CN105354488A

CN105354488A - Application installation method, related apparatus and application installation system

Info

Publication number: CN105354488A
Application number: CN201510704862.7A
Authority: CN
Inventors: 何小兵
Original assignee: Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Current assignee: Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date: 2015-10-26
Filing date: 2015-10-26
Publication date: 2016-02-24
Anticipated expiration: 2035-10-26
Also published as: CN105354488B; WO2017071207A1

Abstract

Embodiments of the present invention disclose an application installation method, a related apparatus, and an application installation system. The method comprises: obtaining identification information of an installation package of a to-be-installed application; sending an authentication request carrying the identification information to a secure application server, wherein the authentication request is used for indicating the secure application server to carry out security verification on the identification information carried in the authentication request; and if an authentication validation message in response to the authentication request from the secure application server is received, executing an installation operation for the to-be-installed application. The technical scheme provided by the embodiments of the present invention is beneficial to improve security for a user to install an application.

Description

A kind of application installation method, relevant apparatus and application installation system

Technical field

The present invention relates to the technical field of information security, be specifically related to a kind of application installation method, relevant apparatus and application installation system.

Background technology

Along with the arrival in mobile multimedia epoch, by abundant application software, mobile phone from simple call instrument gradually to intelligent development.As the core of smart mobile phone, operating system becomes the part of smart mobile phone most competitive power.Operating system makes smart mobile phone more and more be equal to microcomputer, and user can the program that provides of the third party service provider such as mounting software, game voluntarily on smart mobile phone, is constantly expanded the function of mobile phone by this class method.

But the operating system that certain operations system is particularly increased income (such as, Android system) allows third-party application random set up applications in terminal, user, after installation kit installation, just can distinguish whether be malicious application, influential system safety.

Summary of the invention

Embodiment of the present invention technical matters to be solved is, provides a kind of application installation method, relevant apparatus and application installation system, to improving the security of user installation application.

In order to solve the problems of the technologies described above, embodiment of the present invention first aspect provides a kind of application installation method, and described method comprises:

Obtain the identification information of the installation kit of application to be installed;

Send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request;

If receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Embodiment of the present invention second aspect provides a kind of application installation method, and described method comprises:

The checking request of carrying identification information that safety applications service end receiving terminal sends;

Described safety applications service end carries out security verification to the identification information carried in described checking request;

When being verified, described safety applications service end sends to described terminal and is verified message, and the installation performed for described application to be installed to trigger described terminal operates.

The embodiment of the present invention third aspect provides a kind of mobile terminal, and described mobile terminal comprises:

Acquiring unit, for obtaining the identification information of the installation kit of application to be installed;

Transmitting element, for sending the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request;

Performance element, if for receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Embodiment of the present invention fourth aspect provides a kind of safety applications service end, and described safety applications service end comprises:

Receiving element, for the checking request of carrying identification information that receiving terminal sends;

Authentication unit, for carrying out security verification to the identification information carried in described checking request;

Transmitting element, for when being verified, sending be verified message to described terminal, the installation performed for described application to be installed to trigger described terminal operates.

Accordingly, the embodiment of the present invention the 5th aspect additionally provides a kind of application installation system, comprises a kind of safety applications service end that a kind of mobile terminal as the embodiment of the present invention third aspect provides and embodiment of the present invention fourth aspect provide, wherein:

Described mobile terminal, for obtaining the identification information of the installation kit of application to be installed; Send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request;

Described safety applications service end, for the checking request of carrying identification information that receiving terminal sends; Security verification is carried out to the identification information carried in described checking request; When being verified, sending be verified message to described terminal, the installation performed for described application to be installed to trigger described terminal operates.

Described mobile terminal, if also for receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Pass through the embodiment of the present invention, the identification information of acquisition for mobile terminal and the identification information applying corresponding mandate installation kit described to be installed prestored carry out verifying to determine whether this application to be installed is malicious application by safety applications service end, and then return terminal authentication message, terminal is carried out installation operation according to described checking message or is stopped installing, solve user in prior art after installation kit installation, just can distinguish to be whether the technical matters of malicious application, be conducive to improving the security that application is installed.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

Fig. 1 is a kind of schematic flow sheet applying installation method that first embodiment of the invention provides;

Fig. 2 is a kind of schematic flow sheet applying installation method that second embodiment of the invention provides;

Fig. 3 is a kind of schematic flow sheet applying installation method that third embodiment of the invention provides;

Fig. 4 is a kind of schematic flow sheet applying installation method that fourth embodiment of the invention provides;

Fig. 5 is a kind of schematic flow sheet applying installation method that fifth embodiment of the invention provides;

Fig. 6 is a kind of schematic flow sheet applying installation method that sixth embodiment of the invention provides;

Fig. 7 is the structural representation of a kind of mobile terminal that seventh embodiment of the invention provides;

Fig. 8 is the structural representation of a kind of mobile terminal that eighth embodiment of the invention provides;

Fig. 9 is the structural representation of a kind of safety applications service end that ninth embodiment of the invention provides;

Figure 10 is the structural representation of a kind of safety applications service end that tenth embodiment of the invention provides;

Figure 11 is a kind of structural representation applying installation system that eleventh embodiment of the invention provides.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

Below be described in detail respectively.

Above-mentioned mobile terminal can be any equipment possessing communication and memory function, such as: panel computer, mobile phone, electronic reader, personal computer (PersonalComputer, PC), notebook computer, mobile unit, Web TV, wearable device etc. have the smart machine of network function.

Refer to Fig. 1, Fig. 1 is a kind of schematic flow sheet applying installation method that first embodiment of the invention provides, and wherein, the application installation method described by Fig. 1 is mainly described from terminal side, as shown in Figure 1, this application installation method can comprise the following steps:

S101, terminal obtain the identification information of the installation kit of application to be installed.

Wherein, installation kit (Installpack), i.e. software installation kit, can the set of decompress files voluntarily, comprising the All Files that software is installed, run installation kit (executable file), can the All Files of this software is discharged on hard disk, complete edit the registry, amendment Operation system setting, create the work such as shortcut.Installation kit is only arranged in terminal could realize its function, an installation kit be installed in terminal is called application, application (Application, be called for short APP) the various services that user uses on network can be comprised, as application program, webpage, video, novel, music, game, news, shopping and mailbox etc.

Optionally, described identification information comprises the authorization information of the bag name of the installation kit of application to be installed and the installation kit of application to be installed.

S102, terminal send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

Wherein, above-mentioned safety applications service end to the embodiment that the identification information carried in this checking request carries out security verification is:

The bag name that the Bao Mingyu of installation kit installing application is pre-stored in mandate installation kit corresponding to the application described to be installed of safety applications service end is mated, be pre-stored in the prerequisite of the bag name coupling of the mandate installation kit of the application correspondence described to be installed of safety applications service end at the Bao Mingyu of the installation kit of application to be installed under, the authorization information of the installation kit of application to be installed is mated with the authorization information of the mandate installation kit of above-mentioned application to be installed.

If S103, terminal receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by safety applications service end is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed mates completely with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end sends to terminal and is verified message, terminal is verified message described in receiving, and the installation performed for described application to be installed operates.

Concrete, in Android system, except the application that system carries, other need the installation kit of the new application of installing all can must be installed in Android system by application erector, the application program for mounting software that application erector provides for Android system.

Optionally, if terminal receives the authentication failed message that the described checking of described safety applications service end response asks to send, stop operating the installation of described application to be installed.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by safety applications service end is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed and the identification information Incomplete matching applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end sends authentication failed message to terminal, terminal receives described authentication failed message, stops the installation performing for described application to be installed to operate.

Optionally, in the method shown in Fig. 1, terminal, before carrying the checking request of described identification information to the transmission of safety applications service end, first can perform following steps:

Identify the loading source of the installation kit of described application to be installed;

If the loading source identified is unauthorized loading source, triggers and perform described checking request of carrying described identification information to the transmission of safety applications service end.

In the present embodiment, the loading source of the installation kit of application to be installed can comprise the loading source of mandate and unauthorized loading source, the loading source of authorizing is be loaded in safety applications service end under installation kit, and unauthorized loading source is the third-party application service end be loaded under installation kit except safety applications service end.Wherein, third-party application service end is also referred to as third-party application shop (APPSTORE), refer to specially for terminal provides the electronic application shop of freely (charge) application searches and download service, third-party application market can be comprised, such as application market, Android market etc., can also comprise browser, some browsers also can provide the search of application and the function of download at present.

In specific implementation, opening due to Android system makes the quality of the application that Android system is installed very different, if be loaded in the third-party application service end except safety applications service end under the installation kit of application to be installed, then there is certain potential safety hazard in this installation kit.

In specific implementation, for Android platform, because on Android platform, the suffix name of installation file is generally " .apk ", the installation kit of the application therefore on Android system is commonly referred to as apk installation kit.Each apk installation kit is packed by multiple file and is obtained, comprising inventory (Manifest) file: AndroidManifest.xml file.Inventory file must exist, it is arranged in the root directory of whole apk installation kit, provide the necessary information about described application required for Android system, wherein, the information that described necessary information must have for system before any code operation of this application.

Inventory is made up of a root label <Manifest>, this label arranges the Package attribute of installation kit with one, Package is the unique identification of the application program installation kit be recorded in AndroidManifest.xml file, if the Package of application program repeats, to issue successfully, therefore, the unique identification Package of application apk installation kit can be read from the AndroidManifest.xml file of the apk installation kit of Android system.

Activity (activity) is one and is responsible for the assembly with user interactions, in Android system, each application is set up based on an Activity, namely each application corresponds to an Activity, and in embodiments of the present invention, Activity is the application that current apk installation kit is corresponding, Activity corresponding to this apk installation kit can be acquired by the Package of current apk installation kit, wherein, multiple Activity can be comprised in an apk installation kit, when an establishment application program, first an Activity class can be created by calling system interface.A mToken is comprised at Activity, Activity management service AmS (ActivityManagerService.java file, be called for short AmS) in HistoryRecord carry out the establishment of the Activit in register system by record mToken, also be, by current Activity can be obtained in HistoryRecord by which process creation, and then identify the loading source of installation kit of described application to be installed.

In the present embodiment, if the loading source that terminal recognition goes out the installation kit of application to be installed is unauthorized loading source, be confirmed whether to install by user, if user confirms to install the installation kit that above-mentioned loading source is unauthorized loading source, then the confirmation installation action of user triggers and performs described checking request of carrying described identification information to the transmission of safety applications service end.

Optionally, if the loading source that terminal recognition goes out is the loading source of authorizing, the installation that terminal performs for described application to be installed operates.

In the present embodiment, if the loading source that terminal recognition goes out the installation kit of application to be installed is the loading source of authorizing, be namely loaded in safety applications service end down, then terminal directly performs the installation operation of described application to be installed.

Pass through the embodiment of the present invention, the identification information that terminal obtains by safety applications service end carries out verifying to determine whether this application to be installed is malicious application with the identification information applying corresponding mandate installation kit described to be installed prestored, and then return terminal authentication message, terminal is carried out installation operation according to described checking message or is stopped installing, solve user in prior art after installation kit installation, just can distinguish to be whether the technical matters of malicious application, be conducive to improving the security that application is installed.

Refer to Fig. 2, Fig. 2 is a kind of schematic flow sheet applying installation method that second embodiment of the invention provides, and wherein, the application installation method described by Fig. 2 is mainly described from safety applications service end side, as shown in Figure 2, this application installation method can comprise the following steps:

The checking request of carrying identification information that S201, safety applications service end receiving terminal send.

Wherein, described checking request is used to indicate described safety applications service end to be verified with the identification information applying corresponding mandate installation kit described to be installed prestored by the identification information carried in this checking request.

S202, described safety applications service end carry out security verification to the identification information carried in described checking request.

Wherein, described safety applications service end to the embodiment that the identification information carried in described checking request carries out security verification is:

Safety applications service end is mated with the authorization identification information prestored the identification information carried in described checking request; If the identification information carried in described checking request mates completely with the described authorization identification information prestored, be then verified; If the identification information carried in described checking request does not mate with the described authorization identification information prestored, then authentication failed.

Optionally, described identification information comprises: the authorization information of the bag name of the installation kit of application to be installed and the installation kit of application to be installed, and described safety applications service end to the embodiment that the identification information carried in described checking request carries out security verification is:

The authorization packets name that the Bao Mingyu of described safety applications service end to the installation kit of application to be installed prestores is mated; When the authorization packets name coupling that the Bao Mingyu of the installation kit of application to be installed prestores, described safety applications service end is mated with the authority checking information prestored the authorization information of the installation kit of application to be installed.

S203, when being verified, described safety applications service end sends to terminal and is verified message, performs operate for the installation of described application to be installed with triggering terminal.

Optionally, when authentication failed, described safety applications service end sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.

Refer to Fig. 3, Fig. 3 is a kind of schematic flow sheet applying installation method that third embodiment of the invention provides, wherein, application installation method described by Fig. 3 is mainly described from safety applications service end and terminal both sides, as shown in Figure 3, this application installation method can comprise the following steps:

S301, terminal obtain the identification information of the installation kit of application to be installed.

S302, terminal send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

S303, described safety applications service end receive the checking request of carrying identification information that described terminal sends.

S304, described safety applications service end carry out security verification to the identification information carried in described checking request.

S305, when being verified, described safety applications service end sends to described terminal and is verified message, and the installation performed for described application to be installed to trigger described terminal operates.

If S306, terminal receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Optionally, when authentication failed, described safety applications service end sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.If terminal receives the authentication failed message that the described checking of described safety applications service end response asks to send, stop operating the installation of described application to be installed.

Refer to Fig. 4, Fig. 4 is a kind of schematic flow sheet applying installation method that fourth embodiment of the invention provides, wherein, application installation method described by Fig. 4 is mainly described from safety applications service end and terminal both sides, as shown in Figure 4, this application installation method can comprise the following steps:

S401, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S402, terminal recognition.

If the loading source that S403 terminal recognition goes out is unauthorized loading source, triggering terminal performs described checking request of carrying described identification information to the transmission of safety applications service end.

S404, terminal send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

S405, described safety applications service end receive the checking request of carrying identification information that described terminal sends.

S406, described safety applications service end carry out security verification to the identification information carried in described checking request.

S407, when being verified, described safety applications service end sends to described terminal and is verified message, and the installation performed for described application to be installed to trigger described terminal operates.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by safety applications service end is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed mates completely with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end sends to terminal and is verified message.

If S408, terminal receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Refer to Fig. 5, Fig. 5 is a kind of schematic flow sheet applying installation method that fifth embodiment of the invention provides, wherein, application installation method described by Fig. 5 is mainly described from safety applications service end and terminal both sides, as shown in Figure 5, this application installation method can comprise the following steps:

S501, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S502, terminal recognition.

If the loading source that S503 terminal recognition goes out is unauthorized loading source, triggering terminal performs described checking request of carrying described identification information to the transmission of safety applications service end.

S504, terminal send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

S505, described safety applications service end receive the checking request of carrying identification information that described terminal sends.

S506, described safety applications service end carry out security verification to the identification information carried in described checking request.

S507, when authentication failed, described safety applications service end sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.

If S508, terminal receive the authentication failed message that the described checking of described safety applications service end response asks to send, stop operating the installation of described application to be installed.

Refer to Fig. 6, Fig. 6 is a kind of schematic flow sheet applying installation method that sixth embodiment of the invention provides, wherein, application installation method described by Fig. 6 is mainly described from safety applications service end and terminal both sides, as shown in Figure 6, this application installation method can comprise the following steps:

S601, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S602, terminal recognition.

If the loading source that S603 terminal recognition goes out is the loading source of authorizing, the installation performed for described application to be installed operates.

Be apparatus of the present invention embodiment below, the method that apparatus of the present invention embodiment realizes for performing the inventive method embodiment one to six, for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention, concrete ins and outs do not disclose, and please refer to the embodiment of the present invention one to embodiment six.

Refer to Fig. 7, Fig. 7 is the structural representation of a kind of mobile terminal that seventh embodiment of the invention provides, and as shown in Figure 7, this mobile terminal can comprise:

Acquiring unit 701, for obtaining the identification information of the installation kit of application to be installed.

Transmitting element 702, for sending the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

Performance element 703, if for receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by safety applications service end is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed mates completely with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end sends to terminal and is verified message, terminal is verified message described in receiving, the installation that performance element 703 performs for described application to be installed operates.

Optionally, described mobile terminal also comprises:

Recognition unit 704, for identifying the loading source of the installation kit of described application to be installed.

Trigger element 705, if the loading source for identifying being unauthorized loading source, triggering and performing described checking request of carrying described identification information to the transmission of safety applications service end.

In the present embodiment, if the loading source that recognition unit 704 identifies the installation kit of application to be installed is unauthorized loading source, be confirmed whether to install by user, if user confirms to install the installation kit that above-mentioned loading source is unauthorized loading source, then the confirmation installation action of user triggers described trigger element 705 and performs described checking request of carrying described identification information to the transmission of safety applications service end.

Optionally, described performance element 703, if the loading source also for identifying is the loading source of authorizing, the installation that described performance element 703 performs for described application to be installed operates.

In the present embodiment, if the loading source that recognition unit 704 identifies the installation kit of application to be installed is the loading source of authorizing, be namely loaded in safety applications service end down, then performance element 703 directly performs the installation operation of described application to be installed.

Optionally, described mobile terminal also comprises:

Stop element, if the authentication failed message receiving the transmission of described safety applications service end for mobile terminal, stops operating the installation of described application to be installed.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by safety applications service end is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed and the identification information Incomplete matching applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end sends authentication failed message to terminal, terminal receives described authentication failed message, stop element stops the installation performing for described application to be installed to operate.

Refer to Fig. 8, Fig. 8 is the structural representation of the mobile terminal that the eighth embodiment of the present invention provides.As shown in the figure, the mobile terminal in the embodiment of the present invention comprises: at least one processor 801, such as CPU, at least one receiver 803, at least one storer 804, at least one transmitter 805, at least one communication bus 802.Wherein, communication bus 802 is for realizing the connection communication between these assemblies.Wherein, in the embodiment of the present invention, the receiver 803 of device and transmitter 805 can be wired transmit ports, can be also wireless device, such as, comprise antenna assembly, for carrying out the communication of signaling or data with other node devices.Storer 804 can be high-speed RAM storer, also can be non-labile storer (non-volatilememory), such as at least one magnetic disk memory.Storer 804 can also be optionally that at least one is positioned at the memory storage away from aforementioned processor 801.Store batch processing code in storer 804, and processor 801 is for calling the program code stored in storer, for performing following operation:

Processor 801 obtains the identification information of the installation kit of application to be installed.

Processor 801 sends the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

Wherein, the embodiment that the identification information carried in this checking request and the identification information applying corresponding mandate installation kit described to be installed prestored carry out verifying is by described safety applications service end:

First, the bag name that the Bao Mingyu of the installation kit of application to be installed is pre-stored in mandate installation kit corresponding to the application described to be installed of safety applications service end is mated, be pre-stored in the prerequisite of the bag name coupling of the mandate installation kit of the application correspondence described to be installed of safety applications service end at the Bao Mingyu of the installation kit of application to be installed under, the authorization information of the installation kit of application to be installed is mated with the authorization information of the mandate installation kit of above-mentioned application to be installed.

If processor 801 receive described safety applications service end send be verified message, the installation performed for described application to be installed operates.

Optionally, if processor 801 receives the authentication failed message that described safety applications service end sends, then stop operating the installation of described application to be installed.

Optionally, in the mobile terminal shown in Fig. 8, processor 801, before carrying the checking request of described identification information to the transmission of safety applications service end, first can perform following steps:

Processor 801 identifies the loading source of the installation kit of described application to be installed;

If the loading source that processor 801 identifies is unauthorized loading source, triggers and perform described checking request of carrying described identification information to the transmission of safety applications service end.

In the present embodiment, if the loading source that processor 801 identifies the installation kit of application to be installed is unauthorized loading source, be confirmed whether to install by user, if user confirms to install the installation kit that above-mentioned loading source is unauthorized loading source, then the confirmation installation action of user triggers and performs described checking request of carrying described identification information to the transmission of safety applications service end.

Optionally, if the loading source that processor 801 identifies is the loading source of authorizing, the installation that processor 801 performs for described application to be installed operates.

In the present embodiment, if the loading source that processor 801 identifies the installation kit of application to be installed is the loading source of authorizing, be namely loaded in safety applications service end down, then processor 801 directly performs the installation operation of described application to be installed.

Refer to Fig. 9, Fig. 9 is the structural representation of a kind of safety applications service end that ninth embodiment of the invention provides, and as shown in Figure 9, this safety applications service end at least can comprise:

Receiving element 901, for receiving the checking request of carrying identification information.

Authentication unit 902, for carrying out security verification to the identification information carried in described checking request.

Wherein, described authentication unit 902 is specifically for mating with the authorization identification information prestored the identification information carried in described checking request; If the identification information carried in described checking request mates completely with the described authorization identification information prestored, then authentication unit is verified; If the identification information carried in described checking request does not mate with the described authorization identification information prestored, then authentication unit authentication failed.

Optionally, described identification information comprises: the authorization information of the bag name of the installation kit of application to be installed and the installation kit of application to be installed;

Described authentication unit, the authorization packets name that the Bao Mingyu specifically for the installation kit to application to be installed prestores is mated; When the authorization packets name coupling that the Bao Mingyu of the installation kit of application to be installed prestores, the authorization information of the installation kit of application to be installed is mated with the authority checking information prestored.

Transmitting element 903, for when being verified, safety applications service end sends to terminal and is verified message, operates with the installation that triggering terminal performs for described application to be installed.

Optionally, described transmitting element 903, also for when authentication failed, sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.

Refer to Figure 10, Figure 10 is the structural representation of the safety applications service end that tenth embodiment of the invention provides.As shown in the figure, the safety applications service end in the embodiment of the present invention comprises: at least one processor 1001, such as CPU, at least one receiver 1003, at least one storer 1004, at least one transmitter 1005, at least one communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these assemblies.Wherein, in the embodiment of the present invention, the receiver 1003 of device and transmitter 1005 can be wired transmit ports, can be also wireless device, such as, comprise antenna assembly, for carrying out the communication of signaling or data with other node devices.Storer 1004 can be high-speed RAM storer, also can be non-labile storer (non-volatilememory), such as at least one magnetic disk memory.Storer 1004 can also be optionally that at least one is positioned at the memory storage away from aforementioned processor 1001.Store batch processing code in storer 1004, and processor 1001 is for calling the program code stored in storer, for performing following operation:

The checking request of carrying identification information that processor 1001 receiving terminal sends.

Described processor 1001 carries out security verification to the identification information carried in described checking request.

Wherein, described processor 1001 to the embodiment that the identification information carried in described checking request carries out security verification is:

Described processor 1001 mates with the authorization identification information prestored the identification information carried in described checking request; If the identification information carried in described checking request mates completely with the described authorization identification information prestored, be then verified; If the identification information carried in described checking request does not mate with the described authorization identification information prestored, then authentication failed.

Described processor 1001 to the embodiment that the identification information carried in described checking request carries out security verification is:

The authorization packets name that the Bao Mingyu of described processor 1001 to the installation kit of application to be installed prestores is mated; When the authorization packets name coupling that the Bao Mingyu of the installation kit of application to be installed prestores, described processor 1001 mates with the authority checking information prestored the authorization information of the installation kit of application to be installed.

When being verified, processor 1001 sends to described terminal and is verified message, and the installation performed for described application to be installed to trigger described terminal operates.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by processor 1001 is verified with the identification information applying corresponding mandate installation kit described to be installed prestored, if the identification information of application to be installed mates completely with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described processor 1001 sends to terminal and is verified message, terminal is verified message described in receiving, and the installation performed for described application to be installed operates.

Optionally, when authentication failed, processor 1001 sends authentication failed message to terminal, stops operating the installation of described application to be installed with notification terminal.

Concrete, the identification information of the application to be installed of carrying in the checking request that terminal sends by processor 1001 is verified with the identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, if the identification information of application to be installed and the identification information Incomplete matching applying corresponding mandate installation kit described to be installed prestored, described processor 1001 sends authentication failed message to terminal, terminal receives described authentication failed message, stops the installation performing for described application to be installed to operate.

Pass through the embodiment of the present invention, the identification information of acquisition for mobile terminal carries out verifying to determine whether this application to be installed is malicious application with the identification information applying corresponding mandate installation kit described to be installed prestored by safety applications service end, and then return terminal authentication message, terminal is carried out installation operation according to described checking message or is stopped installing, solve user in prior art after installation kit installation, just can distinguish to be whether the technical matters of malicious application, be conducive to improving the security that application is installed.

Refer to Figure 11, Figure 11 is a kind of structural representation applying installation system that eleventh embodiment of the invention provides, as shown in figure 11, this application installation system can comprise: mobile terminal 1101 and safety applications service end 1102, wherein, described mobile terminal 1101 can as Fig. 7 or Fig. 8 above the mobile terminal introduced, safety applications service end 1102 can as close Fig. 9 or Figure 10 above the safety applications service end introduced, concrete:

Mobile terminal 1101, for obtaining the identification information of the installation kit of application to be installed; Send the checking request of carrying described identification information to safety applications service end, described checking request is used to indicate described safety applications service end to carry out security verification to the identification information carried in this checking request.

Safety applications service end 1102, for the checking request of carrying identification information that receiving terminal sends; Security verification is carried out to the identification information carried in described checking request; When being verified, sending be verified message to described terminal, the installation performed for described application to be installed to trigger described terminal operates.

Wherein, described safety applications service end 1102 to the embodiment that the identification information carried in described checking request carries out security verification is:

Safety applications service end 1102 is mated with the authorization identification information prestored the identification information carried in described checking request; If the identification information carried in described checking request mates completely with the described authorization identification information prestored, be then verified; If the identification information carried in described checking request does not mate with the described authorization identification information prestored, then authentication failed.

Described safety applications service end 1102 to the embodiment that the identification information carried in described checking request carries out security verification is:

The authorization packets name that the Bao Mingyu of described safety applications service end 1102 to the installation kit of application to be installed prestores is mated; When the authorization packets name coupling that the Bao Mingyu of the installation kit of application to be installed prestores, described safety applications service end 1102 is mated with the authority checking information prestored the authorization information of the installation kit of application to be installed.

Concrete, the identification information of the application to be installed of carrying in the checking request that above-mentioned mobile terminal 1101 sends by safety applications service end 1102 is verified with the authorization identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end 1102, if the identification information of application to be installed mates completely with the authorization identification information applying corresponding mandate installation kit described to be installed being pre-stored in safety applications service end, described safety applications service end 1102 sends to mobile terminal 1101 and is verified message.

Described mobile terminal 1101, if also for receive described safety applications service end response described checking request send be verified message, the installation performed for described application to be installed operates.

Optionally, described mobile terminal 1101, also for identifying the loading source of the installation kit of described application to be installed; If the loading source identified is unauthorized loading source, triggers and perform described checking request of carrying described identification information to the transmission of safety applications service end.

In the present embodiment, if the loading source that mobile terminal 1101 identifies the installation kit of application to be installed is unauthorized loading source, be confirmed whether to install by user, if user confirms to install the installation kit that above-mentioned loading source is unauthorized loading source, then the confirmation installation action triggering mobile terminals 1101 of user performs described checking request of carrying described identification information to the transmission of safety applications service end.

Optionally, described mobile terminal 1101, if the loading source also for identifying is the loading source of authorizing, the installation performed for described application to be installed operates.

Optionally, described safety applications service end 1102, also for when authentication failed, sends authentication failed message to described mobile terminal 1101, to notify that described mobile terminal 1101 stops operating the installation of described application to be installed;

Optionally, described mobile terminal 1101, if also for receiving the authentication failed message that the described checking of described safety applications service end response asks to send, stop operating the installation of described application to be installed.

In the above-described embodiments, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, there is no the part described in detail, can see the associated description of other embodiments.

Be described in detail the embodiment of the present invention above, apply specific case herein and set forth principle of the present invention and embodiment, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, to sum up above-mentioned, this description should not be construed as limitation of the present invention.

Claims

1. apply an installation method, it is characterized in that, described method comprises:

2. method according to claim 1, is characterized in that, described to safety applications service end send carry the checking request of described identification information before, described method also comprises:

3. method according to claim 2, is characterized in that, described method also comprises:

If the loading source identified is the loading source of authorizing, the installation performed for described application to be installed operates.

4. method according to claim 1, is characterized in that, described method also comprises:

If receive the authentication failed message that the described checking of described safety applications service end response asks to send, stop operating the installation of described application to be installed.

5. the method according to any one of Claims 1 to 4, is characterized in that, described identification information comprises: the authorization information of the bag name of the installation kit of application to be installed and the installation kit of application to be installed.

6. apply an installation method, it is characterized in that, described method comprises:

When being verified, described safety applications service end sends to described terminal and is verified message, and the installation performed for application to be installed to trigger described terminal operates.

7. method according to claim 6, is characterized in that, described method also comprises:

When authentication failed, described safety applications service end sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.

8. the method according to claim 6 or 7, is characterized in that, described safety applications service end carries out security verification to the identification information carried in described checking request, comprising:

Safety applications service end is mated with the authorization identification information prestored the identification information carried in described checking request;

If the identification information carried in described checking request mates completely with the described authorization identification information prestored, be then verified;

If the identification information carried in described checking request does not mate with the described authorization identification information prestored, then authentication failed.

9. the method according to claim 6 or 7, is characterized in that, described identification information comprises: the authorization information of the bag name of the installation kit of application to be installed and the installation kit of application to be installed;

Described safety applications service end carries out security verification to the identification information carried in described checking request, comprising:

The authorization packets name that the Bao Mingyu of described safety applications service end to the installation kit of application to be installed prestores is mated;

When the authorization packets name coupling prestored described in the Bao Mingyu of the installation kit of described application to be installed, described safety applications service end is mated with the authority checking information prestored the authorization information of the installation kit of described application to be installed.

10. a mobile terminal, is characterized in that, described mobile terminal comprises:

11. mobile terminals according to claim 10, is characterized in that, described mobile terminal also comprises:

Recognition unit, for identifying the loading source of the installation kit of described application to be installed;

Trigger element, if the loading source for identifying being unauthorized loading source, triggering performance element and performing described checking request of carrying described identification information to the transmission of safety applications service end.

12. 1 kinds of safety applications service ends, is characterized in that, described safety applications service end comprises:

Transmitting element, for when being verified, sending be verified message to described terminal, the installation performed for application to be installed to trigger described terminal operates.

13. safety applications service ends according to claim 12, is characterized in that,

Described transmitting element, also for when authentication failed, sends authentication failed message to described terminal, to notify that described terminal stops operating the installation of described application to be installed.

14. 1 kinds of application installation systems, is characterized in that, comprise the mobile terminal according to any one of claim 10 ~ 11 and the safety applications service end according to any one of claim 12 ~ 13, wherein:

Described safety applications service end, for the checking request of carrying identification information that receiving terminal sends; Security verification is carried out to the identification information carried in described checking request; When being verified, sending be verified message to described terminal, the installation performed for described application to be installed to trigger described terminal operates;