CN105487908B - Safe application software ecological service method - Google Patents
Safe application software ecological service method Download PDFInfo
- Publication number
- CN105487908B CN105487908B CN201510961142.9A CN201510961142A CN105487908B CN 105487908 B CN105487908 B CN 105487908B CN 201510961142 A CN201510961142 A CN 201510961142A CN 105487908 B CN105487908 B CN 105487908B
- Authority
- CN
- China
- Prior art keywords
- application
- application software
- center
- software
- application service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000009826 distribution Methods 0.000 claims abstract description 28
- 230000007246 mechanism Effects 0.000 claims abstract description 10
- 230000008901 benefit Effects 0.000 claims abstract description 6
- 238000013475 authorization Methods 0.000 claims description 36
- 238000009434 installation Methods 0.000 claims description 21
- 238000011161 development Methods 0.000 claims description 19
- 230000008676 import Effects 0.000 claims description 18
- 238000012795 verification Methods 0.000 claims description 11
- 241000700605 Viruses Species 0.000 claims description 8
- 230000008569 process Effects 0.000 claims description 8
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 claims description 7
- 230000006978 adaptation Effects 0.000 claims description 6
- 230000006399 behavior Effects 0.000 claims description 6
- 238000007689 inspection Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 5
- 238000003860 storage Methods 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 3
- 238000004519 manufacturing process Methods 0.000 claims description 3
- 230000009545 invasion Effects 0.000 claims description 2
- 238000012827 research and development Methods 0.000 claims description 2
- 230000004913 activation Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 238000003892 spreading Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
- G06F8/62—Uninstallation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Stored Programmes (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a safe application software ecological service method, which comprises the steps of establishing a perfect application software ecological service system, realizing the unified management and the efficient deployment of software, and establishing a safety mechanism to improve the safety of the whole application software service system; the invention has the advantages that: in the whole ecological system of the domestic information security, the operability, the efficiency and the security of the deployment and the distribution of the application software are improved.
Description
Technical Field
The invention relates to a software ecological service, in particular to a safe application software ecological service method, belonging to the field of software ecological services.
Background
The service mode of the current application software on the PC platform mainly comprises the following steps: the method comprises the steps of adopting a mode of purchasing an application program installation package and an authorization code offline; the method adopts the mode of off-line purchase and on-line activation authorization; most application software has shortcomings in service solutions for enterprises and public institutions, and has problems in various aspects such as security of each link, high efficiency of deployment, overall unified management and the like. The service mode of the mobile platform adopts the mode of an application store to carry out authorized purchase, installation and deployment and unified management. However, because of the great difference in software and hardware environments at the bottom of the current mobile platform, the entire application software ecosystem is not sound enough, and problems exist in the safety and the supervision of the links such as development, operation, deployment, unified management and the like. Although the methods meet the service requirements of general users to a certain extent, the methods cannot accurately provide safe, controllable, classified and manageable personalized distribution services for appointed machine types, group users and users in a special range; and strict and standard unified application import and export security authentication and diversified management services of application users cannot be provided for users.
Disclosure of Invention
In order to solve the problems, the invention designs a safe application software ecological service method, and aims at the current situation of the current application software service mode, and improves the operability, efficiency and safety of application software deployment and distribution in the whole ecological system of domestic information safety.
The technical scheme of the invention is as follows:
a safe application software ecological service method comprises the following two parts
(1) A perfect application software ecological service system is established, unified management and efficient deployment of software are realized, a set of overall system structure is provided to manage the application software, and the operability and the efficiency of deployment and distribution of the application software are ensured;
comprises the following steps: the system comprises an application developer, an application service center, an application service subcenter and an application service terminal, wherein: an application developer: the development of the application software is carried out according to a unified development tool, a development library and a development standard; the application service center: the system is responsible for managing application software provided by an application developer and managing service sub-centers; the application service subcenter: the system is responsible for managing application software and application service terminals of the branch center; the application service terminal: and the system is responsible for the installation, uninstallation and upgrade operations of the application software of the terminal PC.
The whole deployment and distribution of the application software comprises 6 steps which are respectively as follows in sequence:
the first step is as follows: the application service center adapts and verifies the application software, and the step further comprises 4 steps which are respectively as follows in sequence:
step 1, authorization and authentication: before entering the application service center, the application software provided by the application developer needs to be authorized and verified. If the authorization code in the application software is legal in the application service center, entering step 2, otherwise, the application software cannot enter the whole ecosystem for deployment and distribution through auditing;
step 2, adaptation check, wherein application software provided by an application developer needs to be developed based on a CCF (core operation framework), and in order to ensure that the application software entering an ecosystem can normally operate, an application service center needs to perform adaptation check on the CCF on which the application software depends. If the adaptation is successful, entering step 3, otherwise, the application software cannot enter the whole ecosystem through auditing for deployment and distribution;
and step 3, safety inspection: application software provided by an application developer may introduce malicious operation behaviors due to various reasons, so that the application service center needs to perform virus and trojan killing on the application software to ensure that the application software does not have malicious attack behaviors. If no malicious attack behavior exists, entering step 4, otherwise, the application software cannot enter the whole ecosystem through auditing for deployment and distribution;
and 4, checking the content: the application software entering the whole ecosystem is required to be the application software meeting the requirements of laws and regulations, so the application service center needs to manually and automatically inspect the functions, pictures and characters of the application software. And if the examination is passed, entering a second step, otherwise, the application software cannot enter the whole ecosystem for deployment and distribution through the examination.
The second step is that: the application service center exports the application software, this step further includes 3 steps, separately as follows in proper order:
step 1, exporting an application: the application service sub-center provides an application export application to the application service center according to the actual requirement of the sub-center, wherein the application export application comprises the free or charged application software which needs to be purchased and the authorized number of the charged application software (the number of terminals allowed to be installed);
step 2, exporting application: the application service center derives all application software packages for the application service subcenter according to the identity code of the application service subcenter (the identity code uniquely identifies one application service subcenter in the whole ecosystem) which is proposed and derived in the step 1;
step 3, delivering application: the application service center delivers the derived application software package to the application service subcenter in a physical storage mode, and then enters a third step.
The third step: the application service sub-center imports application software, and the step further comprises 2 steps which are respectively as follows in sequence:
step 1, checking an identity code: the application software exported from the application service center corresponds to the application service subcenter one to one, so that the application service subcenter needs to perform validity check when importing the application software. If the identity code recorded in the application software package is consistent with the identity code of the current service subcenter, the application software is guided into the current application service subcenter, and then the step 2 is carried out; otherwise, the import fails, and the application software cannot be deployed and distributed in the current application service sub-center;
and 2, the application service sub-center executes the shelving operation on the imported application software (only the application software on the shelf can be deployed and distributed to the application service terminal), and the step four is entered.
The fourth step: the application service sub-center deploys and distributes application software to the application service terminals, and the steps further comprise 2 steps which are respectively as follows in sequence:
step 1, establishing connection: the application service sub-center establishes connection with the application service terminal, if the connection is successful, the step 2 is entered, otherwise the step deployment of the application software cannot be distributed to the application service terminal appointed by the sub-center;
step 2, automatically deploying application software to the application service terminal: according to the actual situation, if the application software needs to be automatically installed to the application service terminal, the application service sub-center needs to execute deployment operation, and then the application service sub-center enters the fifth step; if automatic installation of the application software to the application service terminal is not required, the "fifth step" is directly entered.
The fifth step: the application terminal uses application software: the application software in the whole ecosystem is finally installed, uninstalled and upgraded through the application assistant, and the application assistant runs on each application service terminal PC. The step further comprises 2 steps which are respectively as follows in sequence:
step 1: automatic installation: after the application assistant runs, if the application service sub-center issues an automatic deployment instruction, the application assistant needs to automatically install application software (application software at a public level); otherwise, entering step 2;
step 2: and the user logs in the application assistant and executes the operations of installation, uninstallation, upgrade and starting of the software in the current application assistant according to the actual requirement. And then proceeds to the "sixth step".
And a sixth step: the whole deployment and distribution process of the application software is finished.
(2) Safety of whole application software service system is improved by formulating safety mechanism
In order to ensure the safety of deployment and distribution of application software in the whole domestic information security ecosystem, safety processing needs to be performed in all links from the entry of the application software into the whole ecosystem to the terminal PC. A safe application software ecological service method is characterized in that each link in a deployment and distribution technical scheme is subjected to safe processing, and a specific safety mechanism technical scheme comprises 8 steps which are respectively as follows in sequence:
firstly, developing safe application software: the step ensures that the application software has higher safety in the development process, and further comprises the following 3 steps which are respectively as follows in sequence:
step 1, application software authorization: before developing application software, an application developer needs to apply for authorization codes to an application service center, the application software corresponds to the authorization codes one by one, and the application service center maintains the corresponding relation between the application software and the authorization codes;
step 2, developing application software: an application developer uses a unified platform provided by an ecosystem to develop software, wherein the platform comprises: core elements such as an Integrated Development Environment (IDE), a running framework (CCF) and the like are integrated, and a development platform is used for independent research and development of an ecosystem, so that the possibility of safety invasion in a development link is reduced;
step 3, generating an application installation package: application developers generate application software installation packages (cpk packages) using a unified generator provided by the ecosystem. The internal structure of the installation package and the internal file format standard are independently and uniformly formulated by an ecosystem; the generator is independently developed and produced by an ecosystem, so that the possibility of security intrusion in the process of manufacturing the installation package is reduced.
And secondly, authorization verification and security check: when the application software is imported into the application service center, the application service center needs to check the authorization and security of the application software, and the step further includes the following 2 steps, which are respectively as follows in sequence:
step 1, authorization verification: and the application service center analyzes the application software package and performs authorization verification on the authorization code in the software package. If the authorization code is the authorization code which is successfully applied, entering the step 2; if the authorization code is not authorized, the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution;
step 2, safety inspection: the application service center conducts virus and Trojan killing on the application software and checks whether malicious attacks exist or not. And if no virus Trojan horse exists, the third step is carried out, otherwise, the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution.
Thirdly, setting the application level of the application software: the application service center sets an application level for each type of application software, and ensures that only users with corresponding authorities can operate the software.
Fourthly, generating an identity code of the application service subcenter: in order to avoid the application software authorized for a certain service subcenter from spreading to other application subcenters, and meanwhile, for the economic benefits of application software developers and operators, the application service center generates an identity code which is unique in the whole system for each application subcenter and is used for uniquely identifying one application service subcenter. The identity code is generated by encrypting basic information (user name and password) of the application service sub-center and server hardware information (CPU and OS).
Fifthly, the application service center exports the safety processing of the application software: the application service center exports all the application software purchased by the application service subcenter according to the purchase application of the application service subcenter, encrypts the application grade, the purchased installation number and the identity code information of each application software, embeds the encrypted application software into an application software package, and delivers the encrypted application software package to the application service subcenter in a physical storage mode.
Sixthly, the application service sub-center checks the imported application software: when the application service subcenter imports each application software exported by the application service center, validity verification is required. The step further comprises 2 steps which are respectively as follows in sequence:
step 1, application service subcenter identity code detection: the application service sub-center detects the identity code of the imported application software package, if the identity code in the application software package is consistent with the identity code of the current application service sub-center, the step 2 is entered, otherwise the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution;
step 2, repeatedly importing and detecting: in order to guarantee the economic benefits of application software developers and operators, when the application software is imported by the application service subcontractor, the application software needs to be repeatedly imported, if the application software is not imported, the application software is imported into the application service subcontractor, otherwise, the application software fails to be imported again (the upgrade and the repurchase are not in the inspection range).
Seventhly, the application service sub-center authorizes the application software to the terminal user, and the step further comprises 3 steps which are respectively as follows in sequence:
step 1, setting the application level of application software: in order to improve the safety of application software and ensure that the application software can be safely used, the application service subcenter sets application levels (from low to high, in sequence: open, secret and secret);
step 2, setting the grade of the terminal user: the terminal users can operate the application software only after logging successfully through the application assistant, and the application service sub-center sets the user grade (from low to high, in sequence: common, general, important and core) of each terminal user;
step 3, authorizing the application software to the terminal user: in order to ensure that the application software can be used safely, the application service subcenter needs to authorize the application software to a designated end user, and only the authorized application software can be operated by a registered corresponding end user.
Eighth, the end user uses the application software: if the terminal user successfully logs in the application assistant, the installation, uninstallation and upgrade operations of the application software authorized by the branch center can be executed, and the terminal user cannot view the unauthorized application software on an application assistant interface.
The invention establishes a perfect application software ecological service system in a domestic environment. The invention relates to a set of unified application software auditing, managing, deploying and distributing processes established in a domestic environment. The invention relates to a set of safety mechanism established in a domestic environment: the system comprises an application software security development mechanism, a security auditing mechanism and a security use mechanism.
The invention has the advantages that: a perfect ecological service system is established for application software in a domestic environment; a set of unified safe auditing, unified management, efficient distribution and deployment processes are provided; a set of safety mechanisms of application software in the links of development, operation management and terminal use are provided; the safety and reliability of the application software in the service process are ensured, the high efficiency of deployment and distribution is improved, and the supervision performance of the software is ensured.
The present invention will be further described with reference to the following specific examples.
Detailed Description
The following description of the preferred embodiments of the present invention is provided for the purpose of illustration and description, and is in no way intended to limit the invention.
Example 1
A safe application software ecological service method takes the deployment and distribution of arora software as an example, and the deployment and distribution of the safe application software ecological service method and the technical scheme of a safety mechanism are described by examples, and the specific steps are as follows:
firstly, developing application software: the application developer successfully applies for an authorization code (31abff03d7894add) for the arora1.0 from the application service center, and the application developer generates the arora 1.0.cpk through a development platform and a package generator provided by an ecosystem. And entering the second step.
And secondly, authorization verification and security check: the application service center imports arora.1.0.cpk, and the step further comprises the following 2 steps which are respectively as follows in sequence:
step 1: the application service center analyzes the arora.1.0.cpk to obtain the authorization code 31abff03d7894add, queries the database, checks that the authorization code 31abff03d7894add is consistent with the authorization code corresponding to the application software arora.1.0 in the authorization application record, and enters step 2.
Step 2: and (3) scheduling a virus Trojan horse searching and killing module by using the service center, automatically scanning arora.1.0.cpk, finding no virus or Trojan horse, and entering a third step.
Thirdly, setting the application level of the application software: the application service center sets the application level of arora.1.0 to secret (code: 2), and proceeds to the fourth step.
Fourthly, generating an identity code of the application service subcenter: the application service center manages an application service sub-center (xx city committee), and the user name of xx city committee is: xxshiwei001, password is: 123456, server hardware information: CPU (type: ft1500a, serial No. 123456789), OS (NeoKylin R5); the application service center encrypts xxshiwei001, 123456, ft1500a and 123456789 to obtain the identity code of xx municipality (kwPr6 j). And entering the fifth step.
Fifthly, the application service center exports the safety processing of the application software: the application service center embeds the installation times 100, the application level (2), and the identity code (kwPr6j) of arora.1.0 purchased by xx city committees into arora.1.0. cpk. Then exported to optical disc and delivered to xx municipalities. And entering the sixth step.
And sixthly, the application service sub-center checks the imported application software, and the step further comprises 2 steps which are respectively as follows in sequence:
step 1, application service subcenter identity code detection: when the xx city commits to arora.1.0.cpk, the service center is divided into the following parts according to the basic information of the application service center: the user name is: xxshiwei001, password is: 123456; server hardware information: the CPU (type: ft1500a, serial No. 123456789), OS (NeoKylin R5) calculates the ID code as: kwPr6 j; and (3) the application service branch center analyzes the identity code in the arora.1.0.cpk, compares the identity code with the calculated kwPr6j and enters the step 2.
Step 2, repeatedly importing and detecting: and the application service sub-center inquires the database import record, and if the arora.1.0.cpk is not imported once, importing the arora.1.0 to the application service sub-center of xx city committee. And entering the seventh step.
Seventhly, authorizing the application software to the terminal user by the application service sub-center, wherein the step comprises 3 steps which are respectively as follows in sequence:
step 1, setting the application level of application software: the application service center sets the application level of arora.1.0 to be absolute.
Step 2, setting the grade of the terminal user: adding an end user (user name: admin01, password: 123456) to the application service subcenter; setting the user grade as follows: and (4) a core.
Step 3, authorizing the application software to the terminal user: the application service subcenter sets the authority of operating arorg.1.0 for admin 01. And entering the eighth step.
Eighth, the end user uses the application software: the end user is authenticated by the user name: the admin01 and the password 123456 successfully log in to the application assistant, so that the arora.1.0 can be seen, and the installation, uninstallation and upgrade operations are successfully executed.
Claims (10)
1. A safe application software ecological service method is characterized in that: the method comprises the following two parts:
(1) the method comprises the steps of establishing a perfect application software ecological service system, realizing unified management and deployment of application software, and comprising an application developer, an application service center, an application service sub-center and an application service terminal, wherein the whole deployment and distribution of the application software comprises 6 steps which are respectively as follows in sequence:
the first step is as follows: the application service center adapts and verifies the application software;
the second step is that: the application service center exports application software;
the third step: the application service sub-center imports application software;
the fourth step: the application service sub-center deploys and distributes application software to the application service terminals;
the fifth step: the application terminal uses application software: the application software in the whole ecosystem is finally installed, uninstalled and upgraded by an application assistant, and the application assistant runs on each application service terminal PC;
and a sixth step: finishing the whole deployment and distribution process of the application software;
(2) safety of whole application software service system is improved by formulating safety mechanism
Comprises 8 steps which are respectively as follows in sequence:
firstly, developing safe application software;
and secondly, authorization verification and security check: when the application software is imported into the application service center, the application service center needs to check the authorization and the safety of the application software;
thirdly, setting the application level of the application software: the application service center sets an application grade for each type of application software to ensure that only users with corresponding authorities can operate the software;
fourthly, generating an identity code of the application service subcenter: in order to avoid that the application software authorized to a certain service subcenter is diffused to other application subcenters, and meanwhile, in order to achieve the economic benefits of application software developers and operators, the application service center generates a unique identity code in the whole system for each application subcenter, and the unique identity code is used for uniquely identifying one application service subcenter; the identity code is generated by encrypting basic information of the application service sub-center and server hardware information;
fifthly, the application service center exports the safety processing of the application software: the application service center exports all the application software purchased by the application service subcenter according to the purchase application of the application service subcenter, encrypts the application grade, the purchased installation number and the identity code information of each application software, embeds the encrypted application software into an application software package, and delivers the encrypted application software package to the application service subcenter in a physical storage mode;
sixthly, the application service sub-center checks the imported application software: when the application service subcenter imports each application software exported by the application service center, validity verification is required;
seventhly, authorizing the application software to the terminal user by the application service sub-center;
eighth, the end user uses the application software: if the terminal user successfully logs in the application assistant, the installation, uninstallation and upgrade operations of the application software authorized by the branch center can be executed, and the terminal user cannot view the unauthorized application software on an application assistant interface.
2. The method for secure ecological services of application software according to claim 1, characterized in that: an application developer: the development of the application software is carried out according to a unified development tool, a development library and a development standard; the application service center: the system is responsible for managing application software provided by an application developer and managing service sub-centers; the application service subcenter: the system is responsible for managing application software and application service terminals of the branch center; the application service terminal: and the system is responsible for the installation, uninstallation and upgrade operations of the application software of the terminal PC.
3. The method for secure ecological services of application software according to claim 1, characterized in that: the application service center adapts and verifies the application software, and the steps comprise 4 steps which are respectively as follows in sequence:
step 1, authorization and authentication: before entering an application service center, the application software provided by an application developer needs authorization verification; if the authorization code in the application software is legal in the application service center, entering step 2, otherwise, the application software cannot enter the whole ecosystem for deployment and distribution through auditing;
step 2, adaptation check, wherein application software provided by an application developer needs to be developed based on CCF, and in order to ensure that the application software entering an ecosystem can normally run, an application service center needs to perform adaptation check on CCF on which the application software depends; if the adaptation is successful, entering step 3, otherwise, the application software cannot enter the whole ecosystem through auditing for deployment and distribution;
and step 3, safety inspection: application software provided by an application developer may introduce malicious operation behaviors due to various reasons, so that an application service center needs to perform virus and Trojan killing on the application software to ensure that the application software does not have malicious attack behaviors; if no malicious attack behavior exists, entering step 4, otherwise, the application software cannot enter the whole ecosystem through auditing for deployment and distribution;
and 4, checking the content: the application software entering the whole ecosystem is required to be the application software meeting the requirements of laws and regulations, so the application service center needs to manually and automatically inspect the functions, pictures and characters of the application software; and if the examination is passed, entering a second step, otherwise, the application software cannot enter the whole ecosystem for deployment and distribution through the examination.
4. The method for secure ecological services of application software according to claim 1, characterized in that: the application service center exports the application software, this step includes 3 steps, separately as follows in proper order:
step 1, exporting an application: the application service sub-center provides an application export application to the application service center according to the actual requirement of the sub-center, wherein the application comprises free or charged application software needing to be purchased and the authorized number of the charged application software;
step 2, exporting application: the application service center derives all application software packages applied for the application service subcenter according to the identity codes of the application service subcenter proposed and derived in the step 1;
step 3, delivering application: the application service center delivers the derived application software package to the application service subcenter in a physical storage mode, and then enters a third step.
5. The method for secure ecological services of application software according to claim 1, characterized in that: the application service is divided into centers to import application software, and the steps comprise 2 steps which are respectively as follows in sequence:
step 1, checking an identity code: the application software exported from the application service center corresponds to the application service subcenter one to one, so that the application service subcenter needs to be checked for validity when importing the application software; if the identity code recorded in the application software package is consistent with the identity code of the current service subcenter, the application software is guided into the current application service subcenter, and then the step 2 is carried out; otherwise, the import fails, and the application software cannot be deployed and distributed in the current application service sub-center;
and 2, the application service sub-center executes the imported application software to be put on shelf and enters a fourth step.
6. The method for secure ecological services of application software according to claim 1, characterized in that: the application service sub-center deploys and distributes application software to the application service terminals, and the steps comprise 2 steps which are respectively as follows in sequence:
step 1, establishing connection: the application service sub-center establishes connection with the application service terminal, if the connection is successful, the step 2 is entered, otherwise the step deployment of the application software cannot be distributed to the application service terminal appointed by the sub-center;
step 2, automatically deploying application software to the application service terminal: according to the actual situation, if the application software needs to be automatically installed to the application service terminal, the application service sub-center needs to execute deployment operation, and then the application service sub-center enters the fifth step; if automatic installation of the application software to the application service terminal is not required, the "fifth step" is directly entered.
7. The method for secure ecological services of application software according to claim 1, characterized in that: the application terminal uses application software, and the step comprises 2 steps which are respectively as follows in sequence:
step 1: automatic installation: after the application assistant runs, if the application service sub-center issues an automatic deployment instruction, the application assistant needs to automatically install application software; otherwise, entering step 2;
step 2: a user logs in the application assistant and executes installation, uninstallation, upgrade and starting operations on software in the current application assistant according to actual requirements; and then proceeds to the "sixth step".
8. The method for secure ecological services of application software according to claim 1, characterized in that: developing safe application software, wherein the steps comprise the following 3 steps which are respectively as follows in sequence:
step 1, application software authorization: before developing application software, an application developer needs to apply for authorization codes to an application service center, the application software corresponds to the authorization codes one by one, and the application service center maintains the corresponding relation between the application software and the authorization codes;
step 2, developing application software: an application developer uses a unified platform provided by an ecosystem to develop software, wherein the platform comprises: the development environment and the core elements of the operation framework are integrated, and the development platform is the independent research and development production of an ecosystem, so that the possibility of safety invasion in the development link is reduced;
step 3, generating an application installation package: an application developer generates an application software installation package by using a unified generator provided by an ecosystem; the internal structure of the installation package and the internal file format standard are independently and uniformly formulated by an ecosystem; the generator is independently developed and produced by an ecosystem, so that the possibility of security intrusion in the process of manufacturing the installation package is reduced.
9. The method for secure ecological services of application software according to claim 1, characterized in that: authorization verification and security check, the steps further comprise the following 2 steps, which are respectively as follows:
step 1, authorization verification: the application service center analyzes the application software package and carries out authorization verification on the authorization code in the software package; if the authorization code is the authorization code which is successfully applied, entering the step 2; if the authorization code is not authorized, the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution;
step 2, safety inspection: the application service center checks and kills viruses and trojans on the application software and checks whether malicious attacks exist or not; and if no virus Trojan horse exists, the third step is carried out, otherwise, the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution.
10. The method for secure ecological services of application software according to claim 1, characterized in that: the application service sub-center checks the imported application software, and the steps comprise 2 steps which are respectively as follows in sequence:
step 1, application service subcenter identity code detection: the application service sub-center detects the identity code of the imported application software package, if the identity code in the application software package is consistent with the identity code of the current application service sub-center, the step 2 is entered, otherwise the import fails, and the application software cannot enter the whole ecosystem for deployment and distribution;
step 2, repeatedly importing and detecting: in order to ensure the economic benefits of application software developers and operators, when the application software is imported by the application service sub-center, the repeated import check is needed, if the application software is not imported, the application software is imported to the application service sub-center, otherwise, the application software cannot be imported again if the import fails;
the application service sub-center authorizes the application software to the terminal user, and the steps comprise 3 steps which are respectively as follows in sequence:
step 1, setting the application level of application software: in order to improve the safety of the application software and ensure that the application software can be safely used, the application service sub-center sets an application level for each imported application software;
step 2, setting the grade of the terminal user: the terminal users can operate the application software only after logging successfully through the application assistant, and the application service sub-center sets the user grade of each terminal user;
step 3, authorizing the application software to the terminal user: in order to ensure that the application software can be used safely, the application service subcenter needs to authorize the application software to a designated end user, and only the authorized application software can be operated by a registered corresponding end user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510961142.9A CN105487908B (en) | 2015-12-22 | 2015-12-22 | Safe application software ecological service method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510961142.9A CN105487908B (en) | 2015-12-22 | 2015-12-22 | Safe application software ecological service method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105487908A CN105487908A (en) | 2016-04-13 |
| CN105487908B true CN105487908B (en) | 2020-05-19 |
Family
ID=55674904
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510961142.9A Active CN105487908B (en) | 2015-12-22 | 2015-12-22 | Safe application software ecological service method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105487908B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108055138B (en) * | 2018-02-01 | 2020-03-17 | 国家计算机网络与信息安全管理中心 | Block chain-based application distribution recording method and system |
| CN112925529B (en) * | 2021-02-07 | 2023-10-27 | 联通(广东)产业互联网有限公司 | Application security distribution method, system, device and medium based on distributed cloud platform |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1604099A (en) * | 2004-08-06 | 2005-04-06 | 中国联合通信有限公司 | Method and system for constructing software system structure of telecommunication operation support system |
| CN101350082A (en) * | 2008-09-04 | 2009-01-21 | 中科院成都信息技术有限公司 | Method for building enterprise application integration platform and architecture thereof |
| CN101719236A (en) * | 2009-11-16 | 2010-06-02 | 山东浪潮齐鲁软件产业股份有限公司 | IT operation and maintenance system based on informatization construction operation |
| CN102065077A (en) * | 2010-11-11 | 2011-05-18 | 中国联合网络通信集团有限公司 | Method and system for distributing application software to terminal |
| EP2530585A1 (en) * | 2011-06-01 | 2012-12-05 | HTC Corporation | Method of handling periodic update of software component and related communication device |
| CN103888518A (en) * | 2014-03-06 | 2014-06-25 | 西安邮电大学 | Service design method of informatization public platform |
| US9075986B1 (en) * | 2006-10-19 | 2015-07-07 | United Services Automobile Association | Systems and methods for software application security management |
-
2015
- 2015-12-22 CN CN201510961142.9A patent/CN105487908B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1604099A (en) * | 2004-08-06 | 2005-04-06 | 中国联合通信有限公司 | Method and system for constructing software system structure of telecommunication operation support system |
| US9075986B1 (en) * | 2006-10-19 | 2015-07-07 | United Services Automobile Association | Systems and methods for software application security management |
| CN101350082A (en) * | 2008-09-04 | 2009-01-21 | 中科院成都信息技术有限公司 | Method for building enterprise application integration platform and architecture thereof |
| CN101719236A (en) * | 2009-11-16 | 2010-06-02 | 山东浪潮齐鲁软件产业股份有限公司 | IT operation and maintenance system based on informatization construction operation |
| CN102065077A (en) * | 2010-11-11 | 2011-05-18 | 中国联合网络通信集团有限公司 | Method and system for distributing application software to terminal |
| EP2530585A1 (en) * | 2011-06-01 | 2012-12-05 | HTC Corporation | Method of handling periodic update of software component and related communication device |
| CN103888518A (en) * | 2014-03-06 | 2014-06-25 | 西安邮电大学 | Service design method of informatization public platform |
Non-Patent Citations (1)
| Title |
|---|
| 基于云计算的软件服务模式的研究;杨宝龙;《中国优秀硕士学位论文全文数据库 信息科技辑》;20121115(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105487908A (en) | 2016-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11856106B2 (en) | Secure configuration of a device | |
| CN107204982B (en) | Interactive data system universal safety guard system | |
| CN106355081A (en) | Android program start verification method and device | |
| CN103677892A (en) | Authorization scheme to enable special privilege mode in secure electronic control unit | |
| CN104104672A (en) | Method for establishing dynamic authorization code based on identity authentication | |
| CN108259479B (en) | Business data processing method, client and computer readable storage medium | |
| CN106295350B (en) | identity verification method and device of trusted execution environment and terminal | |
| CN112464212B (en) | Data authority control reconstruction method based on mature complex service system | |
| CN111475782B (en) | API (application program interface) key protection method and system based on SGX (generalized Standard X) software extension instruction | |
| CN103679005A (en) | Method to enable development mode of a secure electronic control unit | |
| CN103065072A (en) | Method and device to improve Java software jailbreak difficulty and copyright verification method | |
| US9858061B2 (en) | Tamperproof installation of building control software in approved runtime environments | |
| CN112749088B (en) | Application program detection method and device, electronic equipment and storage medium | |
| CN105487908B (en) | Safe application software ecological service method | |
| CN108614709B (en) | Method and system for controlling Android application to safely access network | |
| CN114139114A (en) | Development and maintenance system and method based on front-end low code | |
| CN112817608A (en) | Program package installation method of trusted computing industrial personal computer | |
| CN109933958A (en) | The method and system of software protection | |
| CN110516427B (en) | Terminal user identity authentication method and device, storage medium and computer equipment | |
| CN110581833B (en) | Service security protection method and device | |
| CN106372503A (en) | Method and device for enhancing APK (Android Package) application permission configuration flexibility and system | |
| KR101322402B1 (en) | System and Method for Security of Application, Communication Terminal Therefor | |
| CN112395021B (en) | Power metering equipment application software loading control method and device | |
| CN104991807B (en) | A kind of patch pack assembly generates, processing method and processing device | |
| CN105279425A (en) | Application processing method and application processing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |