CN106874731A - A kind of application layer multi-user method and device based on terminal - Google Patents
A kind of application layer multi-user method and device based on terminal Download PDFInfo
- Publication number
- CN106874731A CN106874731A CN201710244200.5A CN201710244200A CN106874731A CN 106874731 A CN106874731 A CN 106874731A CN 201710244200 A CN201710244200 A CN 201710244200A CN 106874731 A CN106874731 A CN 106874731A
- Authority
- CN
- China
- Prior art keywords
- user
- security sandbox
- terminal
- application
- sandbox
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
Abstract
The invention discloses a kind of application layer multi-user method based on terminal, security sandbox being preset with the terminal, one or more application programs being run in security sandbox, the method is comprised the following steps:Receive access request of the user to destination application in security sandbox;The identity of user is verified using security sandbox;If the verification passes, then access request of the user to destination application is responded;During user's access target application program, all read-write data are redirected to the privately owned catalogue for being pre-assigned to user.The technical scheme provided using the embodiment of the present invention, improves the security of user data, it is to avoid information leakage or the risk being tampered occur, the purpose of application layer multi-user is realized, terminal purchase cost is reduced, terminal utilization rate is improved.The invention also discloses a kind of application layer mobile subscriber device based on terminal, with relevant art effect.
Description
Technical field
The present invention relates to field of terminal technology, more particularly to a kind of application layer multi-user method and dress based on terminal
Put.
Background technology
As the fast development of Internet technology, terminal are gradually popularized, migrate more and more to the business of terminal.A lot
, there is the situation that a terminal is used by many people in industry, such as finance, government's industry.As certain bank has purchased a collection of flat board electricity
Brain, business personnel gets a panel computer for client's transacting business daily.
One terminal is used by many people, there is certain potential safety hazard, is easily caused user data compromised or usurped
The problem for changing.
For this problem, what some enterprises took is to prevent the mode that many people share same terminal, but this can increase enterprise
Industry purchases the cost of terminal, the utilization rate of terminal is reduced, for business mobility large enterprise, such as insurance business, it is more difficult to accomplish.
The content of the invention
It is an object of the invention to provide a kind of application layer multi-user method and device based on terminal, to improve user data
Security, it is to avoid there is information leakage or the risk that is tampered, realize the purpose of application layer multi-user, reduce terminal buying
Cost, improves terminal utilization rate.
In order to solve the above technical problems, the present invention provides following technical scheme:
A kind of application layer multi-user method based on terminal, is preset with security sandbox, in the security sandbox in the terminal
One or more application programs can be run, the application layer multi-user method includes:
Receive access request of the user to destination application in the security sandbox;
The identity of the user is verified using the security sandbox;
If the verification passes, then access request of the user to the destination application is responded;
During the user accesses the destination application, all read-write data are redirected to and are divided in advance
The privately owned catalogue of user described in dispensing.
In a kind of specific embodiment of the invention, also include:
Data to being written in the privately owned catalogue of the user are encrypted.
In a kind of specific embodiment of the invention, the intended application journey in the reception user is to the security sandbox
After the access request of sequence, it is described the identity of the user is verified using the security sandbox before, also include:
Determine that whether the security sandbox is current in a dormant state;
If it is, performing described the step of verified to the identity of the user using the security sandbox.
In a kind of specific embodiment of the invention, also include:
When default dormancy trigger condition for the security sandbox is reached, the security sandbox is controlled to exit, with
Make the security sandbox in a dormant state.
In a kind of specific embodiment of the invention, the dormancy trigger condition is one or more of:Receive
The exit instruction to the security sandbox that the user actively sends;Monitor that the user has returned to terminal desktop;Monitoring
Enter resting state to the terminal;Monitor that the user is not carried out any operation to application program in the security sandbox
Duration reaches given threshold.
A kind of application layer mobile subscriber device based on terminal, is preset with security sandbox, in the security sandbox in the terminal
One or more application programs can be run, the application layer mobile subscriber device includes:
Access request receiver module, for receiving access request of the user to destination application in the security sandbox;
Authentication module, for being verified to the identity of the user using the security sandbox;
Access request respond module, after passing through for the authentication in the authentication module to the user, rings
The user is answered to the access request of the destination application;
Redirection module, during accessing the destination application in the user, by all read-write data
It is redirected to the privately owned catalogue for being pre-assigned to the user.
In a kind of specific embodiment of the invention, also including encrypting module, it is used for:
Data to being written in the privately owned catalogue of the user are encrypted.
In a kind of specific embodiment of the invention, also including state determining module, it is used for:
After the access request of destination application during the reception user is to the security sandbox, the safety is determined
Whether in a dormant state sandbox current;If it is, triggering the authentication module.
In a kind of specific embodiment of the invention, also including exiting control module, it is used for:
When default dormancy trigger condition for the security sandbox is reached, the security sandbox is controlled to exit, with
Make the security sandbox in a dormant state.
In a kind of specific embodiment of the invention, the dormancy trigger condition is one or more of:Receive
The exit instruction to the security sandbox that the user actively sends;Monitor that the user has returned to terminal desktop;Monitoring
Enter resting state to the terminal;Monitor that the user is not carried out any operation to application program in the security sandbox
Duration reaches given threshold.
The technical scheme provided using the embodiment of the present invention, is preset with security sandbox in the terminal, can in security sandbox
One or more application programs are run, in the access request of destination application in receiving user to security sandbox, can be with
The identity of user is verified using security sandbox, after being verified, responds access request of the user to destination application,
And during user's access target application program, all read-write data are redirected to and are pre-assigned to the privately owned of user
Catalogue.During application program of the different user in access safety sandbox, the data in the privately owned catalogue of oneself can only be read
Write operation, the data in the privately owned catalogue of other users are sightless, improve the security of user data, it is to avoid believe
Breath leakage or the risk being tampered, realize the purpose of application layer multi-user, reduce terminal purchase cost, improve terminal and use
Rate.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is a kind of implementing procedure figure of the application layer multi-user method based on terminal in the embodiment of the present invention;
Fig. 2 is access process schematic diagram in the embodiment of the present invention;
Fig. 3 is a kind of structural representation of the application layer mobile subscriber device based on terminal in the embodiment of the present invention.
Specific embodiment
In order that those skilled in the art more fully understand the present invention program, with reference to the accompanying drawings and detailed description
The present invention is described in further detail.Obviously, described embodiment is only a part of embodiment of the invention, rather than
Whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not making creative work premise
Lower obtained every other embodiment, belongs to the scope of protection of the invention.
A kind of application layer multi-user method is the embodiment of the invention provides, the method specifically can apply to terminal.At end
Security sandbox is preset with end, one or more application programs can be run in security sandbox.Security sandbox is one kind according to safety
The performing environment of strategy limitation application behavior.User to the application program in security sandbox when will conduct interviews, it is necessary to elder generation
By the authentication of security sandbox.After authentication passes through, the application program in user's ability access safety sandbox, in user
During application program in access safety sandbox, security sandbox resets user to all read-write data of application program
To the privately owned catalogue for being pre-assigned to user.Different user has different privately owned catalogues.So, different user is accessing peace
During application program in full sandbox, the data in the privately owned catalogue of oneself can only be written and read with operation, other users it is privately owned
Data in catalogue are sightless, improve the security of user data, it is to avoid information leakage or the wind being tampered occur
Danger.
It is shown in Figure 1, by a kind of implementing procedure figure of application layer multi-user method that the embodiment of the present invention is provided, should
Method may comprise steps of:
S110:Receive access request of the user to destination application in security sandbox.
Different based on the security requirement to application program, the application program installed in terminal can be divided into common application journey
Sequence and the class of protected application program two.For common applications, any one user of using terminal can be used directly, and use
Family is to the read-write data storage of common applications in the public storage area of terminal.For protected application program, run on
In security sandbox, the different user of using terminal need to be by can just conduct interviews after the authentication of security sandbox to it.
User can send corresponding access request when needing to conduct interviews the application program in security sandbox.
When receiving user to the access request of the destination application in security sandbox, the operation of step S120 can be continued executing with.
Destination application is any one application program in security sandbox.
S120:The identity of user is verified using security sandbox.
In embodiments of the present invention, in the access request of destination application in receiving user to security sandbox, it is
Ensure the data safety of destination application in security sandbox, the not access directly in response to user to destination application please
Ask, but the identity of user is verified using security sandbox.
If user is to use for the first time, subscriber identity information can be input into by logon mode, if user is non-made for the first time
With subscriber identity information can be input into by login mode.Security sandbox is based on subscriber identity information, and the identity to user is carried out
Checking.
S130:If the verification passes, then access request of the user to destination application is responded.
In step S120, the identity of user is verified using security sandbox, be may determine whether according to the result
Respond the access request of user.
If the verification passes, then access request of the user to destination application can be responded, user can normally use
Destination application.If checking does not pass through, any response, or the unsanctioned prompt message of output checking can not be done,
Or output carries out the prompt message of authentication again, if the identity information of the continuous n times input of user can not be by testing
Card, then the user may be disabled user, and the access request to the user can not responded.
S140:During user's access target application program, all read-write data are redirected to and are allocated in advance
To the privately owned catalogue of user.
In embodiments of the present invention, after the authentication using security sandbox to user passes through, user can be responded to mesh
Mark the access request of application program, the destination application that user can normally in access safety sandbox.In user's access target
During application program, some read-write data can be produced, to protect these read-write data, the embodiment of the present invention to access user
The all read-write data produced during destination application are redirected to the privately owned catalogue for being pre-assigned to user.
After user's registration or login security sandbox, security sandbox can allocate a privately owned catalogue in advance for user,
The different privately owned catalogue of different user correspondence.So, during application program of the different user in access safety sandbox, can only to from
Data in oneself privately owned catalogue are written and read operation, and the data in the privately owned catalogue of other users are sightless, are improve
The security of user data, it is to avoid information leakage or the risk being tampered occur.
Each privately owned catalogue is a data storage area.In the presence of security sandbox, the application journey in security sandbox
Ordered pair answers multiple data storage areas, one independent data storage area of each user correspondence, different user to use same application
Also data will be read and write from different data storage areas during program, so that having isolation between user and user, realized many
The effect of user.
The method provided using the embodiment of the present invention, is preset with security sandbox in the terminal, can be run in security sandbox
One or more application programs, in the access request of destination application in receiving user to security sandbox, it is possible to use
Security sandbox is verified to the identity of user, after being verified, response user to the access request of destination application, and
During user's access target application program, all read-write data are redirected to the privately owned mesh for being pre-assigned to user
Record.During application program of the different user in access safety sandbox, the data in the privately owned catalogue of oneself can only be written and read
Operation, the data in the privately owned catalogue of other users are sightless, improve the security of user data, it is to avoid information occurs
The risk revealed or be tampered, realizes the purpose of application layer multi-user, improves terminal utilization rate.
In one embodiment of the invention, after step silo, before step S120, following step can also be included
Suddenly:
Determine that whether security sandbox is current in a dormant state, if it is, performing the operation of step S120.
In embodiments of the present invention, user is received in security sandbox during the access request of destination application, can be with
First determine the current state of security sandbox, the current state of security sandbox can be divided into two kinds of running status and resting state.
If it is determined that security sandbox is currently at running status, then show user's Successful login security sandbox, use
Family can be with any one application program in access safety sandbox.In this case, destination application not User logs in
The first application program accessed after security sandbox, user directly can conduct interviews operation to the destination application.
If it is determined that security sandbox is currently at resting state, then the intended application journey in user is received to security sandbox
During the access request of sequence, the identity of user need to be verified using security sandbox, after being verified, respond the visit of user
Ask request.
That is security sandbox as application program a protective layer, user only had and tested by the identity of security sandbox
After card, the application program in security sandbox could be conducted interviews, improve Information Security.
In one embodiment of the invention, the method can also be comprised the following steps:
When default dormancy trigger condition for security sandbox is reached, control security sandbox is exited, so that safety is husky
Case is in a dormant state.
In embodiments of the present invention, the dormancy trigger condition for security sandbox can be preset.Dormancy trigger condition can be with
It is one or more of:Receive the exit instruction to security sandbox that user actively sends;Monitor that user has returned to end
End desktop;Monitor that terminal enters resting state;Monitor that user is not carried out any operation to application program in security sandbox
Duration reaches given threshold.
When default dormancy trigger condition for security sandbox is reached, security sandbox can be controlled to exit, so that peace
Full sandbox is in a dormant state.So, when user is received again to the access request of the application program in security sandbox, profit
The identity of user is verified with security sandbox, and after being verified, the access request of user could be responded.
In one embodiment of the invention, the method can also be comprised the following steps:
Data to being written in the privately owned catalogue of user are encrypted.
During destination application in user's access safety sandbox, by for all read-writes of destination application
Data are redirected to the privately owned catalogue for being pre-assigned to user.The data being written in the privately owned catalogue of user can be carried out
Encryption, specifically, the transparent encryption and decryption based on user can be carried out to data content processing, it is ensured that only correct user
Can the correct data of read-write.
Accordingly, during user's access target application program, in the data during user reads privately owned catalogue, can
Corresponding decryption processing is carried out with the data read to user, it is to avoid normal access of the influence user to destination application.
It is access process schematic diagram in the embodiment of the present invention shown in Fig. 2, it can be seen that security sandbox is included receiving
Protection application program, authentication layer and redirection layer.For the common applications in terminal, user is carrying out data to it
During read-write, the public storage area of data Cun Chudao terminals is read and write, for protected application program in security sandbox, user is right
It conducts interviews, it is necessary to first pass through the authentication of authentication layer, after being verified, user can be to application program therein
Conduct interviews, in access process, read-write data are redirected to the privately owned catalogue for being pre-assigned to the user by redirection layer,
I.e. privately owned storage region, such as privately owned storage region of user 1, the privately owned storage region of user 2, further can also be to the number of write-in
According to being encrypted storage.
The embodiment of the present invention is realized in application layer for each application program increases multi-user automatically, due in security sandbox
The read-write data of application program be all redirected to the privately owned catalogue of user, have that a oneself is private equivalent to each user
Some application programs, different user use same application program it is seen that be between respective data content, user mutually every
From, and if the data content being stored in privately owned catalogue is encrypted, then user cannot also view the number of other users
According to.
The technical scheme that the embodiment of the present invention is provided is based on application layer encryption redirecting technique, and terminal type will not
Ask, various brands, the terminal of various models can apply the technical scheme that the embodiment of the present invention is provided, and realize multi-user.
The scene that terminal is purchased in concentration of enterprises is not only suitable for, (Bring Your Own Device, employee takes to be also applied for personal BYOD
Equipment with oneself is handled official business) terminal borrowed the scene used to other people temporarily.And, the type for application program does not have yet
Require, any application program may be added to be protected by security sandbox.
It should be noted that security sandbox and data encryption redirect can by HOOK (hook, hook) technologies or
System calls Interception Technology to realize, the embodiment of the present invention is without limitation.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides a kind of application layer multi-user based on terminal
Device, is preset with security sandbox in the terminal, and one or more application programs, one kind described below can be run in security sandbox
Application layer mobile subscriber device based on terminal can be mutually right with a kind of above-described application layer multi-user method based on terminal
Should refer to.
Shown in Figure 3, the device is included with lower module:
Access request receiver module 310, for receiving access request of the user to destination application in security sandbox;
Authentication module 320, for being verified to the identity of user using security sandbox;
Access request respond module 330, after passing through for the authentication in authentication module to user, responds user
To the access request of destination application;
Redirection module 340, for during user's access target application program, all read-write data being reset
To the privately owned catalogue for being pre-assigned to user.
The device provided using the embodiment of the present invention, is preset with security sandbox in the terminal, can be run in security sandbox
One or more application programs, in the access request of destination application in receiving user to security sandbox, it is possible to use
Security sandbox is verified to the identity of user, after being verified, response user to the access request of destination application, and
During user's access target application program, all read-write data are redirected to the privately owned mesh for being pre-assigned to user
Record.During application program of the different user in access safety sandbox, the data in the privately owned catalogue of oneself can only be written and read
Operation, the data in the privately owned catalogue of other users are sightless, improve the security of user data, it is to avoid information occurs
The risk revealed or be tampered, realizes the purpose of application layer multi-user, improves terminal utilization rate.
In a kind of specific embodiment of the invention, also including encrypting module, it is used for:
Data to being written in the privately owned catalogue of user are encrypted.
In a kind of specific embodiment of the invention, also including state determining module, it is used for:
After the access request of destination application in receiving user to security sandbox, determine security sandbox it is current whether
In a dormant state;If it is, triggering authentication module 320.
In a kind of specific embodiment of the invention, also including exiting control module, it is used for:
When default dormancy trigger condition for security sandbox is reached, control security sandbox is exited, so that safety is husky
Case is in a dormant state.
In a kind of specific embodiment of the invention, dormancy trigger condition is one or more of:Receive user
The exit instruction to security sandbox for actively sending;Monitor that user has returned to terminal desktop;Monitor that terminal enters dormancy shape
State;Monitor that user reaches given threshold to the duration that application program in security sandbox is not carried out any operation.
Each embodiment is described by the way of progressive in this specification, and what each embodiment was stressed is and other
The difference of embodiment, between each embodiment same or similar part mutually referring to.For being filled disclosed in embodiment
For putting, because it is corresponded to the method disclosed in Example, so description is fairly simple, related part is referring to method part
Illustrate.
Professional further appreciates that, with reference to the unit of each example of the embodiments described herein description
And algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software, generally describes the composition and step of each example according to function in the above description.These
Function is performed with hardware or software mode actually, depending on the application-specific and design constraint of technical scheme.Specialty
Technical staff can realize described function to each specific application using distinct methods, but this realization should not
Think beyond the scope of this invention.
The step of method or algorithm for being described with reference to the embodiments described herein, directly can be held with hardware, processor
Capable software module, or the two combination is implemented.Software module can be placed in random access memory (RAM), internal memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In field in known any other form of storage medium.
Specific case used herein is set forth to principle of the invention and implementation method, and above example is said
It is bright to be only intended to help and understand technical scheme and its core concept.It should be pointed out that common for the art
For technical staff, under the premise without departing from the principles of the invention, some improvement and modification can also be carried out to the present invention, these
Improve and modification is also fallen into the protection domain of the claims in the present invention.
Claims (10)
1. a kind of application layer multi-user method based on terminal, it is characterised in that be preset with security sandbox, the peace in the terminal
One or more application programs can be run in full sandbox, the application layer multi-user method includes:
Receive access request of the user to destination application in the security sandbox;
The identity of the user is verified using the security sandbox;
If the verification passes, then access request of the user to the destination application is responded;
During the user accesses the destination application, all read-write data are redirected to and are pre-assigned to
The privately owned catalogue of the user.
2. the application layer multi-user method based on terminal according to claim 1, it is characterised in that also include:
Data to being written in the privately owned catalogue of the user are encrypted.
3. the application layer multi-user method based on terminal according to claim 1 and 2, it is characterised in that in the reception
User to the access request of destination application in the security sandbox after, it is described using the security sandbox to the user
Identity verified before, also include:
Determine that whether the security sandbox is current in a dormant state;
If it is, performing described the step of verified to the identity of the user using the security sandbox.
4. the application layer multi-user method based on terminal according to claim 3, it is characterised in that also include:
When default dormancy trigger condition for the security sandbox is reached, the security sandbox is controlled to exit, so that institute
State security sandbox in a dormant state.
5. the application layer multi-user method based on terminal according to claim 4, it is characterised in that the dormancy triggers bar
Part is one or more of:Receive the exit instruction to the security sandbox that the user actively sends;Monitor institute
State user and return to terminal desktop;Monitor that the terminal enters resting state;Monitor the user to the security sandbox
The duration that middle application program is not carried out any operation reaches given threshold.
6. a kind of application layer mobile subscriber device based on terminal, it is characterised in that be preset with security sandbox, the peace in the terminal
One or more application programs can be run in full sandbox, the application layer mobile subscriber device includes:
Access request receiver module, for receiving access request of the user to destination application in the security sandbox;
Authentication module, for being verified to the identity of the user using the security sandbox;
Access request respond module, after passing through for the authentication in the authentication module to the user, responds institute
State access request of the user to the destination application;
Redirection module, during accessing the destination application in the user, by all read-write data counterpoises
It is directed to the privately owned catalogue for being pre-assigned to the user.
7. the application layer mobile subscriber device based on terminal according to claim 6, it is characterised in that also including encryption mould
Block, is used for:
Data to being written in the privately owned catalogue of the user are encrypted.
8. the application layer mobile subscriber device based on terminal according to claim 6 or 7, it is characterised in that also including state
Determining module, is used for:
After the access request of destination application during the reception user is to the security sandbox, the security sandbox is determined
Currently whether in a dormant state;If it is, triggering the authentication module.
9. the application layer mobile subscriber device based on terminal according to claim 8, it is characterised in that also including exiting control
Module, is used for:
When default dormancy trigger condition for the security sandbox is reached, the security sandbox is controlled to exit, so that institute
State security sandbox in a dormant state.
10. the application layer mobile subscriber device based on terminal according to claim 9, it is characterised in that the dormancy triggering
Condition is one or more of:Receive the exit instruction to the security sandbox that the user actively sends;Monitor
The user has returned to terminal desktop;Monitor that the terminal enters resting state;Monitor that the user is husky to the safety
Application program is not carried out the duration of any operation and reaches given threshold in case.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710244200.5A CN106874731A (en) | 2017-04-14 | 2017-04-14 | A kind of application layer multi-user method and device based on terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710244200.5A CN106874731A (en) | 2017-04-14 | 2017-04-14 | A kind of application layer multi-user method and device based on terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106874731A true CN106874731A (en) | 2017-06-20 |
Family
ID=59163255
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710244200.5A Pending CN106874731A (en) | 2017-04-14 | 2017-04-14 | A kind of application layer multi-user method and device based on terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106874731A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107832105A (en) * | 2017-11-24 | 2018-03-23 | 南昌黑鲨科技有限公司 | A kind of application program launching method, starter and computer-readable recording medium |
CN107895116A (en) * | 2017-11-29 | 2018-04-10 | 山东渔翁信息技术股份有限公司 | APP data guard methods, equipment, mobile terminal and computer-readable recording medium |
CN107958160A (en) * | 2017-11-29 | 2018-04-24 | 山东渔翁信息技术股份有限公司 | APP data guard methods, equipment, mobile terminal and computer-readable recording medium |
CN107992743A (en) * | 2017-12-04 | 2018-05-04 | 山东渔翁信息技术股份有限公司 | A kind of identity authentication method based on sandbox, device, equipment and storage medium |
CN108229149A (en) * | 2017-12-29 | 2018-06-29 | 北京安云世纪科技有限公司 | A kind of method and apparatus of data protection |
CN110780940A (en) * | 2019-09-24 | 2020-02-11 | 维沃移动通信有限公司 | Application program loading method, electronic device and storage medium |
CN111950012A (en) * | 2020-08-21 | 2020-11-17 | 深信服科技股份有限公司 | Application running method, device and equipment and computer readable storage medium |
CN113297568A (en) * | 2021-06-04 | 2021-08-24 | 国网汇通金财(北京)信息科技有限公司 | Sandbox-based data processing method and system |
WO2022127510A1 (en) * | 2020-12-18 | 2022-06-23 | 华为技术有限公司 | Authentication method and apparatus |
CN115329389A (en) * | 2022-10-17 | 2022-11-11 | 中安网脉(北京)技术股份有限公司 | File protection system and method based on data sandbox |
CN113297568B (en) * | 2021-06-04 | 2024-04-30 | 国网汇通金财(北京)信息科技有限公司 | Data processing method and system based on sandboxes |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1307283A (en) * | 2000-02-03 | 2001-08-08 | 英业达集团(上海)电子技术有限公司 | Multiple-user safety operation document system and method |
CN102542187A (en) * | 2010-12-23 | 2012-07-04 | 盛趣信息技术(上海)有限公司 | Method for improving safety performance of computers on basis of safety sandbox |
CN103778384A (en) * | 2014-02-24 | 2014-05-07 | 北京明朝万达科技有限公司 | Identity authentication based virtual terminal safety environment protection method and system |
CN104850768A (en) * | 2015-02-10 | 2015-08-19 | 数据通信科学技术研究所 | Access control method and device on the basis of application security level |
US20160077824A1 (en) * | 2014-09-12 | 2016-03-17 | Adallom Technologies Ltd. | Cloud suffix proxy and a method thereof |
-
2017
- 2017-04-14 CN CN201710244200.5A patent/CN106874731A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1307283A (en) * | 2000-02-03 | 2001-08-08 | 英业达集团(上海)电子技术有限公司 | Multiple-user safety operation document system and method |
CN102542187A (en) * | 2010-12-23 | 2012-07-04 | 盛趣信息技术(上海)有限公司 | Method for improving safety performance of computers on basis of safety sandbox |
CN103778384A (en) * | 2014-02-24 | 2014-05-07 | 北京明朝万达科技有限公司 | Identity authentication based virtual terminal safety environment protection method and system |
US20160077824A1 (en) * | 2014-09-12 | 2016-03-17 | Adallom Technologies Ltd. | Cloud suffix proxy and a method thereof |
CN104850768A (en) * | 2015-02-10 | 2015-08-19 | 数据通信科学技术研究所 | Access control method and device on the basis of application security level |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019100897A1 (en) * | 2017-11-24 | 2019-05-31 | 南昌黑鲨科技有限公司 | Application program starting method and starting apparatus, and computer readable storage medium |
CN107832105A (en) * | 2017-11-24 | 2018-03-23 | 南昌黑鲨科技有限公司 | A kind of application program launching method, starter and computer-readable recording medium |
CN107832105B (en) * | 2017-11-24 | 2022-02-15 | 南昌黑鲨科技有限公司 | Application program starting method, starting device and computer readable storage medium |
CN107895116A (en) * | 2017-11-29 | 2018-04-10 | 山东渔翁信息技术股份有限公司 | APP data guard methods, equipment, mobile terminal and computer-readable recording medium |
CN107958160A (en) * | 2017-11-29 | 2018-04-24 | 山东渔翁信息技术股份有限公司 | APP data guard methods, equipment, mobile terminal and computer-readable recording medium |
CN107992743A (en) * | 2017-12-04 | 2018-05-04 | 山东渔翁信息技术股份有限公司 | A kind of identity authentication method based on sandbox, device, equipment and storage medium |
CN108229149A (en) * | 2017-12-29 | 2018-06-29 | 北京安云世纪科技有限公司 | A kind of method and apparatus of data protection |
CN110780940A (en) * | 2019-09-24 | 2020-02-11 | 维沃移动通信有限公司 | Application program loading method, electronic device and storage medium |
CN111950012A (en) * | 2020-08-21 | 2020-11-17 | 深信服科技股份有限公司 | Application running method, device and equipment and computer readable storage medium |
WO2022127510A1 (en) * | 2020-12-18 | 2022-06-23 | 华为技术有限公司 | Authentication method and apparatus |
CN113297568A (en) * | 2021-06-04 | 2021-08-24 | 国网汇通金财(北京)信息科技有限公司 | Sandbox-based data processing method and system |
CN113297568B (en) * | 2021-06-04 | 2024-04-30 | 国网汇通金财(北京)信息科技有限公司 | Data processing method and system based on sandboxes |
CN115329389A (en) * | 2022-10-17 | 2022-11-11 | 中安网脉(北京)技术股份有限公司 | File protection system and method based on data sandbox |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106874731A (en) | A kind of application layer multi-user method and device based on terminal | |
US8424061B2 (en) | Method, system and program product for authenticating a user seeking to perform an electronic service request | |
CN104717223B (en) | Data access method and device | |
US10574697B1 (en) | Providing a honeypot environment in response to incorrect credentials | |
TWI691861B (en) | Resource permission management method and device | |
CN102739638B (en) | Establishing privileges through claims of valuable assets | |
CN106899552A (en) | Authentication method, certification terminal and system | |
CN109784031B (en) | Account identity verification processing method and device | |
CN109005161A (en) | A kind of data safety monitoring system and its access monitoring method | |
CN109474600A (en) | A kind of account binding method, system, device and its equipment | |
CN108334404A (en) | The operation method and device of application program | |
CN108737398A (en) | Processing method, device, computer equipment and the storage medium of trust system | |
Kolevski et al. | Cloud data breach disclosures: the consumer and their personally identifiable information (PII)? | |
US11552984B2 (en) | Systems and methods for improving assessment of security risk based on personal internet account data | |
CN101702724A (en) | Safe control method and device of network access | |
Caballero | Information security essentials for information technology managers: Protecting mission-critical systems | |
CN104955043B (en) | A kind of intelligent terminal security protection system | |
JP2021527259A (en) | Systems and methods for identifying data breaches | |
US20140215592A1 (en) | Method, apparatus and system for user authentication | |
Dam | Relationship between demographic variables and awareness on cybersecurity threats: an empirical analysis | |
WO2014117563A1 (en) | Method, apparatus and system for user authentication | |
Oka et al. | Analysis of Current Preventive Approaches in the Context of Cybersecurity | |
HARRIS et al. | Mobile Device Security Issues Within the US Disadvantaged Business Enterprise Program. | |
KSHETRI et al. | A review and analysis of online crime in pre and post COVID scenario with respective counter measures and security strategies | |
AlSalamah | Security Risk Management in Online System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170620 |