CN107241308A - A kind of method, device and mobile terminal for realizing safety check - Google Patents

A kind of method, device and mobile terminal for realizing safety check Download PDF

Info

Publication number
CN107241308A
CN107241308A CN201710286311.2A CN201710286311A CN107241308A CN 107241308 A CN107241308 A CN 107241308A CN 201710286311 A CN201710286311 A CN 201710286311A CN 107241308 A CN107241308 A CN 107241308A
Authority
CN
China
Prior art keywords
interface
check
information
communicated
check information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710286311.2A
Other languages
Chinese (zh)
Inventor
倪秉炬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nubia Technology Co Ltd
Original Assignee
Nubia Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nubia Technology Co Ltd filed Critical Nubia Technology Co Ltd
Priority to CN201710286311.2A priority Critical patent/CN107241308A/en
Publication of CN107241308A publication Critical patent/CN107241308A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Abstract

The invention discloses a kind of method for realizing safety check, device and mobile terminal, including:Interface check system is arranged on the first system and second system;When the first system calls the interface of the second system, judge whether to have obtained check information when communicating with the second system, if not obtaining check information when being communicated with the second system, check information when being communicated with the second system is obtained to the interface check system;If getting check information when being communicated with the second system, the tangent plane program that then the first system is provided by the interface check system, check information when being communicated in interface interchange solicited message described in addition with the second system, and send the interface interchange request to the second system.The present invention during safety check due to having used interface check system so that each system each need not go to write the code of repetition to realize interface check function again, so that the safety check between each system is more convenient and efficient.

Description

A kind of method, device and mobile terminal for realizing safety check
Technical field
The present invention relates to technical field of mobile terminals, more particularly to a kind of method for realizing safety check, device and movement Terminal.
Background technology
With the development and the popularization of terminal device of computer technology, the application of terminal device has obtained widely carrying Height, is increasingly becoming means of communication and converter tools essential in people's daily life, security of the user to terminal device Propose higher requirement.
At present, when interacting between each system on terminal device, it is required for using HTTP interface.In order to ensure Safety, is often required for using safety check mechanism.Safety check mechanism mainly has following two at present:
1st, BaseAuth mechanism, i.e. system distribute different username and passwords, interface to access each system of oneself When calling, whether checking username and password is consistent.
2nd, identifying code mechanism, i.e. system provide identical encryption Key to access each system of oneself, and each system is according to this The AES of Key and agreement is encrypted, required parameter is encrypted, and generates afterbody identifying code, system uses Key pairs of encryption Content of parameter is decrypted, and whether comparison code is consistent.
These above-mentioned verification modes are required for using accounts information or key, and current scheme is, these information are put In the code or configuration file of each system.The program is primarily present problems with:
1st, developer is known that verification mode and check information, operation maintenance personnel it will also be appreciated that check information, so There is great leak and hidden danger in information security.
2nd, each system has exploitation, test and formal environments, and the security information of each environment is all different, so in switching ring , it is necessary to go modification, less efficient and easy error manually during border.
3rd, when each system uses identical verification mode, there is more repeated work, develop less efficient with joint debugging.
How above mentioned problem prior art in the presence of is overcome, so that conveniently and efficiently carrying out safety between each system Also without related solution in verification, currently available technology.
The content of the invention
It is a primary object of the present invention to propose a kind of method, device and mobile terminal for realizing safety check, so that Safety check is conveniently and efficiently carried out between each system.
To achieve the above object, the embodiments of the invention provide a kind of method for realizing safety check, including:
Interface check system is arranged on the first system and second system;
When the first system calls the interface of second system, judge whether to have obtained verification when communicating with the second system Information, if not obtaining check information when being communicated with the second system, is obtained and described the to interface check system Check information when two system communicates;
If getting check information when being communicated with the second system, the first system passes through the interface school The tangent plane program that check system is provided, verification letter when being communicated in interface interchange solicited message described in addition with the second system Breath, and send the interface interchange request to the second system.
Alternatively, the second system is registered to obtain the school of the second system by the interface check system Test information;
The second system is received after the interface interchange request of the first system, according to the verification of the second system Information is verified to the interface.
Alternatively, the second system is registered by interface check system is believed with the verification for obtaining the second system Breath includes:
The enrollment page that the second system is provided by the interface check system sets the relevant information of the system to enter Row registration, after succeeding in registration, download the interface check system needs to use for the system generation when carrying out https traffic Certificate, and be encrypted and communicated with the interface check system using the certificate, to obtain the check information.
Alternatively, the first system obtains check information bag when being communicated with the second system to interface check system Include:
The first system by HTTPS request to the interface check system application communicated with the second system when Check information;Check information when wherein being communicated with the second system is the interface check system according to the first system The check information corresponding with the first system that is returned of request address.
Alternatively, the check information of the second system is periodically updated by the interface check system, and with Cipher mode is stored in the interface check system.
The embodiment of the present invention additionally provides a kind of device for realizing safety check, is arranged in system, including:
Interface interchange module, is set to, when the first system calls the interface of second system, judge whether to have obtained and institute Check information during second system communication is stated, if not obtaining check information when being communicated with the second system, to connecing Mouthful check system obtains check information when being communicated with the second system, and by it is acquired communicated with the second system when Check information be sent to interface ciphering module, wherein, the interface check system is arranged on the first system and second and is On system;
Interface ciphering module, if being set to get check information when communicating with the second system, described The tangent plane program that one system is provided by the interface check system, adds described with described the in interface interchange solicited message Check information when two system communicates, and send the interface interchange request to the second system.
Alternatively, the device also includes:
Check information acquisition module, is set to be registered to obtain the verification of the system by the interface check system Information;
Interface decryption verification module, is set to when the second system receives the interface interchange request of the first system Afterwards, the interface is verified according to the check information of the system.
Alternatively, the check information acquisition module is also configured to:
The enrollment page that system is provided by the interface check system sets the relevant information of the system to be registered, note After volume success, the certificate for needing to use when carrying out https traffic that the interface check system generates for the system is downloaded, and It is encrypted and is communicated with the interface check system using the certificate, obtains the check information.
Alternatively, the interface interchange module is also configured to:
The first system by HTTPS request to the interface check system application communicated with the second system when Check information;Check information when wherein being communicated with the second system is the interface check system according to the first system The check information corresponding with the first system that is returned of request address.
Alternatively, the check information of the second system is periodically updated by the interface check system, and with Cipher mode is stored in the interface check system.
The embodiment of the present invention additionally provides a kind of mobile terminal, including the dress for realizing safety check described in any of the above-described Put.
Technical scheme proposed by the present invention includes:Interface check system is arranged on the first system and second system;It is described When the first system calls the interface of the second system, judge whether to have obtained verification letter when being communicated with the second system Breath, if not obtaining check information when communicate with the second system, to the interface check system acquisition with it is described Check information when second system communicates;If getting check information when being communicated with the second system, described first The tangent plane program that system is provided by the interface check system, adds described with described second in interface interchange solicited message Check information when system communicates, and send the interface interchange request to the second system.The present invention is by using interface Check system is that each system generates respective check information, when the first system calls the interface of the second system, then is led to The tangent plane program that the interface check system is provided is crossed, adds described logical with the second system in interface interchange solicited message Check information during letter, due to having used interface check system during safety check so that each system need not be respective Go to write the code of repetition again to realize interface check function, so that the safety check between each system is more convenient and efficient.
Brief description of the drawings
Fig. 1 is the hardware architecture diagram for realizing each optional mobile terminal of embodiment one of the invention;
Fig. 2 be Fig. 1 of the present invention in mobile terminal wireless communication system schematic diagram;
Fig. 3 realizes the flow chart of the method for safety check for the present invention;
Fig. 4 realizes the composition structural representation of the device of safety check for the present invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Describe to realize the mobile terminal of each embodiment of the invention referring now to accompanying drawing.In follow-up description, use For represent element such as " module ", " part " or " unit " suffix only for be conducive to the present invention explanation, itself Not specific meaning.Therefore, " module " can be used mixedly with " part ".
Mobile terminal can be implemented in a variety of manners.For example, the terminal described in the present invention can include such as moving Phone, smart phone, notebook computer, digit broadcasting receiver, PDA (personal digital assistant), PAD (tablet personal computer), PMP The mobile terminal of (portable media player), guider etc. and such as numeral TV, desktop computer etc. are consolidated Determine terminal.Hereinafter it is assumed that terminal is mobile terminal.However, it will be understood by those skilled in the art that, except being used in particular for movement Outside the element of purpose, construction according to the embodiment of the present invention can also apply to the terminal of fixed type.
Fig. 1 illustrates for the hardware configuration of realization each optional mobile terminal of embodiment one of the invention.
Mobile terminal 1 00 can include wireless communication unit 110, A/V (audio/video) input block 120, user's input Unit 130, sensing unit 140, output unit 150, memory 160, interface unit 170, controller 180 and power subsystem 190 Etc..Fig. 1 shows the mobile terminal with various assemblies, it should be understood that being not required for implementing all groups shown Part.More or less components can alternatively be implemented.The element of mobile terminal will be discussed in more detail below.
Wireless communication unit 110 generally includes one or more assemblies, and it allows mobile terminal 1 00 and wireless communication system Or the radio communication between network.For example, wireless communication unit can include broadcasting reception module 111, mobile communication module 112nd, at least one in wireless Internet module 113, short range communication module 114 and location information module 115.
Broadcasting reception module 111 receives broadcast singal and/or broadcast via broadcast channel from external broadcast management server Relevant information.Broadcast channel can include satellite channel and/or terrestrial channel.Broadcast management server can be generated and sent The broadcast singal and/or broadcast related information generated before the server or reception of broadcast singal and/or broadcast related information And send it to the server of terminal.Broadcast singal can include TV broadcast singals, radio signals, data broadcasting Signal etc..Moreover, broadcast singal may further include the broadcast singal combined with TV or radio signals.Broadcast phase Closing information can also provide via mobile communications network, and in this case, broadcast related information can be by mobile communication mould Block 112 is received.Broadcast singal can exist in a variety of manners, for example, it can be with DMB (DMB) electronics The form of program guide (EPG), the electronic service guidebooks (ESG) of digital video broadcast-handheld (DVB-H) etc. and exist.Broadcast Receiving module 111 can receive signal broadcast by using various types of broadcast systems.Especially, broadcasting reception module 111 Can be wide by using such as multimedia broadcasting-ground (DMB-T), DMB-satellite (DMB-S), digital video Broadcast-hand-held (DVB-H), forward link media (MediaFLO@) Radio Data System, received terrestrial digital broadcasting integrated service Etc. (ISDB-T) digit broadcasting system receives digital broadcasting.Broadcasting reception module 111, which may be constructed such that, to be adapted to provide for extensively Broadcast the various broadcast systems and above-mentioned digit broadcasting system of signal.Via broadcasting reception module 111 receive broadcast singal and/ Or broadcast related information can be stored in memory 160 (or other types of storage medium).
Mobile communication module 112 sends radio signals to base station (for example, access point, node B etc.), exterior terminal And in server at least one and/or receive from it radio signal.Such radio signal can be logical including voice Talk about signal, video calling signal or the various types of data for sending and/or receiving according to text and/or Multimedia Message.
Wireless Internet module 113 supports the Wi-Fi (Wireless Internet Access) of mobile terminal.The module can be internally or externally It is couple to terminal.Wi-Fi (Wireless Internet Access) technology involved by the module can include WLAN (WLAN) (Wi-Fi), Wibro (WiMAX), Wimax (worldwide interoperability for microwave accesses), HSDPA (high-speed downlink packet access) etc..
Short range communication module 114 is the module for supporting junction service.Some examples of short-range communication technology include indigo plant ToothTM, radio frequency identification (RFID), Infrared Data Association (IrDA), ultra wide band (UWB), purple honeybeeTMEtc..
Location information module 115 is the module for checking or obtaining the positional information of mobile terminal.Location information module Typical case be GPS (global positioning system).According to current technology, GPS module 115, which is calculated, comes from three or more satellites Range information and correct time information and for the Information application triangulation of calculating so that according to longitude, latitude Highly accurately calculate three-dimensional current location information.Currently, defended for calculating the method for position and temporal information using three Star and the position calculated by using other satellite correction and the error of temporal information.In addition, GPS module 115 Can be by Continuous plus current location information in real time come calculating speed information.
A/V input blocks 120 are used to receive audio or video signal.A/V input blocks 120 can include the He of camera 121 Microphone 122, the static images that 121 pairs of camera is obtained in video acquisition mode or image capture mode by image capture apparatus Or the view data of video is handled.Picture frame after processing may be displayed on display unit 151.Handled through camera 121 Picture frame afterwards can be stored in memory 160 (or other storage mediums) or be sent out via wireless communication unit 110 Send, two or more cameras 1210 can be provided according to the construction of mobile terminal.Microphone 122 can telephone calling model, Sound (voice data) is received via microphone in logging mode, speech recognition mode etc. operational mode, and can be by this The acoustic processing of sample is voice data.Audio (voice) data after processing can be converted in the case of telephone calling model The form output of mobile communication base station can be sent to via mobile communication module 112.Microphone 122 can be implemented various types of Noise eliminate (or suppress) algorithm with eliminate noise that (or suppression) produce during receiving and sending audio signal or Interference.
The order that user input unit 130 can be inputted according to user generates key input data to control each of mobile terminal Plant operation.User input unit 130 allows user to input various types of information, and can include keyboard, metal dome, touch Plate (for example, detection due to being touched caused by resistance, pressure, electric capacity etc. change sensitive component), roller, rocking bar etc. Deng.Especially, when touch pad is superimposed upon on display unit 151 in the form of layer, touch-screen can be formed.
Sensing unit 140 detects the current state of mobile terminal 1 00, (for example, mobile terminal 1 00 opens or closes shape State), the position of mobile terminal 1 00, user is for the presence or absence of contact (that is, touch input) of mobile terminal 1 00, mobile terminal The acceleration or deceleration movement of 100 orientation, mobile terminal 1 00 and direction etc., and generate for controlling mobile terminal 1 00 The order of operation or signal.For example, when mobile terminal 1 00 is embodied as sliding-type mobile phone, sensing unit 140 can be sensed The sliding-type phone is opening or closing.In addition, sensing unit 140 can detect power subsystem 190 whether provide electric power or Whether person's interface unit 170 couples with external device (ED).Sensing unit 140, which can include proximity transducer 1410, to be combined below This is described touch-screen.
Interface unit 170 is connected the interface that can pass through as at least one external device (ED) with mobile terminal 1 00.For example, External device (ED) can include wired or wireless head-band earphone port, external power source (or battery charger) port, wired or nothing Line FPDP, memory card port, the port for connecting the device with identification module, audio input/output (I/O) end Mouth, video i/o port, ear port etc..Identification module can be that storage is used to verify that user uses each of mobile terminal 1 00 Plant information and subscriber identification module (UIM), client identification module (SIM), Universal Subscriber identification module (USIM) can be included Etc..In addition, the device (hereinafter referred to as " identifying device ") with identification module can take the form of smart card, therefore, know Other device can be connected via port or other attachment means with mobile terminal 1 00.Interface unit 170 can be used for reception and come from The input (for example, data message, electric power etc.) of external device (ED) and the input received is transferred in mobile terminal 1 00 One or more elements can be used for transmitting data between mobile terminal and external device (ED).
In addition, when mobile terminal 1 00 is connected with external base, interface unit 170 may be used as allowing by it by electricity Power provides to the path of mobile terminal 1 00 from base or may be used as allowing passing through it from the various command signals that base is inputted It is transferred to the path of mobile terminal.The various command signals or electric power inputted from base may be used as being used to recognize that mobile terminal is The no signal being accurately fitted within base.Output unit 150 is configured to provide defeated with vision, audio and/or tactile manner Go out signal (for example, audio signal, vision signal, alarm signal, vibration signal etc.).Output unit 150 can include display Unit 151, dio Output Modules 152, alarm unit 153 etc..
Display unit 151 may be displayed on the information handled in mobile terminal 1 00.For example, when mobile terminal 1 00 is in electricity When talking about call mode, display unit 151 can be shown with conversing or other communicating (for example, text messaging, multimedia file Download etc.) related user interface (UI) or graphic user interface (GUI).When mobile terminal 1 00 is in video calling pattern Or during image capture mode, display unit 151 can show the image of capture and/or the image of reception, show video or figure UI or GUI of picture and correlation function etc..
Meanwhile, when display unit 151 and touch pad in the form of layer it is superposed on one another to form touch-screen when, display unit 151 may be used as input unit and output device.Display unit 151 can include liquid crystal display (LCD), thin film transistor (TFT) In LCD (TFT-LCD), Organic Light Emitting Diode (OLED) display, flexible display, three-dimensional (3D) display etc. at least It is a kind of.Some in these displays may be constructed such that transparence to allow user to be watched from outside, and this is properly termed as transparent Display, typical transparent display can be, for example, TOLED (transparent organic light emitting diode) display etc..According to specific Desired embodiment, mobile terminal 1 00 can include two or more display units (or other display devices), for example, moving Dynamic terminal can include outernal display unit (not shown) and inner display unit (not shown).Touch-screen can be used for detection to touch Input pressure and touch input position and touch input area.
Dio Output Modules 152 can mobile terminal be in call signal reception pattern, call mode, logging mode, It is that wireless communication unit 110 is received or in memory 160 when under the isotypes such as speech recognition mode, broadcast reception mode The voice data transducing audio signal of middle storage and it is output as sound.Moreover, dio Output Modules 152 can be provided and movement The audio output (for example, call signal receives sound, message sink sound etc.) for the specific function correlation that terminal 100 is performed. Dio Output Modules 152 can include loudspeaker, buzzer etc..
Alarm unit 153 can provide output to notify event to mobile terminal 1 00.Typical event can be with Including calling reception, message sink, key signals input, touch input etc..In addition to audio or video is exported, alarm unit 153 can provide output in a different manner with the generation of notification event.For example, alarm unit 153 can be in the form of vibration Output is provided, when receiving calling, message or some other entrance communications (incomingcommunication), alarm list Member 153 can provide tactile output (that is, vibrating) to notify to user.Exported by providing such tactile, even in When the mobile phone of user is in the pocket of user, user also can recognize that the generation of various events.Alarm unit 153 The output of the generation of notification event can be provided via display unit 151 or dio Output Modules 152.
Memory 160 can store software program of the processing performed by controller 180 and control operation etc., Huo Zheke Temporarily to store oneself data (for example, telephone directory, message, still image, video etc.) through exporting or will export.And And, memory 160 can store the vibration of various modes on being exported when touching and being applied to touch-screen and audio signal Data.
Memory 160 can include the storage medium of at least one type, and the storage medium includes flash memory, hard disk, many Media card, card-type memory (for example, SD or DX memories etc.), random access storage device (RAM), static random-access storage Device (SRAM), read-only storage (ROM), Electrically Erasable Read Only Memory (EEPROM), programmable read only memory (PROM), magnetic storage, disk, CD etc..Moreover, mobile terminal 1 00 can be with performing memory by network connection The network storage device cooperation of 160 store function.
The overall operation of the generally control mobile terminal of controller 180.For example, controller 180 is performed and voice call, data Communication, video calling etc. related control and processing.In addition, controller 180 can include being used to reproduce (or playback) many matchmakers The multi-media module 1810 of volume data, multi-media module 1810 can be constructed in controller 180, or can be structured as and control Device 180 processed is separated.Controller 180 can be with execution pattern identifying processing, by the handwriting input performed on the touchscreen or figure Piece draws input and is identified as character or image.
Power subsystem 190 receives external power or internal power under the control of controller 180 and provides operation each member Appropriate electric power needed for part and component.
Various embodiments described herein can be with use such as computer software, hardware or its any combination of calculating Machine computer-readable recording medium is implemented.Implement for hardware, embodiment described herein can be by using application-specific IC (ASIC), digital signal processor (DSP), digital signal processing device (DSPD), programmable logic device (PLD), scene can Programming gate array (FPGA), processor, controller, microcontroller, microprocessor, it is designed to perform function described herein At least one of electronic unit is implemented, and in some cases, such embodiment can be implemented in controller 180. For software implementation, the embodiment of such as process or function can be with allowing to perform the single of at least one function or operation Software module is implemented.Software code can by the software application (or program) write with any appropriate programming language Lai Implement, software code can be stored in memory 160 and be performed by controller 180.
So far, oneself according to its function through describing mobile terminal.Below, for the sake of brevity, will description such as folded form, Slide type mobile terminal in various types of mobile terminals of board-type, oscillating-type, slide type mobile terminal etc. is as showing Example.Therefore, the present invention can be applied to any kind of mobile terminal, and be not limited to slide type mobile terminal.
Mobile terminal 1 00 as shown in Figure 1 may be constructed such that using via frame or packet transmission data it is all if any Line and wireless communication system and satellite-based communication system are operated.
The communication system for describing wherein be operated according to the mobile terminal of the present invention referring now to Fig. 2.
Such communication system can use different air interfaces and/or physical layer.For example, used by communication system Air interface includes such as frequency division multiple access (FDMA), time division multiple acess (TDMA), CDMA (CDMA) and universal mobile communications system System (UMTS) (especially, Long Term Evolution (LTE)), global system for mobile communications (GSM) etc..As non-limiting example, under The description in face is related to cdma communication system, but such teaching is equally applicable to other types of system.
With reference to Fig. 2, cdma wireless communication system can include multiple mobile terminal 1s 00, multiple base stations (BS) 270, base station Controller (BSC) 275 and mobile switching centre (MSC) 280.MSC280 is configured to and Public Switched Telephony Network (PSTN) 290 form interface.MSC280 is also structured to the BSC275 formation interfaces with that can be couple to base station 270 via back haul link. If any of interface that back haul link can be known according to Ganji is constructed, the interface includes such as E1/T1, ATM, IP, PPP, frame relay, HDSL, ADSL or xDSL.It will be appreciated that system can include multiple BSC2750 as shown in Figure 2.
Each BS270 can service one or more subregions (or region), by multidirectional antenna or the day of sensing specific direction Each subregion of line covering is radially away from BS270.Or, each subregion can be by two or more for diversity reception Antenna is covered.Each BS270 may be constructed such that the multiple frequency distribution of support, and each frequency distribution has specific frequency spectrum (for example, 1.25MHz, 5MHz etc.).
What subregion and frequency were distributed, which intersects, can be referred to as CDMA Channel.BS270 can also be referred to as base station transceiver System (BTS) or other equivalent terms.In this case, term " base station " can be used for broadly representing single BSC275 and at least one BS270.Base station can also be referred to as " cellular station ".Or, specific BS270 each subregion can be claimed For multiple cellular stations.
With reference to Fig. 2, cdma wireless communication system can include multiple mobile terminal 1s 00, multiple base stations (BS) 270, base station Controller (BSC) 275 and mobile switching centre (MSC) 280.MSC280 is configured to and Public Switched Telephony Network (PSTN) 290 form interface.MSC280 is also structured to the BSC275 formation interfaces with that can be couple to base station 270 via back haul link. If any of interface that back haul link can be known according to Ganji is constructed, the interface includes such as E1/T1, ATM, IP, PPP, frame relay, HDSL, ADSL or xDSL.It will be appreciated that system can include multiple BSC2750 as shown in Figure 2.
Each BS270 can service one or more subregions (or region), by multidirectional antenna or the day of sensing specific direction Each subregion of line covering is radially away from BS270.Or, each subregion can be by two or more for diversity reception Antenna is covered.Each BS270 may be constructed such that the multiple frequency distribution of support, and each frequency distribution has specific frequency spectrum (for example, 1.25MHz, 5MHz etc.).
What subregion and frequency were distributed, which intersects, can be referred to as CDMA Channel.BS270 can also be referred to as base station transceiver System (BTS) or other equivalent terms.In this case, term " base station " can be used for broadly representing single BSC275 and at least one BS270.Base station can also be referred to as " cellular station ".Or, specific BS270 each subregion can be claimed For multiple cellular stations.
As shown in Figure 2, broadcast singal is sent to the mobile terminal operated in system by broadcsting transmitter (BT) 295 100.Broadcasting reception module 111 as shown in Figure 1 is arranged at mobile terminal 1 00 to receive the broadcast sent by BT295 Signal.In fig. 2 it is shown that several global positioning system (GPS) satellites 300.Satellite 300 helps to position multiple mobile terminals At least one in 100.
In fig. 2, multiple satellites 300 are depicted, it is understood that be, it is possible to use any number of satellite obtains useful Location information.GPS module 115 as shown in Figure 1 is generally configured to coordinate with satellite 300 to obtain desired positioning letter Breath.GPS tracking techniques or outside GPS tracking techniques are substituted, the other of the position that can track mobile terminal can be used Technology.In addition, at least one gps satellite 300 can optionally or additionally handle satellite dmb transmission.
As a typical operation of wireless communication system, BS270 receives the reverse link from various mobile terminal 1s 00 Signal.Mobile terminal 1 00 generally participates in call, information receiving and transmitting and other types of communication.It is each anti-that certain base station 270 is received Handled to link signal in specific BS270.The data of acquisition are forwarded to the BSC275 of correlation.BSC provides call Resource allocation and the mobile management function of coordination including the soft switching process between BS270.BSC275 is also by the number received According to MSC280 is routed to, it is provided for the extra route service with PSTN290 formation interfaces.Similarly, PSTN290 with MSC280 formation interfaces, MSC and BSC275 formation interface, and BSC275 correspondingly control BS270 with by forward link signals It is sent to mobile terminal 1 00.
Based on above-mentioned mobile terminal hardware configuration and communication system, each embodiment of the inventive method is proposed.
Fig. 3 realizes the flow chart of the method for safety check for the present invention, as shown in figure 3, comprising the following steps:
Step 301:The first system calls the interface of second system;
Wherein, interface check system is arranged on the first system and second system.
Before this step is performed, in addition to:The second system is registered to obtain by interface check system State the check information of second system.
At present, the safety check mechanism carried out between each system interface during interaction mainly has BaseAuth mechanism and checking at present Ink recorder system, based on both safety check mechanism, realizes a set of safety check system, the safety check system pacifies both The client of full verification scheme is encrypted and service end decryption verification code is all realized, and by the form of tangent plane, to block The interface processing of each system is cut, to carry out unified client encryption and service end decryption verification.When implementing, peace Whole school's check system packs the code of this part, each system can be supplied to use in the form of Jar bags.So, each is System avoids the need for oneself going to write the code of repetition again realizing interface check function.
Interface check system provides enrollment page, and the product manager of each system goes the page to fill in oneself responsible system of institute Information, information can include but is not limited to systematic name, unique identifying number, exploitation test and the domain names of formal environments, use Safety check mechanism etc..After succeeding in registration, interface check system can generate a https traffic for the system to be needed to use Certificate, system is downloaded after the certificate, is encrypted and communicated with safety check system using the certificate, with obtain exploitation test with just Interface checking information used in formula environment, the user name password such as distributed with each system of oneself system docking, and encryption Key and the AES of agreement etc..Wherein, HTTPS full name is:Hyper Text Transfer Protocol over Secure Socket Layer, are the HTTP passages using safety as target, are briefly HTTP safe versions.
For the security of strengthening system, each system check information preserved in interface check system is all encrypting storing , the information that keeper is seen also all is the information after encryption, can so be ensured information security;In addition, each system is also The respective check information update cycle can be set, such as one month or 1 year, i.e., after one cycle, by interface check system Its interface check information is updated, and notifies each system be updated by HTTPS request.
Step 302:Judge whether to have obtained check information when communicating with the second system, if do not obtained and institute Check information during second system communication is stated, then performs step 303;Otherwise step 304 is performed.
Step 303:The first system obtains verification when being communicated with the second system to the interface check system Information.
In this step, the first system obtains school when being communicated with the second system to the interface check system Testing information includes:
The first system by HTTPS request to the interface check system application communicated with the second system when Check information;Check information when wherein being communicated with the second system is the interface check system according to the first system The check information corresponding with the first system that is returned of request address.For example:Interface check system is according to the first system The address of request judges that it is exploitation test or formal environments, if exploitation test environment, then will be with exploitation test environment Corresponding method of calibration and information return to the first system, if formal environments, then will verification side corresponding with formal environments Method and information return to the first system.
Step 304:If getting check information when being communicated with the second system, the first system passes through institute The tangent plane program of interface check system offer is stated, when being communicated in interface interchange solicited message described in addition with the second system Check information, and send the interface interchange to the second system and ask.
Wherein, after execution of step 304, it can also include:
The second system is received after the interface interchange request of the first system, according to the check information pair of the system Interface is verified.So, the checking procedure of an interface is just completed.
In one embodiment, when safety check mechanism is BaseAuth mechanism, the first system and described second Check information when system communicates is username and password, then, add described with described the in interface interchange solicited message Check information when two system communicates can be accomplished by the following way:
The first system adds username and password in interface interchange solicited message, so, in the first system by the interface Call request is sent to second system, and second system is received after interface interchange request, and second system according to being obtained in advance The username and password of the system got, is verified to the interface, if the user included in interface interchange request Name and password are consistent with the username and password accessed by the system, then are verified, and can perform the interface and return to execution As a result.
In another embodiment, when safety check mechanism is identifying code mechanism, the first system and described second Check information during system communication is encryption Key, then, the described and second system is added in interface interchange solicited message Check information during communication can be accomplished by the following way:
The first system is encrypted according to encryption Key and the AES of agreement, docking port call request information, and raw It is added into afterbody identifying code, and by the afterbody identifying code in interface interchange solicited message, so, in the first system by the interface Call request is sent to second system, and second system is received after interface interchange request, and second system according to being obtained in advance The encryption Key docking port call request content of parameter of the system got is decrypted, and compares institute in interface interchange request Comprising the identifying code that is generated by acquired encryption Key of afterbody identifying code and the system it is whether consistent, if unanimously, tested Card passes through, and can perform the interface and returns to implementing result.
Fig. 4 realizes the composition structural representation of the device of safety check for the present invention, as shown in figure 4, the device is arranged on In system, including:Interface interchange module, interface ciphering module, wherein,
Interface interchange module, is set to, when the first system calls the interface of second system, judge whether to have obtained and institute Check information during second system communication is stated, if not obtaining check information when being communicated with the second system, to connecing Mouthful check system obtains check information when being communicated with the second system, and by it is acquired communicated with the second system when Check information be sent to interface ciphering module, wherein, the interface check system is arranged on the first system and second and is On system;
Interface ciphering module, if being set to get check information when communicating with the second system, described The tangent plane program that one system is provided by the interface check system, adds described with described the in interface interchange solicited message Check information when two system communicates, and send the interface interchange request to the second system.
In addition, the device also includes:
Check information acquisition module, is set to be registered to obtain the verification of the system by the interface check system Information;
Interface decryption verification module, is set to when the second system receives the interface interchange request of the first system Afterwards, the interface is verified according to the check information of the system.
When safety check mechanism is BaseAuth mechanism, the verification when the first system communicates with the second system Information is username and password, then, school when being communicated in interface interchange solicited message described in addition with the second system Testing information can be accomplished by the following way:
The first system adds username and password in interface interchange solicited message, so, in the first system by the interface Call request is sent to second system, and second system is received after interface interchange request, and second system according to being obtained in advance The username and password of the system got, is verified to the interface, if the user included in interface interchange request Name and password are consistent with the username and password accessed by the system, then are verified, and can perform the interface and return to execution As a result.
When safety check mechanism is identifying code mechanism, the verification letter when the first system communicates with the second system Cease for encryption Key, then, check information when being communicated in interface interchange solicited message described in addition with the second system can To be accomplished by the following way:
The first system is encrypted according to encryption Key and the AES of agreement, docking port call request information, and raw It is added into afterbody identifying code, and by the afterbody identifying code in interface interchange solicited message, so, in the first system by the interface Call request is sent to second system, and second system is received after interface interchange request, and second system according to being obtained in advance The encryption Key docking port call request content of parameter of the system got is decrypted, and compares institute in interface interchange request Comprising the identifying code that is generated by acquired encryption Key of afterbody identifying code and the system it is whether consistent, if unanimously, tested Card passes through, and can perform the interface and returns to implementing result.
Wherein, the check information acquisition module is also configured to:
The enrollment page that system is provided by the interface check system sets the relevant information of the system to be registered, note After volume success, the certificate for needing to use when carrying out https traffic that the interface check system generates for the system is downloaded, and It is encrypted and is communicated with the interface check system using the certificate, obtains the check information.
The interface interchange module is also configured to:
The first system by HTTPS request to the interface check system application communicated with the second system when Check information;Check information when wherein being communicated with the second system is the interface check system according to the first system The check information corresponding with the first system that is returned of request address.
Wherein, the first system is led to by HTTPS request to the interface check system application and the second system Check information during letter;Check information when wherein being communicated with the second system is the interface check system according to described The check information corresponding with the first system that the request address of one system is returned.
The present invention also provides a kind of mobile device, includes the device for realizing safety check described in any of the above-described.
This point it is emphasized that, it is that the respective verification of each system generation is believed by using interface check system in the present invention Breath, when the first system calls the interface of the second system, then the tangent plane program provided by the interface check system, Check information when being communicated in interface interchange solicited message described in addition with the second system, due to during safety check Use interface check system so that each system each need not go to write the code of repetition to realize interface check function again, So that the safety check between each system is more convenient and efficient.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row His property is included, so that process, method, article or device including a series of key elements not only include those key elements, and And also including other key elements being not expressly set out, or also include for this process, method, article or device institute inherently Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this Also there is other identical element in process, method, article or the device of key element.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Understood based on such, technical scheme is substantially done to prior art in other words Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium In (such as ROM/RAM, magnetic disc, CD), including some instructions are to cause a station terminal (can be mobile phone, computer, service Device, air conditioner, or network equipment etc.) perform method described in each of the invention embodiment.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills Art field, is included within the scope of the present invention.

Claims (11)

1. a kind of method for realizing safety check, it is characterised in that including:
Interface check system is arranged on the first system and second system;
When the first system calls the interface of second system, judge whether to have obtained verification letter when being communicated with the second system Breath, if not obtaining check information when being communicated with the second system, is obtained and described second to interface check system Check information when system communicates;
If getting check information when being communicated with the second system, the first system passes through the interface check system The tangent plane program that system is provided, check information when being communicated in interface interchange solicited message described in addition with the second system, And send the interface interchange request to the second system.
2. according to the method described in claim 1, it is characterised in that this method also includes:
The second system is registered to obtain the check information of the second system by the interface check system;
The second system is received after the interface interchange request of the first system, according to the check information of the second system The interface is verified.
3. method according to claim 2, it is characterised in that the second system is registered by interface check system Included with the check information for obtaining the second system:
The enrollment page that the second system is provided by the interface check system sets the relevant information of the system to be noted Volume, after succeeding in registration, downloads the card for needing to use when carrying out https traffic that the interface check system generates for the system Book, and be encrypted and communicate with the interface check system using the certificate, to obtain the check information.
4. the method according to claim 1,2 or 3, it is characterised in that the first system is obtained to interface check system Check information when being communicated with the second system includes:
The first system by HTTPS request to the interface check system application communicated with the second system when verification Information;Check information when wherein being communicated with the second system is the interface check system asking according to the first system Seek the check information corresponding with the first system that address is returned.
5. method according to claim 4, it is characterised in that the check information of the second system is by the interface check System is periodically updated, and is cryptographically stored in the interface check system.
6. a kind of device for realizing safety check, is arranged in system, it is characterised in that including:
Interface interchange module, is set to when the first system calls the interface of second system, judges whether to have obtained and described Check information when two system communicates, if not obtaining check information when being communicated with the second system, to interface school Check system obtains check information when being communicated with the second system, and by it is acquired communicated with the second system when school Test information and be sent to interface ciphering module, wherein, the interface check system is arranged on the first system and second system;
Interface ciphering module, if being set to get check information when communicating with the second system, described first is The tangent plane program united by interface check system offer, be with described second described in addition in interface interchange solicited message Check information during system communication, and send the interface interchange request to the second system.
7. device according to claim 6, it is characterised in that the device also includes:
Check information acquisition module, is set to be registered by the interface check system and is believed with the verification for obtaining the system Breath;
Interface decryption verification module, is set to after the second system receives the interface interchange request of the first system, The interface is verified according to the check information of the system.
8. device according to claim 7, it is characterised in that the check information acquisition module is also configured to:
The enrollment page that system is provided by the interface check system sets the relevant information of the system to be registered, and registers After work(, the certificate for needing to use when carrying out https traffic that the interface check system generates for the system is downloaded, and use The certificate is encrypted with the interface check system and communicated, to obtain the check information.
9. the device according to claim 6,7 or 8, it is characterised in that the interface interchange module is also configured to:
The first system by HTTPS request to the interface check system application communicated with the second system when verification Information;Check information when wherein being communicated with the second system is the interface check system asking according to the first system Seek the check information corresponding with the first system that address is returned.
10. device according to claim 9, it is characterised in that the check information of the second system is by the interface school Check system is periodically updated, and is cryptographically stored in the interface check system.
11. a kind of mobile terminal, it is characterised in that including the dress for realizing safety check described in any one of claim 6~10 Put.
CN201710286311.2A 2017-04-27 2017-04-27 A kind of method, device and mobile terminal for realizing safety check Pending CN107241308A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710286311.2A CN107241308A (en) 2017-04-27 2017-04-27 A kind of method, device and mobile terminal for realizing safety check

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710286311.2A CN107241308A (en) 2017-04-27 2017-04-27 A kind of method, device and mobile terminal for realizing safety check

Publications (1)

Publication Number Publication Date
CN107241308A true CN107241308A (en) 2017-10-10

Family

ID=59984236

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710286311.2A Pending CN107241308A (en) 2017-04-27 2017-04-27 A kind of method, device and mobile terminal for realizing safety check

Country Status (1)

Country Link
CN (1) CN107241308A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107302526A (en) * 2017-06-07 2017-10-27 努比亚技术有限公司 System interface call method, equipment and computer-readable recording medium
CN107317800A (en) * 2017-06-01 2017-11-03 努比亚技术有限公司 Safe checking method, terminal and computer-readable recording medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102523206A (en) * 2011-12-06 2012-06-27 公安部交通管理科学研究所 Information system associated sharing and interoperation platform
CN102624740A (en) * 2012-03-30 2012-08-01 奇智软件(北京)有限公司 Data interaction method, client and server
CN103701761A (en) * 2012-09-28 2014-04-02 中国电信股份有限公司 Authentication method for invoking open interface and system
CN105634743A (en) * 2015-12-30 2016-06-01 中国银联股份有限公司 Authentication method used for open interface calling
CN106453519A (en) * 2016-09-21 2017-02-22 合网络技术(北京)有限公司 Interface call method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102523206A (en) * 2011-12-06 2012-06-27 公安部交通管理科学研究所 Information system associated sharing and interoperation platform
CN102624740A (en) * 2012-03-30 2012-08-01 奇智软件(北京)有限公司 Data interaction method, client and server
CN103701761A (en) * 2012-09-28 2014-04-02 中国电信股份有限公司 Authentication method for invoking open interface and system
CN105634743A (en) * 2015-12-30 2016-06-01 中国银联股份有限公司 Authentication method used for open interface calling
CN106453519A (en) * 2016-09-21 2017-02-22 合网络技术(北京)有限公司 Interface call method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107317800A (en) * 2017-06-01 2017-11-03 努比亚技术有限公司 Safe checking method, terminal and computer-readable recording medium
CN107302526A (en) * 2017-06-07 2017-10-27 努比亚技术有限公司 System interface call method, equipment and computer-readable recording medium

Similar Documents

Publication Publication Date Title
CN105099669B (en) Recording encipher-decipher method and device
CN107145552A (en) Page access method, equipment and computer-readable storage medium
CN106341817A (en) Access control system, access control method, mobile terminals and access server
CN105376062A (en) Communication safety interaction method, device and system
CN106529225A (en) Device and method for protecting source code of application program
CN106453652A (en) Log file uploading method and system
CN104834863A (en) Wi-Fi password storage method and apparatus
CN106028090A (en) Mobile terminal and video recording method thereof
CN106793159A (en) A kind of screen prjection method and mobile terminal
CN105095705B (en) A kind of information processing method and device
CN106886713A (en) A kind of risk checking method of terminal, server and installation software
CN106973090A (en) A kind of terminal, server and contact person's synchronous method
CN106850080A (en) The sending method and mobile terminal of a kind of associated person information
CN107241308A (en) A kind of method, device and mobile terminal for realizing safety check
CN107071161A (en) The aggregation display method and mobile terminal of icon in a kind of status bar
CN106792644A (en) Mobile terminal, server and information processing method
CN106131318A (en) A kind of incoming information hidden method and device
CN106550133A (en) Calling identification device and method
CN104794052B (en) The method and device of encryption display test
CN105791305B (en) A kind of data processing method and equipment
CN106535196A (en) Routing equipment, terminal and method for controlling WiFi access
CN107249070A (en) A kind of terminal and gamma adjusting method
CN106529353A (en) Method and apparatus for performing anti-eavesdropping processing on key input information
CN106789600A (en) The sharing method and terminal of a kind of picture
CN107220294A (en) A kind of method and terminal for asking to handle

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171010

RJ01 Rejection of invention patent application after publication