CN103544447A - Method and terminal for preventing leakage of confidential information according to Android system - Google Patents
Method and terminal for preventing leakage of confidential information according to Android system Download PDFInfo
- Publication number
- CN103544447A CN103544447A CN201310208989.0A CN201310208989A CN103544447A CN 103544447 A CN103544447 A CN 103544447A CN 201310208989 A CN201310208989 A CN 201310208989A CN 103544447 A CN103544447 A CN 103544447A
- Authority
- CN
- China
- Prior art keywords
- application
- confidential information
- android
- information
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a method and terminal for preventing leakage of confidential information according to the Android system. The method for preventing leakage of the confidential information according to the Android system comprises the steps that A, an authority file used for storing an application authority list is established on the bottom layer of the Android system, and the confidential information is stored in the application authority list in a classified mode; B, a private API is generated on the bottom layer of the Android system, and content of the application authority list is set through the private API; C, When an application reads the confidential information, whether the application has the authority to read the confidential information is judged on an Androidnative layer according to the application authority list, if yes, the application obtains the confidential information, and if not, failure information is returned and the application obtains the failure information. According to the method and terminal for preventing leakage of the confidential information according to the Android system, the private API is generated on the bottom layer of the Android system, whether the application has the authority to obtain the confidential information is judged on an Androidnative layer, the application is prevented from bypassing an Android JN1 layer to directly obtain the confidential information, so that the control over access of the confidential information is achieved, and the information safety is improved.
Description
Technical field
The present invention relates to terminal software safety, particularly a kind of method and terminal that confidential information is revealed that prevent based on Android system.
Background technology
Based on Android(Android) system has open code, the automatic recovery RAM(random access memory, random access memory) thus improve travelling speed, application software is many and the overwhelming majority is free, the feature such as simple to operate, Android system is widely used on the digital equipments such as smart mobile phone, panel computer, TV.But also there are some problems in Android system, especially aspect information security.The spendable application software of Android system is a lot, but these softwares there is no by control and retrain, may implanted malicious code in software, and institute downloads the very different unstable properties that causes of quality of the application of use.
A lot of application software can arbitrarily be obtained user's personal information in the situation that user knows nothing, for example, navigation type application software can be obtained the current positional information of user, a picture beautifies software can require to obtain message registration, and the trivial games of cutting watermelon and so on even also obtains user's positional information; This has caused very large threat to user's personal information security.Although have to authorize when application software is installed, remind, large multi-user does not take notice of these promptings, and user does not know that these are applied and obtained its confidential information conventionally.In order to address this problem, the solution of some information securities is disclosed at present on the net, are all the standard A PI(Application Programming Interface based on Android system, application programming interface) realize.For example publication number is CN102289633A, denomination of invention is the patent document of the application program method for managing dynamic permission under Android platform, when application program access needs the API of authority, according to the record in System Privileges table, judge that whether this API is disabled, can user can select whether to revise authority be come controlling application program access this API.But; these API are disclosed, and easy implanted malicious code or easily crack the setting of existing protection authority that is to say; existing rights management mechanism exists software to decode leak, but implementation information safeguard protection can not guarantee that confidential information can not reveal from software view.
Thereby prior art need to improve.
Summary of the invention
In view of above-mentioned the deficiencies in the prior art part; the object of the present invention is to provide a kind of method and terminal that confidential information is revealed that prevent based on Android system, to solve prior art implementation information safeguard protection from software view, can not guarantee the problem that confidential information can not be revealed.
In order to achieve the above object, the present invention has taked following technical scheme:
A method that prevents confidential information leakage for Android system, it comprises:
A, at Android bottom, create for storing the authority of application permission list, and confidential information classification is stored in application permission list;
B, at Android bottom, generate privately owned API, the content of application permission list is set by privately owned API;
C, when application reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information; If so, confidential information is obtained in application, returns and obtain failure information when no.
The described method that confidential information is revealed that prevents based on Android system, wherein, described step B specifically comprises:
B1, installation authority arrange application, at Android bottom, generate privately owned API;
B2, by the list of privately owned API Access application permission, revise in application permission list and have the application type of the authority obtained and the content that this application has the confidential information of authority acquiring;
B3, preserve amended application permission list.
The described method that confidential information is revealed that prevents based on Android system, wherein, described step C specifically comprises:
C1, when application reading machine confidential information, this application call standard A PI accesses privately owned API, reads application permission list;
C2, at Android native layer, judge whether current application mates with the application in application permission list:
If C3 coupling is inquired about the type that current application has the confidential information of authority acquiring in application permission list, by standard A PI, obtain information data corresponding to the type and show.
The described method that confidential information is revealed that prevents based on Android system, wherein, described step C3 also comprises: if current application is not mated with the application in application permission list, generate for pointing out user's current application to have no right and obtain the information of confidential information, and transfer to display screen demonstration.
The described method that confidential information is revealed that prevents based on Android system, wherein, in described step C1, when this application call standard A PI accesses privately owned API, also comprise the application message of obtaining this application, described application message comprises the type of the confidential information that apply names, bag name, this application need to be obtained.
The described method that confidential information is revealed that prevents based on Android system, wherein, in described step C2, if the bag name of applying in the Bao Mingyu application permission list of current application is identical, is judged as coupling.
The described method that confidential information is revealed that prevents based on Android system, wherein, described step C3 also comprises:
C31, judge that the type of the confidential information that current application need to be obtained is whether identical with the type that application permission list arranges;
If C32 is identical, by standard A PI, obtains information data corresponding to the type and show.
The described method that confidential information is revealed that prevents based on Android system, wherein, described step C32 also comprises:
If the type of the confidential information that current application need to be obtained is not identical with the type that application permission list arranges, generates for pointing out user's current application to obtain the wrong information of confidential information content, and transfer to display screen demonstration.
The described method that confidential information is revealed that prevents based on Android system, wherein, described confidential information comprises the machine hardware information, owner's information and communication information; An application has authority to obtain one or more confidential information simultaneously.
Realize the described terminal that prevents the method that confidential information is revealed based on Android system, it comprises:
Message processing module, for creating at Android bottom for storing the authority of application permission list, and is stored in confidential information classification in application permission list;
Privately owned control module, for generating privately owned API at Android bottom, arranges the content of application permission list by privately owned API;
Judge module, for when applying reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information.
Compared to prior art, method and the terminal that confidential information is revealed that prevent based on Android system provided by the invention, at Android bottom, generate privately owned API, confidential information classification is stored in the application permission list of Android bottom, can only the content of application permission list could be set by privately owned API, when application reading machine confidential information, at Android native, judge whether this application has authority acquiring confidential information, making application can not directly stride across Android JNI layer goes the interface calling below Android primary layer to obtain confidential information, avoided existing application to walk around by standard A PI the situation that user profile is illegally obtained in Android rights management, thereby realize the control to confidential information access, improved Information Security.
Accompanying drawing explanation
Fig. 1 is the Android system structural representation that confidential information is revealed that prevents that the present invention is based on Android system.
Fig. 2 is the method flow diagram that confidential information is revealed that prevents that the present invention is based on Android system.
Fig. 3 is that the application permission that confidential information is revealed of preventing that the present invention is based on Android system arranges the schematic diagram at interface.
Fig. 4 is the schematic diagram of checking permissions list that confidential information is revealed that prevents that the present invention is based on Android system.
Fig. 5 is that the present invention is for realizing the structured flowchart that prevents the terminal that confidential information is revealed based on Android system.
Embodiment
The invention provides a kind of method and terminal that confidential information is revealed that prevent based on Android system, for making object of the present invention, technical scheme and effect clearer, clear and definite, referring to accompanying drawing, developing simultaneously, the present invention is described in more detail for embodiment.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
The present invention is provided with access rights and accesses content existing application, and the application of users to trust just has the confidential information of authority calling party, does not have the application of authority can not obtain confidential information.The method that confidential information is revealed that prevents based on Android system provided by the invention, wherein, as shown in Figure 1, described Android system comprises Android application layer, the Android java(object-oriented programming language that can write cross-platform software) layer, Android JNI(java native interface, java calls this locality) layer, Android native layer and Android bottom.Android java layer can provide application adaptive standard A PI and logical operation, adopts java language to realize.Android native layer adopts C/C++ language to realize function compiling.Android JNI layer, for implementation language conversion, is equivalent to make Android java layer to dock with the interface of Android native layer, makes Android java layer can call by Android JNI layer the function of Android native layer.Please refer to Fig. 1 and Fig. 2, described in prevent that the method that confidential information is revealed from comprising:
S100, at Android bottom, create for storing the authority of application permission list, and confidential information classification is stored in application permission list;
S200, at Android bottom, generate privately owned API, the content of application permission list is set by privately owned API;
S300, when application reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information; If so, confidential information is obtained in application, returns and obtain failure information when no.
Based on different application, can obtain different confidential information in use, for the ease of user flexibility, the authority of application and the type of its confidential information that can obtain are set, the present invention needs the first confidential information classification storage to user.In step S100, described confidential information is divided three classes, and is respectively the machine hardware information, owner's information and communication information.The machine hardware information can be subdivided into system version, type of hardware, memory size of terminal etc.Owner's information can be subdivided into title, account, password of user etc.Communication information can be subdivided into address list, short message content, GPS(Global Positioning System, GPS) etc.By the classification to confidential information, limit application and obtain the confidential information relevant to its function, avoid the leakage of the confidential information that NOT-function is relevant.The positional information that only can obtain user as navigation type application is convenient to navigation, and user's short message content is obtained in this navigation type application also lack of competence, can avoid short message content to reveal.
Standard A PI based on Android is disclosed, even standard A PI has been adopted to the methods such as authority arranges in prior art, still there is certain system vulnerability in it, the standard A PI that adopts Android system to provide carries out authority setting or revise or obtain confidential information having certain potential safety hazard.For this reason, the present embodiment private privately owned API of corresponding increase by one program code in existing Android system solves above-mentioned potential safety hazard, and step S200 specifically comprises:
Step 21: authority is installed application is set, generate privately owned API at Android bottom;
Step 22, by the list of privately owned API Access application permission, revise in application permission list and have the application type of the authority obtained and the content that this application has the confidential information of authority acquiring;
Step 23, preserve amended application permission list.
As shown in Figure 2, authority is installed the privately owned API generating in existing Android system after application is set, its code is non-public, by manufacturer, is provided.The authority of application is set as data channel by privately owned API, can avoids program to be cracked and the problem that causes confidential information to be revealed.The application permission list that generates a blank after authority arranges application is being installed for the first time, and user adds this application permission list by confidential information and application trusty.
Authority arranges application and on the display screen of terminal, generates an icon after being mounted, and clicks the permission configuration interface occurring after this icon as shown in Figure 3 and realizes and revise or upgrade application permission list.User can become this application to have the right to obtain one or more confidential information according to the function setting of application simultaneously.The icon of clicking in this interface can enter the operating instructions to add or revise application data.The icon of selection application wherein and selection public information type is drop-down menu.In clicking Fig. 3 check the icon of permissions list time, occur that authority as shown in Figure 4 checks interface.Suppose that application B is for purchasing by group application, it has the right to obtain the content of the address list in confidential information.Application C is navigation application, can obtain the current GPS of user (GPS) information.After being completed, the content modification of application and the confidential information that can obtain of this application is stored in authority.In Fig. 4, user can delete by this interface the confidential information of application (being equivalent to cancel the authority that confidential information is obtained in this application) or modification and this association.Should be understood that, Fig. 3 and Fig. 4 are only the interface schematic diagram providing of the present embodiment, and it can also be comprised of other icon arrangement and content.
By above-mentioned steps, set after application permission list, when application need to be obtained user data, at Android native layer, judge whether this application has the authority of obtaining, its basis for estimation is described application permission list, and described step S300 specifically comprises:
Step 31, when application reading machine confidential information, this application call standard A PI accesses privately owned API, reads application permission list;
Step 32, at Android native layer, judge whether current application mates with the application in application permission list;
If step 33 coupling is inquired about the type that current application has the confidential information of authority acquiring in application permission list, by standard A PI, obtain information data corresponding to the type and show.
In described step 31, when this application call standard A PI accesses privately owned API, also comprise the application message of obtaining this application, described application message comprises the type of the confidential information that apply names, bag name, this application need to be obtained.In described step 32, if the bag name of applying in the Bao Mingyu application permission list of current application is identical, be judged as coupling.This application has the authority of the confidential information obtained, and can from Android bottom, obtain that arranged and confidential information this association application permission list by standard A PI; After obtaining, by Android native layer, Android JNI layer, Android java layer, Android application layer, transfer to display screen and show successively.
Described step 33 also comprises: if current application is not mated with the application in application permission list, generate for pointing out user's current application to have no right and obtain the information of confidential information, and transfer to display screen demonstration.Even current application does not appear in application permission list, at Android native layer, generate for pointing out user's current application to have no right and obtain the information of confidential information, and by Android JNI layer, Android java layer, Android application layer, transfer to display screen and show successively.
Some application may be obtained and the incoherent confidential information of its function, suppose that a navigation application has the authority of obtaining, but user's positional information and address list are obtained in its requirement, user has opened the authority of obtaining of positional information, address list and navigation there is no direct relation and are prohibited to obtain, in this case, described step 33 also comprises:
Step 331, judge that the type of the confidential information that current application need to be obtained is whether identical with the type that application permission list arranges;
If step 332 is identical, by standard A PI, obtains information data corresponding to the type and show.
Described step 332 also comprises:
If the type of the confidential information that current application need to be obtained is not identical with the type that application permission list arranges, generates for pointing out user's current application to obtain the wrong information of confidential information content, and transfer to display screen demonstration.
After above-mentioned steps 331 to 332, navigation application can be obtained by standard A PI user's positional information.Address list is not arranged in application permission list, and the information of generation can be shown as " navigation application is illegally obtained address list, is prohibited ".With this, point out user whether to need to decontrol the authority of obtaining of address list.
It is emphasized that the present embodiment adopts carries out authority judgement at Android native layer.In prior art, conventionally in Android application layer or Android java layer, realize Android rights management.Based on existing standard A PI, be disclosed, this two-layer the authority of application is set or carries out authority judgement be easily cracked or artificially change result, the senior application permission of application use can be walked around existing Android rights management by standard A PI and reach the object of obtaining confidential information, causes confidential information to be revealed.And the present invention carries out authority judgement at Android native layer, application can not directly stride across Android JNI layer and go the interface calling below Android native layer to obtain confidential information, and application just can not be evaded authority Rule of judgment, be in application permission list, whether to have the title of current application like this.Simultaneously, described application permission list is set by user oneself, the data channel that need to form by private privately owned API could be revised, and other people cannot enter this data channel also just can not change arbitrarily Rule of judgment, has further improved confidential information safety guarantee.
According to the method for user type Auto-mounting application, the embodiment of the present invention also provides a kind of terminal based on above-mentioned, refers to Fig. 5, described terminal comprises message processing module 101, privately owned control module 102 and the judge module 103 connecting successively.By message processing module 101, at Android bottom, create for storing the authority of application permission list, and confidential information classification is stored in application permission list.Privately owned control module 102 generates privately owned API at Android bottom, and the content of application permission list is set by privately owned API.When application reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information to judge module 103.
In the present embodiment, application is while needing reading machine confidential information, calls standard A PI access privately owned API and read application permission list at Android java layer, also obtains the application message of this application simultaneously.Judge module 103 judges according to the application permission list of reading whether this application has authority acquiring confidential information, feedback judged result.If the coupling of the application bag name in the Bao Mingyu application permission list of current application, message processing module 101 obtains from Android bottom the confidential information that this application can be obtained by standard A PI, is transferred to display screen and is shown successively by Android native layer, Android JNI layer, Android java layer, Android application layer.If current application does not appear in application permission list, judge module 103 generates the information of obtaining confidential information for pointing out user's current application to have no right, is transferred to display screen and is shown successively by Android JNI layer, Android java layer, Android application layer.
In the present embodiment, described terminal is for adopting smart mobile phone, panel computer or the TV of Android system.Described terminal also comprises that generation module and authority arrange module.Described generation module, when installation authority arranges application, generates privately owned API at Android bottom, also at Android bottom, creates for storing the authority of power application permission list.
In sum, the standard A PI that the present invention is directed to existing Android system openly causes its rights management mechanism to have the problem of security breaches, at Android native layer, carry out authority judgement, making application can not directly stride across Android JNI layer goes the interface calling below Android native layer to obtain confidential information, avoid application to evade authority judgement management, realized the control to confidential information access.Simultaneously, by authority is installed, the private privately owned API of application generator code is set, only call this privately owned API and could revise authority Rule of judgment, avoided API to be caused authority Rule of judgment to be tampered the confidential information causing by illegal invasion and revealed, improved the security of confidential information.User can also arrange arbitrarily the type of the confidential information that application can obtain, and has processed flexibly confidential information and has allowed situation about using, and is user-friendly to, and has improved the competitive power of product.
Be understandable that, for those of ordinary skills, can be equal to replacement or change according to technical scheme of the present invention and inventive concept thereof, and all these changes or replacement all should belong to the protection domain of the appended claim of the present invention.
Claims (10)
1. the method that confidential information is revealed that prevents based on Android system, is characterized in that, comprising:
A, at Android bottom, create for storing the authority of application permission list, and confidential information classification is stored in application permission list;
B, at Android bottom, generate privately owned API, the content of application permission list is set by privately owned API;
C, when application reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information; If so, confidential information is obtained in application, returns and obtain failure information when no.
2. the method that confidential information is revealed that prevents based on Android system according to claim 1, is characterized in that, described step B specifically comprises:
B1, installation authority arrange application, at Android bottom, generate privately owned API;
B2, by the list of privately owned API Access application permission, revise in application permission list and have the application type of the authority obtained and the content that this application has the confidential information of authority acquiring;
B3, preserve amended application permission list.
3. the method that confidential information is revealed that prevents based on Android system according to claim 1, is characterized in that, described step C specifically comprises:
C1, when application reading machine confidential information, this application call standard A PI accesses privately owned API, reads application permission list;
C2, at Android native layer, judge whether current application mates with the application in application permission list:
If C3 coupling is inquired about the type that current application has the confidential information of authority acquiring in application permission list, by standard A PI, obtain information data corresponding to the type and show.
4. the method that confidential information is revealed that prevents based on Android system according to claim 3, it is characterized in that, described step C3 also comprises: if current application is not mated with the application in application permission list, generate for pointing out user's current application to have no right and obtain the information of confidential information, and transfer to display screen demonstration.
5. the method that confidential information is revealed that prevents based on Android system according to claim 3, it is characterized in that, in described step C1, when this application call standard A PI accesses privately owned API, also comprise the application message of obtaining this application, described application message comprises the type of the confidential information that apply names, bag name, this application need to be obtained.
6. the method that confidential information is revealed that prevents based on Android system according to claim 5, is characterized in that, in described step C2, if the bag name of applying in the Bao Mingyu application permission list of current application is identical, is judged as coupling.
7. the method that confidential information is revealed that prevents based on Android system according to claim 5, is characterized in that, described step C3 also comprises:
C31, judge that the type of the confidential information that current application need to be obtained is whether identical with the type that application permission list arranges;
If C32 is identical, by standard A PI, obtains information data corresponding to the type and show.
8. the method that confidential information is revealed that prevents based on Android system according to claim 7, is characterized in that, described step C32 also comprises:
If the type of the confidential information that current application need to be obtained is not identical with the type that application permission list arranges, generates for pointing out user's current application to obtain the wrong information of confidential information content, and transfer to display screen demonstration.
9. the method that confidential information is revealed that prevents based on Android system according to claim 1, is characterized in that, described confidential information comprises the machine hardware information, owner's information and communication information; An application has authority to obtain one or more confidential information simultaneously.
10. for realizing the terminal that prevents the method that confidential information is revealed based on Android system as claimed in claim 1, it is characterized in that, comprising:
Message processing module, for creating at Android bottom for storing the authority of application permission list, and is stored in confidential information classification in application permission list;
Privately owned control module, for generating privately owned API at Android bottom, arranges the content of application permission list by privately owned API;
Judge module, for when applying reading machine confidential information, at Android native layer, according to application permission, list judges whether this application has authority acquiring confidential information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310208989.0A CN103544447B (en) | 2013-05-30 | 2013-05-30 | A kind of method preventing confidential information from revealing based on Android system and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310208989.0A CN103544447B (en) | 2013-05-30 | 2013-05-30 | A kind of method preventing confidential information from revealing based on Android system and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103544447A true CN103544447A (en) | 2014-01-29 |
| CN103544447B CN103544447B (en) | 2016-10-12 |
Family
ID=49967886
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310208989.0A Active CN103544447B (en) | 2013-05-30 | 2013-05-30 | A kind of method preventing confidential information from revealing based on Android system and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103544447B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462997A (en) * | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Method, device and system for protecting work data in mobile terminal |
| CN105095788A (en) * | 2015-06-30 | 2015-11-25 | 北京奇虎科技有限公司 | Method, device and system for private data protection |
| CN105578433A (en) * | 2014-10-17 | 2016-05-11 | 中兴通讯股份有限公司 | Short message protection method and device of terminal |
| CN105809026A (en) * | 2014-12-29 | 2016-07-27 | 北京奇虎科技有限公司 | Permission configuration method and apparatus for process |
| WO2016119432A1 (en) * | 2015-01-27 | 2016-08-04 | 华为技术有限公司 | Application accessing control method and device |
| WO2017011167A1 (en) * | 2015-07-10 | 2017-01-19 | Google Inc. | Protecting data from unauthorized access |
| WO2017020586A1 (en) * | 2015-07-31 | 2017-02-09 | 宇龙计算机通信科技(深圳)有限公司 | Information security management method for intelligent wearable device, intelligent wearable device and terminal |
| CN103984900B (en) * | 2014-05-19 | 2017-03-01 | 南京赛宁信息技术有限公司 | Android application leak detection method and system |
| CN107026954A (en) * | 2015-11-03 | 2017-08-08 | 爱思打印解决方案有限公司 | Imaging device and recover its wrong method |
| CN107623659A (en) * | 2016-07-14 | 2018-01-23 | 精硕科技(北京)股份有限公司 | One kind obtains equipment characteristic ID method and system |
| CN107704356A (en) * | 2017-06-12 | 2018-02-16 | 平安科技(深圳)有限公司 | Exception stack information acquisition method, device and computer-readable recording medium |
| CN108629189A (en) * | 2018-03-20 | 2018-10-09 | 蔚来汽车有限公司 | Engine end data guard method, device and vehicle |
| CN109241769A (en) * | 2018-08-09 | 2019-01-18 | 福州瑞芯微电子股份有限公司 | A kind of electronic equipment personal secrets method for early warning and system |
| CN109639884A (en) * | 2018-11-21 | 2019-04-16 | 惠州Tcl移动通信有限公司 | A kind of method, storage medium and terminal device based on Android monitoring sensitive permission |
| CN110727941A (en) * | 2019-08-23 | 2020-01-24 | 深圳市轱辘汽车维修技术有限公司 | Private data protection method and device, terminal equipment and storage medium |
| CN111400757A (en) * | 2020-03-13 | 2020-07-10 | 西安电子科技大学 | Method for preventing native code in android third-party library from revealing user privacy |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102186167B (en) * | 2011-04-11 | 2016-02-10 | 中兴通讯股份有限公司 | A kind of to applying the method and system monitored |
| CN102572804B (en) * | 2011-12-27 | 2014-11-26 | 奇智软件(北京)有限公司 | Data calling method and device |
| CN102917346B (en) * | 2012-10-17 | 2015-01-07 | 浙江大学城市学院 | Security policy management system and method for Android-based application program during operation |
| CN103023871B (en) * | 2012-11-16 | 2015-05-20 | 华中科技大学 | Android privilege escalation attack detection system and method based on cloud platform |
-
2013
- 2013-05-30 CN CN201310208989.0A patent/CN103544447B/en active Active
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103984900B (en) * | 2014-05-19 | 2017-03-01 | 南京赛宁信息技术有限公司 | Android application leak detection method and system |
| CN105578433A (en) * | 2014-10-17 | 2016-05-11 | 中兴通讯股份有限公司 | Short message protection method and device of terminal |
| CN104462997A (en) * | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Method, device and system for protecting work data in mobile terminal |
| CN105809026A (en) * | 2014-12-29 | 2016-07-27 | 北京奇虎科技有限公司 | Permission configuration method and apparatus for process |
| CN105809026B (en) * | 2014-12-29 | 2019-02-01 | 北京奇虎科技有限公司 | The authority configuring method and device of process |
| WO2016119432A1 (en) * | 2015-01-27 | 2016-08-04 | 华为技术有限公司 | Application accessing control method and device |
| CN105095788B (en) * | 2015-06-30 | 2018-06-29 | 北京奇虎科技有限公司 | The method, apparatus and system of private data guard |
| CN105095788A (en) * | 2015-06-30 | 2015-11-25 | 北京奇虎科技有限公司 | Method, device and system for private data protection |
| WO2017011167A1 (en) * | 2015-07-10 | 2017-01-19 | Google Inc. | Protecting data from unauthorized access |
| CN107533618A (en) * | 2015-07-10 | 2018-01-02 | 谷歌有限责任公司 | Protect data from unwarranted access |
| WO2017020586A1 (en) * | 2015-07-31 | 2017-02-09 | 宇龙计算机通信科技(深圳)有限公司 | Information security management method for intelligent wearable device, intelligent wearable device and terminal |
| CN107026954A (en) * | 2015-11-03 | 2017-08-08 | 爱思打印解决方案有限公司 | Imaging device and recover its wrong method |
| CN107623659A (en) * | 2016-07-14 | 2018-01-23 | 精硕科技(北京)股份有限公司 | One kind obtains equipment characteristic ID method and system |
| CN107623659B (en) * | 2016-07-14 | 2020-10-09 | 精硕科技(北京)股份有限公司 | Method and system for acquiring device characteristic ID |
| CN107704356B (en) * | 2017-06-12 | 2019-06-28 | 平安科技(深圳)有限公司 | Exception stack information acquisition method, device and computer readable storage medium |
| CN107704356A (en) * | 2017-06-12 | 2018-02-16 | 平安科技(深圳)有限公司 | Exception stack information acquisition method, device and computer-readable recording medium |
| US11010227B2 (en) | 2017-06-12 | 2021-05-18 | Ping An Technology (Shenzhen) Co., Ltd. | Exception stack information acquisition method and device and computer-readable storage medium |
| CN108629189A (en) * | 2018-03-20 | 2018-10-09 | 蔚来汽车有限公司 | Engine end data guard method, device and vehicle |
| CN109241769A (en) * | 2018-08-09 | 2019-01-18 | 福州瑞芯微电子股份有限公司 | A kind of electronic equipment personal secrets method for early warning and system |
| CN109639884A (en) * | 2018-11-21 | 2019-04-16 | 惠州Tcl移动通信有限公司 | A kind of method, storage medium and terminal device based on Android monitoring sensitive permission |
| CN110727941A (en) * | 2019-08-23 | 2020-01-24 | 深圳市轱辘汽车维修技术有限公司 | Private data protection method and device, terminal equipment and storage medium |
| CN110727941B (en) * | 2019-08-23 | 2023-10-13 | 深圳市轱辘车联数据技术有限公司 | Privacy data protection method and device, terminal equipment and storage medium |
| CN111400757A (en) * | 2020-03-13 | 2020-07-10 | 西安电子科技大学 | Method for preventing native code in android third-party library from revealing user privacy |
| CN111400757B (en) * | 2020-03-13 | 2022-09-27 | 西安电子科技大学 | Method for preventing native code in android third-party library from revealing user privacy |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103544447B (en) | 2016-10-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103544447B (en) | A kind of method preventing confidential information from revealing based on Android system and terminal | |
| US9537869B2 (en) | Geographical restrictions for application usage on a mobile device | |
| US8812868B2 (en) | Secure execution of unsecured apps on a device | |
| US8955142B2 (en) | Secure execution of unsecured apps on a device | |
| US8769305B2 (en) | Secure execution of unsecured apps on a device | |
| US8549656B2 (en) | Securing and managing apps on a device | |
| US8893298B2 (en) | Network linker for secure execution of unsecured apps on a device | |
| US9065771B2 (en) | Managing application execution and data access on a device | |
| US9542552B2 (en) | Extensible platform for securing apps on a mobile device using policies and customizable action points | |
| US20130247147A1 (en) | Creating a virtual private network (vpn) for a single app on an internet-enabled device or system | |
| US20130024929A1 (en) | Trust level activation | |
| CN104838630A (en) | Policy-based application management | |
| CN105339923A (en) | Context-aware permission control of hybrid mobile applications | |
| US20160055344A1 (en) | Data loss prevention during app execution using e-mail enforcement on a mobile device | |
| CN104239814A (en) | Mobile office safety method and mobile office safety system | |
| US10958687B2 (en) | Generating false data for suspicious users | |
| CN104268463A (en) | Method and device for managing calling authority of camera | |
| CN103778379B (en) | Application in management equipment performs and data access | |
| US9672353B2 (en) | Securing and managing apps on a device using policy gates | |
| CN109413034A (en) | Application data display methods, device, computer equipment and storage medium | |
| US10713370B2 (en) | Information rights management through editors implemented in a browser | |
| CN117235771B (en) | Permission management and control method of application program and electronic equipment | |
| Bourimi et al. | A two-level approach to ontology-based access control in pervasive personal servers | |
| Zheng | Overview of security Enhanced Android’s security architecture | |
| CN117390617A (en) | Authority control method, authority control device, electronic equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |