CN106548065B - Application program installation detection method and device - Google Patents

Application program installation detection method and device Download PDF

Info

Publication number
CN106548065B
CN106548065B CN201610968766.8A CN201610968766A CN106548065B CN 106548065 B CN106548065 B CN 106548065B CN 201610968766 A CN201610968766 A CN 201610968766A CN 106548065 B CN106548065 B CN 106548065B
Authority
CN
China
Prior art keywords
installation package
legal
identifier
list
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610968766.8A
Other languages
Chinese (zh)
Other versions
CN106548065A (en
Inventor
牟善礼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hisense Co Ltd
Original Assignee
Hisense Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hisense Co Ltd filed Critical Hisense Co Ltd
Priority to CN201610968766.8A priority Critical patent/CN106548065B/en
Publication of CN106548065A publication Critical patent/CN106548065A/en
Application granted granted Critical
Publication of CN106548065B publication Critical patent/CN106548065B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides an application program installation detection method and device. The method comprises the following steps: the method comprises the steps of obtaining a check value of a signature of a first installation package to be installed and a first identification of the first installation package, judging whether the first identification is located in a legal identification list of the installation package, wherein the legal identification list is located in a credible area of terminal equipment, the legal identification list is determined according to an identification of a second installation package obtained from a legal server, if the first identification is determined to be located in the legal identification list, determining whether the check value of the signature of the first installation package is located in a legal check value list, wherein the legal check value list is located in the credible area, the legal check value list is determined according to the check value of the signature of the second installation package, and if the check value is determined to be located in the legal check value list, the first installation package is installed, so that information safety of a user is guaranteed.

Description

Application program installation detection method and device
Technical Field
The present invention relates to communications technologies, and in particular, to a method and an apparatus for detecting application installation.
Background
With the continuous development of communication technology, the use of terminal equipment is more and more extensive. More and more applications, such as instant messaging programs, online shopping programs and the like, are required to be installed on terminal equipment by users.
At present, in the process of initially installing an application, after receiving a download instruction, a terminal device downloads a legal installation package from an official server to the terminal device, and after receiving the installation instruction, the terminal device runs the legal installation package. After the legal installation package is operated, the corresponding safe application program can be installed on the terminal equipment. After installation, the user clicks the icon of the secure application program, so that the secure application program can be started to perform services such as online shopping and online payment. After other people take the terminal equipment, if the safe application program is unloaded, the installation package which is maliciously modified is operated, an illegal application program is installed to replace the original legal application program on the terminal equipment, and as long as the modified installation package has the same package name as the legal installation package, a user cannot find that the legal application program is maliciously modified, so that the user may possibly use the illegal application program in the subsequent process.
Therefore, in the above process, in the process of installing the modified installation package having the same package name as the legitimate installation package again, the validity of the modified installation package cannot be verified, and thus, the information security of the user is threatened.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides an application program installation detection method and device to ensure the information security of a user.
The invention provides an application program installation detection method, which comprises the following steps:
acquiring a verification value of a signature of a first installation package to be installed and a first identifier of the first installation package;
judging whether the first identifier is located in a legal identifier list of the installation package; the legal identification list is positioned in a trusted area of the terminal equipment and is determined according to the identification of the second installation package obtained from a legal server;
if the first identifier is determined to be located in the legal identifier list, determining whether a check value of the signature of the first installation package is located in a legal check value list; the legal verification value list is located in the trusted area and is determined according to the verification value of the signature of the second installation package;
and if the verification value of the signature of the first installation package is determined to be located in the legal verification value list, operating the first installation package.
As shown above, the obtaining a signed check value of a first installation package to be installed includes:
acquiring the signature of the first installation package from the field of the signature of the first installation package;
and determining a verification value of the signature of the first installation package according to the signature of the first installation package and a verification algorithm.
The method as shown above, further comprising:
and determining the legal identification list and the legal verification value list according to the second identification of the second installation package and the verification value of the signature of the second installation package.
As shown in the above method, the determining the legal identifier list and the legal verification value list according to the second identifier of the second installation package and the verification value of the signature of the second installation package includes:
after receiving a downloading instruction, acquiring the second installation package from the legal server;
acquiring a verification value of the signature of the second installation package and a second identifier of the second installation package;
storing the second identifier in the trusted area to form the legal identifier list;
and storing the verification value of the signature of the second installation package in the trusted area to form the legal verification value list.
The method as above, before said storing said second identity in said trusted zone, said method further comprising:
judging whether a storage instruction is received or not; wherein the storage indication instruction is used for indicating that the second identifier is stored in the trusted area;
and if the storage indication instruction is determined to be received, determining to execute the operation of storing the second identifier in the trusted area.
As shown in the above, if it is determined that the storage indication instruction is received, the method further includes:
and prompting the user that the application program corresponding to the second installation package is protected.
The method as shown above, further comprising:
after receiving the uninstalling instruction, acquiring a third identifier of a third installation package corresponding to the application program to be uninstalled;
judging whether the third identifier is located in the legal identifier list or not;
if the third identifier is determined to be located in the legal identifier list, reserving the third identifier in the legal identifier list and reserving a verification value of the signature of the third installation package in the legal verification value list;
and unloading other data of the application program to be unloaded.
In the method described above, the verification algorithm is a hash algorithm, and the first identifier is a package name of the first installation package.
The present invention also provides an application installation detecting apparatus, including:
the device comprises a first acquisition module, a second acquisition module and a first verification module, wherein the first acquisition module is used for acquiring a check value of a signature of a first installation package to be installed and a first identifier of the first installation package;
the first judgment module is used for judging whether the first identifier is positioned in a legal identifier list of the installation package; the legal identification list is positioned in a trusted area of the terminal equipment and is determined according to the identification of the second installation package obtained from a legal server;
a first determining module, configured to determine whether a check value of a signature of the first installation package is located in a list of valid check values when it is determined that the first identifier is located in the list of valid identifiers; the legal verification value list is located in the trusted area and is determined according to the verification value of the signature of the second installation package;
and the operation module is used for operating the first installation package when the verification value of the signature of the first installation package is determined to be positioned in the legal verification value list.
In the above apparatus, the first obtaining module is specifically configured to:
acquiring the signature of the first installation package from the field of the signature of the first installation package;
and determining a verification value of the signature of the first installation package according to the signature of the first installation package and a verification algorithm.
The apparatus as shown above, further comprising:
and the second determining module is used for determining the legal identification list and the legal verification value list according to the second identification of the second installation package and the verification value of the signature of the second installation package.
The apparatus as shown above, the second determining module comprising:
the first obtaining submodule is used for obtaining the second installation package from the legal server after receiving a downloading instruction;
the second obtaining submodule is used for obtaining the verification value of the signature of the second installation package and the second identifier of the second installation package;
the first storage submodule is used for storing the second identifier in the trusted area to form the legal identifier list;
and the second storage submodule is used for storing the verification value of the signature of the second installation package in the trusted area to form the legal verification value list.
The apparatus as shown above, further comprising:
the third judging module is used for judging whether a storage instruction is received or not; wherein the storage indication instruction is used for indicating that the second identifier is stored in the trusted area;
and the third determining module is used for determining to execute the operation of storing the second identifier in the trusted area when the storage indication instruction is determined to be received.
The apparatus as shown above, further comprising:
and the prompting module is used for prompting the user that the application program corresponding to the second installation package is protected.
The apparatus as shown above, further comprising:
the second obtaining module is used for obtaining a third identifier of a third installation package corresponding to the application program to be uninstalled after receiving the uninstalling instruction;
the second judging module is used for judging whether the third identifier is positioned in the legal identifier list or not;
a reserving module, configured to reserve the third identifier in the valid identifier list and reserve a verification value of a signature of the third installation package in the valid verification value list when it is determined that the third identifier is located in the valid identifier list;
and the unloading module is used for unloading other data of the application program to be unloaded.
In the apparatus as described above, the verification algorithm is a hash algorithm, and the first identifier is a package name of the first installation package.
The method and the device for detecting the installation of the application program provided by the embodiment of the invention judge whether the first identifier is positioned in a legal identifier list of the installation package or not by acquiring the check value of the signature of the first installation package to be installed and the first identifier of the first installation package, wherein the legal identifier list is positioned in a trusted area of the terminal equipment, the legal identifier list is determined according to the identifier of the second installation package acquired from a legal server, if the first identifier is determined to be positioned in the legal identifier list, the check value of the signature of the first installation package is determined to be positioned in a legal check value list, wherein the legal check value list is positioned in the trusted area, the legal check value list is determined according to the check value of the signature of the second installation package, if the check value is determined to be positioned in the legal check value list, the first installation package is installed, on one hand, in the process of installing the first installation package is realized, the legality of the first installation package can be verified according to the first identifier, the verification value of the signature of the first installation package, the legal identifier list and the legal verification value list, and the first installation package is installed only when the first identifier of the first installation package is located in the legal identifier list and the verification value of the signature of the first installation package is located in the legal verification value list, so that the first installation package is guaranteed to be verified.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a first embodiment of a method for detecting installation of an application program according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a second embodiment of an application installation detection method according to the present invention;
FIG. 3 is a schematic view of a user interface in the embodiment of FIG. 2;
fig. 4 is a schematic structural diagram of a first embodiment of an application installation detection apparatus according to the present invention;
fig. 5 is a schematic structural diagram of a second embodiment of an application installation detection apparatus according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," and "fourth," if any, in the description and claims of the invention and in the above-described figures are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The application program installation detection method provided by the embodiment of the invention can be executed by the terminal equipment. The terminal device in the embodiment of the present invention may be a handheld device, a vehicle-mounted device, a wearable device, a computing device, and various forms of User Equipment (UE), a Mobile Station (MS), a terminal (terminal), and the like, which have chips supporting the ARM trusted area technology. By way of example, the terminal device according to the embodiment of the present invention may be a smart phone, a tablet computer, or the like.
The application installation detection method provided by the embodiment of the invention judges whether the first identifier is located in a legal identifier list of the installation package or not by acquiring the check value of the signature of the first installation package to be installed and the first identifier of the first installation package, wherein the legal identifier list is located in a trusted area of the terminal equipment, the legal identifier list is determined according to the identifier of the second installation package acquired from a legal server, if the first identifier is determined to be located in the legal identifier list, whether the check value of the signature of the first installation package is located in the legal check value list or not is determined, wherein the legal check value list is located in the trusted area, the legal check value list is determined according to the check value of the signature of the second installation package, if the check value is determined to be located in the legal check value list, the first installation package is installed, on one hand, in the process of installing the first installation package is realized, the legality of the first installation package can be verified according to the first identifier, the verification value of the signature of the first installation package, the legal identifier list and the legal verification value list, and the first installation package is installed only when the first identifier of the first installation package is located in the legal identifier list and the verification value of the signature of the first installation package is located in the legal verification value list, so that the first installation package is guaranteed to be verified.
The technical solution of the present invention will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
Fig. 1 is a schematic flowchart of a first embodiment of an application installation detection method according to an embodiment of the present invention. As shown in fig. 1, the method for detecting installation of an application program according to the embodiment of the present invention includes the following steps:
s101: and acquiring a verification value of a signature of a first installation package to be installed and a first identifier of the first installation package.
Specifically, the application installation detection method provided by the embodiment of the present invention may be applied to terminal devices running with various platforms, and executed by an operating system program, for example, an android platform, an iOS platform, and the like. The embodiment of the present invention is not limited thereto.
Existing applications can be divided into: different application types such as tool type programs, game type programs, shopping type programs, life type programs and multimedia type programs. The first installation package in the embodiment of the present invention may be an installation package of any type of application program. For example, the first installation package in the embodiment of the present invention may be an installation package of an instant messaging program or an online shopping program. For example, in a terminal device running an android platform, an installation package of an application is an Android Package (APK) file.
The first installation package to be installed may be obtained from a server or may be obtained from other terminal devices. Each installation package requires a developer to sign when it is developed. The key file used for signing is unique to the developer. It is often impossible for a cracker to have the same key file. Thus, the integrity of the installation package, i.e., whether the installation package was modified by someone other than the developer, can be verified with the signed check value of the installation package.
When the check value of the signature of the first installation package to be installed is obtained, the following two implementation modes are provided:
in a first implementation manner, when the check value of the signature of the first installation package to be installed is obtained, the signature of the first installation package may be obtained from a field of the signature of the first installation package. The first installation package may include a plurality of fields, each field having a value representing different contents of the first installation package. After the signature of the first installation package is obtained, the verification value of the signature of the first installation package can be determined according to the signature and the verification algorithm. Alternatively, the checking algorithm may be a hash algorithm, and the check value may be an MD5 value, or a CRC32 value.
In a second implementation manner, when obtaining the check value of the signature of the first installation package to be installed, the check value of the signature of the first installation package may be directly obtained from a field of the check value of the signature of the first installation package. In this implementation, the verification value of the signature of the first installation package is determined by a developer according to a signature and verification algorithm after the developer completes the development of the first installation package. Optionally, the check algorithm may also be a hash algorithm.
In the two implementations, compared to the first implementation, the security is higher because the hash value of the signature of the installation package needs to be recalculated at the time of installation.
When the first identifier of the first installation package is obtained, in a manner similar to the above implementation manner, the first identifier may be obtained from a field of the first identifier of the first installation package. The first identifier is an identifier that uniquely identifies the installation package. Optionally, the first identifier may be a package name of the first installation package. The package name may be named by the developer.
S102: and judging whether the first identifier is positioned in a legal identifier list of the installation package.
And the legal identification list is determined according to the identification of the second installation package acquired from the legal server.
Specifically, the trusted Zone (Trust Zone) of the terminal device is a storage Zone in which an interface is not open to the outside. Because the interface of the trusted area is not open, other programs except the program written by the manufacturer cannot perform read-write operation on the data in the trusted area, which ensures that the security of the data stored in the trusted area is very high. Here, the manufacturer refers to an operating system developer, the program written by the manufacturer refers to an operating system program, and the program other than the program written by the manufacturer refers to a third-party application program.
In the embodiment of the invention, the legal identification list is stored in the trusted area, which ensures that the legal identification list cannot be maliciously modified. The legal identification list is determined by the terminal equipment according to the identification of the second installation package obtained from the legal server. A legitimate server means an official server or a legitimate server. The application program formed by the installation package acquired from the legal server is a safe application program, and cannot threaten the information security of the user.
The storage form of the legal identification list in the trusted area can be a database form, a list form, a matrix form and the like. The embodiment of the present invention is not limited thereto.
When determining whether the first identifier is located in the legal identifier list of the installation package, it may be determined whether there is an identifier that is the same as the first identifier in the legal identifier list.
S103: and if the first identifier is determined to be in the legal identifier list, determining whether the check value of the signature of the first installation package is in the legal check value list.
And the legal verification value list is determined according to the verification value of the signature of the second installation package.
In particular, the list of legal verification values is stored in a trusted area, which ensures that the list of legal verification values is not maliciously modified. The legal verification value list is determined according to the verification value of the signature of the second installation package obtained from the legal server.
The storage form of the legal check value list in the trusted area can be a database form, a list form, a matrix form and the like. The embodiment of the present invention is not limited thereto.
If the same identifier as the first identifier can be retrieved from the list of valid identifiers, it is determined that the first identifier is located in the list of valid identifiers. When determining whether the check value of the signature of the first installation package is located in the valid check value list, it may be determined whether a check value identical to the check value of the signature of the first installation package exists in the valid check value list.
In S102 and S103, the valid identifier list and the valid check value list need to be determined in advance. One possible implementation manner is to determine the legal identifier list and the legal verification value list according to the second identifier of the second installation package and the verification value of the signature of the second installation package. The number of the second installation packs may be one or more. When the number of the second installation packages is one, the legal identification list and the legal verification value list respectively comprise only one value; when the number of the second installation packages is multiple, the legal identification list and the legal verification value list both comprise multiple values. In addition, the legal identification list and the legal verification list are both stored in a trusted area, and the trusted area is a local storage space of the terminal equipment. Whether the terminal equipment is connected with the network or not, the security program in the terminal equipment can read the legal identification list and the legal check value list in the trusted area, so that the installation detection method of the application program provided by the embodiment of the invention can be normally executed no matter whether the terminal equipment is connected with the network or not.
It should be noted that, if it is determined that the first identifier is not located in the list of valid identifiers, the installation process is stopped.
S104: and if the verification value of the signature of the first installation package is determined to be in the legal verification value list, operating the first installation package.
Specifically, if the check value identical to the check value of the signature of the first installation package can be retrieved from the legal check value list, it is determined that the check value of the signature of the first installation package is located in the legal check value list.
Therefore, the first installation package can be determined to be a legal installation package, the terminal device runs the first installation package, and the application program corresponding to the first installation package is installed. The application program can be determined to be a safe application program, and no threat can be caused to the information security of the user in the process of using the application program by the user. The terminal device may adopt a scheme in the prior art to operate the first installation package, and the embodiment of the present invention is not described herein again.
Optionally, if it is determined that the verification value of the signature of the first installation package is located in the valid verification value list, the user may be prompted that the application program corresponding to the first installation package is an application program protected by the system, so as to improve user experience.
It should be noted that, if it is determined that the check value of the signature of the first installation package is not located in the legal check value list, it indicates that the first installation package has been modified illegally, and the operation of the first installation package is stopped, so as to protect the information security of the user.
The application installation detection method provided by the embodiment of the invention judges whether the first identifier is located in a legal identifier list of the installation package or not by acquiring the check value of the signature of the first installation package to be installed and the first identifier of the first installation package, wherein the legal identifier list is located in a trusted area of the terminal equipment, the legal identifier list is determined according to the identifier of the second installation package acquired from a legal server, if the first identifier is determined to be located in the legal identifier list, whether the check value of the signature of the first installation package is located in the legal check value list or not is determined, wherein the legal check value list is located in the trusted area, the legal check value list is determined according to the check value of the signature of the second installation package, if the check value is determined to be located in the legal check value list, the first installation package is installed, on one hand, in the process of installing the first installation package is realized, the legality of the first installation package can be verified according to the first identifier, the verification value of the signature of the first installation package, the legal identifier list and the legal verification value list, the first installation package is installed only when the first identifier of the first installation package is located in the legal identifier list and the verification value of the signature of the first installation package is located in the legal verification value list, and it is guaranteed that the installed first installation package is verified.
Fig. 2 is a schematic flowchart of a second embodiment of the application installation detection method according to the present invention. The embodiment of the present invention describes in detail how to determine the scheme of the legal identifier list and the legal verification value list based on the embodiment shown in fig. 1. As shown in fig. 2, the method for detecting application installation provided by the embodiment of the present invention includes the following steps:
s201: and after receiving the downloading instruction, acquiring a second installation package from the legal server.
Specifically, when the user determines that the server for downloading the installation package is a legal server, the user inputs a downloading instruction. And after receiving the downloading instruction, the terminal equipment acquires the second installation package from the legal server.
The process of acquiring the second installation package may be that the legitimate server sends the second installation package to the terminal device through the network.
S202: and acquiring the verification value of the signature of the second installation package and a second identifier of the second installation package.
Specifically, similar to S101, there are two implementations in acquiring the verification value of the signature:
in a first implementation manner, the signature of the second installation package is obtained from the field of the signature of the second installation package, and the check value of the signature of the second installation package is determined according to the signature and the check algorithm. Alternatively, the checking algorithm may be a hash algorithm, and the check value may be an MD5 value, or a CRC32 value.
In a second implementation manner, the signed check value of the second installation package may be directly obtained from a field of the signed check value of the second installation package.
When the second identifier of the second installation package is obtained, in a manner similar to the above implementation manner, the second identifier may be obtained from a field of the second identifier of the second installation package. Optionally, the second identifier may be a package name of the second installation package.
S203: and storing the second identification in a trusted area to form a legal identification list.
S204: and storing the verification value of the signature of the second installation package in a trusted area to form a legal verification value list.
Specifically, in S203 and S204, after the second identifier of the second installation package and the verification value of the signature of the second installation package are obtained, the second identifier is stored in the trusted area to form a legal identifier list, and the verification value of the signature of the second installation package is stored in the trusted area to form a legal verification value list.
It should be noted that, when the second identifier is a package name, the legal identifier list is a legal package name list.
Optionally, in a possible implementation manner, before S203, the method may further include: and judging whether a storage indication instruction is received or not. The storage indication instruction is to indicate that the second identity is stored in the trusted region. And if the storage indication instruction is determined to be received, determining to execute the operation of storing the second identifier in the trusted area. Specifically, the user may determine whether to store the second identifier of the second installation package in the trusted area according to the service type carried by the second installation package. For example, when the type of the service carried by the second installation package is a tool-type service, in an exemplary electronic dictionary, when the user uses the electronic dictionary, the information of the involved user is less, and a high security level is not required, and at this time, the user may choose not to store the second identifier in the trusted area, so as to save the storage space of the trusted area and improve the utilization rate of the trusted area. When the type of the service carried by the second installation package is a shopping service, the user can select to store the second identifier in the trusted area because the second installation package relates to security information such as online payment password information.
Optionally, after determining that the storage instruction is received, the user may be prompted that the application program corresponding to the second installation package is protected. The terminal equipment can prompt the user in a mode of displaying a user interface, can prompt the user in a vibration mode, and can prompt the user in a mode of sending audio. FIG. 3 is a schematic diagram of a user interface in the embodiment shown in FIG. 2. As shown in the user interface 301 of fig. 3, when it is determined that the storage instruction is received, a dialog box "the application program has been protected by the system" is displayed to the user.
S205: and after receiving the uninstalling instruction, acquiring a third identifier of a third installation package corresponding to the application program to be uninstalled.
S206: and judging whether the third identifier is positioned in the legal identifier list.
S207: and if the third identifier is determined to be positioned in the legal identifier list, keeping the third identifier in the legal identifier list and keeping the verification value of the signature of the third installation package in the legal verification value list.
S208: other data of the application to be uninstalled is uninstalled.
Specifically, in S205-S208, when the application program needs to be uninstalled, first, the third identifier of the third installation package corresponding to the application program to be uninstalled is obtained, and it is determined whether the third identifier is located in the legal identifier list. And when the third identifier is positioned in the legal identifier list, reserving the third identifier in the legal identifier list and reserving the verification value of the signature of the third installation package in the legal verification value list so as to verify the legality of the installation package when the installation package with the identifier same as that of the third installation package is installed again. When the third identifier of the application program to be uninstalled is obtained, the third identifier may be read according to the installation path of the application program to be uninstalled.
And then unloading other data of the application program to be unloaded. The other data is data other than the third identifier and the signed check value of the third installation package.
It should be noted that, when it is determined that the third identifier is not located in the list of valid identifiers, when the application to be uninstalled is uninstalled, the application to be uninstalled is normally uninstalled, that is, all information of the application to be uninstalled is deleted from the terminal device.
S209: and acquiring a verification value of a signature of a first installation package to be installed and a first identifier of the first installation package.
S210: and judging whether the first identifier is positioned in a legal identifier list of the installation package.
And the legal identification list is determined according to the identification of the second installation package acquired from the legal server.
S211: and if the first identifier is determined to be in the legal identifier list, determining whether the check value of the signature of the first installation package is in the legal check value list.
And the legal verification value list is determined according to the verification value of the signature of the second installation package.
S212: and if the check value is determined to be in the legal check value list, operating the first installation package.
S209-S212 are similar to the implementation and technical principles of S101-S104 and are not described herein.
The above process is illustrated below with a specific example:
the user X needs to install the shopping program a on the terminal device. And when the user X determines that the server is a legal server, inputting a downloading instruction. And the terminal equipment acquires the installation package A corresponding to the shopping program A from the legal server. And acquiring the check value of the signature of the installation package A and the identification of the installation package A. And storing the verification value of the signature of the installation package A and the identification of the installation package A in a trusted area to form a legal identification list and a legal verification value list. After the user X installs the shopping program a, the user X can use the shopping program a to perform online shopping. Now, suppose there is another user Y who wants to steal the payment information of the user a. And after taking the terminal equipment away, the user Y wants to uninstall the shopping program A, installs a shopping program B with the same identification as the shopping program A, and stores an installation package B of the shopping program B on the terminal equipment for installation. In the process of uninstalling the shopping program A, after an uninstalling instruction input by the user Y is received, the identifier of the installation package A of the shopping program A is obtained. And judging whether the A is located in the legal identification list, wherein in the scene, the identification of the installation package A is necessarily located in the legal identification list. During the uninstalling process, the identifier of the installation package a and the verification value of the signature of the installation package a are kept in the legal identifier list and the legal verification value list. When the user B installs the shopping program B, the terminal equipment acquires the signature check value of the installation package B and the identifier of the installation package B, and judges whether the identifier of the installation package B is located in the legal identifier list, and in the scene, the identifier of the installation package B is necessarily located in the legal identifier list. And then determining whether the check value of the signature of the installation package B is in the legal check value list, wherein the secret key used by the signature is unique to developers, at the moment, the check value of the signature of the installation package B is inevitably not in the legal check value list, and the terminal equipment stops the installation of the installation package B, so that the information safety of the user A is ensured.
The application program detection method provided by the embodiment of the invention comprises the steps of obtaining a second installation package from a legal server after receiving a downloading instruction, obtaining a signed check value of the second installation package and a second identifier of the second installation package, storing the second identifier in a trusted area to form a legal identifier list, storing the signed check value of the second installation package in the trusted area to form a legal check value list, obtaining a third identifier of a third installation package corresponding to an application program to be unloaded after receiving the unloading instruction, judging whether the third identifier is located in the legal identifier list, if the third identifier is determined to be located in the legal identifier list, reserving the third identifier in the legal identifier list and the signed check value of the third installation package in the legal check value list, unloading other data of the application program to be unloaded, and realizing that when the legal identifier list and the legal check value list are determined, and determining according to the second installation package obtained from the legal server, judging whether the identifier of the installation package of the application program is located in the legal identifier list or not when the application program is unloaded, if so, keeping the identifier of the installation package and the verification value of the signature in the legal identifier list and the legal verification value list, ensuring the integrity of the legal identifier list and the legal verification value list, and improving the detection accuracy of the application program, thereby further ensuring the information safety of a user.
Fig. 4 is a schematic structural diagram of a first embodiment of an application installation detection apparatus according to an embodiment of the present invention. As shown in fig. 4, an application installation detection apparatus provided in an embodiment of the present invention includes:
the first obtaining module 41 is configured to obtain a check value of a signature of a first installation package to be installed and a first identifier of the first installation package.
Optionally, the first obtaining module 41 is specifically configured to: acquiring a signature of the first installation package from a field of the signature of the first installation package; and determining the verification value of the signature of the first installation package according to the signature of the first installation package and a verification algorithm. Illustratively, the verification algorithm is a hash algorithm, and the first identifier is a package name of the first installation package.
The first determining module 42 is configured to determine whether the first identifier is located in a legal identifier list of the installation package.
And the legal identification list is determined according to the identification of the second installation package acquired from the legal server.
A first determining module 43, configured to determine whether the check value of the signature of the first installation package is located in the list of valid check values when it is determined that the first identifier is located in the list of valid identifiers.
And the legal verification value list is determined according to the verification value of the signature of the second installation package.
Optionally, the apparatus for detecting application installation provided in the embodiment of the present invention may further include a second determining module, configured to determine the legal identifier list and the legal verification value list according to the second identifier of the second installation package and the verification value of the signature of the second installation package.
And the running module 44 is used for running the first installation package when the verification value of the signature of the first installation package is determined to be located in the legal verification value list.
The application installation detection device provided by the embodiment of the invention is provided with a first acquisition module for acquiring the verification value of the signature of the first installation package to be installed and the first identifier of the first installation package, a first judgment module for judging whether the first identifier is positioned in the legal identifier list of the installation package, a first determination module for determining whether the verification value of the signature of the first installation package is positioned in the legal verification value list when the first identifier is determined to be positioned in the legal identifier list, and an operation module for operating the first installation package when the verification value of the signature of the first installation package is determined to be positioned in the legal verification value list, so that on one hand, in the process of installing the first installation package, the legality of the first installation package can be verified according to the first identifier, the verification value of the signature of the first installation package, the legal identifier list and the legal verification value list, the first installation package is installed only when the first identifier of the first installation package is located in the legal identifier list and the verification value of the signature of the first installation package is located in the legal verification value list, so that the installed first installation package is verified.
Fig. 5 is a schematic structural diagram of a second embodiment of an application installation detection apparatus according to the present invention. The embodiment of the present invention provides a detailed description of other parts of the application installation detection apparatus based on the embodiment shown in fig. 4. As shown in fig. 5, on the basis of the embodiment shown in fig. 4, the apparatus for detecting application installation according to the embodiment of the present invention includes:
the second determination module 51 includes: the first obtaining sub-module 511 is configured to obtain the second installation package from the legal server after receiving the downloading instruction; the second obtaining sub-module 512 is configured to obtain a check value of a signature of the second installation package and a second identifier of the second installation package; the first storage submodule 513 is configured to store the second identifier in the trusted region, so as to form a legal identifier list; and the second storage submodule 514 is configured to store the verification value of the signature of the second installation package in the trusted area, so as to form a legal verification value list.
The second obtaining module 52 is configured to obtain, after receiving the uninstalling instruction, a third identifier of a third installation package corresponding to the application program to be uninstalled.
And the second judging module 53 is configured to judge whether the third identifier is located in the list of legitimate identifiers.
And a retaining module 54, configured to, when it is determined that the third identifier is located in the legal identifier list, retain the third identifier in the legal identifier list and retain the verification value of the signature of the third installation package in the legal verification value list.
And the unloading module 55 is used for unloading other data of the application program to be unloaded.
Optionally, the application installation detecting device may further include: the third judging module is used for judging whether a storage instruction is received or not; the storage indication instruction is used for indicating that the second identifier is stored in the trusted area; the third determining module is configured to determine to execute the operation of storing the second identifier in the trusted area when it is determined that the storage instruction is received, and the third determining module are configured to save a storage space of the trusted area and improve a utilization rate of the trusted area. And the prompting module is used for prompting the user that the application program corresponding to the second installation package is protected. The setting of the prompt module can improve the user experience.
The application installation detection device provided by the embodiment of the invention comprises the following components by setting a second determination module: the first obtaining submodule is used for obtaining a second installation package from a legal server after receiving the downloading instruction; the second obtaining submodule is used for obtaining the verification value of the signature of the second installation package and the second identifier of the second installation package; the first storage submodule is used for storing the second identifier in a trusted area to form a legal identifier list; a second storage submodule for storing the signed check value of the second installation package in a trusted area to form a legal check value list, a second obtaining module for obtaining a third identifier of a third installation package corresponding to the application program to be uninstalled after receiving an uninstalling instruction, a second judging module for judging whether the third identifier is in the legal identifier list, a reserving module for reserving the third identifier in the legal identifier list and the signed check value of the third installation package in the legal check value list when the third identifier is in the legal identifier list, an uninstalling module for uninstalling other data of the application program to be uninstalled, so that when the legal identifier list and the legal check value list are determined, the second installation package obtained from a legal server is determined, and when the application program is uninstalled, whether the identifier of the installation package of the application program is in the legal identifier list is judged, if the installation package is located in the legal identification list, the legal verification value list is kept with the identification of the installation package and the verification value of the signature, the integrity of the legal identification list and the legal verification value list is ensured, the accuracy rate of application program detection is improved, and therefore the information safety of the user is further ensured.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (8)

1. An application installation detection method, comprising:
acquiring a verification value of a signature of a first installation package to be installed and a first identifier of the first installation package;
judging whether the first identifier is located in a legal identifier list of the installation package; the legal identification list is positioned in a trusted area of the terminal equipment and is determined according to the identification of the second installation package obtained from a legal server;
if the first identifier is determined to be located in the legal identifier list, determining whether a check value of the signature of the first installation package is located in a legal check value list; the legal verification value list is located in the trusted area and is determined according to the verification value of the signature of the second installation package;
if the verification value of the signature of the first installation package is determined to be located in the legal verification value list, operating the first installation package;
the method further comprises the following steps:
after receiving the uninstalling instruction, acquiring a third identifier of a third installation package corresponding to the application program to be uninstalled;
judging whether the third identifier is located in the legal identifier list or not;
if the third identifier is determined to be located in the legal identifier list, reserving the third identifier in the legal identifier list and reserving a verification value of the signature of the third installation package in the legal verification value list;
and unloading other data of the application program to be unloaded.
2. The method of claim 1, wherein obtaining the signed check value of the first installation package to be installed comprises:
acquiring the signature of the first installation package from the field of the signature of the first installation package;
and determining a verification value of the signature of the first installation package according to the signature of the first installation package and a verification algorithm.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
and determining the legal identification list and the legal verification value list according to the second identification of the second installation package and the verification value of the signature of the second installation package.
4. The method of claim 2, wherein the verification algorithm is a hash algorithm and the first identifier is a package name of the first installation package.
5. An application installation detection apparatus, comprising:
the device comprises a first acquisition module, a second acquisition module and a first verification module, wherein the first acquisition module is used for acquiring a check value of a signature of a first installation package to be installed and a first identifier of the first installation package;
the first judgment module is used for judging whether the first identifier is positioned in a legal identifier list of the installation package; the legal identification list is positioned in a trusted area of the terminal equipment and is determined according to the identification of the second installation package obtained from a legal server;
a first determining module, configured to determine whether a check value of a signature of the first installation package is located in a list of valid check values when it is determined that the first identifier is located in the list of valid identifiers; the legal verification value list is located in the trusted area and is determined according to the verification value of the signature of the second installation package;
the operation module is used for operating the first installation package when the verification value of the signature of the first installation package is determined to be located in the legal verification value list;
the device further comprises:
the second obtaining module is used for obtaining a third identifier of a third installation package corresponding to the application program to be uninstalled after receiving the uninstalling instruction;
the second judging module is used for judging whether the third identifier is positioned in the legal identifier list or not;
a reserving module, configured to reserve the third identifier in the valid identifier list and reserve a verification value of a signature of the third installation package in the valid verification value list when it is determined that the third identifier is located in the valid identifier list;
and the unloading module is used for unloading other data of the application program to be unloaded.
6. The apparatus of claim 5, wherein the first obtaining module is specifically configured to:
acquiring the signature of the first installation package from the field of the signature of the first installation package;
and determining a verification value of the signature of the first installation package according to the signature of the first installation package and a verification algorithm.
7. The apparatus of claim 5 or 6, further comprising:
and the second determining module is used for determining the legal identification list and the legal verification value list according to the second identification of the second installation package and the verification value of the signature of the second installation package.
8. The apparatus of claim 6, wherein the verification algorithm is a hash algorithm, and wherein the first identifier is a package name of the first installation package.
CN201610968766.8A 2016-10-27 2016-10-27 Application program installation detection method and device Active CN106548065B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610968766.8A CN106548065B (en) 2016-10-27 2016-10-27 Application program installation detection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610968766.8A CN106548065B (en) 2016-10-27 2016-10-27 Application program installation detection method and device

Publications (2)

Publication Number Publication Date
CN106548065A CN106548065A (en) 2017-03-29
CN106548065B true CN106548065B (en) 2020-05-26

Family

ID=58394017

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610968766.8A Active CN106548065B (en) 2016-10-27 2016-10-27 Application program installation detection method and device

Country Status (1)

Country Link
CN (1) CN106548065B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107766747B (en) * 2017-10-31 2020-03-17 维沃移动通信有限公司 Method for verifying integrity of application program installation package, mobile terminal and server
CN108683502B (en) * 2018-03-30 2022-01-25 上海连尚网络科技有限公司 Digital signature verification method, medium and equipment
WO2020062233A1 (en) * 2018-09-30 2020-04-02 西门子股份公司 Method and apparatus for processing and deploying application program, and computer-readable medium
CN111767537A (en) * 2020-06-23 2020-10-13 平安普惠企业管理有限公司 Tamper verification method of application program based on IOS (operating system) and related equipment
CN112257058A (en) * 2020-10-12 2021-01-22 麒麟软件有限公司 Trusted computing verification method and system for operating system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103577206A (en) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 Method and device for installing application software
CN103679029A (en) * 2013-12-11 2014-03-26 北京奇虎科技有限公司 Method and device for repairing cheap-copy application programs
CN104021339A (en) * 2014-06-10 2014-09-03 北京奇虎科技有限公司 Safety payment method and device for mobile terminal
CN104954353A (en) * 2015-02-10 2015-09-30 腾讯科技(深圳)有限公司 Verification method and apparatus of APK file package

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103577206A (en) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 Method and device for installing application software
CN103679029A (en) * 2013-12-11 2014-03-26 北京奇虎科技有限公司 Method and device for repairing cheap-copy application programs
CN104021339A (en) * 2014-06-10 2014-09-03 北京奇虎科技有限公司 Safety payment method and device for mobile terminal
CN104954353A (en) * 2015-02-10 2015-09-30 腾讯科技(深圳)有限公司 Verification method and apparatus of APK file package

Also Published As

Publication number Publication date
CN106548065A (en) 2017-03-29

Similar Documents

Publication Publication Date Title
CN106548065B (en) Application program installation detection method and device
CN109492378B (en) Identity verification method based on equipment identification code, server and medium
CN112771826B (en) Application program login method, application program login device and mobile terminal
EP1438657B1 (en) Safe application distribution and execution in a wireless environment
KR100932807B1 (en) Run test enabled applications
CN104023032B (en) Application based on credible performing environment technology is limited discharging method, server and terminal
CN104751049B (en) A kind of application program installation method and mobile terminal
CN108763951B (en) Data protection method and device
US20130055335A1 (en) Security enhancement methods and systems
CN104462965A (en) Method for verifying integrity of application program and network device
CN103577206A (en) Method and device for installing application software
CN106355081A (en) Android program start verification method and device
CN108229144B (en) Verification method of application program, terminal equipment and storage medium
CN112231702B (en) Application protection method, device, equipment and medium
CN108335105B (en) Data processing method and related equipment
US11443031B2 (en) Method for determining a validity of an application code, corresponding device and computer program product
CN110247897B (en) System login method, device, gateway and computer readable storage medium
EP3659058A1 (en) Devices and methods for key attestation with multiple device certificates
CN107908962A (en) Self checking method applied to Android intelligent terminal
US20130124871A1 (en) Application execution system and method of terminal
CN109298895B (en) APP management method and device on mobile equipment
CN117610083A (en) File verification method and device, electronic equipment and computer storage medium
CN106569851B (en) Application program processing method and device
CN112182642A (en) Private data and trusted application processing method, system, device and equipment
US20160352522A1 (en) User Terminal For Detecting Forgery Of Application Program Based On Signature Information And Method Of Detecting Forgery Of Application Program Using The Same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant