CN109995700B - Security protection method of application program, application client and ACR server - Google Patents
Security protection method of application program, application client and ACR server Download PDFInfo
- Publication number
- CN109995700B CN109995700B CN201711477316.XA CN201711477316A CN109995700B CN 109995700 B CN109995700 B CN 109995700B CN 201711477316 A CN201711477316 A CN 201711477316A CN 109995700 B CN109995700 B CN 109995700B
- Authority
- CN
- China
- Prior art keywords
- application client
- information
- list
- server
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a safety protection method of an application program, an application client and an ACR server, wherein the safety protection method of the application program comprises the following steps: sending application client information to an ACR server; receiving a random key and a pre-stored check file list sent by an ACR server; encrypting the check file list according to the random key and the check file list to generate a first encryption information list; sending the first encryption information list to an ACR server for verification; after the ACR server passes the verification, generating a first access identifier according to the first encryption information list and storing the first access identifier; when the connection with the APP server is needed, the first access identification and the application client information are sent to the APP server for verification. The embodiment of the invention avoids hackers from obtaining sensitive information of the user or spreading illegal information by cracking the application client in a double check mode, thereby protecting the information security of the user.
Description
Technical Field
The invention relates to the technical field of application program safety protection, in particular to an application program safety protection method, an application client and an ACR server.
Background
With the development of information technology, people increasingly rely on information technology products such as mobile phones and computers in production and life, and various application programs bring great potential hazards while facilitating production and life of people. Many hackers obtain some rights of the application by finding some application bugs or breaking the application, which causes damage to the operator and the user. Although application reinforcement technologies are successively introduced by large security companies at present, the reinforcement technologies only increase the difficulty of decompilation by modifying program entries, adding anti-debugging information and the like, and cannot solve the fundamental problem. Meanwhile, when the user performs the reinforcement process, the source code needs to be uploaded to the reinforcement service provider, wherein the important configuration file of the program is modified by the server, so that the reinforcement service provider has a high authority in the program and cannot prevent the operation of injecting advertisements and the like. In addition, when the program performs the reinforcement service, there may be situations such as flash back after reinforcement, instability, etc., which affect the popularization of the application program.
Disclosure of Invention
The technical problem to be solved by the embodiments of the present invention is to provide a security protection method for an application program, an application client and an ACR server, so as to solve the problem that a hacker can obtain user sensitive information or spread illegal information by cracking the application client by merely increasing the difficulty of decompilation in the application reinforcement technology currently adopted in the application client.
In order to solve the above technical problem, an embodiment of the present invention provides a security protection method for an application program, which is applied to an application client, and includes:
when the application client is started, sending application client information to an application program verification and Repair (ACR for short) server;
receiving a random key and a pre-stored check file list sent by an ACR server according to the information of the application client;
encrypting the check file list according to the random key and the check file list to generate a first encryption information list;
sending the first encryption information list to an ACR server for verification;
after the ACR server passes the verification, generating a first access identifier according to the first encryption information list and storing the first access identifier;
when the connection with an Application program (APP for short) server is needed, a first access identifier and Application client information are sent to the APP server for verification.
Specifically, in the method for securing an application program, the application client information includes: an application name, a version number, and an application client identifier.
Preferably, in the method for protecting security of an application program, the step of encrypting the check file list to generate the first encrypted information list according to the random key and the check file list includes:
encrypting the verification file list through a first preset encryption algorithm to obtain a second encryption information list;
encrypting the second encryption information list through a second preset encryption algorithm according to the random key to obtain a third encryption information list;
and encrypting the third encryption information list through a third preset encryption algorithm according to the application client information to obtain the first encryption information list.
Specifically, the method for protecting security of an application program as described above further includes, after the step of sending the first encrypted information list to the ACR server for verification:
and if the ACR server fails to verify, displaying verification failure information and preset warning information, wherein the preset warning information is used for informing the user that the identity is illegal.
Preferably, in the method for protecting security of an application program, after the step of sending the first access identifier to the APP server for verification, the method further includes:
receiving an APP server check result sent by an APP server;
if the APP server passes the verification, the application client side establishes communication connection with the APP server;
and if the APP server fails to verify, displaying connection failure information and preset warning information.
An embodiment of the present invention further provides an application client, including:
the first sending module is used for sending the information of the application client to the ACR server for verifying and repairing the application program when the application client is started;
the first receiving module is used for receiving a random key and a pre-stored check file list which are sent by the ACR server according to the information of the application client;
the first processing module is used for encrypting the verification file list to generate a first encryption information list according to the random key and the verification file list;
the second sending module is used for sending the first encryption information list to the ACR server for verification;
the second processing module is used for generating and storing a first access identifier according to the first encryption information list after the ACR server passes the verification;
and the third sending module is used for sending the first access identification and the application client information to the APP server for verification when the connection with the APP server is required.
Preferably, as mentioned above, the first processing module includes:
the first encryption submodule is used for encrypting the verification file list through a first preset encryption algorithm to obtain a second encryption information list;
the second encryption submodule is used for encrypting the second encryption information list through a second preset encryption algorithm according to the random key to obtain a third encryption information list;
and the third encryption submodule is used for encrypting the third encryption information list through a third preset encryption algorithm according to the application client information to obtain the first encryption information list.
Specifically, as described above, the application client further includes:
the first display module is used for displaying verification failure information and preset warning information if the ACR server fails in verification, and the preset warning information is used for informing the user that the identity is illegal.
Preferably, as mentioned above, the application client further comprises:
the second receiving module is used for receiving the APP server check result sent by the APP server;
the third processing module is used for establishing communication connection between the application client and the APP server if the APP server passes the verification;
and the second display module is used for displaying the connection failure information and presetting warning information if the APP server fails to verify.
The embodiment of the invention also provides a safety protection method of the application program, which is applied to the ACR server and comprises the following steps:
receiving application client information sent by an application client;
sending a check file list and a random key corresponding to the information of the application client to the application client;
receiving a first encryption information list generated by an application client according to a check file list and a random key;
verifying the first encryption information list to obtain an ACR server verification result;
and sending the verification result of the ACR server to the application client.
Specifically, after the step of receiving the application client information sent by the application client, the method for protecting the application program further includes:
and acquiring a random key and a pre-stored check file list according to the application client information, and recording the random key and the pre-stored check file list as a first check identifier.
Preferably, the method for protecting security of an application program, in which the step of verifying the first encryption information list to obtain the verification result of the ACR server includes:
positioning a first check identifier according to the application client information, and acquiring a check file list recorded by the first check identifier and a random key;
encrypting the check file list according to the random key and the check file list to generate a fourth encrypted information list;
and comparing and verifying the first encryption information list and the fourth encryption information list to obtain an ACR server verification result.
Preferably, in the method for protecting security of an application program, the step of encrypting the check file list to generate the fourth encrypted information list according to the random key and the check file list includes:
encrypting the verification file list through a first preset encryption algorithm to obtain a fifth encryption information list;
encrypting the fifth encrypted information list through a second preset encryption algorithm according to the random key to obtain a sixth encrypted information list;
and encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
Specifically, after the step of sending the ACR server verification result to the application client, the method for protecting the security of the application program further includes:
and deleting the first check mark according to the application client information.
Further, the method for protecting security of an application program as described above, after the step of verifying the first encryption information list to obtain the verification result of the ACR server, further includes:
obtaining and storing a second access identification according to the ACR server verification result;
if the ACR server passes the verification, obtaining a second access identifier by the first encryption information list through a first preset algorithm and storing the second access identifier;
and if the ACR server fails to verify, obtaining and storing an empty second access identification.
Specifically, the above method for protecting security of an application program, after the step of obtaining and storing the second access identifier according to the result of the ACR server verification, further includes:
receiving admission identification request information sent by an APP server according to application client information;
and acquiring a second access identification according to the access identification request information and sending the second access identification to the APP server.
An embodiment of the present invention further provides an ACR server, including:
the third receiving module is used for receiving the application client information sent by the application client;
the fourth sending module is used for sending the check file list and the random key corresponding to the information of the application client to the application client;
the fourth receiving module is used for receiving a first encryption information list generated by the application client according to the check file list and the random key;
the fourth processing module is used for verifying the first encryption information list to obtain an ACR server verification result;
and the fifth sending module is used for sending the ACR server verification result to the application client.
Preferably, as the ACR server described above, the ACR server further includes:
and the fifth processing module is used for acquiring the random key and a pre-stored verification file list according to the application client information and recording the random key and the pre-stored verification file list as a first verification identifier.
Specifically, as described above for the ACR server, the fourth processing module includes:
the first processing submodule is used for positioning a first check identifier according to the information of the application client and acquiring a check file list recorded by the first check identifier and a random key;
the second processing submodule is used for encrypting the verification file list according to the random key and the verification file list to generate a fourth encryption information list;
and the third processing submodule is used for comparing and verifying the first encryption information list and the fourth encryption information list to obtain an ACR server verification result.
Preferably, as described above for the ACR server, the second processing submodule includes:
the first encryption unit is used for encrypting the verification file list through a first preset encryption algorithm to obtain a fifth encryption information list;
the second encryption unit is used for encrypting the fifth encrypted information list through a second preset encryption algorithm according to the random key to obtain a sixth encrypted information list;
and the third encryption unit is used for encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
Specifically, as described above, the ACR server further includes:
and the sixth processing module is used for deleting the first check identifier according to the application client information.
Further, as the ACR server described above, the ACR server further includes:
the seventh processing module is used for obtaining and storing a second access identifier according to the ACR server verification result;
if the ACR server passes the verification, obtaining a second access identifier by the first encryption information list through a first preset algorithm and storing the second access identifier;
and if the ACR server fails to verify, obtaining and storing an empty second access identification.
Preferably, as the ACR server described above, the ACR server further includes:
a fifth receiving module, configured to receive access identifier request information sent by the APP server according to the application client information;
and the eighth processing module is used for acquiring the second access identifier according to the access identifier request information and sending the second access identifier to the APP server.
The embodiment of the invention also provides a safety protection method of the application program, which is applied to an App server and comprises the following steps:
receiving application client information and a first access identifier sent by an application client;
sending admission identification request information to the ACR server according to the application client information and the first admission identification, and receiving a second admission identification sent by the ACR server;
comparing and checking the first access identification and the second access identification to obtain an APP server checking result;
and sending the verification result of the APP server to the application client.
Specifically, the method for protecting security of an application program, after the step of sending the check result of the APP server to the application client, further includes:
and when the APP server passes the verification, establishing communication connection with the application client.
The invention also provides an App server, comprising:
the sixth receiving module is used for receiving the application client information and the first access identifier sent by the application client;
the ninth processing module is used for sending admission identification request information to the ACR server according to the application client information and the first admission identification, and receiving a second admission identification sent by the ACR server;
the tenth processing module is used for comparing and verifying the first access identifier and the second access identifier to obtain an APP server verification result;
and the sixth sending module is used for sending the APP server check result to the application client.
Specifically, as described above, the App server further includes:
and the eleventh processing module is used for establishing communication connection with the application client when the APP server passes the verification.
The embodiment of the present invention further provides a mobile terminal, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the above-mentioned security protection method applied to the application program of the application client are implemented.
The embodiment of the present invention further provides an ACR server, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the security protection method applied to the application program of the ACR server are implemented.
The embodiment of the present invention further provides an APP server, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the above-described security protection method applied to the APP server are implemented.
Compared with the prior art, the application program security protection method, the application client and the ACR server provided by the embodiment of the invention at least have the following beneficial effects:
1. when the application client is started each time, the application client firstly checks with the ACR server, and the main steps of checking are carried out on the ACR server, so that a hacker can be effectively prevented from checking through the ACR server by cracking the application client; and in the verification process of the ACR server, the random key is adopted to encrypt the verification file list, so that the encryption effect of the file is enhanced, and the invasion of hackers is further prevented.
2. After the ACR server passes the verification, when the application client needs to be connected with the APP server, the application client needs to be verified with the APP server, the access identification adopted in the verification process of the APP server is related to the encrypted verification file in the verification process of the ACR server, and a hacker can be prevented from bypassing the verification process of the ACR server and being directly connected with the APP server.
3. The application client side adopts a double-check mode, normal communication connection can be established with the APP server only after the double checks are completely passed, the information safety of a user is effectively protected, and the phenomenon that a hacker obtains sensitive information of the user or spreads illegal information by cracking the application client side is avoided.
Drawings
FIG. 1 is a flowchart illustrating a security protection method for an application program applied to an application client according to an embodiment of the present invention;
FIG. 2 is a second flowchart illustrating a security protection method for an application program applied to an application client according to the present invention;
FIG. 3 is a third flowchart illustrating a security protection method for an application program applied to an application client according to the present invention;
FIG. 4 is a schematic structural diagram of an application client according to the present invention;
FIG. 5 is a second schematic diagram of the application client according to the present invention;
FIG. 6 is a third exemplary diagram of an application client according to the present invention;
fig. 7 is a schematic flowchart illustrating an application ACR server applying the security protection method for an application according to the present invention;
FIG. 8 is a second flowchart illustrating the application security protection method applied to the ACR server according to the present invention;
FIG. 9 is a third flowchart illustrating a security protection method for an application program applied to an ACR server according to the present invention;
FIG. 10 is a fourth flowchart illustrating the application security protection method applied to the ACR server according to the present invention;
fig. 11 is a schematic structural diagram of an ACR server according to the present invention;
fig. 12 is a second schematic structural diagram of an ACR server according to the present invention;
fig. 13 is a third schematic structural diagram of an ACR server according to the present invention;
fig. 14 is a fourth schematic structural diagram of an ACR server according to the present invention;
FIG. 15 is a flowchart illustrating a method for securing an application program according to the present invention applied to an APP server;
fig. 16 is a schematic structural diagram of an APP server according to the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages of the present invention more apparent, the following detailed description is given with reference to the accompanying drawings and specific embodiments. In the following description, specific details such as specific configurations and components are provided only to help the full understanding of the embodiments of the present invention. Thus, it will be apparent to those skilled in the art that various changes and modifications may be made to the embodiments described herein without departing from the scope and spirit of the invention. In addition, descriptions of well-known functions and constructions are omitted for clarity and conciseness.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
In various embodiments of the present invention, it should be understood that the sequence numbers of the following processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
It should be understood that the term "and/or" herein is merely one type of association relationship that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
In the embodiments provided herein, it should be understood that "B corresponding to a" means that B is associated with a from which B can be determined. It should also be understood that determining B from a does not mean determining B from a alone, but may be determined from a and/or other information.
Referring to fig. 1, an embodiment of the present invention provides a security protection method for an application program, which is applied to an application client, and includes:
102, receiving a random key and a pre-stored check file list sent by an ACR server according to application client information;
103, encrypting the check file list to generate a first encryption information list according to the random key and the check file list;
104, sending the first encryption information list to an ACR server for verification;
105, after the ACR server passes the verification, generating a first access identifier according to the first encryption information list and storing the first access identifier;
and step 106, when the connection with the APP server is required, sending the first access identification and the application client information to the APP server for verification.
In the embodiment of the invention, each application client is embedded with an ACR software development toolkit program, when the application client is started each time, the application client firstly verifies with the ACR server, and the main steps of verification are carried out on the ACR server, thereby effectively preventing a hacker from verifying through the ACR server by cracking the application client; and in the verification process of the ACR server, the random key is adopted to encrypt the application client program file in the verification file list, so that the encryption effect of the file is enhanced, and the invasion of hackers is further prevented.
After the ACR server passes the verification, when the application client needs to be connected with the APP server, the application client needs to be verified with the APP server, the access identification adopted in the verification process of the APP server is related to the encrypted verification file in the verification process of the ACR server, and a hacker can be prevented from bypassing the verification process of the ACR server and being directly connected with the APP server.
The application client side adopts a double-check mode, and normal communication connection can be established with the APP server only after the double checks are completely passed, so that the information security of the user is effectively protected, and the phenomenon that a hacker obtains sensitive information of the user or spreads illegal information by cracking the application client side is avoided.
Specifically, in the method for securing an application program, the application client information includes: an application name, a version number, and an application client identifier.
The application client information includes: the application name, the version number and the application client identifier are main identifiers of an application client, and the information of the application client is sent to the ACR server, so that the ACR server can search the pre-stored information corresponding to the application client according to the information of the application client, and subsequent verification of the ACR server is facilitated.
Referring to fig. 2, preferably, in the method for securing an application program as described above, the step of encrypting the check file list according to the random key and the check file list to generate the first encrypted information list includes:
and step 203, encrypting the third encryption information list through a third preset encryption algorithm according to the application client information to obtain a first encryption information list.
In the embodiment of the invention, the application client performs multiple encryption on the application client program files in the check file list needing to be checked, random keys are used in the encryption process, and the encryption algorithms are different every time, so that the encrypted check file list is difficult to crack, the cracking success rate of a hacker is effectively reduced, the cracking difficulty of the hacker is increased, and the information security of a user is protected. The first preset encryption algorithm is an optimization algorithm of the message digest algorithm 5, namely, a one-time key calculation mode is adopted in the encryption process through the message digest algorithm 5, when verification is carried out, a verification result can be obtained by comparing the encrypted files, and on the basis of ensuring the encryption effect, the file verification efficiency is improved.
Specifically, the method for protecting security of an application program as described above further includes, after the step of sending the first encrypted information list to the ACR server for verification:
and if the ACR server fails to verify, displaying verification failure information and preset warning information, wherein the preset warning information is used for informing the user that the identity is illegal.
When the ACR server fails in verification, the fact that the program of the application client is tampered is shown, and the risk that sensitive information is lost or implanted into a program for spreading illegal information exists, the verification failure information and preset warning information are displayed, a user is reminded to repair the application client or take other measures in time, and the problem that the information safety and the use experience of the user are influenced due to the fact that the sensitive information is lost or the illegal information is spread in the use process is avoided.
Referring to fig. 3, preferably, in the method for securing an application program as described above, after the step of sending the first admission identification to the APP server for verification, the method further includes:
and if the APP server fails to verify, displaying connection failure information and preset warning information.
After the application client sends the first access identifier to the APP server for verification, receiving an APP server verification result sent by the APP server, and when a signal that the APP server passes the verification is received, indicating that the current application client is a normal application client which is not invaded by a hacker and sensitive information of a user cannot be stolen, establishing normal communication connection between the application client and the APP server, so that the user can normally access the APP server;
when a signal that the verification of the APP server fails is received, the current application client is an illegal application client which is invaded by a hacker, and the user continues to use the client and has the risk that sensitive information is stolen or illegal information is sent, connection failure information and preset warning information are displayed, the user is reminded to repair the application client or take other measures in time, the sensitive information is prevented from being lost or the illegal information is prevented from being spread, and the user experience and even the life of the user are prevented from being influenced.
Referring to fig. 4, an embodiment of the present invention further provides an application client, including:
the first sending module is used for sending the information of the application client to the ACR server for verifying and repairing the application program when the application client is started;
the first receiving module is used for receiving a random key and a pre-stored check file list which are sent by the ACR server according to the information of the application client;
the first processing module is used for encrypting the verification file list to generate a first encryption information list according to the random key and the verification file list;
the second sending module is used for sending the first encryption information list to the ACR server for verification;
the second processing module is used for generating and storing a first access identifier according to the first encryption information list after the ACR server passes the verification;
and the third sending module is used for sending the first access identification and the application client information to the APP server for verification when the connection with the APP server is required.
Referring to fig. 5, preferably, the application client as described above, the first processing module includes:
the first encryption submodule is used for encrypting the verification file list through a first preset encryption algorithm to obtain a second encryption information list;
the second encryption submodule is used for encrypting the second encryption information list through a second preset encryption algorithm according to the random key to obtain a third encryption information list;
and the third encryption submodule is used for encrypting the third encryption information list through a third preset encryption algorithm according to the application client information to obtain the first encryption information list.
Specifically, as described above, the application client further includes:
the first display module is used for displaying verification failure information and preset warning information if the ACR server fails in verification, and the preset warning information is used for informing the user that the identity is illegal.
Referring to fig. 6, preferably, the application client further includes, as described above:
the second receiving module is used for receiving the APP server check result sent by the APP server;
the third processing module is used for establishing communication connection between the application client and the APP server if the APP server passes the verification;
and the second display module is used for displaying the connection failure information and presetting warning information if the APP server fails to verify.
The embodiment of the application client corresponds to the embodiment of the security protection method applied to the application program of the application client, and all implementation means in the embodiment of the security protection method applied to the application program of the application client are applicable to the embodiment of the application client, so that the same technical effect can be achieved.
Referring to fig. 7, an embodiment of the present invention further provides a security protection method for an application program, which is applied to an ACR server, and includes:
In the embodiment of the invention, the ACR server receives the application client information sent by the application client, and sends a corresponding verification file list and a random key to the application client according to the application client information, so that the application client can obtain a first encryption information list according to the verification file list and the random key to prepare for subsequent ACR server verification;
the ACR server checks the first encryption information list sent by the application client after receiving the first encryption information list, judges whether the program of the application client is tampered and obtains a check result through checking the first encryption information list, and sends the check result of the ACR server to the application client, so that the application client can know whether the program of the application client is tampered according to the check result of the ACR server and take corresponding measures to make up for the tampering, and the phenomenon that a hacker is in communication connection with the APP server through tampering the application client and obtains user sensitive information or spreads illegal information is avoided.
The verification of the application client side is carried out on the ACR server, so that a hacker can be effectively prevented from passing through the verification process of the ACR server by tampering the application client side, and the verification process of the ACR server is prevented from becoming meaningless.
Specifically, after the step of receiving the application client information sent by the application client, the method for protecting the application program further includes:
and acquiring a random key and a pre-stored check file list according to the application client information, and recording the random key and the pre-stored check file list as a first check identifier.
The method can purposefully search in prestored data according to the information of the application client, and quickly acquire the sample program files in the prestored verification file list corresponding to the information of the application client, so that the speed and the accuracy of acquiring the information are improved; meanwhile, the random key acquired according to the information of the application client has a certain degree of association with the application client, so that the situation that the random key is sent wrongly when the ACR server receives a plurality of pieces of application client information is prevented. The application client information, the random key and the pre-stored check file list are recorded as a first check identifier, so that the application client information, the random key and the pre-stored check file list can be acquired more quickly when being used again in the check process.
Referring to fig. 8, preferably, in the method for protecting security of an application program, the step of verifying the first encryption information list to obtain the verification result of the ACR server includes:
In the verification process of the ACR server, the first verification identifier is positioned by applying the client information, and a verification file list and a random key recorded by the first verification identifier are rapidly acquired to prepare for formal verification; the encryption of the verification file list on the ACR server to generate the fourth encryption information list is beneficial to protecting the specific information of the verification file list, and meanwhile, the fourth encryption information list is made to be the same as the first encryption information sent by the application client, so that comparison and verification can be conveniently performed.
Referring to fig. 9, preferably, in the method for protecting security of an application program, the step of encrypting the check file list according to the random key and the check file list to generate the fourth encrypted information list includes:
and 903, encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
In the embodiment of the invention, the encryption process of the verification file list on the ACR server is the same as the encryption process of the verification file list on the application client and the adopted random key is also the same, so that in the comparison and verification process of the verification file list of the application client and the verification file list stored in advance on the ACR server, whether the verification file list is the same as the verification file list can be known only by comparing the encrypted first encryption information list and the fourth encryption information list, and the complicated operations of decryption and the like are avoided. The first preset encryption algorithm is an optimization algorithm of the message digest algorithm 5, that is, a one-time key calculation mode is adopted in the encryption process through the message digest algorithm 5, so that the fourth encrypted information list after multiple encryption becomes simple, and the file verification efficiency can be improved on the basis of ensuring the encryption effect in the comparison verification process.
Specifically, after the step of sending the ACR server verification result to the application client, the method for protecting the security of the application program further includes:
and deleting the first check mark according to the application client information.
After the ACR server is verified, the first verification identification is deleted according to the information of the application client, so that each verification of the application client has a unique random key, a hacker is prevented from acquiring the last random key of the application client by cracking the application client and verifying the random key through the ACR server by using the random key, and the verification of the ACR server cannot achieve the expected effect.
Further, the method for protecting security of an application program as described above, after the step of verifying the first encryption information list to obtain the verification result of the ACR server, further includes:
obtaining and storing a second access identification according to the ACR server verification result;
if the ACR server passes the verification, obtaining a second access identifier by the first encryption information list through a first preset algorithm and storing the second access identifier;
and if the ACR server fails to verify, obtaining and storing an empty second access identification.
Obtaining and storing a second access identification according to the verification result of the ACR server, wherein the second access identification is used in the verification process of the application client and the APP server; when the ACR server passes the verification, the first encryption information list is subjected to a first preset algorithm to obtain a second access identifier and is stored, so that the second access identifier on the ACR server is the same as the first access identifier obtained on the application client, and the application client can successfully pass the verification of the APP server after passing the verification of the ACR server; when the verification of the ACR server fails, an empty second access identifier is obtained and stored, and the second access identifier is different from any first access identifier generated by the client at the moment, so that the application client cannot pass through the verification of the APP server, and a hacker is prevented from bypassing the verification of the ACR server and directly verifying the ACR server with the APP server.
Referring to fig. 10, in particular, the method for protecting security of an application program, after the step of obtaining and storing the second admission identifier according to the result of the ACR server verification, further includes:
When the ACR server receives the access identification request information sent by the APP server according to the information of the application client, the ACR server indicates that the application client enters the verification process of the APP server, and acquires a second access identification corresponding to the access identification from the stored access identification according to the access identification request information and sends the second access identification to the APP server, so that the APP server can complete the verification process of the APP server.
Referring to fig. 11, an embodiment of the present invention further provides an ACR server, including:
the third receiving module is used for receiving the application client information sent by the application client;
the fourth sending module is used for sending the check file list and the random key corresponding to the information of the application client to the application client;
the fourth receiving module is used for receiving a first encryption information list generated by the application client according to the check file list and the random key;
the fourth processing module is used for verifying the first encryption information list to obtain an ACR server verification result;
and the fifth sending module is used for sending the ACR server verification result to the application client.
Preferably, as the ACR server described above, the ACR server further includes:
and the fifth processing module is used for acquiring the random key and a pre-stored verification file list according to the application client information and recording the random key and the pre-stored verification file list as a first verification identifier.
Referring to fig. 12, in particular, the ACR server as described above, the fourth processing module includes:
the first processing submodule is used for positioning a first check identifier according to the information of the application client and acquiring a check file list recorded by the first check identifier and a random key;
the second processing submodule is used for encrypting the verification file list according to the random key and the verification file list to generate a fourth encryption information list;
and the third processing submodule is used for comparing and verifying the first encryption information list and the fourth encryption information list to obtain an ACR server verification result.
Referring to fig. 13, preferably, the ACR server as described above, the second processing submodule includes:
the first encryption unit is used for encrypting the verification file list through a first preset encryption algorithm to obtain a fifth encryption information list;
the second encryption unit is used for encrypting the fifth encrypted information list through a second preset encryption algorithm according to the random key to obtain a sixth encrypted information list;
and the third encryption unit is used for encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
Specifically, as described above, the ACR server further includes:
and the sixth processing module is used for deleting the first check identifier according to the application client information.
Further, as the ACR server described above, the ACR server further includes:
the seventh processing module is used for obtaining and storing a second access identifier according to the ACR server verification result;
if the ACR server passes the verification, obtaining a second access identifier by the first encryption information list through a first preset algorithm and storing the second access identifier;
and if the ACR server fails to verify, obtaining and storing an empty second access identification.
Referring to fig. 14, preferably, the ACR server further includes, as described above:
a fifth receiving module, configured to receive access identifier request information sent by the APP server according to the application client information;
and the eighth processing module is used for acquiring the second access identifier according to the access identifier request information and sending the second access identifier to the APP server.
The ACR server embodiment of the present invention corresponds to the above-mentioned embodiment of the security protection method applied to the application program of the ACR server, and all the implementation means in the above-mentioned embodiment of the security protection method applied to the application program of the ACR server are applicable to this embodiment of the ACR server, and can achieve the same technical effect.
Referring to fig. 15, an embodiment of the present invention further provides a security protection method for an application program, which is applied to an App server, and includes:
and 1504, sending the APP server verification result to the application client.
When the APP server receives the information of the application client and the first access identification sent by the application client, the APP server starts the verification of the APP server, in the verification process of the APP server, the second access identification used for comparing with the first access identification comes from the ACR server, so that the application client performs verification with the APP server, the verification process of the ACR server cannot be bypassed in the connection process, the application client can be connected with the APP server only through double verification, the situation that a hacker directly connects with the APP server by bypassing the verification of the ACR server after cracking the application client is avoided, and the illegal process of acquiring sensitive information of a user or spreading illegal information is carried out. The safety protection level of the user information is improved, and the information safety and normal use experience of the user are guaranteed.
Specifically, the method for protecting security of an application program, after the step of sending the check result of the APP server to the application client, further includes:
and when the APP server passes the verification, establishing communication connection with the application client.
In the embodiment of the invention, when the APP server passes the verification, the normal communication connection is established with the application client to perform the conventional data access, so that the phenomenon that a hacker can directly access the APP server after cracking the application client is effectively avoided, the sensitive information of a user is acquired or illegal information is spread, the safety protection level of user information is improved, and the information safety and normal use experience of the user are ensured.
Referring to fig. 16, the present invention also provides an App server, including:
the sixth receiving module is used for receiving the application client information and the first access identifier sent by the application client;
the ninth processing module is used for sending admission identification request information to the ACR server according to the application client information and the first admission identification, and receiving a second admission identification sent by the ACR server;
the tenth processing module is used for comparing and verifying the first access identifier and the second access identifier to obtain an APP server verification result;
and the sixth sending module is used for sending the APP server check result to the application client.
Specifically, as described above, the App server further includes:
and the eleventh processing module is used for establishing communication connection with the application client when the APP server passes the verification.
The embodiment of the APP server of the present invention corresponds to the embodiment of the security protection method applied to the application program of the APP server, and all implementation means in the embodiment of the security protection method applied to the application program of the APP server are applicable to the embodiment of the APP server, and the same technical effect can be achieved.
The embodiment of the present invention further provides a mobile terminal, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the above-mentioned security protection method applied to the application program of the application client are implemented.
In the embodiment of the invention, when the computer program is executed by the processor, the mobile terminal realizes the steps of the safety protection method applied to the application program of the application client, and through double verification, the information safety of the user of the application client can be effectively protected, and a hacker can be prevented from acquiring sensitive information of the user or spreading illegal information after cracking the application client.
The embodiment of the present invention further provides an ACR server, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the security protection method applied to the ACR server application program are implemented.
In the embodiment of the invention, when the computer program is executed by the processor, the ACR server implements the steps of the security protection method applied to the application program of the ACR server, and the ACR server verifies the application client to obtain the verification result of whether the program of the application client is tampered and sends the verification result to the application client, so that a user can know whether the program of the application client is tampered, and therefore, corresponding measures are taken to avoid the phenomenon that sensitive information is lost or illegal information is spread.
The embodiment of the present invention further provides an APP server, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when the computer program is executed by the processor, the steps of the above-mentioned security protection method applied to the APP server application program are implemented.
In the embodiment of the invention, when the computer program is executed by the processor, the APP server realizes the steps of the safety protection method applied to the APP server application program, so that the application client can establish normal communication connection with the APP server only when the APP server passes the verification, and hackers can be effectively prevented from directly accessing the APP server after cracking the application client, thereby the phenomena of acquiring sensitive information of users or spreading illegal information occur, the safety protection level of user information is improved, and the information safety and normal use experience of the users are ensured.
In summary, the embodiments of the present invention enable a hacker to perform operations of acquiring sensitive information of a user or spreading illegal information by cracking the application client through the verification of the application client with the ACR server and the APP server, respectively, thereby ensuring the information security and normal use experience of the user. Meanwhile, the situations that the security protection of user information cannot be effectively carried out and a reinforcing service provider obtains and provides partial authority caused by the adoption of the reinforcing technology are avoided.
Furthermore, the present invention may repeat reference numerals and/or letters in the various examples. This repetition is for the purpose of simplicity and clarity and does not in itself dictate a relationship between the various embodiments and/or configurations discussed.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (22)
1. A safety protection method of an application program is applied to an application client, and is characterized by comprising the following steps:
when the application client is started, sending application client information to an application program verification and repair ACR server;
receiving a random key and a pre-stored check file list sent by the ACR server according to the application client information;
encrypting the check file list according to the random key and the check file list to generate a first encryption information list;
sending the first encryption information list to the ACR server for verification;
after the ACR server passes the verification, generating a first access identifier according to the first encryption information list and storing the first access identifier;
when the connection with an application program APP server is needed, sending the first access identification and the application client information to the APP server for verification;
receiving an APP server check result sent by an APP server;
if the APP server passes the verification, the application client side establishes communication connection with the APP server;
and if the APP server fails to verify, displaying connection failure information and preset warning information.
2. The method of claim 1, wherein the application client information comprises: an application name, a version number, and an application client identifier.
3. The method for protecting an application program from security according to claim 1, wherein the step of encrypting the check file list according to the random key and the check file list to generate a first encrypted information list comprises:
encrypting the check file list through a first preset encryption algorithm to obtain a second encryption information list;
encrypting the second encrypted information list through a second preset encryption algorithm according to the random key to obtain a third encrypted information list;
and encrypting the third encrypted information list through a third preset encryption algorithm according to the application client information to obtain the first encrypted information list.
4. The method for protecting an application program from security according to claim 1, wherein the step of sending the first encrypted information list to the ACR server for verification further comprises:
and if the ACR server fails in verification, displaying verification failure information and preset warning information, wherein the preset warning information is used for informing a user that the identity is illegal.
5. An application client, comprising:
the first sending module is used for sending the information of the application client to the ACR server for verifying and repairing the application program when the application client is started;
a first receiving module, configured to receive a random key and a pre-stored check file list that are sent by the ACR server according to the application client information;
the first processing module is used for encrypting the check file list according to the random key and the check file list to generate a first encryption information list;
the second sending module is used for sending the first encryption information list to the ACR server for verification;
the second processing module is used for generating and storing a first access identifier according to the first encryption information list after the ACR server passes the verification;
the third sending module is used for sending the first access identifier and the application client information to an application program (APP) server for verification when the connection with the APP server is required;
the second receiving module is used for receiving the APP server check result sent by the APP server;
the third processing module is used for establishing communication connection between the application client and the APP server if the APP server passes the verification;
and the second display module is used for displaying the connection failure information and presetting warning information if the APP server fails to verify.
6. The application client of claim 5, wherein the first processing module comprises:
the first encryption submodule is used for encrypting the check file list through a first preset encryption algorithm to obtain a second encryption information list;
the second encryption submodule is used for encrypting the second encryption information list through a second preset encryption algorithm according to the random key to obtain a third encryption information list;
and the third encryption submodule is used for encrypting the third encryption information list through a third preset encryption algorithm according to the application client information to obtain the first encryption information list.
7. The application client of claim 5, further comprising:
the ACR server comprises a first display module used for displaying verification failure information and preset warning information if the ACR server fails in verification, wherein the preset warning information is used for informing that the user identity is illegal.
8. A safety protection method of an application program is applied to an ACR server, and is characterized by comprising the following steps:
receiving application client information sent by an application client;
sending a check file list and a random key corresponding to the application client information to the application client;
receiving a first encryption information list generated by the application client according to the check file list and the random key;
verifying the first encryption information list to obtain an ACR server verification result;
sending the ACR server verification result to an application client;
obtaining and storing a second access identification according to the ACR server verification result;
if the ACR server passes the verification, the first encryption information list is subjected to a first preset algorithm to obtain and store the second access identification;
if the ACR server fails to verify, obtaining and storing the empty second access identification;
receiving admission identification request information sent by an APP server according to application client information;
and acquiring the second access identification according to the access identification request information and sending the second access identification to the APP server.
9. The method for securing an application according to claim 8, wherein after the step of receiving the application client information sent by the application client, the method further comprises:
and acquiring a random key and a pre-stored check file list according to the application client information, and recording the random key and the pre-stored check file list as a first check identifier.
10. The method for protecting an application program from security according to claim 9, wherein the step of verifying the first encrypted information list to obtain the result of verifying the ACR server includes:
positioning the first check identifier according to the application client information, and acquiring the check file list recorded by the first check identifier and the random key;
encrypting the check file list according to the random key and the check file list to generate a fourth encryption information list;
and comparing and verifying the first encryption information list and the fourth encryption information list to obtain an ACR server verification result.
11. The method according to claim 10, wherein the step of encrypting the check file list according to the random key and the check file list to generate a fourth encrypted information list comprises:
encrypting the check file list through a first preset encryption algorithm to obtain a fifth encryption information list;
encrypting the fifth encrypted information list through a second preset encryption algorithm according to the random key to obtain a sixth encrypted information list;
and encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
12. The method for protecting an application program according to claim 9, further comprising, after the step of sending the ACR server verification result to the application client:
and deleting the first check mark according to the application client information.
13. An ACR server, comprising:
the third receiving module is used for receiving the application client information sent by the application client;
a fourth sending module, configured to send, to the application client, a check file list and a random key that correspond to the application client information;
a fourth receiving module, configured to receive a first encryption information list generated by the application client according to the check file list and the random key;
the fourth processing module is used for verifying the first encryption information list to obtain an ACR server verification result;
a fifth sending module, configured to send the ACR server verification result to an application client;
the seventh processing module is used for obtaining and storing a second access identifier according to the ACR server verification result;
if the ACR server passes the verification, the first encryption information list is subjected to a first preset algorithm to obtain and store the second access identification;
if the ACR server fails to verify, obtaining and storing the empty second access identification;
a fifth receiving module, configured to receive access identifier request information sent by the APP server according to the application client information;
and the eighth processing module is configured to obtain the second admission identification according to the admission identification request information and send the second admission identification to the APP server.
14. The ACR server of claim 13, wherein the ACR server further comprises:
and the fifth processing module is used for acquiring a random key and a pre-stored check file list according to the application client information and recording the random key and the pre-stored check file list as a first check identifier.
15. The ACR server of claim 14, wherein the fourth processing module comprises:
the first processing submodule is used for positioning the first check identifier according to the application client information and acquiring the check file list recorded by the first check identifier and the random key;
the second processing submodule is used for encrypting the check file list according to the random key and the check file list to generate a fourth encryption information list;
and the third processing submodule is used for comparing and verifying the first encryption information list and the fourth encryption information list to obtain an ACR server verification result.
16. The ACR server of claim 15, wherein the second processing submodule comprises:
the first encryption unit is used for encrypting the check file list through a first preset encryption algorithm to obtain a fifth encryption information list;
the second encryption unit is used for encrypting the fifth encrypted information list through a second preset encryption algorithm according to the random key to obtain a sixth encrypted information list;
and the third encryption unit is used for encrypting the sixth encryption information list through a third preset encryption algorithm according to the application client information to obtain a fourth encryption information list.
17. The ACR server of claim 14, wherein the ACR server further comprises:
and the sixth processing module is used for deleting the first check identifier according to the application client information.
18. A safety protection method of an application program is applied to an App server, and is characterized by comprising the following steps:
receiving application client information and a first access identifier sent by an application client;
sending admission identification request information to an ACR server according to the application client information and the first admission identification, and accepting a second admission identification sent by the ACR server;
comparing and checking the first access identification and the second access identification to obtain an APP server checking result;
sending the APP server verification result to the application client;
and when the APP server passes the verification, establishing communication connection with the application client.
19. An App server, comprising:
the sixth receiving module is used for receiving the application client information and the first access identifier sent by the application client;
a ninth processing module, configured to send admission identification request information to an ACR server according to the application client information and the first admission identification, and accept a second admission identification sent by the ACR server;
the tenth processing module is used for comparing and verifying the first access identifier and the second access identifier to obtain an APP server verification result;
a sixth sending module, configured to send the APP server verification result to the application client;
and the eleventh processing module is used for establishing communication connection with the application client when the APP server passes the verification.
20. A mobile terminal, characterized in that it comprises a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method of security protection applied to an application program of an application client according to any one of claims 1 to 4.
21. An ACR server comprising a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method of security protection applied to an application program of an ACR server as claimed in any one of claims 8 to 14.
22. An APP server comprising a processor, a memory and a computer program stored on said memory and executable on said processor, said computer program when executed by said processor implementing the steps of the method of claim 19 applied to the application program of the APP server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711477316.XA CN109995700B (en) | 2017-12-29 | 2017-12-29 | Security protection method of application program, application client and ACR server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711477316.XA CN109995700B (en) | 2017-12-29 | 2017-12-29 | Security protection method of application program, application client and ACR server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109995700A CN109995700A (en) | 2019-07-09 |
| CN109995700B true CN109995700B (en) | 2021-10-15 |
Family
ID=67109697
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711477316.XA Active CN109995700B (en) | 2017-12-29 | 2017-12-29 | Security protection method of application program, application client and ACR server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109995700B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
| US8782403B1 (en) * | 2007-03-28 | 2014-07-15 | Symantec Corporation | Method and apparatus for securing confidential data for a user in a computer |
| CN104092647A (en) * | 2013-11-25 | 2014-10-08 | 腾讯科技(深圳)有限公司 | Network access method, system and client |
| CN104200154A (en) * | 2014-09-22 | 2014-12-10 | 上海众人科技有限公司 | Identity based installation package signing method and identity based installation package signing device |
| CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
| CN104580248A (en) * | 2015-01-27 | 2015-04-29 | 中復保有限公司 | Secured logon method for variable secret key encryption under HTTP |
| CN107154935A (en) * | 2017-04-26 | 2017-09-12 | 腾讯科技(深圳)有限公司 | service request method and device |
| CN107169324A (en) * | 2017-05-12 | 2017-09-15 | 北京理工大学 | A kind of Android application reinforcement means based on dynamic encryption and decryption |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7051200B1 (en) * | 2000-06-27 | 2006-05-23 | Microsoft Corporation | System and method for interfacing a software process to secure repositories |
| CN103873440B (en) * | 2012-12-11 | 2017-03-22 | 北京旋极信息技术股份有限公司 | Application program upgrading method and system |
| CN105306434A (en) * | 2015-09-11 | 2016-02-03 | 北京金山安全软件有限公司 | Program file checking method and device, server and terminal |
-
2017
- 2017-12-29 CN CN201711477316.XA patent/CN109995700B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8782403B1 (en) * | 2007-03-28 | 2014-07-15 | Symantec Corporation | Method and apparatus for securing confidential data for a user in a computer |
| CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
| CN104092647A (en) * | 2013-11-25 | 2014-10-08 | 腾讯科技(深圳)有限公司 | Network access method, system and client |
| CN104200154A (en) * | 2014-09-22 | 2014-12-10 | 上海众人科技有限公司 | Identity based installation package signing method and identity based installation package signing device |
| CN104506483A (en) * | 2014-10-21 | 2015-04-08 | 中兴通讯股份有限公司 | Method for encrypting and decrypting information and managing secret key as well as terminal and network server |
| CN104580248A (en) * | 2015-01-27 | 2015-04-29 | 中復保有限公司 | Secured logon method for variable secret key encryption under HTTP |
| CN107154935A (en) * | 2017-04-26 | 2017-09-12 | 腾讯科技(深圳)有限公司 | service request method and device |
| CN107169324A (en) * | 2017-05-12 | 2017-09-15 | 北京理工大学 | A kind of Android application reinforcement means based on dynamic encryption and decryption |
Non-Patent Citations (1)
| Title |
|---|
| "基于防篡改机制的软件保护方法研究";胡沙沙;《中国优秀硕士学位论文全文数据库-信息科技辑》;20150715;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109995700A (en) | 2019-07-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109684790B (en) | Software starting method, software authorization verification method, device and storage medium | |
| TWI620092B (en) | Device for verifying software during loading and method for verifying software during loading within the device | |
| CN103312515B (en) | The generation method of authorization token, generating apparatus, authentication method and Verification System | |
| CN110795126A (en) | Firmware safety upgrading system | |
| KR20070084326A (en) | Updating configuration parameters in a mobile terminal | |
| CN112257086B (en) | User privacy data protection method and electronic equipment | |
| CN106156635A (en) | Method for starting terminal and device | |
| CN109657479B (en) | Data leakage prevention method and computer readable storage medium | |
| CN107194237B (en) | Method and device for application program security authentication, computer equipment and storage medium | |
| CN107819579B (en) | User request processing method, server and computer readable storage medium | |
| CN106372497B (en) | Application programming interface API protection method and protection device | |
| CN107133512B (en) | POS terminal control method and device | |
| CN109977039B (en) | Hard disk encryption key storage method, device, equipment and readable storage medium | |
| CN108599959B (en) | Authorization certificate checking method and device, readable storage medium and application equipment | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| US20110154436A1 (en) | Provider Management Methods and Systems for a Portable Device Running Android Platform | |
| KR102256249B1 (en) | SECURE FIRMWARE UPDATE METHOD OF IoT DEVICE USING AN INTEGRATED SECURITY SoC | |
| CN110224974B (en) | Interface authentication method based on third party access and related equipment | |
| KR20110072111A (en) | Method and system for preventing outflow in software source code | |
| US9977907B2 (en) | Encryption processing method and device for application, and terminal | |
| CN112613033A (en) | Method and device for safely calling executable file | |
| CN109784072B (en) | Security file management method and system | |
| CN109995700B (en) | Security protection method of application program, application client and ACR server | |
| US20230041769A1 (en) | Management system for disk encryption | |
| CN110674525A (en) | Electronic equipment and file processing method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A security protection method for application programs, application clients, and ACR servers Effective date of registration: 20230918 Granted publication date: 20211015 Pledgee: Zhongguancun Beijing technology financing Company limited by guarantee Pledgor: Beijing Yi'an Ruilong Technology Co.,Ltd. Registration number: Y2023110000396 |