CN104133670A - Intelligent terminal security GUI (Graphical User Interface) generation method on the basis of virtual isolation technology - Google Patents
Intelligent terminal security GUI (Graphical User Interface) generation method on the basis of virtual isolation technology Download PDFInfo
- Publication number
- CN104133670A CN104133670A CN201410305234.7A CN201410305234A CN104133670A CN 104133670 A CN104133670 A CN 104133670A CN 201410305234 A CN201410305234 A CN 201410305234A CN 104133670 A CN104133670 A CN 104133670A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- application
- application program
- security
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- User Interface Of Digital Computer (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an intelligent terminal security GUI (Graphical User Interface) generation method on the basis of a virtual isolation technology. The method comprises the following steps: 1) a virtual machine monitor divides a system into a plurality of isolated virtual machines which comprise a system virtual machine provided with a security label module and application virtual machines of different security levels; 2) a package manager is divided into a front-end package installer operating in the application virtual machines and a security level manager positioned in the system virtual machine; 3) when an application program is installed, the package manager sends the analysis information of the application program to the security label module to increase security level information and expand the security level information to security analysis information (sLevel, sSign); 4) the security level manager sends an installation instruction to the front-end package installer in the application virtual machines for installation according to a sLevel value; and 5) the system virtual machine carries out interface drawing to the application program on an GUP according to the sSign.
Description
Technical field:
The invention belongs to terminal security field, relate generally to the security of system of terminal, more properly relate to the safe GUI of a kind of intelligent terminal system based on virtual isolation technology (graphic user interface) generation method.The method, based on virtual isolation technology, for intelligent terminal system has increased safety instruction in safety starter and application, is expanded the original user interactive system of intelligent terminal, has provided the safe enhanced scheme of GUI of intelligent terminal operating system.
Background technology:
Universal and the becoming increasingly abundant of intelligent terminal application of intelligent terminal enriched the mode of people's obtaining informations greatly, and the Working Life daily for people brings great convenience.But miscellaneous Malware has also brought great potential safety hazard to intelligent terminal.Thereby assailant obtains unlawful interests by Malware user cheating, cause user to suffer huge loss.The attack pattern of Malware mainly contains two kinds: utilize leak to destroy other programs and pass through user cheating steal information.Malware has restricted the universal of intelligent terminal, and is directly connected to people's property safety and communication security.The security study of intelligent terminal system is significant for restriction Malware.GUI system in intelligent terminal system, as the part of direct in system and user interactions, is occupied critical role in ensureing intelligent terminal system security.
Android operating system mainly relies on application market, License Management and application isolation to carry out preventing malice software at present.Wherein application market can guarantee to a certain extent by review mechanism the security of application.But owing to being subject to the impact in a large amount of third parties market, and the safety guarantee that the hysteresis quality application market of processing safety problem own provides is very limited.The permissive mechanism access rights that reminding user application needs to a certain extent, but its problem that exists in actual applications License Management and user to beyond one's depth.Application isolation provides active data safety precautions, but shares effective isolation scheme is not provided for the assembly of Android itself.
With respect to traditional PC, miscellaneous open source operating system is that mobile Internet has brought safely more problem and hidden danger, and the subject matter of these operating systems is that they can not effectively be isolated in a plurality of programs of moving on same physical machine.When certain assembly of a system is invaded, operating system is difficult to user application and the data of other parts of protection and is not encroached on.This situation is because architecture design defect causes, and such as the operating system API of overcomplicated, unsafe graphic user interface (GUI) design and the single kernel adopting are tied.At present, the safety practice that mainstream operation system adopts is that known System Security Vulnerability issue patch is upgraded, but this measure is not only difficult to cover large-scale user, and very ineffective.Because this class security patch can only protection system not encroached on by system vulnerability known, main flow, very limited for new leak effect.
At present, the virtual isolation technology that is widely used in server and desktop end allows the container of isolating by establishment to guarantee security of system.Virtual isolation technology, by program is isolated in different virtual machines and moved, effectively guarantees the isolation of application program.Xen, as the monitor of virtual machine of current main flow, is used widely at server end, and the secure operating system Qubes of desktop end based on Xen also gets the attention.As the secure operating system of desktop end, Qubes has realized a set of safe GUI based on virtual isolation technology, and the mechanism for user provides application security hierarchical management and demonstration, has promoted the security of user privacy information greatly.There is at present scientific research institution of enterprise that virtual isolation technology is transplanted on intelligent terminal and is guaranteed security of system to comprise XenARM and Emmbedded Xen monitor of virtual machine project.These schemes have only realized on an intelligent terminal and have moved a plurality of operating system, and the problem of its existence is mainly separation and the displaying scheme that graphical interface of user is not provided.
Summary of the invention
The technical matters existing for prior art, the object of the present invention is to provide a kind of safe GUI of intelligent terminal generation method based on virtual isolation technology.The method has proposed to meet the safe GUI of intelligent terminal feature, for intelligent terminal system provides special protection.The method relates to following three links: (1) according to intelligent terminal interactive features, Android system architecture design safety GUI scheme; (2) the safety label module that design realizes based on Android package manager; (3) the safe display module that design realizes based on Android display system.
Technical scheme of the present invention is:
A kind of safe GUI of intelligent terminal generation method based on virtual isolation technology, the steps include:
1) virtual machine that monitor of virtual machine is a plurality of isolation by system divides, comprises some application virtual machines of a system virtual machine and different level of securitys; Described system virtual machine is that application virtual machine is set up the file system of isolation mutually described in each; In described system virtual machine, be provided with safety label module;
2) package manager is divided into the front end bag erector running in described application virtual machine and the safe class manager that is arranged in described system virtual machine; Front end bag erector is communicated by letter by shared drive with safe class manager;
3) when an application program is installed, described package manager sends to described safety label module by the resolving information of this application program;
4) described safety label module, for this resolving information increases level of security information, is expanded to security solution information: represent the sLevel of safe class data value and the identifier sSign that points to safe class marking image resource;
5) described safe class manager sends to the front end bag erector in corresponding level of security application virtual machine according to this sLevel value by instruction is installed, and this application program is installed;
6) described system virtual machine carries out interface drafting to this application program according to this identifier sSign on the graphic user interface GUI of described system virtual machine.
Further, a safe display module is set in described system virtual machine, for receiving the modification information of application security grade; Described system virtual machine carries out interface drafting to this application program again according to amended safe class, and in this application program the application virtual machine from current application virtual machine (vm) migration to corresponding level of security.
Further, when an application program a moves to Another Application virtual machine B from an application virtual machine A, its moving method is:
31) described safe class device sends migration instruction by shared drive to the front end bag erector in this application virtual machine A;
32) this front end bag erector obtains the document location of this application program a and deletes the mount message of this application program a in application virtual machine A;
33) package manager moves the file of this application program a in application virtual machine B, and in application virtual machine B, registers this application program a by front end bag erector.
Further, described safe display module comprises that safety starter and safety show service two parts; Described safety starter is used for listing mounted application program, and before user carries out start-up operation the safe class of prompting application program, and to user, provide the entrance that application safety grade is set; Security information prompting when described safety shows service for application program operation, the security information of display application program.
Further, the method that security information prompting is carried out in described safety demonstration service is:
51), during user launches application, described safety starter sends the title of current application program to the security service of bottom;
52) security service is inquired about the level of security of this application program according to the title of this application program to described safety label module;
53) described security service, by the level of security information of receiving to window manager, is plotted to a new figure layer by window manager by this level of security information; This new figure layer is positioned on original display interface.
Further, bonding driving Binder is divided into the Binder front-end driven running in described application virtual machine and runs on the Binder rear end driving in described system virtual machine; Described Binder front-end driven is responsible for and interapplication communications, and data are passed to described Binder rear end by described monitor of virtual machine drives.
Further, the method that described system virtual machine carries out interface drafting to this application program is:
71) content that the window manager in described application virtual machine will show this application program of drafting sends to the described Binder front-end driven on this application virtual machine;
72) the shared drive mechanism that the demonstration data that described Binder front-end driven will be transmitted provide by described monitor of virtual machine passes to the described Binder rear end that is positioned at system virtual machine and drives;
73) driving of described Binder rear end passes to described system virtual machine by these demonstration data and completes interface drafting.
Compared with prior art, good effect of the present invention:
For intelligent terminal system safety problem, the present invention has designed the safe GUI scheme based on Xen monitor of virtual machine and the realization of Android system, and its advantage is as follows:
1) in Android system, introduce safety label module, on the basis of the original bag management system of compatible Android, for system has increased the concept of level of security.The level of security that safety label module proposes is abstract at application framework layer as virtual machine, effectively connected the virtual isolation mech isolation test of bottom and the display system of safe GUI, for virtual isolation technology provides good support in representing of GUI layer.
2) transplantation Project of the display subsystem Surface that has designed Android on Xen.The interprocess communication of the Android mainly mechanism of the Binder based on bottom (mechanism of attachment) realizes, and it is the proprietary a kind of inter-process communication mechanisms of Android system.In Android system, Binder mechanism is to realize as a kind of special character type equipment, is positioned at/dev/binder.The Binder rear end that bonding driving (Binder driving) is divided into the Binder front-end driven running in application virtual machine and runs in system virtual machine drives, the Binder front-end driven that is arranged in application virtual machine is responsible for and interapplication communications, and data are passed to the Binder rear end that is arranged in GUI territory by monitor of virtual machine drives.Binder rear end drives and to receive data by monitor of virtual machine, and passes to the demonstration service that is arranged in safe GUI territory, has realized between the territory of Surface subsystem demonstration data and having transmitted.
3), on the basis of the original starter of Android system, design has safe class prompting and the safety starter of function is set.Safety starter has retained basic display pattern and the original operating habit of user of the primary starter of Android, and the rescue bag information realization providing based on safety label module the safety prompting function before starting.
4) the safety instruction service based on described and clean boot provide the safety instruction in application for Android system, and the whole life cycle that user is positioned in terminal in application can obtain safety instruction.
Accompanying drawing explanation
Fig. 1 is safe GUI reference model figure;
Fig. 2 is enforceable safe GUI illustraton of model;
Fig. 3 is expanding packet management system Organization Chart;
Fig. 4 is for installing the establishing method figure of application stage safe class;
Fig. 5 is the establishing method figure of safe class after installing;
Fig. 6 is the transition graph being applied between virtual machine;
Fig. 7 is safe display module figure;
Fig. 8 is for drawing interface process flow diagram;
Fig. 9 is clean boot machine interface figure;
Figure 10 is safety instruction Organization Chart in the application based on system service;
Figure 11 is safety instruction figure in the application based on system service.
Embodiment
Below in conjunction with accompanying drawing, the present invention is explained in further detail; The present invention relates to following three links: (1) according to intelligent terminal interactive features, Android system architecture design safety GUI scheme; (2) the safety label module that design realizes based on Android package manager; (3) the safe display module that design realizes based on Android display system.
(1) the safe GUI based on Xen monitor of virtual machine;
At present, the virtual isolation technology that is widely used in server and desktop end allows the container of isolating by establishment to guarantee security of system.These containers that are called as virtual machine can provide than better isolation between operating system process.
Described safe GUI adopts virtual isolation technology; from system architecture aspect, realize the isolation of application and system user graphical interfaces; assurance system figure interface subsystem is not subject to the impact of Malware invasion; simultaneously; realization is towards the safe GUI prompting user application safety grade prompting of intelligent terminal, protection user's personal secrets.
Safe GUI reference model after described improvement as shown in Figure 1.Framework mainly comprises three levels: hardware layer, virtual machine monitor layer and virtual machine layer.
Wherein, hardware layer is mainly the display device of intelligent terminal.The virtual machine that monitor of virtual machine is a plurality of isolation by system divides, virtual machine is divided into system virtual machine and application virtual machine, system virtual machine is mainly in charge of the authority of system resource and application virtual machine, only have system virtual machine to have the authority of direct access hardware devices, other application virtual machines depend on system virtual machine and hardware communications.Application virtual machine is used for running application, and a system can have a plurality of application virtual machines, and they are endowed different level of securitys.The application of safety runs in safe virtual machine, and non-security application runs in different non-security virtual machines according to its safe class.
The system virtual machine of security of operation GUI is called as safe GUI territory, and it has the authority that direct access hardware devices drives.The isolation mech isolation test that safe GUI territory utilizes monitor of virtual machine to provide, isolates self and application virtual machine, even if application virtual machine is destroyed by Malware, system still can guarantee the safety in safe GUI territory.
An enforceable safe GUI system architecture as shown in Figure 2.System adopts XenARM as monitor of virtual machine, and Android system is as object operating system.Safe GUI is run in the management domain Dom0 of XenARM, only have Dom0 to have the authority of direct access hardware, system utilizes XenARM to provide between application virtual machine DomU and system virtual machine Dom0 and the isolation between application virtual machine.
(2) towards the safety label module of Android system;
The prompting of safe class and the safety label module that function depends on realization is set in Android GUI system.Safety label module offers safe display module by the application message running in different level of security virtual machines.Safety label module mainly realizes two functions: when application is installed, this application is carried out to safety label, and in the whole life cycle that application is positioned at terminal, safety label is managed.
A concrete embodiment of described safety label module is that the package manager of expansion Android system is realized safety label function.Add the package manager of safety label module to be called expanding packet manager.Safety label module adds after safety level information, for the safety instruction in safe GUI provides the Data support of bottom.Research will add the bag management information of safety level information to be called rescue bag management information, it when extra security information is provided, compatible original operation for Android package manager.For the enhancing of security, the mechanism such as safety based on safe GUI design realize rescue bag management information, for GUI provides different display modes for different application programs, provide support.
The framework of expanding packet manager is as shown in Figure 3: it mainly comprises front end bag erector and safe class manager two parts.Front end bag erector is arranged in application virtual machine, is responsible for installation and the startup of application program; Safe class manager is arranged in GUI territory (being system virtual machine), is in charge of setting, modification and the inquiry of the safe class of applying in each application domain.Front end bag erector is communicated by letter by shared drive with safe class manager.
The flow process that expanding packet manager is installed application is as shown in Figure 4: the installation file that 1) expanding packet manager is resolved Android application is to obtain package informatin (PackageInfo) and the resolving information (ResolveInfo) of application; 2) safety label module is that resolving information (ResolveInfo) increases level of security information (SecureLevel) correlation values, expanded to security solution information (SecureResolveInfo), follow-up safety label module reads security solution information, is shown in system user interface GUI.Level of security information (SecureLevel) structure that expansion adds comprises two parts: represent the sLevel of safe class data value and the identifier sSign that points to safe class marking image resource.Wherein sLevel is by user according to specifying the trusting degree of application, and sSign provides unified display mode by system according to different level of securitys.3) front end bag erector is installed to application in the virtual machine of corresponding level of security.Be arranged in and specify the front end bag erector of application virtual machine to communicate by letter with system virtual machine by shared drive, after the installation instruction of receiving system virtual machine, in application virtual machine, complete installation and the registration of application program.Install identical with the process of wrapping erector installation and registered application in the process of registered application and a common Android system.
The realization of expanding packet manager administration application safety grade as shown in Figure 5.After application program is installed, can revise in any stage the safe class of application program.User modifies to safe class by the graphical interfaces based on expanding packet management system.After modification, expanding packet manager migrate application moves in the virtual machine of corresponding level of security, the safety instruction before system adopts new safe class to support the application start of safe GUI and while moving.
Described expanding packet manager migrate application is that the management domain Dom0 based on Xen monitor of virtual machine realizes.System virtual machine is the file system that different application domains has been set up mutual isolation as shown in Figure 6, each application domain can only be in corresponding file system enterprising line operate.Dom0 has the authority of reading and writing all application domain file system as management domain, the migration of application utilizes file system to realize by the expanding packet manager that runs on Dom0.
The flow process of application migration is as follows: 1) the safe class manager of expanding packet manager receives the application safety rank variation instruction of being sent by safe display module; 2) shared drive that safe class manager provides by Xen sends instruction to the front end bag erector in the application virtual machine at application place; 3) front end bag erector obtains document location corresponding to application and deletes the mount message of this application in corresponding application virtual machine; 4) expanding packet manager is to the file of migrate application program in intended application virtual machine, and in intended application virtual machine, registers this application program by front end bag erector.
(3) safety realizing based on Android display system shows;
The application resource of end-user interface is presented at PC end and is mainly that to take desktop be main display system, at intelligent terminal, mainly take application launcher as main.The safe display module of safe GUI is the main part of whole safe GUI.It is also responsible for providing a set of safe graphical interfaces, the security information of pointing out user to apply to user.
The position of described safe display module in safe GUI as shown in Figure 7.Safe display module bottom mainly depends on the display subsystem of safety label module in GUI territory and Android and realizes.Safety label module provides the support of safe class associative operation for safe display module, and the display subsystem of Android is responsible for the application from different virtual machine to carry out the drafting at interface.
In Android system, the Presentation Function of bottom is provided by the display subsystem (Surface subsystem) of Android.Safe GUI subsystem configuration after described expansion as shown in Figure 8.Safe GUI display subsystem after expansion runs in application virtual machine and two, GUI territory virtual machine.The drawing of all UI assemblies in Activity all will realize on a block cache, and its operation is realized based on Surface type.This block cache operates by the variable of a Surface type.Once typically draw interface flow process as shown in Figure 8:
1.Window passes to Surface session by the demonstration data of Android Application Program Interface assembly.
2.Surface session communicates with the Binder front end that is arranged in application virtual machine, and the demonstration data that will transmit forward by Binder.
3.Binder front-end driven utilizes the shared drive mechanism that Xen provides to show that data pass to the Binder rear end driving that is arranged in GUI territory.
4.Binder rear end drives demonstrations data is passed to SurfaceFlinger, and SurfaceFlinger mixes the data of transmitting in each Surface, then is transferred in FrameBuffer and shows, completes interface drafting.
Described safe display module itself comprises that safety starter and safety show service two parts.Starter is the major part of user and system interaction, and its basic function is to list the application of installation, and when user carries out start-up operation, opens application program.The existing starter of Android has had perfect basic function at present.Safety starter is pointed out the safe class of application before application start, and the entrance that application safety grade is set is provided to user, and this just need to, on the basis that original starter is realized with reference to Android, increase the support to safe class.The safety of system shows security information prompting when service is mainly used in application operation, because indication range during application operation taken over by the Activity assembly of applying, therefore the security information that a system service carrys out display application has been opened in realization.
1) safety starter
Android system starter be in Android graphical interface system with the main part of user interactions, it mainly has two basic functions: list mounted application program and start application program.Icon and the title of application is mainly responsible for having installed with the displaying of grid layout in the display section of starter, and the package manager of these information in Android provides.Meanwhile, during application program in clicking interface, starter starts application program by the Intent mechanism of Android, by screen display with give alternately the corresponding assembly processing of application program.The primary starter of Android has the displaying of comparatively perfect and starts the basic function of application, but it is not for the related mechanism of the safety instruction of applying, and the support of demonstration control is not also provided for display safety information.
Described safety starter, completing basic displaying and starting on the basis of application program, increases safety prompting function.Meanwhile, the part contacting with user as the top layer of safe display module system, safety starter also arranges other function of application safety level for user provides.The object that provides level of security that function is set is to facilitate for user in use dynamically changes level of security.In the actual use procedure of user, its understanding to application security changed along with the time.Therefore,, than permissive mechanism, the level of security that can dynamically change more meets user's the process of cognition.Level of security arranges the system bag management service of function bottom based on expansion and realizes, and is the graphical interfaces interface providing SecureResolveInfo is set in safety label module.
An enforceable safety starter graphical interfaces as shown in Figure 9.Demonstration and interactive mode that this is realized with reference to the existing starter of Android, provide safety instruction based on safety label module.Safety starter takes full advantage of the display space of original starter when showing, revises the background colour of application name and distinguishes the application that has different safety class.Level of security arranges interface and comprises that application choice interface and application safety rank arrange interface two parts.The display function of application choice interface and starter is similar, is mainly the list that user provides application program in system; Other showing interface has been set available high, normal, basic three level of securitys of application safety level, corresponding virtual machine layer is non-security respectively, Generally Recognized as safe and three application virtual machines of safety.
2) safety instruction in application
Safety instruction is placed in to current existing system UI, cannot reaches the object of pointing out user in the whole life cycle after application start, therefore also need the compatibility of safe GUI to adjust.Therefore, a kind of new display mode of described system, invention has designed safety instruction in a set of application based on system service.
In application based on system service, safety instruction framework as shown in figure 10.The realization of security service depends on the support of safety starter, safety label module and window manager.The concrete flow for displaying of prompting is as follows: 1) during user launches application, safety starter sends the essential informations such as title of current application program to the security service of bottom; 2) security service gets after the essential information of application program, inquires about the level of security of this application program to safety label module; 3) label information of level of security information is passed to window manager, by window management, draw content to new figure layer.New figure layer is positioned on original display interface, to guarantee that it can not be capped and distort.
In the described application based on system service, safety instruction as shown in figure 11.Security service is drawn on safety instruction between system title block and Application Program Interface assembly, and has adopted the color consistent with safety starter to identify the safe class of current operation application.
Claims (7)
1. the safe GUI of the intelligent terminal generation method based on virtual isolation technology, the steps include:
1) virtual machine that monitor of virtual machine is a plurality of isolation by system divides, comprises some application virtual machines of a system virtual machine and different level of securitys; Described system virtual machine is that application virtual machine is set up the file system of isolation mutually described in each; In described system virtual machine, be provided with safety label module;
2) package manager is divided into the front end bag erector running in described application virtual machine and the safe class manager that is arranged in described system virtual machine; Front end bag erector is communicated by letter by shared drive with safe class manager;
3) when an application program is installed, described package manager sends to described safety label module by the resolving information of this application program;
4) described safety label module, for this resolving information increases level of security information, is expanded to security solution information: represent the sLevel of safe class data value and the identifier sSign that points to safe class marking image resource;
5) described safe class manager sends to the front end bag erector in corresponding level of security application virtual machine according to this sLevel value by instruction is installed, and this application program is installed;
6) described system virtual machine carries out interface drafting to this application program according to this identifier sSign on the graphic user interface GUI of described system virtual machine.
2. the method for claim 1, is characterized in that, in described system virtual machine, a safe display module is set, for receiving the modification information of application security grade; Described system virtual machine carries out interface drafting to this application program again according to amended safe class, and in this application program the application virtual machine from current application virtual machine (vm) migration to corresponding level of security.
3. method as claimed in claim 1 or 2, is characterized in that its moving method is when an application program a moves to Another Application virtual machine B from an application virtual machine A:
31) described safe class device sends migration instruction by shared drive to the front end bag erector in this application virtual machine A;
32) this front end bag erector obtains the document location of this application program a and deletes the mount message of this application program a in application virtual machine A;
33) package manager moves the file of this application program a in application virtual machine B, and in application virtual machine B, registers this application program a by front end bag erector.
4. method as claimed in claim 2, is characterized in that described safe display module comprises that safety starter and safety show service two parts; Described safety starter is used for listing mounted application program, and before user carries out start-up operation the safe class of prompting application program, and to user, provide the entrance that application safety grade is set; Security information prompting when described safety shows service for application program operation, the security information of display application program.
5. method as claimed in claim 4, is characterized in that described safety shows that service carries out the method for security information prompting and be:
51), during user launches application, described safety starter sends the title of current application program to the security service of bottom;
52) security service is inquired about the level of security of this application program according to the title of this application program to described safety label module;
53) described security service, by the level of security information of receiving to window manager, is plotted to a new figure layer by window manager by this level of security information; This new figure layer is positioned on original display interface.
6. the method for claim 1, is characterized in that the Binder rear end that bonding driving Binder is divided into the Binder front-end driven running in described application virtual machine and runs in described system virtual machine drives; Described Binder front-end driven is responsible for and interapplication communications, and data are passed to described Binder rear end by described monitor of virtual machine drives.
7. method as claimed in claim 6, is characterized in that the method that described system virtual machine carries out interface drafting to this application program is:
71) content that the window manager in described application virtual machine will show this application program of drafting sends to the described Binder front-end driven on this application virtual machine;
72) the shared drive mechanism that the demonstration data that described Binder front-end driven will be transmitted provide by described monitor of virtual machine passes to the described Binder rear end that is positioned at system virtual machine and drives;
73) driving of described Binder rear end passes to described system virtual machine by these demonstration data and completes interface drafting.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410305234.7A CN104133670B (en) | 2014-06-30 | 2014-06-30 | A kind of safe GUI generation methods of intelligent terminal based on virtual isolation technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410305234.7A CN104133670B (en) | 2014-06-30 | 2014-06-30 | A kind of safe GUI generation methods of intelligent terminal based on virtual isolation technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104133670A true CN104133670A (en) | 2014-11-05 |
| CN104133670B CN104133670B (en) | 2017-06-09 |
Family
ID=51806357
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410305234.7A Expired - Fee Related CN104133670B (en) | 2014-06-30 | 2014-06-30 | A kind of safe GUI generation methods of intelligent terminal based on virtual isolation technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104133670B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104834613A (en) * | 2015-04-30 | 2015-08-12 | 捷鼎国际股份有限公司 | Computer system and method used for accessing virtual machine |
| CN105376741A (en) * | 2015-10-28 | 2016-03-02 | 浪潮(北京)电子信息产业有限公司 | Method for improving safety of mobile terminal |
| CN106155753A (en) * | 2016-08-22 | 2016-11-23 | 广东欧珀移动通信有限公司 | A kind of application program installation method, device and terminal |
| CN106375371A (en) * | 2016-08-22 | 2017-02-01 | 四川安嵌科技有限公司 | Method and system for cross-domain access service |
| CN106815518A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | One kind application installation method and electronic equipment |
| CN109298895A (en) * | 2017-07-24 | 2019-02-01 | 杭州盈高科技有限公司 | APP management method and device in mobile device |
| WO2019242440A1 (en) * | 2018-06-20 | 2019-12-26 | 华为技术有限公司 | User interface display method and terminal device |
| CN113626149A (en) * | 2021-08-03 | 2021-11-09 | 浙江中电远为科技有限公司 | Business secret protection method and system based on terminal virtualization |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101377745A (en) * | 2007-08-28 | 2009-03-04 | 张玉昆 | Virtual computer system and method for implementing data sharing between each field |
| CN101764703A (en) * | 2009-09-16 | 2010-06-30 | 深圳市震有科技有限公司 | Network element management system based on virtual technology |
| CN101976200A (en) * | 2010-10-15 | 2011-02-16 | 浙江大学 | Virtual machine system for input/output equipment virtualization outside virtual machine monitor |
| CN102103518A (en) * | 2011-02-23 | 2011-06-22 | 运软网络科技(上海)有限公司 | System for managing resources in virtual environment and implementation method thereof |
| CN102110009A (en) * | 2009-12-28 | 2011-06-29 | 中国移动通信集团公司 | Method for deploying application in virtual platform and virtual platform manager |
| US20110225582A1 (en) * | 2010-03-09 | 2011-09-15 | Fujitsu Limited | Snapshot management method, snapshot management apparatus, and computer-readable, non-transitory medium |
-
2014
- 2014-06-30 CN CN201410305234.7A patent/CN104133670B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101377745A (en) * | 2007-08-28 | 2009-03-04 | 张玉昆 | Virtual computer system and method for implementing data sharing between each field |
| CN101764703A (en) * | 2009-09-16 | 2010-06-30 | 深圳市震有科技有限公司 | Network element management system based on virtual technology |
| CN102110009A (en) * | 2009-12-28 | 2011-06-29 | 中国移动通信集团公司 | Method for deploying application in virtual platform and virtual platform manager |
| US20110225582A1 (en) * | 2010-03-09 | 2011-09-15 | Fujitsu Limited | Snapshot management method, snapshot management apparatus, and computer-readable, non-transitory medium |
| CN101976200A (en) * | 2010-10-15 | 2011-02-16 | 浙江大学 | Virtual machine system for input/output equipment virtualization outside virtual machine monitor |
| CN102103518A (en) * | 2011-02-23 | 2011-06-22 | 运软网络科技(上海)有限公司 | System for managing resources in virtual environment and implementation method thereof |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104834613B (en) * | 2015-04-30 | 2018-01-26 | 捷鼎国际股份有限公司 | To access the computer system of virtual machine and method |
| CN104834613A (en) * | 2015-04-30 | 2015-08-12 | 捷鼎国际股份有限公司 | Computer system and method used for accessing virtual machine |
| CN105376741A (en) * | 2015-10-28 | 2016-03-02 | 浪潮(北京)电子信息产业有限公司 | Method for improving safety of mobile terminal |
| CN105376741B (en) * | 2015-10-28 | 2019-01-08 | 浪潮(北京)电子信息产业有限公司 | A method of improving mobile terminal safety |
| CN106815518A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | One kind application installation method and electronic equipment |
| CN106375371A (en) * | 2016-08-22 | 2017-02-01 | 四川安嵌科技有限公司 | Method and system for cross-domain access service |
| CN106155753A (en) * | 2016-08-22 | 2016-11-23 | 广东欧珀移动通信有限公司 | A kind of application program installation method, device and terminal |
| CN106375371B (en) * | 2016-08-22 | 2019-11-22 | 四川安嵌科技有限公司 | A kind of method and system of cross-domain access service |
| CN109298895A (en) * | 2017-07-24 | 2019-02-01 | 杭州盈高科技有限公司 | APP management method and device in mobile device |
| CN109298895B (en) * | 2017-07-24 | 2021-04-23 | 杭州盈高科技有限公司 | APP management method and device on mobile equipment |
| WO2019242440A1 (en) * | 2018-06-20 | 2019-12-26 | 华为技术有限公司 | User interface display method and terminal device |
| CN110618847A (en) * | 2018-06-20 | 2019-12-27 | 华为技术有限公司 | User interface display method and terminal equipment |
| CN113626149A (en) * | 2021-08-03 | 2021-11-09 | 浙江中电远为科技有限公司 | Business secret protection method and system based on terminal virtualization |
| CN113626149B (en) * | 2021-08-03 | 2024-05-10 | 浙江中电远为科技有限公司 | Business secret protection method and system based on terminal virtualization |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104133670B (en) | 2017-06-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104133670A (en) | Intelligent terminal security GUI (Graphical User Interface) generation method on the basis of virtual isolation technology | |
| KR102436987B1 (en) | Method and terminal device for extracting web page content | |
| US8726337B1 (en) | Computing with presentation layer for multiple virtual machines | |
| US10152345B2 (en) | Machine identity persistence for users of non-persistent virtual desktops | |
| US9552477B2 (en) | Resource management in a processor | |
| US9300720B1 (en) | Systems and methods for providing user inputs to remote mobile operating systems | |
| CN104704448A (en) | Reverse seamless integration between local and remote computing environments | |
| US9286094B2 (en) | Human interface device virtualization using paravirtual USB system | |
| CN105573753B (en) | Multi-system switching method and device | |
| CN102135866B (en) | Display optimization method based on Xen safety computer | |
| CN113157362B (en) | Android multi-window display method applied to Linux | |
| CN103455234A (en) | Method and device for displaying application program interfaces | |
| CN102447723A (en) | Client-side virtualization framework | |
| WO2017167126A1 (en) | Window display method, information exchange method and system | |
| CN110968392B (en) | Method and device for upgrading virtualized simulator | |
| AU2022200314A1 (en) | Running applications on a computing device | |
| EP2782007A1 (en) | Launching multiple applications in containers on a processor | |
| CN105373734A (en) | Application data protection method and apparatus | |
| CN114625484B (en) | Virtualization implementation method and device, electronic equipment, medium and ARM platform | |
| CN103064724A (en) | Virtual mechanism constructing method and device | |
| CN101311924A (en) | Graphical user interface browsers system and method | |
| CN105389096B (en) | Data interactive method based on browser and device | |
| US10637827B2 (en) | Security network system and data processing method therefor | |
| CN109039697B (en) | Virtual machine network card configuration method and device | |
| CN114090172A (en) | Cross-system widget multiplexing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170609 Termination date: 20190630 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |