CN107368337B - Application downloading method and device and terminal equipment - Google Patents
Application downloading method and device and terminal equipment Download PDFInfo
- Publication number
- CN107368337B CN107368337B CN201710610543.9A CN201710610543A CN107368337B CN 107368337 B CN107368337 B CN 107368337B CN 201710610543 A CN201710610543 A CN 201710610543A CN 107368337 B CN107368337 B CN 107368337B
- Authority
- CN
- China
- Prior art keywords
- application
- downloading
- installation package
- payment
- processor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 238000009434 installation Methods 0.000 claims abstract description 98
- 238000001514 detection method Methods 0.000 claims description 36
- 230000006870 function Effects 0.000 claims description 26
- 238000004590 computer program Methods 0.000 claims description 19
- 238000002955 isolation Methods 0.000 claims description 15
- 241000700605 Viruses Species 0.000 claims description 11
- 238000012986 modification Methods 0.000 claims description 6
- 230000004048 modification Effects 0.000 claims description 6
- 238000004891 communication Methods 0.000 description 24
- 230000008569 process Effects 0.000 description 14
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/123—Shopping for digital content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Stored Programmes (AREA)
Abstract
The invention is suitable for the technical field of application downloading, and provides an application downloading method, an application downloading device and terminal equipment, wherein the application downloading method comprises the following steps: receiving an application downloading instruction, wherein the application downloading instruction carries a unique identifier of an application; judging whether the application is a payment application or not according to the unique identifier of the application; and when the application is a payment application, downloading and storing the installation package of the payment application through a preset safety system, wherein the preset safety system is only communicated with a main system of the terminal equipment. By the method, the safety of the downloaded installation package of the payment application is improved.
Description
Technical Field
The invention belongs to the technical field of application downloading, and particularly relates to an application downloading method, an application downloading device and terminal equipment.
Background
At present, the payment function realized by the payment application of the mobile terminal (such as a mobile phone) is more and more popular, but when the payment is carried out by the mobile terminal, the payment is related to the money expenditure of the user, so the security of the payment process is very important for the user.
If the user downloads the payment application (i.e. the application including the payment function) through an illegal application market or through a third-party browser, in the process of waiting for downloading the payment application, the risk of malicious interception by the third-party application and transfer to other malicious websites to download the emulational payment application exists. If the user installs the downloaded disguised application, the property information of the user will have serious potential safety hazard.
Therefore, it is necessary to provide a new method to solve the above technical problems.
Disclosure of Invention
In view of this, embodiments of the present invention provide an application downloading method, an application downloading device, and a terminal device, so as to reduce the problem of potential safety hazard of a downloaded payment-type application.
A first aspect of an embodiment of the present invention provides an application downloading method, including:
receiving an application downloading instruction, wherein the application downloading instruction carries a unique identifier of an application;
judging whether the application is a payment application or not according to the unique identifier of the application;
and when the application is a payment application, downloading and storing the installation package of the payment application through a preset safety system, wherein the preset safety system is only communicated with a main system of the terminal equipment.
A second aspect of an embodiment of the present invention provides an application downloading apparatus, including:
the application downloading instruction receiving unit is used for receiving an application downloading instruction, and the application downloading instruction carries the unique identifier of the application;
the payment application judging unit is used for judging whether the application is a payment application or not according to the unique identifier of the application;
and the first application installation package downloading unit is used for downloading and storing the installation package of the payment application through a preset safety system when the application is the payment application, and the preset safety system is only communicated with the main system of the terminal equipment.
A third aspect of the embodiments of the present invention provides a terminal device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of any one of the methods of application downloading when executing the computer program.
A fourth aspect of embodiments of the present invention provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method as in any one of the application download methods.
Compared with the prior art, the embodiment of the invention has the following beneficial effects:
when the application to be downloaded is the payment application, the installation package of the payment application is downloaded and stored through the preset safety system, the preset safety system is independent from the main system of the terminal device, and the preset safety system is only communicated with the main system of the terminal device.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a flowchart of an application downloading method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an application downloading device according to a second embodiment of the present invention;
fig. 4 is a schematic diagram of a terminal device according to a third embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
In order to explain the technical means of the present invention, the following description will be given by way of specific examples.
The first embodiment is as follows:
fig. 1 shows a flowchart of an application downloading method according to a first embodiment of the present invention, which is detailed as follows:
and step S11, receiving an application downloading instruction, wherein the application downloading instruction carries the unique identifier of the application.
Wherein the unique identification of the application comprises: the name of the application, the apk package name, etc.
In the step, after detecting that an application downloading instruction is sent by a user in a browser or an application store, the terminal device analyzes the application downloading instruction to obtain a unique identifier of an application carried by the application downloading instruction. It should be noted that the browser herein includes not only the official browser but also any other third party browser.
Specifically, when the terminal device is a mobile terminal, the schematic diagram of the mobile terminal is shown in fig. 2, and in fig. 2, the mobile terminal includes a memory 201, a processor 202, an input device 203, an output device 204, and a bus 205.
And step S12, judging whether the application is the payment application or not according to the unique identifier of the application.
The payment application refers to an application including a payment function, and common payment applications include a payment treasure, a WeChat and the like.
Specifically, unique identifiers of various payment applications are stored in the terminal device in advance, after the unique identifiers of the applications carried by the application downloading instruction are obtained, the unique identifiers of the applications are compared with the unique identifiers of the various payment applications stored in advance, if the unique identifiers of the applications are the same as any one of the unique identifiers of the various payment applications stored in advance, the applications corresponding to the unique identifiers of the applications are judged to be the payment applications, and otherwise, the applications corresponding to the unique identifiers of the applications are judged not to be the payment applications.
Of course, in order to ensure the comprehensiveness and accuracy of the unique identifier of the payment application stored in the terminal device, the terminal device will update the unique identifier of the payment application stored in the terminal device at regular time. Specifically, the terminal device regularly reminds the user to update the unique identifier of the payment application stored by the terminal device. Or the terminal equipment regularly accesses the application information stored in the appointed server, judges whether the corresponding application is the payment application or not according to the application information, and acquires and stores the unique identifier of the application if the application is the payment application. Or, the terminal device establishes a communication mechanism with the specified server, when the specified server adds the payment application, the unique identifier of the payment application is sent to the terminal device, and the terminal device receives and stores the unique identifier of the payment application.
And step S13, when the application is a payment application, downloading and storing the installation package of the payment application through a preset safety system, wherein the preset safety system is independent from a main system of the terminal equipment, and the preset safety system is only communicated with the main system of the terminal equipment.
Specifically, the processor of the terminal device is a processor with a space isolation function, and two systems can be installed on the terminal device through the processor with the space isolation function, which are respectively: a main system of the terminal equipment and a preset safety system. Or, a single security processor is added to the terminal device, that is, the terminal device includes 2 processors, which are: the system comprises a safety processor and a common processor, wherein the safety processor and the common processor are mutually independent and have a space isolation function. Correspondingly, the security processor runs a preset security system, and the general processor runs a main system of the terminal device.
Because the preset security system only communicates with the main system of the terminal device, the third-party application cannot know the existence of the preset security system, or even if the existence of the preset security system is known, the third-party application cannot know the communication mode and/or does not have corresponding authority with the preset security system, so that the third-party application cannot communicate with the preset security system, and the security of the preset security system is further ensured.
It should be noted that, assuming that the communication mode between the preset security system and the host system of the terminal device is a first communication mode, and the communication mode between the host system of the terminal device and the third-party application is a second communication mode, the first communication mode and the second communication mode are different communication modes.
Optionally, when the application is a non-payment application, the installation package of the non-payment application is downloaded and stored through a preset main system of the terminal device. Specifically, when the terminal device determines that the application to be downloaded is a non-payment application, the installation package of the non-payment application can be directly downloaded and stored through the main system of the terminal device.
Optionally, in order to reduce the probability of downloading the installation package of the application in the emulational payment class, before the step S13, the method includes: the security of the link address pointed by the application download instruction is detected, and step S13 is executed only when the security of the link address meets the condition. The link address security compliance conditions herein include: and judging whether the server address pointed by the link address is the server address in a preset white list, and if so, judging that the safety meets the conditions.
Similarly, in order to reduce the probability of downloading the installation package of the non-payment application in the emulational non-payment application, before the installation package of the non-payment application is downloaded and stored, the security of the link address pointed by the application downloading instruction also needs to be detected, and the installation package of the non-payment application is downloaded and stored only when the security of the link address meets the condition.
Optionally, in order to further avoid malicious interception of the application download process by a third-party application, the preset security system includes a secure download channel and a secure space, and the step S13 includes:
and downloading the installation package of the payment application through the secure download channel and storing the installation package of the payment application in an independent secure space of the preset secure system.
In this step, the processor with space isolation function of the terminal device (when the terminal device has 2 processors, the processor is a secure processor) processes the payment-type application through an independent secure download channel and a secure space. The independent secure download channel is different from a download channel commonly used by a main system of the terminal equipment, and the independent secure download channel and the download channel are mutually independent and have no intersection; the independent safety space is different from a safety space commonly used by a main system of the terminal equipment, and the independent safety space and the main system of the terminal equipment are mutually independent and have no intersection.
Due to the fact that the installation package of the payment application is downloaded and stored through the independent safe downloading channel and the independent safe space, the situation that a third party application maliciously intercepts the downloaded installation package of the payment application in the process of downloading the installation package of the payment application can be avoided, and therefore the downloading safety of the installation package of the payment application is improved.
Optionally, in order to further identify whether the downloaded installation package of the payment-type application is an installation package of an emulational payment-type application, after the installation package of the payment-type application is downloaded and stored through a preset security system, the method includes:
a1, performing security detection on the stored installation package of the payment application through the preset security system, wherein the security detection includes at least one of the following: virus detection, modification detection, integrity detection. Specifically, after the installation package of the payment application is stored, but before the payment application is installed, a security processor is called through a preset security system to perform security detection on the stored installation package of the payment application. The virus detection mainly comprises the steps of detecting whether an installation package of the payment application is a virus by adopting a preset virus detection algorithm or a virus detection tool; the modification detection mainly detects whether the data of the installation package of the payment application is modified; the integrity detection mainly detects whether the data of the downloaded installation package of the payment application is complete, for example, the MD5 (or SHA1, CRC32, etc.) of the installation package of the payment application is queried, then the MD5 (or SHA1, CRC32, etc.) is matched with the officially issued data, if the MD5 (or SHA1, CRC32, etc.) is matched with the officially issued data, the data of the installation package of the payment application is determined not to be modified (or the data of the payment application is determined to be complete), otherwise, the data of the installation package of the payment application is determined to be modified (or the data of the payment application is determined to be incomplete).
And A2, after the installation package of the payment application passes the security detection, informing a main system of the terminal device to install the payment application. Specifically, the processor with the space isolation function of the terminal device (when the terminal device has 2 processors, the processor is a security processor) notifies the main system of the terminal device to install the payment-type application.
And A3, deleting the stored installation package of the payment application through the preset security system after the installation package of the payment application does not pass the security detection, and informing a main system of the terminal device to prompt a user. Specifically, after the stored installation package of the payment application is deleted through the preset security system, because the preset security system does not directly interact with the user, the main system of the terminal device is notified that the installation package of the payment application stored by the user is deleted, and meanwhile, in order to enable the user to know that the downloaded installation package of the payment application does not pass the security detection, the prompt of the main system of the terminal device further includes a reason for deleting the installation package of the payment application, such as failing to pass the security detection.
Optionally, since the security space of the preset security system is usually limited, in order to reduce the occupation of the security space by useless information, after a2, the method includes:
deleting the stored installation package of the payment application through the preset security system. The installation package of the installed payment application is deleted, so that the utilization rate of the safety space is improved, and the operation of other applications on the installation package of the payment application can be avoided by deleting the installation package of the payment application through the preset safety system.
In the first embodiment of the invention, an application downloading instruction is received, the application downloading instruction carries a unique identifier of an application, whether the application is a payment application is judged according to the unique identifier of the application, when the application is the payment application, an installation package of the payment application is downloaded and stored through a preset safety system, and the preset safety system is only communicated with a main system of the terminal equipment. When the application to be downloaded is the payment application, the installation package of the payment application is downloaded and stored through the preset safety system, and the preset safety system is only communicated with the main system of the terminal device, so that in the process of downloading the installation package of the payment application through the preset safety system, the third-party application cannot be communicated with the main system of the terminal device to establish communication with the preset safety system, the installation package of the payment application downloaded through the preset safety system cannot be intercepted, and the safety of the downloaded installation package of the payment application is improved.
Example two:
corresponding to the application downloading method, fig. 3 is a schematic structural diagram of an application downloading apparatus provided in a second embodiment of the present invention, which is applicable to a terminal device, and for convenience of description, only the parts related to the embodiment of the present invention are shown.
The application downloading device includes: an application download instruction receiving unit 31, a payment type application judging unit 32, and a first application installation package downloading unit 33. Wherein:
the application downloading instruction receiving unit 31 is configured to receive an application downloading instruction, where the application downloading instruction carries an unique identifier of an application.
Wherein the unique identification of the application comprises: the name of the application, the apk package name, etc.
And the payment application judging unit 32 is configured to judge whether the application is a payment application according to the unique identifier of the application.
The payment application refers to an application including a payment function, and common payment applications include a payment treasure, a WeChat and the like.
Specifically, unique identifiers of various payment applications are stored in the terminal device in advance, after the unique identifiers of the applications carried by the application downloading instruction are obtained, the unique identifiers of the applications are compared with the unique identifiers of the various payment applications stored in advance, if the unique identifiers of the applications are the same as any one of the unique identifiers of the various payment applications stored in advance, the applications corresponding to the unique identifiers of the applications are judged to be the payment applications, and otherwise, the applications corresponding to the unique identifiers of the applications are judged not to be the payment applications.
Of course, in order to ensure the comprehensiveness and accuracy of the unique identifier of the payment application stored in the terminal device, the terminal device will update the unique identifier of the payment application stored in the terminal device at regular time. Specifically, the terminal device regularly reminds the user to update the unique identifier of the payment application stored by the terminal device. Or the terminal equipment regularly accesses the application information stored in the appointed server, judges whether the corresponding application is the payment application or not according to the application information, and acquires and stores the unique identifier of the application if the application is the payment application. Or, the terminal device establishes a communication mechanism with the specified server, when the specified server adds the payment application, the unique identifier of the payment application is sent to the terminal device, and the terminal device receives and stores the unique identifier of the payment application.
The first application installation package downloading unit 33 is configured to download and store the installation package of the payment type application through a preset security system when the application is the payment type application, where the preset security system is only in communication with the main system of the terminal device.
Specifically, the processor of the terminal device is a processor with a space isolation function, and two systems can be installed on the terminal device through the processor with the space isolation function, which are respectively: a main system of the terminal equipment and a preset safety system. Or, a single security processor is added to the terminal device, that is, the terminal device includes 2 processors, which are: the system comprises a safety processor and a common processor, wherein the safety processor and the common processor are mutually independent and have a space isolation function. Correspondingly, the security processor runs a preset security system, and the general processor runs a main system of the terminal device.
It should be noted that, assuming that the communication mode between the preset security system and the host system of the terminal device is a first communication mode, and the communication mode between the host system of the terminal device and the third-party application is a second communication mode, the first communication mode and the second communication mode are different communication modes.
Optionally, the application downloading apparatus includes:
and the second application installation package downloading unit is used for downloading and storing the installation package of the non-payment application through a main system of preset terminal equipment when the application is the non-payment application.
Optionally, in order to reduce the probability of downloading the installation package of the application of the emulational payment type, the application downloading device includes:
and the link address security detection unit is used for detecting the security of the link address pointed by the application downloading instruction. The link address security compliance conditions herein include: and judging whether the server address pointed by the link address is the server address in a preset white list, and if so, judging that the safety meets the conditions.
Optionally, in order to further avoid malicious interception by a third-party application in the application downloading process, the preset security system includes a secure downloading channel and a secure space, and the first application installation package downloading unit 33 is specifically configured to:
and downloading the installation package of the payment application through the secure download channel and storing the installation package of the payment application in an independent secure space of the preset secure system.
Specifically, the processor with space isolation function of the terminal device (when the terminal device has 2 processors, the processor is a secure processor) processes the payment-type application through an independent secure download channel and a secure space.
Optionally, in order to further identify whether the downloaded installation package of the payment-type application is an installation package of the emulational payment-type application, the application downloading device includes:
a security detection unit, configured to perform security detection on the stored installation package of the payment-class application through the preset security system, where the security detection includes at least one of: virus detection, modification detection, integrity detection. The virus detection mainly comprises the steps of detecting whether an installation package of the payment application is a virus by adopting a preset virus detection algorithm or a virus detection tool; the modification detection mainly detects whether the data of the installation package of the payment application is modified; the integrity detection mainly detects whether the data of the downloaded installation package of the payment application is complete, for example, the MD5 (or SHA1, CRC32, etc.) of the installation package of the payment application is queried, then the MD5 (or SHA1, CRC32, etc.) is matched with the officially issued data, if the MD5 (or SHA1, CRC32, etc.) is matched with the officially issued data, the data of the installation package of the payment application is determined not to be modified (or the data of the payment application is determined to be complete), otherwise, the data of the installation package of the payment application is determined to be modified (or the data of the payment application is determined to be incomplete).
And the application installation notification unit is used for notifying the main system of the terminal equipment of installing the payment application after the installation package of the payment application passes the security detection.
And the application deleting unit is used for deleting the stored installation package of the payment application through the preset safety system and informing the main system of the terminal equipment to prompt a user after the installation package of the payment application does not pass the safety detection.
Optionally, since the security space of the preset security system is usually limited, in order to reduce the occupation of the security space by the useless information, the application downloading device includes:
and the installation package deleting unit is used for deleting the stored installation package of the payment application through the preset security system.
In the second embodiment of the present invention, when the application to be downloaded is a payment application, the installation package of the payment application is downloaded and stored through the preset security system, and the preset security system is only in communication with the main system of the terminal device, so that, in the process of downloading the installation package of the payment application by the preset security system, the third party application cannot communicate with the preset security system, and cannot establish communication with the preset security system through communication with the main system of the terminal device, and further cannot intercept the installation package of the payment application downloaded by the preset security system, thereby improving the security of the installation package of the downloaded payment application.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
Example three:
fig. 4 is a schematic diagram of a terminal device according to an embodiment of the present invention. As shown in fig. 4, the terminal device 4 of this embodiment includes: a processor 40, a memory 41 and a computer program 42 stored in said memory 41 and executable on said processor 40. The processor 40, when executing the computer program 42, implements the steps of the above-described embodiments of the application downloading method, such as the steps S11 to S13 shown in fig. 1. Alternatively, the processor 40, when executing the computer program 42, implements the functions of the modules/units in the above-mentioned device embodiments, such as the functions of the units 31 to 33 shown in fig. 3.
Illustratively, the computer program 42 may be partitioned into one or more modules/units that are stored in the memory 41 and executed by the processor 40 to implement the present invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program 42 in the terminal device 4. For example, the computer program 42 may be divided into an application download instruction receiving unit, a payment-type application determining unit, and a first application installation package downloading unit, where the specific functions of each unit are as follows:
the application downloading instruction receiving unit is used for receiving an application downloading instruction, and the application downloading instruction carries the unique identifier of the application;
the payment application judging unit is used for judging whether the application is a payment application or not according to the unique identifier of the application;
the first application installation package downloading unit is used for downloading and storing the installation package of the payment application through a preset safety system when the application is the payment application, the preset safety system is mutually independent from a main system of the terminal equipment, and the preset safety system is only communicated with the main system of the terminal equipment.
The terminal device 4 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The terminal device may include, but is not limited to, a processor 40, a memory 41. Those skilled in the art will appreciate that fig. 4 is merely an example of a terminal device 4 and does not constitute a limitation of terminal device 4 and may include more or fewer components than shown, or some components may be combined, or different components, e.g., the terminal device may also include input-output devices, network access devices, buses, etc.
The Processor 40 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 41 may be an internal storage unit of the terminal device 4, such as a hard disk or a memory of the terminal device 4. The memory 41 may also be an external storage device of the terminal device 4, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the terminal device 4. Further, the memory 41 may also include both an internal storage unit and an external storage device of the terminal device 4. The memory 41 is used for storing the computer program and other programs and data required by the terminal device. The memory 41 may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other ways. For example, the above-described embodiments of the apparatus/terminal device are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.
Claims (6)
1. An application download method, comprising:
receiving an application downloading instruction, wherein the application downloading instruction carries a unique identifier of an application;
judging whether the application is a payment application or not according to the unique identifier of the application;
when the application is a payment application, downloading and storing an installation package of the payment application through a preset safety system, wherein the preset safety system is only communicated with a main system of a terminal device, the preset safety system comprises an independent safety downloading channel and an independent safety space, and the downloading and storing of the installation package of the payment application through the preset safety system comprises the following steps:
downloading the installation package of the payment application through the independent secure download channel and storing the installation package of the payment application in the independent secure space;
the independent safe download channel is a channel different from a download channel commonly used by a main system of the terminal equipment, and the two channels are mutually independent and have no intersection; the independent safety space is a space different from a safety space commonly used by a main system of the terminal equipment, and the independent safety space and the main system of the terminal equipment are mutually independent and have no intersection; the processor of the terminal equipment is a processor with a space isolation function, and two systems are installed on the terminal equipment through the processor with the space isolation function, wherein the two systems are respectively as follows: a main system of the terminal equipment and a preset safety system; or, the terminal device includes 2 processors, which are respectively: the system comprises a safety processor and a common processor, wherein the safety processor and the common processor are mutually independent and have a space isolation function, correspondingly, the safety processor runs a preset safety system, and the common processor runs a main system of the terminal equipment;
and when the application is a non-payment application, downloading and storing the installation package of the non-payment application through a main system of the terminal equipment.
2. The application downloading method of claim 1, after the downloading and storing of the installation package of the payment-type application through the preset security system, comprising:
performing security detection on the stored installation package of the payment application through the preset security system, wherein the security detection includes at least one of the following: virus detection, modification detection and integrity detection;
after the installation package of the payment application passes the security detection, informing a main system of the terminal equipment of installing the payment application;
and when the installation package of the payment application does not pass the safety detection, deleting the stored installation package of the payment application through the preset safety system, and informing a main system of the terminal equipment to prompt a user.
3. The application download method according to claim 2, wherein after said notifying the host system of the terminal device to install the payment-type application, comprising:
deleting the stored installation package of the payment application through the preset security system.
4. An application download apparatus, comprising:
the application downloading instruction receiving unit is used for receiving an application downloading instruction, and the application downloading instruction carries the unique identifier of the application;
the payment application judging unit is used for judging whether the application is a payment application or not according to the unique identifier of the application;
the system comprises a first application installation package downloading unit, a second application installation package downloading unit and a terminal device, wherein the first application installation package downloading unit is used for downloading and storing an installation package of a payment application through a preset safety system when the application is the payment application, the preset safety system is only communicated with a main system of the terminal device, the preset safety system comprises an independent safety downloading channel and an independent safety space, and the first application installation package downloading unit is specifically used for:
downloading the installation package of the payment application through the independent secure download channel and storing the installation package of the payment application into an independent secure space of the preset secure system;
the independent safe download channel is a channel different from a download channel commonly used by a main system of the terminal equipment, and the two channels are mutually independent and have no intersection; the independent safety space is a space different from a safety space commonly used by a main system of the terminal equipment, and the independent safety space and the main system of the terminal equipment are mutually independent and have no intersection; the processor of the terminal equipment is a processor with a space isolation function, and two systems are installed on the terminal equipment through the processor with the space isolation function, wherein the two systems are respectively as follows: a main system of the terminal equipment and a preset safety system; or, the terminal device includes 2 processors, which are respectively: the system comprises a safety processor and a common processor, wherein the safety processor and the common processor are mutually independent and have a space isolation function, correspondingly, the safety processor runs a preset safety system, and the common processor runs a main system of the terminal equipment;
and the second application installation package downloading unit is used for downloading and storing the installation package of the non-payment application through the main system of the terminal equipment when the application is the non-payment application.
5. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 3 when executing the computer program.
6. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710610543.9A CN107368337B (en) | 2017-07-25 | 2017-07-25 | Application downloading method and device and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710610543.9A CN107368337B (en) | 2017-07-25 | 2017-07-25 | Application downloading method and device and terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107368337A CN107368337A (en) | 2017-11-21 |
| CN107368337B true CN107368337B (en) | 2020-03-24 |
Family
ID=60307645
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710610543.9A Expired - Fee Related CN107368337B (en) | 2017-07-25 | 2017-07-25 | Application downloading method and device and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107368337B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108280647A (en) * | 2018-02-12 | 2018-07-13 | 北京金山安全软件有限公司 | Private key protection method and device for digital wallet, electronic equipment and storage medium |
| CN112306505A (en) * | 2020-06-28 | 2021-02-02 | 北京沃东天骏信息技术有限公司 | Method and apparatus for installing program |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104021339A (en) * | 2014-06-10 | 2014-09-03 | 北京奇虎科技有限公司 | Safety payment method and device for mobile terminal |
| CN106487793A (en) * | 2016-10-19 | 2017-03-08 | 广东欧珀移动通信有限公司 | application installation method and device |
| CN106815518A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | One kind application installation method and electronic equipment |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040255137A1 (en) * | 2003-01-09 | 2004-12-16 | Shuqian Ying | Defending the name space |
| CN102411742A (en) * | 2011-12-27 | 2012-04-11 | 大唐微电子技术有限公司 | Mobile terminal |
-
2017
- 2017-07-25 CN CN201710610543.9A patent/CN107368337B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104021339A (en) * | 2014-06-10 | 2014-09-03 | 北京奇虎科技有限公司 | Safety payment method and device for mobile terminal |
| CN106815518A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | One kind application installation method and electronic equipment |
| CN106487793A (en) * | 2016-10-19 | 2017-03-08 | 广东欧珀移动通信有限公司 | application installation method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107368337A (en) | 2017-11-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110113167B (en) | Information protection method and system of intelligent terminal and readable storage medium | |
| US11409884B2 (en) | Security profiling of system firmware and applications from an OOB appliance at a differentiated trust boundary | |
| US9087188B2 (en) | Providing authenticated anti-virus agents a direct access to scan memory | |
| US9614867B2 (en) | System and method for detection of malware on a user device using corrected antivirus records | |
| CN111556059A (en) | Abnormity detection method, abnormity detection device and terminal equipment | |
| WO2020019483A1 (en) | Emulator identification method, identification device, and computer readable medium | |
| JP7087085B2 (en) | Terminal application management methods, application servers and terminals | |
| CN109145590B (en) | Function hook detection method, detection equipment and computer readable medium | |
| WO2020019485A1 (en) | Simulator identification method, identification device, and computer readable medium | |
| CN111694589B (en) | Upgrade package generation method, device, server and computer readable storage medium | |
| US20160065375A1 (en) | Dynamic integrity validation of a high level operating system | |
| CN112231702A (en) | Application protection method, device, equipment and medium | |
| US20200327229A1 (en) | Method, apparatus, electronic device and storage medium for protecting private key of digital wallet | |
| CN107368337B (en) | Application downloading method and device and terminal equipment | |
| CN111176685A (en) | Upgrading method and device | |
| CN108920962B (en) | Firmware downloading and signing checking method, firmware publishing method, mobile terminal and server | |
| CN114139161A (en) | Method, device, electronic equipment and medium for batch vulnerability detection | |
| CN109699030B (en) | Unmanned aerial vehicle authentication method, device, equipment and computer readable storage medium | |
| CN112035831A (en) | Data processing method, device, server and storage medium | |
| CN109800565B (en) | Software upgrading method and terminal equipment | |
| CN108234399B (en) | Interface communication method and terminal | |
| CN107967423B (en) | Permission obtaining method and terminal equipment | |
| CN107295177B (en) | Application disabling method and device and terminal equipment | |
| CN113836529A (en) | Process detection method, device, storage medium and computer equipment | |
| CN107220546B (en) | Application running method and device and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Applicant after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. Address before: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Applicant before: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200324 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |