | Security detection system based on open platform and detection method thereof |
| CN104346573A (en) * | 2013-07-31 | 2015-02-11 | 广州市品高软件开发有限公司 | Method and device for realizing WEB application system information security frame |
-
2015
- 2015-08-31 CN CN201510546485.9A patent/CN105184163A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1305609A (en) * | 1998-06-16 | 2001-07-25 | 太阳微系统公司 | Method of implementing parameterized types to be compatible with existing unparameterized libraries |
| US20090019431A1 (en) * | 2006-03-02 | 2009-01-15 | Nxp B.V. | Optimised compilation method during conditional branching |
| CN102222012A (en) * | 2010-04-14 | 2011-10-19 | 微软公司 | Static type checking against external data sources |
| CN102750469A (en) * | 2012-05-18 | 2012-10-24 | 北京邮电大学 | Security detection system based on open platform and detection method thereof |
| CN104346573A (en) * | 2013-07-31 | 2015-02-11 | 广州市品高软件开发有限公司 | Method and device for realizing WEB application system information security frame |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110532768A (en) * | 2019-08-21 | 2019-12-03 | 东软医疗系统股份有限公司 | System safety encryption and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7315796B2 (en) | Circuit principle diagram check method, device and system | |
| CN104933556A (en) | Mode setting method and apparatus | |
| CN104216742B (en) | Brush machine control method and device based on password | |
| CN104992092A (en) | Method, device and system for fingerprint information verification | |
| CN104503689A (en) | Method and device for displaying application interface | |
| CN104933555B (en) | Moade setting method and device | |
| CN104991789A (en) | Method and apparatus for starting application | |
| CN105488112A (en) | Information pushing method and device | |
| CN104933351A (en) | Information security processing method and information security processing device | |
| CN106210238B (en) | Short message storage method and device | |
| CN105654302A (en) | Payment method and device | |
| CN104469714A (en) | Short message sending method and device | |
| KR101642019B1 (en) | Method, apparatus, program, and recording medium of verifying terminal | |
| CN108960839B (en) | Payment method and device | |
| CN105487886A (en) | Method and device for loading plugin | |
| CN105930721B (en) | A kind of method and apparatus managing application program | |
| CN106204046A (en) | The method and device that order pays | |
| CN104778405A (en) | Method and device for blocking advertisements | |
| CN103812999B (en) | Mobile terminal and message registration treating method and apparatus thereof | |
| CN104217328A (en) | Multi-verification payment method and multi-verification payment device | |
| CN105323152A (en) | Message processing method, device and equipment | |
| CN105094830A (en) | Method and device for executing target functions | |
| CN105376412A (en) | Information processing method and device | |
| CN107230060A (en) | The method and apparatus that a kind of account is reported the loss | |
| CN105353938A (en) | Suspended short message display method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20180820 Address after: 100176 Beijing Beijing economic and Technological Development Zone, Chuang Chuang fourteen Street 99, 33 D Building 2 level 2243 (centralized office area) Applicant after: Beijing millet Payment Technology Co., Ltd. Address before: 100085 Beijing Haidian District Qinghe middle street 68 Huarun colorful shopping mall two phase 13 level. Applicant before: Xiaomi Technology Co., Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151223 |
|
| RJ01 | Rejection of invention patent application after publication |