CN108595948A - A kind of Android intelligence POS terminal prepackage APP and its means of defence - Google Patents

A kind of Android intelligence POS terminal prepackage APP and its means of defence Download PDF

Info

Publication number
CN108595948A
CN108595948A CN201810352066.5A CN201810352066A CN108595948A CN 108595948 A CN108595948 A CN 108595948A CN 201810352066 A CN201810352066 A CN 201810352066A CN 108595948 A CN108595948 A CN 108595948A
Authority
CN
China
Prior art keywords
app
posapp
regions
android
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810352066.5A
Other languages
Chinese (zh)
Inventor
常焱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Ding Zhi Link Communications Inc
Original Assignee
Shenzhen Ding Zhi Link Communications Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Ding Zhi Link Communications Inc filed Critical Shenzhen Ding Zhi Link Communications Inc
Priority to CN201810352066.5A priority Critical patent/CN108595948A/en
Publication of CN108595948A publication Critical patent/CN108595948A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07GREGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
    • G07G1/00Cash registers
    • G07G1/0009Details of the software in the checkout register, electronic cash register [ECR] or point of sale terminal [POS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of Android intelligence POS terminal prepackage APP and its means of defences, its independently marks off POSAPP storage regions, the regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, the POSAPP storage regions are physically independent of the regions system, and the POSAPP storage regions are provided with independent access privilege control.The invention not only protects the data of correlation APP that cannot be acquired by dividing independent storage region to it, to achieve the purpose that protection;And by one-to-one configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, the safety for protecting user to use to greatest extent.

Description

A kind of Android intelligence POS terminal prepackage APP and its means of defence
Technical field
The invention belongs to intelligent POS terminal technical field, more particularly to a kind of Android intelligence POS terminal prepackage APP and Its means of defence.
Background technology
POS (Point of sales) full name is point of sale information control system, and main task is to commodity and media Transaction provides data service and management function, and carries out the clearing of account, it is mounted on the franchised business of credit card and is accepted It is unified into network with computer in site, can be achieved with electronic funds automatic account transfer, it, which has, supports consumption, pre-authorization, remaining sum to look into The functions such as inquiry and account transfer, use safely, quickly, reliably.
With popularizing for the intelligent terminals such as smart mobile phone, smart home, daily life consumption pattern is also got over Carry out more diversification, in this context, traditional POS consumption terminals have been unable to meet the demand of people, intelligent POS terminal meet the tendency of and It is raw.
Android grasps the intelligent operating system that system is current mainstream, the intelligence based on Android operation system POS has more and more occurred in people's lives.However along with intelligence, the safety of POS terminal is also faced with huge The relevant APP of consumption and payment pre-installed in big challenge, especially Android intelligence POS terminal often becomes criminal and closes The emphasis of note.These APP how are protected, and do not influence while protecting data the upgrading update of these APP, are at present urgently It need to solve the problems, such as.
In the patent application that number of patent application is CN201510522321.2, a kind of identification Android APP are disclosed The method and detection method of reinforcing, this method are to obtain APP to be detected, start detection program;Parse APP;It obtains in APP Androidmainfest.xml and classes.dex files are parsed;Obtain the registration in Androidmainfest.xml Statement the component list in the component list and classes.dex is matched;If component registration list cannot be in statement column of assemblies Respective items are found in table, then confirm that APP is reinforced;Export testing result.Static Analysis Method through the invention can automate The reinforcing for judging APP, makes up the caused erroneous judgement and time cost of manual identified, and in confrontation Code obfuscation, sensitive information adds Close aspect has significant effect.But method and the detection of a kind of identification AndroidAPP of foregoing invention patent disclosure reinforcings Method cannot protect data simultaneously and not influence the upgrading update of these APP.
Invention content
To solve the above problems, the purpose of the present invention is to provide a kind of Android intelligence POS terminal prepackage APP and its Means of defence protects the data of correlation APP that cannot be acquired, to reach protection by dividing independent storage region to it Purpose;
It is another object of the present invention to provide a kind of Android intelligence POS terminals to pre-install APP and its means of defence, By one-to-one configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures not usurped before operation Change, the safety for protecting user to use to greatest extent.
To achieve the above object, technical scheme is as follows:
A kind of Android intelligence POS terminal prepackage APP, independently marks off POSAPP storage regions, the POSAPP is deposited The regions system of the storage area domain packet installation system PMS primary with Android are logically consistent, the POSAPP storage regions The regions system are physically independent of, the POSAPP storage regions are provided with independent access privilege control;In this hair In bright, such setting can play the protection to APP files, it is therefore prevented that illegal to obtain.It is logically then primary with android / prepackage such as system/app/system/priv-app app is consistent, greatly simplify upper layer processing logic in this way.
Further, include starting module in the POSAPP storage regions, inspection module, read module, terminate mould Block;The starting module is connect with read module signal, and the inspection module is connect with the read module signal, the termination Module is connect with the inspection module signal, and the starting module is for starting the primary packet installation system PMS of Android, institute Inspection module is stated for examining the information between POSAPP storage regions and the regions system whether corresponding, the read module is used In reading the information between POSAPP storage regions and the regions system, the termination module is used for the installation of terminator. In the present invention, when inspection module examines, the institute seasonable to the Asymmetry information between POSAPP storage regions and the regions system State the installation for terminating module terminator immediately.
Further, the inspection module is provided with inspection data, is provided in the regions system and inspection data Corresponding configuration information;The inspection module is additionally provided with APP dependences, be provided in the regions system with APP according to The corresponding calibration dependence of the relationship of relying;In the present invention, it adds data detection and relies on detection double mechanism, pass through a pair One configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, maximum limit Degree protects the safety that user uses.
Further, the inspection data is app information, and app information includes the signature of app, the dependence that stores in app The md5 of relation table and app core datas verifies numerical value etc..
The operation that the APP dependences are app relies on, and if a can store the dependence to b c, is then first detected when starting a Whether the presence of b c and md5 verification datas match.
In the present invention, MD5 verification and (checksum) by the transmission data to reception execute hash operations come Check the correctness of data.Calculated hashed value is brought and is compared with the hashed value of data transmission.If two values are identical, say The data of bright transmission are completely errorless, were not tampered (on condition that hashed value is not tampered), so as to safe to use.
To achieve the above object, the present invention also provides the means of defence that a kind of Android intelligence POS terminal pre-installs APP, packets It includes and has the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step 104;
103:Starting POSAPP and detects analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into Enter step 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP peaces Detection process is filled, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to. In the present invention, POSAPP installation parsings are the matching verifications of internal information and logical configuration file etc. in order to handle POSAPP, Ensure the succession of next POSAPP installations
Further, the PMS is the primary packet installation system PMS of Android.
The operation that the APP dependences are app relies on, and if a can store the dependence to b c, is then first detected when starting a Whether the presence of b c and md5 verification datas match.
Configuration information under described/system/etc is that auxiliary PMS parses app and uses, the meeting when inconsistent in same app Termination system, to ensure that the dependence according to app parses installation.
Advantage of the invention is that:Compared with the prior art, the invention is not only by dividing it independent storage region The data of protection correlation APP cannot be acquired, to achieve the purpose that protection;And pass through one-to-one configuration file, control The startup of sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects user to make to greatest extent Safety.
Description of the drawings
Fig. 1 is a kind of flow diagram of the means of defence of Android intelligence POS terminal prepackage APP of the present invention.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
To achieve the above object, technical scheme is as follows.
Shown in Figure 1, a kind of Android intelligence POS terminal prepackage APP independently marks off POSAPP storage regions, The regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, POSAPP storages Region is physically independent of the regions system, and POSAPP storage regions are provided with independent access privilege control;In the present invention, Such setting can play the protection to APP files, it is therefore prevented that illegal to obtain.Logically then it is primary with android/ The prepackage such as system/app/system/priv-app app is consistent, and is greatly simplified upper layer in this way and is handled logic.
In the present embodiment, include starting module in POSAPP storage regions, inspection module, read module, terminate mould Block;Starting module is connect with read module signal, and inspection module is connect with read module signal, is terminated module and is believed with inspection module Number connection, the starting module is for starting the primary packet installation system PMS of Android, and the inspection module is for examining Whether the information between POSAPP storage regions and the regions system is corresponding, and the read module is for reading the memory blocks POSAPP Information between domain and the regions system, the installation for terminating module and being used for terminator.In the present invention, work as inspection module Examine the Asymmetry information between POSAPP storage regions and the regions system seasonable, the termination module terminates journey immediately In the present embodiment, inspection module is provided with inspection data, is provided in the regions system corresponding with inspection data for the installation of sequence Configuration information;Inspection module is additionally provided with APP dependences, is provided in the regions system corresponding with APP dependences Calibrate dependence;In the present invention, it adds data detection and relies on detection double mechanism, pass through one-to-one configuration text Part, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects to greatest extent The safety that user uses.
In the present embodiment, inspection data is app information, and app information includes the signature of app, the dependence that stores in app The md5 of relation table and app core datas verifies numerical value etc..
The operation that APP dependences are app relies on, and if a can store the dependence to b c, then first detects b c when starting a Presence and md5 verification datas whether match.
To achieve the above object, the present invention also provides the means of defence that a kind of Android intelligence POS terminal pre-installs APP, packets It includes and has the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step 104;
103:Starting POSAPP and detects analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into Enter step 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP peaces Detection process is filled, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to. In the present invention, POSAPP installation parsings are the matching verifications of internal information and logical configuration file etc. in order to handle POSAPP, Ensure the succession of next POSAPP installations
In the present embodiment, PMS is the primary packet installation system PMS of Android.
The operation that APP dependences are app relies on, and if a can store the dependence to b c, then first detects b c when starting a Presence and md5 verification datas whether match.
Configuration information under/system/etc is that auxiliary PMS parses app and uses, and can be terminated when inconsistent in same app System, to ensure that the dependence according to app parses installation.
Advantage of the invention is that:Compared with the prior art, the invention is not only by dividing it independent storage region The data of protection correlation APP cannot be acquired, to achieve the purpose that protection;And pass through one-to-one configuration file, control The startup of sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects user to make to greatest extent Safety.
The above is merely preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and All any modification, equivalent and improvement made by within principle etc., should all be included in the protection scope of the present invention.

Claims (6)

1. a kind of Android intelligence POS terminal pre-installs APP, it is characterised in that its independently marks off POSAPP storage regions, described The regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, the POSAPP Storage region is physically independent of the regions system, and the POSAPP storage regions are provided with independent access rights control System.
2. Android intelligence POS terminal according to claim 1 pre-installs APP, it is characterised in that the memory blocks POSAPP Include starting module in domain, inspection module, read module, terminate module;The starting module is connect with read module signal, The inspection module is connect with the read module signal, and the termination module is connect with the inspection module signal, described to open Dynamic model block for starting the primary packet installation system PMS of Android, the inspection module for examine POSAPP storage regions with Whether the information between the regions system corresponds to, the read module for read POSAPP storage regions and the regions system it Between information, it is described terminate module be used for terminator installation.
3. Android intelligence POS terminal according to claim 2 pre-installs APP, it is characterised in that the inspection module setting There is inspection data, configuration information corresponding with inspection data is provided in the regions system;The inspection module is also set up There are APP dependences, calibration dependence corresponding with APP dependences is provided in the regions system.
4. Android intelligence POS terminal according to claim 3 pre-installs APP, it is characterised in that the inspection data is App information, app information includes the signature of app, the md5 verifications of dependence table and app core datas that store in app Numerical value etc..
5. a kind of means of defence of Android intelligence POS terminal prepackage APP, it is characterised in that including having the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step 104;
103:Start POSAPP and detect analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into step Rapid 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP installations inspection Survey process, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to.
6. the means of defence of Android intelligence POS terminal prepackage APP according to claim 5, it is characterised in that described PMS is the primary packet installation system PMS of Android.
CN201810352066.5A 2018-04-19 2018-04-19 A kind of Android intelligence POS terminal prepackage APP and its means of defence Pending CN108595948A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810352066.5A CN108595948A (en) 2018-04-19 2018-04-19 A kind of Android intelligence POS terminal prepackage APP and its means of defence

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810352066.5A CN108595948A (en) 2018-04-19 2018-04-19 A kind of Android intelligence POS terminal prepackage APP and its means of defence

Publications (1)

Publication Number Publication Date
CN108595948A true CN108595948A (en) 2018-09-28

Family

ID=63613680

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810352066.5A Pending CN108595948A (en) 2018-04-19 2018-04-19 A kind of Android intelligence POS terminal prepackage APP and its means of defence

Country Status (1)

Country Link
CN (1) CN108595948A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104765620A (en) * 2014-01-02 2015-07-08 国际商业机器公司 Programming module deploying method and system
CN105701420A (en) * 2016-02-23 2016-06-22 深圳市金立通信设备有限公司 Method for managing user data and terminal
CN106385314A (en) * 2016-08-29 2017-02-08 福建联迪商用设备有限公司 Data isolation system, data isolation system and method for isolating data by using data isolation system
CN106933545A (en) * 2015-12-29 2017-07-07 阿里巴巴集团控股有限公司 Application system and its starting protection method and device
CN107506636A (en) * 2017-08-17 2017-12-22 北京小米移动软件有限公司 The guard method of pre-installed applications program and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104765620A (en) * 2014-01-02 2015-07-08 国际商业机器公司 Programming module deploying method and system
CN106933545A (en) * 2015-12-29 2017-07-07 阿里巴巴集团控股有限公司 Application system and its starting protection method and device
CN105701420A (en) * 2016-02-23 2016-06-22 深圳市金立通信设备有限公司 Method for managing user data and terminal
CN106385314A (en) * 2016-08-29 2017-02-08 福建联迪商用设备有限公司 Data isolation system, data isolation system and method for isolating data by using data isolation system
CN107506636A (en) * 2017-08-17 2017-12-22 北京小米移动软件有限公司 The guard method of pre-installed applications program and device

Similar Documents

Publication Publication Date Title
Liao et al. Soliaudit: Smart contract vulnerability assessment based on machine learning and fuzz testing
CN109492378B (en) Identity verification method based on equipment identification code, server and medium
CN104123493B (en) The safety detecting method and device of application program
US8966634B2 (en) System and method for correcting antivirus records and using corrected antivirus records for malware detection
WO2015188788A1 (en) Method and apparatus for protecting mobile terminal payment security, and mobile terminal
US9213813B2 (en) Authentication device, authentication method, and recording medium
CN103324506A (en) Method and mobile phone for controlling installation of Android applications
CN109561085A (en) A kind of auth method based on EIC equipment identification code, server and medium
CN101976319A (en) BIOS firmware Rootkit detection method based on behaviour characteristic
US11880821B2 (en) Systems and methods for automatically identifying a checkout webpage and injecting a virtual token
WO2020019482A1 (en) Function hook detection method, function hook detection device, and computer-readable medium
CN109344605B (en) Authority control method and system of intelligent POS machine
CN103605924A (en) Method and device for preventing malicious program from attacking online payment page
CN104021015A (en) E-bank website access method and browser
CN102708013A (en) Program-instruction-controlled instruction flow supervision
CN109614203B (en) Android application cloud data evidence obtaining and analyzing system and method based on application data simulation
CN106897006A (en) A kind of method for processing payment information, device and user equipment
CN103118026A (en) Method and device for displaying web address security identification information
CN107302586A (en) A kind of Webshell detection methods and device, computer installation, readable storage medium storing program for executing
CN111861465A (en) Detection method and device based on intelligent contract, storage medium and electronic device
US20230065259A1 (en) Method and apparatus for protecting smart contracts against attacks
CN113949560A (en) Network security identification method, device, server and storage medium
CN109711162A (en) A kind of security application method and system based on block chain
CN112000853A (en) Method, medium, client and server for generating/feeding back unique identifier of equipment
CN111582868A (en) Transaction request processing method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180928

RJ01 Rejection of invention patent application after publication