CN105095746A - Method and device for application program starting authentication - Google Patents
Method and device for application program starting authentication Download PDFInfo
- Publication number
- CN105095746A CN105095746A CN201510382853.0A CN201510382853A CN105095746A CN 105095746 A CN105095746 A CN 105095746A CN 201510382853 A CN201510382853 A CN 201510382853A CN 105095746 A CN105095746 A CN 105095746A
- Authority
- CN
- China
- Prior art keywords
- application program
- startup
- starting
- background service
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Abstract
The invention provides a method for application program starting authentication, which mainly comprises the steps that an event starting notice sent by a preset backstage service is received, wherein the event starting notice is generated based on a starting behavior of an application program intercepted by the backstage service; a response is made to the event starting notice, a locking interface is started to receive password input of a user, and the authentication is carried out to the starting behavior of the application program; and the backstage service is informed by an authentication result to release or prohibit starting of the application program. In addition, the invention also provides a device for the application program starting authentication. The method and the device for the application program starting authentication provided by the invention can realize locking before the self-starting of the application program, and determine whether the starting is realized by the user's authentication, so that the problem about frame blinking during the locking is solved, time wasting caused by timed polling of a CPU is avoided, and a program locking function with better user experience is realized.
Description
Technical field
The present invention relates to intelligent terminal security fields, specifically, the present invention relates to a kind of application program launching method for authenticating and device.
Background technology
Along with the fast development of intelligent terminal technology, the application program of various function is emerged in large numbers like the mushrooms after rain, in occupation of market.Undeniable diversified application program meets the demand of people in various degree in the various aspects of productive life, but simultaneously also for the secret protection of user brings no small risk.
Fail-safe software on Intelligent mobile equipment much all provides software locks function to protect the privacy information of user; substantially be all the interface getTasks (intmaxNum by calling in the system service ActivityManagerService of android; intflags; IThumbnailReceiverreceiver) whether the picture of method inquiry current screen the top belongs to the application of specifying, and if it is directly shows a picture and covers screen the top to reach the object of locking application.
Prior art is when realizing this function, whether the key frame of the application program that fail-safe software quantitative check is specified has been presented at screen the top, once find display, fail-safe software just ejects picture immediately and covers above screen, needs user to input password or obtained the authorization by other means just can enter software key frame.Because existing techniques in realizing mode is automatic regular polling, unnecessarily can waste CPU time on the one hand, the poor user experience because the mistiming causes and privacy leakage problem on the other hand, because only detect the related data of application program picture, just eject locking picture, so the mistiming between the startup of application program launching and locking picture may cause the key frame applied to flash just be capped locking.
Summary of the invention
Object of the present invention is intended to solve at least one problem above-mentioned, provides a kind of application program launching method for authenticating and device.
To achieve these goals, a kind of application program launching method for authenticating concrete steps of the present invention are as follows: receive the startup event notice that the background service preset sends, the startup behavior of the application program that described startup event notice is tackled based on background service and generating;
Notify in response to this Installation Events, start locking interface to receive the password input instruction of user, authentication is carried out to the startup behavior of this application program;
Notify that described background service is let pass or this application program of No starting according to authenticating result.
Concrete, described background service runs on the framework layer of system, described startup event notice is sent to the App layer of system.
Concrete, described background service using the bag name of described application program to be launched as parameter call call back function to send described startup event notice.
Further, starting locking interface and carry out in the step of authentication, only showing described locking interface when receiving the startup event notice of application program.
Concrete, described background service adopts Hook Function to the run function hook of application program to be launched to realize starting it interception of behavior.
Concrete, by described background service according to its clearance received or the notice terminating startup application program, allow or forbid that campaign management services performs the start-up operation to described application program.
Further, described campaign management services specifically refers to the ActivityManagerService of executive utility start-up operation.
Concrete, show when described locking interface is the startup event notice receiving application program, and the User Interface of Password Input frame is provided.
Further, when carrying out authentication, the password that authentication of users inputs at locking interface is to complete the authentication of described application programs.
Concrete, upon successful authentication, directly notify that described background service is let pass and start application program; When the authentication fails, display alarm information, to point out subscription authentication failure, forbids or suspends starting this application program.
Concrete, before authentication is carried out at startup locking interface, further comprising the steps of:
Submitted to the remote request obtaining and allow the application package list of file names started by remote interface;
The application package list of file names that the permission receiving cloud server feedback starts;
Further, also comprise step: when application program to be launched is present in described permission in the application package list of file names started, directly notify that described background service is let pass and start those application programs.
Concrete, start before locking interface carries out authentication, inquiry is stored in the application package list of file names that local permission starts, and when application program to be launched is present in described list, directly notifies the application program that background service is let pass in the described list of startup.
Also provide a kind of application program launching authentication device, this device comprises with lower unit:
Receiving element: for receiving the startup event notice that default background service sends, the startup behavior of the application program that described startup event notice is tackled based on background service and generating;
Response unit: notify in response to this Installation Events, for starting locking interface to receive the password input instruction of user, carries out authentication to the startup behavior of this application program;
Performance element: for notifying that according to authenticating result described background service is let pass or this application program of No starting.
Concrete, described background service runs on the framework layer of system, described startup event notice is sent to the App layer of system.
Concrete, described background service using the bag name of described application program to be launched as parameter call call back function to send described startup event notice.
Further, in described response unit, only show described locking interface when receiving the startup event notice of application program.
Concrete, described background service adopts Hook Function to the run function hook of application program to be launched to realize starting it interception of behavior.
Concrete, by described background service according to its clearance received or the notice terminating startup application program, allow or forbid that campaign management services performs the start-up operation to described application program.
Further, described campaign management services specifically refers to the ActivityManagerService of executive utility start-up operation.
Concrete, show when described locking interface is the startup event notice receiving application program, and the User Interface of Password Input frame is provided.
Further, during described response unit authentication, the password that authentication of users inputs at locking interface is to complete the authentication of described application programs.
Concrete, described performance element is configured to further: upon successful authentication, directly notifies that described background service is let pass and starts application program; When the authentication fails, display alarm information, to point out subscription authentication failure, forbids or suspends starting this application program.
Concrete, also comprise remote interaction unit, be configured to perform following function:
Submitted to the remote request obtaining and allow the application package list of file names started by remote interface;
The application package list of file names that the permission receiving cloud server feedback starts;
Further, when application program to be launched is present in described permission in the application package list of file names started, directly notifies that described background service is let pass and start those application programs.
Concrete, described response unit is configured to before authentication is carried out at startup locking interface, inquiry is stored in the application package list of file names that local permission starts, when application program to be launched is present in described list, directly notify the application program that background service is let pass in the described list of startup.
Compared to existing technology, the solution of the present invention has the following advantages:
1, the present invention adds Hook Function in the application start interface of the Framework layer of android system, interrupt original direct start-up course, first adjust back the interface of fail-safe software to send the notification event of application program launching, then according to user authorization result, the Booting sequence continuing executive utility is determined whether.Linked up with by the related function started by Hook Function application programs, and before application program shows its main interface, start locking interface, thus the mistiming problem that can solve between application program launching interface and locking interface display speed, without picture blinking when making to lock interface display, improve user experience.Meanwhile, received the authorized order of user by this locking interface, allow to start the application program obtaining and start authority, thus avoid the privacy leakage of user, realize the procedure lock function of better Consumer's Experience;
2, the present invention is before the main interface of application program launching, tackles its startup behavior, and display locking interface, to receive the password input instruction of user, authentication is carried out in the startup behavior of application programs.Only just starting locking interface when intercepting the startup behavior of application program, being different from when prior art detects Application Program Interface related data and just ejecting locking interface.Thus avoid the wasting of resources that the automatic regular polling of CPU when application programs interface related data detects causes, smart machine is run more smooth.
The aspect that the present invention adds and advantage will part provide in the following description, and these will become obvious from the following description, or be recognized by practice of the present invention.
Accompanying drawing explanation
The present invention above-mentioned and/or additional aspect and advantage will become obvious and easy understand from the following description of the accompanying drawings of embodiments, wherein:
Fig. 1 is application program launching method for authenticating principle schematic of the present invention;
Fig. 2 is application program launching authentication device theory diagram of the present invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Being exemplary below by the embodiment be described with reference to the drawings, only for explaining the present invention, and can not limitation of the present invention being interpreted as.
Those skilled in the art of the present technique are appreciated that unless expressly stated, and singulative used herein " ", " one ", " described " and " being somebody's turn to do " also can comprise plural form.Should be further understood that, the wording used in instructions of the present invention " comprises " and refers to there is described feature, integer, step, operation, element and/or assembly, but does not get rid of and exist or add other features one or more, integer, step, operation, element, assembly and/or their group.Should be appreciated that, when we claim element to be " connected " or " coupling " to another element time, it can be directly connected or coupled to other elements, or also can there is intermediary element.In addition, " connection " used herein or " coupling " can comprise wireless connections or wirelessly to couple.Wording "and/or" used herein comprises one or more whole or arbitrary unit listing item be associated and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, and all terms used herein (comprising technical term and scientific terminology), have the meaning identical with the general understanding of the those of ordinary skill in field belonging to the present invention.It should also be understood that, those terms defined in such as general dictionary, should be understood to that there is the meaning consistent with the meaning in the context of prior art, unless and by specific definitions as here, otherwise can not explain by idealized or too formal implication.
Those skilled in the art of the present technique are appreciated that, here used " terminal ", " terminal device " had both comprised the equipment of wireless signal receiver, it only possesses the equipment of the wireless signal receiver without emissive ability, comprise again the equipment receiving and launch hardware, it has and on bidirectional communication link, can perform the reception of two-way communication and launch the equipment of hardware.This equipment can comprise: honeycomb or other communication facilitiess, its honeycomb or other communication facilities of having single line display or multi-line display or not having multi-line display; PCS (PersonalCommunicationsService, PCS Personal Communications System), it can combine voice, data processing, fax and/or its communication ability; PDA (PersonalDigitalAssistant, personal digital assistant), it can comprise radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, calendar and/or GPS (GlobalPositioningSystem, GPS) receiver; Conventional laptop and/or palmtop computer or other equipment, it has and/or comprises the conventional laptop of radio frequency receiver and/or palmtop computer or other equipment.Here used " terminal ", " terminal device " can be portable, can transport, be arranged in the vehicles (aviation, sea-freight and/or land), or be suitable for and/or be configured at local runtime, and/or with distribution form, any other position operating in the earth and/or space is run.Here used " terminal ", " terminal device " can also be communication terminal, access terminals, music/video playback terminal, can be such as PDA, MID (MobileInternetDevice, mobile internet device) and/or there is the mobile phone of music/video playing function, also can be the equipment such as intelligent television, Set Top Box.
Those skilled in the art of the present technique are appreciated that used remote network devices here, and it includes but not limited to the cloud that computing machine, network host, single network server, multiple webserver collection or multiple server are formed.At this, cloud is formed by based on a large amount of computing machine of cloud computing (CloudComputing) or the webserver, and wherein, cloud computing is the one of Distributed Calculation, the super virtual machine be made up of a group loosely-coupled computing machine collection.In embodiments of the invention, realize communicating by any communication mode between remote network devices, terminal device with WNS server, include but not limited to, the mobile communication based on 3GPP, LTE, WIMAX, the computer network communication based on TCP/IP, udp protocol and the low coverage wireless transmission method based on bluetooth, Infrared Transmission standard.
In order to set forth method of the present invention better, for Android operation system, simple introduction is done to the campaign management services operating process based on android system:
Campaign management services ActivityManagerService (being called for short AMS) is one of system service of Android, it is alternatively one of most crucial module of Android upper system, it mainly completes the management life cycle of application process and the Activity of process, the major functions such as Service, Broadcast and Provider.Campaign management services is started by system service systemserver at system start-up phase, and its structure and operation are all carry out in the middle of SystemServer.From the angle of system cloud gray model, AMS can be divided into Client to hold and Service end: Client end operates in each app process, and app process achieves concrete Activity, Service etc., and calling system interface completes display; Service end operates in SystemServer process, is the specific implementation of the ActivityManagerService of system level, the system call request of its response Client end, and manages the life cycle that Client holds each app process.At Client end, Application, Service and Activity are the subclasses of Context, and Context is interpreted as environment, and namely it can tell the Activity of the current operation of system, and the situation of Service comprises display, process etc.Context is an abstract class, and the method for definition is embodied in ContextImpl, and ContextWrapper is as the decorative kind of Context, and the member variable mBase of the inside points to ContextImpl.
IActivityManager interface defines the interface that app accesses AMS, and mainly application request AMS will complete some operation, such as starts or terminates Activity, starts or suspends Service.ActivityManagerService achieves the interface defined in IActivityManager, such can be described as the core of AMS, all specific works of AMS all control substantially in such or by such, example initialization when process SystemServer just starts of ActivityManagerService.IApplicationThread interface defines the interface that AMS can access app, AMS is by these Interface Controller app process and the response completing app, ApplicationThread is the specific implementation of IApplicationThread interface, the example of ApplicationThread is initialization when creating ActivityThread object when app process initiation, and the member variable mAppThread of ActivityThread is exactly ApplicationThread object.Call to realize striding course in addition, ActivityManagerProxy and ApplicationThreadProxy achieves IActivityManager and IApplicationThread interface respectively, its as respective agency for client and server.
AMS is also as a system service, and define some interfaces by ActivityManager and can be used for app to use, the interface of accessing AMS in ActivityManager is all realized by ApplicationThreadProxy.
In order to implement the monitoring of the campaign management services (AMS) to system, the present invention needs to arrange background service based on Root authority (unless Root authority is open) at the Framework layer of system, makes this background service realize communicating with system based on Binder mechanism.
As everyone knows, Root authority refers to system manager's authority of Unix type operating system (comprising Linux, Android), is similar to Administrator (keeper) authority in Windows (form) system; File (android system file and user file, do not comprise ROM) nearly all in the mobile device of user can be accessed and revise to Root authority.Given this, providing in the industry diversified power scheme of putting forward for obtaining the Root authority of android system, realizing user right and promoting, reaching the object causing comprehensive control operation system.These put forward power scheme, according to the life cycle of the rear authority effect of power of carrying, comprise permanent Root authority and temporary Root authority, as the term suggests in permanent Root authority situation, application program is authorized once Root, can carry out Root more later and put forward power; And in temporary Root authority situation, the life cycle of authority effect is the process of once shutting down from starting shooting to of operating system, next time, start still needed to carry out Root.
No matter adopt which kind of Root mode, the ultimate principle putting forward power is all the su by implanting to system for receiving authority request, realize man-machine interaction in conjunction with SuperUser.apk application program again, by su and SuperUser.apk cooperatively interacting operationally, realize effective rights management.The present invention obtains Root authority so that the installation behavior arranging background service application programs at the Framework layer of system is monitored, but adopts which kind of Root mode not as limitation of the present invention.
Based on above-mentioned principle, for android system, elaborate to a kind of application program launching method for authenticating provided by the invention, shown in figure 1, concrete steps are as follows:
Step S11: receive the startup event notice that the background service preset sends, the startup behavior of the application program that described startup event notice is tackled based on background service and generating.
Background service alleged by the present embodiment, refers to by the program module realized in advance with this method, runs in internal memory, after realizing proposing power operation foregoing by the corresponding host process in internal memory, to a communication service process of system registry.The Binder mechanism that described background service provides based on android system, register to SystemManager, by the intrinsic Binder mechanism that Android provides, between background service and campaign management services (AMS) process of its monitoring, set up the line of communication of C/S framework.Specifically, when after the Root authority getting system, for the ease of follow-up realization to the monitoring of other process in system and associative operation function, first the present invention starts the host process formed by running after this method instantiation having and obtain Root authority, described background service is inserted in systems in which by host process, such as specifically realize update by system call function ServiceManager.addService (), realize the successful registration to the background service that this method instantiation procedure constructs thus, described background service becomes the service processes of system bottom rank thus.It should be noted that, described background service process is by above-mentioned configuration, become the service processes of system level, its authority is obviously higher than the authority of other client layer service processess or application process, therefore this background service process can as communication infrastructure, the process calling it for other provides communication support, completion system and other call communication connection between its process.Therefore, described background service process, have the ability of carrying out with the campaign management services process of its monitoring communicating, communicate based on Binder mechanism between the two, this communication mode has the feature of fast and stable.Described background service process is mainly used in implementing the monitoring to system activity management service process, to tackle campaign management services process for starting the behavior of a certain application program, this behavior mainly refers to the command operating event behavior evoked by function call.
In a particular embodiment, after the Root authority of acquisition system, to system registry background service SecurityService, this background service runs on the Framework layer of system, for monitoring the startup behavior of application program to be launched, described startup behavior is specially when AMS performs start-up operation, calls the behavior of the function interface performing arbitrarily start-up operation.
Specifically, at App layer registration audiomonitor, for receiving the event notice of the application program launching that described background service sends.In a particular embodiment, App layer fail-safe software definition call back function interface QihooPkgStartListener.checkPkgStart (), and provide a self-defining interface function QihooAppManager.setPkgStartListener (StringpackageName, QihooPkgStartListenerlistener) for registering audiomonitor in system.Wherein, parameter p ackageName characterizes the bag name of application program to be launched.Simultaneously, the security service of a SecurityService by name is added at system framework layer, when application start, the interface function checkPkgStartForUser () that the background service of framework layer provides can call the call back function interface checkPkgStart (StringpackageName) of App layer fail-safe software, the startup event notice of application program is sent to application layer by ccf layer, to provide visualization interface to carry out authentication to this startup event in application layer.It should be noted that, the now actual starting operation of application program does not also trigger.Wherein, described checkPkgStartForUser () function is as follows:
publicbooleancheckPkgStartForUser(StringpackageName,
IBindercaller,Intentintent,
StringresolvedType,IBinderresultTo,
StringresultWho,intrequestCode,
intstartFlags,StringprofileFile,
ParcelFileDescriptorprofileFd,
Bundleoptions,intuserId)
Run checkPkgStartForUser () function check and whether have application program launching, wherein, described function parameter comprises application package name packageName, starts the descriptor intent etc. of information concerning events.
Before calling this application program launching detection function, first by injecting the startup behavior of the Hook Function monitoring application program of ccf layer in advance by background service and obtaining correlation parameter information, wherein, described Hook Function can be linked up with to realize the interception to starting behavior to startActivity () function.Described function interface startActivity () is a kind of mode starting application A ctivity, creates an example at the main interface of application program by calling this function interface, to call the main interface of application program in display Activity stack.So, function interface startActivity () is linked up with, to realize the interception that application programs starts event, generates and start event notice.
Certainly, more than just enumerate one of hooking function, also can be the operation can linked up with arbitrarily that application program launching process performs, those skilled in the art should be appreciated that and link up with operation accordingly.
Wherein, term " hook " covers the technology for changing or increase the behavior of operating system, application program or other component softwares by tackling function call, message or the event transmitted between component software.And the code processing this function call, event or the message that are blocked just is called as Hook Function.Hook is generally used for various target, comprises and debugs function and expand function.Its example can be included in before keyboard or mouse event are delivered to application program and tackle them, or hooking system service call (systemcall) or system function behavior, function execution result etc., to monitor or to revise function of application program or other assemblies etc.The operation can linking up with arbitrarily interface function that the present embodiment performs when Hook Function can be adopted to take over described application program launching.
The described framework layer background service SecurityService running on system, start voluntarily once find that there is application program, immediately using the call back function that the routine package name packageName of this application program to be launched provides as parameter call App layer fail-safe software, described startup event notice is sent to the App layer of system.
Step S12: in response to this startup event notice, starts locking interface to receive the password input instruction of user, carries out authentication to the startup behavior of this application program.
The bag name of application program, by calling call back function, is passed to App layer as parameter from Framework layer by described background service, with the startup behavior of notification application.Just based on this application package name parameter received, authentication can be carried out to the startup behavior of corresponding application program in this step.
Specifically, in response to the startup event notice of application program, the bag name packageName according to application program determines the application program that will lock, and suspends the startup behavior of this application program, and starts locking interface.Described locking interface only shows when receiving the startup event notice of application program, be specially the User Interface providing Password Input frame, described Password Input frame is specifically as follows any interface forms for receiving Password Input such as simple text edit box, numerical ciphers keyboard, pattern code keypad, fingerprint identification area.Receive the password input instruction of user, the password of checking input, carries out authentication with the startup behavior of application programs.
In other embodiments, before authentication is carried out at startup locking interface, can also by allowing the application package list of file names started to cloud server request, to determine to obtain the application package name starting and authorize, concrete steps are as follows:
1, submitted to the length of run request obtaining and allow the application package list of file names started by remote interface;
Submit remote request based on the identity information of equipment or third party's account to by remote interface, acquisition request allows the application package list of file names started.Wherein, the described application package list of file names started that allows adds up generation in advance by cloud server, client receives the instruction of the permission application program launching of user's setting, the bag name of corresponding application program is packaged into packet, send to cloud server, cloud server is by the identity information of this application package name and this equipment or third-party account association store.In other embodiments, the described application package list of file names allowing to start also can allow the number of users started to generate by cloud server statistics application program, and the application records that number of users is exceeded certain threshold value by cloud server allows in the application package list of file names started in described.
2, the application package list of file names that the permission receiving cloud server feedback starts.
What receive feedback comprises the reply data bag allowing the application package list of file names started, and resolves it, obtains the corresponding application package name allowing to start.
Before startup locking interface, the application package list of file names that the permission whether the application package name of inquiring about current startup belongs to described cloud server feedback starts, if belonged to, judges that this application program obtains and starts authority; If do not belonged to, judge that this application program does not obtain startup authority, so that perform subsequent step according to this authenticating result.
In other embodiments, the described application package list of file names started that allows also can be stored in this locality, namely client provides one for setting the visualization interface allowing to start application program, receive the setting instruction of user, the application package name that the permission that recording user sets starts also is stored in the machine, generates the described application package list of file names allowing to start.Before startup locking interface, whether the application package name of inquiring about current startup belongs to the application package list of file names of the permission startup that described this locality stores, if belonged to, judges that this application program obtains and starts authority; If do not belonged to, judge that this application program does not obtain startup authority, so that perform subsequent step according to this authenticating result.
Step S13: notify that described background service is let pass or this application program of No starting according to authenticating result.
The encrypted message of above-mentioned steps authentication of users input, with the startup behavior authentication of application programs, learns whether application program to be launched has startup authority thus, notifies that described background service is let pass or this application program of No starting according to this authenticating result.In specific embodiment, the fail-safe software calling interface function QihooAppManager.resumeOrAbortPackage (StringpackageName of App layer, booleanabort), and the interface function resumeOrAbortPackage (StringpackageName provided by background service SecurityService described in this function call, booleanabort), authenticating result is passed to framework layer by App layer, to notify that framework lets pass or the corresponding application program of No starting.Wherein, upon successful authentication, second parameter abort is set to false, otherwise is set to true.
If authentication success, namely authenticating result is for allowing this application program launching, then background service SecurityService receives the event notice allowing to start application program, the startup behavior of this application program is let pass, recovers interrupted app start-up course, namely the startup interface function of interception is let pass, campaign management services is made to continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
If failed authentication, namely authenticating result is for forbidding this application program launching, then background service SecurityService receives the event notice of No starting application program, terminates the startup behavior of this application program.Specifically can call the process of Process.killProcess (pid) function end application by Hook Function or call the process of forcestopPackage () function hard closing application program.Meanwhile, App layer fail-safe software provides a user interface, and display alarm information is to point out subscription authentication failure.
In another embodiment of the invention, after system acceptance startup event notice, before authentication is carried out at startup locking interface, first inquiry is stored in the application package list of file names that local permission starts.Contrast the application package list of file names that application package name to be launched starts with the permission being stored in this locality, when application program to be launched is present in the application package list of file names of the local permission startup stored, code authentication is inputted without the need to user, directly notify that described background service is let pass and start those application programs, namely by background service, the startup interface function of interception is let pass, campaign management services is made to continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
In another embodiment of the invention, after system acceptance startup event notice, before authentication is carried out at startup locking interface, first submitted to the remote request obtaining and allow the application package list of file names started to cloud server by remote interface, the application package list of file names that the permission then receiving cloud server feedback starts.Contrast the application package list of file names that permission that application package name to be launched and cloud server feed back starts, when the application package list of file names that the permission that application program to be launched is present in cloud server feedback starts, code authentication is inputted without the need to user, directly notify that described background service is let pass and start those application programs, namely by background service, the startup interface function of interception is let pass, campaign management services is made to continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
Below based on modularized thoughts, disclose the embodiment realized according to application program launching method for authenticating of the present invention further.
Refer to Fig. 2, application program launching authentication device provided by the present invention, comprise receiving element 11, response unit 12, performance element 13.In conjunction with above-mentioned application program launching method for authenticating, disclose the concrete function that each module realizes below in detail:
Receiving element 11: for receiving the startup behavior of the application program based on background service interception that default background service sends and the startup event notice that generates.
Background service alleged by the present embodiment, refers to by the program module realized in advance with the present invention, runs in internal memory, after realizing proposing power operation foregoing by the corresponding host process in internal memory, to a communication service process of system registry.The Binder mechanism that described background service provides based on android system, register to SystemManager, by the intrinsic Binder mechanism that Android provides, between background service and campaign management services (AMS) process of its monitoring, set up the line of communication of C/S framework.Specifically, when after the Root authority getting system, for the ease of follow-up realization to the monitoring of other process in system and associative operation function, first the present invention starts the host process formed by running after this method instantiation having and obtain Root authority, described background service is inserted in systems in which by host process, such as specifically realize update by system call function ServiceManager.addService (), realize the successful registration to the background service that this method instantiation procedure constructs thus, described background service becomes the service processes of system bottom rank thus.It should be noted that, described background service process is by above-mentioned configuration, become the service processes of system level, its authority is obviously higher than the authority of other client layer service processess or application process, therefore this background service process can as communication infrastructure, the process calling it for other provides communication support, completion system and other call communication connection between its process.Therefore, described background service process, have the ability of carrying out with the campaign management services process of its monitoring communicating, communicate based on Binder mechanism between the two, this communication mode has the feature of fast and stable.Described background service process is mainly used in implementing the monitoring to system activity management service process, to tackle campaign management services process for starting the behavior of a certain application program, this behavior mainly refers to the command operating event behavior evoked by function call.
In a particular embodiment, after the Root authority of acquisition system, to system registry background service SecurityService, this background service runs on the Framework layer of system, for monitoring the startup behavior of application program to be launched, described startup behavior is specially when AMS performs start-up operation, calls the behavior of the function interface performing arbitrarily start-up operation.
Specifically, register audiomonitor at the receiving element 11 of App layer, for receiving the event notice of the application program launching that described background service sends.In a particular embodiment, receiving element 11 of the present invention defines call back function interface QihooPkgStartListener.checkPkgStart (), and provide a self-defining interface function QihooAppManager.setPkgStartListener (StringpackageName, QihooPkgStartListenerlistener) for registering audiomonitor in system.Wherein, parameter p ackageName characterizes the bag name of application program to be launched.Simultaneously, the security service of a SecurityService by name is added at system framework layer, when application start, the interface function checkPkgStartForUser () that the background service of framework layer provides can call the call back function interface checkPkgStart (StringpackageName) of App layer fail-safe software, the startup event notice of application program is sent to application layer by ccf layer, to provide visualization interface to carry out authentication to this startup event in application layer.It should be noted that, the now actual starting operation of application program does not also trigger.Wherein, described checkPkgStartForUser () function is as follows:
publicbooleancheckPkgStartForUser(StringpackageName,
IBindercaller,Intentintent,
StringresolvedType,IBinderresultTo,
StringresultWho,intrequestCode,
intstartFlags,StringprofileFile,
ParcelFileDescriptorprofileFd,
Bundleoptions,intuserId)
Run checkPkgStartForUser () function check and whether have application program launching, wherein, described function parameter comprises application package name packageName, starts the descriptor intent etc. of information concerning events.
Before calling this application program launching detection function, first by injecting the startup behavior of the Hook Function monitoring application program of ccf layer in advance by background service and obtaining correlation parameter information, wherein, described Hook Function can be linked up with to realize the interception to starting behavior to startActivity () function.Described function interface startActivity () is a kind of mode starting application A ctivity, creates an example at the main interface of application program by calling this function interface, to call the main interface of application program in display Activity stack.So, function interface startActivity () is linked up with, to realize the interception that application programs starts event, generates and start event notice.
Certainly, more than just enumerate the one of hooking function, also can be the operation can linked up with arbitrarily that application program launching process performs, those skilled in the art should be appreciated that and link up with operation accordingly.
Wherein, term " hook " covers the technology for changing or increase the behavior of operating system, application program or other component softwares by tackling function call, message or the event transmitted between component software.And the code processing this function call, event or the message that are blocked just is called as Hook Function.Hook is generally used for various target, comprises and debugs function and expand function.Its example can be included in before keyboard or mouse event are delivered to application program and tackle them, or hooking system service call (systemcall) or system function behavior, function execution result etc., to monitor or to revise function of application program or other assemblies etc.The operation can linking up with arbitrarily interface function that the present embodiment performs when Hook Function can be adopted to take over described application program launching.
The described framework layer background service SecurityService running on system, start voluntarily once find that there is application program, immediately using call back function that the routine package name packageName of this application program to be launched provides as parameter call App layer fail-safe software, described startup event notice is sent to the App layer of system, receives described startup event notice by described receiving element 11.
Response unit 12: in response to this startup event notice, for starting locking interface to receive the password input instruction of user, carries out authentication to the startup behavior of this application program;
The bag name of application program, by calling call back function, is passed to App layer as parameter from Framework layer by described background service, with the startup behavior of notification application.Response unit 12 of the present invention just based on this application package name parameter received, can carry out authentication to the startup behavior of corresponding application program.
Specifically, described response unit 12 is in response to the startup event notice of application program, and the bag name packageName according to application program determines the application program that will lock, and suspends the startup behavior of this application program, and starts locking interface.Described locking interface only shows when receiving the startup event notice of application program, be specially the User Interface providing Password Input frame, described Password Input frame is specifically as follows any interface forms for receiving Password Input such as simple text edit box, numerical ciphers keyboard, pattern code keypad, fingerprint identification area.Response unit 12 receives the password input instruction of user, and the password of checking input, carries out authentication with the startup behavior of application programs.
In other embodiments, apparatus of the present invention also comprise remote interaction unit, before authentication is carried out at startup locking interface, by described remote interaction unit by allowing the application package list of file names started to cloud server request, to determine to obtain the application package name starting and authorize, concrete execution step is as follows:
1, submitted to the length of run request obtaining and allow the application package list of file names started by remote interface;
Submit remote request based on the identity information of equipment or third party's account to by remote interface, acquisition request allows the application package list of file names started.Wherein, the described application package list of file names started that allows adds up generation in advance by cloud server, client receives the instruction of the permission application program launching of user's setting, the bag name of corresponding application program is packaged into packet, send to cloud server, cloud server is by the identity information of this application package name and this equipment or third-party account association store.In other embodiments, the described application package list of file names allowing to start also can allow the number of users started to generate by cloud server statistics application program, and the application records that number of users is exceeded certain threshold value by cloud server allows in the application package list of file names started in described.
2, the application package list of file names that the permission receiving cloud server feedback starts.
What receive feedback comprises the reply data bag allowing the application package list of file names started, and resolves it, obtains the corresponding application package name allowing to start.
Before startup locking interface, the application package list of file names that the permission whether the application package name that response unit 12 inquires about current startup belongs to described cloud server feedback starts, if belonged to, judges that this application program obtains and starts authority; If do not belonged to, judge that this application program does not obtain startup authority, so that perform the subsequent cell of follow-up apparatus of the present invention according to this authenticating result.
In other embodiments, the described application package list of file names started that allows also can be stored in this locality, namely client provides one for setting the visualization interface allowing to start application program, receive the setting instruction of user, the application package name that the permission that recording user sets starts also is stored in the machine, generates the described application package list of file names allowing to start.Before startup locking interface, the application package list of file names that the permission whether the application package name that response unit 12 inquires about current startup belongs to the storage of described this locality starts, if belonged to, judges that this application program obtains and starts authority; If do not belonged to, judge that this application program does not obtain startup authority, so that perform the subsequent cell of apparatus of the present invention according to this authenticating result.
Performance element 13: for notifying that according to authenticating result described background service is let pass or this application program of No starting.
The encrypted message of response unit 12 authentication of users input of the present invention is with the startup behavior authentication of application programs, learn whether application program to be launched has startup authority thus, according to this authenticating result, performance element 13 notifies that described background service is let pass or this application program of No starting.In specific embodiment, the fail-safe software calling interface function QihooAppManager.resumeOrAbortPackage (StringpackageName of App layer, booleanabort), and the interface function resumeOrAbortPackage (StringpackageName provided by background service SecurityService described in this function call, booleanabort), authenticating result is passed to framework layer by App layer, to notify that framework lets pass or the corresponding application program of No starting.Wherein, upon successful authentication, second parameter abort is set to false, otherwise is set to true.
If authentication success, namely authenticating result is for allowing this application program launching, then background service SecurityService receives the event notice allowing to start application program, the startup behavior of this application program is let pass, recover interrupted app start-up course, namely the startup interface function of interception is let pass, make campaign management services continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
If failed authentication, namely authenticating result is for forbidding this application program launching, then background service SecurityService receives the event notice of No starting application program, terminates the startup behavior of this application program.Specifically can call the process of Process.killProcess (pid) function end application by Hook Function or call the process of forcestopPackage () function hard closing application program.Meanwhile, App layer fail-safe software provides a user interface, and display alarm information is to point out subscription authentication failure.
In another embodiment of the invention, after system acceptance startup event notice, before authentication is carried out at startup locking interface, described response unit 12 is configured to first to inquire about the application package list of file names being stored in local permission and starting.Contrast the application package list of file names that application package name to be launched starts with the permission being stored in this locality, when application program to be launched is present in the application package list of file names of the local permission startup stored, code authentication is inputted without the need to user, directly notify that described background service is let pass by performance element 13 and start those application programs, namely by background service, the startup interface function of interception is let pass, campaign management services is made to continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
In another embodiment of the invention, after system acceptance startup event notice, before authentication is carried out at startup locking interface, first enable remote interaction unit, submitted to the remote request obtaining and allow the application package list of file names started to cloud server, the application package list of file names that the permission then receiving cloud server feedback starts by remote interface.The application package list of file names that permission that application package name to be launched and cloud server feed back starts is contrasted by response unit 12, when the application package list of file names that the permission that application program to be launched is present in cloud server feedback starts, code authentication is inputted without the need to user, directly notify that described background service is let pass by performance element 13 and start those application programs, namely by background service, the startup interface function of interception is let pass, campaign management services is made to continue to perform follow-up code from the redirect of former hooking function, the start-up course of executive utility of mourning in silence.
Because three kinds of methods of the aforementioned explanation of the present invention may reside in same embodiment in logic.For ease of understanding the present invention more intuitively, introduce an embody rule scene of the present invention in conjunction with aforesaid three kinds of methods as follows.
In an application scenarios of the present invention: user installs a based on safeguard protection software of the present invention on the mobile phone of oneself, being protection individual privacy, is secret application by arranging the password picture processing APP added on its mobile phone.User clicks and opens this APP, namely called this picture processing APP startup request of monitoring interface and sending to background service by Hook Function according to application program authentication device provided by the present invention, whether inquire about this picture processing APP is immediately present in the application package list of file names of the local permission startup stored, if existed, then do not process, directly open this program.On the other hand, under the prerequisite of user mobile phone interconnection network, by the remote interaction unit in application program authentication device of the present invention, inquire about the application package list of file names whether this picture processing APP is present in the permission startup of cloud server feedback, if existed, then do not process, directly open this program.Because the early stage of user is arranged, in the routine package table within the rule of this picture processing APP, lock current phone interface at once based on fail-safe software of the present invention, an interface for password input is provided.When the authentication password of user's input is consistent with the password that early stage is arranged, fail-safe software judges that active user possesses the authority of checking this picture processing APP, and let pass immediately, this picture processing APP normally opens; When the authentication password of user's input is inconsistent with the password arranged early stage, fail-safe software judges that active user does not possess the authority of checking this picture processing APP, namely stop the startup of this picture processing APP, and lock the warning information of interface display " code error haves no right to check ".
In sum, the present invention is deep into the monitoring that system bottom realizes application programs, finds application program launching timely and accurately, Quick for authentication interface, can more effectively protection application program not by random startup optimization.
In instructions provided herein, although the description of a large amount of details.But can understand, embodiments of the invention can be put into practice when not having these details.In certain embodiments, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
The above is only some embodiments of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (10)
1. an application program launching method for authenticating, is characterized in that, comprises the following steps:
Receive the startup event notice that the background service preset sends, the startup behavior of the application program that described startup event notice is tackled based on background service and generating;
In response to this startup event notice, start locking interface to receive the password input instruction of user, authentication is carried out to the startup behavior of this application program;
Notify that described background service is let pass or this application program of No starting according to authenticating result.
2. method according to claim 1, is characterized in that, described background service runs on the framework layer of system, described startup event notice is sent to the App layer of system.
3. method according to claim 1, is characterized in that, described background service using the bag name of described application program to be launched as parameter call call back function to send described startup event notice.
4. method according to claim 3, is characterized in that, starting locking interface and carries out in the step of authentication, only showing described locking interface when receiving the startup event notice of application program.
5. method according to claim 1, is characterized in that, described background service adopts Hook Function to the run function hook of application program to be launched to realize starting it interception of behavior.
6. an application program launching authentication device, is characterized in that, comprising:
Receiving element: for receiving the startup event notice that default background service sends, the startup behavior of the application program that described startup event notice is tackled based on background service and generating;
Response unit: notify in response to this Installation Events, for starting locking interface to receive the password input instruction of user, carries out authentication to the startup behavior of this application program;
Performance element: for notifying that according to authenticating result described background service is let pass or this application program of No starting.
7. device according to claim 14, is characterized in that, described security service runs on the framework layer of system, described startup event notice is sent to the App layer of system.
8. device according to claim 14, is characterized in that, described security service using the bag name of described application program to be launched as parameter call call back function to send described startup event notice.
9. device according to claim 16, is characterized in that, in described response unit, only shows described locking interface when receiving the startup event notice of application program.
10. device according to claim 14, is characterized in that, described background service adopts Hook Function to the run function hook of application program to be launched to realize starting it interception of behavior.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510382853.0A CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510382853.0A CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105095746A true CN105095746A (en) | 2015-11-25 |
| CN105095746B CN105095746B (en) | 2018-06-19 |
Family
ID=54576155
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510382853.0A Active CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095746B (en) |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105843668A (en) * | 2016-03-11 | 2016-08-10 | 北京奇虎科技有限公司 | Derived process staying-resident method, derived program generating method and corresponding device |
| CN106022101A (en) * | 2016-05-17 | 2016-10-12 | 广东欧珀移动通信有限公司 | Application management method and terminal |
| CN106709371A (en) * | 2016-12-30 | 2017-05-24 | 深圳天珑无线科技有限公司 | Application lock control method and device |
| CN106778173A (en) * | 2016-12-15 | 2017-05-31 | 北京数字天域科技有限责任公司 | The method and device that a kind of application lock based on intelligent operating system is set |
| CN106845211A (en) * | 2016-12-16 | 2017-06-13 | 北京奇虎科技有限公司 | Mobile terminal and its application start method and device |
| CN107038358A (en) * | 2017-04-20 | 2017-08-11 | 北京奇虎科技有限公司 | A kind of self-starting treating method and apparatus and mobile terminal |
| CN107169322A (en) * | 2017-07-12 | 2017-09-15 | 重庆工业职业技术学院 | A kind of security of computer software encryption handling system |
| CN107169337A (en) * | 2017-06-27 | 2017-09-15 | 上海传英信息技术有限公司 | management method, device and terminal |
| CN107256356A (en) * | 2017-06-20 | 2017-10-17 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN107437013A (en) * | 2016-05-27 | 2017-12-05 | 阿里巴巴集团控股有限公司 | Auth method and device |
| CN107577955A (en) * | 2017-08-23 | 2018-01-12 | 北京国信云服科技有限公司 | A kind of android system application Hook methods and application lock |
| CN107817995A (en) * | 2016-09-12 | 2018-03-20 | 华为技术有限公司 | A kind of silent method, apparatus and terminal device for starting application in backstage |
| CN107870778A (en) * | 2016-09-26 | 2018-04-03 | 富士施乐株式会社 | Image forming apparatus |
| CN108206741A (en) * | 2016-12-16 | 2018-06-26 | 北京国双科技有限公司 | Verification method, the apparatus and system of service |
| CN108563934A (en) * | 2018-03-09 | 2018-09-21 | 青岛海信移动通信技术股份有限公司 | A kind of method and device of unlocked by fingerprint |
| CN109145572A (en) * | 2018-06-29 | 2019-01-04 | 东软集团股份有限公司 | User authen method, device and storage medium and electronic equipment |
| CN109167882A (en) * | 2018-09-27 | 2019-01-08 | 努比亚技术有限公司 | A kind of association starting control method, terminal and computer readable storage medium |
| CN109766689A (en) * | 2018-12-27 | 2019-05-17 | 百视通网络电视技术发展有限责任公司 | The application monitoring authoring system and method for TV box are realized based on Hook |
| CN110312995A (en) * | 2017-04-19 | 2019-10-08 | Oppo广东移动通信有限公司 | Application program accelerates starting method, apparatus and terminal |
| CN112052098A (en) * | 2020-09-02 | 2020-12-08 | 北京微步在线科技有限公司 | Process protection method and device |
| CN112199208A (en) * | 2020-09-09 | 2021-01-08 | 福建天泉教育科技有限公司 | Method and terminal for providing additional function interface on android system |
| CN113158165A (en) * | 2021-05-20 | 2021-07-23 | 读书郎教育科技有限公司 | Method and device for quickly locking application of Android terminal |
| CN117056173A (en) * | 2023-10-12 | 2023-11-14 | 麒麟软件有限公司 | Method for monitoring android application life cycle on Web operating system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102480548A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for starting application program |
| US20120203880A1 (en) * | 2011-02-03 | 2012-08-09 | Odyssey Software, Inc. | Method and system for establishing a dlp-compliant environment |
| US20130047256A1 (en) * | 2011-08-18 | 2013-02-21 | Netqin Mobile (Beijing) Co., Ltd | Method for preventing a mobile communication device from leaking secret and system thereof |
| CN103577237A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Application program starting control method and device |
| CN103617380A (en) * | 2013-11-28 | 2014-03-05 | 北京邮电大学 | Application program authority dynamic control method and system |
| CN104123162A (en) * | 2014-07-29 | 2014-10-29 | 北京奇虎科技有限公司 | Method and device controlling self-starting of application programs |
| CN104376257A (en) * | 2014-12-12 | 2015-02-25 | 北京奇虎科技有限公司 | Application self-protection and active defense method and application self-protection and active defense device |
| CN104702770A (en) * | 2013-12-06 | 2015-06-10 | 中兴通讯股份有限公司 | Terminal locking method, device and system |
-
2015
- 2015-07-02 CN CN201510382853.0A patent/CN105095746B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102480548A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for starting application program |
| US20120203880A1 (en) * | 2011-02-03 | 2012-08-09 | Odyssey Software, Inc. | Method and system for establishing a dlp-compliant environment |
| US20130047256A1 (en) * | 2011-08-18 | 2013-02-21 | Netqin Mobile (Beijing) Co., Ltd | Method for preventing a mobile communication device from leaking secret and system thereof |
| CN103577237A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Application program starting control method and device |
| CN103617380A (en) * | 2013-11-28 | 2014-03-05 | 北京邮电大学 | Application program authority dynamic control method and system |
| CN104702770A (en) * | 2013-12-06 | 2015-06-10 | 中兴通讯股份有限公司 | Terminal locking method, device and system |
| CN104123162A (en) * | 2014-07-29 | 2014-10-29 | 北京奇虎科技有限公司 | Method and device controlling self-starting of application programs |
| CN104376257A (en) * | 2014-12-12 | 2015-02-25 | 北京奇虎科技有限公司 | Application self-protection and active defense method and application self-protection and active defense device |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105843668A (en) * | 2016-03-11 | 2016-08-10 | 北京奇虎科技有限公司 | Derived process staying-resident method, derived program generating method and corresponding device |
| CN105843668B (en) * | 2016-03-11 | 2019-11-15 | 北京奇虎科技有限公司 | Derived processes resident method derives from program creating method and corresponding device |
| CN106022101A (en) * | 2016-05-17 | 2016-10-12 | 广东欧珀移动通信有限公司 | Application management method and terminal |
| CN106022101B (en) * | 2016-05-17 | 2019-12-06 | Oppo广东移动通信有限公司 | application management method and terminal |
| CN107437013A (en) * | 2016-05-27 | 2017-12-05 | 阿里巴巴集团控股有限公司 | Auth method and device |
| US11176232B2 (en) | 2016-05-27 | 2021-11-16 | Advanced New Technologies Co., Ltd. | Identity verification method and apparatus |
| US10901779B2 (en) | 2016-09-12 | 2021-01-26 | Huawei Technologies Co., Ltd. | Method and apparatus for silently starting application in background and terminal device |
| CN107817995A (en) * | 2016-09-12 | 2018-03-20 | 华为技术有限公司 | A kind of silent method, apparatus and terminal device for starting application in backstage |
| CN107870778B (en) * | 2016-09-26 | 2023-05-02 | 富士胶片商业创新有限公司 | Image forming apparatus with a plurality of image forming units |
| CN107870778A (en) * | 2016-09-26 | 2018-04-03 | 富士施乐株式会社 | Image forming apparatus |
| CN106778173B (en) * | 2016-12-15 | 2021-02-23 | 北京数字天域科技有限责任公司 | Method and device for setting application lock based on intelligent operating system |
| CN106778173A (en) * | 2016-12-15 | 2017-05-31 | 北京数字天域科技有限责任公司 | The method and device that a kind of application lock based on intelligent operating system is set |
| CN106845211A (en) * | 2016-12-16 | 2017-06-13 | 北京奇虎科技有限公司 | Mobile terminal and its application start method and device |
| CN108206741A (en) * | 2016-12-16 | 2018-06-26 | 北京国双科技有限公司 | Verification method, the apparatus and system of service |
| CN106709371A (en) * | 2016-12-30 | 2017-05-24 | 深圳天珑无线科技有限公司 | Application lock control method and device |
| CN110312995A (en) * | 2017-04-19 | 2019-10-08 | Oppo广东移动通信有限公司 | Application program accelerates starting method, apparatus and terminal |
| CN110312995B (en) * | 2017-04-19 | 2022-12-16 | Oppo广东移动通信有限公司 | Application program accelerated starting method and device and terminal |
| CN107038358B (en) * | 2017-04-20 | 2020-12-25 | 北京安云世纪科技有限公司 | Self-starting processing method and device and mobile terminal |
| CN107038358A (en) * | 2017-04-20 | 2017-08-11 | 北京奇虎科技有限公司 | A kind of self-starting treating method and apparatus and mobile terminal |
| CN107256356A (en) * | 2017-06-20 | 2017-10-17 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN107169337A (en) * | 2017-06-27 | 2017-09-15 | 上海传英信息技术有限公司 | management method, device and terminal |
| CN107169322A (en) * | 2017-07-12 | 2017-09-15 | 重庆工业职业技术学院 | A kind of security of computer software encryption handling system |
| CN107577955A (en) * | 2017-08-23 | 2018-01-12 | 北京国信云服科技有限公司 | A kind of android system application Hook methods and application lock |
| CN108563934B (en) * | 2018-03-09 | 2020-07-10 | 青岛海信移动通信技术股份有限公司 | Fingerprint unlocking method and device |
| CN108563934A (en) * | 2018-03-09 | 2018-09-21 | 青岛海信移动通信技术股份有限公司 | A kind of method and device of unlocked by fingerprint |
| CN109145572A (en) * | 2018-06-29 | 2019-01-04 | 东软集团股份有限公司 | User authen method, device and storage medium and electronic equipment |
| CN109167882A (en) * | 2018-09-27 | 2019-01-08 | 努比亚技术有限公司 | A kind of association starting control method, terminal and computer readable storage medium |
| CN109766689A (en) * | 2018-12-27 | 2019-05-17 | 百视通网络电视技术发展有限责任公司 | The application monitoring authoring system and method for TV box are realized based on Hook |
| CN109766689B (en) * | 2018-12-27 | 2023-12-12 | 百视通网络电视技术发展有限责任公司 | Application monitoring authorization system and method for realizing television box based on Hook |
| CN112052098A (en) * | 2020-09-02 | 2020-12-08 | 北京微步在线科技有限公司 | Process protection method and device |
| CN112199208A (en) * | 2020-09-09 | 2021-01-08 | 福建天泉教育科技有限公司 | Method and terminal for providing additional function interface on android system |
| CN112199208B (en) * | 2020-09-09 | 2023-07-07 | 福建天泉教育科技有限公司 | Method and terminal for providing additional function interface on android system |
| CN113158165A (en) * | 2021-05-20 | 2021-07-23 | 读书郎教育科技有限公司 | Method and device for quickly locking application of Android terminal |
| CN113158165B (en) * | 2021-05-20 | 2023-05-02 | 读书郎教育科技有限公司 | Method and device for rapidly locking application of Android terminal |
| CN117056173A (en) * | 2023-10-12 | 2023-11-14 | 麒麟软件有限公司 | Method for monitoring android application life cycle on Web operating system |
| CN117056173B (en) * | 2023-10-12 | 2024-01-30 | 麒麟软件有限公司 | Method for monitoring android application life cycle on Web operating system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105095746B (en) | 2018-06-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105095746A (en) | Method and device for application program starting authentication | |
| CN109564527B (en) | Security configuration of cloud computing nodes | |
| CN104408367B (en) | Application program configuration method and device | |
| US8635661B2 (en) | System and method for enforcing a security policy on mobile devices using dynamically generated security profiles | |
| US9342381B2 (en) | Method and system for establishing a DLP-compliant environment | |
| CN105183307A (en) | Application message display control method and application message display control device | |
| US9092969B2 (en) | Method and system for invoking a security function of a device based on proximity to another device | |
| CN104462952A (en) | Method and device for preventing self-starting of application | |
| CN104375494B (en) | Security sandbox construction method and security sandbox construction device | |
| CN104754582B (en) | Safeguard the client and method of BYOD safety | |
| CN104376256B (en) | Program process hatching control and device | |
| US20130304850A1 (en) | Systems and methods for remotely controlling a lost mobile communications device | |
| US10419900B2 (en) | Method and apparatus for managing application terminal remotely in wireless communication system | |
| CN104239786A (en) | ROOT-free active defense configuration method and device | |
| CN103020531A (en) | Method and system for trusted control of operating environment of Android intelligent terminal | |
| CN104881601A (en) | Floating window display setup, control method and device | |
| CN104375869A (en) | Self-starting application control method and device | |
| CN105550584A (en) | RBAC based malicious program interception and processing method in Android platform | |
| US20230273782A1 (en) | Information processing method, device, apparatus and system, medium, andprogram | |
| US8510819B2 (en) | System and method for managing and securing mobile devices | |
| CN104239797A (en) | Active defense method and device | |
| CN110221949A (en) | Automate operation management method, apparatus, equipment and readable storage medium storing program for executing | |
| CN102685303A (en) | Communication method and device | |
| US10951612B2 (en) | System and method of inter-account resource access management | |
| EP3701734B1 (en) | Methods to enable data continuity service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220718 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |