CN109298895A - APP management method and device in mobile device - Google Patents

APP management method and device in mobile device Download PDF

Info

Publication number
CN109298895A
CN109298895A CN201710605008.4A CN201710605008A CN109298895A CN 109298895 A CN109298895 A CN 109298895A CN 201710605008 A CN201710605008 A CN 201710605008A CN 109298895 A CN109298895 A CN 109298895A
Authority
CN
China
Prior art keywords
app
file
desktop
safety container
mobile device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710605008.4A
Other languages
Chinese (zh)
Other versions
CN109298895B (en
Inventor
罗治华
林刚
陈仲
李正耀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HANGZHOU INFOGO TECH CO LTD
Original Assignee
HANGZHOU INFOGO TECH CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HANGZHOU INFOGO TECH CO LTD filed Critical HANGZHOU INFOGO TECH CO LTD
Priority to CN201710605008.4A priority Critical patent/CN109298895B/en
Publication of CN109298895A publication Critical patent/CN109298895A/en
Application granted granted Critical
Publication of CN109298895B publication Critical patent/CN109298895B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles

Abstract

The application provides APP management method and device in a kind of mobile device, wherein, this method is applied to the safety container client in mobile device, this method comprises: receiving the subscriber identity information of user's input after actuation, subscriber identity information is sent to mobile solution management platform and carries out authentication;After user identity authentication passes through, for the APP installed in mobile device, judge defined in the configuration file of the SDK of the APP for load the APP desktop starter whether be safety container client desktop starter;If so, loading the APP by the desktop starter of safety container client and showing the selection entrance of the APP on the desktop of safety container client;Wherein, when not being operating system desktop starter for loading the desktop starter of the APP defined in the configuration file, when installing the APP, operating system desktop starter forbids the selection entrance that the APP is shown on the desktop of operating system.

Description

APP management method and device in mobile device
Technical field
APP management method and device this application involves mobile solution, in particular in a kind of mobile device.
Background technique
Mobile application management (Mobile Application Management, MAM) refers to the management platform by cloud Independent control is carried out to the various application attributes of mobile device.By mobile application management can be realized APP (Application, Using) installation/unloading, starting/stopping of APP, the update of APP, the data dump of APP, the access privilege control etc. of APP.
Currently, many enterprises are by disposing mobile application management system, the installation enterprises on the mobile terminal of enterprise staff APP, and these enterprises APP is managed.Enterprise staff can be completed anywhere or anytime using the enterprise APP on mobile terminal Enterprise operation, office, management and related service.
In the prior art, any individual can open using the enterprise APP on mobile terminal, to access enterprises Resource, so as to cause the leakage of corporate resources.
Summary of the invention
In view of this, the application provides APP management method and device in a kind of mobile device.
Specifically, the application is achieved by the following technical solution:
On the one hand, the APP management method in a kind of mobile device is provided, APP is installed in mobile device, is collected in APP At SDK, this method is applied to the safety container client in mobile device, this method comprises:
The subscriber identity information for receiving user's input after actuation, is sent to mobile application management for the subscriber identity information Platform carries out authentication;
After user identity authentication passes through, for the APP installed in mobile device, judge to define in the configuration file of SDK For load the APP desktop starter whether be safety container client desktop starter;
If so, loading the APP by the desktop starter of safety container client and in the table of safety container client The selection entrance of the APP is shown on face;Wherein, the desktop starter defined in the configuration file for loading the APP is not When the operating system desktop starter of mobile device, when installing the APP, operating system desktop starter is forbidden in operating system Desktop on show the selection entrance of the APP.
Wherein, this method further include:
In the selection entrance of the APP shown on detecting the desktop that user clicks safety container client, judgement is matched Set whether the corresponding starting authority credentials of the APP recorded in file matches with the starting authority credentials locally saved;
If matching, starts the APP;
Otherwise, No starting APP.
Wherein, definition has the configuration for browsing record for forbidding showing the APP in historical viewings device in the configuration file of SDK Information, the operating system historical viewings device which is used to indicate mobile device hide the browsing record of the APP.
Wherein, encryption interface, decryption interface, key are provided in SDK;Then, after user identity authentication passes through, this method Further include:
Show the file directory of APP downloading or the selection entrance of file, the content in this document catalogue or file be through Cross encryption;
Wherein, which is downloading file directory or encryption interface is called when file to use the key, to this document catalogue or File is encrypted.
Wherein, this method further include:
When detecting that user clicks the selection entrance of this document catalogue or file, show in this document catalogue or file Content;
Wherein, the content in this document catalogue or file is to call decryption interface using the key by the APP, to this document What catalogue or file were decrypted.
On the other hand, the APP managing device in a kind of mobile device is additionally provided, APP, APP are installed in mobile device In integrate SDK, which is applied to the safety container client in mobile device, which includes:
Authentication module sends the subscriber identity information for receiving the subscriber identity information of user's input after actuation Authentication is carried out to mobile solution management platform;
Judgment module, for for the APP installed in mobile device, judging matching for SDK after user identity authentication passes through Set defined in file for load the APP desktop starter whether be safety container client desktop starter;Wherein, Desktop starter defined in the configuration file for loading the APP is not the operating system desktop starter of mobile device When, when installing the APP, operating system desktop starter forbids the selection entrance that the APP is shown on the desktop of operating system;
Display module, if judging defined in the configuration file of SDK for judgment module for loading the desktop of the APP Starter is the desktop starter of safety container client, then loads the APP by the desktop starter of safety container client And the selection entrance of the APP is shown on the desktop of safety container client.
Wherein, device further include: starting module, in which:
Judgment module, the choosing for the APP for being also used to show on detecting the desktop that user clicks safety container client When selecting entrance, judge whether are the corresponding starting authority credentials of the APP recorded in configuration file and the starting authority credentials that locally saves Matching;
Starting module, if for judgment module judge the corresponding starting authority credentials of the APP recorded in configuration file with The starting authority credentials matching locally saved, then start the APP, otherwise, the No starting APP.
Wherein, definition has the configuration for browsing record for forbidding showing the APP in historical viewings device in the configuration file of SDK Information, the operating system historical viewings device which is used to indicate mobile device hide the browsing record of the APP.
Wherein, encryption interface, decryption interface, key are provided in SDK;Then,
Display module is also used to after user identity authentication passes through, and shows the file directory of APP downloading or the choosing of file Entrance is selected, the content in this document catalogue or file is by encryption;
Wherein, which calls encryption interface to use the key when downloading this document catalogue or file, to this document catalogue Or file is encrypted.
Wherein, display module is also used to when detecting that user clicks the selection entrance of this document catalogue or file, display Content in this document catalogue or file;
Wherein, the content in this document catalogue or file is to call decryption interface using the key by the APP, to this document What catalogue or file were decrypted.
By the above technical scheme of the application, SDK is integrated in APP, is used to load defined in the configuration file of SDK The desktop starter of the APP is set as the desktop starter of safety container client, in this way, installing the APP on the mobile apparatus When operating system desktop starter detect defined in the configuration file for loading the desktop starter of the APP it is not operation System desktop starter will not then show the selection entrance of the APP on operating system desktop.Safety container client is in user After authentication, the APP can be loaded by the desktop starter of safety container client and in safety container client The selection entrance of the APP is shown on desktop.Due to that will not show the selection entrance of APP on the operating system desktop of mobile device, User can not start the APP on operating system desktop, and after authentication can only being carried out in safety container client, pass through The selection entrance of the APP shown on the desktop of safety container client starts the APP, accordingly ensure that only authorized user's The Intranets resources such as the APP and access enterprise networks network can be started, the safety of Intranet resource is ensure that, realize the access of Intranet resource Control, prevents the leakage of Intranet resource.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of the mobile application management system shown in the embodiment of the present application;
Fig. 2 is the flow chart of the APP management method in the mobile device shown in the embodiment of the present application;
Fig. 3 is the schematic diagram of APP that shows on the desktop of the safety container client shown in the embodiment of the present application;
Fig. 4 is a kind of structural schematic diagram of the APP managing device in the mobile device shown in the embodiment of the present application;
Fig. 5 is another structural schematic diagram of the APP managing device in the mobile device shown in the embodiment of the present application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
It can open to solve any individual existing in the prior art using the enterprise APP on mobile terminal, from And internal enterprise resources are accessed, the problem of so as to cause corporate resources leakage, a kind of shifting is provided in the application following embodiment Application (APP) management method in dynamic equipment, this method can be held by installing safety container client on the mobile apparatus Row, the safety container client can be realized by software.
As shown in Figure 1, including: to be set positioned at the mobile solution management platform in cloud and movement in mobile application management system It is standby.Wherein, mobile solution management platform has IP address of internal network and outer net IP address, and mobile device can be according to mobile application pipe The IP address of internal network and mobile solution management platform of platform establish connection and carry out authentication, and after authentication passes through Access Intranet;Alternatively, mobile device can be answered according to the outer net IP address of mobile solution management platform by internet and movement Connection is established with management platform and carries out authentication, and accesses Intranet after authentication passes through.
There is application server in administration in the middle part of Intranet, such as: OA (Office Automation, office automation) server, Email (Email) server, CRM (Customer relationship management, customer relation management) etc. are used The associated application servers in the APP access Intranet of mobile terminal installation can be used in family.Above-mentioned mobile device specifically can be Mobile phone, tablet computer etc..
APP in the application following embodiment can be enterprise APP, be also possible to other APP, the embodiment of the present application is to this Without limitation.
APP management method in the mobile device of the embodiment of the present application includes the following contents:
1, the starting of APP
SDK (Software Development Kit, Software Development Kit) is integrated on APP.The configuration file of SDK Defined in desktop starter (Launcher) for loading the APP be not the operating system of mobile device (for example, Android is grasped Make system) desktop starter but in the embodiment of the present application safety container client desktop starter.Specifically, it is assumed that The entitled AndroidManifest.xml of the file of the configuration file of SDK, the entitled IMCSandBox of safety container client, The desktop starter of safety container client is IMCSandBox_LAUNCHER, then, the AndroidManifest.xml in SDK Desktop starter defined in configuration file for loading the APP is IMCSandBox_LAUNCHER, rather than operating system Desktop starter.
In this way, operating system desktop starter can detect in the configuration file of SDK when installing the APP on the mobile apparatus Definition is used to load the desktop starter of the APP, if judging defined in the configuration file for loading the desktop of the APP Starter is not operating system desktop starter, then the selection entrance of the APP will not be shown on operating system desktop, specifically , the icon and title of the APP will not be obtained from the software installation packet of the APP, will not be shown on operating system desktop The icon and title of the APP.Wherein, the selection entrance of above-mentioned APP refers to the icon and title of APP.To be integrated with this Shen Please embodiment SDK APP after being installed in mobile device, the APP will not be shown on the operating system desktop of mobile device Selection entrance, in this way, entrance can not to be selected to start APP by the APP on the operating system desktop of mobile device visiting by user Ask Intranet resource.
Based on this, as shown in Fig. 2, in the embodiment of the present application the APP management method of safety container client executing include with Lower step:
Step S201 receives the subscriber identity information of user's input after actuation, which is sent to shifting Dynamic application management platform carries out authentication;
Specifically, safety container client can show that login interface carries out body for user by various modes after actuation Part certification.For example, above-mentioned identification authentication mode can be user name cipher authentication mode, short message certification mode, guest (visitor) Authentication mode etc..Wherein:
When carrying out authentication by user name cipher authentication mode, it is to use that user, which needs the subscriber identity information inputted, Name in an account book and password, safety container client send out the username and password after the username and password for receiving user's input Mobile solution management platform is given, authentication is carried out to user according to the username and password by mobile solution management platform, And identity authentication result is returned into safety container client.
When carrying out authentication by short message certification mode, it is short-message verification that user, which needs the subscriber identity information inputted, The short message verification code is sent to mobile application after the short message verification code for receiving user's input by code, safety container client Platform is managed, authentication is carried out to user according to the short message verification code by mobile solution management platform, and by authentication knot Fruit returns to safety container client.
When carrying out authentication by guest's authentication mode, user, which needs the subscriber identity information inputted, to be answered by movement With the pre-generated guest's code of management platform, safety container client is after receiving guest's code of user's input, by the guest Code is sent to mobile solution management platform, carries out authentication to user according to guest code by mobile solution management platform, and Identity authentication result is returned into safety container client.
Step S202, for the APP installed in mobile device, judges the configuration text of SDK after user identity authentication passes through For loading whether the desktop starter of the APP is the desktop starter of safety container client defined in part, if so, holding Otherwise row step S203 executes step S204;
Wherein, the desktop starter defined in the configuration file for loading the APP is not the operation of mobile device When system desktop starter, when installing the APP, operating system desktop starter is forbidden showing the APP on operating system desktop Selection entrance;
Step S203 loads the APP by the desktop starter of safety container client and in safety container client The selection entrance of the APP is shown on desktop;
Step S204, the desktop starter for safety container client that no thoroughfare load the APP and in safety container clients The selection entrance of the APP is shown on the desktop at end.
Specifically, each APP installed on polling mobile device, used defined in the configuration file for judging the SDK of the APP In load the APP desktop starter whether be safety container client desktop starter IMCSandBox_LAUNCHER, if It is that then the desktop starter IMCSandBox_LAUNCHER of safety container client can load the APP, and from the software of the APP The icon and title that the APP is obtained in installation kit show the icon and title of the APP on the desktop of safety container client. It is thus possible to show the icon and title for needing the APP managed on the desktop of safety container.As shown in figure 3, can be in safety The selection entrance of the APP such as OA APP, Email APP, the CRM APP for needing to manage is shown on the desktop of container client.
By step S201 to step S204, safety container client can show after user authentication passes through and need to manage APP selection entrance, need APP to be used so that user starts.
In the method for the above embodiments of the present application, SDK is integrated in APP, is used to load defined in the configuration file of SDK The desktop starter of the APP is set as the desktop starter of safety container client, in this way, installing the APP on the mobile apparatus When operating system desktop starter detect defined in the configuration file for loading the desktop starter of the APP it is not operation System desktop starter will not then show the selection entrance of the APP on operating system desktop.Safety container client is in user After authentication, the APP can be loaded by the desktop starter of safety container client and in safety container client The selection entrance of the APP is shown on desktop.Due to that will not show the selection entrance of APP on the operating system desktop of mobile device, User can not start the APP on operating system desktop, and after authentication can only being carried out in safety container client, pass through The selection entrance of the APP shown on the desktop of safety container client starts the APP, accordingly ensure that only authorized user's The Intranets resources such as the APP and access enterprise networks network can be started, the safety of Intranet resource is ensure that, realize the access of Intranet resource Control, prevents the leakage of Intranet resource.
Further, the corresponding starting authority credentials of the APP is had recorded in the configuration file of SDK, specifically, in SDK In AndroidManifest.xml configuration file, this is set by the value for starting authority configuration item android:permission The corresponding starting authority credentials of APP.Meanwhile each APP for needing to manage also is had recorded in the configuration file of safety container client Corresponding starting authority credentials, specifically, passing through in the AndroidManifest.xml configuration file of safety container client The corresponding starting authority credentials of each APP that starting authority configuration item android:permission record needs to manage.In this way, It, can be the following steps are included: being shown on detecting the desktop that user clicks safety container client after step S203 When the selection entrance of the APP, judges the corresponding starting authority credentials of the APP that records in the configuration file of SDK and locally save Whether starting authority credentials matches, if matching, starts the APP, if mismatching, the No starting APP.
Specifically, when user needs using a certain APP, user, which can click, to be shown on the desktop of safety container client The selection entrance of the APP when safety container client detects the clicking operation of user, judges the SDK's of the APP (value is should for the value of starting authority configuration item android:permission in AndroidManifest.xml configuration file The corresponding starting authority credentials of APP) with the driving that is saved in the AndroidManifest.xml configuration file of safety container client Whether authority credentials matches, that is, judges to save in the AndroidManifest.xml configuration file of safety container client each Driving in authority credentials whether there is and the starting authority configuration in the AndroidManifest.xml configuration file of the SDK of the APP The identical driving authority credentials of value of item android:permission, if so, explanation, which has permission, opens the APP, then starting should Otherwise APP illustrates that no permission opens the APP.The APP is not will start then.The safety of APP starting is thereby further ensured that Property, it ensure that the safety of Intranet resource, realize the access control of Intranet resource, prevent the leakage of Intranet resource.
The browsing for showing the APP in historical viewings device is forbidden to remember in addition, also defining in the configuration file of the SDK of APP The configuration information of record, specifically, by configuration item in the AndroidManifest.xml configuration file of SDK The value of excludeFromRecents is set as true, the browsing note for indicating to forbid to show the APP in historical viewings device Record, in this way, the historical viewings device (Explore) of the operating system of mobile device is the SDK's for judging the APP When the value of configuration item excludeFromRecents in AndroidManifest.xml configuration file is true, this can be hidden The browsing of APP records, and not will do it display.Forbid showing in historical viewings device by defining in the configuration file of the SDK of APP The configuration information for showing the browsing record of the APP can make the historical viewings device of operating system hide the browsing record of the APP, User can not browse record by the APP in historical viewings device and start the APP, to further ensure the peace of Intranet resource Entirely, the access control for realizing Intranet resource prevents the leakage of Intranet resource.
2, data encrypting and deciphering
It is accessible corresponding after APP selection entrance on the desktop that user passes through safety container client starts the APP Intranet resource and download file directory or file.In order to ensure the file directory of downloading or the safety of file, the application is real It applies in example, the setting encryption interface, decryption interface, key in the SDK of APP, wherein encryption interface is the API for encryption (Application Programming Interface, application programming interface) interface, decryption interface are for decryption Api interface, key key (Key) required when being encryption and decryption.Wherein, the key in the SDK of different APP can be different.
In this way, APP when downloading file directory or file, can call the encryption interface in SDK using above-mentioned key, to this File directory or file are encrypted.Specifically, recurrence compression first can be carried out using ZipEntry object, then use again AES (Advanced Encryption Standard, Advanced Encryption Standard) 128 Encryption Algorithm are encrypted.Wherein, it is compressing When file directory, the file under this document catalogue and the catalogue can be compressed together.Above-mentioned ZipEntry object is one Kind indicates the class of Zip file entries, can be used for executing compression and decompression processing.
A particular category space is provided in safety container client, for saving the data of each APP downloading, at this One or more subdirectory spaces, the corresponding sub- directory space of each APP, for storing can be set under particular category space The data such as the file directory of APP downloading or file.It is above-mentioned to be saved in correspondence by encrypted file directory or file Subdirectory space in.
User can click and show on the desktop of safety container client when needing to check the content of file directory or file The selection entrance of the file directory or file shown, safety container client is in the choosing for detecting user's click file directory or file When selecting entrance, control APP calls the decryption interface in SDK to use above-mentioned key, and this document catalogue or file are decrypted, and Show the content in this document catalogue or file.Specifically, being first decrypted using AES128 decipherment algorithm, reuse later ZipEntry object carries out recurrence decompression, wherein, can will be under this document catalogue and the catalogue when decompressing file directory File unzip it together.
By the above method, the encrypting storing and decryption that intranet data may be implemented are checked, since data are encrypting storings , therefore, the data can not be checked by exporting in data slave mobile device.
Corresponding with the embodiment of APP management method in aforementioned mobile device, present invention also provides in mobile device APP managing device embodiment, which can be applied in safety container client.
As shown in figure 4, including: authentication module 401 in APP managing device in the mobile device of the embodiment of the present application, sentencing Disconnected module 402, display module 403 and starting module 404, in which:
Authentication module 401 sends out the subscriber identity information for receiving the subscriber identity information of user's input after actuation It gives mobile solution management platform and carries out authentication;
Judgment module 402, for after user identity authentication passes through, for the APP installed in mobile device, judgement should Defined in the configuration file of the SDK of APP for load the APP desktop starter whether be safety container client desktop Starter;Wherein, the desktop starter defined in the configuration file for loading the APP is not the operation system of mobile device When desktop starter of uniting, when installing the APP, operating system desktop starter is forbidden showing the APP on the desktop of operating system Selection entrance;
Display module 403, if judging defined in the configuration file of the SDK for judgment module 402 for loading this The desktop starter of APP is the desktop starter of safety container client, then passes through the desktop starter of safety container client It loads the APP and shows the selection entrance of the APP on the desktop of safety container client.
In addition, as shown in figure 5, in above-mentioned APP managing device further include: starting module 404, in which:
Judgment module 402, the APP's for being also used to show on detecting the desktop that user clicks safety container client When selecting entrance, judge that the corresponding starting authority credentials of the APP recorded in configuration file is with the starting authority credentials locally saved No matching;
Starting module 404, if judging the corresponding starting power of the APP recorded in configuration file for judgment module 402 Limit value is matched with the starting authority credentials locally saved, then starts the APP, otherwise, the No starting APP.
Wherein, definition has the configuration for browsing record for forbidding showing the APP in historical viewings device in the configuration file of SDK Information, the operating system historical viewings device which is used to indicate mobile device hide the browsing record of the APP.
Wherein, encryption interface, decryption interface, key are provided in SDK;Then,
Display module 403, be also used to after user identity authentication passes through, the file directory or file of display APP downloading Entrance is selected, the content in this document catalogue or file is by encryption;
Wherein, which calls encryption interface to use key when downloading file directory or file, to this document catalogue or text Part is encrypted.
Wherein, display module 403 are also used to show when detecting that user clicks the selection entrance of file directory or file Show the content in this document catalogue or file;
Wherein, the content in this document catalogue or file is to call decryption interface using key by APP, to this document catalogue Or file is decrypted.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (10)

1. the APP management method in a kind of mobile device, which is characterized in that be equipped with APP, the APP in the mobile device Middle integrated software development kit SDK, the method are applied to the safety container client in the mobile device, the method Include:
The subscriber identity information for receiving user's input after actuation, is sent to mobile application management for the subscriber identity information and puts down Platform carries out authentication;
After user identity authentication passes through, for the APP installed in the mobile device, the configuration text of the SDK is judged Defined in part for load the APP desktop starter whether be the safety container client desktop starter;
If so, loading the APP by the desktop starter of the safety container client and in the safety container client The selection entrance of the APP is shown on the desktop at end;Wherein, for loading the APP's defined in the configuration file When desktop starter is not the operating system desktop starter of the mobile device, the operating system when installing the APP Desktop starter forbids the selection entrance that the APP is shown on the desktop of the operating system.
2. the method according to claim 1, wherein the method also includes:
In the selection entrance of the APP shown on detecting the desktop that user clicks the safety container client, judgement Whether the corresponding starting authority credentials of the APP recorded in the configuration file matches with the starting authority credentials locally saved;
If matching, starts the APP;
Otherwise, APP described in No starting.
3. forbidding the method according to claim 1, wherein defining to have in the configuration file of the SDK in history Show that the configuration information of the browsing record of the APP, the configuration information are used to indicate the behaviour of the mobile device in browser Make the browsing record that System History browser hides the APP.
4. the method according to claim 1, wherein being provided with encryption interface, decryption interface, close in the SDK Key;Then, after user identity authentication passes through, the method also includes:
Show the file directory of APP downloading or the selection entrance of file, the content in the file directory or file be through Cross encryption;
Wherein, the APP calls the encryption interface using the key when downloading the file directory or file, to described File directory or file are encrypted.
5. according to the method described in claim 4, it is characterized in that, the method also includes:
When detecting that user clicks the selection entrance of the file directory or file, show in the file directory or file Content;
Wherein, the content in the file directory or file is to call the decryption interface using the key by the APP, right What the file directory or file were decrypted.
6. the APP managing device in a kind of mobile device, which is characterized in that be equipped with APP, the APP in the mobile device Middle integrated software development kit SDK, described device are applied to the safety container client in the mobile device, described device Include:
The subscriber identity information is sent to by authentication module for receiving the subscriber identity information of user's input after actuation Mobile solution management platform carries out authentication;
Judgment module, for for the APP installed in the mobile device, judging institute after user identity authentication passes through It states defined in the configuration file of SDK for loading whether the desktop starter of the APP is the safety container client Desktop starter;It wherein, is not the movement for loading the desktop starter of the APP defined in the configuration file When the operating system desktop starter of equipment, when installing the APP, the operating system desktop starter is forbidden in the behaviour Make the selection entrance that the APP is shown on the desktop of system;
Display module, if judging defined in the configuration file of the SDK for judgment module for loading the table of the APP Face starter is the desktop starter of the safety container client, then passes through the desktop starter of the safety container client It loads the APP and shows the selection entrance of the APP on the desktop of the safety container client.
7. device according to claim 6, which is characterized in that described device further include: starting module, in which:
The judgment module, be also used to show on detecting the desktop that user clicks the safety container client described in When the selection entrance of APP, judge that the corresponding starting authority credentials of the APP recorded in the configuration file is opened with what is locally saved Whether dynamic authority credentials matches;
The starting module opens if judging that the APP recorded in the configuration file is corresponding for the judgment module Dynamic authority credentials is matched with the starting authority credentials locally saved, then starts the APP, otherwise, APP described in No starting.
8. device according to claim 6, which is characterized in that there is definition in the configuration file of the SDK forbids in history Show that the configuration information of the browsing record of the APP, the configuration information are used to indicate the behaviour of the mobile device in browser Make the browsing record that System History browser hides the APP.
9. device according to claim 6, which is characterized in that be provided with encryption interface, decryption interface, close in the SDK Key;Then,
The display module, is also used to after user identity authentication passes through, and shows the file directory or file of APP downloading Entrance is selected, the content in the file directory or file is by encryption;
Wherein, the APP calls the encryption interface using the key when downloading the file directory or file, to described File directory or file are encrypted.
10. device according to claim 9, which is characterized in that
The display module is also used to when detecting that user clicks the selection entrance of the file directory or file, shows institute State the content in file directory or file;
Wherein, the content in the file directory or file is to call the decryption interface using the key by the APP, right What the file directory or file were decrypted.
CN201710605008.4A 2017-07-24 2017-07-24 APP management method and device on mobile equipment Active CN109298895B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710605008.4A CN109298895B (en) 2017-07-24 2017-07-24 APP management method and device on mobile equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710605008.4A CN109298895B (en) 2017-07-24 2017-07-24 APP management method and device on mobile equipment

Publications (2)

Publication Number Publication Date
CN109298895A true CN109298895A (en) 2019-02-01
CN109298895B CN109298895B (en) 2021-04-23

Family

ID=65167494

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710605008.4A Active CN109298895B (en) 2017-07-24 2017-07-24 APP management method and device on mobile equipment

Country Status (1)

Country Link
CN (1) CN109298895B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110781493A (en) * 2019-09-30 2020-02-11 奇安信科技集团股份有限公司 Processing method for running application program, terminal and server
CN111158788A (en) * 2019-12-31 2020-05-15 科大讯飞股份有限公司 Desktop starter control method and device and storage medium
CN112905258A (en) * 2021-02-05 2021-06-04 杭州天宽科技有限公司 Mobile terminal application safety starting method

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103491082A (en) * 2013-09-16 2014-01-01 北京网秦天下科技有限公司 Security desktop presenting method, mobile terminal and server
CN103544434A (en) * 2013-11-12 2014-01-29 北京网秦天下科技有限公司 Method and terminal used for ensuring safe operation of application program
US20140096186A1 (en) * 2011-10-11 2014-04-03 Citrix Systems, Inc. Policy-Based Application Management
CN104036202A (en) * 2014-06-27 2014-09-10 中科创达软件股份有限公司 Method and equipment for isolating enterprise applications
CN104133670A (en) * 2014-06-30 2014-11-05 中国科学院信息工程研究所 Intelligent terminal security GUI (Graphical User Interface) generation method on the basis of virtual isolation technology
US20140337528A1 (en) * 2011-10-11 2014-11-13 Citrix Systems, Inc. Policy-based application management
CN104239778A (en) * 2014-09-02 2014-12-24 中科创达软件股份有限公司 Encrypted boosting method of application based on Android system
CN106446632A (en) * 2016-09-22 2017-02-22 北京奇虎科技有限公司 Hide display starting device and hide display starting method for application programs
US10033763B2 (en) * 2013-05-03 2018-07-24 Kony Inc. Centralized mobile application management system and methods of use
EP3364629B1 (en) * 2012-10-15 2020-01-29 Citrix Systems, Inc. Providing virtualized private network tunnels

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140096186A1 (en) * 2011-10-11 2014-04-03 Citrix Systems, Inc. Policy-Based Application Management
US20140337528A1 (en) * 2011-10-11 2014-11-13 Citrix Systems, Inc. Policy-based application management
EP3364629B1 (en) * 2012-10-15 2020-01-29 Citrix Systems, Inc. Providing virtualized private network tunnels
US10033763B2 (en) * 2013-05-03 2018-07-24 Kony Inc. Centralized mobile application management system and methods of use
CN103491082A (en) * 2013-09-16 2014-01-01 北京网秦天下科技有限公司 Security desktop presenting method, mobile terminal and server
CN103544434A (en) * 2013-11-12 2014-01-29 北京网秦天下科技有限公司 Method and terminal used for ensuring safe operation of application program
CN104036202A (en) * 2014-06-27 2014-09-10 中科创达软件股份有限公司 Method and equipment for isolating enterprise applications
CN104133670A (en) * 2014-06-30 2014-11-05 中国科学院信息工程研究所 Intelligent terminal security GUI (Graphical User Interface) generation method on the basis of virtual isolation technology
CN104239778A (en) * 2014-09-02 2014-12-24 中科创达软件股份有限公司 Encrypted boosting method of application based on Android system
CN106446632A (en) * 2016-09-22 2017-02-22 北京奇虎科技有限公司 Hide display starting device and hide display starting method for application programs

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110781493A (en) * 2019-09-30 2020-02-11 奇安信科技集团股份有限公司 Processing method for running application program, terminal and server
CN111158788A (en) * 2019-12-31 2020-05-15 科大讯飞股份有限公司 Desktop starter control method and device and storage medium
CN111158788B (en) * 2019-12-31 2023-05-30 科大讯飞股份有限公司 Desktop starter control method and device and storage medium
CN112905258A (en) * 2021-02-05 2021-06-04 杭州天宽科技有限公司 Mobile terminal application safety starting method

Also Published As

Publication number Publication date
CN109298895B (en) 2021-04-23

Similar Documents

Publication Publication Date Title
US9185554B2 (en) System and methods to store, retrieve, manage, augment and monitor applications on appliances
CN105247531B (en) Managed browser is provided
US9430211B2 (en) System and method for sharing information in a private ecosystem
CN105308923B (en) Data management to the application with multiple operating mode
US9445271B2 (en) Multi-user use of single-user apps
CN105830477A (en) Operating system integrated domain management
EP2563056A2 (en) Apparatus and method for controlling permissions in mobile terminal
CN104036202B (en) A kind of method and apparatus for isolating enterprise's application
CN106031128B (en) The method and apparatus of mobile device management
CN107566400A (en) Application with multiple operator schemes
CN105247526A (en) Providing an enterprise application store
KR20080095866A (en) Computer session management device and system
US10630722B2 (en) System and method for sharing information in a private ecosystem
CN105530261B (en) The guard method of privacy information and device
CN105740670B (en) Using encryption, starting method and apparatus
CN104615924A (en) System and method for storing account numbers and passwords for account numbers
CN104462997A (en) Method, device and system for protecting work data in mobile terminal
CN106778348A (en) A kind of method and apparatus for isolating private data
CN109298895A (en) APP management method and device in mobile device
US20210405837A1 (en) User-specific applications for shared devices
CN105247534B (en) Access control apparatus and access control system
CN103763370B (en) A kind of method, system and device for changing mobile terminal workspace screen-lock password
CN103036852A (en) Method and device for achieving network login
CN105653904A (en) Application screen-locking processing method and apparatus as well as mobile terminal
CN107330324A (en) The method for deleting and erasing apparatus of a kind of application data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant