Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end
Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached
The embodiment of figure description is exemplary, and for explaining only the invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singular " one " used herein, " one
It is a ", " described " and "the" may also comprise plural form.It is to be further understood that being arranged used in specification of the invention
Diction " comprising " refer to that there are the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition
Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member
Part is " connected " or when " coupled " to another element, it can be directly connected or coupled to other elements, or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " may include being wirelessly connected or wirelessly coupling.It is used herein to arrange
Diction "and/or" includes one or more associated wholes for listing item or any cell and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific term), there is meaning identical with the general understanding of those of ordinary skill in fields of the present invention.Should also
Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art
The consistent meaning of meaning, and unless idealization or meaning too formal otherwise will not be used by specific definitions as here
To explain.
Those skilled in the art of the present technique are appreciated that " terminal " used herein above, " terminal device " both include wireless communication
The equipment of number receiver, only has the equipment of the wireless signal receiver of non-emissive ability, and including receiving and emitting hardware
Equipment, have on bidirectional communication link, can carry out two-way communication reception and emit hardware equipment.This equipment
It may include: honeycomb or other communication equipments, shown with single line display or multi-line display or without multi-line
The honeycomb of device or other communication equipments;PCS (Personal Communications Service, PCS Personal Communications System), can
With combine voice, data processing, fax and/or communication ability;PDA (Personal Digital Assistant, it is personal
Digital assistants), it may include radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, day
It goes through and/or GPS (Global Positioning System, global positioning system) receiver;Conventional laptop and/or palm
Type computer or other equipment, have and/or the conventional laptop including radio frequency receiver and/or palmtop computer or its
His equipment." terminal " used herein above, " terminal device " can be it is portable, can transport, be mounted on the vehicles (aviation,
Sea-freight and/or land) in, or be suitable for and/or be configured in local runtime, and/or with distribution form, operate in the earth
And/or any other position operation in space." terminal " used herein above, " terminal device " can also be communication terminal, on
Network termination, music/video playback terminal, such as can be PDA, MID (Mobile Internet Device, mobile Internet
Equipment) and/or mobile phone with music/video playing function, it is also possible to the equipment such as smart television, set-top box.
In the embodiment of the present invention, permission and safety check module are set in application layer;Permission and safety check module connect
After the system call request for receiving application, scope check is carried out to system call request;After scope check passes through, by this permission and
The preset security identifier of safety check module is carried in system call request to kernel as transmitting side marking and sends;Kernel
After receiving system call request, however, it is determined that the transmitting side marking of the system call request received out and the security identifier prestored
It is consistent, then carry out corresponding system calling.As it can be seen that being examined in the embodiment of the present invention to the permission of the system call request of application
It looks into and is carried out in the application layer except kernel, and the preset peace of permission and safety check module is set in system call request
Full mark identifies that this partial code, which is not belonging to Open Source Code, to be disclosed for kernel, greatly strengthens the safety of system calling
Property.
Moreover, in the embodiment of the present invention, kernel is if it is determined that the transmitting side marking of the system call request received and pre-
The security identifier of the permission and safety check module deposited is inconsistent, then refuses to execute the system call request received.As it can be seen that this
In invention example, the system call request that existing application is directly sent to kernel, because without the peace safe to carry for checking module
Full mark, will all be executed by kernel rejection;It can prevent the illegal applications such as virus, wooden horse, rogue program from utilizing existing Linux
Security mechanism invasion, greatly strengthen system calling safety.
Further, present inventor has further discovered that, in existing system call method, the peace of various security mechanisms is executed
Full module is built in the kernel of operating system, since kernel code amount is huge and the specification of open source community, leads to modification safety
The work of module and its security mechanism is extremely difficult, and causing to customize new security mechanism becomes extremely difficult.
Based on above-mentioned discovery, in the embodiment of the present invention, can be convenient will be customized for user security strategy setting
Into application layer, allow permission and safety check module according to the security strategy of customization more flexible, more personalizedly
Scope check is carried out to the call request of application, on the basis of guaranteeing that system calls safety, can satisfy various users not
Same demand promotes user experience.Moreover, code revision amount substantially reduces compared with the security module in modification kernel, it is compatible
More preferably, applicable surface is wider for property.
The technical solution of the embodiment of the present invention is specifically introduced with reference to the accompanying drawing.
The intelligent terminal of the embodiment of the present invention can be the terminal devices such as smart phone, tablet computer.
The application scenarios of the embodiment of the present invention, for the operating system based on linux kernel, such as android system,
Tizen system, Ubuntu system and FireFox system etc..
The embodiment of the invention provides a kind of system call method of application, the flow diagram of this method such as Fig. 1 a institutes
Show, includes the following steps:
S101: application sends system call request to permission and safety check module.
In the embodiment of the present invention, permission and safety check module and its peace are pre-set in the application layer of operating system
Full mark.The security identifier of permission and safety check module includes: identity information and/or the address of permission and safety check module
Information.
Under client-server mode, a reality can be used as using as client, permission and safety check module
Body independent operating (being similar to an application) is used as server.Under this mode, fixed UID (User can be preset
IDentification, user identifier), PID (Process IDentification, identity informations such as process identification (PID) and/or defeated
The address informations such as address out, as permission and the dedicated identity information of safety check module and/or address information, belong to permission and
The security identifier of safety check module.
Under resident mode, permission and safety check module in the form of library with application link together with, when operation is applied
Automatic running permission and safety check module.
Specifically, if setting static library for permission and safety check module, it is compiled into and can be transported altogether with application
Capable program;When the application operation, permission and safety check module are arranged to the address space to preset fixation automatically.
If setting dynamic base for permission and safety check module, is linked and be compiled into the program of application run;This is answered
When with operation, obtain permission and safety check module automatically according to link, and the address space for arriving preset fixation is set.
The address space of the preset fixation belongs to permission and safety inspection as permission and the dedicated address information of safety check module
The security identifier of module.
Using by its system call request, sent to permission and safety check module.System call request can be in form
It is instructed similar to falling into.The content of system call request may include at least one of following: access database, access input and output
File, access system service etc..
It is appreciated that typically directly the system call interfaces by its system call request into kernel are sent out for existing application
It send, and the application in the embodiment of the present invention is improved, so that being called using system is sent to permission and safety check module
Request.
S102: after permission and safety check module receive the system call request of application, system call request is carried out
Scope check;If scope check passes through, S103 is thened follow the steps;If scope check fails, ignores received system calling and ask
It asks.
After permission and safety check module receive the system call request of application, according to each in preset security strategy
Using corresponding every permission, scope check is carried out to the system call request of application.
Specifically, it is determined that the permission that the application has in permission and security strategy that the system call request of application is related to
Whether match;If so, the inspection that defines the competence passes through, step S103 is executed;Otherwise define the competence inspection failure, ignores reception
System call request.
It is readily appreciated that, the Access Options incompatible with its function have been preset in many applications at present.A such as flashlight
Using other than the Access Options for presetting camera, it is also provided with (intelligent terminal) location information, WLAN (Wireless
Local Area Network, WLAN) and the Access Options of list of application have been installed, it is therefore apparent that flashlight application
The light compensating lamp of camera is modeled to flashlight to the realization for the function of illuminating, and location information, WLAN and has been installed using column
These information of table are unrelated.Therefore, it may be predetermined that go out application function need the permission used, and/or with application function not phase
Permission corresponding to the Access Options of adaptation, is recorded in security strategy, is filtered out according to security strategy and is not fitted mutually with application function
Permission corresponding to the Access Options answered reduces the probability of leakage user information.
Preferably, can be according to the demand of user that the customized security strategy setting of user is examined to permission and safety
It looks into module;For example, customizing security strategy A for company A, security strategy B is customized for B company, security strategy A, B is respectively set
Into the permission and safety check module of the intelligent terminal of A, B company.
Permission and safety check module can be according to the security strategies of customization more flexible, more personalizedly to application
Call request carries out scope check, on the basis of guaranteeing that system calls safety, can satisfy the different demand of various users,
Promote user experience.Moreover, code revision amount substantially reduces compared with the security module in modification kernel, compatibility more preferably, is fitted
It is wider with face.
S103: the preset security identifier of this permission and safety check module is carried on system tune as transmitting side marking
It is sent in request to kernel.
The security identifier of permission and safety check module includes: the identity information and/or ground of permission and safety check module
Location information;Identity information may include at least one of following: fixed UID, PID etc.;Address information may include it is following at least
One: fixed output address, address space etc..
Permission and safety check module mark the preset security identifier of this permission and safety check module as sender
Knowledge is carried in system call request, is sent to kernel.
S104: after kernel receives system call request, determine the transmitting side marking of system call request that receives with
Whether the security identifier prestored is consistent, if unanimously, thening follow the steps S105;If inconsistent, S106 is thened follow the steps.
After kernel receives system call request, in the transmitting side marking and kernel of the determining system call request received
Whether the security identifier of the permission and safety check module that prestore is consistent, if unanimously, thening follow the steps S105;If inconsistent,
Then follow the steps S106.
S105: kernel carries out corresponding system calling.
Kernel determines the transmitting side marking and the permission prestored and safety of system call request in above-mentioned steps S104
After checking that the security identifier of module is consistent, in this step, received system call request is executed, carry out corresponding system tune
With.
S106: kernel refusal executes the system call request received, and returns to the application for sending the system call request
Return denied access message.
Kernel determines the transmitting side marking and the permission prestored and safety of system call request in above-mentioned steps S104
After checking that the security identifier of module is inconsistent, in this step, refusal executes the system call request received, and should to sending
The application of system call request returns to denied access message.
Preferably, the return path that kernel is called by traditional system, is directly to this is sent by denied access message
The application of system call request returns.Denied access message, which carries, refuses the corresponding return value of system call request, the return
Value is usually integer (such as integer 13), meets POSIX (Portable Operating System Interface, portable
Operating system interface) standard.
It is appreciated that for still sending system call request using traditional Linux security mechanism, directly to kernel
It is often illegal applications such as Virus, trojan horse program or rogue program or without company or related using, these applications
The system call request of these applications is refused in the application for partially allowing to be installed privately by the user of intelligent terminal, can be significantly
It reduces intelligent terminal and is broken into, reveals the probability of information, to force the safety of the information in intelligent terminal.
Preferably, the embodiment of the invention provides the system call method of another kind application, the flow diagram of this method
As shown in Figure 1 b, include the following steps:
S111: application sends system call request to permission and safety check module.
The specific method of this step is consistent with the specific method in above-mentioned steps S101, and details are not described herein again.
S112: after permission and safety check module receive the system call request of application, system call request is carried out
Scope check;If scope check passes through, S113 is thened follow the steps;If scope check fails, ignores received system calling and ask
It asks.
The specific method of this step is consistent with the specific method in above-mentioned steps S102, and details are not described herein again.
S113: the preset security identifier of this permission and safety check module is carried on system tune as transmitting side marking
It is sent in request to kernel.
The specific method of this step is consistent with the specific method in above-mentioned steps S103, and details are not described herein again.
S114: after kernel receives system call request, determine the transmitting side marking of system call request that receives with
Whether the security identifier prestored is consistent, if unanimously, thening follow the steps S115;If inconsistent, S117 is thened follow the steps.
After kernel receives system call request, in the transmitting side marking and kernel of the determining system call request received
Whether the security identifier of the permission and safety check module that prestore is consistent, if unanimously, thening follow the steps S115;If inconsistent,
Then follow the steps S117.
S115: kernel carries out legitimate verification according to relevant information of the security identifier to permission and safety check module;If
Verification result be it is legal, then follow the steps S116;If verification result be it is illegal, then follow the steps S117.
Preferably, being provided with its relevant information and number label in permission and safety check module in the embodiment of the present invention
Name.The relevant information of permission and safety check module can be source code (all or part of source of permission and safety check module
Code) or other contents that may indicate that permission and safety check module information.It can be according to scheduled algorithm, to power
The summary info for the uniqueness that the relevant information of limit and safety check module is calculated, according to scheduled private key pair
Summary info obtains digital signature into being encrypted.
Scheduled algorithm and public key corresponding with scheduled private key are prestored in kernel.Kernel according to the permission of acquisition and
The digital signature of safety check module relevant information, permission and safety check module relevant information to acquisition carry out legitimacy and test
Card.
Specifically, kernel is obtained from permission and safety check module according to the security identifier of permission and safety check module
Take the relevant information and its digital signature of preset permission and safety check module;Kernel is according to the scheduled algorithm prestored, meter
Calculate the summary info of the permission and safety check module relevant information that obtain;Kernel is according to the public key prestored, to digital signature
It is decrypted to obtain summary info;Determine whether calculated summary info and the summary info decrypted are consistent;If so,
Determine that verification result is legal, execution step S116;Otherwise determine that verification result is illegal, execution step S117.
Further, corresponded in permission and safety check module digital signature be stored with scheduled algorithm and with it is above-mentioned pre-
The corresponding public key of fixed private key.
And kernel is obtained from permission and safety check module according to the security identifier of permission and safety check module
The relevant information and its digital signature and public key and algorithm of preset permission and safety check module;Kernel is according to acquisition
Algorithm calculates the permission of acquisition and the summary info of safety check module relevant information;Kernel is according to the public key logarithm of acquisition
Word signature is decrypted to obtain summary info;Determine whether calculated summary info and the summary info decrypted are consistent;
If so, determining that verification result is legal, execution step S116;Otherwise determine that verification result is illegal, execution step S117.
It is appreciated that carry out legitimate verification to the relevant information of permission and safety check module, can prevent permission and
Safety check module is illegally distorted, and enhances the safety of permission and safety check module, to further enhance on the whole
The safety of the embodiment of the present invention.
S116: kernel carries out corresponding system calling.
Kernel determines the legitimate verification knot of the relevant information of permission and safety check module in above-mentioned steps S115
After fruit is legal, in this step, received system call request is executed, carry out corresponding system calling.
S117: kernel refusal executes the system call request received, and returns to the application for sending the system call request
Return denied access message.
Kernel determines the transmitting side marking and the permission prestored and safety of system call request in above-mentioned steps S114
Check after the security identifier of module is inconsistent or determine in above-mentioned steps S115 the related letter of permission and safety check module
After the legitimate verification result of breath is illegal, in this step, refusal executes the system call request that receives, and to transmission
The application of the system call request returns to denied access message.
Preferably, the return path that kernel is called by traditional system, is directly to this is sent by denied access message
The application of system call request returns.Denied access message, which carries, refuses the corresponding return value of system call request, the return
Value is usually integer (such as integer 13), meets POSIX standard.
Based on above system call method, a kind of system calling device is additionally provided in the embodiment of the present invention, which sets
It is placed in the intelligent terminal of the embodiment of the present invention, the block schematic illustration of the internal structure of the device is as shown in Figure 2, comprising: permission
And safety check module 201 and system call interface module 202 are set.
Wherein, permission and safety check module 201 are set to the application layer in the intelligent terminal of the embodiment of the present invention, are used for
After the system call request for receiving application, scope check is carried out to system call request;After scope check passes through, by permission and
The preset security identifier of safety check module 201 is carried in system call request to kernel as transmitting side marking and sends.
System call interface module 202 is set to the kernel in the intelligent terminal of the embodiment of the present invention, is for receiving
After system call request, however, it is determined that the transmitting side marking of the system call request received out and the permission and safety inspection mould that prestore
The security identifier of block 201 is consistent, then carries out corresponding system calling.
Preferably, system call interface module 202 is also used to the sender if it is determined that the system call request received
The security identifier for identifying and prestoring is inconsistent, then refuses to execute the system call request received, and call to the system is sent
The application of request returns to denied access message.
Specifically, permission and safety check module 201 are used for the security strategy according to customization, carry out to system call request
Scope check.
Preferably, system call interface module 202 is also used to the sender in the system call request for determining to receive
Identify it is consistent with the security identifier prestored after, according to security identifier to the relevant information of permission and safety check module 201 into
Row legitimate verification;If verification result be it is legal, carry out corresponding system calling;If verification result be it is illegal, refuse
The system call request received is executed, and returns to denied access message to the application for sending the system call request.
Further, system call interface module 202 is specifically used for the safety post according to permission and safety check module 201
Know, obtains the relevant information and its digital signature of preset permission and safety check module 201;Calculate the permission and peace of acquisition
The summary info of the relevant information of total inspection module 201, and decrypt the corresponding summary info of digital signature;It determines calculated
Whether summary info and the summary info decrypted are consistent;If so, determining that verification result is legal;Otherwise verifying knot is determined
Fruit is illegal.
The implementation method of above-mentioned permission and safety check module 201 and 202 function of system call interface module, can refer to
The particular content of process step shown in FIG. 1 as above, details are not described herein again.
In the embodiment of the present invention, to the scope check of the system call request of application in the application layer except kernel into
Row, and the preset security identifier of permission and safety check module is set for kernel identification, this part in system call request
Code, which is not belonging to Open Source Code, to be disclosed, and the safety of system calling is greatly strengthened.
Moreover, the illegal application of existing application or the existing application that disguises oneself as is directly to kernel in the embodiment of the present invention
The system call request of transmission, because will all be executed by kernel rejection without the security identifier safe to carry for checking module;It can prevent
Only the illegal applications such as virus, wooden horse, rogue program are invaded using the security mechanism of existing Linux, greatly strengthen system tune
Safety.
Further, in the embodiment of the present invention, will be arranged for the customized security strategy of user to application with can be convenient
In layer, allow permission and safety check module according to the security strategy of customization more flexible, more personalizedly to application
Call request carry out scope check, guarantee system call safety on the basis of, can satisfy the different need of various users
It asks, promotes user experience.Moreover, code revision amount substantially reduces compared with the security module in modification kernel, compatibility is more
Good, applicable surface is wider.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for executing in operation described herein
One or more equipment.These equipment can specially design and manufacture for required purpose, or also may include general
Known device in computer.These equipment have the computer program being stored in it, these computer programs are selectively
Activation or reconstruct.Such computer program can be stored in equipment (for example, computer) readable medium or be stored in
It e-command and is coupled in any kind of medium of bus respectively suitable for storage, the computer-readable medium includes but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memory), RAM (Random Access Memory, immediately memory), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or light card
Piece.It is, readable medium includes by equipment (for example, computer) with any Jie for the form storage or transmission information that can be read
Matter.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or
The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology neck
Field technique personnel be appreciated that these computer program instructions can be supplied to general purpose computer, special purpose computer or other
The processor of programmable data processing method is realized, to pass through the processing of computer or other programmable data processing methods
The scheme specified in frame or multiple frames of the device to execute structure chart and/or block diagram and/or flow graph disclosed by the invention.
Those skilled in the art of the present technique have been appreciated that in the present invention the various operations crossed by discussion, method, in process
Steps, measures, and schemes can be replaced, changed, combined or be deleted.Further, each with having been crossed by discussion in the present invention
Kind of operation, method, other steps, measures, and schemes in process may also be alternated, changed, rearranged, decomposed, combined or deleted.
Further, in the prior art to have and the step in various operations, method disclosed in the present invention, process, measure, scheme
It may also be alternated, changed, rearranged, decomposed, combined or deleted.
The above is only some embodiments of the invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.