CN103812871A - Development method and system based on mobile terminal application program security application - Google Patents
Development method and system based on mobile terminal application program security application Download PDFInfo
- Publication number
- CN103812871A CN103812871A CN201410062383.5A CN201410062383A CN103812871A CN 103812871 A CN103812871 A CN 103812871A CN 201410062383 A CN201410062383 A CN 201410062383A CN 103812871 A CN103812871 A CN 103812871A
- Authority
- CN
- China
- Prior art keywords
- terminal
- server
- sdk
- pki
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a development method and system based on mobile terminal application program security application. The system comprises a sending terminal, a safe software development kit (SDK), a server and a receiving terminal. The method includes that the sending terminal requests a random number from the server, after the requested random number is received, a private key of the sending terminal is called to perform signing on the random number, and a signing result and a signing public key certificate are sent to the server; after the success of identity authentication, the safe SDK is called, received data information is encrypted through symmetric keys, the symmetric keys are encrypted by a public key of the receiving terminal, and encrypted symmetric keys and data information are sent to the receiving terminal; the receiving terminal calls the safe SDK to decrypt encrypted data. By means of the development method and system based on mobile terminal application program security application, related problems such as identity authentication, data breach and equipment controlling of data information safety are avoided.
Description
Technical field
The present invention relates to a kind of mobile terminal data security fields, relate in particular to a kind of development approach and system based on application program for mobile terminal Secure Application.
Background technology
PKI:Public Key Infrastructure, it is PKIX, it is a kind of key management platform of following set standard, it can provide the cryptographic service such as encryption and decryption and digital signature and necessary key and certificate management system for all information security application, in simple terms, PKI is exactly the infrastructure that security service is provided of utilizing PKI theory and technology to set up.PKI technology is the core of information security technology, is also key and the basic technology of ecommerce.
Certificate SDK:Software Development Kit, based on PKI system, one can provide the development platform of safety supports, inner to dissimilar, different medium, unified interface encapsulation is carried out in the certificate operation of different specification, and user need not be concerned about complicated security details, only need call result data that the corresponding interface obtains oneself wanting mutually (as P1, P7 signs and tests, data envelope, symmetrical encryption and decryption, HASH etc.).This SDK will support cross-platform, supports the CSP of main flow, P11, and the close standard of state, supports soft or hard certificate.
HMAC:Hash-based Message Authentication Code, is the Hash operation message authentication code that key is relevant, and HMAC computing utilizes hash algorithm, take a key and a message as input, generates an eap-message digest as output.
Along with progress and the development of information age, intelligent movable mobile phone has obtained universal rapidly, mobile terminal application is as the core of smart mobile phone, and countless, miscellaneous application program for mobile terminal has captured mobile application market, and these application have met the demand of user's different aspect.Can be divided into from user interactions: user login, user's registration, user authenticate etc., from text data information transmission, can be divided into: cloud phone, mail, check document, file storage in form.From showing, information display can be divided into: the application such as address list, mail, browser; Mobile terminal application provides the function of information display, transmission and storage, and does not consider and utilize encryption technology to encapsulate, and guarantees the safety management of data Life cycle.
Existing use more widely some systems is all using password, domain authentication and coded lock as authentication, and all adopts clear-text way for the transmission of data; Data are all to local with stored in clear;
| ? | Basis mode |
| Authentication | User name, password, graphical passwords lock |
| Transfer of data | Plaintext transmission |
| Data storage | Stored in clear |
The current main problem existing of mobile terminal application:
1. use password or coded lock to carry out authentication, Cipher Strength a little less than, cannot guarantee identity security;
2. in data transmission procedure, plaintext transmission, data are likely monitored;
3. use mobile terminal to download viewing files for expressly, cannot guarantee data security.
Existence foundation SDK in prior art, function as mobile terminal application supports, some developers are encapsulated into some basic functions in SDK, offer mobile application developer, upper-layer service logic is called basic SDK can realize corresponding function fast, function for a certain application of mobile terminal is carried out unified management, maintenance, and this has improved durability, the operating efficiency of code and has reduced company cost.
Existing SDK is directed to the functions such as user authenticates, transfer of data, equipment control, third party's application and encapsulates, thereby provide username-password authentication mode to user's authentication, for data, storage provides the encapsulation of the technology such as SQLite, XML, provides the mode such as Http, TCP to receive and dispatch senior encapsulation to network.
Fig. 1 is the functional structure chart that in prior art, mail SDK possesses, and Fig. 2 is mobile terminal mail transmission flow figure in prior art.
As shown in Figure 1, existing mail SDK comprises following functions assembly: password login component, send mail assembly, and create mail assembly, receive mail assembly, database component, configuration component.
Mailing system of the prior art comprises: Mail Clients, and mail SDK, mail server, mail transmission flow is as follows:
1) the mail APP of Mail Clients starts to send mail;
2) mail APP calls SDK and sends mail interface;
3) mail SDK receives after mail data, and mail data is passed to mail server;
4) mail server receives mail data;
5), according to recipient address, data are sent to mail reception person place by mail server;
6) mail server returns results information;
7) mail SDK returns to transmission object information;
8) Mail Clients receives and sends object information;
9) finish.
Encapsulation base application SDK is the conventional a kind of mode of each manufacturer, as provides mail mobile terminal SDK, address list SDK, network data transmission SDK, data storing X ML, SQLite etc. all to encapsulate basic SDK, for upper layer application provides fast Development interface.But most basic SDK does not consider how to ensure the fail safe of authentication own, as prevent replay attack, prevent identity impersonation, what on Internet Transmission, too much consider is efficiency of transmission, or model is light, do not consider whether to exist the potential safety hazard such as divulge a secret, file data may be monitored in transmitting procedure; May be stolen storing this locality into clear-text way aspect data storage, not do control of authority and document life management; Lack unified management, unified protection
Summary of the invention
In order to solve the development problem of application program for mobile terminal Secure Application, the present invention proposes a kind of development approach based on application program for mobile terminal Secure Application, the method comprises the steps:
1) transmitting terminal is to server request random number, receiving after the random number of request, calling transmitting terminal private key signs to this random number, and signature result and public signature key certificate are sent to described server, this server carries out certificate validity checking sign test, return authentication result, if the verification passes, skips to step 2);
2) transmitting terminal is called safe SDK, and send user profile and data message to described SDK, described safe SDK obtains receiving terminal PKI according to described user profile, then produce symmetric key in this locality, and use this symmetric key to be encrypted the described data message receiving, adopt described receiving terminal PKI to be encrypted this symmetric key, encrypted symmetric key and data message are assembled into digital envelope, finally this digital envelope is turned back to transmitting terminal;
3) transmitting terminal sends above-mentioned digital envelope to receiving terminal;
4) described receiving terminal receives after described digital envelope, call described safe SDK, this safe SDK resolves described digital envelope, parse ciphertext symmetric key and encrypt data, use receiving terminal private key decrypting ciphertext symmetric key, use expressly symmetric key decrypting ciphertext data, the clear data information of deciphering is delivered to the application layer of receiving terminal.
Further, in described step 1), transmitting terminal is receiving after the random number of request, enumerate equipment, open equipment, enumerate certificate, then verify PIN code, if authentication failed, finish to verify flow process, if be proved to be successful, just continue follow-up verification step.
Further, described step 2) described in safe SDK obtain described receiving terminal PKI according to described user profile and comprise: described safe SDK searches described receiving terminal PKI in this locality according to described user profile, if this locality does not exist, described user profile is sent to server, receive described receiving terminal PKI from described server.
Further, described transmitting terminal and receiving terminal are respectively and send mail terminal and receive mail terminal, described server comprises mail security management platform and mail server, and described transmission mail terminal sends mail by this mail server to described reception mail terminal.
Further, described step 2) in send mail terminal call described safe SDK, and send E-mail, mail reception person's list expressly to described safe SDK, described safe SDK obtains and receives mail terminal PKI according to this mail reception person's list, and verify the validity of this PKI, after being verified, to mail signature.
Further, in described step 4), use after plaintext symmetric key decrypting ciphertext data, need checking to receive the validity of mail terminal PKI.
In order to solve the development problem of application program for mobile terminal Secure Application, the invention allows for a kind of development system based on application program for mobile terminal Secure Application, this system comprises: transmitting terminal, safe SDK, server, receiving terminal;
Transmitting terminal is to server request random number, receiving after the random number of request, calling transmitting terminal private key this random number is signed, and signature result and public signature key certificate are being sent to described server, this server carries out certificate validity checking sign test, return authentication result; Transmitting terminal is after authentication success, call safe SDK, and send user profile and data message to described SDK, described safe SDK obtains receiving terminal PKI according to described user profile, then produce symmetric key in this locality, and use this symmetric key to be encrypted the described data message receiving, adopt described receiving terminal PKI to be encrypted this symmetric key, encrypted symmetric key and data message are assembled into digital envelope, finally this digital envelope is turned back to transmitting terminal, transmitting terminal sends above-mentioned digital envelope to receiving terminal; Described receiving terminal receives after described digital envelope, call described safe SDK, this safe SDK resolves described digital envelope, parse ciphertext symmetric key and encrypt data, use receiving terminal private key decrypting ciphertext symmetric key, use expressly symmetric key decrypting ciphertext data, the clear data information of deciphering is delivered to the application layer of receiving terminal.
Further, transmitting terminal is receiving after the random number of request, enumerates equipment, opens equipment, enumerates certificate, then verifies PIN code, if authentication failed finishes to verify flow process, if be proved to be successful, just continues follow-up verification step.
Further, described safe SDK obtains described receiving terminal PKI according to described user profile and comprises: described safe SDK searches described receiving terminal PKI in this locality according to described user profile, if this locality does not exist, described user profile is sent to server, receive described receiving terminal PKI from described server.
Further, described transmitting terminal and receiving terminal are respectively and send mail terminal and receive mail terminal, described server comprises mail security management platform and mail server, and described transmission mail terminal sends mail by this mail server to described reception mail terminal.
Further, send mail terminal and call described safe SDK, and send E-mail, mail reception person's list expressly to described safe SDK, described safe SDK obtains and receives mail terminal PKI according to this mail reception person's list, with sending the private key of mail terminal, mail is signed, use certificate device fabrication symmetric key, and privacy enhanced mail, be packaged into digital envelope with receiving terminal public key encryption symmetric key and with ciphertext mail, be assembled into secure e-mail E-mail, this secure e-mail E-mail is sent to mail server.
Further, described transmission mail terminal calls described safe SDK, and send E-mail, mail reception person's list expressly to described safe SDK, described safe SDK obtains and receives mail terminal PKI according to this mail reception person's list, and verify the validity of this PKI, after being verified, to mail signature.
Further, described safe SDK uses after plaintext symmetric key decrypting ciphertext data, needs checking to receive the validity of mail terminal PKI.
Further, this system also comprises a database, for being encrypted and deciphering for the pagefile of sqlite3.
Further, this system also comprises a mobile management control desk, and a UI operation interface is provided, and mobile terminal behavior and user are carried out to management and control, comprises user management, strategy configuration, log audit.
The scheme proposing by the present invention, has obtained following technique effect:
After this SDK of third party's application call, can substantially avoid the relevant issues of data information security, comprise that authentication, data leak, apparatus management/control etc.Because the certificate in user's identity and hardware device is binding mutually.If there is no this hardware device, relevant people just can not check ciphered data information.Even if data message is monitored intercepting in transmission, but listener also has no idea data message to be decrypted, and makes its data that obtain without any meaning.
Accompanying drawing explanation
Fig. 1 is the functional unit figure that in prior art, mail SDK possesses.
Fig. 2 is mobile terminal mail transmission flow figure in prior art.
Fig. 3 is overall framework figure of the present invention.
Fig. 4 is mobile terminal authentication flow chart of the present invention.
Fig. 5 is mobile terminal data encryption flow figure of the present invention.
Fig. 6 is mobile terminal data deciphering flow chart of the present invention.
Fig. 7 is the overall framework figure that the present invention realizes mobile terminal safety transmission mail.
Fig. 8 is mobile terminal email encryption flow chart of the present invention.
Fig. 9 is mobile terminal mail deciphering flow chart of the present invention.
Embodiment
The object of the present invention is to provide multiple safe identification authentication mode, as certificate mode authenticates, dynamic password mode authenticates, improve mechanism of permitting the entrance, in the face of data storage security, safe SQLite, XML, configuration file is provided, land the modes such as file encryption storage, rights management, and life cycle management, guarantee mobile terminal local datastore safety; Provide safe socket layer to Internet Transmission; and the multiple TSM Security Agent mode based on certificate; as the Socket(TCP/UDP of the HTTP encrypted transmission agency of safety, safety), thus protecting network transmission data security, request msg put distort, anti-repudiation.And apparatus management/control interface is provided, the wifi/ bluetooth of equipment is unified to control.Open a series of bottom safe interfaces, as certificate cipher key operation, as encryption and decryption, signature, sign test, P7 encapsulation, PKCS#11 standard interface, based on these basic security components, be incorporated into mail mobile terminal, network application mobile terminal, in mobile office software, guarantee the data security in identity security and verification process, and provide safety guarantee from being transferred to storage for network data and file data, and provide file security to browse, rights management, the ability of life cycle management, data encrypting and deciphering technology based on PKI system is the data security protecting solution of current comparative maturity, and be widely used in data security field, cryptological technique is incorporated in data message, that will be a qualitative leap for data information security industry.
Fig. 3 has shown overall framework figure of the present invention, and the equipment that whole system framework specifically comprises has:
Safe SDK: under PKI system, one can be carried out the development platform of certificate operation, support hardware authentication certificate, provides a series of assemblies about safety such as terminal encryption, channel management, certificate key, authentication, guarantees the safety of data message and authentication; A series of terminal management and control assemblies such as equipment control, traffic monitoring, screen locking control are provided, realize terminal equipment is unified to management and control; MOB system support assembly comprises encrypts SQLite3, system configuration (XML/Plist), Key card driving adapter, for upper layer application provides fast Development interface; SDK in this patent provides emphatically the interfaces such as authentication interface and data information security, for upper strata application call.
Master server: support Ldap server to synchronize with the account of AD domain server, server and safe SDK comprise alternately: user authenticates, policy distribution, log audit;
Database: for the pagefile of sqlite3, pagefile is encrypted and is deciphered, solved when data query and more new data whole table to be decrypted or by the inquiry mode of part field deciphering, improve operational efficiency, shielded again the security details to upper strata realization;
Mobile management control desk: a UI operation interface is provided, mobile terminal behavior and user are carried out to management and control, comprise user management, strategy configuration, log audit.
Fig. 4 has shown the flow for authenticating ID figure of mobile terminal.
The authentication process of this mobile terminal comprises:
1) mobile terminal is to server request random number;
2) server receives request, and returns to random number to mobile terminal;
3) mobile terminal is enumerated equipment;
4) mobile terminal is opened equipment;
5) mobile terminal is enumerated certificate;
6) checking PIN code, if authentication failed finishes checking, calls private key random number is signed if be proved to be successful;
7) signature result and public signature key certificate are sent to server;
8) server authentication public key certificate validity, if authentication failed finishes checking;
9) if be proved to be successful, certifying signature validity, authentication failed, finishes checking;
10) signature verification success, to mobile terminal return authentication result;
11) mobile terminal Receipt Validation result.
Above-mentioned authentication can, without public key certificate, can authenticate by the mode of preset key and algorithm, i.e. challenge-response mode.
Embodiment 1
Safety communicating method between a kind of mobile terminal is provided in embodiment 1.
As shown in Figure 5, it has shown the process of mobile terminal ciphered data information of the present invention.Data encryption process specifically comprises the following steps: mobile terminal upper level applications is called safe SDK enciphered data, import into after user's information and data message, safe SDK by according to user's information searching to user's PKI (if this locality does not exist, to server request user's PKI), then produce symmetric key in this locality, use symmetric key to be encrypted data, symmetric key is encrypted with user's PKI, the data of the symmetric key of encryption and encryption are assembled into digital envelope, finally digital envelope is turned back to mobile terminal upper level applications.
As shown in Figure 6, it has shown that mobile terminal receives and the process of data decryption information.Data receiver decrypting process comprises: mobile terminal upper level applications is called safe SDK data decryption, import encrypt data into safe SDK, safe SDK resolution digital envelope, parse active user's ciphertext symmetric key and encrypt data, use active user's certificate device private deciphering symmetric key, use expressly symmetric key decrypting ciphertext data, the clear data of deciphering is delivered to the security application of mobile terminal.
Embodiment 2
Secure e-mail communication means between a kind of mobile terminal is provided in embodiment 2.
Shown in the Fig. 7 of institute, it has shown that mobile terminal sends safely the overall framework figure of mail by SDK.
It comprises mail server, Mail Clients, safety management platform and database, wherein mail server is realized the transmitting-receiving of mail, client can be both fixing pc client, also can be mobile andriod/IOS client, integrated basic SDK in client, realize the authentication of mail and the function of data encryption/decryption, obtain the KEY of data encryption by network communication, client is by communicating by letter and realize authentication with safety management platform, obtaining of strategy and encrypted public key, safety management platform comprises safety service processing serviced component and WEB serviced component, it comprises respectively again authentication assembly, certificate management assembly, tactical management assembly, log audit assembly and front-end control platform, subscriber information management assembly, safety management platform is obtained data to relevant database communication, database function in database and accompanying drawing 3 is similar.
As shown in Figure 8, it has shown the process that mobile terminal is encrypted transmission mail, and this email encryption process comprises the following steps:
1) secure e-mail application program for mobile terminal starts to send mail;
2) secure e-mail application program for mobile terminal calls SDK ciphering signature interface, imports E-MAIL, mail reception person's list expressly into;
3) safe SDK obtains addressee's PKI according to mail reception person's list, if this locality does not have addressee's PKI, to mail security management platform request addressee PKI;
4) validity of checking addressee PKI;
5), after being verified, mail is signed with sender's private key;
6) use sender's certificate equipment to generate symmetric key privacy enhanced mail;
7) with addressee's PKI and urgent secret key encryption symmetric key and and ciphertext mail be packaged into digital envelope, be assembled into secure e-mail E-MAIL;
8) secure e-mail E-MAIL is returned to secure e-mail application program for mobile terminal;
9) secure e-mail application program for mobile terminal receives secure e-mail E-MAIL, and the E-MAIL of ciphertext is sent to mail server;
10) mail server receives secure e-mail E-MAIL.
As shown in Figure 9, it has shown the process of secure e-mail mobile terminal receiving and deciphering mail, and this process comprises the following steps:
1) secure e-mail application program for mobile terminal request receiving mail;
2) mail security management platform sends mail to secure e-mail application program for mobile terminal;
3) secure e-mail application program for mobile terminal receives safe ciphertext mail;
4) secure e-mail mobile terminal calls SDK and is decrypted, and SDK resolves mail E-MAIL, resolution digital envelope;
5) SDK calls addressee's private key deciphering symmetric key, uses symmetric key decrypting ciphertext mail;
6) in local cache, search sender's public key certificate;
7) if do not found in local cache, to mail server request sender public key certificate;
8) checking sender public key certificate validity;
9) after being verified, checking mail signature;
10) return to mail expressly and sign test result to secure e-mail application program for mobile terminal;
11) check mail.
Above-mentioned mobile terminal (secure e-mail mobile terminal) can be mobile phone, PDA, the various intelligent mobile terminal equipment such as removable computer.
By embodiments of the invention, after this SDK of third party's application call, can substantially avoid the relevant issues of data information security, comprise that authentication, data leak, apparatus management/control etc.Because the certificate in user's identity and hardware device is binding mutually.If there is no this hardware device, relevant people just can not check ciphered data information.Even if data message is monitored intercepting in transmission, but listener also has no idea data message to be decrypted, and makes its data that obtain without any meaning.
The foregoing is only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of doing, be equal to and replace and improvement etc., all should protect within protection scope of the present invention.
Claims (13)
1. the development approach based on application program for mobile terminal Secure Application, the method comprises the steps:
1) transmitting terminal is to server request random number, receiving after the random number of request, calling transmitting terminal private key signs to this random number, and signature result and public signature key certificate are sent to described server, this server carries out certificate validity checking sign test, return authentication result, if the verification passes, skips to step 2);
2) transmitting terminal is called safe SDK, and send user profile and data message to described SDK, described safe SDK obtains receiving terminal PKI according to described user profile, then produce symmetric key in this locality, and use this symmetric key to be encrypted the described data message receiving, adopt described receiving terminal PKI to be encrypted this symmetric key, encrypted symmetric key and data message are assembled into digital envelope, finally this digital envelope is turned back to transmitting terminal;
3) transmitting terminal sends above-mentioned digital envelope to receiving terminal;
4) described receiving terminal receives after described digital envelope, call described safe SDK, this safe SDK resolves described digital envelope, parses ciphertext symmetric key and encrypt data, use receiving terminal private key decrypting ciphertext symmetric key, use expressly symmetric key decrypting ciphertext data.
2. method according to claim 1, in described step 1), transmitting terminal is receiving after the random number of request, enumerate equipment, open equipment, enumerate certificate, then verify PIN code, if authentication failed finishes to verify flow process, if be proved to be successful, just continue follow-up verification step.
3. method according to claim 1, described step 2) described in safe SDK obtain described receiving terminal PKI according to described user profile and comprise: described safe SDK searches described receiving terminal PKI in this locality according to described user profile, if this locality does not exist, described user profile is sent to server, receive described receiving terminal PKI from described server.
4. method according to claim 1, described transmitting terminal and receiving terminal are respectively and send mail terminal and receive mail terminal, described server comprises mail security management platform and mail server, and described transmission mail terminal sends mail by this mail server to described reception mail terminal.
5. method according to claim 4, described step 2) in send mail terminal call described safe SDK, and send E-mail, mail reception person's list expressly to described safe SDK, described safe SDK obtains and receives mail terminal PKI according to this mail reception person's list, and verify the validity of this PKI, after being verified, to mail signature.
6. method according to claim 5, is used in described step 4) after plaintext symmetric key decrypting ciphertext data, needs checking to receive the validity of mail terminal PKI.
7. the development system based on application program for mobile terminal Secure Application, this system comprises: transmitting terminal, safe SDK, server, receiving terminal;
Transmitting terminal is to server request random number, receiving after the random number of request, calling transmitting terminal private key this random number is signed, and signature result and public signature key certificate are being sent to described server, this server carries out certificate validity checking sign test, return authentication result; Transmitting terminal is after authentication success, call safe SDK, and send user profile and data message to described SDK, described safe SDK obtains receiving terminal PKI according to described user profile, then produce symmetric key in this locality, and use this symmetric key to be encrypted the described data message receiving, adopt described receiving terminal PKI to be encrypted this symmetric key, encrypted symmetric key and data message are assembled into digital envelope, finally this digital envelope is turned back to transmitting terminal, transmitting terminal sends above-mentioned digital envelope to receiving terminal; Described receiving terminal receives after described digital envelope, call described safe SDK, this safe SDK resolves described digital envelope, parses ciphertext symmetric key and encrypt data, use receiving terminal private key decrypting ciphertext symmetric key, use expressly symmetric key decrypting ciphertext data.
8. system according to claim 7, transmitting terminal is receiving after the random number of request, enumerates equipment, opens equipment, enumerates certificate, then verify PIN code, if authentication failed finishes to verify flow process, if be proved to be successful, just continue follow-up verification step.
9. system according to claim 7, described safe SDK obtains described receiving terminal PKI according to described user profile and comprises: described safe SDK searches described receiving terminal PKI in this locality according to described user profile, if this locality does not exist, described user profile is sent to server, receive described receiving terminal PKI from described server.
10. system according to claim 7, described transmitting terminal and receiving terminal are respectively and send mail terminal and receive mail terminal, described server comprises mail security management platform and mail server, and described transmission mail terminal sends mail by this mail server to described reception mail terminal.
11. systems according to claim 10, described transmission mail terminal calls described safe SDK, and send E-mail, mail reception person's list expressly to described safe SDK, described safe SDK obtains and receives mail terminal PKI according to this mail reception person's list, and verify the validity of this PKI, after being verified, to mail signature.
12. systems according to claim 10, described safe SDK uses after plaintext symmetric key decrypting ciphertext data, needs checking to receive the validity of mail terminal PKI.
13. systems according to claim 7, this system also comprises a database, for being encrypted and deciphering for the pagefile of sqlite3.14. systems according to claim 13, this system also comprises a mobile management control desk, and a UI operation interface is provided, and mobile terminal behavior and user are carried out to management and control, comprises user management, strategy configuration, log audit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410062383.5A CN103812871B (en) | 2014-02-24 | 2014-02-24 | Development method and system based on mobile terminal application program security application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410062383.5A CN103812871B (en) | 2014-02-24 | 2014-02-24 | Development method and system based on mobile terminal application program security application |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103812871A true CN103812871A (en) | 2014-05-21 |
| CN103812871B CN103812871B (en) | 2017-03-22 |
Family
ID=50709072
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410062383.5A Active CN103812871B (en) | 2014-02-24 | 2014-02-24 | Development method and system based on mobile terminal application program security application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103812871B (en) |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104679816A (en) * | 2014-12-17 | 2015-06-03 | 北京可思云海科技有限公司 | Application method of SQLITE database in embedded system |
| CN105337965A (en) * | 2015-10-10 | 2016-02-17 | 浪潮(北京)电子信息产业有限公司 | Data acquisition method and device |
| CN105915342A (en) * | 2016-07-01 | 2016-08-31 | 广州爱九游信息技术有限公司 | Application program communication processing system, an application program communication processing device, an application program communication processing apparatus and an application program communication processing method |
| CN106055931A (en) * | 2016-05-18 | 2016-10-26 | 北京芯盾时代科技有限公司 | Software security component system of mobile terminal and secret key system used for system |
| CN106453431A (en) * | 2016-12-19 | 2017-02-22 | 四川长虹电器股份有限公司 | Method for realizing Internet intersystem authentication based on PKI |
| CN106789092A (en) * | 2017-02-28 | 2017-05-31 | 河源弘稼农业科技有限公司 | Cipher key transmission methods, cipher key delivery device, server and communication equipment |
| CN106888183A (en) * | 2015-12-15 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Data encryption, decryption, the method and apparatus and system of key request treatment |
| CN107038590A (en) * | 2017-03-21 | 2017-08-11 | 阿里巴巴集团控股有限公司 | Show the implementation method and device of user profile |
| CN107508796A (en) * | 2017-07-28 | 2017-12-22 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
| CN107633402A (en) * | 2017-09-14 | 2018-01-26 | 深圳市华付信息技术有限公司 | A kind of method and its system for being used to polymerize certification |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| CN107733646A (en) * | 2017-11-30 | 2018-02-23 | 中国联合网络通信集团有限公司 | Encryption method, decryption method and encrypting and decrypting system |
| CN107994995A (en) * | 2017-11-29 | 2018-05-04 | 深圳市文鼎创数据科技有限公司 | A kind of method of commerce, system and the terminal device of lower security medium |
| CN109450881A (en) * | 2018-10-26 | 2019-03-08 | 天津海泰方圆科技有限公司 | A kind of data transmission system, method and device |
| CN109639407A (en) * | 2018-12-28 | 2019-04-16 | 浙江神州量子通信技术有限公司 | A method of information is encrypted and decrypted based on quantum network |
| CN105208024B (en) * | 2015-09-22 | 2019-08-20 | 深圳市金溢科技股份有限公司 | Without using the data safe transmission method and system of HTTPS, client and server-side |
| CN110493212A (en) * | 2019-08-13 | 2019-11-22 | 上海威尔立杰网络科技发展有限公司 | A kind of general purpose mail End to End Encryption method |
| CN111242768A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Credit card information security obtaining method, device and system |
| CN111431719A (en) * | 2020-04-20 | 2020-07-17 | 山东确信信息产业股份有限公司 | Mobile terminal password protection module, mobile terminal and password protection method |
| CN111464554A (en) * | 2020-04-13 | 2020-07-28 | 浙江吉利新能源商用车集团有限公司 | Vehicle information safety control method and system |
| CN111506910A (en) * | 2020-04-15 | 2020-08-07 | 上海数禾信息科技有限公司 | Database encryption method and device |
| CN111639350A (en) * | 2020-05-16 | 2020-09-08 | 中信银行股份有限公司 | Cipher service system and encryption method |
| CN111797378A (en) * | 2020-07-06 | 2020-10-20 | 遵义科晟云达科技有限公司 | Multiple identity management authentication platform of people's society information |
| CN111930763A (en) * | 2020-07-29 | 2020-11-13 | 浙江德迅网络安全技术有限公司 | Network security protection method for encrypted https protocol |
| CN112134843A (en) * | 2020-08-19 | 2020-12-25 | 南京信息职业技术学院 | Authentication method of Internet of things equipment |
| CN112751672A (en) * | 2020-12-30 | 2021-05-04 | 上海微波技术研究所(中国电子科技集团公司第五十研究所) | Multi-parameter-based adaptive data encryption protection method and system |
| CN113434884A (en) * | 2021-06-30 | 2021-09-24 | 青岛海尔科技有限公司 | Encryption method and decryption method for configuration file and related devices |
| CN113709696A (en) * | 2021-08-13 | 2021-11-26 | 支付宝(杭州)信息技术有限公司 | Vehicle remote control method and device and key initialization method and device |
| CN113904848A (en) * | 2021-10-09 | 2022-01-07 | 天翼物联科技有限公司 | Method and system for downloading certificate and secret key of terminal of Internet of things |
| CN114338091A (en) * | 2021-12-08 | 2022-04-12 | 杭州逗酷软件科技有限公司 | Data transmission method and device, electronic equipment and storage medium |
| CN114500003A (en) * | 2021-12-31 | 2022-05-13 | 广东省电信规划设计院有限公司 | Cloud admission authentication method, device and system for light-weight ubiquitous power Internet of things terminal |
| CN114567425A (en) * | 2020-11-27 | 2022-05-31 | 中国电信股份有限公司 | Internet of things communication method and system, SoC Sim and Internet of things terminal |
| CN114785514A (en) * | 2022-03-23 | 2022-07-22 | 国网上海能源互联网研究院有限公司 | Method and system for authorizing application permission of industrial Internet of things terminal |
| WO2023279698A1 (en) * | 2021-07-05 | 2023-01-12 | 平安科技(深圳)有限公司 | Data transmission method and system, computer device and storage medium |
| CN118171326A (en) * | 2024-05-15 | 2024-06-11 | 杭州芯控智能科技有限公司 | IoC-based distributed data security management method, system and readable storage medium |
| CN118250079A (en) * | 2024-04-17 | 2024-06-25 | 数盾信息科技股份有限公司 | Multi-terminal application data secure transmission method, device and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101257381A (en) * | 2008-03-25 | 2008-09-03 | 中兴通讯股份有限公司 | Software protecting method of terminal equipment as well as terminal equipment with software protecting function |
| CN101309139A (en) * | 2007-05-15 | 2008-11-19 | 盛大计算机(上海)有限公司 | License authentication system |
| US20090293118A1 (en) * | 2008-05-21 | 2009-11-26 | Mei Yan | Systems for authentication for access to software development kit for a peripheral device |
| CN102089765A (en) * | 2008-05-21 | 2011-06-08 | 桑迪士克公司 | Authentication for access to software development kit for a peripheral device |
| CN102571693A (en) * | 2010-12-07 | 2012-07-11 | 中国移动通信集团公司 | Capability safety calling method, device and system |
| CN103559040A (en) * | 2013-11-12 | 2014-02-05 | 厦门卓讯信息技术有限公司 | System and method based on SDK for rapidly building mobile internet application module |
-
2014
- 2014-02-24 CN CN201410062383.5A patent/CN103812871B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101309139A (en) * | 2007-05-15 | 2008-11-19 | 盛大计算机(上海)有限公司 | License authentication system |
| CN101257381A (en) * | 2008-03-25 | 2008-09-03 | 中兴通讯股份有限公司 | Software protecting method of terminal equipment as well as terminal equipment with software protecting function |
| US20090293118A1 (en) * | 2008-05-21 | 2009-11-26 | Mei Yan | Systems for authentication for access to software development kit for a peripheral device |
| CN102089765A (en) * | 2008-05-21 | 2011-06-08 | 桑迪士克公司 | Authentication for access to software development kit for a peripheral device |
| CN102571693A (en) * | 2010-12-07 | 2012-07-11 | 中国移动通信集团公司 | Capability safety calling method, device and system |
| CN103559040A (en) * | 2013-11-12 | 2014-02-05 | 厦门卓讯信息技术有限公司 | System and method based on SDK for rapidly building mobile internet application module |
Cited By (51)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104679816B (en) * | 2014-12-17 | 2018-02-06 | 上海彩亿信息技术有限公司 | A kind of SQLITE database application methods under embedded system |
| CN104679816A (en) * | 2014-12-17 | 2015-06-03 | 北京可思云海科技有限公司 | Application method of SQLITE database in embedded system |
| CN105208024B (en) * | 2015-09-22 | 2019-08-20 | 深圳市金溢科技股份有限公司 | Without using the data safe transmission method and system of HTTPS, client and server-side |
| CN105337965A (en) * | 2015-10-10 | 2016-02-17 | 浪潮(北京)电子信息产业有限公司 | Data acquisition method and device |
| CN106888183A (en) * | 2015-12-15 | 2017-06-23 | 阿里巴巴集团控股有限公司 | Data encryption, decryption, the method and apparatus and system of key request treatment |
| CN106055931A (en) * | 2016-05-18 | 2016-10-26 | 北京芯盾时代科技有限公司 | Software security component system of mobile terminal and secret key system used for system |
| CN105915342A (en) * | 2016-07-01 | 2016-08-31 | 广州爱九游信息技术有限公司 | Application program communication processing system, an application program communication processing device, an application program communication processing apparatus and an application program communication processing method |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| CN106453431B (en) * | 2016-12-19 | 2019-08-06 | 四川长虹电器股份有限公司 | The method authenticated between internet system is realized based on PKI |
| CN106453431A (en) * | 2016-12-19 | 2017-02-22 | 四川长虹电器股份有限公司 | Method for realizing Internet intersystem authentication based on PKI |
| CN106789092A (en) * | 2017-02-28 | 2017-05-31 | 河源弘稼农业科技有限公司 | Cipher key transmission methods, cipher key delivery device, server and communication equipment |
| CN107038590A (en) * | 2017-03-21 | 2017-08-11 | 阿里巴巴集团控股有限公司 | Show the implementation method and device of user profile |
| CN107508796A (en) * | 2017-07-28 | 2017-12-22 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
| CN107508796B (en) * | 2017-07-28 | 2019-01-04 | 北京明朝万达科技股份有限公司 | A kind of data communications method and device |
| CN107633402A (en) * | 2017-09-14 | 2018-01-26 | 深圳市华付信息技术有限公司 | A kind of method and its system for being used to polymerize certification |
| WO2019052195A1 (en) * | 2017-09-14 | 2019-03-21 | 深圳市华付信息技术有限公司 | Aggregation authentication method and system |
| CN107994995A (en) * | 2017-11-29 | 2018-05-04 | 深圳市文鼎创数据科技有限公司 | A kind of method of commerce, system and the terminal device of lower security medium |
| CN107733646A (en) * | 2017-11-30 | 2018-02-23 | 中国联合网络通信集团有限公司 | Encryption method, decryption method and encrypting and decrypting system |
| CN109450881A (en) * | 2018-10-26 | 2019-03-08 | 天津海泰方圆科技有限公司 | A kind of data transmission system, method and device |
| CN109639407A (en) * | 2018-12-28 | 2019-04-16 | 浙江神州量子通信技术有限公司 | A method of information is encrypted and decrypted based on quantum network |
| CN110493212A (en) * | 2019-08-13 | 2019-11-22 | 上海威尔立杰网络科技发展有限公司 | A kind of general purpose mail End to End Encryption method |
| CN111242768A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Credit card information security obtaining method, device and system |
| CN111464554B (en) * | 2020-04-13 | 2022-03-15 | 浙江吉利新能源商用车集团有限公司 | Vehicle information safety control method and system |
| CN111464554A (en) * | 2020-04-13 | 2020-07-28 | 浙江吉利新能源商用车集团有限公司 | Vehicle information safety control method and system |
| CN111506910A (en) * | 2020-04-15 | 2020-08-07 | 上海数禾信息科技有限公司 | Database encryption method and device |
| CN111506910B (en) * | 2020-04-15 | 2023-06-06 | 上海数禾信息科技有限公司 | Database encryption method and device |
| CN111431719A (en) * | 2020-04-20 | 2020-07-17 | 山东确信信息产业股份有限公司 | Mobile terminal password protection module, mobile terminal and password protection method |
| CN111639350A (en) * | 2020-05-16 | 2020-09-08 | 中信银行股份有限公司 | Cipher service system and encryption method |
| CN111639350B (en) * | 2020-05-16 | 2023-01-31 | 中信银行股份有限公司 | Cipher service system and encryption method |
| CN111797378A (en) * | 2020-07-06 | 2020-10-20 | 遵义科晟云达科技有限公司 | Multiple identity management authentication platform of people's society information |
| CN111930763A (en) * | 2020-07-29 | 2020-11-13 | 浙江德迅网络安全技术有限公司 | Network security protection method for encrypted https protocol |
| CN112134843A (en) * | 2020-08-19 | 2020-12-25 | 南京信息职业技术学院 | Authentication method of Internet of things equipment |
| CN112134843B (en) * | 2020-08-19 | 2023-10-13 | 南京信息职业技术学院 | Authentication method of Internet of things equipment |
| CN114567425B (en) * | 2020-11-27 | 2024-02-02 | 中国电信股份有限公司 | Internet of things communication method and system, soC Sim and Internet of things terminal |
| CN114567425A (en) * | 2020-11-27 | 2022-05-31 | 中国电信股份有限公司 | Internet of things communication method and system, SoC Sim and Internet of things terminal |
| CN112751672A (en) * | 2020-12-30 | 2021-05-04 | 上海微波技术研究所(中国电子科技集团公司第五十研究所) | Multi-parameter-based adaptive data encryption protection method and system |
| CN112751672B (en) * | 2020-12-30 | 2022-11-11 | 上海微波技术研究所(中国电子科技集团公司第五十研究所) | Multi-parameter-based adaptive data encryption protection method and system |
| CN113434884A (en) * | 2021-06-30 | 2021-09-24 | 青岛海尔科技有限公司 | Encryption method and decryption method for configuration file and related devices |
| WO2023279698A1 (en) * | 2021-07-05 | 2023-01-12 | 平安科技(深圳)有限公司 | Data transmission method and system, computer device and storage medium |
| CN113709696A (en) * | 2021-08-13 | 2021-11-26 | 支付宝(杭州)信息技术有限公司 | Vehicle remote control method and device and key initialization method and device |
| CN113709696B (en) * | 2021-08-13 | 2023-12-29 | 支付宝(杭州)信息技术有限公司 | Vehicle remote control method and device, and key initialization method and device |
| CN113904848B (en) * | 2021-10-09 | 2023-08-04 | 天翼物联科技有限公司 | Certificate and key downloading method and system of terminal of Internet of things |
| CN113904848A (en) * | 2021-10-09 | 2022-01-07 | 天翼物联科技有限公司 | Method and system for downloading certificate and secret key of terminal of Internet of things |
| CN114338091A (en) * | 2021-12-08 | 2022-04-12 | 杭州逗酷软件科技有限公司 | Data transmission method and device, electronic equipment and storage medium |
| CN114338091B (en) * | 2021-12-08 | 2024-05-07 | 杭州逗酷软件科技有限公司 | Data transmission method, device, electronic equipment and storage medium |
| CN114500003A (en) * | 2021-12-31 | 2022-05-13 | 广东省电信规划设计院有限公司 | Cloud admission authentication method, device and system for light-weight ubiquitous power Internet of things terminal |
| CN114500003B (en) * | 2021-12-31 | 2023-12-26 | 广东省电信规划设计院有限公司 | Cloud access authentication method, device and system for lightweight ubiquitous power internet of things terminal |
| CN114785514A (en) * | 2022-03-23 | 2022-07-22 | 国网上海能源互联网研究院有限公司 | Method and system for authorizing application permission of industrial Internet of things terminal |
| CN114785514B (en) * | 2022-03-23 | 2023-11-14 | 国网上海能源互联网研究院有限公司 | Method and system for application license authorization of industrial Internet of things terminal |
| CN118250079A (en) * | 2024-04-17 | 2024-06-25 | 数盾信息科技股份有限公司 | Multi-terminal application data secure transmission method, device and system |
| CN118171326A (en) * | 2024-05-15 | 2024-06-11 | 杭州芯控智能科技有限公司 | IoC-based distributed data security management method, system and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103812871B (en) | 2017-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103812871B (en) | Development method and system based on mobile terminal application program security application | |
| US10595201B2 (en) | Secure short message service (SMS) communications | |
| US11741461B2 (en) | Method for performing non-repudiation, and payment managing server and user device therefor | |
| CN101720071B (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| CA2879910C (en) | Terminal identity verification and service authentication method, system and terminal | |
| CN103297403A (en) | Method and system for achieving dynamic password authentication | |
| CN101466079A (en) | Method, system and WAPI terminal for transmitting e-mail | |
| CN101247605A (en) | Short information enciphering and endorsement method, mobile terminal and short information ciphering system | |
| CN104412273A (en) | Method and system for activation | |
| CN105025019A (en) | Data safety sharing method | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| CN104253801A (en) | Method, device and system for realizing login authentication | |
| CN102404337A (en) | Data encryption method and device | |
| CN104486087A (en) | Digital signature method based on remote hardware security modules | |
| CN103428077A (en) | Method and system for safely receiving and sending mails | |
| CN103078743A (en) | E-mail IBE (Internet Booking Engine) encryption realizing method | |
| KR101358375B1 (en) | Prevention security system and method for smishing | |
| CN103916834A (en) | Short message encryption method and system allowing user to have exclusive secret key | |
| KR101680536B1 (en) | Method for Service Security of Mobile Business Data for Enterprise and System thereof | |
| CN117082501A (en) | Mobile terminal data encryption method | |
| CN102404363B (en) | A kind of access method and device | |
| CN111698203A (en) | Cloud data encryption method | |
| CN116528230A (en) | Verification code processing method, mobile terminal and trusted service system | |
| KR102053993B1 (en) | Method for Authenticating by using Certificate | |
| Yazdanpanah et al. | Secure SMS Method Based on Social Networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100097 Beijing city Haidian District landianchang Road No. 25 North International Building Jiayou two layer Applicant after: Beijing Mingchaowanda Technology Co., Ltd. Address before: 100088 Beijing city Haidian District Zhichun Road Tai Yue Park 3 Building 6 layer Applicant before: Beijing Wonder-soft Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wang Zhihua Inventor after: Peng Hongtao Inventor after: Zhang Shuai Inventor after: Xian Henan Inventor after: Yu Bo Inventor before: Zhang Shuai Inventor before: Xian Henan Inventor before: Yu Bo Inventor before: Wang Zhihua |