CN103488944A - Application program safety control method and application program safety control system - Google Patents

Application program safety control method and application program safety control system Download PDF

Info

Publication number
CN103488944A
CN103488944A CN201310416775.2A CN201310416775A CN103488944A CN 103488944 A CN103488944 A CN 103488944A CN 201310416775 A CN201310416775 A CN 201310416775A CN 103488944 A CN103488944 A CN 103488944A
Authority
CN
China
Prior art keywords
application program
terminal
installation file
usb key
program installation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310416775.2A
Other languages
Chinese (zh)
Inventor
陈柳章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Minghua Alliance Technology Co., Ltd.
Original Assignee
Shenzhen Excelsecu Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Excelsecu Data Technology Co Ltd filed Critical Shenzhen Excelsecu Data Technology Co Ltd
Priority to CN201310416775.2A priority Critical patent/CN103488944A/en
Publication of CN103488944A publication Critical patent/CN103488944A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Abstract

The invention discloses an application program safety control method and an application program safety control system. The method includes after being in communication connection with a terminal through a USB Key (universal serial bus Key), reading an application program installing file prestored on the USB Key, and sending the application program installing file to the terminal; at the same time, reminding the terminal of an installing process of the application program installing file; receiving the application program installing file and mounting and running an application program by the terminal. The application program safety control method and the application program safety control system have the advantages that safety of the application program installing file of the terminal is guaranteed, further, safety in running of the application program of the terminal is guaranteed, so that safety of user information when electronic banking is in use is improved.

Description

Application security control method and system
Technical field
The present invention relates to information security technology, also relate to the intelligent key field, relate in particular to a kind of application security control method and system.
Background technology
Along with the development of wireless Internet, e-bank also is widely used, and progressively from conventional P C, expands to the mobile devices such as mobile phone, panel computer.Electronic bank application on terminal has two kinds of modes at present: complete the B/S framework of transaction by browser access transaction webpage, and the C/S framework that applications client completes transaction is installed on terminal.The B/S framework must rely on browser, and there is higher potential safety hazard in browser as a kind of basic application software of opening; The C/S framework is the application software of each bank's stand-alone development, compared to the B/S framework, possesses certain security.
But because the C/S framework need to be installed client software, the security risk that therefore exists client software to be replaced; Such as illegal program misleads the client software of user installation personation, thereby utilize the client software of personation to extract user's personal account and encrypted message etc.; Therefore, adopt aforesaid way that client software is installed on the C/S framework and have higher security risk.
Summary of the invention
Given this, be necessary to provide a kind of application security control method and system, be intended to reach the security that guarantees the client software installed on the C/S framework.
The embodiment of the invention discloses a kind of application security control method, comprise the following steps:
USB Key, with after terminal communication is connected, reads application program installation file pre-stored on described USB Key, and the described application program installation file read is sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal;
Terminal receives described application program installation file, installs and move described application program.
Preferably, described USB Key also comprises before being connected with terminal communication:
The pre-stored described application program installation file of described USB Key.
Preferably, described USB Key also comprises before being connected with terminal communication:
USB Key is matched by bluetooth and terminal, and after the two successful matching, USB Key communicates and is connected with terminal.
Preferably, the described application program installation file that described USB Key reads comprises:
The application program installation file of static store on described USB Key; Perhaps, the application program installation file on-the-fly modified when described USB Key reads.
Preferably, described terminal is installed and is moved described application program and comprises:
After terminal is installed described application program, delete described application program installation file, and move described application program.
The embodiment of the present invention also discloses a kind of application security control system, comprising:
USB Key, for after terminal communication is connected, read application program installation file pre-stored on described USB Key, and the described application program installation file read be sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal;
Terminal, for receiving described application program installation file, install and move described application program.
Preferably, described USB Key also for:
Pre-stored described application program installation file.
Preferably, described USB Key also for:
By bluetooth and terminal, matched, after the two successful matching, USB Key communicates and is connected with terminal.
Preferably, described USB Key also for:
The application program installation file of the static store that reads or the application program installation file after on-the-fly modifying are sent to terminal.
Preferably, described terminal also for:
After described application program is installed, delete described application program installation file, and move described application program.
The embodiment of the present invention reads application program installation file pre-stored on described USB Key, and the described application program installation file read is sent to terminal after passing through USB Key and terminal communication being connected; Simultaneously, the installation process of the described application program installation file of prompt terminal; Terminal receives described application program installation file, install and move the method for described application program, beneficial effect with the application program installation file security that guarantees terminal, further, there is the beneficial effect of the security that runs application that guarantees terminal, thereby improved the security of user profile while using e-bank.
The accompanying drawing explanation
Fig. 1 is application security control method one embodiment schematic flow sheet of the present invention;
Fig. 2 is application security control system one embodiment high-level schematic functional block diagram of the present invention.
The realization of embodiment of the present invention purpose, functional characteristics and advantage, in connection with embodiment, are described further with reference to accompanying drawing.
Embodiment
Further illustrate technical scheme of the present invention below in conjunction with Figure of description and specific embodiment.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
With reference to Fig. 1, Fig. 1 is application security control method one embodiment schematic flow sheet of the present invention; As shown in Figure 1, application security control method of the present invention comprises the following steps:
Step S01, USB Key, with after terminal communication is connected, reads application program installation file pre-stored on described USB Key, and the described application program installation file read are sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal;
USB Key, with after terminal communication is connected, reads self pre-stored application program installation file, and the described application program installation file read is sent to terminal.In a preferred embodiment, the described application program installation file that USB Key reads can comprise: the installation file of the static application of storage on USB Key, directly by this, static application program installation file is sent to terminal to USB Key, such as USB Key directly is sent to terminal by the application program installation file of having signed.The described application program installation file that described USB Key reads also can comprise: USB Key after on-the-fly modifying, then sends to terminal by the installation file of the static application that reads; Such as, USB Key by the installation file of pre-stored unsigned application program after signature, then be sent to terminal.
Simultaneously, USB Key indicates the operation steps of application program installation file by display screen, with guides user, based on terminal, described application program is installed.
Step S02, terminal receive described application program installation file, install and move described application program.
Terminal is opened the Bluetooth function of self and is set to can be by bluetooth equipment Discovery Status on every side; USB Key searches described terminal by Bluetooth technology, carrying out Bluetooth pairing with described end is connected, after the two successful matching, USB Key communicates and is connected with terminal, and by bluetooth FTP(File Transfer Protocol, file transfer protocol (FTP)) installation file of described application program is sent to terminal.
Terminal receives the application program installation file that USB Key sends, the operation steps that shows this application program installation file of screen display according to USB Key, respond user's touch-control instruction, and the installation file of described application program is installed, after installation, move described application program.
In a preferred embodiment, before being matched with terminal, the pre-stored described application program installation file of described USB Key, described application program installation file can be pre-stored in described USB Key by the publisher of described USB Key.
In a preferred embodiment, after described terminal is installed described application program according to described application program installation file, described application program installation file is deleted, and move described application program, for the user, based on described application program, carry out the business operation that e-bank is relevant.
After the present embodiment passes through USB Key and terminal communication is connected, read application program installation file pre-stored on described USB Key, and the described application program installation file read is sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal; Terminal receives described application program installation file, install and move the method for described application program, beneficial effect with the application program installation file security that guarantees terminal, further, there is the beneficial effect of the security that runs application that guarantees terminal, thereby improved the security of user profile while using e-bank.
Please refer to Fig. 2, Fig. 2 is application security control system one embodiment high-level schematic functional block diagram of the present invention.As shown in Figure 2, application security control system of the present invention comprises: USB Key01 and terminal 02.
USB Key01, after communicating to connect with terminal 02, read application program installation file pre-stored on described USB Key01, and the described application program installation file read be sent to terminal 02; Simultaneously, the installation process of the described application program installation file of prompt terminal 02;
After USB Key01 and terminal 02 communication connection, read self pre-stored application program installation file, and the described application program installation file read is sent to terminal 02.In a preferred embodiment, the described application program installation file that USB Key01 reads can comprise: the installation file of the static application of storage on USB Key01, directly by this, static application program installation file is sent to terminal 02 to USB Key01, such as USB Key01 directly is sent to terminal 02 by the application program installation file of having signed.The described application program installation file that described USB Key01 reads also can comprise: USB Key01 after on-the-fly modifying, then sends to terminal 02 by the installation file of the static application that reads; Such as, USB Key01 by the installation file of pre-stored unsigned application program after signature, then be sent to terminal 02.
Simultaneously, USB Key01 indicates the operation steps of application program installation file by display screen, with guides user, based on terminal 02, described application program is installed.
Terminal 02, for receiving described application program installation file, install and move described application program.
Terminal 02 is opened the Bluetooth function of self and is set to can be by bluetooth equipment Discovery Status on every side; USB Key01 searches described terminal 02 by Bluetooth technology, carrying out Bluetooth pairing with described end is connected, after the two successful matching, USB Key01 communicates and is connected with terminal 02, and by bluetooth FTP(File Transfer Protocol, file transfer protocol (FTP)) installation file of described application program is sent to terminal 02.
Terminal 02 receives the application program installation file that USB Key01 sends, the operation steps that shows this application program installation file of screen display according to USB Key01, respond user's touch-control instruction, and the installation file of described application program is installed, after installation, move described application program.
In a preferred embodiment, before being matched with terminal 02, the pre-stored described application program installation file of described USB Key01, described application program installation file can be pre-stored in described USB Key by the publisher of described USB Key.
In a preferred embodiment, after described terminal 02 is installed described application program according to described application program installation file, described application program installation file is deleted, and move described application program, for the user, based on described application program, carry out the business operation that e-bank is relevant.
After the present embodiment passes through USB Key and terminal communication is connected, read application program installation file pre-stored on described USB Key, and the described application program installation file read is sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal; Terminal receives described application program installation file, install and move described application program, beneficial effect with the application program installation file security that guarantees terminal, further, there is the beneficial effect of the security that runs application that guarantees terminal, thereby improved the security of user profile while using e-bank.
It should be noted that, in this article, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thereby make the process, method, article or the system that comprise a series of key elements not only comprise those key elements, but also comprise other key elements of clearly not listing, or also be included as the intrinsic key element of this process, method, article or system.In the situation that not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the system that comprises this key element and also have other identical element.
The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.
The foregoing is only the preferred embodiments of the present invention; not thereby limit its scope of the claims; every equivalent structure or conversion of equivalent flow process that utilizes instructions of the present invention and accompanying drawing content to do; directly or indirectly be used in other relevant technical fields, all in like manner be included in scope of patent protection of the present invention.

Claims (10)

1. an application security control method, is characterized in that, comprises the following steps:
USB Key, with after terminal communication is connected, reads application program installation file pre-stored on described USB Key, and the described application program installation file read is sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal;
Terminal receives described application program installation file, installs and move described application program.
2. the method for claim 1, is characterized in that, before described USB Key is connected with terminal communication, also comprises:
The pre-stored described application program installation file of described USB Key.
3. method as claimed in claim 1 or 2, is characterized in that, before described USB Key is connected with terminal communication, also comprises:
USB Key is matched by bluetooth and terminal, and after the two successful matching, USB Key communicates and is connected with terminal.
4. method as claimed in claim 1 or 2, is characterized in that, the described application program installation file that described USB Key reads comprises:
The application program installation file of static store on described USB Key; Perhaps, the application program installation file on-the-fly modified when described USB Key reads.
5. method as claimed in claim 1 or 2, is characterized in that, described terminal is installed and moved described application program and comprises:
After terminal is installed described application program, delete described application program installation file, and move described application program.
6. an application security control system, is characterized in that, comprising:
USB Key, for after terminal communication is connected, read application program installation file pre-stored on described USB Key, and the described application program installation file read be sent to terminal; Simultaneously, the installation process of the described application program installation file of prompt terminal;
Terminal, for receiving described application program installation file, install and move described application program.
7. system as claimed in claim 6, is characterized in that, described USB Key also for:
Pre-stored described application program installation file.
8. system as described as claim 6 or 7, is characterized in that, described USB Key also for:
By bluetooth and terminal, matched, after the two successful matching, USB Key communicates and is connected with terminal.
9. system as described as claim 6 or 7, is characterized in that, described USB Key also for:
The application program installation file of the static store that reads or the application program installation file after on-the-fly modifying are sent to terminal.
10. system as claimed in claim 6, is characterized in that, described terminal also for:
After described application program is installed, delete described application program installation file, and move described application program.
CN201310416775.2A 2013-09-12 2013-09-12 Application program safety control method and application program safety control system Pending CN103488944A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310416775.2A CN103488944A (en) 2013-09-12 2013-09-12 Application program safety control method and application program safety control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310416775.2A CN103488944A (en) 2013-09-12 2013-09-12 Application program safety control method and application program safety control system

Publications (1)

Publication Number Publication Date
CN103488944A true CN103488944A (en) 2014-01-01

Family

ID=49829158

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310416775.2A Pending CN103488944A (en) 2013-09-12 2013-09-12 Application program safety control method and application program safety control system

Country Status (1)

Country Link
CN (1) CN103488944A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105138346A (en) * 2015-07-13 2015-12-09 北京金山安全软件有限公司 Application installation method and apparatus

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127111A (en) * 2006-08-18 2008-02-20 中信银行 Internet bank U disc KEY ciphering, authentication device and method
CN101661599A (en) * 2009-09-25 2010-03-03 浙江维尔生物识别技术股份有限公司 Method for authenticating validity of self-contained software of equipment system
CN101789863A (en) * 2009-01-22 2010-07-28 深圳市文鼎创数据科技有限公司 Safe data information transmission method
US20130104220A1 (en) * 2011-10-24 2013-04-25 Kwang Wee Lee System and method for implementing a secure USB application device
CN203191984U (en) * 2013-03-15 2013-09-11 深圳市文鼎创数据科技有限公司 Usb key system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127111A (en) * 2006-08-18 2008-02-20 中信银行 Internet bank U disc KEY ciphering, authentication device and method
CN101789863A (en) * 2009-01-22 2010-07-28 深圳市文鼎创数据科技有限公司 Safe data information transmission method
CN101661599A (en) * 2009-09-25 2010-03-03 浙江维尔生物识别技术股份有限公司 Method for authenticating validity of self-contained software of equipment system
US20130104220A1 (en) * 2011-10-24 2013-04-25 Kwang Wee Lee System and method for implementing a secure USB application device
CN203191984U (en) * 2013-03-15 2013-09-11 深圳市文鼎创数据科技有限公司 Usb key system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵路华: "《基于USBkey的软件保护体系研究》", 《计算机安全》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105138346A (en) * 2015-07-13 2015-12-09 北京金山安全软件有限公司 Application installation method and apparatus
CN105138346B (en) * 2015-07-13 2018-10-16 北京金山安全软件有限公司 A kind of application installation method and device

Similar Documents

Publication Publication Date Title
US10177816B2 (en) Devices and methods for identification, authentication and signing purposes
US20160286391A1 (en) Spoofing protection for secure-element identifiers
US10496975B2 (en) Point of sale system with secure and unsecure modes
CN103051733B (en) Data downloading method, terminal and system
CN105446713A (en) Safe storage method and equipment
CN104346550A (en) Information processing method and electronic equipment
CN103324875A (en) Data protection system and method
CN106850503B (en) Login-free identity authentication method and device
CN105592403B (en) NFC-based communication device and method
CN103902882B (en) A kind of prevent user profile from leaking terminal and method
CN104933379A (en) Identity card information acquisition method, device and system
CN103488944A (en) Application program safety control method and application program safety control system
CN103475479A (en) Intelligent secret key equipment, mobile terminal, dynamic password output method and system
US20080192933A1 (en) Portable electronic entity and communication method
CN103475661B (en) The safe acquisition methods of authentication procedure and system
CN103634467A (en) Privacy protecting method and mobile terminal
TWI657389B (en) Mobile terminal and its transaction confirmation method and device
TWM593598U (en) payment system
CN103854181A (en) Electronic signature method, electronic signature device, client side and system
US9489668B2 (en) Electronic payment device
CN203746179U (en) Mobile safe financial terminal
CN105516983A (en) Authentication method and authentication device
CN203014831U (en) Electronic signature equipment, client and system
KR20110091265A (en) Internet payment method using iphone
CN104965832A (en) Method and apparatus for accessing browser

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20170405

Address after: 100000 room 703-710, room B3, Huayuan Road, Haidian District, Beijing, 7

Applicant after: Beijing Minghua Alliance Technology Co., Ltd.

Address before: 518057 Guangdong city of Shenzhen province Nanshan District Ke Feng Lu No. 2 idiopathic information building A building unit seven floor South 701-709

Applicant before: Shenzhen Wendingchuang Data Technology Co., Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20140101