CN103746967A - Mobile client advertisement invoking method and system - Google Patents
Mobile client advertisement invoking method and system Download PDFInfo
- Publication number
- CN103746967A CN103746967A CN201310716777.3A CN201310716777A CN103746967A CN 103746967 A CN103746967 A CN 103746967A CN 201310716777 A CN201310716777 A CN 201310716777A CN 103746967 A CN103746967 A CN 103746967A
- Authority
- CN
- China
- Prior art keywords
- encryption
- mobile client
- decryption
- parameters
- advertisement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012795 verification Methods 0.000 claims abstract description 8
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 8
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 108091029480 NONCODE Proteins 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a mobile client advertisement invoking method and system. The method comprises the following steps that: a mobile client issues a data request carrying an encryption parameter to a server terminal, wherein the encryption parameter is generated based on an encryption and decryption rule and a secret key that are packaged at a local code base by the mobile client and is a verification parameter for an advertisement request; and after the receiver receives the data request, the encryption and decryption rule that is stored in advance is used to carry out decryption; if the decryption is done successfully, a related advertisement is returned; and if the decryption fails, an error code is returned to the mobile client. Because the encryption and decryption rule and the secret key are packaged in the local data base that is difficult to be cracked, the security is improved; and the good technical effect is realized.
Description
Technical Field
The invention belongs to a method and a system for calling advertisements of a mobile client.
Background
Android (Android) is a Linux-based operating system with free and open source codes, and is mainly used for mobile devices such as smart phones and tablet computers, and is led and developed by Google corporation and the open mobile phone alliance, and currently occupies a large market of mobile phones.
The Android system architecture is the same as the operating system, and a layered architecture is adopted.
From the architecture diagram, the Android is divided into four layers, namely an application program layer, an application program framework layer, a system operation library layer and a Linux kernel layer from a high layer to a low layer.
Android can be published together with a series of core application packages, wherein the application packages comprise a client, an SMS (short message service) short message program, a calendar, a map, a browser, a contact management program and the like. All applications are written in the JAVA language.
In addition, developers may also have full access to the API framework used by the core application. The architectural design of the application simplifies the reuse of components, any one application can publish its function blocks and any other application can use its published function blocks (although subject to the security of the framework). Also, the application reuse mechanism allows a user to easily replace program components.
Hidden behind each application are a series of services and systems, including;
rich and extensible Views (Views), which can be used to build applications, include Lists (Lists), Grids (Grids), Text boxes (Text boxes), Buttons (Buttons), and even embeddable web browsers.
Content Providers (Content Providers) allow an application to access data of another application (e.g., a contact database) or to share their own data
Resource managers (Resource managers) provide access to non-code resources such as native strings, graphics, and Layout files (Layout files).
A Notification Manager (Notification Manager) allows applications to display custom hints in the status bar.
An Activity Manager (Activity Manager) is used to manage application lifecycle and provide the usual navigation fallback functionality.
Furthermore, Android contains some C/C + + libraries that can be used by different components in the Android system. They provide services to developers through the Android application framework. The following are some core libraries:
system C library-a standard C system function library Libc inherited from the BSD) that is specifically tailored to the Embedded linux based device.
The media library is based on PacketVideo OpenCORE, supports playback and recording of various common audio and video formats, and supports static image files. The encoding formats include MPEG4, h.264, MP3, AAC, AMR, JPG, PNG.
Surface Manager-management of display subsystem and provides seamless fusion of 2D and 3D layers for multiple applications.
LibWebCore-a latest web browser engine supporting Android browser and an embeddable web view.
At present, encryption in the existing Android client SDK is encrypted by using Java source codes. Since Java code can be decompiled, the encrypted keys and encryption schemes are easily exposed after decompilation, and thus, are easily invalidated by malicious code when an advertisement is invoked.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a mobile client advertisement calling method and a mobile client advertisement calling system, which can prevent parameters for calling advertisements from being cracked, so that a client is safer.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a mobile client ad invocation method, comprising:
the mobile client initiates a data request to the server, wherein the data request carries encryption parameters;
the encryption parameters are generated based on encryption and decryption rules and keys packaged by the mobile client from a local code library, and the encryption parameters are verification parameters for the advertisement request;
after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client.
Preferably, the server stores the encryption/decryption rules and the key in advance in Java code.
Preferably, the mobile client is an android client, and the native code library is a binary C language code.
Preferably, the generating of the encryption parameter includes:
the SDK of the android client transmits parameters needing encryption to the local code module through the JNI calling module; and the local code module encrypts the parameters according to the stored encryption and decryption rules and the key, and transmits the encrypted parameters to the SDK of the android client through the JNI calling module.
A mobile client ad invocation system, comprising:
the data packet request unit is used for initiating a data request to the server side, and the data request carries encryption parameters; the encryption parameters are generated based on encryption and decryption rules and keys packaged by the mobile client from a local code library, and the encryption parameters are verification parameters for the advertisement request;
after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client.
Preferably, the mobile client is an android client, and includes: and the native code module is used for storing a native code library, wherein the native code library is a binary C language code.
Preferably, the method further comprises the following steps: an encryption parameter obtaining unit, configured to obtain a parameter to be encrypted;
the JNI calling module is used for transmitting the parameters needing to be encrypted to the local code module;
and the local code module is used for encrypting the parameters according to the stored encryption and decryption rules and the key and transmitting the encrypted parameters to the SDK of the android client through the JNI calling module.
After the scheme is adopted, the encryption and decryption rules and the secret keys are packaged in the local code base, and the local code base is not easy to crack, so that the safety is improved; in addition, the mobile client is an android client, wherein the native code library is a binary C language code, so that the whole advertisement calling process is safer and has a very good effect by means of encryption and decryption rules and keys existing in a binary library file form.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The present invention will be described in detail below with reference to the accompanying drawings so that the above advantages of the present invention will be more apparent. Wherein,
FIG. 1 is a flow chart diagram of a mobile client advertisement invocation method of the present invention;
FIG. 2 is a schematic diagram of the architecture of the mobile client advertisement invocation system of the present invention.
Detailed Description
The following detailed description of the embodiments of the present invention will be provided with reference to the drawings and examples, so that how to apply the technical means to solve the technical problems and achieve the technical effects can be fully understood and implemented. It should be noted that, as long as there is no conflict, the embodiments and the features of the embodiments of the present invention may be combined with each other, and the technical solutions formed are within the scope of the present invention.
Additionally, the steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions and, although a logical order is illustrated in the flow charts, in some cases, the steps illustrated or described may be performed in an order different than here.
Fig. 1 is a schematic flow chart of a mobile client advertisement invoking method according to an embodiment of the present invention, wherein the method mainly includes the following steps:
step 101: generally speaking, for any interaction between the client and the server, the encryption and decryption rules and the adopted key mode need to be negotiated for data packets between the client and the server, for example, in the field of mobile advertisements, for the security of advertisement requests, the advertisement requests need to encrypt an authentication parameter of the advertisement requests at the client SDK, the background server receives the requests, decrypts the encrypted parameter according to the encryption and decryption mode protocol and the key of the client SDK and the service background, if the decryption is successful, the request is valid, and if the decryption is failed, the request is an illegal request, the advertisements are not returned. This step is the same as the prior art and is not described in detail.
Step 102: the client side puts the encryption and decryption rules and the secret key into a local code base, and unlike the prior art, encryption in the existing Android client side SDK is encrypted by using Java source codes. Since Java code can be decompiled, the encrypted keys and encryption schemes are easily exposed after decompilation, and thus, are easily invalidated by malicious code when an advertisement is invoked.
For this reason, the encryption and decryption rules and the secret keys are put into the local code base, specifically, the mobile client is an android client, wherein the local code base is a binary C language code, that is, all the encryption and decryption rules and the secret keys are put into the local code base of the C language code, and compared with java language, the encryption and decryption rules and the secret keys are difficult to crack, so that the security is high.
Step 103: acquiring parameters needing to be encrypted, specifically acquiring verification parameters needing to be encrypted for the advertisement request when an Android client SDK needs to initiate an advertisement data request;
step 104: the parameters to be encrypted are transmitted to a local code library and encrypted by the local code library, and in the embodiment, the parameters to be encrypted are mainly transmitted to a local code module by an Android client SDK through a JNI (just noticeable indicator) calling module; .
step 106: after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client, which is not described in detail below.
That is to say, the method and the device encrypt one verification parameter of the advertisement request by calling the local code library packaged in the program SDK package in the Android program, thereby avoiding the unsafe condition caused by encrypting the parameter by using Java code, and the method has good safety.
In a specific application example, the method mainly comprises the following main steps:
s1, encrypting the parameters in the Android client side SDK by using the local codes firstly determines an encryption and decryption mode, the technology adopts a self-defined encryption and decryption mode, the decryption of a background is realized by using Java language, and the encryption of the Android client side SDK is realized by using C language.
S2, after determining the encryption/decryption method, a key needs to be defined. The keys of the client SDK must serve the key agreement of the background. The service background storage key is relatively safe, and after the client side SDK adopts the local code to package the encryption code, the key is stored in the local code library with the same safety.
And S3, after the encryption and decryption modes and the key are determined, calling the native code library packaged with the encryption function by using a JNI technology in the Android client development process.
And transmitting the parameters to be encrypted into a local code encryption function through JNI, encrypting the parameters by the local code, and returning the parameters to the client SDK sequence through the JNI.
S4, the SDK of the client requests the encrypted parameters and other parameters to access the service background through the network, and the service background decrypts the encrypted parameters after receiving the parameters. If the decryption is successful, the relevant advertisement is returned, and if the decryption is failed, the request is an illegal request, only an error code is returned to the client.
Therefore, by means of the encryption and decryption rules and the keys in the form of binary library files, the whole advertisement calling process is safer, and the method has a very good effect.
As shown in fig. 2, a mobile client ad invocation system, comprising:
the data packet request unit is used for initiating a data request to the server side, and the data request carries encryption parameters; the encryption parameters are generated based on encryption and decryption rules and keys packaged by the mobile client from a local code library, and the encryption parameters are verification parameters for the advertisement request;
after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client.
Preferably, the mobile client is an android client, and includes: and the native code module is used for storing a native code library, wherein the native code library is a binary C language code.
Preferably, the method further comprises the following steps: an encryption parameter obtaining unit, configured to obtain a parameter to be encrypted;
the JNI calling module is used for transmitting the parameters needing to be encrypted to the local code module;
and the local code module is used for encrypting the parameters according to the stored encryption and decryption rules and the key and transmitting the encrypted parameters to the SDK of the android client through the JNI calling module.
The system and the method have the same technical effect that the encryption and decryption rules and the secret keys are packaged in the local code base, and the local code base is not easy to crack, so that the safety is improved; in addition, the mobile client is an android client, wherein the native code library is a binary C language code, so that the whole advertisement calling process is safer and has a very good effect by means of encryption and decryption rules and keys existing in a binary library file form.
It should be noted that for simplicity of description, the above method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (7)
1. A mobile client advertisement invoking method, comprising:
the mobile client initiates a data request to the server, wherein the data request carries encryption parameters;
the encryption parameters are generated based on encryption and decryption rules and keys packaged by the mobile client from a local code library, and the encryption parameters are verification parameters for the advertisement request;
after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client.
2. The mobile client ad calling method of claim 1, wherein the encryption and decryption rules and keys are pre-stored in Java code on the server.
3. The mobile client advertisement invoking method according to claim 1, wherein the mobile client is an android client, and wherein the native code library is a binary C language code.
4. The mobile client ad calling method according to claim 3, wherein the generating of the encryption parameter comprises:
the SDK of the android client transmits parameters needing encryption to the local code module through the JNI calling module; and the local code module encrypts the parameters according to the stored encryption and decryption rules and the key, and transmits the encrypted parameters to the SDK of the android client through the JNI calling module.
5. A mobile client ad invocation system, comprising:
the data packet request unit is used for initiating a data request to the server side, and the data request carries encryption parameters; the encryption parameters are generated based on encryption and decryption rules and keys packaged by the mobile client from a local code library, and the encryption parameters are verification parameters for the advertisement request;
after receiving the data request, the server decrypts the data request by using a pre-stored encryption and decryption rule, wherein if the decryption is successful, the server returns a relevant advertisement; and if the decryption fails, returning an error code to the mobile client.
6. The system for invoking mobile client advertisement of claim 5, wherein said mobile client is an android client comprising: and the native code module is used for storing a native code library, wherein the native code library is a binary C language code.
7. The mobile client ad invocation system according to claim 6, further comprising: an encryption parameter obtaining unit, configured to obtain a parameter to be encrypted;
the JNI calling module is used for transmitting the parameters needing to be encrypted to the local code module;
and the local code module is used for encrypting the parameters according to the stored encryption and decryption rules and the key and transmitting the encrypted parameters to the SDK of the android client through the JNI calling module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310716777.3A CN103746967A (en) | 2013-12-23 | 2013-12-23 | Mobile client advertisement invoking method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310716777.3A CN103746967A (en) | 2013-12-23 | 2013-12-23 | Mobile client advertisement invoking method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103746967A true CN103746967A (en) | 2014-04-23 |
Family
ID=50503954
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310716777.3A Pending CN103746967A (en) | 2013-12-23 | 2013-12-23 | Mobile client advertisement invoking method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103746967A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104156481A (en) * | 2014-08-26 | 2014-11-19 | 北京软安科技有限公司 | Android encryption communication detection device and method based on dynamic linking library injection |
| WO2015154436A1 (en) * | 2014-08-15 | 2015-10-15 | 中兴通讯股份有限公司 | Data processing method and device |
-
2013
- 2013-12-23 CN CN201310716777.3A patent/CN103746967A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015154436A1 (en) * | 2014-08-15 | 2015-10-15 | 中兴通讯股份有限公司 | Data processing method and device |
| CN104156481A (en) * | 2014-08-26 | 2014-11-19 | 北京软安科技有限公司 | Android encryption communication detection device and method based on dynamic linking library injection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110199287B (en) | Data decapsulation using sealed enclosure | |
| CN110199284B (en) | Cross platform enclosure identity | |
| CN110214324B (en) | Key store enclosure | |
| CN110226167B (en) | Abstract enclave identity | |
| CN110214323B (en) | Surrounding area abstract model | |
| US9900161B2 (en) | Method for certifying android client application by local service unit | |
| WO2022237123A1 (en) | Method and apparatus for acquiring blockchain data, electronic device, and storage medium | |
| CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
| EP2618266A1 (en) | Method for interworking trust between a trusted region and an untrusted region, method, server, and terminal for controlling the downloading of trusted applications, and control system applying same | |
| CN106295255B (en) | Application program reinforcing method and device | |
| US20100257370A1 (en) | Apparatus And Method for Supporting Content Exchange Between Different DRM Domains | |
| CN104854561A (en) | Application wrapping for application management framework | |
| CN105308923A (en) | Data management for an application with multiple operation modes | |
| CN109844748B (en) | Computing system and method for hosting security services in a virtual security environment | |
| CN111262889A (en) | Authority authentication method, device, equipment and medium for cloud service | |
| CN116070216A (en) | Subordinate bounding region binary file | |
| US20210111892A1 (en) | Scalabe attestation for trusted execution environments | |
| CN110214321B (en) | Nested enclave identity | |
| CN104199657A (en) | Call method and device for open platform | |
| US20140059341A1 (en) | Creating and accessing encrypted web based content in hybrid applications | |
| CN111245811A (en) | Information encryption method and device and electronic equipment | |
| US20150294122A1 (en) | Method and apparatus for downloadable drm in a trusted execution environment | |
| CN114598481A (en) | Authorization authentication method, device, electronic equipment and storage medium | |
| CN111901287A (en) | Method and device for providing encryption information for light application and intelligent equipment | |
| CN103746967A (en) | Mobile client advertisement invoking method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140423 |