CN108064383A - A kind of management-control method, terminal and the POS terminal of application program permission - Google Patents

A kind of management-control method, terminal and the POS terminal of application program permission Download PDF

Info

Publication number
CN108064383A
CN108064383A CN201780001453.8A CN201780001453A CN108064383A CN 108064383 A CN108064383 A CN 108064383A CN 201780001453 A CN201780001453 A CN 201780001453A CN 108064383 A CN108064383 A CN 108064383A
Authority
CN
China
Prior art keywords
application program
authority
installation kit
signed
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201780001453.8A
Other languages
Chinese (zh)
Inventor
彭波涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujian Landi Commercial Equipment Co Ltd
Original Assignee
Fujian Landi Commercial Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Landi Commercial Equipment Co Ltd filed Critical Fujian Landi Commercial Equipment Co Ltd
Publication of CN108064383A publication Critical patent/CN108064383A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to data processing field more particularly to a kind of management-control method, terminal and the POS terminals of application program permission.The present invention is by obtaining authority corresponding with application program;The authority includes the information of the application program accessible interface;Original installation kit corresponding with the application program and the authority are packaged, audited installation kit;Signature operation, installation kit of having been signed are carried out to the installation kit of having audited.Realize the legitimacy for improving the third party application being mounted in terminal.

Description

A kind of management-control method, terminal and the POS terminal of application program permission
Technical field
The present invention relates to a kind of data processing field more particularly to management-control method of application program permission, terminal and POS are whole End.
Background technology
With the continuous fusion development of POS terminal and Internet technology, intelligent POS (generally use Android operation system) into For a POS industries very popular topic in recent years.Intelligent POS has more abundant service application field compared to tradition POS Scape, more participation roles, more complicated application species.In order to which bank card is supported to receive this single basic business function, intelligence Energy POS terminal usually requires to provide magnetic stripe card reader, contact IC card reader-writer, noncontact IC card read/write device, cryptographic key The bank cards such as disk, printer various hardware device components required for payment, if do not limited the access rights of these components System, it is possible to be utilized by third party application, the transaction interface that puppet is faked implements phishing attack, cardholder account is caused to damage It loses.
At present, in order to ensure the security of POS terminal, need to not have finance in POS terminal to can run on by assistant director The code of the third party application of trading function is audited, check the third party application whether comprising it is illegal call with The code of the external financial terminal of POS terminal connection.Wherein, financial terminal, which refers to, can be read the outside of user's bank card information and sets It is standby.But manual examination and verification code is very cumbersome and easily the situation of mistakes and omissions occurs.
The content of the invention
The technical problems to be solved by the invention are:How third party application mounted on terminal in legal is improved Property.
Technical solution and advantageous effect:
The present invention provides a kind of management-control method and terminal of application program permission, and its advantage is:By for application Program configuration carries the authority of the information of accessible interface, and authority and the original installation kit of application program are packaged After be digitally signed so that the application program only possesses the access right of the interface involved in authority in the process of running Limit, and authority can not be distorted in the case of not detectable after generating installation kit of having signed.Even if due to application program Code is called comprising the interface unrelated with business function in code, but does not include the situation of the interface message in authority Under, application program can not the successful access interface.Therefore, the prior art is different from by whether being wrapped in manual examination and verification application program Code review efficiency containing illegal calling special interface is low and easily the phenomenon that mistakes and omissions, the management and control side of above application program authority occurs Method and terminal need not audit the code of application program, the interface message that it need to only be allowed to access for its configuration, you can ensure application Program can not call the interface unrelated with its business function by code of going fishing etc., not only increase examination & verification application program legitimacy Efficiency, also improve the legitimacy of application program.
The present invention also provides a kind of management-control method of application program permission, including:
Obtain installation kit of having signed;The installation kit of having signed is included described in original installation kit and the carrying of application program The authority of the information of application program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset,
It detects and whether there is information corresponding with the default interface in the authority, obtain testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
The present invention also provides a kind of POS terminals, including one or more second processors and second memory, described second Memory storage has program, and is configured to perform following steps by one or more of second processors:
Obtain installation kit of having signed;The installation kit of having signed is included described in original installation kit and the carrying of application program The authority of the information of application program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with The corresponding information of the default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
The present invention also provides a kind of management-control method and POS terminal of application program permission, its advantage is:POS is whole Hold signature installation kit of the installation kit containing authority, and according to authority carry accessible interface information receive or Refuse the request that application program accesses a special interface.Since authority and the original installation kit of application program are whole as one Body is digitally signed, and therefore, authority can not be carried out in the case of not detectable after authority examination & verification passes through It illegally distorts so that the application program being installed in POS terminal is merely able to call and the relevant interface of its business function, and can not The interface unrelated with its business function is called in the case where user is unknown by code of going fishing etc., effectively prevents the electricity of user Sub- account information is trapped in the case where being not allowed to, and improves the conjunction of the third party application in POS terminal The security of method and POS terminal.
Description of the drawings
Fig. 1 is a kind of FB(flow block) of the specific embodiment of the management-control method of application program permission provided by the invention;
Fig. 2 is a kind of structure diagram of the specific embodiment of the control terminal of application program permission provided by the invention;
Fig. 3 be the present invention also provides a kind of application program permission management-control method specific embodiment flow chart element Figure;
A kind of Fig. 4 structure diagrams of the specific embodiment of POS terminal provided by the invention;
Label declaration:
1st, first processor;2nd, first memory;3rd, second processor;4th, second memory.
Specific embodiment
Fig. 1 and Fig. 4 is refer to,
As shown in Figure 1, the present invention provides a kind of management-control method of application program permission, including:
Obtain authority corresponding with application program;The authority includes the application program accessible interface Information;
Original installation kit corresponding with the application program and the authority are packaged, audited installation kit;
Signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
Further, authority corresponding with application program is obtained, is specially:
Obtain feature list corresponding with the application program;
Obtain permissions list corresponding with the feature list;
Authority corresponding with the application program is generated according to the permissions list.
Seen from the above description, the business function according to possessed by the application program that developer declares, for application program point With corresponding permission.It effectively prevents the application program in the case where user is unknown and performs the operation that user does not allow.
Further, permissions list corresponding with the feature list is obtained, is specially:
If the permission is generated according to the information of financial terminal interface there are finance trade function in the feature list List;The financial terminal includes magnetic stripe card reader, contact IC card reader-writer, noncontact IC card read/write device and cryptographic key Disk.
Seen from the above description, the financial terminal is used to obtain the information of the electronic account of user, electronic account information Privacy it is high, the present invention only on the premise of addressable financial terminal interface is configured with for application program, financial terminal The third-party application that can be just installed in terminal accesses, and improves the privacy and security of user information.
Further, further include:
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with The corresponding information of the default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
Seen from the above description, the information for the accessible interface that the present invention is carried according to authority receives or refusal is applied The request of one special interface of routine access so that the application program being installed in terminal is merely able to call related to its business function Interface, and can not the interface unrelated with its business function be called in the case where user is unknown by code of going fishing etc., improved The legitimacy of third party application and the security of terminal being mounted in terminal.
Further, after the application program being installed according to the installation kit of having signed, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and answered with described With the corresponding authority of program.
Further, the application program is installed according to the installation kit of having signed, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
Seen from the above description, if the digital signature authentication for installation kit of having signed is not by illustrating that authority pole has It may illegally be distorted, which is installed there are risk, only just being installed by legitimate verification when digital signature should answer With program, the security for installing third-party application terminal is improved.
As shown in Fig. 2, the present invention provides a kind of control terminal of application program permission, handled including one or more first Device 1 and first memory 2, the first memory 2 has program stored therein, and is configured to by one or more of first It manages device 1 and performs following steps:
Obtain authority corresponding with application program;The authority includes the application program accessible interface Information;
Original installation kit corresponding with the application program and the authority are packaged, audited installation kit;
Signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
Further, authority corresponding with application program is obtained, is specially:
Obtain feature list corresponding with the application program;
Obtain permissions list corresponding with the feature list;
Authority corresponding with the application program is generated according to the permissions list.
Further, permissions list corresponding with the feature list is obtained, is specially:
If the permission is generated according to the information of financial terminal interface there are finance trade function in the feature list List;The financial terminal includes magnetic stripe card reader, contact IC card reader-writer, noncontact IC card read/write device and cryptographic key Disk.
Further, further include:
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with The corresponding information of the default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
Further, after the application program being installed according to the installation kit of having signed, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and answered with described With the corresponding authority of program.
Further, the application program is installed according to the installation kit of having signed, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
As shown in figure 3, the present invention also provides a kind of management-control method of application program permission, including:
Obtain installation kit of having signed;The installation kit of having signed is included described in original installation kit and the carrying of application program The authority of the information of application program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with The corresponding information of the default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
Further, the application program is installed according to the installation kit of having signed, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
Further, after the application program being installed according to the installation kit of having signed, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and answered with described With the corresponding authority of program.
Further, further include:
When the testing result is information corresponding with the default interface is not present in the authority, unloading The application program.
Seen from the above description, when the interface for detecting the third-party application unauthorized to be called being installed in POS terminal When, illustrate, in order to ensure the security of POS terminal, to unload the application very likely containing fishing code in the application program Program improves the security of POS terminal.
As shown in figure 4, the present invention also provides a kind of POS terminals, stored including one or more second processors 3 and second Device 4, the second memory 4 have program stored therein, and are configured to be performed by one or more of second processors 3 following Step:
Obtain installation kit of having signed;The installation kit of having signed is included described in original installation kit and the carrying of application program The authority of the information of application program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with The corresponding information of the default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, refuse The application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
Further, the application program is installed according to the installation kit of having signed, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
Further, after the application program being installed according to the installation kit of having signed, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and answered with described With the corresponding authority of program.
Further, further include:
When the testing result is information corresponding with the default interface is not present in the authority, unloading The application program.
The embodiment of the present invention one is:
The present embodiment provides a kind of management-control method of application program permission, including:
S1, acquisition authority corresponding with application program;The authority includes the application program and may have access to The information of interface.Specially:
S11, feature list corresponding with the application program is obtained.
S12, permissions list corresponding with the feature list is obtained.Specially:If there is finance in the feature list Trading function then generates the permissions list according to the information of financial terminal interface;The financial terminal is read and write including magnetic stripe card Device, contact IC card reader-writer, noncontact IC card read/write device and code keyboard.
For example, the business function of a third party application APP1 is documents editing, then it is not assigned and may have access to finance The permission of terminal, third party application APP1 are merely able to the basic function using operating system.Another third-party application journey The business function of sequence APP2 is Credit Card Payments, then may have access to the permission of financial terminal, the third party application for its imparting APP2 can both call the standard interface of operating system or call connecing for the financial terminal offer being connected with running the equipment of APP2 Mouthful.
S13, authority corresponding with the application program is generated according to the permissions list.
Optionally, by the access rights of plurality of devices, it is abstracted into a permission character string entry, convenient individually management 1 the Tripartite's application program is to the access rights of distinct device.
For example, as shown in the table to the access privileges definition of plurality of devices:
Permission character string entry The meaning of permission
smartpos.deviceservice.permission.Pinpad Use the permission of code keyboard functions of the equipments
smartpos.deviceservice.permission.MagReader Use the permission of magnetic stripe reader functions of the equipments
smartpos.deviceservice.permission.ICReader Use the permission of IC card reader device function
smartpos.deviceservice.permission.RFReader Use the permission of non-contact IC card reader functions of the equipments
smartpos.deviceservice.permission.Printer Use the permission of printer apparatus function
smartpos.deviceservice.permission.Scanner Use the permission of bar code scan functions of the equipments
smartpos.deviceservice.permission.CashBox Use the permission of cash box functions of the equipments
smartpos.deviceservice.permission.Modem Use the permission of Modem functions of the equipments
smartpos.deviceservice.permission.SAMV Use the permission of Certification of Second Generation equipment card-reading function
smartpos.deviceservice.permission.Beeper Use the permission of buzzer functions of the equipments
smartpos.deviceservice.permission.PBOC Call the permission of PBOC finance interaction flow functions
smartpos.deviceservice.permission.DeviceInfo Call the permission for obtaining terminal device information
smartpos.deviceservice.permission.SerialPort Use the permission of serial equipment function
smartpos.deviceservice.permission.Led Use the permission of LED light functions of the equipments
The authority content example obtained according to above-mentioned access privileges definition is as follows:
The content example of file is as follows:
[Main]
The form of Type=APK//expression APP is APK;
Version=3//permission describes the format version number of file, for example 3 represent the 3rd version;
AccessableKapIds=00010001//other desired customized information can be extended, such as AccessableKapIds, this function is reserved to be used in the future;
// it can add the permission of some to be accessed equipment below
[Uses-permission-1]
Name=smartpos.deviceservice.permission.Pinpad
[Uses-permission-2]
Name=smartpos.deviceservice.permission.MagReader
[Uses-permission-3]
Name=smartpos.deviceservice.permission.ICReader
[Uses-permission-4]
Name=smartpos.deviceservice.permission.RFReader
[Uses-permission-5]
Name=smartpos.deviceservice.permission.Printer
[Uses-permission-6]
Name=smartpos.deviceservice.permission.Scanner
[Uses-permission-7]
Name=smartpos.deviceservice.permission.CashBox
[Uses-permission-8]
Name=smartpos.deviceservice.permission.Modem
[Uses-permission-9]
Name=smartpos.deviceservice.permission.SAMV
[Uses-permission-10]
Name=smartpos.deviceservice.permission.Beeper
[Uses-permission-11]
Name=smartpos.deviceservice.permission.PBOC
[Uses-permission-12]
Name=smartpos.deviceservice.permission.DeviceInfo.
S2, original installation kit corresponding with the application program and the authority are packaged, have been audited installation Bag.
S3, signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
Wherein, after its addressable interface is confirmed according to the business function of application program, immediately by authority and original Beginning installation kit is packaged, and has been audited installation kit.And be digitally signed to having audited installation kit, prevent that authority is illegal It distorts.
S4, installation kit of having signed according to install the application program.Specially:
S41, digital signature corresponding with the installation kit of having signed is obtained.
The legitimacy of S42, the verification digital signature, are verified result.
If S43, the verification result are legal for the digital signature, having signed according to, installation kit installation is described to answer Use program.
S5, it is the application assigned unique mark.
Wherein, the unique mark is the operation ID of application program, when application program is in operating status, operating system The operation ID of the application program can be got, and the relevant information of application program is obtained according to operation ID.
S6, when the application program sends the request of the interface of access preset, according to the unique mark obtain and institute State the corresponding authority of application program;It detects and whether there is letter corresponding with the default interface in the authority Breath, obtains testing result.
For example, application requests access ICReader equipment to read the information of IC card, if corresponding with the application program Authority in there is no " Name=smartpos.deviceservice.permission.ICReader " then detect knot Fruit is that information corresponding with the default interface is not present in the authority.
If S7, the testing result are that information corresponding with the default interface is not present in the authority, Refuse the application program and access the default interface;Otherwise, the application program is allowed to access the default interface.
Optionally, when the testing result for information corresponding with the default interface is not present in the authority When, unload the application program.
Wherein, when detecting the interface of the third-party application being installed on present terminal unauthorized to be called, this is illustrated Very likely in order to ensure the security of present terminal, the application program is unloaded, is improved containing fishing code in application program The security of present terminal.
Seen from the above description, risk existing for third party application is abstracted and has been extracted by the present embodiment, will The code of the focus of management and control from entire third party application narrows down to the permission of third party application, reduces the model of management and control It encloses, the entire third party application of management and control is achieved the effect that by management and control permission;The permission of third party application is participated in Application signature process, so as to ensure that authority is also a part for application signature, so as to ensure that the permission will not be non- Method is distorted.Because once authority is tampered, distorted equal to the signature entirely applied, after downloading in terminal Will installation be rejected due to signature failure.By the access rights of each equipment, a permission character string entry is abstracted into, from And convenient individually management.
The embodiment of the present invention two is:
The present embodiment provides a kind of control terminal of application program permission, including one or more first processors 1 and One memory 2, the first memory 2 have program stored therein, and are configured to be held by one or more of first processors 1 Row following steps:
S1, acquisition authority corresponding with application program;The authority includes the application program and may have access to The information of interface.Specially:
S11, feature list corresponding with the application program is obtained.
S12, permissions list corresponding with the feature list is obtained.Specially:If there is finance in the feature list Trading function then generates the permissions list according to the information of financial terminal interface;The financial terminal is read and write including magnetic stripe card Device, contact IC card reader-writer, noncontact IC card read/write device and code keyboard.
S13, authority corresponding with the application program is generated according to the permissions list.
Optionally, by the access rights of plurality of devices, it is abstracted into a permission character string entry, convenient individually management 1 the Tripartite's application program is to the access rights of distinct device.
S2, original installation kit corresponding with the application program and the authority are packaged, have been audited installation Bag.
S3, signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
Wherein, after its addressable interface is confirmed according to the business function of application program, immediately by authority and original Beginning installation kit is packaged, and has been audited installation kit.And be digitally signed to having audited installation kit, prevent that authority is illegal It distorts.
S4, installation kit of having signed according to install the application program.Specially:
S41, digital signature corresponding with the installation kit of having signed is obtained.
The legitimacy of S42, the verification digital signature, are verified result.
If S43, the verification result are legal for the digital signature, having signed according to, installation kit installation is described to answer Use program.
S5, it is the application assigned unique mark.
Wherein, the unique mark is the operation ID of application program, when application program is in operating status, operating system The operation ID of the application program can be got, and the relevant information of application program is obtained according to operation ID.
S6, when the application program sends the request of the interface of access preset, according to the unique mark obtain and institute State the corresponding authority of application program;It detects and whether there is letter corresponding with the default interface in the authority Breath, obtains testing result.
If S7, the testing result are that information corresponding with the default interface is not present in the authority, Refuse the application program and access the default interface;Otherwise, the application program is allowed to access the default interface.
Optionally, when the testing result for information corresponding with the default interface is not present in the authority When, unload the application program.
Wherein, when detecting the interface of the third-party application being installed in POS terminal unauthorized to be called, illustrate that this should With fishing code is very likely contained in program, in order to ensure the security of POS terminal, the application program is unloaded, is improved The security of POS terminal.
The embodiment of the present invention three is:
The present embodiment provides a kind of management-control method of application program permission, including:
S1, installation kit of having signed is obtained;The installation kit of having signed includes original installation kit and the carrying of application program The authority of the information of the application program accessible interface.
Wherein, after its addressable interface is confirmed according to the business function of application program, immediately by authority and original Beginning installation kit is packaged, and has been audited installation kit.And be digitally signed to having audited installation kit, prevent that authority is illegal It distorts.The installation kit of the signature peace that i.e. present terminal is passed through using access rights examination & verification and authority can not be distorted illegally Third party application is filled, ensure that the security of present terminal.
S2, installation kit of having signed according to install the application program.Specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result.
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
Wherein, if the digital signature for installation kit of having signed illustrates authority very likely not by legitimate verification It is tampered after by examination & verification, installing the third party application, there are risk, refusal installations.
S3, it is the application assigned unique mark.
Wherein, the unique mark is the operation ID of application program, when application program is in operating status, operating system The operation ID of the application program can be got, and the relevant information of application program is obtained according to operation ID.
S4, when the application program sends the request of the interface of access preset, according to the unique mark obtain and institute State the corresponding authority of application program;It detects and whether there is letter corresponding with the default interface in the authority Breath, obtains testing result.
For example, application requests access ICReader equipment to read the information of IC card, if corresponding with the application program Authority in there is no " Name=smartpos.deviceservice.permission.ICReader " then detect knot Fruit is that information corresponding with the default interface is not present in the authority.
If S5, the testing result are that information corresponding with the default interface is not present in the authority, Refuse the application program and access the default interface;Otherwise, the application program is allowed to access the default interface.
S6, when the testing result is information corresponding with the default interface is not present in the authority, Unload the application program.
Wherein, when detecting the interface of the third-party application being installed on present terminal unauthorized to be called, this is illustrated Very likely in order to ensure the security of present terminal, the application program is unloaded, is improved containing fishing code in application program The security of present terminal.
The embodiment of the present invention four is:
The present embodiment provides a kind of POS terminals, including one or more second processors 3 and second memory 4, described Two memories 4 have program stored therein, and are configured to perform following steps by one or more of second processors 3:
S1, installation kit of having signed is obtained;The installation kit of having signed includes original installation kit and the carrying of application program The authority of the information of the application program accessible interface.
Wherein, after its addressable interface is confirmed according to the business function of application program, immediately by authority and original Beginning installation kit is packaged, and has been audited installation kit.And be digitally signed to having audited installation kit, prevent that authority is illegal It distorts.The installation kit of the signature peace that i.e. present terminal is passed through using access rights examination & verification and authority can not be distorted illegally Third party application is filled, ensure that the security of present terminal.
S2, installation kit of having signed according to install the application program.Specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result.
If the verification result is legal for the digital signature, installation kit installation of having signed according to is described using journey Sequence.
Wherein, if the digital signature for installation kit of having signed illustrates authority very likely not by legitimate verification It is tampered after by examination & verification, installing the third party application, there are risk, refusal installations.
S3, it is the application assigned unique mark.
Wherein, the unique mark is the operation ID of application program, when application program is in operating status, operating system The operation ID of the application program can be got, and the relevant information of application program is obtained according to operation ID.
S4, when the application program sends the request of the interface of access preset, according to the unique mark obtain and institute State the corresponding authority of application program;It detects and whether there is letter corresponding with the default interface in the authority Breath, obtains testing result.
If S5, the testing result are that information corresponding with the default interface is not present in the authority, Refuse the application program and access the default interface;Otherwise, the application program is allowed to access the default interface.
S6, when the testing result is information corresponding with the default interface is not present in the authority, Unload the application program.
Wherein, when detecting the interface of the third-party application being installed in POS terminal unauthorized to be called, illustrate that this should With fishing code is very likely contained in program, in order to ensure the security of POS terminal, the application program is unloaded, is improved The security of POS terminal.
In conclusion management-control method, terminal and the POS terminal of a kind of application program permission provided by the invention, by for Application program configuration carries the authority of the information of accessible interface, and by authority and the original installation kit of application program It is digitally signed after packing so that the application program only possesses the access of the interface involved in authority in the process of running Permission, and authority can not be distorted in the case of not detectable after generating installation kit of having signed.POS terminal is only installed and included The signature installation kit of authority, and the information of the accessible interface carried according to authority receives or refusal application program Access the request of a special interface.Even if call generation due to including the interface unrelated with business function in the code of application program Code, but in the case of not including the interface message in authority, application program can not the successful access interface.Therefore, It is different from the prior art and passes through in manual examination and verification application program whether the code review efficiency comprising illegal calling special interface is low And easily there is the phenomenon that mistakes and omissions, the management-control method and terminal of above application program authority need not audit the code of application program, only The interface message that it need to be allowed to access for its configuration, you can ensure that application program can not be called and its business by code of going fishing etc. The unrelated interface of function not only increases the efficiency of examination & verification application program legitimacy, also improves the legitimacy of application program.

Claims (20)

1. a kind of management-control method of application program permission, which is characterized in that including:
Obtain authority corresponding with application program;The authority includes the letter of the application program accessible interface Breath;
Original installation kit corresponding with the application program and the authority are packaged, audited installation kit;
Signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
2. the management-control method of application program permission according to claim 1, which is characterized in that obtain corresponding with application program Authority, be specially:
Obtain feature list corresponding with the application program;
Obtain permissions list corresponding with the feature list;
Authority corresponding with the application program is generated according to the permissions list.
3. the management-control method of application program permission according to claim 2, which is characterized in that obtain and the feature list Corresponding permissions list, specially:
If the permission is generated according to the information of financial terminal interface and is arranged there are finance trade function in the feature list Table;The financial terminal includes magnetic stripe card reader, contact IC card reader-writer, noncontact IC card read/write device and cryptographic key Disk.
4. the management-control method of application program permission according to claim 1, which is characterized in that further include:
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with it is described The corresponding information of default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, described in refusal Application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
5. the management-control method of application program permission according to claim 4, which is characterized in that according to the installation of having signed After bag installs the application program, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and apply journey with described The corresponding authority of sequence.
6. the management-control method of application program permission according to claim 4, which is characterized in that according to the installation of having signed Bag installs the application program, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit of having signed according to installs the application program.
7. a kind of control terminal of application program permission, which is characterized in that deposited including one or more first processors and first Reservoir, the first memory have program stored therein, and are configured to be performed by one or more of first processors following Step:
Obtain authority corresponding with application program;The authority includes the letter of the application program accessible interface Breath;
Original installation kit corresponding with the application program and the authority are packaged, audited installation kit;
Signature operation, installation kit of having been signed are carried out to the installation kit of having audited.
8. the control terminal of application program permission according to claim 7, which is characterized in that obtain corresponding with application program Authority, be specially:
Obtain feature list corresponding with the application program;
Obtain permissions list corresponding with the feature list;
Authority corresponding with the application program is generated according to the permissions list.
9. the control terminal of application program permission according to claim 8, which is characterized in that obtain and the feature list Corresponding permissions list, specially:
If the permission is generated according to the information of financial terminal interface and is arranged there are finance trade function in the feature list Table;The financial terminal includes magnetic stripe card reader, contact IC card reader-writer, noncontact IC card read/write device and cryptographic key Disk.
10. the control terminal of application program permission according to claim 7, which is characterized in that further include:
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with it is described The corresponding information of default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, described in refusal Application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
11. the control terminal of application program permission according to claim 10, which is characterized in that according to the peace of having signed After dress bag installs the application program, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and apply journey with described The corresponding authority of sequence.
12. the control terminal of application program permission according to claim 10, which is characterized in that according to the peace of having signed Dress bag installs the application program, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit of having signed according to installs the application program.
13. a kind of management-control method of application program permission, which is characterized in that including:
Obtain installation kit of having signed;The installation kit of having signed includes the original installation kit of application program and carries the application The authority of the information of program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with it is described The corresponding information of default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, described in refusal Application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
14. the management-control method of application program permission according to claim 13, which is characterized in that according to the peace of having signed Dress bag installs the application program, is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit of having signed according to installs the application program.
15. the management-control method of a kind of application program permission according to claim 13, which is characterized in that signed according to described After name installation kit installs the application program, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and apply journey with described The corresponding authority of sequence.
16. the management-control method of a kind of application program permission according to claim 13, which is characterized in that further include:
When the testing result is information corresponding with the default interface is not present in the authority, described in unloading Application program.
17. a kind of POS terminal, which is characterized in that including one or more second processors and second memory, described second deposits Reservoir has program stored therein, and is configured to perform following steps by one or more of second processors:
Obtain installation kit of having signed;The installation kit of having signed includes the original installation kit of application program and carries the application The authority of the information of program accessible interface;
The application program is installed according to the installation kit of having signed;
When the application program sends the request of the interface of access preset, detect in the authority whether there is with it is described The corresponding information of default interface, obtains testing result;
If the testing result is that information corresponding with the default interface is not present in the authority, described in refusal Application program accesses the default interface;Otherwise, the application program is allowed to access the default interface.
18. POS terminal according to claim 17, which is characterized in that should described in installation kit installation according to described signed With program, it is specially:
Obtain digital signature corresponding with the installation kit of having signed;
It verifies the legitimacy of the digital signature, is verified result;
If the verification result is legal for the digital signature, installation kit of having signed according to installs the application program.
19. POS terminal according to claim 17, which is characterized in that should described in installation kit installation according to described signed After program, further include:
For the application assigned unique mark;
When the application program sends the request of the interface of access preset, obtained according to the unique mark and apply journey with described The corresponding authority of sequence.
20. POS terminal according to claim 17, which is characterized in that further include:
When the testing result is information corresponding with the default interface is not present in the authority, described in unloading Application program.
CN201780001453.8A 2017-10-25 2017-10-25 A kind of management-control method, terminal and the POS terminal of application program permission Pending CN108064383A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/107641 WO2019079998A1 (en) 2017-10-25 2017-10-25 Method and terminal for managing and controlling permission of application, and pos terminal

Publications (1)

Publication Number Publication Date
CN108064383A true CN108064383A (en) 2018-05-22

Family

ID=62141994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780001453.8A Pending CN108064383A (en) 2017-10-25 2017-10-25 A kind of management-control method, terminal and the POS terminal of application program permission

Country Status (2)

Country Link
CN (1) CN108064383A (en)
WO (1) WO2019079998A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108573130A (en) * 2018-05-24 2018-09-25 深圳鼎智通讯股份有限公司 Machine guard system is cut when a kind of intelligence POS terminal operation
CN109344605A (en) * 2018-09-10 2019-02-15 惠尔丰电子(北京)有限公司 A kind of authority control method and its control system of intelligence POS machine
CN113190275A (en) * 2020-01-13 2021-07-30 奇安信科技集团股份有限公司 Associated application setting method, associated application starting control method and associated application starting control device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103514397A (en) * 2013-09-29 2014-01-15 西安酷派软件科技有限公司 Server, terminal and authority management and permission method
CN103632073A (en) * 2013-12-05 2014-03-12 北京网秦天下科技有限公司 Method and device used for controlling terminal application permission
US20140075187A1 (en) * 2004-12-03 2014-03-13 Fortinet, Inc. Selective authorization of the loading of dependent code modules by running processes
CN104464114A (en) * 2014-12-11 2015-03-25 上海富友支付服务有限公司 System and method for managing and monitoring safety of application of financial terminals
CN105808979A (en) * 2016-03-07 2016-07-27 炫彩互动网络科技有限公司 Improved Android software installation package signature and signature verification method
CN105893837A (en) * 2016-03-31 2016-08-24 北京智能果技术有限公司 Application program installation method, security encryption chip and terminal
CN106372496A (en) * 2016-08-31 2017-02-01 福建联迪商用设备有限公司 Method and system for improving payment terminal application security
CN106778190A (en) * 2016-11-29 2017-05-31 艾体威尔电子技术(北京)有限公司 A kind of system and method for strengthening Android system application installation and operation safety
CN107169320A (en) * 2017-04-20 2017-09-15 北京小米移动软件有限公司 Method of calibration and device
CN107273742A (en) * 2017-06-09 2017-10-20 广州涉川科技有限公司 A kind of mandate installation method, barcode scanning payment terminal, server and the system of Android application
CN109344605A (en) * 2018-09-10 2019-02-15 惠尔丰电子(北京)有限公司 A kind of authority control method and its control system of intelligence POS machine

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104317587A (en) * 2014-10-22 2015-01-28 中国人民解放军国防科学技术大学 Automatic android mobile device oriented application generation method
WO2016175880A1 (en) * 2015-04-29 2016-11-03 Hewlett Packard Enterprise Development Lp Merging incoming data in a database
CN106304040A (en) * 2015-05-25 2017-01-04 阿里巴巴集团控股有限公司 The management method of Mobile solution, device

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140075187A1 (en) * 2004-12-03 2014-03-13 Fortinet, Inc. Selective authorization of the loading of dependent code modules by running processes
CN103514397A (en) * 2013-09-29 2014-01-15 西安酷派软件科技有限公司 Server, terminal and authority management and permission method
CN103632073A (en) * 2013-12-05 2014-03-12 北京网秦天下科技有限公司 Method and device used for controlling terminal application permission
CN104464114A (en) * 2014-12-11 2015-03-25 上海富友支付服务有限公司 System and method for managing and monitoring safety of application of financial terminals
CN105808979A (en) * 2016-03-07 2016-07-27 炫彩互动网络科技有限公司 Improved Android software installation package signature and signature verification method
CN105893837A (en) * 2016-03-31 2016-08-24 北京智能果技术有限公司 Application program installation method, security encryption chip and terminal
CN106372496A (en) * 2016-08-31 2017-02-01 福建联迪商用设备有限公司 Method and system for improving payment terminal application security
CN106778190A (en) * 2016-11-29 2017-05-31 艾体威尔电子技术(北京)有限公司 A kind of system and method for strengthening Android system application installation and operation safety
CN107169320A (en) * 2017-04-20 2017-09-15 北京小米移动软件有限公司 Method of calibration and device
CN107273742A (en) * 2017-06-09 2017-10-20 广州涉川科技有限公司 A kind of mandate installation method, barcode scanning payment terminal, server and the system of Android application
CN109344605A (en) * 2018-09-10 2019-02-15 惠尔丰电子(北京)有限公司 A kind of authority control method and its control system of intelligence POS machine

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108573130A (en) * 2018-05-24 2018-09-25 深圳鼎智通讯股份有限公司 Machine guard system is cut when a kind of intelligence POS terminal operation
CN109344605A (en) * 2018-09-10 2019-02-15 惠尔丰电子(北京)有限公司 A kind of authority control method and its control system of intelligence POS machine
CN109344605B (en) * 2018-09-10 2022-04-05 惠尔丰(中国)信息系统有限公司 Authority control method and system of intelligent POS machine
CN113190275A (en) * 2020-01-13 2021-07-30 奇安信科技集团股份有限公司 Associated application setting method, associated application starting control method and associated application starting control device

Also Published As

Publication number Publication date
WO2019079998A1 (en) 2019-05-02

Similar Documents

Publication Publication Date Title
EP0981807B1 (en) Integrated circuit card with application history list
US20030154355A1 (en) Methods and apparatus for providing a memory challenge and response
Guyot Smart card, the stealth leaker
US20110010289A1 (en) Method And System For Controlling Risk Using Static Payment Data And An Intelligent Payment Device
WO2005076204A1 (en) Smart card for containing plural issuer security domain and method for installing plural issuer security domain in a smart card
CN108064383A (en) A kind of management-control method, terminal and the POS terminal of application program permission
US20110114718A1 (en) Secure partitioning
Hassler Java Card for e-payment Applications
EP2009565A1 (en) Method for securely loading a client applet in an electronic portable device
EP2091028B1 (en) Method of detecting non-authentic microprocessor cards, corresponding microprocessor card, card-reading terminal and programs
Saeed et al. Evaluating Near‐Field Communication tag security for identity theft prevention
CN111951032A (en) Third-party article anti-counterfeiting authentication method
JP2007157030A (en) Ic card management system
CN111737707B (en) Block chain based verification package generation and verification method, server and electronic equipment
CA2381074A1 (en) Secure system for conducting electronic transactions and method for use thereof
CN103402141A (en) Ukey-based secure television payment method
Guyot Smart card, the invisible bullet
CN101304317B (en) Method for improving identification authentication security based on password card
RU2736507C1 (en) Method and system for creating and using trusted digital image of document and digital image of document created by this method
Shepherd et al. Isolated Hardware Execution Platforms
JP2018163446A (en) Electronic information storage medium, ic card, tampering check method, and tampering check program
JP2007065727A (en) Ic card use system
CN112990916A (en) Intelligent payment terminal authority management method and device and electronic equipment
CN104534272A (en) CPU card-based system and CPU card-based method for counting records of gas refilling machine
Thornhill A comparison of United States and United Kingdom credit card security standards

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180522