CN105095746B - Application program launching method for authenticating and device - Google Patents
Application program launching method for authenticating and device Download PDFInfo
- Publication number
- CN105095746B CN105095746B CN201510382853.0A CN201510382853A CN105095746B CN 105095746 B CN105095746 B CN 105095746B CN 201510382853 A CN201510382853 A CN 201510382853A CN 105095746 B CN105095746 B CN 105095746B
- Authority
- CN
- China
- Prior art keywords
- application program
- background service
- startup
- application
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 99
- 230000004044 response Effects 0.000 claims abstract description 29
- 230000003993 interaction Effects 0.000 claims description 7
- 230000004397 blinking Effects 0.000 abstract description 2
- 239000002699 waste material Substances 0.000 abstract description 2
- 230000006870 function Effects 0.000 description 101
- 230000008569 process Effects 0.000 description 59
- 230000006399 behavior Effects 0.000 description 48
- 238000004891 communication Methods 0.000 description 23
- 230000006854 communication Effects 0.000 description 23
- 230000000694 effects Effects 0.000 description 13
- 238000012544 monitoring process Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 10
- 239000011230 binding agent Substances 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 6
- 238000012800 visualization Methods 0.000 description 4
- 241000208340 Araliaceae Species 0.000 description 3
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 3
- 235000003140 Panax quinquefolius Nutrition 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 235000008434 ginseng Nutrition 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000000712 assembly Effects 0.000 description 2
- 238000000429 assembly Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000000763 evoking effect Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000003780 insertion Methods 0.000 description 2
- 230000037431 insertion Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- GBBVHDGKDQAEOT-UHFFFAOYSA-N 1,7-dioxaspiro[5.5]undecane Chemical compound O1CCCCC11OCCCC1 GBBVHDGKDQAEOT-UHFFFAOYSA-N 0.000 description 1
- 235000001674 Agaricus brunnescens Nutrition 0.000 description 1
- 235000019944 Olestra Nutrition 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005314 correlation function Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The present invention provides a kind of application program launching method for authenticating, and this method mainly includes the following steps that:The startup event notice that preset background service is sent is received, the startup event notice is generated based on the startup behavior of application program that background service intercepts;It is notified in response to the startup event, starts locking interface to receive the Password Input of user, the startup behavior of the application program is authenticated;Notify that the background service is let pass or the No starting application program according to authenticating result.Further, it would be desirable to provide a kind of application program launching authentication devices.The present invention can be locked before application program self-starting, determine whether to start by subscription authentication, solve picture blinking during locking, and the time caused by avoiding CPU automatic regular polling wastes, and realize the program lock function of more preferable user experience.
Description
Technical field
The present invention relates to intelligent terminal security fields, specifically, the present invention relates to a kind of application program launching authentication sides
Method and device.
Background technology
With the fast development of intelligent terminal technology, the application program of various functions is emerged in large numbers like the mushrooms after rain, is accounted for
According to market.Undeniable diversified application program meets the need of people in the various aspects of production and living in various degree
It asks, but also brings no small risk for the secret protection of user simultaneously.
Security software on Intelligent mobile equipment much all provides software lock function to protect the privacy information of user, substantially
All it is by calling the interface getTasks (int in the system service ActivityManagerService of android
MaxNum, int flags, IThumbnailReceiver receiver) method inquiry current screen the top picture whether
Belong to the application specified, if it is directly display a picture and be covered in screen the top to achieve the purpose that locking application.
For the prior art when realizing this function, whether the key frame for the application program that security software regular check is specified
Through being shown in screen the top, once finding display, just pop-up picture is covered in above screen security software immediately, needs user
Input password or by other means, which obtain to authorize, could enter software key frame.Since the prior art is achieved in that timing wheel
It askes, on the one hand can unnecessarily waste the CPU time, on the other hand be since poor user experience caused by the time difference and privacy leakage are asked
Topic, because only that detecting the related data of application program picture, just pop-up locks picture, so application program launching and lock
Determine the time difference between the startup of picture may cause application key frame flash just be capped locking.
Invention content
The purpose of the present invention aims to solve the problem that above-mentioned at least one problem, provides a kind of application program launching method for authenticating and dress
It puts.
To achieve these goals, a kind of application program launching method for authenticating of the present invention is as follows:It receives
The startup event notice that preset background service is sent, the startup event notify the application program intercepted based on background service
Startup behavior and generate;
It is notified in response to the Installation Events, starts locking interface to receive the password input instruction of user, journey is applied to this
The startup behavior of sequence is authenticated;
Notify that the background service is let pass or the No starting application program according to authenticating result.
Specifically, the background service runs on the framework layers of system, startup event notice is sent to it is
The App layers of system.
Specifically, the background service using the packet name of application program to be launched as parameter call call back function to send
State startup event notice.
Further, start in the step of locking interface is authenticated, only when the startup event for receiving application program is led to
The locking interface is shown when knowing.
Specifically, the background service uses Hook Function to link up with the run function of application program to be launched to realize pair
It starts the interception of behavior.
Specifically, the clearance received by the background service according to it or the notice for terminating to start application program, allow or
Campaign management services is forbidden to perform the start-up operation to the application program.
Further, the campaign management services refer specifically to executing application start-up operation
ActivityManagerService。
Specifically, the locking interface is shown, and it is defeated to provide password when being the startup event notice for receiving application program
Enter the user interface of frame.
Further, when being authenticated, verify that user is described to application program to complete in the password of locking interface input
Authentication.
Specifically, upon successful authentication, directly notify the background service is let pass to start application program;Work as failed authentication
When, display alarm information is forbidden or is suspended and start the application program so that subscription authentication to be prompted to fail.
Specifically, before startup locking interface is authenticated, it is further comprising the steps of:
The remote request for obtaining the application package list of file names for allowing to start is submitted by remote interface;
Receive the application package list of file names for allowing to start of cloud server feedback;
Further, step is further included:When application program to be launched is present in the application package for allowing to start
When in list of file names, directly notify the background service is let pass to start those application programs.
Specifically, before startup locking interface is authenticated, inquiry is stored in the local application package for allowing to start
List of file names when application program to be launched is present in the list, directly notifies background service is let pass to start the list
In application program.
A kind of application program launching authentication device is also provided, which is included with lower unit:
Receiving unit:For receiving the startup event notice that preset background service is sent, the startup event notifies base
It is generated in the startup behavior for the application program that background service intercepts;
Response unit:It notifies in response to the startup event, is referred to for starting locking interface with receiving the Password Input of user
It enables, the startup behavior of the application program is authenticated;
Execution unit:For notifying that the background service is let pass or the No starting application program according to authenticating result.
Specifically, the background service runs on the framework layers of system, startup event notice is sent to it is
The App layers of system.
Specifically, the background service using the packet name of application program to be launched as parameter call call back function to send
State startup event notice.
Further, in the response unit, only the lock is shown when the startup event for receiving application program notifies
Demarcation face.
Specifically, the background service uses Hook Function to link up with the run function of application program to be launched to realize pair
It starts the interception of behavior.
Specifically, the clearance received by the background service according to it or the notice for terminating to start application program, allow or
Campaign management services is forbidden to perform the start-up operation to the application program.
Further, the campaign management services refer specifically to executing application start-up operation
ActivityManagerService。
Specifically, the locking interface is shown, and it is defeated to provide password when being the startup event notice for receiving application program
Enter the user interface of frame.
Further, during the response unit authentication, verify that user is described right to complete in the password of locking interface input
The authentication of application program.
Specifically, the execution unit is configured to:Upon successful authentication, the background service is directly notified to put
Row starts application program;When the authentication fails, subscription authentication to be prompted to fail, forbidding or suspend startup should answer display alarm information
Use program.
Specifically, further including remote interaction unit, it is configured as performing following function:
The remote request for obtaining the application package list of file names for allowing to start is submitted by remote interface;
Receive the application package list of file names for allowing to start of cloud server feedback;
Further, when application program to be launched is present in the application package list of file names for allowing to start,
Directly notify the background service is let pass to start those application programs.
Specifically, the response unit is configured as before starting locking interface and being authenticated, inquiry is stored in local
Allow start application package list of file names, when application program to be launched is present in the list, directly notice after
Platform service clearance starts the application program in the list.
Compared with prior art, the solution of the present invention has the following advantages:
1st, the present invention adds in Hook Function in the application of the Framework layers of android system starts interface, interrupts former
That comes directly initiates process, first adjusts back the notification event that starts with sending application program of interface of security software, then according to
Family Authorization result, it is determined whether continue to execute the Booting sequence of application program.By using Hook Function to application program launching
Correlation function is linked up with, and starts locking interface before application program shows its main interface, so as to solve application program
Time difference problem between startup interface and locking interface display speed so that without picture blinking during locking interface display,
Improve user experience.Meanwhile the authorized order of user is received by the locking interface, allow to start answering for acquisition startup permission
With program, so as to avoid the privacy leakage of user, the program lock function of more preferable user experience is realized;
2nd, the present invention starts behavior to it and intercepts before application program launching main interface, and shows locking interface,
To receive the password input instruction of user, the startup behavior of application program is authenticated.Only when intercepting opening for application program
Just start locking interface during dynamic behavior, detect that just pop-up locks boundary during Application Program Interface related data different from the prior art
Face.The wasting of resources caused by thus avoiding automatic regular polling of the CPU when being detected Application Program Interface related data, makes
It is more smooth to obtain smart machine operation.
The additional aspect of the present invention and advantage will be set forth in part in the description, these will become from the following description
It obtains significantly or is recognized by the practice of the present invention.
Description of the drawings
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments
Significantly and it is readily appreciated that, wherein:
Fig. 1 is application program launching method for authenticating principle schematic of the present invention;
Fig. 2 is application program launching authentication device functional block diagram of the present invention.
Specific embodiment
The embodiment of the present invention is described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, and is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one
It is a ", " described " and "the" may also comprise plural form.It is to be further understood that is used in the specification of the present invention arranges
Diction " comprising " refers to there are the feature, integer, step, operation, element and/or component, but it is not excluded that presence or addition
Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member
Part is " connected " or during " coupled " to another element, it can be directly connected or coupled to other elements or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " can include wireless connection or wireless coupling.It is used herein to arrange
Take leave whole or any cell and all combination of the "and/or" including one or more associated list items.
Those skilled in the art of the present technique are appreciated that unless otherwise defined all terms used herein are (including technology art
Language and scientific terminology), there is the meaning identical with the general understanding of the those of ordinary skill in fields of the present invention.Should also
Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art
The consistent meaning of meaning, and unless by specific definitions as here, the meaning of idealization or too formal otherwise will not be used
To explain.
Those skilled in the art of the present technique are appreciated that " terminal " used herein above, " terminal device " both include wireless communication
The equipment of number receiver, only has the equipment of the wireless signal receiver of non-emissive ability, and including receiving and transmitting hardware
Equipment, have on bidirectional communication link, can perform two-way communication reception and emit hardware equipment.This equipment
It can include:Honeycomb or other communication equipments, show with single line display or multi-line display or without multi-line
The honeycomb of device or other communication equipments;PCS (Personal Communications Service, PCS Personal Communications System), can
With combine voice, data processing, fax and/or communication ability;PDA (Personal Digital Assistant, it is personal
Digital assistants), radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, day can be included
It goes through and/or GPS (Global Positioning System, global positioning system) receiver;Conventional laptop and/or palm
Type computer or other equipment, have and/or the conventional laptop including radio frequency receiver and/or palmtop computer or its
His equipment." terminal " used herein above, " terminal device " they can be portable, can transport, mounted on the vehicles (aviation,
Sea-freight and/or land) in or be suitable for and/or be configured to, in local runtime and/or with distribution form, operate in the earth
And/or any other position operation in space." terminal " used herein above, " terminal device " can also be communication terminal, on
Network termination, music/video playback terminal, such as can be PDA, MID (Mobile Internet Device, mobile Internet
Equipment) and/or with music/video playing function mobile phone or the equipment such as smart television, set-top box.
Those skilled in the art of the present technique are appreciated that remote network devices used herein above, include but not limited to count
The cloud that calculation machine, network host, single network server, multiple network server collection or multiple servers are formed.Here, Yun Youji
It is formed in a large amount of computers or network server of cloud computing (Cloud Computing), wherein, cloud computing is Distributed Calculation
One kind, a super virtual computer being made of the computer collection of a group loose couplings.In the embodiment of the present invention, distal end
It can be realized and communicated by any communication mode between the network equipment, terminal device and WNS servers, including but not limited to, is based on
The mobile communication of 3GPP, LTE, WIMAX, based on TCP/IP, the computer network communication of udp protocol and based on bluetooth, infrared
The low coverage wireless transmission method of transmission standard.
In order to preferably illustrate method of the present invention, by taking Android operation system as an example, to being based on Android systems
The campaign management services operating process of system does simple introduction:
Campaign management services ActivityManagerService (abbreviation AMS) is one of system service of Android,
Can be described as one of most crucial module of Android upper-level systems, mainly complete management application process life cycle and
The major functions such as Activity, Service, Broadcast and the Provider of process.Campaign management services start rank in system
Section is started by system service systemserver, its construction and operation is carried out in SystemServer.From being
From the point of view of system operation, AMS can be divided into Client ends and Service ends:Client ends operate in each app processes, app into
Journey realizes specific Activity, Service etc., and calling system interface is completed to show;Service ends operate in
SystemServer processes are the specific implementations of the ActivityManagerService of system level, response Client ends
System call request, and manage the life cycle of each app processes in Client ends.At Client ends, Application,
Service and Activity is the subclass of Context, and Context is interpreted as environment, that is, it can tell that system is current
The situation of the Activity of operation, Service, including display, process etc..Context is an abstract class, the side of definition
Method is embodied in ContextImpl, decorative kinds of the ContextWrapper as Context, the member variable of the inside
MBase is directed toward ContextImpl.
IActivityManager interfaces define the interface that app accesses AMS, and mainly application request AMS will complete certain
A little operations, for example start or terminate Activity, startup or pause Service.ActivityManagerService is realized
Interface defined in IActivityManager, such can be described as the core of AMS, and all specific works of AMS are substantially all
In such or by such control, the example of ActivityManagerService has just started in process SystemServer
When initialize.IApplicationThread interfaces, which define AMS, can access the interface of app, and AMS passes through these Interface Controllers
App processes and the response for completing app, ApplicationThread is the specific implementation of IApplicationThread interfaces,
The example of ApplicationThread initializes when being and ActivityThread objects are created in app process initiations,
The member variable mAppThread of ActivityThread is exactly ApplicationThread objects.It is stepped into addition to realizing
Journey is called, and ActivityManagerProxy and ApplicationThreadProxy realize IActivityManager respectively
With IApplicationThread interfaces, used as respective agency for client and server.
AMS is also as a system service, and defining some interfaces by ActivityManager can make for app
With the interface that AMS is accessed in ActivityManager is realized by ApplicationThreadProxy.
In order to implement the monitoring to the campaign management services (AMS) of system, the present invention need based on Root authority (unless
Root authority has opened) system Framework layers set background service so that the background service be based on Binder mechanism with
System realizes communication.
It is well known that Root authority refers to system manager's power of Unix type operating systems (including Linux, Android)
Limit, similar to Administrator (administrator) permission in Windows (form) system;Root authority can be accessed and be repaiied
Use almost all of file (android system file and user file, not including ROM) in the mobile equipment at family instead.In consideration of it,
The diversified Root authority for putting forward power scheme and being used to obtain android system is provided in the industry, is realized that user right is promoted, is reached
To the purpose of comprehensive control operating system.These put forward power scheme, from the point of view of the life cycle acted on according to permission after the power that carries, including permanent
Root authority and temporary Root authority, as its name suggests, in the case of permanent Root authority, application program is authorized once Root, after
It need not can again carry out Root and put forward power;And in the case of temporary Root authority, the life cycle of permission effect is the one of operating system
The secondary process from booting to shutdown, booting next time still need to carry out Root.
No matter using which kind of Root mode, the basic principle for putting forward power is by being implanted into receive authority request to system
Su, in conjunction with SuperUser.apk application programs realize human-computer interaction, by su and SuperUser.apk at runtime
It cooperates, to realize effective rights management.The present invention obtains Root authority in order to be set in the Framework of system layers
Background service is monitored the installation behavior of application program, but using which kind of Root mode not as limitation of the present invention.
Based on above-mentioned principle, by taking android system as an example, to a kind of application program launching method for authenticating provided by the invention
It elaborates, refering to what is shown in Fig. 1, being as follows:
Step S11:The startup event notice that preset background service is sent is received, the startup event notice is based on backstage
It services the startup behavior of the application program intercepted and generates.
The so-called background service of the present embodiment is referred to a program module by being realized in advance with this method, run on
It in memory, is realized by the corresponding host process in memory after proposing power operation as previously described, to a communication clothes of system registry
Business process.The Binder mechanism that the background service is provided based on android system is registered to System Manager, is led to
The intrinsic Binder mechanism of Android offers is crossed, between background service and its campaign management services monitored (AMS) process
Establish the line of communication of C/S frameworks.Specifically, after the Root authority for the system that gets, for the ease of subsequently realizing to being
The monitoring of other processes and relevant operation function in system, the present invention first start with obtained Root authority by we
The host process that is able to run after method instantiation and be formed, the background service is inserted by host process, such as specifically in systems
Can insertion operation be realized by system call function ServiceManager.addService (), be achieved in this method
The successful registration for the background service that instantiation procedure is constructed, the background service thus as system bottom rank service into
Journey.It should be noted that the background service process by above-mentioned configuration, has become the service processes of system level,
Permission is obviously higher than the permission of other users layer service processes or application process, therefore the background service process can be used as communication
Basis calls its process to provide communication support for other, completion system and other call communication connection between its process.
Therefore, the background service process has the ability to communicate with the campaign management services process that it is monitored, between the two
It is communicated based on Binder mechanism, this communication mode has the characteristics that fast and stable.The background service process is mainly used
It is a certain using journey for starting to intercept campaign management services process in monitoring of the implementation to system activity management service process
The behavior of sequence, this behavior are primarily referred to as the instruction action event behavior evoked by function call.
In a particular embodiment, after the Root authority for obtaining system, to one background service of system registry
SecurityService, which runs on the Framework layers of system, for monitoring opening for application program to be launched
Dynamic behavior, the startup behavior are specially when AMS performs start-up operation, call the arbitrary function interface for performing start-up operation
Behavior.
Specifically, in App layers of registration monitor, for receiving the thing for the application program launching that the background service is sent
Part notifies.In a particular embodiment, App layers of security software define call back function interface
QihooPkgStartListener.checkPkgStart (), and a customized interface function is provided
QihooAppManager.setPkgStartListener(String packageName,QihooPkgStartLis tener
Listener) for registering monitor into system.Wherein, parameter packageName characterizes the packet name of application program to be launched.
Meanwhile the security service of an entitled SecurityService is added in system framework layer, and when application starts, framework
The interface function checkPkgStartForUser () that the background service of layer provides can call the readjustment letter of App layers of security software
The startup event of application program is notified to be sent by ccf layer by number interface checkPkgStart (String packageName)
To application layer, the startup event is authenticated to provide visualization interface in application layer.It should be noted that it applies at this time
The practical starting operation of program does not trigger also.Wherein, the checkPkgStartForUser () function is as follows:
public boolean checkPkgStartForUser(String packageName,
IBinder caller,Intent intent,
String resolvedType,IBinder resultTo,
String resultWho,int requestCode,
int startFlags,String profileFile,
ParcelFileDescriptor profileFd,
Bundle options,int userId)
Whether operation checkPkgStartForUser () function check has application program launching, wherein, the function ginseng
Number includes application package name packageName, the description information intent for starting information concerning events etc..
Before the application program launching detection function is called, the hook that ccf layer is previously implanted by background service is first passed through
The startup behavior of function monitoring application program simultaneously obtains relevant parameter information, wherein, the Hook Function can be right
StartActivity () function is linked up with to realize the interception to starting behavior.The function interface startActivity
() is a kind of mode for starting application program Activity, by the way that the function interface is called to create the one of application program main interface
A example, to call the application program main interface shown in Activity stacks.So to function interface startActivity ()
It is linked up with, to realize the interception to application program launching event, generation startup event notice.
Certainly, only one of hooking function is enumerated more than or that application program launching process performs is arbitrary
The operation that can be linked up with, those skilled in the art should be appreciated that corresponding hook operation.
Wherein, term " hook " cover for by intercept transmitted between component software function call, message or
Event changes or increases the technology of the behavior of operating system, application program or other software component.And it handles this intercepted
Function call, event or message code be thus referred to as Hook Function.Hook be commonly used in various targets, including to function into
Row is debugged and function is extended.Its example can be included in keyboard or mouse event is transmitted to application program and intercepts it before
Or hooking system service call (system call) or system function behavior, function implementing result etc., to monitor or change
Function of application program or other assemblies etc..The present embodiment can be used when Hook Function takes over the application program launching and hold
The capable arbitrary operation for linking up with interface function.
The framework layer background service SecurityService for running on system, once hair existing application
Voluntarily start, immediately using the program-package name packageName of the application program to be launched as App layers of security software of parameter call
Startup event notice is sent to the App layers of system by the call back function of offer.
Step S12:It is notified in response to the startup event, starts locking interface to receive the password input instruction of user, it is right
The startup behavior of the application program is authenticated.
The background service is passed by calling call back function using the packet name of application program as parameter from Framework layers
To App layers, to notify the startup behavior of application program.It in this step can be based on the application package name ginseng received
Number, authenticates the startup behavior of corresponding application program.
Specifically, the startup event in response to application program notifies that the packet name packageName according to application program is true
Surely the application program to be locked, suspends the startup behavior of the application program, and starts locking interface.The locking interface is only when connecing
It is shown during the startup event notice for receiving application program, the user interface of Password Input frame, the password is specially provided
Input frame is specifically as follows any use such as simple text edit box, numerical ciphers keyboard, pattern code keyboard, fingerprint identification area
In the interface form for receiving Password Input.The password input instruction of user is received, the password of input is verified, with to application program
Startup behavior is authenticated.
It in other embodiments, can also be by being asked to cloud server before starting locking interface and being authenticated
Allow the application package list of file names started, to determine to obtain the application package name for starting and authorizing, be as follows:
1st, the remote request for obtaining the application package list of file names for allowing to start is submitted by remote interface;
Identity information based on equipment or third party's account submit remote request by remote interface, and acquisition request allows to open
Dynamic application package list of file names.Wherein, the application package list of file names for allowing to start is counted in advance by cloud server
Generation, client receive the instruction set by user for allowing application program launching, the packet name of corresponding application program are packaged into
Data packet, is sent to cloud server, and cloud server is by the identity information or third party of the application package name and the equipment
Account associated storage.In other embodiments, the application package list of file names for allowing to start can also be by cloud service
Device statistics application program allow start number of users generation, cloud server by number of users be more than certain threshold value application journey
Sequence is recorded in the application package list of file names for allowing to start.
2nd, the application package list of file names for allowing to start of cloud server feedback is received.
The reply data packet for including the application package list of file names for allowing to start of feedback is received, it is parsed, is obtained
Take the corresponding application package name for allowing to start.
Before starting and locking interface, inquiring the application package name being currently up, whether to belong to the cloud server anti-
The application package list of file names for allowing to start of feedback judges that the application program obtains if belonging to and starts permission;If do not belong to
In then judging that the application program do not obtain startup permission, in order to perform subsequent step according to the authenticating result.
In other embodiments, the application package list of file names for allowing to start is stored in local, i.e. client
End provides one for setting the visualization interface for allowing to start application program, receives the setting instruction of user, record user's setting
Allow start application package name and be stored in the machine, generation it is described allow start application package list of file names.It is opening
Before dynamic locking interface, inquire whether the application package name being currently up belongs to the application for allowing to start being locally stored
Program-package name list judges that the application program obtains if belonging to and starts permission;The application program is judged if being not belonging to
Startup permission is not obtained, in order to perform subsequent step according to the authenticating result.
Step S13:Notify that the background service is let pass or the No starting application program according to authenticating result.
Above-mentioned steps verify encrypted message input by user to be authenticated to the startup behavior of application program, it follows that waiting to open
Whether dynamic application program has startup permission, according to the authenticating result notify the background service let pass or No starting this apply journey
Sequence.In specific embodiment, App layers of security software calling interface function
QihooAppManager.resumeOrAbortPackage (String packageName, bo olean abort), and by
The interface function resumeOrAbortPackage that background service SecurityService described in the function call is provided
(String packageName, boolean abort), framework layers are passed to by authenticating result by App layers, with notice
Framework lets pass or the corresponding application program of No starting.Wherein, upon successful authentication, second parameter abort is set as
False is otherwise provided as true.
If authenticated successfully, i.e., authenticating result is to allow the application program launching, then background service SecurityService
The event notice for allowing to start application program is received, is let pass to the startup behavior of the application program, the app for restoring to be interrupted is opened
Dynamic process, i.e., let pass to the startup interface function of interception so that campaign management services continuation is held from the place of redirecting of former hooking function
The follow-up code of row, the start-up course of silent executing application.
If failed authentication, i.e., authenticating result is to forbid the application program launching, then background service SecurityService
The event notice of No starting application program is received, terminates the startup behavior of the application program.It specifically can be by Hook Function tune
Terminate the process of application program with Process.killProcess (pid) function or call forcestopPackage () function
The process of positive closing application program.Meanwhile App layers of security software provide a user interfaces, display alarm information is to prompt to use
Family failed authentication.
In another embodiment of the invention, after system has received startup event notice, interface is locked starting
Before being authenticated, first inquiry is stored in the local application package list of file names for allowing to start.Compare application program to be launched
Bao Mingyu is stored in the local application package list of file names for allowing to start, and is locally stored when application program to be launched is present in
Allow start application package list of file names in when, without user input code authentication, the background service is directly notified to put
Row starts those application programs, i.e., is let pass by background service to the startup interface function of interception so that campaign management services continue
Follow-up code, the start-up course of silent executing application are performed from the place of redirecting of former hooking function.
In another embodiment of the invention, after system has received startup event notice, interface is locked starting
Before being authenticated, first pass through remote interface and acquisition is submitted to allow the remote of the application package list of file names started to cloud server
Journey is asked, and then receives the application package list of file names for allowing to start of cloud server feedback.Compare application program to be launched
The application package list of file names for allowing to start of Bao Mingyu cloud servers feedback, when application program to be launched is present in high in the clouds
Server feedback allow start application package list of file names when, without user input code authentication, directly notify it is described after
Platform service, which is let pass, starts those application programs, i.e., is let pass by background service to the startup interface function of interception so that activity management
Service continues to perform follow-up code, the start-up course of silent executing application from the place of redirecting of former hooking function.
Below based on modularized thoughts, the application program launching method for authenticating institute further disclosed in accordance with the present invention is real
Existing embodiment.
Referring to Fig. 2, application program launching authentication device provided by the present invention, includes receiving unit 11, response unit
12nd, execution unit 13.Start method for authenticating with reference to above application program, disclose the specific work(that each module is realized in detailed below
Energy:
Receiving unit 11:For receiving opening for the application program intercepted based on background service of preset background service transmission
Dynamic behavior and the startup event notice generated.
The so-called background service of the present embodiment is referred to a program module by being realized in advance with the present invention, run on
It in memory, is realized by the corresponding host process in memory after proposing power operation as previously described, to a communication clothes of system registry
Business process.The Binder mechanism that the background service is provided based on android system is registered to System Manager, is led to
The intrinsic Binder mechanism of Android offers is crossed, between background service and its campaign management services monitored (AMS) process
Establish the line of communication of C/S frameworks.Specifically, after the Root authority for the system that gets, for the ease of subsequently realizing to being
The monitoring of other processes and relevant operation function in system, the present invention first start with obtained Root authority by we
The host process that is able to run after method instantiation and be formed, the background service is inserted by host process, such as specifically in systems
Can insertion operation be realized by system call function ServiceManager.addService (), be achieved in this method
The successful registration for the background service that instantiation procedure is constructed, the background service thus as system bottom rank service into
Journey.It should be noted that the background service process by above-mentioned configuration, has become the service processes of system level,
Permission is obviously higher than the permission of other users layer service processes or application process, therefore the background service process can be used as communication
Basis calls its process to provide communication support for other, completion system and other call communication connection between its process.
Therefore, the background service process has the ability to communicate with the campaign management services process that it is monitored, between the two
It is communicated based on Binder mechanism, this communication mode has the characteristics that fast and stable.The background service process is mainly used
It is a certain using journey for starting to intercept campaign management services process in monitoring of the implementation to system activity management service process
The behavior of sequence, this behavior are primarily referred to as the instruction action event behavior evoked by function call.
In a particular embodiment, after the Root authority for obtaining system, to one background service of system registry
SecurityService, which runs on the Framework layers of system, for monitoring opening for application program to be launched
Dynamic behavior, the startup behavior are specially when AMS performs start-up operation, call the arbitrary function interface for performing start-up operation
Behavior.
Specifically, the receiving unit 11 at App layers registers monitor, for receiving the application that the background service is sent
The event notice that program starts.In a particular embodiment, receiving unit 11 of the present invention defines call back function interface
QihooPkgStartListener.checkPkgStart (), and a customized interface function is provided
QihooAppManager.setPkgStartListener(String packa geName,QihooPkgStartListener
Listener) for registering monitor into system.Wherein, parameter packageName characterizes the packet name of application program to be launched.
Meanwhile the security service of an entitled SecurityService is added in system framework layer, and when application starts, framework
The interface function checkPkgStartForUser () that the background service of layer provides can call the readjustment letter of App layers of security software
The startup event of application program is notified to be sent by ccf layer by number interface checkPkgStart (String packageName)
To application layer, the startup event is authenticated to provide visualization interface in application layer.It should be noted that it applies at this time
The practical starting operation of program does not trigger also.Wherein, the checkPkgStartForUser () function is as follows:
public boolean checkPkgStartForUser(String packageName,
IBinder caller,Intent intent,
String resolvedType,IBinder resultTo,
String resultWho,int requestCode,
int startFlags,String profileFile,
ParcelFileDescriptor profileFd,
Bundle options,int userId)
Whether operation checkPkgStartForUser () function check has application program launching, wherein, the function ginseng
Number includes application package name packageName, the description information intent for starting information concerning events etc..
Before the application program launching detection function is called, the hook that ccf layer is previously implanted by background service is first passed through
The startup behavior of function monitoring application program simultaneously obtains relevant parameter information, wherein, the Hook Function can be right
StartActivity () function is linked up with to realize the interception to starting behavior.The function interface startActivity
() is a kind of mode for starting application program Activity, by the way that the function interface is called to create the one of application program main interface
A example, to call the application program main interface shown in Activity stacks.So to function interface startActivity ()
It is linked up with, to realize the interception to application program launching event, generation startup event notice.
Certainly, more than only to hooking function it is a kind of enumerate or application program launching process perform it is arbitrary
The operation that can be linked up with, those skilled in the art should be appreciated that corresponding hook operation.
Wherein, term " hook " cover for by intercept transmitted between component software function call, message or
Event changes or increases the technology of the behavior of operating system, application program or other software component.And it handles this intercepted
Function call, event or message code be thus referred to as Hook Function.Hook be commonly used in various targets, including to function into
Row is debugged and function is extended.Its example can be included in keyboard or mouse event is transmitted to application program and intercepts it before
Or hooking system service call (system call) or system function behavior, function implementing result etc., to monitor or change
Function of application program or other assemblies etc..The present embodiment can be used when Hook Function takes over the application program launching and hold
The capable arbitrary operation for linking up with interface function.
The framework layer background service SecurityService for running on system, once hair existing application
Voluntarily start, immediately using the program-package name packageName of the application program to be launched as App layers of security software of parameter call
Startup event notice is sent to the App layers of system by the call back function of offer, and described open is received by the receiving unit 11
Dynamic event notice.
Response unit 12:It is notified in response to the startup event, locks interface for startup to receive the Password Input of user
Instruction, authenticates the startup behavior of the application program.
The background service is passed by calling call back function using the packet name of application program as parameter from Framework layers
To App layers, to notify the startup behavior of application program.Response unit 12 of the present invention can be based on the application received
Program-package name parameter authenticates the startup behavior of corresponding application program.
Specifically, the response unit 12 is notified in response to the startup event of application program, the packet according to application program
Name packageName determines the application program to be locked, and suspends the startup behavior of the application program, and starts locking interface.Institute
It states locking interface only to show when the startup event for receiving application program notifies, the user for specially providing Password Input frame hands over
Mutual interface, the Password Input frame are specifically as follows simple text edit box, numerical ciphers keyboard, pattern code keyboard, refer to
Any interface form for being used to receive Password Input such as line cog region.Response unit 12 receives the password input instruction of user, tests
The password of input is demonstrate,proved, to be authenticated to the startup behavior of application program.
In other embodiments, apparatus of the present invention further include remote interaction unit, carry out authenticating it starting locking interface
Before, from the remote interaction unit by allowing the application package list of file names started to cloud server request, to determine to obtain
The application package name authorized must be started, specific execution step is as follows:
1st, the length of run for obtaining the application package list of file names for allowing to start is submitted to ask by remote interface;
Identity information based on equipment or third party's account submit remote request by remote interface, and acquisition request allows to open
Dynamic application package list of file names.Wherein, the application package list of file names for allowing to start is counted in advance by cloud server
Generation, client receive the instruction set by user for allowing application program launching, the packet name of corresponding application program are packaged into
Data packet, is sent to cloud server, and cloud server is by the identity information or third party of the application package name and the equipment
Account associated storage.In other embodiments, the application package list of file names for allowing to start can also be by cloud service
Device statistics application program allow start number of users generation, cloud server by number of users be more than certain threshold value application journey
Sequence is recorded in the application package list of file names for allowing to start.
2nd, the application package list of file names for allowing to start of cloud server feedback is received.
The reply data packet for including the application package list of file names for allowing to start of feedback is received, it is parsed, is obtained
Take the corresponding application package name for allowing to start.
Before locking interface is started, response unit 12 inquires whether the application package name being currently up belongs to the cloud
The application package list of file names for allowing to start of end server feedback judges that the application program obtains if belonging to and starts power
Limit;Judge that the application program does not obtain startup permission if being not belonging to, in order to perform this follow-up hair according to the authenticating result
The subsequent cell of bright device.
In other embodiments, the application package list of file names for allowing to start is stored in local, i.e. client
End provides one for setting the visualization interface for allowing to start application program, receives the setting instruction of user, record user's setting
Allow start application package name and be stored in the machine, generation it is described allow start application package list of file names.It is opening
Before dynamic locking interface, response unit 12 inquires whether the application package name being currently up belongs to the permission being locally stored
The application package list of file names of startup judges that the application program obtains if belonging to and starts permission;Judge if being not belonging to
The application program does not obtain startup permission, in order to perform the subsequent cell of apparatus of the present invention according to the authenticating result.
Execution unit 13:For notifying that the background service is let pass or the No starting application program according to authenticating result.
Response unit 12 of the present invention verifies encrypted message input by user to be authenticated to the startup behavior of application program,
It follows that whether application program to be launched has startup permission, execution unit 13 notifies the background service according to the authenticating result
It lets pass or the No starting application program.In specific embodiment, App layers of security software calling interface function
QihooAppManager.resumeOrAbortPackage (String packageName, boolean abort), and by this
Interface function resumeOrAbortPackage (the String that background service SecurityService described in function call is provided
PackageName, boolean abort), authenticating result is passed to framework layers by App layers, framework to be notified to put
Row or the corresponding application program of No starting.Wherein, upon successful authentication, second parameter abort is set as false, otherwise
It is set as true.
If authenticated successfully, i.e., authenticating result is to allow the application program launching, then background service SecurityService
The event notice for allowing to start application program is received, is let pass to the startup behavior of the application program, the app for restoring to be interrupted is opened
Dynamic process, i.e., let pass to the startup interface function of interception so that campaign management services continuation is held from the place of redirecting of former hooking function
The follow-up code of row, the start-up course of silent executing application.
If failed authentication, i.e., authenticating result is to forbid the application program launching, then background service SecurityService
The event notice of No starting application program is received, terminates the startup behavior of the application program.It specifically can be by Hook Function tune
Terminate the process of application program with Process.killProcess (pid) function or call forcestopPackage () function
The process of positive closing application program.Meanwhile App layers of security software provide a user interfaces, display alarm information is to prompt to use
Family failed authentication.
In another embodiment of the invention, after system has received startup event notice, interface is locked starting
Before being authenticated, the response unit 12, which is configured as first inquiring, to be stored in the local application package for allowing to start and ranks
Table.It compares application package name to be launched and is stored in the local application package list of file names for allowing to start, when to be launched
When application program is present in the application package list of file names for allowing to start being locally stored, code authentication is inputted without user,
Directly notify the background service is let pass to start those application programs by execution unit 13, i.e., by startup of the background service to interception
Interface function is let pass so that campaign management services continue to perform follow-up code from the place of redirecting of former hooking function, and silence performs should
With the start-up course of program.
In another embodiment of the invention, after system has received startup event notice, interface is locked starting
Before being authenticated, remote interaction unit is first enabled, submitting to obtain to cloud server by remote interface allows answering for startup
With the remote request of program-package name list, the application package list of file names for allowing to start of cloud server feedback is then received.
Application package name to be launched is compareed by response unit 12 to rank with the application package for allowing to start that cloud server is fed back
Table, when application program to be launched is present in the application package list of file names for allowing startup of cloud server feedback, without
User inputs code authentication, directly notifies the background service is let pass to start those application programs by execution unit 13, i.e., by rear
Platform service lets pass to the startup interface function of interception so that campaign management services continue after being performed from the place of redirecting of former hooking function
Continuous code, the start-up course of silent executing application.
Since three kinds of methods of preceding description of the present invention can reside in the same embodiment in logic.For ease of more intuitive
Ground understands the present invention, and the concrete application scene of the present invention is introduced below in conjunction with three kinds of aforementioned methods.
In the application scenarios of the present invention:User is mounted with that a safety based on the present invention is protected on the mobile phone of oneself
Software is protected, to protect individual privacy, APP is handled as secret application to add the picture on its mobile phone by setting password.User
It clicks and opens the APP, monitoring interface is called to connect by Hook Function according to application program authentication device provided by the present invention
It receives the picture processing APP that background service is sent out and starts request, inquire picture processing APP immediately and deposited with the presence or absence of in locally
In the application package list of file names for allowing to start of storage, if it is present not processing, the program is directly opened.On the other hand,
Under the premise of user mobile phone connects network, pass through the remote interaction unit in the application program authentication device of the present invention, inquiry
Picture processing APP whether there is the application package list of file names for allowing to start fed back in cloud server, if it is present
It does not process, directly opens the program.Since the early period of user is set, in the program bag table within the rule of picture processing APP,
Current phone interface is locked based on security software of the present invention at once, an interface for password input is provided.When verification input by user
When password is consistent with the password that early period is set, security software judgement active user has the permission for checking picture processing APP, with
It lets pass, picture processing APP is normally-open;When verification password input by user and the inconsistent password of setting early period, peace
Full software judgement active user does not have the permission for checking picture processing APP, that is, terminates the startup of picture processing APP, and
In the warning information of locking interface display " password mistake haves no right to check ".
In conclusion the present invention is deep into monitoring of the system bottom realization to application program, application is timely and accurately found
Program starts, and quickly provides authentication interface, and application program can more effectively be protected not run by random start.
In the specification provided in this place, although the description of a large amount of detail.It is it is to be appreciated, however, that of the invention
Embodiment can put into practice without these specific details.In some embodiments, it is not been shown in detail well known
Method, structure and technology, so as not to obscure the understanding of this description.
The above is only some embodiments of the present invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications also should
It is considered as protection scope of the present invention.
Claims (22)
1. a kind of application program launching method for authenticating, which is characterized in that include the following steps:
The startup event notice that preset background service is sent is received, the startup event notice is answered based on what background service intercepted
It is generated with the startup behavior of program;
It is notified in response to the startup event, starts locking interface to receive the password input instruction of user, to the application program
Startup behavior is authenticated;
Notify that the background service is let pass or the No starting application program according to authenticating result;
The background service is using the packet name of application program to be launched as parameter call call back function to send the startup event
Notice;
Wherein, before starting locking interface and being authenticated, inquiry is stored in the local application package for allowing to start and ranks
Table when application program to be launched is present in the list, directly notifies background service is let pass to start in the list
Application program.
2. according to the method described in claim 1, it is characterized in that, the background service runs on the framework layers of system,
Startup event notice is sent to the App layers of system.
3. according to the method described in claim 1, it is characterized in that, in starting locking interface the step of being authenticated, only when connecing
The locking interface is shown during the startup event notice for receiving application program.
4. according to the method described in claim 1, it is characterized in that, the background service uses Hook Function to application to be launched
The run function of program is linked up with to realize the interception for starting it behavior.
5. according to the method described in claim 1, it is characterized in that, the clearance or end that are received by the background service according to it
Start the notice of application program, allow or campaign management services is forbidden to perform the start-up operation to the application program.
6. according to the method described in claim 5, it is characterized in that, the campaign management services refer specifically to executing application opens
The ActivityManagerService of dynamic operation.
7. according to the method described in claim 1, it is characterized in that, the locking interface is the startup thing for receiving application program
Part is shown, and provide the user interface of Password Input frame when notifying.
8. the method according to the description of claim 7 is characterized in that when being authenticated, verify user in the input of locking interface
Password is to complete the authentication to application program.
9. according to the method described in claim 1, it is characterized in that, upon successful authentication, the background service is directly notified to put
Row starts application program;
When the authentication fails, display alarm information to be to prompt subscription authentication to fail, and forbids or suspends and starts the application program.
10. according to the method described in claim 1, it is characterized in that, start locking interface authenticated before, further include following
Step:
The remote request for obtaining the application package list of file names for allowing to start is submitted by remote interface;
Receive the application package list of file names for allowing to start of cloud server feedback.
11. according to the method described in claim 10, it is characterized in that, further include step:When application program to be launched exists
When in the application package list of file names for allowing to start, directly notify the background service is let pass to start those using journey
Sequence.
12. a kind of application program launching authentication device, which is characterized in that including:
Receiving unit:For receiving the startup event notice that preset background service is sent, after the startup event notice is based on
Platform service intercept application program startup behavior and generate;
Response unit:It is notified in response to the startup event, it is right for starting locking interface to receive the password input instruction of user
The startup behavior of the application program is authenticated;
Execution unit:For notifying that the background service is let pass or the No starting application program according to authenticating result;
The background service is using the packet name of application program to be launched as parameter call call back function to send the startup event
Notice;
The response unit is configured as before starting locking interface and being authenticated, and inquiry, which is stored in, local allows what is started
Application package list of file names when application program to be launched is present in the list, directly notifies background service clearance to open
Move the application program in the list.
13. device according to claim 12, which is characterized in that the background service runs on the framework of system
Startup event notice is sent to the App layers of system by layer.
14. device according to claim 12, which is characterized in that in the response unit, only when receiving application program
Startup event notice when show the locking interface.
15. device according to claim 12, which is characterized in that the background service is answered using Hook Function to be launched
It is linked up with to realize the interception for starting it behavior with the run function of program.
16. device according to claim 12, which is characterized in that the clearance received by the background service according to it or knot
The notice of Shu Qidong application programs allows or campaign management services is forbidden to perform the start-up operation to the application program.
17. device according to claim 16, which is characterized in that the campaign management services refer specifically to executing application
The ActivityManagerService of start-up operation.
18. device according to claim 12, which is characterized in that the locking interface is the startup for receiving application program
Event is shown, and provide the user interface of Password Input frame when notifying.
19. device according to claim 18, which is characterized in that during the response unit authentication, verify that user is locking
The password of interface input is to complete the authentication to application program.
20. device according to claim 12, which is characterized in that the execution unit is configured to:Work as authentication
During success, directly notify the background service is let pass to start application program;
When the authentication fails, display alarm information to be to prompt subscription authentication to fail, and forbids or suspends and starts the application program.
21. device according to claim 12, which is characterized in that further include remote interaction unit, be configured as performing such as
Lower function:
The remote request for obtaining the application package list of file names for allowing to start is submitted by remote interface;
Receive the application package list of file names for allowing to start of cloud server feedback.
22. device according to claim 21, which is characterized in that described allow to open when application program to be launched is present in
When in dynamic application package list of file names, directly notify the background service is let pass to start those application programs.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510382853.0A CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510382853.0A CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105095746A CN105095746A (en) | 2015-11-25 |
| CN105095746B true CN105095746B (en) | 2018-06-19 |
Family
ID=54576155
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510382853.0A Active CN105095746B (en) | 2015-07-02 | 2015-07-02 | Application program launching method for authenticating and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095746B (en) |
Families Citing this family (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105843668B (en) * | 2016-03-11 | 2019-11-15 | 北京奇虎科技有限公司 | Derived processes resident method derives from program creating method and corresponding device |
| CN106022101B (en) * | 2016-05-17 | 2019-12-06 | Oppo广东移动通信有限公司 | application management method and terminal |
| CN107437013A (en) * | 2016-05-27 | 2017-12-05 | 阿里巴巴集团控股有限公司 | Auth method and device |
| CN107817995B (en) * | 2016-09-12 | 2021-03-30 | 华为技术有限公司 | Background silent application starting method and device and terminal equipment |
| JP2018051798A (en) * | 2016-09-26 | 2018-04-05 | 富士ゼロックス株式会社 | Image formation apparatus and program |
| CN106778173B (en) * | 2016-12-15 | 2021-02-23 | 北京数字天域科技有限责任公司 | Method and device for setting application lock based on intelligent operating system |
| CN108206741A (en) * | 2016-12-16 | 2018-06-26 | 北京国双科技有限公司 | Verification method, the apparatus and system of service |
| CN106845211A (en) * | 2016-12-16 | 2017-06-13 | 北京奇虎科技有限公司 | Mobile terminal and its application start method and device |
| CN106709371A (en) * | 2016-12-30 | 2017-05-24 | 深圳天珑无线科技有限公司 | Application lock control method and device |
| WO2018191888A1 (en) * | 2017-04-19 | 2018-10-25 | 广东欧珀移动通信有限公司 | Method and device for accelerated startup of application, and terminal |
| CN107038358B (en) * | 2017-04-20 | 2020-12-25 | 北京安云世纪科技有限公司 | Self-starting processing method and device and mobile terminal |
| CN107256356A (en) * | 2017-06-20 | 2017-10-17 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN107169337A (en) * | 2017-06-27 | 2017-09-15 | 上海传英信息技术有限公司 | management method, device and terminal |
| CN107169322A (en) * | 2017-07-12 | 2017-09-15 | 重庆工业职业技术学院 | A kind of security of computer software encryption handling system |
| CN107577955B (en) * | 2017-08-23 | 2019-10-25 | 北京国信云服科技有限公司 | A kind of android system application Hook method and application lock |
| CN108563934B (en) * | 2018-03-09 | 2020-07-10 | 青岛海信移动通信技术股份有限公司 | Fingerprint unlocking method and device |
| CN109145572A (en) * | 2018-06-29 | 2019-01-04 | 东软集团股份有限公司 | User authen method, device and storage medium and electronic equipment |
| CN109167882A (en) * | 2018-09-27 | 2019-01-08 | 努比亚技术有限公司 | A kind of association starting control method, terminal and computer readable storage medium |
| CN109766689B (en) * | 2018-12-27 | 2023-12-12 | 百视通网络电视技术发展有限责任公司 | Application monitoring authorization system and method for realizing television box based on Hook |
| CN112052098A (en) * | 2020-09-02 | 2020-12-08 | 北京微步在线科技有限公司 | Process protection method and device |
| CN112199208B (en) * | 2020-09-09 | 2023-07-07 | 福建天泉教育科技有限公司 | Method and terminal for providing additional function interface on android system |
| CN113158165B (en) * | 2021-05-20 | 2023-05-02 | 读书郎教育科技有限公司 | Method and device for rapidly locking application of Android terminal |
| CN117056173B (en) * | 2023-10-12 | 2024-01-30 | 麒麟软件有限公司 | Method for monitoring android application life cycle on Web operating system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102480548A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for starting application program |
| CN103577237A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Application program starting control method and device |
| CN103617380A (en) * | 2013-11-28 | 2014-03-05 | 北京邮电大学 | Application program authority dynamic control method and system |
| CN104123162A (en) * | 2014-07-29 | 2014-10-29 | 北京奇虎科技有限公司 | Method and device controlling self-starting of application programs |
| CN104376257A (en) * | 2014-12-12 | 2015-02-25 | 北京奇虎科技有限公司 | Application self-protection and active defense method and application self-protection and active defense device |
| CN104702770A (en) * | 2013-12-06 | 2015-06-10 | 中兴通讯股份有限公司 | Terminal locking method, device and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9342381B2 (en) * | 2011-02-03 | 2016-05-17 | Symantec Corporation | Method and system for establishing a DLP-compliant environment |
| CN102955904A (en) * | 2011-08-18 | 2013-03-06 | 网秦无限(北京)科技有限公司 | Method and system for preventing secret divulgation of mobile communication equipment |
-
2015
- 2015-07-02 CN CN201510382853.0A patent/CN105095746B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102480548A (en) * | 2010-11-23 | 2012-05-30 | 腾讯科技(深圳)有限公司 | Method and device for starting application program |
| CN103577237A (en) * | 2013-11-15 | 2014-02-12 | 北京奇虎科技有限公司 | Application program starting control method and device |
| CN103617380A (en) * | 2013-11-28 | 2014-03-05 | 北京邮电大学 | Application program authority dynamic control method and system |
| CN104702770A (en) * | 2013-12-06 | 2015-06-10 | 中兴通讯股份有限公司 | Terminal locking method, device and system |
| CN104123162A (en) * | 2014-07-29 | 2014-10-29 | 北京奇虎科技有限公司 | Method and device controlling self-starting of application programs |
| CN104376257A (en) * | 2014-12-12 | 2015-02-25 | 北京奇虎科技有限公司 | Application self-protection and active defense method and application self-protection and active defense device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105095746A (en) | 2015-11-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105095746B (en) | Application program launching method for authenticating and device | |
| US8782412B2 (en) | Secured privileged access to an embedded client on a mobile device | |
| US9240977B2 (en) | Techniques for protecting mobile applications | |
| US6850943B2 (en) | Security system and methodology for providing indirect access control | |
| CN103336924B (en) | Startup for application program for mobile terminal is locked | |
| US10356612B2 (en) | Method of authenticating a terminal by a gateway of an internal network protected by an access security entity providing secure access | |
| CN104376263B (en) | The method and apparatus that application behavior intercepts | |
| US9848001B2 (en) | Secure access to mobile applications | |
| Liu et al. | Veriui: Attested login for mobile devices | |
| CN105897668A (en) | Third party account authorization method, device, server and system | |
| CA2665961C (en) | Method and system for delivering a command to a mobile device | |
| CN103020531A (en) | Method and system for trusted control of operating environment of Android intelligent terminal | |
| CN109040030B (en) | Single sign-on method and system | |
| CN114598541B (en) | Security assessment method and device, electronic equipment and readable storage medium | |
| CN101483658A (en) | System and method for input content protection of browser | |
| US8510819B2 (en) | System and method for managing and securing mobile devices | |
| CN112632605A (en) | Method and device for preventing unauthorized access, computer equipment and storage medium | |
| CN103152351A (en) | Network equipment and AD (Active Directory) domain single sign on method and system | |
| CN113726726A (en) | Power internet of things credibility measurement method based on edge calculation | |
| US10826901B2 (en) | Systems and method for cross-channel device binding | |
| US20150172310A1 (en) | Method and system to identify key logging activities | |
| CN104573489A (en) | Method and device for forbidding application to establish desktop icon | |
| EP3738012B1 (en) | Asserting user, app, and device binding in an unmanaged mobile device | |
| KR102465744B1 (en) | Device authentication method by login session passing | |
| US10375056B2 (en) | Providing a secure communication channel during active directory disaster recovery |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220718 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right |