CN107092824B - Application program running method and device - Google Patents

Application program running method and device Download PDF

Info

Publication number
CN107092824B
CN107092824B CN201710239769.2A CN201710239769A CN107092824B CN 107092824 B CN107092824 B CN 107092824B CN 201710239769 A CN201710239769 A CN 201710239769A CN 107092824 B CN107092824 B CN 107092824B
Authority
CN
China
Prior art keywords
information
application program
preset
verification
predetermined
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710239769.2A
Other languages
Chinese (zh)
Other versions
CN107092824A (en
Inventor
阚志刚
陈彪
卢佐华
方宁
程显龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Bangcle Technology Co ltd
Original Assignee
Beijing Bangcle Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Bangcle Technology Co ltd filed Critical Beijing Bangcle Technology Co ltd
Priority to CN201710239769.2A priority Critical patent/CN107092824B/en
Publication of CN107092824A publication Critical patent/CN107092824A/en
Application granted granted Critical
Publication of CN107092824B publication Critical patent/CN107092824B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Abstract

The embodiment of the application discloses an application program running method and device, and the method comprises the following steps: acquiring an operation instruction of a preset application program, wherein the preset application program comprises preset verification information; according to the program content of the preset application program and the preset verification information, verifying the content integrity of the preset application program through a preset cross verification mechanism to obtain a verification result, wherein the cross verification mechanism is used for verifying different parts of the preset application program including the same program content; and if the preset application program is determined to be tampered according to the verification result, refusing to run the preset application program. By utilizing the method and the device, the problem that the application program is tampered can be fundamentally solved, the operation safety of the application program can be improved, and the safety of personal information of a user can be ensured.

Description

Application program running method and device
Technical Field
The present application relates to the field of computer technologies, and in particular, to an application running method and apparatus.
Background
The application program is tampered, namely program codes are added or modified, resource files are replaced, configuration information is modified, icons are replaced, illegal program codes are implanted and the like in the application program, and various pirate and/or phishing applications are generated by packaging the tampered application program for the second time, so that personal information of a user is stolen, the extremely serious security threat is caused to the use of the user, and the anti-tampering protection of the application program is urgently needed.
Generally, when an application downloaded by a user through an application store provided in an operating system of a terminal device is installed or run, the terminal device generally determines that the application is from a trusted resource site, and thus, the application is directly installed or run without any verification processing. If the user is an application downloaded through other resource websites in the network, the terminal device will usually determine that the application is from a resource site with unknown or low reliability when the application is installed or operated, and therefore, a prompt message will pop up to prompt the user whether the application is from a resource site with unknown or low reliability, whether the installation is continued, and the user can continue to install or operate the application, or cancel the installation or operation of the application.
However, whether the application program is tampered cannot be determined by determining the source of the application program, but the possibility of tampering the application program is determined only by the source, and moreover, the credibility of the resource site is not guaranteed, so that the problem that the application program is tampered is not fundamentally solved, the running safety of the application program is still threatened, and the safety of the personal information of the user cannot be guaranteed.
Disclosure of Invention
An embodiment of the application provides an application program running method and device, so as to solve the problems that in the prior art, running safety of an application program is threatened, and safety of personal information of a user cannot be guaranteed.
In order to solve the above technical problem, the embodiment of the present application is implemented as follows:
an application program running method provided by an embodiment of the present application includes:
receiving an operation instruction of a preset application program, wherein the preset application program comprises preset verification information;
according to the program content of the preset application program and the preset verification information, verifying the content integrity of the preset application program through a preset cross verification mechanism to obtain a verification result, wherein the cross verification mechanism is used for verifying different parts of the preset application program including the same program content;
and if the preset application program is determined to be tampered according to the verification result, refusing to run the preset application program.
Optionally, the verifying, according to the program content of the predetermined application program and the predetermined verification information, the integrity of the content of the predetermined application program through a preset cross-checking mechanism to obtain a verification result includes:
the program content is crosswise divided into a plurality of parts according to the sequence of the program content;
acquiring target verification information of each part;
if the target verification information of each part is respectively the same as the corresponding preset verification information, the verification is successful, otherwise, the verification fails;
correspondingly, if the predetermined application program is determined to be tampered according to the verification result, the operation of the predetermined application program is refused, and the method comprises the following steps:
and if the verification result is verification failure, determining that the preset application program is tampered, and refusing to run the preset application program.
Optionally, the predetermined application program further includes first verification information corresponding to the predetermined verification information,
before the verifying the integrity of the content of the predetermined application program through a preset cross-checking mechanism according to the program content of the predetermined application program and the predetermined checking information to obtain a checking result, the method further includes:
acquiring second check information of the preset check information;
determining whether the preset check information is correct or not according to the second check information and the first check information;
correspondingly, the verifying the content integrity of the predetermined application program through a preset cross-checking mechanism according to the program content of the predetermined application program and the predetermined checking information to obtain a checking result includes:
and if the preset verification information is correct, verifying the content integrity of the preset application program through a preset cross verification mechanism according to the program content of the preset application program and the preset verification information to obtain a verification result.
Optionally, the predetermined application further includes an auxiliary code, the auxiliary code and the predetermined check information are binary data, and the predetermined check information is provided in the auxiliary code.
Optionally, the predetermined check information is signature-based check information or a hash check value, the target check information is signature-based check information or a hash check value, the first check information is signature-based check information or a hash check value, and the second check information is signature-based check information or a hash check value.
An application program running device provided in an embodiment of the present application includes:
the instruction acquisition module is used for acquiring an operation instruction of a preset application program, wherein the preset application program comprises preset verification information;
a verification result determining module, configured to verify, according to the program content of the predetermined application program and the predetermined verification information, the content integrity of the predetermined application program through a preset cross-verification mechanism to obtain a verification result, where the cross-verification mechanism is used to verify different portions of the predetermined application program that include the same program content;
and the operation refusing module is used for refusing to operate the preset application program if the preset application program is determined to be tampered according to the verification result.
Optionally, the verification result determining module includes:
the dividing unit is used for dividing the program content into a plurality of parts in a crossed manner according to the sequence of the program content;
a target verification information acquisition unit configured to acquire target verification information of each part;
the checking unit is used for checking successfully if the target checking information of each part is respectively the same as the corresponding preset checking information, or else, checking fails;
correspondingly, the operation refusing module is configured to determine that the predetermined application program is tampered and refuse to operate the predetermined application program if the verification result is that the verification fails.
Optionally, the predetermined application further includes first verification information corresponding to the predetermined verification information, and the apparatus further includes:
the checking information acquisition module is used for acquiring second checking information of the preset checking information;
the judging module is used for determining whether the preset checking information is correct or not according to the second checking information and the first checking information;
correspondingly, the verification result determining module is configured to, if the predetermined verification information is correct, verify the content integrity of the predetermined application program through a preset cross-verification mechanism according to the program content of the predetermined application program and the predetermined verification information, and obtain a verification result.
Optionally, the predetermined application further includes an auxiliary code, the auxiliary code and the predetermined check information are binary data, and the predetermined check information is provided in the auxiliary code.
Optionally, the predetermined check information is signature-based check information or a hash check value, the target check information is signature-based check information or a hash check value, the first check information and the second check information are of the same type, and the first check information and the second check information are signature-based check information or a hash check value.
According to the technical scheme provided by the embodiment of the application, the operation instruction of the preset application program comprising the preset verification information is received, the content integrity of the preset application program is verified through the preset cross verification mechanism according to the program content of the preset application program and the preset verification information to obtain the verification result, and if the preset application program is determined to be tampered according to the verification result, the preset application program is refused to operate.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.
FIG. 1 is a flowchart of an embodiment of a method for running an application program according to the present application;
FIG. 2 is a schematic view of a display interface of a prompt box according to the present application;
FIG. 3 is a flowchart of another embodiment of a method for running an application according to the present application;
FIG. 4 is a diagram illustrating the structure of a data structure according to the present application;
fig. 5 is an embodiment of an application running device according to the present application.
Detailed Description
The embodiment of the application provides an application program running method and device.
In order to make those skilled in the art better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Example one
As shown in fig. 1, an execution main body of the method may be a terminal device, and the terminal device may be a personal computer, a mobile phone, or a tablet computer. The method can be applied to determining whether the application program is tampered, and preventing personal information from being stolen due to the fact that a user uses the tampered application program, and specifically comprises the following steps:
in step S101, an operation instruction of a predetermined application program is acquired, where the predetermined application program includes predetermined verification information.
The predetermined application may be any application, for example, an application based on an Android (i.e., Android) operating system, or may also be an application based on an iOS operating system, and the like, specifically, an instant messaging application, a certain game application, a shopping application, or the like. The predetermined Check information may be information for checking certain data preset in a predetermined application program, and the predetermined Check information may include various kinds, for example, MD5(Message-Digest Algorithm 5) value, CRC (Cyclic Redundancy Check) code, SHA1(Secure Hash Algorithm 1) value, and the like.
In implementation, for an operating system installed in a terminal device used by a user, a detection mechanism for installation or running of an application program can be preset therein to determine the integrity of the application program to be installed or run. In addition, in order to implement integrity check of the application program, predetermined check information may be set in a program data packet of the application program, where the set predetermined check information may be one or more, and each predetermined verification information may correspond to part of data in the program data packet, for example, if the program data packet includes data a, data B, and data C in program code order, the predetermined check information may include 3 pieces, that is, predetermined check information 1, predetermined check information 2, and predetermined check information 3, where the predetermined check information 1 is an MD5 value of data a, the predetermined check information 2 is an MD5 value of data B, and the predetermined check information 3 is an MD5 value of data C, or the predetermined check information may include 2 pieces, that is, predetermined check information 4 and predetermined check information 5, where the predetermined check information 4 is an MD5 value obtained by combining data a and data B, the predetermined check information 5 is an MD5 value obtained by combining the data B and the data C. The predetermined verification information may be set by a technician after he or she writes the program code to complete the application, or may be set by the user based on the complete content of the application.
A user may download a program data package of an application (i.e., a predetermined application) to be installed or run via a network, or may also download a program data package of the predetermined application to be installed from an application store in an operating system installed in the terminal device (e.g., an application store in an android operating system or an iOS operating system), and after the downloading is completed, the user may click the program data package to install or run the corresponding predetermined application, at this time, the terminal device may generate a running instruction of the predetermined application.
In step S102, according to the program content of the predetermined application program and the predetermined verification information, verifying the content integrity of the predetermined application program through a preset cross-checking mechanism to obtain a verification result.
The program content includes program codes of the application programs, content of resource files and content of configuration files, etc., the resource files may include pictures, videos, audios, etc., and the configuration files may be files storing configuration parameters of the application programs. The cross-checking mechanism may be a mechanism for checking the integrity of the content of the predetermined application program through the program contents that cross each other, that is, the cross-checking mechanism is used to check different parts of the predetermined application program that include the same program content, such as the combination of data a and data B, and the combination of data B and data C in the example of step S101, so that the data corresponding to the two combinations cross each other (that is, the same data (that is, data B) is included in any combination).
In implementation, when the operation instruction of the predetermined application is obtained, a preset detection mechanism for installing or operating the application may be triggered, and the terminal device sequentially obtains corresponding content data from the program content of the predetermined application through the detection mechanism, for example, based on the above example, the program content includes data a, data B, and data C, and may obtain data a and data B, and data B and data C, respectively, in a predetermined or random manner. After the corresponding content data is acquired, check values of the content data of each part may be calculated, for example, MD5 values of the content data of each part are calculated. Then, a corresponding check value may be obtained according to the data obtaining manner (predetermined or random manner) and the predetermined check information, for example, the predetermined check information may include a network address of the server, the data obtaining manner may be sent to the server, the server may send the corresponding check value to the terminal device, or the predetermined check information includes the corresponding check value. The terminal device may compare the check value of each part of the content data with the corresponding check value, if all the check values are the same, the check is successful, and at this time, it may be determined that the content of the predetermined application program is complete, and if the check value of at least one part of the content data is different from the corresponding check value, the check is failed, and at this time, it may be determined that the content of the predetermined application program is incomplete, or it is determined that the predetermined application program is tampered.
In step S103, if it is determined that the predetermined application program is tampered with according to the verification result, the predetermined application program is refused to run.
In implementation, if the verification result is that the verification is successful, it indicates that the content of the predetermined application program is complete, at this time, the terminal device may continue to install the application program or continue to run the application program, in order to subsequently improve the starting speed of the application program, after the verification is completed this time, a corresponding tag may be generated to mark that the content of the application program is complete, and when the verification process is run again, the application program may be directly run by canceling the verification process. If the verification result is verification failure, the predetermined application program is tampered, in order to avoid leakage of personal information of the user, the terminal device can refuse to run the predetermined application program, and a corresponding prompt box may pop up, as shown in fig. 2, to prompt the user that there is a danger in the installation or operation of the predetermined application, and at this time, if the user determines that the installation or the running can be continued, a continue button in the prompt box can be clicked, the terminal device can continue to install or run the application program, if the user clicks the termination key in the prompt box, the user can replace the download source of the data to obtain the program data packet of the predetermined application program, and based on the program data packet, executing the processing of the steps S101 to S103 again until the predetermined application program is normally installed or normally operated, or the user voluntarily abandons the installation or operation of the predetermined application program.
The embodiment of the application provides an application program running method, which comprises the steps of receiving a running instruction of a preset application program comprising preset checking information, checking the content integrity of the preset application program through a preset cross checking mechanism according to the program content of the preset application program and the preset checking information to obtain a checking result, and refusing to run the preset application program if the preset application program is determined to be tampered according to the checking result, so that whether the application program is tampered is judged by checking the content integrity of the preset application program through the cross checking mechanism, and the application program is refused to run when the application program is determined to be tampered, so that the problem that the application program is tampered is fundamentally solved, the running safety of the application program is improved, and the safety of personal information of a user is ensured.
Example two
As shown in fig. 3, an execution body of the method may be a terminal device, where the terminal device may be a personal computer, a mobile phone, or a tablet computer. The method can be applied to determining whether the application program is tampered, and preventing personal information from being stolen due to the fact that a user uses the tampered application program, and specifically comprises the following steps:
in step S301, an operation instruction of a predetermined application program is acquired, where the predetermined application program includes predetermined verification information.
In order to ensure the safety of the predetermined verification information in the predetermined application program and prevent a user from randomly changing related contents to cause the loss of practical significance in a subsequent verification process, an auxiliary code can be set in the predetermined application program, and the auxiliary code can be in the same presentation form as the predetermined verification information, so that the user cannot distinguish the specific contents of the auxiliary code and the predetermined verification information through the presented auxiliary code and the predetermined verification information before the specific contents of the auxiliary code and the predetermined verification information are not determined. In order to further increase the security of the predetermined check information, the auxiliary code and the predetermined check information may be converted into binary data, and the predetermined check information is disposed in the auxiliary code, for example, as shown in fig. 4, the binary data corresponding to the auxiliary code and the predetermined check information forms a data string, and the predetermined check information includes 5 pieces of predetermined check information, and the 5 pieces of predetermined check information are randomly dispersed and disposed in the binary data of the auxiliary code. The preset check information is check information based on a signature or a hash check value.
The content of the step S301 is the same as the content of the step S101 in the first embodiment, and the processing of the step S301 may refer to the related content of the step S101, which is not described herein again.
In step S302, second check-up information of the predetermined check-up information is acquired.
Wherein the second check information may be signature-based check information or a hash check value.
In implementation, in order to further ensure the security of the predetermined check information and prevent a user from randomly changing its related content, the predetermined check information may be encrypted, and first check information for decrypting the predetermined check information is set in a program data packet of the predetermined application program, that is, the predetermined application program further includes first check information corresponding to the predetermined check information, where the first check information is check information based on a signature or a hash check value. When the operation instruction of the predetermined application program is acquired, a hash check value of the predetermined check information may be calculated, or information of a signature in the predetermined check information may be extracted, so as to obtain second check information of the predetermined check information.
In step S303, it is determined whether predetermined check information is correct according to the second check information and the first check information.
In an implementation, the second check-up information and the first check-up information belong to the same type of information, that is, the second check-up information and the first check-up information are both hash check values, or the second check-up information and the first check-up information are both signature-based check information and the like. Taking the second check information and the first check information as hash check values as an example, whether the hash check value in the second check information is the same as the hash check value in the first check information may be compared, if the two are the same, it is determined that the predetermined check information is correct, at this time, the processing of the following steps S304 to S307 may be continuously performed, if the two are different, it is determined that the predetermined check information is wrong, at this time, it may be determined that the data in the predetermined application program is unsafe, in order to avoid leakage of personal information of the user, the terminal device may refuse to run subsequent related steps, and may pop up a corresponding prompt box, so as to prompt the user that there is a danger in installation or running of the predetermined application program, at this time, if the user determines that installation or running can be continued, the terminal device may continue to install or run the application program, otherwise, the user can replace the download source of the data to obtain the program data packet of the predetermined application program, and perform the above-mentioned processing again based on the program data packet.
In step S304, if the predetermined verification information is correct, the program contents are crossly divided into a plurality of parts according to the sequence of the program contents.
In practice, if it is determined through the above-mentioned processing of step S303 that the predetermined verification information is correct, it indicates that the predetermined verification information in the predetermined application program can be normally used. At this time, all program contents of the predetermined application program may be acquired, including program codes, contents of resource files, contents of configuration files, and the like, the resource files may include pictures, videos, audios, and the like, and the configuration files may be files storing configuration parameters of the application program. The program contents may be arranged in a predetermined order, for example, the program codes may be arranged in the writing order of the codes, the contents of the resource file and the contents of the configuration file may be arranged in the order of the currently described contents, and the like. The arranged program content may be cross-divided into a plurality of parts, for example, according to a predetermined sequence, the program content is data a, data B and data C, the arranged program content is cross-divided into a plurality of parts, namely, data a and data B, and data B and data C, wherein the data of both parts has common data B (i.e., cross data).
In step S305, target verification information of each part is acquired.
The target verification information is verification information or a Hash verification value based on a signature.
In implementation, taking the target verification information as a hash check value as an example, data of the program content of each part may be extracted, and the hash check value of each part may be calculated. Based on the example of step S304 described above, the hash check value of the data after the data a and the data B are combined may be calculated, and the hash check value of the data after the data B and the data C are combined may be calculated.
In step S306, if the target verification information of each part is respectively the same as the corresponding predetermined verification information, the verification is successful, otherwise, the verification fails.
In implementation, the number of the predetermined check information is the same as the number of the plurality of divided parts in the program content, for example, if the program content is divided into 5 parts, the number of the predetermined check information is 5, or if the program content is divided into 3 parts, the number of the predetermined check information is 3, and so on. The target verification information of each portion may be compared with the corresponding predetermined verification information, if the target verification information of each portion is the same as the corresponding predetermined verification information, the verification is successful, at this time, the content of the predetermined application program may be determined to be complete, if at least one portion of the target verification information is different from the corresponding predetermined verification information, the verification is failed, at this time, the content of the predetermined application program may be determined to be incomplete, or the predetermined application program may be determined to be tampered.
In step S307, if the verification result is a verification failure, it is determined that the predetermined application program is tampered, and the predetermined application program is rejected to run.
The processing manner of step S307 may specifically refer to the processing of step S103 in the first embodiment, and is not described herein again.
The embodiment of the application provides an application program running method, which comprises the steps of receiving a running instruction of a preset application program comprising preset checking information, checking the content integrity of the preset application program through a preset cross checking mechanism according to the program content of the preset application program and the preset checking information to obtain a checking result, and refusing to run the preset application program if the preset application program is determined to be tampered according to the checking result, so that whether the application program is tampered is judged by checking the content integrity of the preset application program through the cross checking mechanism, and the application program is refused to run when the application program is determined to be tampered, so that the problem that the application program is tampered is fundamentally solved, the running safety of the application program is improved, and the safety of personal information of a user is ensured.
EXAMPLE III
Based on the same idea, the foregoing method for running an application program provided in this embodiment of the present application further provides a device for running an application program, as shown in fig. 5.
The running device of the application program comprises: an instruction obtaining module 501, a check result determining module 502 and a running refusing module 503, wherein:
an instruction obtaining module 501, configured to obtain an operation instruction of a predetermined application program, where the predetermined application program includes predetermined verification information;
a verification result determining module 502, configured to verify, according to the program content of the predetermined application program and the predetermined verification information, the content integrity of the predetermined application program through a preset cross-verification mechanism, so as to obtain a verification result, where the cross-verification mechanism is used to verify different portions of the predetermined application program that include the same program content;
a running refusing module 503, configured to refuse to run the predetermined application program if it is determined that the predetermined application program is tampered according to the verification result.
In this embodiment of the application, the verification result determining module 502 includes:
the dividing unit is used for dividing the program content into a plurality of parts in a crossed manner according to the sequence of the program content;
a target verification information acquisition unit configured to acquire target verification information of each part;
the checking unit is used for checking successfully if the target checking information of each part is respectively the same as the corresponding preset checking information, or else, checking fails;
accordingly, the operation refusing module 503 is configured to determine that the predetermined application program is tampered and refuse to operate the predetermined application program if the verification result is that the verification fails.
In this embodiment of the present application, the predetermined application further includes first verification information corresponding to the predetermined verification information, and the apparatus further includes:
the checking information acquisition module is used for acquiring second checking information of the preset checking information;
the judging module is used for determining whether the preset checking information is correct or not according to the second checking information and the first checking information;
correspondingly, the verification result determining module 502 is configured to, if the predetermined verification information is correct, verify the content integrity of the predetermined application program through a preset cross-verification mechanism according to the program content of the predetermined application program and the predetermined verification information, so as to obtain a verification result.
In this embodiment of the present application, the predetermined application further includes an auxiliary code, the auxiliary code and the predetermined check information are binary data, and the predetermined check information is set in the auxiliary code.
In the embodiment of the application, predetermined check information is check information or hash check value based on a signature, target check information is check information or hash check value based on a signature, first check information and second check information are the same type of information, first check information and second check information are check information or hash check value based on a signature.
The embodiment of the application program running device provided by the application program running device comprises a preset cross checking mechanism, a preset cross checking mechanism and a preset application program running device, wherein the preset application program running device receives a running instruction of a preset application program comprising preset checking information, the integrity of the content of the preset application program is checked through the preset cross checking mechanism according to the program content of the preset application program and the preset checking information to obtain a checking result, and if the preset application program is determined to be tampered according to the checking result, the preset application program is refused to run.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Language Description Language), traffic, pl (core unified Programming Language), HDCal, JHDL (Java Hardware Description Language), langue, Lola, HDL, laspam, hardsradware (Hardware Description Language), vhjhd (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (8)

1. An application program running method, comprising:
acquiring an operation instruction of a preset application program, wherein the preset application program comprises preset verification information, and the preset application program also comprises first verification information corresponding to the preset verification information;
acquiring second check information of the preset check information;
determining whether the preset checking information is correct or not according to the second checking information and the first checking information;
if the preset verification information is correct, verifying the content integrity of the preset application program through a preset cross verification mechanism according to the program content of the preset application program and the preset verification information to obtain a verification result, wherein the cross verification mechanism is used for verifying different parts of the preset application program including the same program content;
and if the preset application program is determined to be tampered according to the verification result, refusing to run the preset application program.
2. The method according to claim 1, wherein the verifying the integrity of the content of the predetermined application program by a preset cross-checking mechanism according to the program content of the predetermined application program and the predetermined checking information to obtain a checking result comprises:
the program content is crosswise divided into a plurality of parts according to the sequence of the program content;
acquiring target verification information of each part;
if the target verification information of each part is respectively the same as the corresponding preset verification information, the verification is successful, otherwise, the verification fails;
correspondingly, if the predetermined application program is determined to be tampered according to the verification result, the operation of the predetermined application program is refused, and the method comprises the following steps:
and if the verification result is verification failure, determining that the preset application program is tampered, and refusing to run the preset application program.
3. The method according to claim 1, wherein the predetermined application further comprises an auxiliary code, the auxiliary code and the predetermined check information are binary data, and the predetermined check information is provided in the auxiliary code.
4. The method according to claim 2, wherein the predetermined check information is signature-based check information or a hash check value, the target check information is signature-based check information or a hash check value, the first check information and the second check information are the same type of information, and the first check information and the second check information are signature-based check information or a hash check value.
5. An apparatus for executing an application program, the apparatus comprising:
the instruction acquisition module is used for acquiring an operation instruction of a preset application program, wherein the preset application program comprises preset verification information, and the preset application program also comprises first verification information corresponding to the preset verification information;
the checking information acquisition module is used for acquiring second checking information of the preset checking information;
the judging module is used for determining whether the preset checking information is correct or not according to the second checking information and the first checking information;
a verification result determining module, configured to, if the predetermined verification information is correct, verify, according to the program content of the predetermined application program and the predetermined verification information, the content integrity of the predetermined application program through a preset cross-verification mechanism to obtain a verification result, where the cross-verification mechanism is used to verify different portions of the predetermined application program that include the same program content;
and the operation refusing module is used for refusing to operate the preset application program if the preset application program is determined to be tampered according to the verification result.
6. The apparatus of claim 5, wherein the verification result determination module comprises:
the dividing unit is used for dividing the program content into a plurality of parts in a crossed manner according to the sequence of the program content;
a target verification information acquisition unit configured to acquire target verification information of each part;
the checking unit is used for checking successfully if the target checking information of each part is respectively the same as the corresponding preset checking information, or else, checking fails;
correspondingly, the operation refusing module is configured to determine that the predetermined application program is tampered and refuse to operate the predetermined application program if the verification result is that the verification fails.
7. The apparatus according to claim 5, wherein the predetermined application further comprises an auxiliary code, the auxiliary code and the predetermined check information are binary data, and the predetermined check information is provided in the auxiliary code.
8. The apparatus according to claim 6, wherein the predetermined check information is signature-based check information or a hash check value, the target check information is signature-based check information or a hash check value, the first check information and the second check information are the same type of information, and the first check information and the second check information are signature-based check information or a hash check value.
CN201710239769.2A 2017-04-13 2017-04-13 Application program running method and device Active CN107092824B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710239769.2A CN107092824B (en) 2017-04-13 2017-04-13 Application program running method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710239769.2A CN107092824B (en) 2017-04-13 2017-04-13 Application program running method and device

Publications (2)

Publication Number Publication Date
CN107092824A CN107092824A (en) 2017-08-25
CN107092824B true CN107092824B (en) 2020-04-07

Family

ID=59636907

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710239769.2A Active CN107092824B (en) 2017-04-13 2017-04-13 Application program running method and device

Country Status (1)

Country Link
CN (1) CN107092824B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109918948A (en) * 2019-01-23 2019-06-21 西安邮电大学 APK integrity checking method, computer program based on national secret algorithm SM3
CN112417433A (en) * 2019-08-21 2021-02-26 纬湃科技投资(中国)有限公司 Method for checking an application of an electronic control unit
CN110909345B (en) * 2019-12-02 2022-03-22 中国银行股份有限公司 Tamper-proof method and system for Java system open source software
CN111222138A (en) * 2019-12-31 2020-06-02 阿尔法云计算(深圳)有限公司 Algorithm checking method, algorithm right confirming method and device
CN111950035A (en) * 2020-06-18 2020-11-17 中国电力科学研究院有限公司 Method, system, equipment and storage medium for protecting integrity of apk file
CN113220362A (en) * 2021-04-30 2021-08-06 浙江大华技术股份有限公司 Log record obtaining method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103646082A (en) * 2013-12-12 2014-03-19 北京奇虎科技有限公司 Method and device for checking files
CN105260654A (en) * 2015-11-13 2016-01-20 浪潮电子信息产业股份有限公司 Verification method for own integrity of software system
CN106022107A (en) * 2015-10-30 2016-10-12 北京中电华大电子设计有限责任公司 Method and system for protecting program execution integrity

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103646082A (en) * 2013-12-12 2014-03-19 北京奇虎科技有限公司 Method and device for checking files
CN106022107A (en) * 2015-10-30 2016-10-12 北京中电华大电子设计有限责任公司 Method and system for protecting program execution integrity
CN105260654A (en) * 2015-11-13 2016-01-20 浪潮电子信息产业股份有限公司 Verification method for own integrity of software system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于行为分析的摆渡木马检测技术研究;陈贺男;《中国优秀硕士学位论文全文数据库信息科技辑(月刊)》;20160115;摘要、正文第4-3节,图4-6 *

Also Published As

Publication number Publication date
CN107092824A (en) 2017-08-25

Similar Documents

Publication Publication Date Title
CN107092824B (en) Application program running method and device
AU2018241037B2 (en) Method and device for processing service request
JP5985631B2 (en) Activate trust level
JP5891414B2 (en) Information processing apparatus and method for preventing unauthorized application cooperation
US9594915B2 (en) Information processing apparatus
CN111680305A (en) Data processing method, device and equipment based on block chain
CN107122634B (en) Reinforcement protection method and device for software installation package
CN107241298B (en) Application control method, terminal and system
CN109560933B (en) Authentication method and system based on digital certificate, storage medium and electronic equipment
CN108197469B (en) Method and device for verifying application program, storage medium and electronic equipment
CN105812313B (en) Method and server for recovering session and method and device for generating session certificate
US11349658B2 (en) Blockchain data processing method, apparatus, and device
US10482034B2 (en) Remote attestation model for secure memory applications
CN114327791A (en) Virtualization-based trusted computing measurement method, device, equipment and storage medium
CN109144600B (en) Application program running method and device and computer readable medium
CN114787808B (en) Secure embedded microcontroller image loading
CN111753270B (en) Application program login verification method, device, equipment and storage medium
CN115422554B (en) Request processing method, compiling method and trusted computing system
CN115935373A (en) Method and apparatus for protecting operating system kernel
JP6798669B2 (en) Methods and devices for hiding user information contained in applications
US20190102573A1 (en) Theater ears android app sensitive data management
US20140298456A1 (en) Securing applications for computing devices
CN111835513B (en) Method, device and equipment for updating certificate data
CN110995447B (en) Data storage method, device, equipment and medium
CN112448819A (en) Method and device for generating verification and signature files of Internet of things equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100083 Beijing, Haidian District Xueyuan Road 30 days building A 20 floor

Applicant after: Beijing Bang Bang Safety Technology Co. Ltd.

Address before: 100083 Xueyuan Road, Haidian District, Haidian District, Beijing, Haidian District, Beijing

Applicant before: Yangpuweiye Technology Limited

GR01 Patent grant
GR01 Patent grant