CN106534148B - Access control method and device for application - Google Patents

Access control method and device for application Download PDF

Info

Publication number
CN106534148B
CN106534148B CN201611069910.0A CN201611069910A CN106534148B CN 106534148 B CN106534148 B CN 106534148B CN 201611069910 A CN201611069910 A CN 201611069910A CN 106534148 B CN106534148 B CN 106534148B
Authority
CN
China
Prior art keywords
access
container
control system
authority
master control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611069910.0A
Other languages
Chinese (zh)
Other versions
CN106534148A (en
Inventor
朱少峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yuanxin Information Technology Group Co ltd
Original Assignee
Yuanxin Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yuanxin Technology filed Critical Yuanxin Technology
Priority to CN201611069910.0A priority Critical patent/CN106534148B/en
Publication of CN106534148A publication Critical patent/CN106534148A/en
Application granted granted Critical
Publication of CN106534148B publication Critical patent/CN106534148B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Abstract

The embodiment of the invention provides an access control method and device of an application, wherein the method comprises the following steps: after receiving an access request of the application, the container system sends the access request to the master control system through a pre-established container channel; after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system and returns an authority verification result through a container channel; and when the container system determines that the received permission verification result is allowed, operating according to the access request of the application. By utilizing the embodiment of the invention, even if a malicious program invades the container system, the communication mode and the communication path between the container system and the main control system are difficult to obtain, the main control system is difficult to invade, the access authority strategy cannot be obtained from the main control system, the access authority strategy still needs to be controlled, and the confidential information in the terminal equipment is difficult to steal; thereby the security of the information in the terminal equipment is promoted on the whole.

Description

Access control method and device for application
Technical Field
The invention relates to the technical field of terminals, in particular to an access control method and device for an application.
Background
With the development of society and the progress of science and technology, terminal devices such as smart phones, tablet computers, electronic readers and the like are widely popularized. An operating system is generally installed in the terminal device, and a plurality of applications are generally installed in the operating system. Multiple applications have multiple functions to meet the needs of users.
To ensure the security of the system, the operating system generally needs to manage and control the access rights of the applications therein. An existing access control method for an application generally includes that after an operating system receives an access request of a certain application, whether the application should have an authority related to the access request is judged according to access authority policies of a plurality of applications stored in the operating system; if yes, responding to the access request; otherwise the access request is ignored.
However, the access authority policy related to the existing access control method for the application is preset in the operating system. Once the operating system is invaded by the malicious program, the malicious program can easily acquire the access authority strategy in the operating system, and further can modify the access authority strategy, so that the malicious program can easily acquire control authority of a plurality of system resources in the terminal equipment; therefore, the malicious program can execute destructive behaviors such as secret-related information of an access user according to the acquired control authority, and loss is easily brought to the user. The security of the existing access control method of the application is influenced on the whole.
In summary, the access right policy related to the existing access control method for the application has a defect of low security, which results in the defect of low security of the existing access control method for the application.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides an access control method and device of an application, which are used for solving the problem of low security in the prior art.
According to an aspect, an embodiment of the present invention provides an access control method for an application, including:
after receiving an access request of the application, the container system sends the access request to the master control system through a pre-established container channel;
after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system and returns an authority verification result through the container channel;
and when the container system determines that the received permission verification result is allowable, operating according to the access request of the application.
According to another aspect, an embodiment of the present invention further provides an access control apparatus for an application, including: a master control system and at least one container system;
each container system comprising:
the access request processing module is used for sending the access request to the master control system through the pre-established container channel after receiving the access request of the application; when the received permission verification result is determined to be allowable, operating according to the access request of the application;
the master control system comprises:
and the access authority verification module is used for performing authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system after receiving the access request of the application, and returning an authority verification result through the container channel.
Preferably, the master control system further comprises:
the access authority policy acquisition module is used for acquiring a corresponding access authority policy from the cloud server after receiving the access authority updating notification;
the access authority strategy updating module is used for carrying out validity verification on the obtained access authority strategy; and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
Preferably, the container system further comprises:
the access authority policy acquisition module is used for acquiring a corresponding access authority policy from the cloud server after receiving the access authority updating notification; sending the obtained access authority strategy to the master control system through the container channel;
the master control system further comprises:
the access authority strategy updating module is used for carrying out validity verification on the obtained access authority strategy; and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
Preferably, after the access right verification module is further configured to return a right verification result through the container channel, when the right verification result is allowed, the master control system records the access request of the application, the container system to which the application belongs, and the access right policy involved in the access request; when the access authority policy is detected to be updated and the authority verification result of the access request of the updated access authority policy to the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel; and
the access request processing module is further configured to stop responding to the access request of the application when determining that the received updated permission verification result is prohibited.
Preferably, the access right policy obtaining module is specifically configured to obtain, from the cloud server, a corresponding access right policy, an encrypted digest value thereof, and a corresponding public key; and
the access authority strategy updating module is specifically used for decrypting the acquired encrypted data according to the acquired public key; when the decryption is successful, obtaining the decrypted digest value; after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value; and when the comparison result is consistent, determining that the validity verification result is valid.
Preferably, the access right verification module is specifically configured to perform container-level right verification on the received access request of the application according to the access right policy of the container system currently stored in the master control system; when the permission verification result of the container level is allowable, performing master control level permission verification on the received access request of the application according to the currently stored access permission policy of the master control system in the master control system; when the authority verification result of the master control level is forbidden, determining that the final authority verification result is forbidden, and returning to the container system through the container channel; wherein the access right policy comprises: the access authority policy of the master control system and the access authority policy of the container system.
Preferably, the access right verification module is specifically configured to perform container-level right verification on the access request of the application according to the access right policy of the secure domain system when the access request of the application simultaneously relates to the access right policy of the secure domain system and the access right policy of the non-secure domain system that are currently stored in the master control system; the access authority policy of the container system comprises an access authority policy of a secure domain container system and an access authority policy of a non-secure domain container system.
In the embodiment of the invention, the access permission policies are all set in the main control system, the container system on the upper layer of the main control system receives the access request applied in the container system and then forwards the access request to the main control system, the main control system carries out permission verification on the access request according to the access permission policies preset in the main control system, and when the permission verification result is permission, the container system is informed to operate according to the access request. Even if the container system is invaded by the malicious program, the malicious program cannot acquire the access authority policy from the container system because the access authority policy does not exist in the container system; because the main control system is positioned at the lower layer of the container system and does not provide the function of directly interacting with the user, the user cannot install the program into the main control system, even if the malicious program is disguised as the application or is parasitic in the application, the malicious program cannot be installed into the main control system, and the safety of the main control system is greatly enhanced; the malicious program is difficult to acquire the communication mode and the communication path between the container system and the main control system, even though the container system is invaded, the malicious program is difficult to invade the main control system, cannot acquire the access authority strategy from the main control system, still needs to be controlled by the access authority strategy, and is difficult to steal confidential information in the terminal equipment; therefore, the security of the access authority strategy can be ensured in the process of managing and controlling the access request of the application, and the security of the information in the terminal equipment is improved on the whole.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic frame diagram of an internal structure of a terminal device according to an embodiment of the present invention;
fig. 2 and fig. 3 are schematic flowcharts of two dynamic updating methods of the access right policy of the terminal device according to the embodiment of the present invention;
fig. 4 is a flowchart illustrating an access control method for an application according to an embodiment of the present invention;
fig. 5 and fig. 6 are schematic frame diagrams of internal structures of two access control devices applied in the embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal device" may also be a communication terminal, a web-enabled terminal, and a music/video playing terminal, and may be, for example, a PDA, an MID (Mobile internet device) and/or a Mobile phone with a music/video playing function, and may also be a smart tv, a set-top box, and the like.
In the embodiment of the invention, the access control method of the application is improved. After receiving an access request of the application, the container system sends the access request to the master control system through a pre-established container channel; after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system and returns an authority verification result through a container channel; and when the container system determines that the received permission verification result is allowed, operating according to the access request of the application. It can be seen that, in the embodiment of the present invention, the access permission policies are all set in the master control system, after receiving the access request applied therein, the container system on the upper layer of the master control system forwards the access request to the master control system, the master control system performs permission verification on the access request according to the access permission policy preset therein, and when the permission verification result is permission, the container system is notified to operate according to the access request. Even if the container system is invaded by the malicious program, the malicious program cannot acquire the access authority policy from the container system because the access authority policy does not exist in the container system; the access authority strategy can not be obtained from the main control system because the communication mode and channel between the container system and the main control system can not be obtained; therefore, the security of the access authority policy can be ensured in the process of managing and controlling the access request of the application, and the security of the access management control of the application is improved on the whole.
The technical solution of the embodiments of the present invention is specifically described below with reference to the accompanying drawings.
In the technical solution of the present invention, a schematic frame diagram of an internal structure of a terminal device is shown in fig. 1, and includes: a master control system and at least one container system.
Wherein the at least one container system may comprise a first container system, a second container system, … …, an nth container system. N is a positive integer of 2 or more.
The container system in the embodiment of the present invention is an operating system provided in a container created by the Linux container virtualization technology. The operating system may be a Linux operating system or a Unix operating system in the conventional sense, an Android system or an Ubuntu system derived from the Linux operating system, or a Windows system based on a Windows platform. In fact, the container system of the present invention is not limited to the aforementioned exemplary operating systems, and may cover all operating systems capable of operating in a container. For convenience of description, the technical solution of the present invention is described below by taking an Android system as a container system as an example.
The master control system may be the above-mentioned conventional operating system, or may be an operating system obtained by modifying the conventional operating system. The master control system includes a kernel. The kernel is a kernel, or an enhanced kernel obtained after a functional module is added on the basis of the kernel. Preferably, the container system sends the call request or the access request to the main control system, and the main control system calls the kernel to implement various functions.
The main control system is mainly used for performing foreground and background management on a plurality of container systems, interacting with each container system and the like.
Preferably, the master control system may communicate with the container system through a container channel. Further, the container channel may be a socket channel. A container system sends a container channel creation request to a master control system; after receiving the request of the container system, the main control system creates a socket file and a pair of descriptors (socket pair) of the socket file, and names the pair of descriptors; registering the pair of descriptors and the Name thereof in NSS (Domain Space Server) virtual equipment of a master control system; returning the name of one descriptor in the pair of descriptors which are successfully registered to the container system; after the container system acquires the corresponding descriptor from the NSS virtual device according to the name of the descriptor, the container system can communicate with a master control system having another descriptor of the socket file through the descriptor.
In the embodiment of the invention, the access authority strategy is stored in the master control system. Preferably, the access right policy in the embodiment of the present invention may specifically be an MDM (Mobile Device Management) policy.
The terminal equipment in the embodiment of the invention is pre-registered in the cloud server. The cloud server records information including the identification, communication number and currently used access authority strategy of the terminal equipment, the affiliated unit and post of the user of the terminal equipment and the like. The access right policy comprises: the access authority of the application and the corresponding application scene; the application scenario includes at least one of: the container system, the foreground and background states of the container system and the time are applied.
The embodiment of the invention provides a dynamic updating method of a terminal device access authority strategy, the flow diagram of the method is shown in figure 2, and the method comprises the following steps:
s201: and after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
For example, a specific access right policy of the terminal device in the cloud server includes that a user can use a camera in the terminal device during non-working hours and cannot use the camera during working hours; and when the cloud server receives that the working time of the terminal equipment user changes from 9 to 18 points of Monday to Friday to 8 to 19 points, updating the working time of the user in the specific access authority strategy. And the cloud server determines that the access authority policy stored in the terminal equipment needs to be updated.
For another example, the cloud server records the professional information of the user of the terminal device as a police, and the access authority policy of the terminal device includes: the photographing function of the terminal device may be used during the user non-task and the photographing function of the terminal device is prohibited from being used during the user performing the task. When the cloud server receives information that the police user needs to execute a task and determines that the access authority policy which is issued to the terminal device last time for storage is a policy containing a shooting function which can use the terminal device, the access authority policy stored in the terminal device is determined to be required to be updated to a shooting function which can prohibit the application of the terminal device.
And after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
S202: and after receiving the access authority updating notification, the master control system acquires a corresponding access authority strategy from the cloud server.
Preferably, after receiving the access permission update notification issued by the cloud server, the main control system obtains, from the cloud server, the access permission policy to be updated of the terminal device, the digest value of the access permission policy, which is encrypted by the private key, and the public key corresponding to the private key, which are determined by the cloud server.
S203: the master control system carries out validity verification on the obtained access right strategy and determines whether the validity verification result is valid or not; when the validity verification result is valid, executing step S204; and when the result of the validity verification is illegal, ignoring the acquired access authority strategy.
Preferably, the master control system decrypts the acquired encrypted data according to the acquired public key.
When the decryption is successful, the secret key encrypted digest value is not tampered and is safe, and therefore the decrypted digest value is obtained. When the decryption fails, the digest value encrypted by the private key is probably tampered and is no longer safe, and the acquired access authority policy, the digest value encrypted by the private key of the access authority policy and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox.
After determining the abstract value of the obtained access authority strategy, the master control system compares the abstract value with the decrypted abstract value; and when the comparison result is consistent, the obtained access right policy is not tampered and is safe, the validity verification result is determined to be valid, and step S204 is executed.
When the master control system determines that the comparison result is inconsistent, the obtained access right strategy is probably tampered and is not safe any more, the validity verification result is determined to be illegal, and the obtained access right strategy, the digest value of the access right strategy encrypted by the private key and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox. Further, the master control system may retrieve the access permission policy.
S204: and updating the access authority strategy stored in the master control system.
And the master control system updates the access authority strategy stored in the master control system according to the acquired access authority strategy.
Because the main control system is positioned at the lower layer of the container system, direct interaction with a user is generally avoided, a malicious program generally cannot acquire a communication mode and a channel between the container system and the main control system in the embodiment of the invention, and is difficult to invade the main control system and tamper or destroy an access authority strategy stored in the main control system; therefore, the security of the access authority policy stored in the master control system is far higher than that of the access authority policy stored in the traditional container system.
The embodiment of the invention provides another method for dynamically updating the access right policy of the terminal equipment, and the flow diagram of the method is shown in fig. 3, and the method comprises the following steps:
s301: and after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
The method in this step is the same as the method in step S201, and is not described herein again.
S302: and after receiving the access authority updating notification, the container system acquires a corresponding access authority strategy from the cloud server.
Preferably, after receiving the access right update notification issued by the cloud server, the container system obtains, from the cloud server, the access right policy to be updated of the terminal device, the digest value of the access right policy encrypted by the private key, and the public key corresponding to the private key, which are determined by the cloud server.
S303: and the container system sends the acquired access right strategy to the master control system through the container channel.
And the application in the container system sends the acquired access right strategy to the master control system through a container channel which is pre-established between the container system and the master control system.
S304: the master control system carries out validity verification on the obtained access right strategy and determines whether the validity verification result is valid or not; when the validity verification result is valid, step S305 is executed; and when the result of the validity verification is illegal, ignoring the acquired access authority strategy.
The method in this step is the same as the method in step S203, and is not described herein again.
S305: and updating the access authority strategy stored in the master control system.
Preferably, after the master control system receives the access right policy and before the access right policy stored in the master control system is updated, determining whether the application in the container system sending the access right policy through the container channel is consistent with the application requesting to establish the container channel; if the access authority policies are consistent with the access authority policies, the access authority policies stored in the master control system are updated, and the fact that the applications sending the access authority policies are not invaded by malicious programs is indicated; if the access authority policies are inconsistent, the application sending the access authority policies is probably invaded by a malicious program, and the obtained access authority policies, the digest values of the access authority policies encrypted by the private key and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox.
Other methods in this step are the same as those in step S204, and are not described herein again.
Based on the obtained access right policy, a flowchart of the access control method for the application according to the embodiment of the present invention is shown in fig. 4, and includes the following steps:
s401: and after receiving the access request of the application, the container system sends the access request to the master control system through a pre-established container channel.
And after receiving an inquiry request of the application in the container system for the system resource, the container system sends the inquiry request to the master control system through a pre-established container channel between the container system and the master control system.
S402: after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system, and returns an authority verification result through the container channel.
Specifically, after receiving an access request of an application, the master control system searches the authority of the function related to the request for question from the access authority policy currently stored in the master control system, and uses the authority as an authority verification result. The authority verification result may be permission information and prohibition information of authority for the at least one function. The at least one function may comprise at least one of: shooting, recording, network access, mobile communication, instant communication and the like.
Preferably, in the process of executing the flow shown in fig. 4 according to the embodiment of the present invention, the flows shown in fig. 2 or 3 according to the embodiment of the present invention are likely to be executed at the same time. That is, during execution of the flow shown in fig. 4, it is highly likely that the access right policy stored in the terminal device is updated.
Therefore, when the authority verification result is allowed, the master control system records the access request of the application, the belonged container system and the involved access authority policy.
And when the master control system detects that the access authority policy is updated and the authority verification result of the updated access authority policy on the access request of the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
Preferably, the access right policy may include: the access authority policy of the master control system and the access authority policy of the container system.
And according to the access authority policy of the container system currently stored in the master control system, performing container-level authority verification on the received access request of the application. Specifically, the master control system determines a container system to which an application sending an access request belongs, and further determines an access authority policy of the container system stored in the master control system; and according to the determined access authority policy of the container system, performing authority verification on the received access request of the application, and taking the authority verification as container-level authority verification.
And when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission policy of the main control system currently stored in the main control system. Specifically, according to the access authority policy of the master control system currently stored in the master control system, the received access request of the application is subjected to authority verification, and the authority verification is used as master-level authority verification.
And when the permission verification result of the container level is allowed and the permission verification result of the master control level is forbidden, determining that the final permission verification result is forbidden and returning the final permission verification result to the container system through the container channel.
It is easy to see that, because the priority of the access right policy of the main control system is higher than that of the container system, even if the permission verification result of the container level determined according to the access right policy of the container system is allowed, as long as the permission verification result of the main control level determined according to the access right policy of the main control system is forbidden, the final permission verification result is forbidden. Even if the access authority policy of the container system is leaked and tampered by a malicious program, the authority prohibited by the access authority policy of the main control system cannot be acquired, and the security of the terminal device is improved.
In addition, when the authority verification result of the container level is forbidden and the authority verification result of the master control level is allowed, the final authority verification result is determined to be forbidden and is returned to the container system through the container channel.
And when the permission verification result of the container level is allowed and the permission verification result of the master control level is allowed, determining that the final permission verification result is allowed, and returning the final permission verification result to the container system through the container channel.
Further, the access right policy of the container system may include: the access authority policy of the secure domain container system and the access authority policy of the non-secure domain container system.
And when the access request of the application simultaneously relates to the access authority strategy of the security domain system and the access authority strategy of the non-security domain system which are currently stored in the main control system, performing container-level authority verification on the access request of the application according to the access authority strategy of the security domain system.
It is easy to see that, because the access right policy of the secure domain system has a higher priority than the access right policy of the non-secure domain system, when the function required to be accessed by the access request of the application relates to the access right policy of the secure domain system and the access right policy of the non-secure domain system, which are currently stored in the master control system, the container-level right authentication is performed on the access request of the application according to the access right policy of the secure domain system. Even if the access policy of the non-security domain system is leaked and tampered by a malicious program, the access policy of the non-security domain system cannot acquire the access prohibited by the access policy of the security domain system, and the security of the terminal device is improved.
Preferably, the access right policy includes: the access authority of the application and the corresponding application scene; the application scenario includes at least one of: the container system, the foreground and background states of the container system and the time are applied.
And the master control system can determine the access authority strategies respectively corresponding to the container system in the foreground or the background according to the foreground and background states of the container system to which the application sending the access request belongs. When the container system to which the application sending the access request belongs is in the foreground, the access request of the received application is subjected to authority verification according to the access authority strategy corresponding to the container system in the foreground, which is currently stored in the main control system, and an authority verification result is returned through the container channel.
S403: and when the container system determines that the received permission verification result is allowed, operating according to the access request of the application.
Specifically, an application sending an access request in the container system determines whether an authority verification result is allowed or forbidden after receiving the authority verification result through a container channel; when the permission verification result is determined to be allowable, operating according to the access request of the application; and when the permission verification result is determined to be forbidden, ignoring the access request of the application.
Preferably, when the last received permission verification result of the container system is allowed and in the operation process of the access request according to the application, an updated permission verification result for the same access request is received. And when the container system determines that the received updated authority verification result is forbidden, stopping responding to the access request of the application, for example, terminating the operation according to the access request of the application.
Based on the above access control method for the application, an embodiment of the present invention further provides an access control device for the application, where the device is disposed in the terminal device in the embodiment of the present invention, and a frame schematic diagram of an internal structure of the device is shown in fig. 5, where the frame schematic diagram includes: a master control system and at least one container system.
Each container system comprising: an access request processing module 501.
The access request processing module 501 is configured to send an access request to the master control system through a pre-established container channel after receiving the access request of the application; and when the received permission verification result is determined to be allowable, performing operation according to the access request of the application.
The master control system comprises: an access right verification module 511.
The access right verifying module 511 is configured to, after receiving the access request of the application sent by the access request processing module 501 through the container channel, perform right verification on the received access request of the application according to the currently stored access right policy in the master control system, and return a right verification result through the container channel.
Preferably, as shown in fig. 5, the master control system of the embodiment of the present invention further includes: an access authority policy acquisition module 512 and an access authority policy update module 513.
The access authority policy obtaining module 512 is configured to obtain a corresponding access authority policy from the cloud server after receiving the access authority update notification.
The access authority policy updating module 513 is configured to perform validity verification on the obtained access authority policy; and when the result of the validity verification is legal, updating the access authority strategy stored in the main control system.
Preferably, the access right verification module 511 in the main control system is further configured to, after returning a right verification result through the container channel, record, by the main control system, the access request of the application, the container system to which the access right verification module belongs, and the access right policy related to the access request when the right verification result is allowable; and when the access authority policy is detected to be updated and the authority verification result of the access request of the updated access authority policy to the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
And the access request processing module 501 in the container system is further configured to stop responding to the access request of the application when determining that the updated authorization verification result is prohibited.
Preferably, the access authority policy obtaining module 512 is specifically configured to obtain, from the cloud server, the corresponding access authority policy, the encrypted digest value thereof, and the corresponding public key.
The access authority policy updating module 513 is specifically configured to decrypt the obtained encrypted data according to the obtained public key; when the decryption is successful, obtaining a decrypted digest value; after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value; and when the comparison result is consistent, determining that the validity verification result is legal.
Preferably, the access right verification module 511 is specifically configured to perform container-level right verification on the received access request of the application according to an access right policy of a container system currently stored in the master control system; when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission strategy of the main control system currently stored in the main control system; when the authority verification result of the master control level is forbidden, determining that the final authority verification result is forbidden, and returning to the container system through the container channel; wherein, the access authority policy comprises: the access authority policy of the master control system and the access authority policy of the container system.
Preferably, the access right verification module 511 is specifically configured to, when the access request of the application simultaneously relates to an access right policy of a secure domain system and an access right policy of a non-secure domain system currently stored in the main control system, perform container-level right verification on the access request of the application according to the access right policy of the secure domain system; the access authority policy of the container system comprises an access authority policy of a secure domain container system and an access authority policy of a non-secure domain container system.
The above-mentioned method for implementing the functions of the access request processing module 501 in the container system, the access right verifying module 511, the access right policy obtaining module 512 and the access right policy updating module 513 in the main control system may refer to the specific contents of the above-mentioned flow steps in fig. 2 and fig. 4, and is not described here again.
Based on the above access control method for the application, an embodiment of the present invention further provides an access control device for the application, where the device is disposed in the terminal device in the embodiment of the present invention, and a frame schematic diagram of an internal structure of the device is shown in fig. 6, where the frame schematic diagram includes: a master control system and at least one container system.
Each container system comprising: an access request processing module 601.
The access request processing module 601 is configured to send an access request to the master control system through a pre-established container channel after receiving the access request; and when the received permission verification result is determined to be allowable, performing operation according to the access request of the application.
The master control system comprises: an access right verification module 611.
The access right verification module 611 is configured to, after receiving the access request of the application sent by the access request processing module 601 through the container channel, perform right verification on the received access request of the application according to the access right policy currently stored in the main control system, and return a right verification result through the container channel.
Preferably, as shown in fig. 6, the container system according to the embodiment of the present invention further includes: an access right policy obtaining module 602.
The access authority policy obtaining module 602 is configured to obtain a corresponding access authority policy from the cloud server after receiving the access authority update notification; and sending the acquired access authority strategy to the master control system through the container channel.
As shown in fig. 6, the master control system according to the embodiment of the present invention further includes: access rights policy update module 612.
The access right policy updating module 612 is configured to perform validity verification on the obtained access right policy; and when the result of the validity verification is legal, updating the access authority strategy stored in the main control system.
Preferably, the access right verification module 611 in the master control system is further configured to, after returning the right verification result through the container channel, record, by the master control system, the access request of the application, the container system to which the access right verification module belongs, and the access right policy related to the access request when the right verification result is allowable; and when the access authority policy is detected to be updated and the authority verification result of the access request of the updated access authority policy to the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
And the access request processing module 601 in the container system is further configured to stop responding to the access request of the application when determining that the updated authorization verification result is prohibited.
Preferably, the access authority policy obtaining module 602 is specifically configured to obtain, from the cloud server, the corresponding access authority policy, the encrypted digest value thereof, and the corresponding public key.
The access right policy updating module 612 is specifically configured to decrypt the obtained encrypted data according to the obtained public key; when the decryption is successful, obtaining a decrypted digest value; after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value; and when the comparison result is consistent, determining that the validity verification result is legal.
Preferably, the access right verification module 611 is specifically configured to perform container-level right verification on the received access request of the application according to the access right policy of the container system currently stored in the main control system; when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission strategy of the main control system currently stored in the main control system; when the authority verification result of the master control level is forbidden, determining that the final authority verification result is forbidden, and returning to the container system through the container channel; wherein, the access authority policy comprises: the access authority policy of the master control system and the access authority policy of the container system.
Preferably, the access right verifying module 611 is specifically configured to perform container-level right verification on the application access request according to the access right policy of the secure domain system when the application access request relates to both the access right policy of the secure domain system and the access right policy of the non-secure domain system currently stored in the main control system; the access authority policy of the container system comprises an access authority policy of a secure domain container system and an access authority policy of a non-secure domain container system.
The above-mentioned access request processing module 601, access right policy obtaining module 602 in the container system, and the access right verification module 611 and access right policy updating module 612 in the main control system may refer to the specific contents of the above-mentioned flow steps in fig. 3 and fig. 4, and are not described herein again.
In the embodiment of the invention, the access permission policies are all set in the main control system, the container system on the upper layer of the main control system receives the access request applied in the container system and then forwards the access request to the main control system, the main control system carries out permission verification on the access request according to the access permission policies preset in the main control system, and when the permission verification result is permission, the container system is informed to operate according to the access request. Even if the container system is invaded by the malicious program, the malicious program cannot acquire the access authority policy from the container system because the access authority policy does not exist in the container system; because the main control system is positioned at the lower layer of the container system and does not provide the function of directly interacting with the user, the user cannot install the program into the main control system, even if the malicious program is disguised as the application or is parasitic in the application, the malicious program cannot be installed into the main control system, and the safety of the main control system is greatly enhanced; the malicious program is difficult to acquire the communication mode and the communication path between the container system and the main control system, even though the container system is invaded, the malicious program is difficult to invade the main control system, cannot acquire the access authority strategy from the main control system, still needs to be controlled by the access authority strategy, and is difficult to steal confidential information in the terminal equipment; therefore, the security of the access authority strategy can be ensured in the process of managing and controlling the access request of the application, and the security of the information in the terminal equipment is improved on the whole.
In addition, in the embodiment of the present invention, after receiving the permission policy update notification issued by the cloud server, the master control system or the container system in the terminal device may automatically acquire the access permission policy from the cloud server without manual intervention of a technician or updating the version of the entire operating system, and automatically update the access permission policy stored in the terminal device, thereby implementing dynamic update of the access permission policy in the terminal device, and greatly improving convenience in updating the access permission policy. And the master control system carries out validity verification on the obtained access authority strategy, and when the verification is legal, the obtained access authority strategy can be ensured not to be tampered, so that the access authority strategy is updated according to the legal access authority strategy, and the safety of the access authority strategy in the dynamic updating process can be ensured. Therefore, the embodiment of the invention can realize the dynamic update of the access authority policy on the basis of ensuring the security of the access authority policy, and manage and control the access request of the application based on the dynamically updated access authority policy; the method and the device protect the secret-related information in the terminal equipment, can conveniently and dynamically update the access authority strategy, and improve the efficiency of the access request of the management and control application.
Further, in the embodiment of the present invention, when the access permission policy is acquired from the cloud server, the master control system or the container system may acquire the encrypted digest value of the access permission policy and the public key together, and perform validity verification on the acquired access permission policy by the master control system. Judging whether the obtained access authority strategy is tampered or not according to whether the obtained public key can decrypt the obtained abstract value or not; comparing and verifying whether the obtained access authority strategy is tampered according to the digest value; when the decryption is successful and the comparison results of the digest values are consistent, determining that the validity verification result is legal, and updating the strategy according to a legal access authority strategy; therefore, the probability of tampering the obtained access authority strategy is further reduced, the security of the dynamic updating access authority strategy of the embodiment of the invention is further enhanced, the security of the access control process of the application based on the dynamic updating access authority strategy is further enhanced on the whole, and the security of the information in the terminal equipment is improved.
In addition, in the embodiment of the present invention, when the right verification result is permission, the master control system records the access request of the application, the belonging container system, and the involved access right policy. When the master control system detects that the access authority strategy is updated and the authority verification result of the updated access authority strategy to the access request of the application is updated to be forbidden, returning to the container system to which the application belongs; stopping, by the container system, responding to the application's access request. Therefore, when the access authority policy stored in the terminal device of the embodiment of the invention is sent and dynamically updated, the authority verification is immediately carried out on the applied access request again according to the updated access authority policy, so that the updated access authority policy can generate effectiveness in time, the access request is limited in time, the leakage of confidential information in the terminal device can be prevented, and the safety of the information in the terminal device is further improved.
Those skilled in the art will appreciate that the present invention includes apparatus directed to performing one or more of the operations described in the present application. These devices may be specially designed and manufactured for the required purposes, or they may comprise known devices in general-purpose computers. These devices have stored therein computer programs that are selectively activated or reconfigured. Such a computer program may be stored in a device (e.g., computer) readable medium, including, but not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magnetic-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable programmable Read-Only memories), EEPROMs (Electrically Erasable programmable Read-Only memories), flash memories, magnetic cards, or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a bus. That is, a readable medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the features specified in the block or blocks of the block diagrams and/or flowchart illustrations of the present disclosure.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (9)

1. An access control method for an application, comprising:
after receiving an access request of an application of the container system, the container system sends the access request to a master control system through a pre-established container channel, wherein the master control system is used for performing foreground and background management on the container system and interacting with the container system;
after receiving the access request of the application, the master control system carries out container-level authority verification on the received access request of the application according to the access authority strategy of the container system currently stored in the master control system;
when the permission verification result of the container level is allowable, performing master control level permission verification on the received access request of the application according to the currently stored access permission policy of the master control system in the master control system; when the authority verification result of the main control level is forbidden, determining that the final authority verification result is forbidden, and when the authority verification result of the main control level is allowed, determining that the final authority verification result is allowed, and returning the authority verification result through the container channel;
and when the container system determines that the received permission verification result is allowable, operating according to the access request of the application.
2. The method of claim 1, wherein the access right policy in the host system is dynamically updated by:
after receiving the access authority updating notification, the master control system acquires a corresponding access authority strategy from the cloud server;
the master control system carries out validity verification on the obtained access authority strategy;
and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
3. The method of claim 1, wherein the access right policy in the host system is dynamically updated by:
after receiving the access authority updating notification, the container system acquires a corresponding access authority strategy from a cloud server;
the container system sends the acquired access authority strategy to the master control system through the container channel;
the master control system carries out validity verification on the obtained access authority strategy;
and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
4. The method according to claim 2 or 3, wherein after returning the result of the right verification through the container channel, the method further comprises:
when the permission verification result is permission, the master control system records the access request of the application, the container system and the related access permission strategy;
when the master control system detects that the access authority policy is updated and the authority verification result of the updated access authority policy on the access request of the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel;
and when the container system determines that the received updated authority verification result is forbidden, stopping responding to the access request of the application.
5. The method according to claim 2 or 3, wherein the obtaining the corresponding access right policy from the cloud server comprises:
acquiring a corresponding access authority strategy, an encrypted abstract value and a corresponding public key from the cloud server; and
the main control system carries out validity verification on the obtained access authority strategy, and the validity verification comprises the following steps:
the master control system decrypts the acquired encrypted data according to the acquired public key;
when the decryption is successful, obtaining the decrypted digest value;
after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value;
and when the comparison result is consistent, determining that the validity verification result is valid.
6. The method of claim 5, wherein the access permission policies of the container system comprise access permission policies of a secure domain container system and access permission policies of a non-secure domain container system; and
the container-level permission verification of the received access request of the application according to the access permission policy of the container system currently stored in the master control system includes:
and when the access request of the application simultaneously relates to the access authority policy of the security domain system and the access authority policy of the non-security domain system which are currently stored in the main control system, performing container-level authority verification on the access request of the application according to the access authority policy of the security domain system.
7. An access management apparatus for an application, comprising: the system comprises a main control system and at least one container system, wherein the main control system is used for carrying out foreground and background management on the container system and interacting with the container system;
each container system comprising:
the access request processing module is used for sending the access request to the master control system through the pre-established container channel after receiving the access request of the application; when the received permission verification result is determined to be allowable, operating according to the access request of the application;
the master control system comprises:
an access right verification module for receiving the access request of the application,
according to the access authority strategy of the container system currently stored in the master control system, performing container-level authority verification on the received access request of the application;
when the permission verification result of the container level is allowable, performing master control level permission verification on the received access request of the application according to the currently stored access permission policy of the master control system in the master control system; and when the authority verification result of the main control level is forbidden, determining that the final authority verification result is forbidden, and when the authority verification result of the main control level is allowed, determining that the final authority verification result is allowed, and returning the authority verification result through the container channel.
8. The apparatus of claim 7, wherein the master system further comprises:
the access authority policy acquisition module is used for acquiring a corresponding access authority policy from the cloud server after receiving the access authority updating notification;
the access authority strategy updating module is used for carrying out validity verification on the obtained access authority strategy; and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
9. The apparatus of claim 7, wherein the container system further comprises:
the access authority policy acquisition module is used for acquiring a corresponding access authority policy from the cloud server after receiving the access authority updating notification; sending the obtained access authority strategy to the master control system through the container channel;
the master control system further comprises:
the access authority strategy updating module is used for carrying out validity verification on the obtained access authority strategy; and when the validity verification result is legal, updating the access authority strategy stored in the master control system.
CN201611069910.0A 2016-11-29 2016-11-29 Access control method and device for application Active CN106534148B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611069910.0A CN106534148B (en) 2016-11-29 2016-11-29 Access control method and device for application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611069910.0A CN106534148B (en) 2016-11-29 2016-11-29 Access control method and device for application

Publications (2)

Publication Number Publication Date
CN106534148A CN106534148A (en) 2017-03-22
CN106534148B true CN106534148B (en) 2020-02-14

Family

ID=58355051

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611069910.0A Active CN106534148B (en) 2016-11-29 2016-11-29 Access control method and device for application

Country Status (1)

Country Link
CN (1) CN106534148B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850688B (en) * 2017-03-29 2018-05-01 宁夏灵智科技有限公司 Cloud platform key generation method and system
CN107395706A (en) * 2017-07-13 2017-11-24 北京元心科技有限公司 Mobile equipment and method and device for managing and controlling multi-system mobile equipment
CN107622213A (en) * 2017-09-06 2018-01-23 努比亚技术有限公司 A kind of data access method, terminal and computer-readable recording medium
CN107894886B (en) * 2017-11-23 2019-02-19 北京九章云极科技有限公司 A kind of method, apparatus and terminal device running code
CN108182095A (en) * 2018-01-16 2018-06-19 湖北省楚天云有限公司 A kind of application dispositions method, device and equipment
CN109040069B (en) * 2018-08-06 2020-09-18 江苏易安联网络技术有限公司 Cloud application program publishing method, publishing system and access method
CN109241783B (en) * 2018-08-14 2021-04-06 中国科学院信息工程研究所 Implementation method and device for mobile terminal management and control strategy
CN110008234B (en) * 2019-04-11 2021-09-24 北京百度网讯科技有限公司 Service data searching method and device and electronic equipment
CN110222480A (en) * 2019-06-13 2019-09-10 红鼎互联(广州)信息科技有限公司 The system and method that a kind of pair of software permission and behavior carry out security management and control
CN111222153B (en) * 2020-01-07 2023-04-07 腾讯科技(深圳)有限公司 Application program authority management method and device and storage medium
CN111259417A (en) * 2020-01-13 2020-06-09 奇安信科技集团股份有限公司 File processing method and device
CN111787006A (en) * 2020-06-30 2020-10-16 北京经纬恒润科技有限公司 Access control method and system for security application
CN112596740A (en) * 2020-12-28 2021-04-02 北京千方科技股份有限公司 Program deployment method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103383724A (en) * 2013-06-28 2013-11-06 记忆科技(深圳)有限公司 Storing device and data access authority management method thereof
CN103514397A (en) * 2013-09-29 2014-01-15 西安酷派软件科技有限公司 Server, terminal and authority management and permission method
CN105190545B (en) * 2014-01-27 2018-12-14 华为技术有限公司 Virtual method and device and computer equipment
CN105872256A (en) * 2016-06-03 2016-08-17 用友网络科技股份有限公司 Mobile terminal access control method and system based on scene sensing

Also Published As

Publication number Publication date
CN106534148A (en) 2017-03-22

Similar Documents

Publication Publication Date Title
CN106534148B (en) Access control method and device for application
CN106330984B (en) Dynamic updating method and device of access control strategy
US11704134B2 (en) Device locator disable authentication
US8560839B2 (en) Tamper proof location services
US10375116B2 (en) System and method to provide server control for access to mobile client data
CN108307674B (en) Method and equipment for guaranteeing terminal safety
US8160247B2 (en) Providing local storage service to applications that run in an application execution environment
CN104318176B (en) Data management method and device for terminal and terminal
US20120137372A1 (en) Apparatus and method for protecting confidential information of mobile terminal
CN101739361A (en) Access control method, access control device and terminal device
CN106685981B (en) Multi-system data encryption transmission method and device
WO2018049564A1 (en) Anti-theft method and device for mobile terminal
US10298399B2 (en) Location-locked data
CN107358118B (en) SFS access control method and system, SFS and terminal equipment
KR20120057873A (en) Apparatus for protecting information associated with security of mobile terminal and method thereof
CN111209561B (en) Application calling method and device of terminal equipment and terminal equipment
JP2010146475A (en) System and method for preventing information leakage of mobile terminal, and program
CN115098227A (en) Method and device for updating dynamic information of security equipment
CN117610056A (en) Method and system for processing unknown user invasion and readable storage medium
CN113177199A (en) Data processing method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210128

Address after: 101300 room 153, 1 / F, building 17, 16 Caixiang East Road, Nancai Town, Shunyi District, Beijing

Patentee after: Yuanxin Information Technology Group Co.,Ltd.

Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Beijing

Patentee before: BEIJING YUANXIN SCIENCE & TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20170322

Assignee: Beijing Yuanxin Junsheng Technology Co.,Ltd.

Assignor: Yuanxin Information Technology Group Co.,Ltd.

Contract record no.: X2021110000018

Denomination of invention: Application access control method and device

Granted publication date: 20200214

License type: Common License

Record date: 20210531

EE01 Entry into force of recordation of patent licensing contract