CN105354488B

CN105354488B - It is a kind of to apply installation method, relevant apparatus and using installation system

Info

Publication number: CN105354488B
Application number: CN201510704862.7A
Authority: CN
Inventors: 何小兵
Original assignee: Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Current assignee: Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date: 2015-10-26
Filing date: 2015-10-26
Publication date: 2018-06-15
Anticipated expiration: 2035-10-26
Also published as: CN105354488A; WO2017071207A1

Abstract

The embodiment of the invention discloses a kind of application installation method, relevant apparatus and using installation system, including：Obtain the identification information of the installation kit of application to be installed；The checking request for carrying the identification information is sent to security application server-side, the checking request is indicated for the security application server-side and carries out security verification to the identification information carried in the checking request；If receive the installation operation for being verified message, performing for the application to be installed transmitted by the security application server-side response checking request.Technical solution provided in an embodiment of the present invention is conducive to improve the safety of user installation application.

Description

It is a kind of to apply installation method, relevant apparatus and using installation system

Technical field

The present invention relates to the technical fields of information security, and in particular to a kind of application installation method, relevant apparatus and application Installation system.

Background technology

With the arrival in mobile multimedia epoch, by abundant application software, mobile phone is gradual from simple call tool To intelligent development.As the core of smart mobile phone, operating system becomes the part of smart mobile phone most competitiveness.Operation system System makes smart mobile phone increasingly be equal to microcomputer, and user can voluntarily install software, game etc. the on smart mobile phone The program that tripartite service provider provides, constantly expands the function of mobile phone by this class method.

However some operating systems are particularly the operating system (for example, Android system) increased income and allow third-party application at end Random installation application program on end, user is after in installation kit, installation is complete, can just discern whether for malicious application, to influence system peace Entirely.

Invention content

Technical problem to be solved of the embodiment of the present invention is, provides a kind of application installation method, relevant apparatus and answers With installation system, to improve the safety of user installation application.

In order to solve the above-mentioned technical problem, first aspect of the embodiment of the present invention provides a kind of using installation method, the side Method includes：

Obtain the identification information of the installation kit of application to be installed；

The checking request for carrying the identification information is sent to security application server-side, the checking request is indicated for The security application server-side carries out security verification to the identification information carried in the checking request；

If receiving and being verified message transmitted by the security application server-side response checking request, needle is performed To the installation operation of the application to be installed.

Second aspect of the embodiment of the present invention provide it is a kind of using installation method, the method includes：

Security application server-side receives the checking request of carrying identification information that terminal is sent；

The security application server-side carries out security verification to the identification information carried in the checking request；

In the case where being verified, the security application server-side is verified message to terminal transmission, to touch Send out terminal described and perform the installation operation for the application to be installed.

The third aspect of the embodiment of the present invention provides a kind of mobile terminal, and the mobile terminal includes：

Acquiring unit, for obtaining the identification information of the installation kit of application to be installed；

Transmitting element, for sending the checking request for carrying the identification information, the verification to security application server-side Request is indicated for the security application server-side and carries out security verification to the identification information carried in the checking request；

Execution unit, if leading to for receiving the verification that the security application server-side is responded transmitted by the checking request Message is crossed, performs the installation operation for the application to be installed.

Fourth aspect of the embodiment of the present invention provides a kind of security application server-side, and the security application server-side includes：

Receiving unit, for receiving the checking request of the carrying identification information of terminal transmission；

Authentication unit, for carrying out security verification to the identification information carried in the checking request；

Transmitting element, in the case where being verified, message being verified to terminal transmission, with described in triggering Terminal performs the installation operation for the application to be installed.

Correspondingly, the aspect of the embodiment of the present invention the 5th additionally provide it is a kind of using installation system, including such as present invention implementation A kind of security application server-side that a kind of mobile terminal and fourth aspect of the embodiment of the present invention that the example third aspect provides provide, In：

The mobile terminal, for obtaining the identification information of the installation kit of application to be installed；It is sent out to security application server-side The checking request for carrying the identification information is sent, the checking request is indicated for the security application server-side to the verification The identification information carried in request carries out security verification；

The security application server-side, for receiving the checking request of the carrying identification information of terminal transmission；It tests described The identification information carried in card request carries out security verification；In the case where being verified, it is logical to send verification to the terminal Message is crossed, to trigger installation operation of the terminal execution for the application to be installed.

The mobile terminal, if being additionally operable to receive transmitted by the security application server-side response checking request Message is verified, performs the installation operation for the application to be installed.

Through the embodiment of the present invention, security application server-side by the identification information of acquisition for mobile terminal with prestore described in treat The corresponding identification information for authorizing installation kit of application is installed to be verified to determine whether the application to be installed is malicious application, into And terminal authentication message is returned, terminal carries out installation operation according to the verification message or stops installing, and solves the prior art The technical issues of middle user can be just discerned whether as malicious application after installation is complete in installation kit is conducive to improve application installation Safety.

Description of the drawings

In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention, for those of ordinary skill in the art, without creative efforts, can be with Other attached drawings are obtained according to these attached drawings.

Fig. 1 is a kind of flow diagram using installation method that first embodiment of the invention provides；

Fig. 2 is a kind of flow diagram using installation method that second embodiment of the invention provides；

Fig. 3 is a kind of flow diagram using installation method that third embodiment of the invention provides；

Fig. 4 is a kind of flow diagram using installation method that fourth embodiment of the invention provides；

Fig. 5 is a kind of flow diagram using installation method that fifth embodiment of the invention provides；

Fig. 6 is a kind of flow diagram using installation method that sixth embodiment of the invention provides；

Fig. 7 is a kind of structure diagram for mobile terminal that seventh embodiment of the invention provides；

Fig. 8 is a kind of structure diagram for mobile terminal that eighth embodiment of the invention provides；

Fig. 9 is a kind of structure diagram for security application server-side that ninth embodiment of the invention provides；

Figure 10 is a kind of structure diagram for security application server-side that tenth embodiment of the invention provides；

Figure 11 is a kind of structure diagram using installation system that eleventh embodiment of the invention provides.

Specific embodiment

Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts Embodiment shall fall within the protection scope of the present invention.

It is described in detail separately below.

Above-mentioned mobile terminal can be any equipment for having communication and store function, such as：Tablet computer, hand are mechanical, electrical It is sub- reader, personal computer (Personal Computer, PC), laptop, mobile unit, Web TV, wearable Equipment etc. has the smart machine of network function.

Referring to Fig. 1, Fig. 1 is a kind of flow diagram using installation method that first embodiment of the invention provides, In, Fig. 1 described using installation method is mainly to be described from terminal side, as shown in Figure 1, this applies installation side Method may comprise steps of：

S101, terminal obtain the identification information of the installation kit of application to be installed.

Wherein, installation kit (Install pack), i.e. software installation packet are the set that can voluntarily decompress file, wherein The All Files of this software, can be discharged into firmly by the All Files including software installation, operation installation kit (executable file) On disk, complete modification registration table, the setting of modification system, create the work such as shortcut.Installation kit is only mounted in terminal It can realize its function, an installation kit being installed in terminal is known as applying, can be wrapped using (Application, abbreviation APP) User's used various services on network are included, such as application program, webpage, video, novel, music, game, news, shopping With mailbox etc..

Optionally, the installation kit of the packet name and application to be installed of the installation kit of the identification information including application to be installed Verification information.

S102, terminal send the checking request for carrying the identification information, the checking request to security application server-side It is indicated for the security application server-side and security verification is carried out to the identification information carried in the checking request.

Wherein, above-mentioned security application server-side carries out the identification information carried in the checking request the tool of security verification Body embodiment is：

The Bao Mingyu for installing the installation kit of application is pre-stored in the application to be installed of security application server-side and corresponding awards The packet name of power installation kit is matched, and is pre-stored in described in security application server-side in the Bao Mingyu of the installation kit of application to be installed It is to be installed using it is corresponding authorize installation kit packet name it is matched under the premise of, the verification information of the installation kit of application to be installed with it is upper The verification information for stating the mandate installation kit of application to be installed is matched.

Disappear if S103, terminal receive being verified transmitted by the security application server-side response checking request Breath performs the installation operation for the application to be installed.

Specifically, the identification information of application to be installed carried in the checking request that security application server-side sends terminal It is verified with the identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side, if treating The identification information of application is installed with being pre-stored in the described to be installed using the corresponding mark for authorizing installation kit of security application server-side Know information to exactly match, the security application server-side is verified message to terminal transmission, is verified described in terminal reception Message performs the installation operation for the application to be installed.

Specifically, in Android system, in addition to the application that system carries, other need the installation kit of new application to be mounted It must all be used to install for what Android system provided using erector by that can be installed in Android system using erector The application program of software.

Optionally, if terminal receives the authentication failed transmitted by the security application server-side response checking request Message stops the installation operation to the application to be installed.

Specifically, the identification information of application to be installed carried in the checking request that security application server-side sends terminal It is verified with the identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side, if treating The identification information of application is installed with being pre-stored in the described to be installed using the corresponding mark for authorizing installation kit of security application server-side Know INFORMATION OF INCOMPLETE matching, the security application server-side sends authentication failed message to terminal, and terminal receives the verification and loses Message is lost, stops performing the installation operation for the application to be installed.

Optionally, in method shown in Fig. 1, terminal is sending the carrying identification information to security application server-side Before checking request, following steps can be first carried out：

Identify the loading source of the installation kit of the application to be installed；

If the loading source identified is unauthorized loading source, triggering performs described sent to security application server-side and carries The checking request of the identification information.

In the present embodiment, the loading source of the installation kit of application to be installed can include the loading source and unauthorized authorized Loading source, the loading source of mandate is is loaded in security application server-side under installation kit, unauthorized loading source is is loaded under installation kit Third-party application server-side in addition to security application server-side.Wherein, third-party application server-side is also referred to as third-party application Shop (APPSTORE) refers to provide the electronic application shop of free (charge) application searches and download service exclusively for terminal, It can include third-party application market, such as application market, Android market etc., browser can also be included, some are browsed at present Device can also provide the search of application and the function of download.

In the specific implementation, since the opening of Android system causes the quality good and the bad for the application installed on Android system not Together, if being loaded in the third-party application server-side in addition to security application server-side under the installation kit of application to be installed, this peace There are some potential safety problemss for dress packet.

In the concrete realization, by taking Android platform as an example, since the suffix name of installation file on Android platform is generally " .apk ", therefore the installation kit of the application on Android system is commonly referred to as apk installation kits.Each apk installation kits are by multiple files Packing obtains, including inventory (Manifest) file：AndroidManifest.xml files.Inventory file is must to deposit , it is located in the root of entire apk installation kits, provides the required necessity letter about the application of Android system Breath, wherein, the necessary information is the information that must possess of system before any code of the application is run.

Inventory is by a root label<Manifest>Form, the label tape there are one setting installation kit Package attributes, Package is recorded on the unique mark of the application program installation kit in AndroidManifest.xml files, if using journey The Package of sequence is repeated, and is that cannot issue successfully, therefore, can be from the apk installation kits of Android system The unique mark Package using apk installation kits is read in AndroidManifest.xml files.

Activity (activity) is one and is responsible for the component interacted with user, and in Android system, each application is all based on One Activity is set up, i.e., each application corresponds to an Activity, and in embodiments of the present invention, Activity For the current corresponding application of apk installation kits, can the apk installation kits be acquired by the Package of current apk installation kits Corresponding Activity, wherein, multiple Activity can be included in an apk installation kit, when creating an application program, It first can calling system interface one Activity class of establishment.Include a mToken, Activity management in Activity HistoryRecord in service AmS (ActivityManagerService.java files, abbreviation AmS) passes through record MToken carrys out the establishment of the Activit in record system, that is, current by that can be obtained in HistoryRecord Activity is by which process creation, and then the loading source of the installation kit of the identification application to be installed.

In the present embodiment, if the loading source that terminal recognition goes out the installation kit of application to be installed is unauthorized loading source, It is confirmed whether to be installed by user, if user confirms the installation kit for installing that above-mentioned loading source is unauthorized loading source, uses Family confirms that installation action triggering performs the checking request for being sent to security application server-side and carrying the identification information.

Optionally, if the loading source that terminal recognition goes out is the loading source authorized, terminal is performed for the application to be installed Installation operation.

In the present embodiment, if the loading source that terminal recognition goes out the installation kit of application to be installed is the loading source authorized, i.e., Under be loaded in security application server-side, then terminal directly performs the installation operation of the application to be installed.

Through the embodiment of the present invention, security application server-side by the identification information that terminal obtains with prestore described in wait to pacify The corresponding identification information for authorizing installation kit of application is filled to be verified to determine whether the application to be installed is malicious application, and then Terminal authentication message is returned to, terminal carries out installation operation according to the verification message or stops installing, solves in the prior art The technical issues of user can be just discerned whether as malicious application after installation is complete in installation kit is conducive to improve the peace of application installation Quan Xing.

Referring to Fig. 2, Fig. 2 is a kind of flow diagram using installation method that second embodiment of the invention provides, In, Fig. 2 described using installation method is mainly to be described from security application server-side side, as shown in Fig. 2, should It may comprise steps of using installation method：

S201, security application server-side receive the checking request of carrying identification information that terminal is sent.

Wherein, the checking request is indicated for the mark that the security application server-side will carry in the checking request Information is verified with the identification information to be installed using corresponding mandate installation kit to prestore.

S202, the security application server-side carry out security verification to the identification information carried in the checking request.

Wherein, the security application server-side carries out security verification to the identification information carried in the checking request Specific embodiment is：

Security application server-side carries out the identification information carried in the checking request and the authorization identification information to prestore Matching；If the identification information carried in the checking request is exactly matched with the authorization identification information to prestore, verification is logical It crosses；If the identification information carried in the checking request is mismatched with the authorization identification information to prestore, authentication failed.

Optionally, the identification information includes：The packet name of the installation kit of application to be installed and the installation kit of application to be installed Verification information, the security application server-side carries out the identification information that is carried in the checking request tool of security verification Body embodiment is：

The security application server-side matches the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores； Matched in the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores, the security application server-side is treated The verification information for installing the installation kit of application is matched with the authority checking information to prestore.

S203, in the case where being verified, the security application server-side to terminal transmission be verified message, with touch It sends out terminal and performs the installation operation for being directed to the application to be installed.

Optionally, in the case of authentication failed, the security application server-side sends authentication failed to the terminal and disappears Breath, the terminal to be notified to stop the installation operation to the application to be installed.

Referring to Fig. 3, Fig. 3 is a kind of flow diagram using installation method that third embodiment of the invention provides, In, Fig. 3 described using installation method is mainly to be described from security application server-side and terminal both sides, such as Fig. 3 Shown, this may comprise steps of using installation method：

S301, terminal obtain the identification information of the installation kit of application to be installed.

S302, terminal send the checking request for carrying the identification information, the checking request to security application server-side It is indicated for the security application server-side and security verification is carried out to the identification information carried in the checking request.

S303, the security application server-side receive the checking request of carrying identification information that the terminal is sent.

S304, the security application server-side carry out security verification to the identification information carried in the checking request.

S305, in the case where being verified, the security application server-side to the terminal transmission be verified message, To trigger installation operation of the terminal execution for the application to be installed.

Disappear if S306, terminal receive being verified transmitted by the security application server-side response checking request Breath performs the installation operation for the application to be installed.

Optionally, in the case of authentication failed, the security application server-side sends authentication failed to the terminal and disappears Breath, the terminal to be notified to stop the installation operation to the application to be installed.If terminal receives the security application service End responds the authentication failed message transmitted by the checking request, stops the installation operation to the application to be installed.

Referring to Fig. 4, Fig. 4 is a kind of flow diagram using installation method that fourth embodiment of the invention provides, In, Fig. 4 described using installation method is mainly to be described from security application server-side and terminal both sides, such as Fig. 4 Shown, this may comprise steps of using installation method：

S401, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S402, terminal recognition.

If the loading source that S403, terminal recognition go out is unauthorized loading source, triggering terminal performs described to security application Server-side sends the checking request for carrying the identification information.

S404, terminal send the checking request for carrying the identification information, the checking request to security application server-side It is indicated for the security application server-side and security verification is carried out to the identification information carried in the checking request.

S405, the security application server-side receive the checking request of carrying identification information that the terminal is sent.

S406, the security application server-side carry out security verification to the identification information carried in the checking request.

S407, in the case where being verified, the security application server-side to the terminal transmission be verified message, To trigger installation operation of the terminal execution for the application to be installed.

Specifically, the identification information of application to be installed carried in the checking request that security application server-side sends terminal It is verified with the identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side, if treating The identification information of application is installed with being pre-stored in the described to be installed using the corresponding mark for authorizing installation kit of security application server-side Know information to exactly match, the security application server-side is verified message to terminal transmission.

Disappear if S408, terminal receive being verified transmitted by the security application server-side response checking request Breath performs the installation operation for the application to be installed.

Referring to Fig. 5, Fig. 5 is a kind of flow diagram using installation method that fifth embodiment of the invention provides, In, Fig. 5 described using installation method is mainly to be described from security application server-side and terminal both sides, such as Fig. 5 Shown, this may comprise steps of using installation method：

S501, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S502, terminal recognition.

If the loading source that S503, terminal recognition go out is unauthorized loading source, triggering terminal performs described to security application Server-side sends the checking request for carrying the identification information.

S504, terminal send the checking request for carrying the identification information, the checking request to security application server-side It is indicated for the security application server-side and security verification is carried out to the identification information carried in the checking request.

S505, the security application server-side receive the checking request of carrying identification information that the terminal is sent.

S506, the security application server-side carry out security verification to the identification information carried in the checking request.

S507, in the case of authentication failed, the security application server-side to the terminal send authentication failed message, The terminal to be notified to stop the installation operation to the application to be installed.

Disappear if S508, terminal receive the authentication failed that the security application server-side is responded transmitted by the checking request Breath, stops the installation operation to the application to be installed.

Referring to Fig. 6, Fig. 6 is a kind of flow diagram using installation method that sixth embodiment of the invention provides, In, Fig. 6 described using installation method is mainly to be described from security application server-side and terminal both sides, such as Fig. 6 Shown, this may comprise steps of using installation method：

S601, terminal obtain the identification information of the installation kit of application to be installed.

The loading source of the installation kit of application to be installed described in S602, terminal recognition.

If the loading source that S603, terminal recognition go out is the loading source authorized, the installation for the application to be installed is performed Operation.

The following is an embodiment of the apparatus of the present invention, and apparatus of the present invention embodiment is used to perform the method for the present invention embodiment one to six The method of realization for convenience of description, is illustrated only and is not disclosed with the relevant part of the embodiment of the present invention, particular technique details , the embodiment of the present invention one is please referred to embodiment six.

Referring to Fig. 7, Fig. 7 is a kind of structure diagram for mobile terminal that seventh embodiment of the invention provides, such as Fig. 7 institutes Show, which can include：

Acquiring unit 701, for obtaining the identification information of the installation kit of application to be installed.

Transmitting element 702, it is described to test for sending the checking request for carrying the identification information to security application server-side Card request is indicated for the security application server-side and carries out security verification to the identification information carried in the checking request.

Execution unit 703, if responding testing transmitted by the checking request for receiving the security application server-side Card performs the installation operation for the application to be installed by message.

Specifically, the identification information of application to be installed carried in the checking request that security application server-side sends terminal It is verified with the identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side, if treating The identification information of application is installed with being pre-stored in the described to be installed using the corresponding mark for authorizing installation kit of security application server-side Know information to exactly match, the security application server-side is verified message to terminal transmission, is verified described in terminal reception Message, execution unit 703 perform the installation operation for the application to be installed.

Optionally, the mobile terminal further includes：

Recognition unit 704, for identifying the loading source of the installation kit of the application to be installed.

Trigger element 705, if the loading source for identifying is unauthorized loading source, triggering execution is described should to safety The checking request for carrying the identification information is sent with server-side.

In the present embodiment, if recognition unit 704 identifies that the loading source of the installation kit of application to be installed is unauthorized Loading source is confirmed whether to be installed by user, if user confirms the installation for installing that above-mentioned loading source is unauthorized loading source It wraps, then the confirmation installation action triggering trigger element 705 of user performs described sent to security application server-side and carries institute State the checking request of identification information.

Optionally, the execution unit 703, if being additionally operable to the loading source that the loading source identified is mandate, the execution Unit 703 performs the installation operation for the application to be installed.

In the present embodiment, if recognition unit 704 identifies the loading source of the installation kit of application to be installed under mandate Load source is loaded in down security application server-side, then execution unit 703 directly performs the installation operation of the application to be installed.

Optionally, the mobile terminal further includes：

Stop unit if receiving the authentication failed message of the security application server-side transmission for mobile terminal, stops Only to the installation operation of the application to be installed.

Specifically, the identification information of application to be installed carried in the checking request that security application server-side sends terminal It is verified with the identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side, if treating The identification information of application is installed with being pre-stored in the described to be installed using the corresponding mark for authorizing installation kit of security application server-side Know INFORMATION OF INCOMPLETE matching, the security application server-side sends authentication failed message to terminal, and terminal receives the verification and loses Message is lost, stop unit stops performing the installation operation for the application to be installed.

Referring to Fig. 8, Fig. 8 is the structure diagram for the mobile terminal that the eighth embodiment of the present invention provides.As shown in the figure, Mobile terminal in the embodiment of the present invention includes：At least one processor 801, such as CPU, at least one receiver 803, at least One memory 804, at least one transmitter 805, at least one communication bus 802.Wherein, communication bus 802 is used to implement Connection communication between these components.Wherein, the receiver 803 of device and transmitter 805 can be had in the embodiment of the present invention Line sending port, or wireless device, such as including antenna assembly, for carrying out signaling or data with other node devices Communication.Memory 804 can be high-speed RAM memory or non-labile memory (non-volatile Memory), a for example, at least magnetic disk storage.Memory 804 optionally can also be at least one and be located remotely from aforementioned place Manage the storage device of device 801.Batch processing code is stored in memory 804, and processor 801 stores for calling in memory Program code, for performing the following operations：

Processor 801 obtains the identification information of the installation kit of application to be installed.

Processor 801 sends the checking request for carrying the identification information, the checking request to security application server-side It is indicated for the security application server-side and security verification is carried out to the identification information carried in the checking request.

Wherein, the security application server-side is described to be installed with prestoring by the identification information carried in the checking request It is using the corresponding specific embodiment verified of identification information for authorizing installation kit：

First, the Bao Mingyu of the installation kit of application to be installed is pre-stored in the application pair to be installed of security application server-side The packet name of mandate installation kit answered is matched, and security application server-side is pre-stored in the Bao Mingyu of the installation kit of application to be installed It is described it is to be installed using the corresponding packet name for authorizing installation kit it is matched under the premise of, the verification of the installation kit of application to be installed letter Breath is matched with the verification information of the mandate installation kit of above-mentioned application to be installed.

If processor 801 receives the message that is verified of the security application server-side transmission, execution is treated for described The installation operation of application is installed.

Optionally, if processor 801 receives the authentication failed message that the security application server-side is sent, stopping pair The installation operation of the application to be installed.

Optionally, in mobile terminal shown in Fig. 8, processor 801 is sent to security application server-side described in carrying Before the checking request of identification information, following steps can be first carried out：

Processor 801 identifies the loading source of the installation kit of the application to be installed；

If the loading source that processor 801 identifies is unauthorized loading source, triggering performs described to security application service End sends the checking request for carrying the identification information.

In the present embodiment, if under processor 801 identifies that the loading source of the installation kit of application to be installed is unauthorized Load source is confirmed whether to be installed by user, if user confirms the installation kit for installing that above-mentioned loading source is unauthorized loading source, Then the confirmation installation action triggering of user performs the verification that the carrying identification information is sent to security application server-side and asks It asks.

Optionally, if the loading source that processor 801 identifies is the loading source authorized, processor 801 is performed for described The installation operation of application to be installed.

In the present embodiment, if processor 801 identifies that the loading source of the installation kit of application to be installed is the download authorized Source is loaded in down security application server-side, then processor 801 directly performs the installation operation of the application to be installed.

Referring to Fig. 9, Fig. 9 is a kind of structure diagram for security application server-side that ninth embodiment of the invention provides, As shown in figure 9, the security application server-side can at least include：

Receiving unit 901, for receiving the checking request for carrying identification information.

Authentication unit 902, for carrying out security verification to the identification information carried in the checking request.

Wherein, the authentication unit 902 is specifically used for awarding the identification information carried in the checking request with what is prestored Power identification information is matched；If the identification information carried in the checking request and the authorization identification information to prestore are complete Matching, then authentication unit is verified；If the identification information carried in the checking request is believed with the mandate mark to prestore Breath mismatches, then authentication unit authentication failed.

Optionally, the identification information includes：The packet name of the installation kit of application to be installed and the installation kit of application to be installed Verification information；

The authentication unit, the authorization packets name progress to prestore specifically for the Bao Mingyu of the installation kit to application to be installed Match；Matched, the installation to application to be installed in the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores The verification information of packet is matched with the authority checking information to prestore.

Transmitting element 903 disappears in the case where being verified, security application server-side to be verified to terminal transmission Breath performs the installation operation for the application to be installed with triggering terminal.

Optionally, the transmitting element 903, is additionally operable in the case of authentication failed, and sending verification to the terminal loses Message is lost, the terminal to be notified to stop the installation operation to the application to be installed.

Referring to Fig. 10, Figure 10 is the structure diagram for the security application server-side that tenth embodiment of the invention provides.Such as Shown in figure, the security application server-side in the embodiment of the present invention includes：At least one processor 1001, such as CPU, it is at least one Receiver 1003, at least one processor 1004, at least one transmitter 1005, at least one communication bus 1002.Wherein, lead to Letter bus 1002 is used to implement the connection communication between these components.Wherein, in the embodiment of the present invention device receiver 1003 Can be wired sending port with transmitter 1005, or wireless device, such as including antenna assembly, for being saved with other Point device carries out the communication of signaling or data.Memory 1004 can be high-speed RAM memory or non-labile deposit Reservoir (non-volatile memory), for example, at least a magnetic disk storage.Memory 1004 optionally can also be at least One storage device for being located remotely from aforementioned processor 1001.Batch processing code, and processor are stored in memory 1004 1001 for calling the program code stored in memory, for performing the following operations：

Processor 1001 receives the checking request of carrying identification information that terminal is sent.

The processor 1001 carries out security verification to the identification information carried in the checking request.

Wherein, the processor 1001 carries out the specific of security verification to the identification information carried in the checking request Embodiment is：

The processor 1001 carries out the identification information carried in the checking request and the authorization identification information to prestore Matching；If the identification information carried in the checking request is exactly matched with the authorization identification information to prestore, verification is logical It crosses；If the identification information carried in the checking request is mismatched with the authorization identification information to prestore, authentication failed.

The processor 1001 carries out the identification information carried in the checking request the specific implementation of security verification Mode is：

The processor 1001 matches the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores；It is treating Install the installation kit of application the authorization packets names that prestore of Bao Mingyu it is matched in the case of, the processor 1001 is to be installed The verification information of the installation kit of application is matched with the authority checking information to prestore.

In the case where being verified, processor 1001 is verified message to terminal transmission, to trigger the end End performs the installation operation for the application to be installed.

Specifically, the identification information of the application to be installed carried in the checking request that processor 1001 sends terminal with it is pre- Deposit it is described it is to be installed using it is corresponding authorize installation kit identification information verified, if the identification information of application to be installed with The identification information to be installed using corresponding mandate installation kit for being pre-stored in security application server-side exactly matches, the place Reason device 1001 is verified message to terminal transmission, terminal receive described in be verified message, perform for it is described it is to be installed should Installation operation.

Optionally, in the case of authentication failed, processor 1001 sends authentication failed message to terminal, to notify terminal Stop the installation operation to the application to be installed.

Specifically, the identification information of the application to be installed carried in the checking request that processor 1001 sends terminal with it is pre- The identification information to be installed using corresponding mandate installation kit there are security application server-side is verified, if to be installed The identification information of application is described to be installed using the corresponding identification information Incomplete matching for authorizing installation kit with prestoring, described Processor 1001 sends authentication failed message to terminal, and terminal receives the authentication failed message, stops performing and be treated for described The installation operation of application is installed.

Through the embodiment of the present invention, security application server-side by the identification information of acquisition for mobile terminal with prestore described in It is to be installed to be verified using the corresponding identification information for authorizing installation kit to determine whether the application to be installed is malicious application, And then terminal authentication message is returned, terminal carries out installation operation according to the verification message or stops installing, and solves existing skill The technical issues of user can be just discerned whether as malicious application after installation is complete in installation kit in art is conducive to improve application installation Safety.

It is a kind of structural representation using installation system that eleventh embodiment of the invention provides to please refer to Fig.1 1, Figure 11 Figure, as shown in figure 11, this can include using installation system：Mobile terminal 1101 and security application server-side 1102, wherein, institute Stating mobile terminal 1101 can be as before conjunction such as the mobile terminal that Fig. 7 or Fig. 8 are introduced above, security application server-side 1102 The security application server-side that texts and pictures 9 or Figure 10 are introduced, specifically：

Mobile terminal 1101, for obtaining the identification information of the installation kit of application to be installed；It is sent out to security application server-side The checking request for carrying the identification information is sent, the checking request is indicated for the security application server-side to the verification The identification information carried in request carries out security verification.

Security application server-side 1102, for receiving the checking request of the carrying identification information of terminal transmission；It tests described The identification information carried in card request carries out security verification；In the case where being verified, it is logical to send verification to the terminal Message is crossed, to trigger installation operation of the terminal execution for the application to be installed.

Wherein, the security application server-side 1102 tests the identification information progress safety carried in the checking request The specific embodiment of card is：

Security application server-side 1102 is to the identification information carried in the checking request and the authorization identification information to prestore It is matched；If the identification information carried in the checking request is exactly matched with the authorization identification information to prestore, test Card passes through；If the identification information carried in the checking request is mismatched with the authorization identification information to prestore, mistake is verified It loses.

The security application server-side 1102 carries out security verification to the identification information carried in the checking request Specific embodiment is：

The security application server-side 1102 carries out the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores Matching；It is matched in the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores, the security application service The verification information of the installation kit of 1102 pairs of applications to be installed is held to be matched with the authority checking information to prestore.

Specifically, what is carried in the checking request that security application server-side 1102 sends above-mentioned mobile terminal 1101 waits to pacify It fills the identification information of application and is pre-stored in the described to be installed using corresponding mandate installation kit of security application server-side 1102 Authorization identification information is verified, if the identification information of application to be installed is with being pre-stored in the described to be installed of security application server-side It is exactly matched using the corresponding authorization identification information for authorizing installation kit, the security application server-side 1102 is to mobile terminal 1101 transmissions are verified message.

The mobile terminal 1101 is sent out if being additionally operable to receive the security application server-side and responding the checking request The installation operation for being verified message, performing for the application to be installed sent.

Optionally, the mobile terminal 1101 is additionally operable to identify the loading source of the installation kit of the application to be installed；If know The loading source not gone out is unauthorized loading source, and triggering performs described sent to security application server-side and carries the identification information Checking request.

In the present embodiment, if mobile terminal 1101 identifies that the loading source of the installation kit of application to be installed is unauthorized Loading source is confirmed whether to be installed by user, if user confirms the installation for installing that above-mentioned loading source is unauthorized loading source It wraps, then the confirmation installation action triggering mobile terminal 1101 of user performs described sent to security application server-side and carries the mark Know the checking request of information.

Optionally, the mobile terminal 1101, if it is the loading source authorized to be additionally operable to the loading source identified, execution is directed to The installation operation of the application to be installed.

Optionally, the security application server-side 1102, is additionally operable in the case of authentication failed, to the mobile terminal 1101 send authentication failed message, the mobile terminal 1101 to be notified to stop the installation operation to the application to be installed；

Optionally, the mobile terminal 1101, if being additionally operable to receive the security application server-side response verification The transmitted authentication failed message of request, stops the installation operation to the application to be installed.

In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment Point, it may refer to the associated description of other embodiment.

The embodiment of the present invention is described in detail above, specific case used herein to the principle of the present invention and Embodiment is expounded, and the explanation of above example is only intended to facilitate the understanding of the method and its core concept of the invention； Meanwhile for those of ordinary skill in the art, thought according to the present invention can in specific embodiments and applications There is change part, to sum up above-mentioned, the content of the present specification should not be construed as limiting the invention.

Claims

1. a kind of apply installation method, which is characterized in that the method includes：

If the loading source identified is unauthorized loading source, is sent to security application server-side and carry testing for the identification information Card request, the checking request be indicated for the security application server-side to the identification information that is carried in the checking request into Row security verification, loading source of the security application server-side for the mandate of the installation kit of the application to be installed are described non- The loading source of mandate is the third-party application server-side in addition to the security application server-side；

If receiving and being verified message transmitted by the security application server-side response checking request, perform for institute State the installation operation of application to be installed.

2. according to the method described in claim 1, it is characterized in that, the method further includes：

If the loading source identified is the loading source authorized, the installation operation for the application to be installed is performed.

3. according to the method described in claim 1, it is characterized in that, the method further includes：

If receiving the authentication failed message transmitted by the security application server-side response checking request, stop to described The installation operation of application to be installed.

4. according to claims 1 to 3 any one of them method, which is characterized in that the identification information includes：Application to be installed Installation kit packet name and application to be installed installation kit verification information.

5. a kind of apply installation method, which is characterized in that the method includes：

Security application server-side receives the checking request of carrying identification information that terminal is sent, and the checking request is the terminal Obtain the identification information of the installation kit of application to be installed and the installation kit of identification application to be installed loading source be unauthorized under It is sent during load source；

In the case where being verified, the security application server-side is verified message to terminal transmission, to trigger It states terminal and performs the installation operation for being directed to application to be installed, the security application server-side is the installation kit of the application to be installed Mandate loading source.

6. according to the method described in claim 5, it is characterized in that, the method further includes：

In the case of authentication failed, the security application server-side sends authentication failed message to the terminal, to notify State installation operation of the terminal stopping to the application to be installed.

7. method according to claim 5 or 6, which is characterized in that the security application server-side is to the checking request The identification information of middle carrying carries out security verification, including：

Security application server-side matches the identification information carried in the checking request with the authorization identification information to prestore；

If the identification information carried in the checking request is exactly matched with the authorization identification information to prestore, verification is logical It crosses；

If the identification information carried in the checking request is mismatched with the authorization identification information to prestore, authentication failed.

8. method according to claim 5 or 6, which is characterized in that the identification information includes：The installation of application to be installed The verification information of the packet name of packet and the installation kit of application to be installed；

The security application server-side carries out security verification to the identification information carried in the checking request, including：

The security application server-side matches the authorization packets name that the Bao Mingyu of the installation kit of application to be installed prestores；

Matched in the authorization packets name to prestore described in the Bao Mingyu of the installation kit of the application to be installed, the safety should The verification information of the installation kit of the application to be installed is matched with the authority checking information to prestore with server-side.

9. a kind of mobile terminal, which is characterized in that the mobile terminal includes：

Recognition unit, for identifying the loading source of the installation kit of the application to be installed；

Trigger element, if the loading source for identifying is unauthorized loading source, triggering transmitting element is performed to security application Server-side sends the checking request for carrying the identification information；

The transmitting element, for sending the checking request for carrying the identification information, the verification to security application server-side Request is indicated for the security application server-side and carries out security verification, institute to the identification information carried in the checking request State security application server-side be the application to be installed installation kit mandate loading source, the unauthorized loading source be except Third-party application server-side except the security application server-side；

Execution unit, if disappearing for receiving being verified transmitted by the security application server-side response checking request Breath performs the installation operation for the application to be installed.

10. a kind of security application server-side, which is characterized in that the security application server-side includes：

Receiving unit, for receiving the checking request of the carrying identification information of terminal transmission, the checking request is the terminal Obtain the identification information of the installation kit of application to be installed and the installation kit of identification application to be installed loading source be unauthorized under It is sent during load source；

Transmitting element, in the case where being verified, message being verified to terminal transmission, to trigger the terminal Perform the installation operation for application to be installed, mandate of the security application server-side for the installation kit of the application to be installed Loading source.

11. security application server-side according to claim 10, which is characterized in that

The transmitting element is additionally operable in the case of authentication failed, authentication failed message is sent to the terminal, to notify State installation operation of the terminal stopping to the application to be installed.

12. a kind of apply installation system, which is characterized in that including mobile terminal as claimed in claim 9 and such as claim Security application server-side described in any one of 10~11, wherein：

The mobile terminal, for obtaining the identification information of the installation kit of application to be installed；Identify the peace of the application to be installed Fill the loading source of packet；If the loading source identified is unauthorized loading source, is sent to security application server-side and carry the mark Know the checking request of information, the checking request is indicated for the security application server-side to carrying in the checking request Identification information carries out security verification, download of the security application server-side for the mandate of the installation kit of the application to be installed Source, the unauthorized loading source are the third-party application server-side in addition to the security application server-side；

The security application server-side, for receiving the checking request of the carrying identification information of terminal transmission；It please to the verification The identification information of middle carrying is asked to carry out security verification；In the case where being verified, it is verified and disappears to terminal transmission Breath, to trigger installation operation of the terminal execution for the application to be installed；

The mobile terminal, if being additionally operable to receive the verification transmitted by the security application server-side response checking request By message, the installation operation for the application to be installed is performed.