CN108595948A - A kind of Android intelligence POS terminal prepackage APP and its means of defence - Google Patents
A kind of Android intelligence POS terminal prepackage APP and its means of defence Download PDFInfo
- Publication number
- CN108595948A CN108595948A CN201810352066.5A CN201810352066A CN108595948A CN 108595948 A CN108595948 A CN 108595948A CN 201810352066 A CN201810352066 A CN 201810352066A CN 108595948 A CN108595948 A CN 108595948A
- Authority
- CN
- China
- Prior art keywords
- app
- posapp
- regions
- android
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07G—REGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
- G07G1/00—Cash registers
- G07G1/0009—Details of the software in the checkout register, electronic cash register [ECR] or point of sale terminal [POS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of Android intelligence POS terminal prepackage APP and its means of defences, its independently marks off POSAPP storage regions, the regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, the POSAPP storage regions are physically independent of the regions system, and the POSAPP storage regions are provided with independent access privilege control.The invention not only protects the data of correlation APP that cannot be acquired by dividing independent storage region to it, to achieve the purpose that protection;And by one-to-one configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, the safety for protecting user to use to greatest extent.
Description
Technical field
The invention belongs to intelligent POS terminal technical field, more particularly to a kind of Android intelligence POS terminal prepackage APP and
Its means of defence.
Background technology
POS (Point of sales) full name is point of sale information control system, and main task is to commodity and media
Transaction provides data service and management function, and carries out the clearing of account, it is mounted on the franchised business of credit card and is accepted
It is unified into network with computer in site, can be achieved with electronic funds automatic account transfer, it, which has, supports consumption, pre-authorization, remaining sum to look into
The functions such as inquiry and account transfer, use safely, quickly, reliably.
With popularizing for the intelligent terminals such as smart mobile phone, smart home, daily life consumption pattern is also got over
Carry out more diversification, in this context, traditional POS consumption terminals have been unable to meet the demand of people, intelligent POS terminal meet the tendency of and
It is raw.
Android grasps the intelligent operating system that system is current mainstream, the intelligence based on Android operation system
POS has more and more occurred in people's lives.However along with intelligence, the safety of POS terminal is also faced with huge
The relevant APP of consumption and payment pre-installed in big challenge, especially Android intelligence POS terminal often becomes criminal and closes
The emphasis of note.These APP how are protected, and do not influence while protecting data the upgrading update of these APP, are at present urgently
It need to solve the problems, such as.
In the patent application that number of patent application is CN201510522321.2, a kind of identification Android APP are disclosed
The method and detection method of reinforcing, this method are to obtain APP to be detected, start detection program;Parse APP;It obtains in APP
Androidmainfest.xml and classes.dex files are parsed;Obtain the registration in Androidmainfest.xml
Statement the component list in the component list and classes.dex is matched;If component registration list cannot be in statement column of assemblies
Respective items are found in table, then confirm that APP is reinforced;Export testing result.Static Analysis Method through the invention can automate
The reinforcing for judging APP, makes up the caused erroneous judgement and time cost of manual identified, and in confrontation Code obfuscation, sensitive information adds
Close aspect has significant effect.But method and the detection of a kind of identification AndroidAPP of foregoing invention patent disclosure reinforcings
Method cannot protect data simultaneously and not influence the upgrading update of these APP.
Invention content
To solve the above problems, the purpose of the present invention is to provide a kind of Android intelligence POS terminal prepackage APP and its
Means of defence protects the data of correlation APP that cannot be acquired, to reach protection by dividing independent storage region to it
Purpose;
It is another object of the present invention to provide a kind of Android intelligence POS terminals to pre-install APP and its means of defence,
By one-to-one configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures not usurped before operation
Change, the safety for protecting user to use to greatest extent.
To achieve the above object, technical scheme is as follows:
A kind of Android intelligence POS terminal prepackage APP, independently marks off POSAPP storage regions, the POSAPP is deposited
The regions system of the storage area domain packet installation system PMS primary with Android are logically consistent, the POSAPP storage regions
The regions system are physically independent of, the POSAPP storage regions are provided with independent access privilege control;In this hair
In bright, such setting can play the protection to APP files, it is therefore prevented that illegal to obtain.It is logically then primary with android
/ prepackage such as system/app/system/priv-app app is consistent, greatly simplify upper layer processing logic in this way.
Further, include starting module in the POSAPP storage regions, inspection module, read module, terminate mould
Block;The starting module is connect with read module signal, and the inspection module is connect with the read module signal, the termination
Module is connect with the inspection module signal, and the starting module is for starting the primary packet installation system PMS of Android, institute
Inspection module is stated for examining the information between POSAPP storage regions and the regions system whether corresponding, the read module is used
In reading the information between POSAPP storage regions and the regions system, the termination module is used for the installation of terminator.
In the present invention, when inspection module examines, the institute seasonable to the Asymmetry information between POSAPP storage regions and the regions system
State the installation for terminating module terminator immediately.
Further, the inspection module is provided with inspection data, is provided in the regions system and inspection data
Corresponding configuration information;The inspection module is additionally provided with APP dependences, be provided in the regions system with APP according to
The corresponding calibration dependence of the relationship of relying;In the present invention, it adds data detection and relies on detection double mechanism, pass through a pair
One configuration file, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, maximum limit
Degree protects the safety that user uses.
Further, the inspection data is app information, and app information includes the signature of app, the dependence that stores in app
The md5 of relation table and app core datas verifies numerical value etc..
The operation that the APP dependences are app relies on, and if a can store the dependence to b c, is then first detected when starting a
Whether the presence of b c and md5 verification datas match.
In the present invention, MD5 verification and (checksum) by the transmission data to reception execute hash operations come
Check the correctness of data.Calculated hashed value is brought and is compared with the hashed value of data transmission.If two values are identical, say
The data of bright transmission are completely errorless, were not tampered (on condition that hashed value is not tampered), so as to safe to use.
To achieve the above object, the present invention also provides the means of defence that a kind of Android intelligence POS terminal pre-installs APP, packets
It includes and has the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step
104;
103:Starting POSAPP and detects analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into
Enter step 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP peaces
Detection process is filled, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to.
In the present invention, POSAPP installation parsings are the matching verifications of internal information and logical configuration file etc. in order to handle POSAPP,
Ensure the succession of next POSAPP installations
Further, the PMS is the primary packet installation system PMS of Android.
The operation that the APP dependences are app relies on, and if a can store the dependence to b c, is then first detected when starting a
Whether the presence of b c and md5 verification datas match.
Configuration information under described/system/etc is that auxiliary PMS parses app and uses, the meeting when inconsistent in same app
Termination system, to ensure that the dependence according to app parses installation.
Advantage of the invention is that:Compared with the prior art, the invention is not only by dividing it independent storage region
The data of protection correlation APP cannot be acquired, to achieve the purpose that protection;And pass through one-to-one configuration file, control
The startup of sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects user to make to greatest extent
Safety.
Description of the drawings
Fig. 1 is a kind of flow diagram of the means of defence of Android intelligence POS terminal prepackage APP of the present invention.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
To achieve the above object, technical scheme is as follows.
Shown in Figure 1, a kind of Android intelligence POS terminal prepackage APP independently marks off POSAPP storage regions,
The regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, POSAPP storages
Region is physically independent of the regions system, and POSAPP storage regions are provided with independent access privilege control;In the present invention,
Such setting can play the protection to APP files, it is therefore prevented that illegal to obtain.Logically then it is primary with android/
The prepackage such as system/app/system/priv-app app is consistent, and is greatly simplified upper layer in this way and is handled logic.
In the present embodiment, include starting module in POSAPP storage regions, inspection module, read module, terminate mould
Block;Starting module is connect with read module signal, and inspection module is connect with read module signal, is terminated module and is believed with inspection module
Number connection, the starting module is for starting the primary packet installation system PMS of Android, and the inspection module is for examining
Whether the information between POSAPP storage regions and the regions system is corresponding, and the read module is for reading the memory blocks POSAPP
Information between domain and the regions system, the installation for terminating module and being used for terminator.In the present invention, work as inspection module
Examine the Asymmetry information between POSAPP storage regions and the regions system seasonable, the termination module terminates journey immediately
In the present embodiment, inspection module is provided with inspection data, is provided in the regions system corresponding with inspection data for the installation of sequence
Configuration information;Inspection module is additionally provided with APP dependences, is provided in the regions system corresponding with APP dependences
Calibrate dependence;In the present invention, it adds data detection and relies on detection double mechanism, pass through one-to-one configuration text
Part, the startup of control sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects to greatest extent
The safety that user uses.
In the present embodiment, inspection data is app information, and app information includes the signature of app, the dependence that stores in app
The md5 of relation table and app core datas verifies numerical value etc..
The operation that APP dependences are app relies on, and if a can store the dependence to b c, then first detects b c when starting a
Presence and md5 verification datas whether match.
To achieve the above object, the present invention also provides the means of defence that a kind of Android intelligence POS terminal pre-installs APP, packets
It includes and has the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step
104;
103:Starting POSAPP and detects analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into
Enter step 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP peaces
Detection process is filled, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to.
In the present invention, POSAPP installation parsings are the matching verifications of internal information and logical configuration file etc. in order to handle POSAPP,
Ensure the succession of next POSAPP installations
In the present embodiment, PMS is the primary packet installation system PMS of Android.
The operation that APP dependences are app relies on, and if a can store the dependence to b c, then first detects b c when starting a
Presence and md5 verification datas whether match.
Configuration information under/system/etc is that auxiliary PMS parses app and uses, and can be terminated when inconsistent in same app
System, to ensure that the dependence according to app parses installation.
Advantage of the invention is that:Compared with the prior art, the invention is not only by dividing it independent storage region
The data of protection correlation APP cannot be acquired, to achieve the purpose that protection;And pass through one-to-one configuration file, control
The startup of sequence, which relies on, realizes that the relevant APP of protection ensures to be not tampered with before operation, protects user to make to greatest extent
Safety.
The above is merely preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and
All any modification, equivalent and improvement made by within principle etc., should all be included in the protection scope of the present invention.
Claims (6)
1. a kind of Android intelligence POS terminal pre-installs APP, it is characterised in that its independently marks off POSAPP storage regions, described
The regions system of the POSAPP storage regions packet installation system PMS primary with Android are logically consistent, the POSAPP
Storage region is physically independent of the regions system, and the POSAPP storage regions are provided with independent access rights control
System.
2. Android intelligence POS terminal according to claim 1 pre-installs APP, it is characterised in that the memory blocks POSAPP
Include starting module in domain, inspection module, read module, terminate module;The starting module is connect with read module signal,
The inspection module is connect with the read module signal, and the termination module is connect with the inspection module signal, described to open
Dynamic model block for starting the primary packet installation system PMS of Android, the inspection module for examine POSAPP storage regions with
Whether the information between the regions system corresponds to, the read module for read POSAPP storage regions and the regions system it
Between information, it is described terminate module be used for terminator installation.
3. Android intelligence POS terminal according to claim 2 pre-installs APP, it is characterised in that the inspection module setting
There is inspection data, configuration information corresponding with inspection data is provided in the regions system;The inspection module is also set up
There are APP dependences, calibration dependence corresponding with APP dependences is provided in the regions system.
4. Android intelligence POS terminal according to claim 3 pre-installs APP, it is characterised in that the inspection data is
App information, app information includes the signature of app, the md5 verifications of dependence table and app core datas that store in app
Numerical value etc..
5. a kind of means of defence of Android intelligence POS terminal prepackage APP, it is characterised in that including having the following steps:
101:Start PMS, enters step 102;
102:Detect whether that there are the memory blocks POSAPP, if so, 103 are then entered step, if it is not, entering step 104;
103:Start POSAPP and detect analysis service, detection permission control obtains parsing POSAPP and corresponds to configuration file, into step
Rapid 105;
104:The primary APP of android parse Booting sequence, install APP, terminate;
105:POSAPP to be mounted is obtained from the configuration file in system system/etc, starts corresponding POSAPP installations inspection
Survey process, enters step 106;
106:POSAPP is installed, is then checked, after success, enters step 107;It is unsuccessful, enter step 108;
107:Detect dependence, matching configuration information inside APP;Enter step 109;
108:Termination system starts, and prompts to return factory, terminate;
109:After configuration information successful match, 110 are entered step;Configuration information matching is unsuccessful, enters step:108;
110:POSAPP installation parsings are completed, the installation for successfully starting next POSAPP is installed, step 105 is returned to.
6. the means of defence of Android intelligence POS terminal prepackage APP according to claim 5, it is characterised in that described
PMS is the primary packet installation system PMS of Android.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810352066.5A CN108595948A (en) | 2018-04-19 | 2018-04-19 | A kind of Android intelligence POS terminal prepackage APP and its means of defence |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810352066.5A CN108595948A (en) | 2018-04-19 | 2018-04-19 | A kind of Android intelligence POS terminal prepackage APP and its means of defence |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108595948A true CN108595948A (en) | 2018-09-28 |
Family
ID=63613680
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810352066.5A Pending CN108595948A (en) | 2018-04-19 | 2018-04-19 | A kind of Android intelligence POS terminal prepackage APP and its means of defence |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108595948A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104765620A (en) * | 2014-01-02 | 2015-07-08 | 国际商业机器公司 | Programming module deploying method and system |
CN105701420A (en) * | 2016-02-23 | 2016-06-22 | 深圳市金立通信设备有限公司 | Method for managing user data and terminal |
CN106385314A (en) * | 2016-08-29 | 2017-02-08 | 福建联迪商用设备有限公司 | Data isolation system, data isolation system and method for isolating data by using data isolation system |
CN106933545A (en) * | 2015-12-29 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Application system and its starting protection method and device |
CN107506636A (en) * | 2017-08-17 | 2017-12-22 | 北京小米移动软件有限公司 | The guard method of pre-installed applications program and device |
-
2018
- 2018-04-19 CN CN201810352066.5A patent/CN108595948A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104765620A (en) * | 2014-01-02 | 2015-07-08 | 国际商业机器公司 | Programming module deploying method and system |
CN106933545A (en) * | 2015-12-29 | 2017-07-07 | 阿里巴巴集团控股有限公司 | Application system and its starting protection method and device |
CN105701420A (en) * | 2016-02-23 | 2016-06-22 | 深圳市金立通信设备有限公司 | Method for managing user data and terminal |
CN106385314A (en) * | 2016-08-29 | 2017-02-08 | 福建联迪商用设备有限公司 | Data isolation system, data isolation system and method for isolating data by using data isolation system |
CN107506636A (en) * | 2017-08-17 | 2017-12-22 | 北京小米移动软件有限公司 | The guard method of pre-installed applications program and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Liao et al. | Soliaudit: Smart contract vulnerability assessment based on machine learning and fuzz testing | |
CN109492378B (en) | Identity verification method based on equipment identification code, server and medium | |
CN104123493B (en) | The safety detecting method and device of application program | |
US8966634B2 (en) | System and method for correcting antivirus records and using corrected antivirus records for malware detection | |
WO2015188788A1 (en) | Method and apparatus for protecting mobile terminal payment security, and mobile terminal | |
US9213813B2 (en) | Authentication device, authentication method, and recording medium | |
CN103324506A (en) | Method and mobile phone for controlling installation of Android applications | |
CN109561085A (en) | A kind of auth method based on EIC equipment identification code, server and medium | |
CN101976319A (en) | BIOS firmware Rootkit detection method based on behaviour characteristic | |
US11880821B2 (en) | Systems and methods for automatically identifying a checkout webpage and injecting a virtual token | |
WO2020019482A1 (en) | Function hook detection method, function hook detection device, and computer-readable medium | |
CN109344605B (en) | Authority control method and system of intelligent POS machine | |
CN103605924A (en) | Method and device for preventing malicious program from attacking online payment page | |
CN104021015A (en) | E-bank website access method and browser | |
CN102708013A (en) | Program-instruction-controlled instruction flow supervision | |
CN109614203B (en) | Android application cloud data evidence obtaining and analyzing system and method based on application data simulation | |
CN106897006A (en) | A kind of method for processing payment information, device and user equipment | |
CN103118026A (en) | Method and device for displaying web address security identification information | |
CN107302586A (en) | A kind of Webshell detection methods and device, computer installation, readable storage medium storing program for executing | |
CN111861465A (en) | Detection method and device based on intelligent contract, storage medium and electronic device | |
US20230065259A1 (en) | Method and apparatus for protecting smart contracts against attacks | |
CN113949560A (en) | Network security identification method, device, server and storage medium | |
CN109711162A (en) | A kind of security application method and system based on block chain | |
CN112000853A (en) | Method, medium, client and server for generating/feeding back unique identifier of equipment | |
CN111582868A (en) | Transaction request processing method, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180928 |
|
RJ01 | Rejection of invention patent application after publication |