CN106886711A - authority request response method and corresponding device - Google Patents
authority request response method and corresponding device Download PDFInfo
- Publication number
- CN106886711A CN106886711A CN201510938516.5A CN201510938516A CN106886711A CN 106886711 A CN106886711 A CN 106886711A CN 201510938516 A CN201510938516 A CN 201510938516A CN 106886711 A CN106886711 A CN 106886711A
- Authority
- CN
- China
- Prior art keywords
- application program
- information
- authority
- source
- authentication data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a kind of authority request response method and corresponding device, methods described is applied to intelligent terminal, and methods described includes:Obtain the source-information of the application program installed in the intelligent terminal;Judge that the source-information whether there is in preset authentication data;If in the presence of after the application program is installed, authorizing the application program Root authority.The present invention stores the source-information of application program by preset authentication data in preset authentication data, only authorizes Root authority to the application program for allowing to authorize in preset authentication data, improves the security that application program obtains Root authority.
Description
Technical field
The present invention relates to intelligent terminal technical field, more particularly to a kind of authority request response method and phase
The device answered.
Background technology
Based on the operating system that Uinux is born, grasped from Linux series to the Android of intelligent terminal
Make system, in the presence of strict user management mechanism.Wherein, by taking Android as an example, the highest of system
Authority account number is Root, and the authority of account also represents the highest level of rights management mechanism, Ke Yiqi
Dynamic or one process of stopping, deleting or increases user, increase or disabling hardware etc..Intelligent terminal dispatches from the factory
When, manufacturer considers for safety factor, does not typically open Root authority to user.In this case,
The system operatio that user is carried out to intelligent terminal, or third-party application such as mobile phone safe software needs
When realizing that some such as unload the function of application etc of dispatching from the factory, it is subject to hinder.Therefore, Root is obtained
Authority just becomes increasingly prevalent.
At present, the Root authority of intelligent terminal is obtained, or makes certain application program in intelligent terminal
Obtain Root authority, it usually needs the operating system of intelligent terminal is obtained using Root solutions
Take the operation of the system level of Root authority.Because the operation is related to the bottom core of operating system,
So in the presence of the situation for damaging operating system, causing the intelligent terminal after obtaining Root authority operation occur
Unstable situation, or even system crash.
And, in the intelligent terminal after obtaining Root authority, any application program can obtain Root
Authority.If some unauthorized applications obtain Root authority, the safety belt of intelligent terminal is endangered
Evil.
The content of the invention
In view of it is above-mentioned it is existing authorize Root authority scheme and there is any application program can obtain Root
The problem of authority, it is proposed that the present invention overcomes above mentioned problem or solve at least in part to provide one kind
The authority request response method and corresponding device of above mentioned problem.
According to one aspect of the present invention, there is provided a kind of authority request response method, intelligent end is applied to
End, methods described includes:
Obtain the source-information of the application program installed in the intelligent terminal;
Judge that the source-information whether there is in preset authentication data;
If in the presence of after the application program is installed, authorizing the application program Root authority.
Alternatively, the source-information for obtaining the application program installed in the intelligent terminal, bag
Include:
Signature to the installation file of the application program is parsed, and obtains the source-information.
Alternatively, the source-information for obtaining the application program installed in the intelligent terminal, bag
Include:
Judge whether the installation process of the application program is performed by default application program market;
If, it is determined that the source-information of the application program is the mark in the default application program market
Knowledge information.
Alternatively, the authentication data storage is in the operating system where the intelligent terminal and described
Authentication data is user-defined authentication data.
Alternatively, the authentication data also period of validity information including Root authority;
There is corresponding relation with the source-information of the application program in the period of validity information.
Alternatively, after the application program Root authority is authorized, methods described also includes:
When according to period of validity information timer expiration corresponding with the source-information of the application program, remove
Pin authorizes the Root authority of the application program.
Alternatively, after the application program Root authority is authorized, methods described also includes:
Obtain the historical record of the demand frequency of the application program various functions authority;
The application program is assigned temporarily more than the corresponding function authority of first threshold by demand frequency.
Alternatively, after the application program Root authority is authorized, methods described also includes:
Obtain the demand frequency of the various functions authority of the application program of the application program generic
Historical record;
The application program is assigned temporarily more than the corresponding function authority of Second Threshold by total demand frequency.
According to another aspect of the present invention, there is provided a kind of authority request responding device, it is applied to intelligent end
End, described device includes:
Acquisition module, the source-information for obtaining the application program installed in the intelligent terminal;
Judge module, for judging that the source-information whether there is in preset authentication data;
Authorization module, if being present in preset authentication data for the source-information, answers when described
After being installed with program, the application program Root authority is authorized.
Alternatively, the acquisition module is parsed to the signature of the installation file of the application program, is obtained
To the source-information.
Alternatively, the acquisition module, including:
Installation process judge module, for judging the installation process of the application program whether by default
Application program market performs;
Identification information determining module, if being by default application for the installation process of the application program
Program market performs, it is determined that the source-information of the application program is the default application program market
Identification information.
Alternatively, the authentication data storage is in the operating system where the intelligent terminal and described
Authentication data is user-defined authentication data.
Alternatively, the authentication data also period of validity information including Root authority;
There is corresponding relation with the source-information of the application program in the period of validity information.
Alternatively, described device also includes:
Revocation module, after authorizing the application program Root authority in the authorization module,
When according to period of validity information timer expiration corresponding with the source-information of the application program, revocation is awarded
Give the Root authority of the application program.
Alternatively, described device also includes:
First historical record acquisition module, for authorizing the application program Root in the authorization module
After authority, the historical record of the demand frequency of the application program various functions authority is obtained;
First function privilege assigns module, for the corresponding function authority by demand frequency more than first threshold
The application program is assigned temporarily.
Alternatively, described device also includes:
Second historical record acquisition module, for authorizing the application program Root in the authorization module
After authority, the application of various functions authority of the application program of the application program generic is obtained frequently
The historical record of rate;
Second function privilege assigns module, for the corresponding function by total demand frequency more than Second Threshold
Authority assigns the application program temporarily.
It is existing to authorize in Root authority scheme, it is necessary to carry out acquisition Root to the operating system of intelligent terminal
The operation of the system level of authority.In the intelligent terminal after obtaining Root authority, any application program
Root authority can be obtained.If some unauthorized applications obtain Root authority, to intelligent end
The safety belt at end endangers.The present invention obtains intelligence eventually during application program is in and installs
Source-information in application program just in the mounted state in end, judge be in preset authentication data
The no source-information that there is the application program installed, if in the presence of, after application program is installed,
Authorize application program Root authority.Technical solution of the present invention is recognized by preset authentication data in preset
The source-information of application program is stored in card data, only the application to allowing to authorize in preset authentication data
Program authorizes Root authority, improves the security that application program obtains Root authority.
Described above is only the general introduction of technical solution of the present invention, in order to better understand skill of the invention
Art means, and can be practiced according to the content of specification, and it is of the invention above and other in order to allow
Objects, features and advantages can become apparent, below especially exemplified by specific embodiment of the invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are for this
Field those of ordinary skill will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment,
And it is not considered as limitation of the present invention.And in whole accompanying drawing, be denoted by the same reference numerals
Identical part.In the accompanying drawings:
Fig. 1 is a kind of according to embodiments of the present invention one authority request response method flow chart of steps;
Fig. 2 is a kind of according to embodiments of the present invention two authority request responding device structural representation.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although being shown in accompanying drawing
The exemplary embodiment of the disclosure, it being understood, however, that may be realized in various forms the disclosure without
Should be limited by embodiments set forth here.Conversely, there is provided these embodiments are able to more thoroughly
Understand the disclosure, and can by the scope of the present disclosure it is complete convey to those skilled in the art.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative used herein
" one ", " one ", " described " and " being somebody's turn to do " may also comprise plural form.It is to be further understood that
Used in specification of the invention wording " including " refer to the presence of the feature, integer, step, behaviour
Make, element and/or component, but it is not excluded that in the presence of or add one or more other features, integer,
Step, operation, element, component and/or their group.It should be understood that when we claim element by " even
Connect " or during " coupled " to another element, it can be directly connected or coupled to other elements, Huo Zheye
There may be intermediary element.Additionally, " connection " used herein or " coupling " can include wirelessly connecting
Connect or wirelessly couple.Wording "and/or" used herein includes one or more associated listing
The whole or any cell of item and all combination.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein
(including technical term and scientific terminology), with art of the present invention in those of ordinary skill one
As understand identical meaning.It should also be understood that those terms defined in such as general dictionary, should
This is understood to there is the meaning consistent with the meaning in the context of prior art, and unless as here
Equally by specific definitions, will not otherwise be explained with idealization or excessively formal implication.
It will be appreciated by those skilled in the art that " application ", " application program ", " application alleged by the present invention
Software " and the concept of similar statement, are the same concepts well known to those skilled in the art, refer to by one
The computer software for being suitable to electronics operation of series of computer instructions and the organic construction of related data resource.Remove
Non-specifically is specified, and programming language species, rank, operation of also not rely by it are not received in this name in itself
Operating system or platform are limited.In the nature of things, this genus is not also limited by any type of terminal
System.
It is well known that Root authority refers to Unix type operating systems (including Linux, Android)
System manager's authority, similar to the Administrator (keeper) in Windows (form) system
Authority;Root authority can access and change almost all of file (Android in the mobile device of user
System file and user file, not including ROM).
But, it is strict for the management of Root authority due to current intelligent terminal system, lead to
Most applications or program do not possess Root authority in the case of often, therefore need to have Root for some
The operation of authority cannot just be performed, for example, install or unload the operation such as application;Meanwhile, such operation calls
Process is required for system application Root authority when performing corresponding operating every time.Based on this, the present invention is real
Apply example and propose a kind of authority request response method and corresponding device, specifically can be built-in by calling system
SU (Super User, power user) order obtain Root authority, or by obtain have Root
The shell of authority obtains Root authority and the launching process in shell, is then obtaining the system
After Root authority mandate, you can need not repeat Shen when follow-up other calling process is performed associative operation
Please Root authority;The Root authority that specific Root authority acquisition process can refer to prior art calls letter
Number, the embodiment of the present invention will not be repeated here.
Embodiment one
A kind of authority request response method of the offer of the embodiment of the present invention one is provided.The embodiment of the present invention
In method be applied to intelligent terminal, be for example applied to smart mobile phone, panel computer etc..
Reference picture 1, shows a kind of authority request response method steps flow chart in the embodiment of the present invention one
Figure.
Step 100, obtains the source-information of the application program installed in the intelligent terminal.
Application program in the embodiment of the present invention refers to the third-party application installed in intelligent terminal in user
Program, and the application program that the operating system where unintelligent terminal is carried.
The step 100 can specifically distinguish following two situations and perform:
1st, the signature to the installation file of the application program is parsed, and obtains the source-information.
For example, file of the installation file of certain application program for apk forms, then to the text of the apk forms
The signature of part is parsed, and obtains source-information.The signature of the file of apk forms is to ensure that each should
With the legal ID of program development business, prevent fractional open business from may obscure by using identical bag name
The application program that replacement has been installed is, it is necessary to the apk files to issuing carry out signature unique, it is ensured that every time
The uniformity (such as automatically updating will not cannot install because version is inconsistent) of the version of issue.
2nd, judge whether the installation process of the application program is performed by default application program market;
If, it is determined that the source-information of the application program is the mark letter in the default application program market
Breath.
For example, select certain application program to be installed online in 360 mobile phone assistant, the online installation
Process is performed by 360 mobile phone assistant.If 360 mobile phone assistant is default multiple application program cities
One in, then the source-information that can determine the application program is the identification information of 360 mobile phone assistant.
Default each application program market has unique identification information, and default application program market can be with table
Show the application program trusted and installed by default application program market.
Step 102, judges that the source-information whether there is in preset authentication data, if in the presence of,
Then perform step 104;If not existing, flow terminates.
Preset authentication data can be stored in the operating system of intelligent terminal, can specifically be stored in behaviour
As the position that system is specified.In order to ensure the security of authentication data, it is read-only that can set authentication data
Attribute, i.e., cannot modify to authentication data;Or the modification of authentication data setting password can be tested
Card, can be carried out self-defined by user after in password authentification to authentication data.
If the source-information in the signature of the application program installed, or the application program installed
The identification information in corresponding application program market exists in preset authentication data, then can trust
The application program of installation, it is believed that the application program installed is safe application program, Ke Yijin
One step carries out Authorized operation.
Step 104, after the application program is installed, authorizes the application program Root authority.
Application program is authorized in the embodiment of the present invention is that Root authority can be that interim Root is weighed
Limit, and impermanent Root authority, then can also include the term of validity of Root authority in authentication data
Limit information, the period of validity information can be a timing node for specific Root authority revocation,
Or can be the effective period of time of some Root authority.And, the period of validity information can be with
There is corresponding relation with the source-information of the application program.For example, for certain application program A, if should
The source-information of application program A is the identification information of application program market B, then period of validity information is
a1;If the source-information of application program A is the identification information of application program market C, the term of validity
Limit information is a2.
After the step 104, when according to the term of validity corresponding with the source-information of the application program
During limit information timer expiration, the Root authority of the application program is authorized in revocation.
In a preferred embodiment of the invention, after the step 104, institute can also be obtained
State the historical record of the demand frequency of application program various functions authority;Demand frequency is more than first threshold
Corresponding function authority assign the application program temporarily.Wherein, various functions authority is application program pair
The authority of the concrete function of outer application, if certain or some function privileges apply for frequency in certain period of time
Certain or some function privileges can be then given to application program by rate more than the first threshold for setting.
In a preferred embodiment of the invention, after the step 104, institute can also be obtained
State the historical record of the demand frequency of the various functions authority of the application program of application program generic;Will
Total demand frequency assigns the application program temporarily more than the corresponding function authority of Second Threshold.I.e. can be with
With reference to the history of the demand frequency of the various functions authority of the other application programs generic with application program
Record, by the total of certain or some function privilege of the other application programs generic with application program
Demand frequency is given to application program more than certain or some function privileges of preset Second Threshold.
And, first threshold can or difference identical with Second Threshold, specifically can be according to actual conditions
Set.
In sum, the technical scheme in the embodiment of the present invention, the mistake installed is in application program
Cheng Zhong, obtains the source-information in application program just in the mounted state in intelligent terminal, judges pre-
With the presence or absence of the source-information of application program installed in the authentication data put, if in the presence of when should
After being installed with program, application program Root authority is authorized.Technical solution of the present invention is recognized by preset
Card data, store the source-information of application program, only to preset certification number in preset authentication data
Root authority is authorized according to the middle application program for allowing to authorize, application program is improve and is obtained Root authority
Security.
It can be temporary Root authority to be additionally, since the Root authority authorized, and temporary Root authority is deposited
In period of validity, then when expiring period of validity, the Root authority authorized before can be cancelled, enter one
Step improves the security that Root authority is used.
Embodiment two
A kind of authority request responding device of the offer of the embodiment of the present invention two is provided.The embodiment of the present invention
In device can apply to intelligent terminal, be for example applied to smart mobile phone, panel computer etc..
Reference picture 2, shows a kind of authority request responding device structural representation in the embodiment of the present invention two
Figure.
Described device can include:Acquisition module 20, judge module 22 and authorization module 24.
The relation between the function of each module and each module is discussed in detail separately below.
Believe in acquisition module 20, the source for obtaining the application program installed in the intelligent terminal
Breath.
The signature of 20 pairs of installation files of the application program of the acquisition module is parsed, and obtains institute
State source-information.
The acquisition module 20 can include:
Installation process judge module, for judging the installation process of the application program whether by default
Application program market performs.
Identification information determining module, if being by default application for the installation process of the application program
Program market performs, it is determined that the source-information of the application program is the default application program market
Identification information.
Judge module 22, for judging that the source-information whether there is in preset authentication data.
The authentication data storage is in the operating system where the intelligent terminal, and the authentication data
It is user-defined authentication data.The authentication data also period of validity information including Root authority;
There is corresponding relation with the source-information of the application program in the period of validity information.
Authorization module 24, if being present in preset authentication data for the source-information, when described
After application program is installed, the application program Root authority is authorized.
Described device can also include:Revocation module, for authorizing institute in the authorization module 24
After stating application program Root authority, when according to it is corresponding with the source-information of the application program effectively
During deadline information timer expiration, the Root authority of the application program is authorized in revocation.
Described device can also include:First historical record acquisition module, in the authorization module 24
Authorize after the application program Root authority, obtain the application of the application program various functions authority
The historical record of frequency;First function privilege assigns module, for demand frequency to be more than into first threshold
Corresponding function authority assigns the application program temporarily.
Described device can also include:Second historical record acquisition module, in the authorization module 24
Authorize after the application program Root authority, obtain the application program of the application program generic
Various functions authority demand frequency historical record;Second function privilege assigns module, for by always
Demand frequency assign the application program temporarily more than the corresponding function authority of Second Threshold.
In sum, the technical scheme in the embodiment of the present invention, the mistake installed is in application program
Cheng Zhong, obtains the source-information in application program just in the mounted state in intelligent terminal, judges pre-
With the presence or absence of the source-information of application program installed in the authentication data put, if in the presence of when should
After being installed with program, application program Root authority is authorized.Technical solution of the present invention is recognized by preset
Card data, store the source-information of application program, only to preset certification number in preset authentication data
Root authority is authorized according to the middle application program for allowing to authorize, application program is improve and is obtained Root authority
Security.
It can be temporary Root authority to be additionally, since the Root authority authorized, and temporary Root authority is deposited
In period of validity, then when expiring period of validity, the Root authority authorized before can be cancelled, enter one
Step improves the security that Root authority is used.
Provided herein authority request response scheme not with any certain computer, virtual system or other
Equipment is inherently related.Various general-purpose systems can also be used together with based on teaching in this.According to above
Description, it is obvious to construct the structure required by the system with the present invention program.Additionally, this
Invention is not also directed to any certain programmed language.It is understood that, it is possible to use various programming languages are realized
The present disclosure of this description, and the description done to language-specific above is to disclose the present invention
Preferred forms.
In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that this
Inventive embodiment can be put into practice in the case of without these details.In some instances, not
Known method, structure and technology are shown specifically, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help understand in each inventive aspect
Or it is multiple, in above to the description of exemplary embodiment of the invention, each feature of the invention is sometimes
It is grouped together into single embodiment, figure or descriptions thereof.However, should not be by the disclosure
Method be construed to reflect following intention:I.e. the present invention for required protection requirement ratio is in each claim
The middle more features of feature be expressly recited.More precisely, as the following claims reflect,
Inventive aspect is all features less than single embodiment disclosed above.Therefore, it then follows specific implementation
Thus claims of mode are expressly incorporated in the specific embodiment, and wherein each claim is in itself
All as separate embodiments of the invention.
Those skilled in the art are appreciated that can be carried out certainly to the module in the equipment in embodiment
Adaptively change and they are arranged in one or more equipment different from the embodiment.Can be with
Module or unit or component in embodiment is combined into a module or unit or component, and in addition may be used
To be divided into multiple submodule or subelement or sub-component.Except such feature and/or process or
Outside at least some in unit exclude each other, can be using any combinations to this specification (including companion
With claim, summary and accompanying drawing) disclosed in all features and so disclosed any method or
All processes or unit of person's equipment are combined.Unless expressly stated otherwise, this specification (including companion
With claim, summary and accompanying drawing) disclosed in each feature can it is identical by offers, equally or phase
Replace like the alternative features of purpose.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include it
Some included features are rather than further feature, but the group of the feature of different embodiments in its embodiment
Conjunction means to be within the scope of the present invention and formed different embodiments.For example, in claim
In book, the one of any of embodiment required for protection mode can use in any combination.
All parts embodiment of the invention can be realized with hardware, or be processed with one or more
The software module run on device is realized, or is realized with combinations thereof.Those skilled in the art should
Understand, basis can be realized using microprocessor or digital signal processor (DSP) in practice
Some or all parts in the authority request response scheme of the embodiment of the present invention it is some or all
Function.The present invention is also implemented as performing some or all of method as described herein
Equipment or program of device (for example, computer program and computer program product).It is such to realize this
The program of invention can be stored on a computer-readable medium, or can have one or more signal
Form.Such signal can be downloaded from internet website and obtained, or be provided on carrier signal,
Or provided in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention,
And those skilled in the art can design replacement without departing from the scope of the appended claims
Embodiment.In the claims, any reference symbol being located between bracket should not be configured to right
It is required that limitation.Word "comprising" does not exclude the presence of element or step not listed in the claims.Position
Word "a" or "an" before element does not exclude the presence of element as multiple.The present invention can
To be realized by means of the hardware for including some different elements and by means of properly programmed computer.
If in the unit claim for listing equipment for drying, several in these devices can be by same
Individual hardware branch is embodied.The use of word first, second, and third does not indicate that any order.
These words can be construed to title.
The invention discloses A1, a kind of authority request response method, intelligent terminal, the side are applied to
Method includes:
Obtain the source-information of the application program installed in the intelligent terminal;
Judge that the source-information whether there is in preset authentication data;
If in the presence of after the application program is installed, authorizing the application program Root authority.
A2, the method according to A1, wherein, installed in the acquisition intelligent terminal
The source-information of application program, including:
Signature to the installation file of the application program is parsed, and obtains the source-information.
A3, the method according to A1, wherein, installed in the acquisition intelligent terminal
The source-information of application program, including:
Judge whether the installation process of the application program is performed by default application program market;
If, it is determined that the source-information of the application program is the mark in the default application program market
Knowledge information.
A4, the method according to A1, wherein, the authentication data storage is in the intelligent terminal institute
Operating system in, and the authentication data be user-defined authentication data.
A5, the method according to A1, wherein, the authentication data also having including Root authority
Effect deadline information;
There is corresponding relation with the source-information of the application program in the period of validity information.
A6, the method according to A5, wherein, after the application program Root authority is authorized,
Methods described also includes:
When according to period of validity information timer expiration corresponding with the source-information of the application program, remove
Pin authorizes the Root authority of the application program.
A7, the method according to A1, wherein, after the application program Root authority is authorized,
Methods described also includes:
Obtain the historical record of the demand frequency of the application program various functions authority;
The application program is assigned temporarily more than the corresponding function authority of first threshold by demand frequency.
A8, the method according to A1, wherein, after the application program Root authority is authorized,
Methods described also includes:
Obtain the demand frequency of the various functions authority of the application program of the application program generic
Historical record;
The application program is assigned temporarily more than the corresponding function authority of Second Threshold by total demand frequency.
Correspondingly, the invention also discloses B9, a kind of authority request responding device, it is applied to intelligent end
End, described device includes:
Acquisition module, the source-information for obtaining the application program installed in the intelligent terminal;
Judge module, for judging that the source-information whether there is in preset authentication data;
Authorization module, if being present in preset authentication data for the source-information, answers when described
After being installed with program, the application program Root authority is authorized.
B10, the device according to B9, wherein, peace of the acquisition module to the application program
The signature for filling file is parsed, and obtains the source-information.
B11, the device according to B9, wherein, the acquisition module, including:
Installation process judge module, for judging the installation process of the application program whether by default
Application program market performs;
Identification information determining module, if being by default application for the installation process of the application program
Program market performs, it is determined that the source-information of the application program is the default application program market
Identification information.
B12, the device according to B9, wherein, the authentication data storage is in the intelligent terminal
In the operating system at place, and the authentication data is user-defined authentication data.
B13, the device according to B9, wherein, the authentication data also having including Root authority
Effect deadline information;
There is corresponding relation with the source-information of the application program in the period of validity information.
B14, the device according to B13, wherein, described device also includes:
Revocation module, after authorizing the application program Root authority in the authorization module,
When according to period of validity information timer expiration corresponding with the source-information of the application program, revocation is awarded
Give the Root authority of the application program.
B15, the device according to B9, wherein, described device also includes:
First historical record acquisition module, for authorizing the application program Root in the authorization module
After authority, the historical record of the demand frequency of the application program various functions authority is obtained;
First function privilege assigns module, for the corresponding function authority by demand frequency more than first threshold
The application program is assigned temporarily.
B16, the device according to B9, wherein, described device also includes:
Second historical record acquisition module, for authorizing the application program Root in the authorization module
After authority, the application of various functions authority of the application program of the application program generic is obtained frequently
The historical record of rate;
Second function privilege assigns module, for the corresponding function by total demand frequency more than Second Threshold
Authority assigns the application program temporarily.
Claims (10)
1. a kind of authority request response method, is applied to intelligent terminal, and methods described includes:
Obtain the source-information of the application program installed in the intelligent terminal;
Judge that the source-information whether there is in preset authentication data;
If in the presence of after the application program is installed, authorizing the application program Root authority.
2. method according to claim 1, wherein, it is described to obtain in the intelligent terminal
The source-information of the application program of installation, including:
Signature to the installation file of the application program is parsed, and obtains the source-information.
3. method according to claim 1, wherein, it is described to obtain in the intelligent terminal
The source-information of the application program of installation, including:
Judge whether the installation process of the application program is performed by default application program market;
If, it is determined that the source-information of the application program is the mark in the default application program market
Knowledge information.
4. method according to claim 1, wherein, the authentication data storage is in the intelligence
In operating system where terminal, and the authentication data is user-defined authentication data.
5. method according to claim 1, wherein, the authentication data also includes Root authority
Period of validity information;
There is corresponding relation with the source-information of the application program in the period of validity information.
6. method according to claim 5, wherein, authorizing the application program Root authority
Afterwards, methods described also includes:
When according to period of validity information timer expiration corresponding with the source-information of the application program, remove
Pin authorizes the Root authority of the application program.
7. method according to claim 1, wherein, authorizing the application program Root authority
Afterwards, methods described also includes:
Obtain the historical record of the demand frequency of the application program various functions authority;
The application program is assigned temporarily more than the corresponding function authority of first threshold by demand frequency.
8. method according to claim 1, wherein, authorizing the application program Root authority
Afterwards, methods described also includes:
Obtain the demand frequency of the various functions authority of the application program of the application program generic
Historical record;
The application program is assigned temporarily more than the corresponding function authority of Second Threshold by total demand frequency.
9. a kind of authority request responding device, is applied to intelligent terminal, and described device includes:
Acquisition module, the source-information for obtaining the application program installed in the intelligent terminal;
Judge module, for judging that the source-information whether there is in preset authentication data;
Authorization module, if being present in preset authentication data for the source-information, answers when described
After being installed with program, the application program Root authority is authorized.
10. device according to claim 9, wherein, the acquisition module is to the application program
The signature of installation file parsed, obtain the source-information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510938516.5A CN106886711A (en) | 2015-12-15 | 2015-12-15 | authority request response method and corresponding device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510938516.5A CN106886711A (en) | 2015-12-15 | 2015-12-15 | authority request response method and corresponding device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106886711A true CN106886711A (en) | 2017-06-23 |
Family
ID=59175141
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510938516.5A Pending CN106886711A (en) | 2015-12-15 | 2015-12-15 | authority request response method and corresponding device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106886711A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833690A (en) * | 2018-05-31 | 2018-11-16 | 努比亚技术有限公司 | authority control method, terminal and computer readable storage medium |
| CN109088977A (en) * | 2018-06-21 | 2018-12-25 | 上海二三四五网络科技有限公司 | A kind of control method and control device of automatic installation mobile terminal application |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663320A (en) * | 2012-04-12 | 2012-09-12 | 福建联迪商用设备有限公司 | Method for terminal identification developers and dividing developers with different permissions |
| CN103858130A (en) * | 2013-08-23 | 2014-06-11 | 华为终端有限公司 | Method, apparatus and terminal for administration of permission |
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104090967A (en) * | 2014-07-16 | 2014-10-08 | 北京智谷睿拓技术服务有限公司 | Application program recommending method and device |
| CN104424423A (en) * | 2013-08-28 | 2015-03-18 | 华为终端有限公司 | Method and device for determining authorities of application program |
-
2015
- 2015-12-15 CN CN201510938516.5A patent/CN106886711A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663320A (en) * | 2012-04-12 | 2012-09-12 | 福建联迪商用设备有限公司 | Method for terminal identification developers and dividing developers with different permissions |
| CN103858130A (en) * | 2013-08-23 | 2014-06-11 | 华为终端有限公司 | Method, apparatus and terminal for administration of permission |
| CN104424423A (en) * | 2013-08-28 | 2015-03-18 | 华为终端有限公司 | Method and device for determining authorities of application program |
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104090967A (en) * | 2014-07-16 | 2014-10-08 | 北京智谷睿拓技术服务有限公司 | Application program recommending method and device |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833690A (en) * | 2018-05-31 | 2018-11-16 | 努比亚技术有限公司 | authority control method, terminal and computer readable storage medium |
| CN109088977A (en) * | 2018-06-21 | 2018-12-25 | 上海二三四五网络科技有限公司 | A kind of control method and control device of automatic installation mobile terminal application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107533608B (en) | Trusted updates | |
| EP3552098B1 (en) | Operating system update management for enrolled devices | |
| EP2696282B1 (en) | System and method for updating authorized software | |
| US8990883B2 (en) | Policy-based development and runtime control of mobile applications | |
| CN100492300C (en) | System and method for executing a process on a microprocessor-enabled device | |
| CN107567699A (en) | Real-time mobile security situation | |
| US11165780B2 (en) | Systems and methods to secure publicly-hosted cloud applications to run only within the context of a trusted client application | |
| US8117429B2 (en) | System and method for a distributed and flexible configuration of a TCG TPM-based local verifier | |
| EP3583536B1 (en) | Securely defining operating system composition without multiple authoring | |
| US11425127B2 (en) | Securing application behavior in serverless computing | |
| US20140149730A1 (en) | Systems and methods for enforcing secure boot credential isolation among multiple operating systems | |
| CN106341732B (en) | Management method of desktop starter and intelligent television | |
| US11176224B2 (en) | Security tool | |
| CN106548065B (en) | Application program installation detection method and device | |
| US11514165B2 (en) | Systems and methods for secure certificate use policies | |
| CN104915594B (en) | Application program operation method and device | |
| CN107480513B (en) | Authentication implementation method and device, computer device and readable storage medium | |
| US9672353B2 (en) | Securing and managing apps on a device using policy gates | |
| CN106886711A (en) | authority request response method and corresponding device | |
| CN106886715A (en) | authority request response method and corresponding device | |
| JP2009505194A (en) | Increasing security of computer device operation by using vendor ID | |
| CN106897326A (en) | Account relating method and device | |
| US10268823B2 (en) | Device, system, and method for securing executable operations | |
| CN104102887B (en) | A kind of operating system security login authentication implementation method | |
| CN107220546B (en) | Application running method and device and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170623 |