CN109344652A - A kind of encryption and decryption method and system - Google Patents

A kind of encryption and decryption method and system Download PDF

Info

Publication number
CN109344652A
CN109344652A CN201811166711.0A CN201811166711A CN109344652A CN 109344652 A CN109344652 A CN 109344652A CN 201811166711 A CN201811166711 A CN 201811166711A CN 109344652 A CN109344652 A CN 109344652A
Authority
CN
China
Prior art keywords
program
file
system program
encryption
set programs
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811166711.0A
Other languages
Chinese (zh)
Inventor
刘勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Ai Pu An Information Technology Co Ltd
Original Assignee
Beijing Ai Pu An Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Ai Pu An Information Technology Co Ltd filed Critical Beijing Ai Pu An Information Technology Co Ltd
Priority to CN201811166711.0A priority Critical patent/CN109344652A/en
Publication of CN109344652A publication Critical patent/CN109344652A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

This application provides a kind of encryption and decryption method and systems, wherein this method comprises: the system program of predetermined function is replaced with corresponding pre-set programs when obtaining the launching process of destination application;The destination application calls pre-set programs, carries out encryption or decryption process to system program file to be dealt with.Herein described method and system are when carrying out encryption and decryption operation to file, the defect of root must be carried out to the equipment for using Android operation system by overcoming the prior art, and during carrying out encryption and decryption to file, the risk that file internal leaking data will not be brought, makes safety be significantly improved.

Description

A kind of encryption and decryption method and system
Technical field
This application involves field of computer technology, more particularly, to a kind of encryption and decryption method and system.
Background technique
In current Android operation system, the prior art of encryption technology is to be grasped by means of XPosed frame in Android Make to place hook Hook in the framework layer java applet of system, to the standard input method or standard output of framework layer java applet Method is intercepted, and then is read in the standard application programming interface API of application call framework layer java applet It is decrypted when extract operation, standard application programming interface API is called to be encrypted when carrying out write operation.
The drawbacks of prior art mainly includes three aspects:
1, Xposed frame must be installed, and root, but root must be carried out to the equipment for using Android operation system Safety problem can be introduced, therefore does not allow root using the equipment of Android operation system;
2, the prior art can only standard input method to framework layer java applet and standard output method intercept, Encryption and decryption is carried out to file when calling standard application programming interface API, it can not be in application program by calling Java local When interface JNI is written and read file, encryption and decryption is carried out to file;
3, only in framework layer java applet deployment method and method for closing placed hook Hook, therefore reading When encrypted file, need that file decryption will be encrypted and save as temporary file, then reuse application program open it is interim File, this will lead to file in memory to exist in plain text, to bring the risk of file internal data leak, when encryption also So.
Therefore, when carrying out encryption and decryption to file using the prior art, safety is lower.
Summary of the invention
In view of this, the application's is designed to provide a kind of encryption and decryption method and system, herein described method and it is For system when carrying out encryption and decryption operation to file, root must be carried out to the equipment for using Android operation system by overcoming the prior art Defect, and to file carry out encryption and decryption during, the risk of file internal leaking data will not be brought, make safety It is significantly improved.
In a first aspect, the embodiment of the present application provides a kind of encipher-decipher method, include the following steps:
When obtaining the launching process of destination application, the system program of predetermined function is replaced with into corresponding default journey Sequence;
The destination application calls pre-set programs, and system program file to be dealt with is encrypted or solved Close processing.
With reference to first aspect, the embodiment of the present application provides the first possible embodiment of first aspect, wherein institute It states and the system program of predetermined function is replaced with into corresponding pre-set programs, comprising:
By the first system program, opening program is replaced with;By second system program, program writing is replaced with;By third system Program replaces with reader.
With reference to first aspect, the embodiment of the present application provides second of possible embodiment of first aspect, wherein institute The launching process for stating acquisition destination application includes the following steps:
By destination application load in predetermined container program, and target is obtained using the predetermined container program The launching process of application program.
The possible embodiment of with reference to first aspect the first, the embodiment of the present application provide the third of first aspect Possible embodiment, wherein the pre-set programs are for executing following steps:
In the first system program in the case where carrying out opening operation, the opening program to be to the opening operation The file name suffix of respective file is judged;
If the suffix of the filename meets preset rules, when the second system program carries out write operation, benefit The data of said write are encrypted with the program writing.
The possible embodiment of with reference to first aspect the first, the embodiment of the present application provide the 4th kind of first aspect Possible embodiment, wherein the pre-set programs are also used to execute following steps:
In the second system program in the case where carrying out write operation, described program to execute write operation In the process, the data of write-in are encrypted.
The 4th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide the 5th kind of first aspect Possible embodiment, wherein the program writing further includes following steps:
Encryption identification is added in the file header of the corresponding file that programs, or corresponding to the modification program writing The encryption identification of the file header of file.
The 5th kind of possible embodiment with reference to first aspect, the embodiment of the present application provide the 6th kind of first aspect Possible embodiment, wherein further include following steps:
In the case where the first system program is used to carry out opening operation, using opening program to the opening file The file header of operation respective file is judged;
If in the file header including encryption identification, when the third system program executes and reads file operation, benefit It is decrypted with data of the reader to reading.
The possible embodiment of with reference to first aspect the first, the pre-set programs are also used to execute following steps:
In the third system program in the case where being read, the reader to execute read operation In the process, the data of reading are decrypted.
With reference to first aspect, the embodiment of the present application provides the 8th kind of possible embodiment of first aspect, wherein institute Stating container program further includes following steps: key needed for generating the encryption or decryption oprerations.
Second aspect, the embodiment of the present application also provide a kind of encrypting and deciphering system, including container program and pre-set programs:
The container program, for obtain destination application launching process when, by the system program of predetermined function Replace with corresponding pre-set programs;
The pre-set programs, for being called by the destination application, to system program file to be dealt with Carry out encryption or decryption process.
A kind of encryption and decryption method and system provided by the embodiments of the present application uses corresponding pre-set programs replacement system journey Sequence, to carry out encryption or decryption oprerations to the file.It is operated by means of XPosed frame in Android in the prior art The method for placing hook Hook in the framework layer java applet of system is compared, without carrying out to the equipment for using Android operation system Root, so that it may which the encryption and decryption for carrying out user's unaware to file operates, so that the application program of unauthorized be effectively prevent to steal Sensitive documents content preferably protects privacy of user.
Further, encipher-decipher method provided by the embodiments of the present application, not only to the standard input side of framework layer java applet Method and standard output method are replaced, the side being also written and read to application call Java local interface JNI Method is replaced.Therefore, during being encrypted using the embodiment of the present application method, without being interim by File Open File is encrypted again, during being decrypted using the embodiment of the present application method, without will save as after file decryption Temporary file.In this way, file will not be to be present in memory, to avoid file internal data in plain text in encryption process The risk of leakage.Therefore, the encipher-decipher method of the application has higher safety.
To enable the above objects, features, and advantages of the application to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate Appended attached drawing, is described in detail below.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of flow chart of encipher-decipher method provided by the embodiment of the present application;
Fig. 2 shows the method flow diagrams of another kind encipher-decipher method practical application provided by the embodiment of the present application.
Fig. 3 shows the architecture diagram of another kind encipher-decipher method provided by the embodiment of the present application;
Fig. 4 shows a kind of architecture diagram of encipher-decipher method of the prior art;
Fig. 5 shows a kind of structural schematic diagram of encrypting and deciphering system provided by the embodiment of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application Middle attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only It is some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is real The component for applying example can be arranged and be designed with a variety of different configurations.Therefore, below to the application's provided in the accompanying drawings The detailed description of embodiment is not intended to limit claimed scope of the present application, but is merely representative of the selected reality of the application Apply example.Based on embodiments herein, those skilled in the art institute obtained without making creative work There are other embodiments, shall fall in the protection scope of this application.
To be carried out to a kind of encipher-decipher method disclosed in the embodiment of the present application first convenient for understanding the present embodiment It is discussed in detail.
Embodiment one
The embodiment of the present application one provides a kind of encipher-decipher method, and method provided by the embodiments of the present application can be applied to make With the application program installed in the equipment of Android operation system, encryption and decryption operation is carried out to the file of application program read-write.
As shown in Figure 1, the method that embodiment one provides includes the following steps:
S101 replaces with the system program of predetermined function corresponding pre- when obtaining the launching process of destination application If program.
By destination application load in predetermined container program, and target is obtained using the predetermined container program The launching process of application program.Goal application program is exactly that the data read and write to it is needed to carry out answering for encryption and decryption operation With program, the destination application is mounted in the equipment using Android operation system.
Specifically, the predetermined container program can be sandbox program.
Here, the container program further includes following steps: key needed for generating the encryption or decryption oprerations.Specifically Ground, the operation for generating key are completed after the launching process for obtaining destination application, at the same time, can also be in target application The parameter for the hook Hook program being added is needed to be initialized when program starts.
Destination application described in S102 calls pre-set programs, encrypts to system program file to be dealt with Or decryption processing.
Here, be by the container program in destination application starting, hook Hook program is added to realize.
It specifically, can be by reading Android operation system since the program of Android operation system is open source Program code searches the application program being mounted in Android operation system and realizes opening file, close file, read file and write Enter the program code of file processes, application program can also be obtained to the calling process of bottom linux kernel.
In destination application starting, the hook Hook program can be to the system Runtime Library the inside in linux kernel Global offset table got table and process chained list plt table traversed, find the destination application realize open file, The mapping address of the system program called when closing file, reading file and write-in file processes in memory, and replaced When being run at corresponding pre-set programs, the address that can be generated in system Runtime Library, to complete the system journey of predetermined function Sequence replaces with corresponding pre-set programs.
It is specifically, described that the system program of predetermined function is replaced with into corresponding pre-set programs, comprising:
By the first system program, opening program is replaced with;By second system program, program writing is replaced with;By third system Program replaces with reader.
Specifically, in the first system program in the case where carrying out opening operation, the opening program to be to described The file name suffix of opening operation respective file is judged;If the suffix of the filename meets preset rules, described When second system program carries out write operation, the data of said write are encrypted using the program writing.
Specifically, in the second system program in the case where carrying out write operation, the program writing to be write in execution During entering operation, the data of write-in are encrypted.Also, add in the file header addition of the corresponding file that programs Secret mark is known, or modifies the encryption identification of the file header of file corresponding to the program writing.
Specifically, in the case where the first system program is used to carry out opening operation, using opening program to described The file header of open file operation respective file is judged;
If in the file header including encryption identification, when the third system program executes and reads file operation, benefit It is decrypted with data of the reader to reading.
Specifically, in the third system program in the case where being read, the reader to execute reading During extract operation, the data of reading are decrypted.
Here, the enciphering and deciphering algorithm that the cryptographic operation and decryption oprerations are used can be any common encryption and decryption and calculate Method, specifically for example applied to the application program installed in the equipment using Android operation system when, may include RC4 stream encryption calculate Method, AES Tuber yield or SM4 Tuber yield.RC4 stream cipher algorithm is not so good as AES Tuber yield and SM4 in safety Tuber yield is high, but fairly simple in realization.
When being encrypted using AES Tuber yield or SM4 Tuber yield, to the number of write-in in the way of data block It is encrypted according to carrying out or the data of reading is decrypted.Therefore, when data are written, if the data end of write-in is less than one The data volume of a data block fills into filling data with regard to data to be written end;When reading data, need to comprising reading number According to all data blocks be decrypted, and intercept out the part for needing to read and return to destination application.
Embodiment two
It is the method flow of another kind encipher-decipher method practical application provided by the embodiment of the present application two as illustrated in FIG. 2 Figure, this method process is the read-write operation process of destination application side.
S201 cipher key initialization;
Here, destination application load is in container program, the application obtain the starting of destination application into Journey;Key needed for generating the encryption or decryption oprerations later, and to the hook for needing to be added when destination application starts The parameter of sub- Hook program is initialized;Hook Hook program replaces with the system program of predetermined function corresponding pre- later If program.
Specifically, by the first system program, opening program is replaced with;By second system program, program writing is replaced with;By Three system programs, replace with reader.
Specifically, in the first system program in the case where carrying out opening operation, the pre-set programs to be preparatory The opening program of setting;In the second system program in the case where carrying out write operation, the pre-set programs to be preparatory The program writing of setting;In the third system program in the case where being read, the pre-set programs to be to set in advance Fixed reader.
S302 destination application carries out file operation.
Here, the destination application load is normally carried out the operation such as reading and writing of files in container program.
If S203 destination application needs to be implemented reading file operation, it is necessary first to judge whether file is encrypted.
Here, when opening file, the file header of the open file operation respective file is carried out using program is opened Judgement;If in the file header including encryption identification, when the third system program executes and reads file operation, institute is utilized Reader is stated the data of reading are decrypted.
S204 executes decryption oprerations.
Here, the key that the reader is generated using decipherment algorithm and step S201, is decrypted the data of reading.
S205 data return.
It here, just will be after step S204 decryption if opening program judgement needs file to be decrypted operation Data return to destination application;If the opening file judgement does not need file to be decrypted operation, just directly will The data of reading return to destination application.After destination application receives the data of return, be shown to user check or Person is handled according to the data of return.
If S206 destination application needs to be implemented write-in file operation, it is necessary first to judge whether file needs to be added It is close.
Here, in the first system program in the case where carrying out opening operation, the pre-set programs to be to set in advance Fixed opening program, the opening program judge the file name suffix of the opening operation respective file;
If the suffix of the filename meets preset rules, when the second system program carries out write operation, benefit The data of said write are encrypted with the program writing.
S207 executes cryptographic operation.
If the corresponding file of write-in file operation is encrypted, described program is executing write-in file operation In the process, the key generated using Encryption Algorithm and step S201, encrypts the data of write-in.
Here, described program further includes following steps: adding encryption in the file header of the corresponding file that programs Mark, or modify the encryption identification of the file header of file corresponding to the program writing.
Data are written in S208.
Here, if the suffix of the filename meets preset rules, the encrypted data of write step S207;If institute The suffix for stating filename does not meet preset rules, i.e. the corresponding file of write-in file operation does not need to be encrypted, not encryption direct Execution write-in file operation is connect, the data not encrypted are written.
Embodiment three
For convenience to the understanding of the encryption process of the application, Fig. 3 shows another provided by the embodiment of the present application The architecture diagram of kind encipher-decipher method.As shown in figure 3, the application obtains the launching process of destination application, and answered in target When being started with program, hook Hook program is added.The hook Hook program is by the modification to system Runtime Library, by predetermined function The system program of energy replaces with corresponding pre-set programs, is equivalent to the transparent encipher-decipher method of the application being inserted into target application Program is in the calling process of system Runtime Library.
Correspondingly, being a kind of architecture diagram of transparent encipher-decipher method in the prior art as shown in Figure 4, the prior art passes through The process of the application programming interface API of Framework layers of Android operation system framework offer is called in destination application Middle placement hook is realized and is operated to the encryption and decryption during destination application reading and writing of files.
Based on the same technical idea, the embodiment of the present application also provides a kind of encrypting and deciphering system, and for details, reference can be made to following realities Apply example.
Example IV
As shown in figure 5, being based on identical design concept, the embodiment of the present application also provides a kind of encrypting and deciphering system 500, packets Include container program 501 and pre-set programs 502:
Container program 501, for when obtaining the launching process of destination application, the system program of predetermined function to be replaced It is changed to corresponding pre-set programs;
Pre-set programs 502, for being called by the destination application, to system program file to be dealt with into Row carries out encryption or decryption process.
A kind of computer program product of encipher-decipher method is carried out provided by the embodiment of the present application, including stores processing The computer readable storage medium of the executable non-volatile program code of device, the instruction that said program code includes can be used for holding Row previous methods method as described in the examples, specific implementation can be found in embodiment of the method, and details are not described herein.
System embodiment described above is only schematical, for example, the division of the unit, only one kind are patrolled Function division is collected, there may be another division manner in actual implementation, in another example, multiple units or components can combine or can To be integrated into another system, or some features can be ignored or not executed.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, the application Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the application State all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. is various to deposit Store up the medium of program code.
Finally, it should be noted that embodiment described above, the only specific embodiment of the application, to illustrate the application Technical solution, rather than its limitations, the protection scope of the application is not limited thereto, although with reference to the foregoing embodiments to this Shen It please be described in detail, those skilled in the art should understand that: anyone skilled in the art Within the technical scope of the present application, it can still modify to technical solution documented by previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of the embodiment of the present application technical solution, should all cover the protection in the application Within the scope of.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.

Claims (10)

1. a kind of encipher-decipher method, which comprises the steps of:
When obtaining the launching process of destination application, the system program of predetermined function is replaced with into corresponding pre-set programs;
The destination application calls pre-set programs, carries out at encryption or decryption to system program file to be dealt with Reason.
2. the method according to claim 1, wherein it is described the system program of predetermined function is replaced with it is corresponding Pre-set programs, comprising:
By the first system program, opening program is replaced with;
By second system program, program writing is replaced with;
By third system program, reader is replaced with.
3. the method according to claim 1, wherein the launching process for obtaining destination application includes such as Lower step:
By destination application load in predetermined container program, and target application is obtained using the predetermined container program The launching process of program.
4. according to the method described in claim 2, it is characterized in that, the pre-set programs are for executing following steps:
In the first system program in the case where carrying out opening operation, the opening program to be corresponding to the opening operation The file name suffix of file is judged;
If the suffix of the filename meets preset rules, when the second system program carries out write operation, institute is utilized Program writing is stated to encrypt the data of said write.
5. according to the method described in claim 2, it is characterized in that, the pre-set programs are also used to execute following steps:
In the second system program in the case where carrying out write operation, the program writing to be in the process for executing write operation In, the data of write-in are encrypted.
6. according to the method described in claim 5, it is characterized in that, described program further includes following steps:
Encryption identification, or file corresponding to the modification program writing are added in the file header of the corresponding file that programs File header encryption identification.
7. according to the method described in claim 6, it is characterized in that, further including following steps:
In the case where the first system program is used to carry out opening operation, using opening program to the open file operation The file header of respective file is judged;
If in the file header including encryption identification, when the third system program executes and reads file operation, institute is utilized Reader is stated the data of reading are decrypted.
8. according to the method described in claim 2, it is characterized in that, the pre-set programs are also used to execute following steps:
In the third system program in the case where being read, the reader to be in the process for executing read operation In, the data of reading are decrypted.
9. the method according to claim 1, wherein the container program further includes following steps: described in generation Key needed for encryption or decryption oprerations.
10. a kind of encrypting and deciphering system, which is characterized in that including container program and pre-set programs:
The container program, for when obtaining the launching process of destination application, the system program of predetermined function to be replaced For corresponding pre-set programs;
The pre-set programs carry out system program file to be dealt with for being called by the destination application Encryption or decryption process.
CN201811166711.0A 2018-10-08 2018-10-08 A kind of encryption and decryption method and system Pending CN109344652A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811166711.0A CN109344652A (en) 2018-10-08 2018-10-08 A kind of encryption and decryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811166711.0A CN109344652A (en) 2018-10-08 2018-10-08 A kind of encryption and decryption method and system

Publications (1)

Publication Number Publication Date
CN109344652A true CN109344652A (en) 2019-02-15

Family

ID=65308625

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811166711.0A Pending CN109344652A (en) 2018-10-08 2018-10-08 A kind of encryption and decryption method and system

Country Status (1)

Country Link
CN (1) CN109344652A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113239380A (en) * 2021-05-21 2021-08-10 杭州弗兰科信息安全科技有限公司 Method and device for protecting file read-write, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103530570A (en) * 2013-09-24 2014-01-22 国家电网公司 Electronic document safety management system and method
US20150033305A1 (en) * 2013-03-15 2015-01-29 Advanced Elemental Technologies, Inc. Methods and systems for secure and reliable identity-based computing
CN106778348A (en) * 2016-12-23 2017-05-31 北京奇虎科技有限公司 A kind of method and apparatus for isolating private data
CN106897611A (en) * 2017-03-03 2017-06-27 金光 Secure virtual mobile applications running environment system and method and application without root authority

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150033305A1 (en) * 2013-03-15 2015-01-29 Advanced Elemental Technologies, Inc. Methods and systems for secure and reliable identity-based computing
CN103530570A (en) * 2013-09-24 2014-01-22 国家电网公司 Electronic document safety management system and method
CN106778348A (en) * 2016-12-23 2017-05-31 北京奇虎科技有限公司 A kind of method and apparatus for isolating private data
CN106897611A (en) * 2017-03-03 2017-06-27 金光 Secure virtual mobile applications running environment system and method and application without root authority

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113239380A (en) * 2021-05-21 2021-08-10 杭州弗兰科信息安全科技有限公司 Method and device for protecting file read-write, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
EP3387813B1 (en) Mobile device having trusted execution environment
CN105391840B (en) Automatically create destination application
JP5924851B2 (en) Multi-issuer secure element partition architecture for NFC-enabled devices
CN105227565B (en) The method and apparatus that anti-reversing for Android system cracks shared object file
CN103946856B (en) Encrypting and deciphering processing method, device and equipment
US20160203087A1 (en) Method for providing security for common intermediate language-based program
CN105678192B (en) A kind of key application method and application apparatus based on smart card
US20210224378A1 (en) Securing Virtual-Machine Software Applications
CN110637301B (en) Reducing disclosure of sensitive data in virtual machines
CN106599629B (en) Android application program reinforcing method and device
US20150095653A1 (en) Method and apparatus of creating application package, method and apparatus of executing application package, and recording medium storing application package
CN111191195A (en) Method and device for protecting APK
CN103765429B (en) The platform secret that digital signature mechanism is relevant
CN107196907B (en) A kind of guard method of Android SO files and device
CN107273723B (en) So file shell adding-based Android platform application software protection method
CN112052433B (en) Virtual protection method, terminal and storage medium for Jar file
Suciu et al. Horizontal privilege escalation in trusted applications
CN107292135A (en) A kind of program code guard method and device
JP6698774B2 (en) Security providing apparatus and method for common intermediate language, and security executing apparatus and method
US8918653B2 (en) Protection of interpreted source code in virtual appliances
CN108985096B (en) Security enhancement and security operation method and device for Android SQLite database
Cooijmans et al. Secure key storage and secure computation in Android
Alendal et al. Chip chop—smashing the mobile phone secure chip for fun and digital forensics
CN109344652A (en) A kind of encryption and decryption method and system
JP6698775B2 (en) Security providing apparatus and method for protecting code of shared object, and security executing apparatus and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190215

RJ01 Rejection of invention patent application after publication