CN109344657B - Privacy risk assessment method and device - Google Patents

Privacy risk assessment method and device Download PDF

Info

Publication number
CN109344657B
CN109344657B CN201811498176.9A CN201811498176A CN109344657B CN 109344657 B CN109344657 B CN 109344657B CN 201811498176 A CN201811498176 A CN 201811498176A CN 109344657 B CN109344657 B CN 109344657B
Authority
CN
China
Prior art keywords
privacy
application
version
evaluated
permission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811498176.9A
Other languages
Chinese (zh)
Other versions
CN109344657A (en
Inventor
贾志军
易珍珍
金虎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN201811498176.9A priority Critical patent/CN109344657B/en
Publication of CN109344657A publication Critical patent/CN109344657A/en
Application granted granted Critical
Publication of CN109344657B publication Critical patent/CN109344657B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Abstract

The embodiment of the application discloses a privacy risk assessment method and device. One embodiment of the method comprises: one or more of the following tests are carried out on the version of the application to be evaluated, and a privacy risk test result of the version of the application to be evaluated is obtained: the consistency of the requirement condition of the privacy authority and the application condition of the privacy authority, the legality of the application version needing to be evaluated using the privacy authority, and the legality of the plug-in associated with the application version needing to be evaluated using the privacy authority; and generating a privacy risk evaluation result of the version of the application needing to be evaluated based on the privacy risk detection result of the version of the application needing to be evaluated. The method and the device have the advantages that the multiple privacy risk conditions of the multiple versions of the application are detected, the safety of the multiple versions of the application in the privacy data of the user is evaluated, the privacy risk evaluation results of the multiple versions of the application are obtained, and therefore the safety of the multiple versions of the application in the privacy data of the user can be known.

Description

Privacy risk assessment method and device
Technical Field
The application relates to the field of computers, in particular to the field of security, and particularly relates to a privacy risk assessment method and device.
Background
Such as privacy risks of applications that illegally obtain the user's private data, not only cause leakage of the user's private data, but also cause many security problems. However, due to the lack of means for evaluating the security of the application in terms of the user's private data, the user cannot know the security of the application in terms of the user's private data.
Disclosure of Invention
The embodiment of the application provides a privacy risk assessment method and device.
In a first aspect, an embodiment of the present application provides a privacy risk assessment method, including: performing one or more of the following tests on the version of the application to be evaluated to obtain a privacy risk detection result of the version of the application to be evaluated: the consistency of the requirement condition of the privacy authority and the application condition of the privacy authority, the legality of the use of the privacy authority of the version needing to be evaluated of the application and the legality of the use of the privacy authority of the plug-in associated with the version needing to be evaluated of the application are forbidden, wherein the privacy authority is the authority for acquiring the privacy data of the user; and generating a privacy risk evaluation result of the version of the application needing to be evaluated based on the privacy risk detection result of the version of the application needing to be evaluated.
In a second aspect, an embodiment of the present application provides a privacy risk assessment apparatus, including: the detection unit is configured to perform one or more of the following detections on the version of the application to be evaluated to obtain a privacy risk detection result of the version of the application to be evaluated: the method comprises the following steps of consistency of a privacy permission requirement condition and a privacy permission application condition, legality of using a privacy permission by a version needing to be evaluated of an application, and legality of using the privacy permission by a plug-in associated with the version needing to be evaluated of the application, wherein the privacy permission is a permission for acquiring privacy data of a user; an evaluation unit configured to generate a privacy risk evaluation result of the version of the application requiring evaluation based on a privacy risk detection result of the version of the application requiring evaluation.
According to the privacy risk assessment method and device provided by the embodiment of the application, the privacy risk detection result of the version of the application needing to be assessed is obtained by performing one or more of the following detections on the version of the application needing to be assessed: the method comprises the following steps of consistency of a privacy permission requirement condition and a privacy permission application condition, legality of using a privacy permission by a version needing to be evaluated of an application, and legality of using the privacy permission by a plug-in associated with the version needing to be evaluated of the application, wherein the privacy permission is a permission for acquiring privacy data of a user; and generating a privacy risk evaluation result of the version of the application needing to be evaluated based on the privacy risk detection result of the version of the application needing to be evaluated. The method and the device have the advantages that the multiple privacy risk conditions of the multiple versions of the application are detected, so that the security of the multiple versions of the application in the privacy data of the user is evaluated, the privacy risk evaluation results of the multiple versions of the application are obtained, and the security of the multiple versions of the application in the privacy data of the user can be known.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 illustrates an exemplary system architecture suitable for use to implement embodiments of the present application;
FIG. 2 illustrates a flow diagram of one embodiment of a privacy risk assessment method according to the present application;
FIG. 3 shows a flow diagram of another embodiment of a privacy risk assessment method according to the present application;
FIG. 4 shows a schematic structural diagram of an embodiment of a privacy risk assessment apparatus according to the present application;
FIG. 5 is a block diagram of a computer system suitable for use in implementing a server according to embodiments of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
FIG. 1 illustrates an exemplary system architecture suitable for use in implementing embodiments of the present application.
As shown in fig. 1, the system architecture may include a terminal 101, a network 102, and a server 103. The network 102 may be a wired network or a wireless network.
The terminal 101 may be a smart device, a smart phone, a tablet computer, or a vehicle-mounted terminal. The terminal 101 may have a monitoring code running thereon, and the monitoring code is used for monitoring operations associated with obtaining the private data, which are executed when the code of the version needing to be evaluated of the application loads the runtime on the terminal 101, and operations associated with obtaining the private data, which are executed when the plug-in associated with the version needing to be evaluated of the application loads the runtime. The monitoring code can be used for determining the privacy authority which can be used by the version needing evaluation of the application and the privacy authority which can be used by the plug-in associated with the version needing evaluation of the application. The plug-in associated with the version of the application requiring evaluation may be referred to as an SDK (Software Development Kit, SDK for short) associated with the version of the application requiring evaluation. The SDK associated with the version of the application that needs to be evaluated may be an SDK provided by the provider of the application or an SDK provided by a third party other than the provider of the application.
The terminal 101 may send the determined privacy permission usable by the version of the application requiring evaluation and the determined privacy permission usable by the SDK associated with the version of the application requiring evaluation to the server 103, so that the server 103 may determine the privacy permission usable by the version of the application requiring evaluation and the privacy permission usable by the SDK associated with the version of the application requiring evaluation.
The server 103 may obtain data related to evaluating privacy risks of the version of the application that needs to be evaluated, such as an installation package of the version of the application that needs to be evaluated, from a server storing installation packages of the versions of the application. The server 103 may analyze the data related to the evaluation of the privacy risk to obtain information related to the evaluation of the privacy risk, such as all privacy permissions of the version application of the application that needs to be evaluated.
The server 103 may detect whether a privacy risk condition exists in the version of the application that needs to be evaluated according to the privacy permission available to the version of the application that needs to be evaluated, the privacy permission available to the SDK associated with the version of the application that needs to be evaluated, and the information related to evaluating privacy risk, and obtain a privacy risk evaluation result of the version of the application that needs to be evaluated. The server 103 may provide the privacy risk assessment results for the version of the application that needs to be assessed to the user of the application. The server 103 may provide the privacy risk assessment results of the version of the application that needs to be assessed to relevant personnel, such as a security engineer.
It should be understood that the number of terminals 101, servers 103 is exemplary. In the application, privacy risk assessment can be performed on any version to be assessed of any application to be assessed to obtain a privacy risk assessment result, and the privacy risk assessment result is provided to relevant personnel such as a security engineer, so that the relevant personnel such as the security engineer can know the security of the version to be assessed of the application in the aspect of the privacy data of the user.
Referring to fig. 2, a flow diagram of one embodiment of a privacy risk assessment method according to the present application is shown. The method comprises the following steps:
step 201, one or more tests are performed on the version of the application that needs to be evaluated.
In this embodiment, the privacy authority is an authority to acquire the privacy data of the user of the application. Each privacy permission may correspond to a respective privacy data type.
For example, the private data types of the private data of the user of the application include: the types of contact information, telephone numbers, short message/multimedia message information and the like of the users, and the privacy authority comprises the following steps: the authority of acquiring the contact information of the user, the authority of acquiring the telephone number, the authority of acquiring the short message/multimedia message information and the like.
In this embodiment, the version of the application that needs to be evaluated is not characterized by a certain version, and any one version of the application that needs to be evaluated for privacy risk may be referred to as the version that needs to be evaluated.
In this embodiment, the usable privacy authority may be equivalent to the privacy data of the privacy data type corresponding to the acquirable privacy authority. The code loading runtime of a version of an application to be evaluated may obtain the privacy data of the privacy data type corresponding to a privacy authority, and may refer to the version of the application to be evaluated as the version of the application to be evaluated may use the privacy authority.
For example, the application is an APP running on an Android operating system, and when it is determined that a code loading run of a version of the APP to be evaluated can acquire private data of a private data type corresponding to a privacy authority, it may be determined that the version of the APP to be evaluated can use the privacy authority.
In this embodiment, the plug-in associated with the version of the application requiring evaluation may be referred to as an SDK associated with the version of the application requiring evaluation. The SDK associated with the version of the application that needs to be evaluated may be an SDK provided by the provider of the application or an SDK provided by a third party other than the provider of the application.
In the embodiment, when the privacy risk of the version of the application needing to be evaluated is evaluated, the version of the application needing to be evaluated can be detected to be consistent with the application condition of the privacy authority, the legality of the version of the application needing to be evaluated using the privacy authority, and the legality of the SDK associated with the version of the application needing to be evaluated using the privacy authority.
The code of the SDK associated with the version of the application requiring evaluation is loaded and run at the code loading runtime of the version of the application requiring evaluation. For example, one application is an APP running on an Android operating system, and for one version of the APP to be evaluated, one SDK associated with the version to be evaluated is an SDK used for pushing advertisements to users. The SDK may load and run when the code of the version of the APP that needs to be evaluated loads and runs, and the SDK may obtain the advertisement pushed to the APP from the server and present the advertisement to the user in the interface of the APP. In this embodiment, the privacy authority requirement condition of the version of the application to be evaluated indicates all privacy authorities required by the version of the application to be evaluated, and the privacy authority application condition of the application indicates all privacy authorities applied by the version of the application to be evaluated.
In this embodiment, the file that records the privacy authority of the version application that needs to be evaluated of the application may be analyzed to obtain all privacy authorities of the version application that needs to be evaluated of the application.
In this embodiment, the operation analysis associated with obtaining the private data, which is performed when the code of the version of the application that needs to be evaluated is loaded and run, may be performed to determine the privacy authority that can be used by the version of the application that needs to be evaluated, and the determined privacy authority that can be used by the version of the application that needs to be evaluated is regarded as the privacy authority that needs by the version of the application that needs to be evaluated. The privacy authority applied by the version of the application needing evaluation is also regarded as the privacy authority needed by the version of the application needing evaluation.
In this embodiment, the condition that the privacy authority requirement of the application is inconsistent with the application condition of the privacy authority of the application includes: the version of the application that needs to be evaluated may use privacy permissions other than all of the privacy permissions applied for the version of the application that needs to be evaluated.
For example, the application is an APP running on an Android operating system, and for a version of the APP that needs to be evaluated, when it is determined that the version of the APP that needs to be evaluated can use privacy permissions other than the privacy permissions applied by all the versions of the APP that need to be evaluated, it can be detected that the situation of the privacy permission requirement of the version of the APP that needs to be evaluated is inconsistent with the situation of the privacy permission application exists.
In this embodiment, when the detection of the validity of the version of the application that needs to be evaluated to use the privacy authority is performed, it may be detected whether the version of the application that needs to be evaluated can use the privacy authority that is prohibited from being used by the version of the application that needs to be evaluated. Any privacy permission that is prohibited from being used by the version of the application that needs to be evaluated may be referred to as a first disabled privacy permission. When it is detected that the version of the application which needs to be evaluated can use the first disabled privacy authority, a detection result of validity of the version use privacy authority of the application which needs to be evaluated can be determined to be that the version use privacy authority of the application which needs to be evaluated is illegal, and when it is not detected that the version of the application which needs to be evaluated can use the first disabled privacy authority, a detection result of validity of the version use privacy authority of the application which needs to be evaluated can be determined to be that the version use privacy authority of the application which needs to be evaluated is legal.
For example, an application is an APP running on an Android operating system, and the latest version of the APP and the last version of the latest version of the APP are both versions of the APP that need to be evaluated. In the latest version of APP, a privacy authority is prohibited from being applied and used in order to protect the user's private data. However, since the privacy authority that is prohibited from being applied and used in the latest version of the APP is already applied and authorized in the installation process of the latest version of the APP, the privacy authority that is prohibited from being applied and used in the latest version of the APP can still be used in the loading and running of the code of the latest version of the APP, and at this time, it can be detected that the risk situation that the privacy authority that is prohibited from being used in the version that needs to be evaluated exists in the latest version of the APP exists.
In this embodiment, the code loading runtime of an SDK associated with the version of the application that needs to be evaluated may obtain the privacy data of the privacy data type corresponding to a privacy authority, which may be referred to as that the SDK associated with the version of the application that needs to be evaluated may use the privacy authority.
For example, the application is an APP running on an Android operating system, and the code of the SDK associated with the version of the APP that needs to be evaluated is loaded and run when the code of the version of the APP that needs to be evaluated loads and runs. When it is determined that the code loading runtime of the SDK associated with the version of the APP that needs to be evaluated can obtain the privacy data of the privacy data type corresponding to one privacy permission, it may be determined that the SDK associated with the version of the APP that needs to be evaluated can use the privacy permission.
In this embodiment, when performing the detection of the validity of the SDK usage privacy authority associated with the version of the application that needs to be evaluated, it may be detected whether the SDK associated with the version of the application that needs to be evaluated can use the privacy authority that prohibits the SDK associated with the version of the application that needs to be evaluated from using. Any privacy permission that prohibits use of the SDK associated with the version of the application that needs to be evaluated may be referred to as a second disabled privacy permission.
When it is detected that the SDK associated with the version of the application requiring evaluation may use the second disabled privacy permission, it may be determined that the detection result of the validity of the SDK usage privacy permission associated with the version of the application requiring evaluation is that the SDK usage privacy permission associated with the version of the application requiring evaluation is illegal, and when it is not detected that the SDK associated with the version of the application requiring evaluation may use the second disabled privacy permission, the detection result of the validity of the SDK usage privacy permission associated with the version of the application requiring evaluation is legal for the SDK usage privacy permission associated with the version of the application requiring evaluation.
In this embodiment, the privacy permissions that the SDK associated with the version of the application that needs to be evaluated may use to prohibit use by the SDK associated with the version of the application that needs to be evaluated include: the SDK associated with the version of the application that needs to be evaluated may use the privacy permissions that prohibit use by the SDK associated with the version of the application that needs to be evaluated from among all privacy permissions applied for by the version of the application that needs to be evaluated.
For example, an application is an APP running on an Android operating system, and the SDK associated with the version of the APP that needs to be evaluated should not obtain any type of privacy data, that is, the SDK associated with the version of the APP that needs to be evaluated should not use any privacy permission of all privacy permissions applied by the version of the APP that needs to be evaluated. When it is detected that the SDK associated with the version of the APP that needs to be evaluated can obtain the privacy data of at least one privacy data type, that is, when the SDK associated with the version of the APP that needs to be evaluated can use at least one privacy right, it may be detected that the version of the APP that needs to be evaluated has a privacy right that the SDK associated with the version of the APP that needs to be evaluated can use prohibited from using.
In this embodiment, the privacy risk detection result may include one or more of the following: the method comprises the following steps of obtaining a detection result corresponding to the consistency of a privacy authority requirement condition and a privacy authority application condition, obtaining a detection result corresponding to the validity of the privacy authority used by the version needing to be evaluated of the application, and obtaining a detection result corresponding to the validity of the privacy authority used by the SDK associated with the version needing to be evaluated of the application. The detection result corresponding to the consistency of the privacy authority requirement condition and the privacy authority application condition comprises one of the following: the requirement condition of the privacy authority is consistent with the application condition of the privacy authority, and the requirement condition of the privacy authority is inconsistent with the application condition of the privacy authority. The detection result corresponding to the validity of the version use privacy authority of the application needing to be evaluated comprises one of the following steps: the version of the application needing to be evaluated uses the privacy authority legally, and the version of the application needing to be evaluated uses the privacy authority illegally. The detection result corresponding to the validity of the SDK usage privacy authority associated with the version of the application that needs to be evaluated comprises one of: the SDK associated with the version of the application requiring evaluation uses privacy permissions legitimately and the SDK associated with the version of the application requiring evaluation uses privacy permissions ineligibly.
And 202, generating a privacy risk evaluation result of the version of the application needing evaluation.
In this embodiment, after obtaining the privacy risk detection result of the version of the application that needs to be evaluated, the privacy risk evaluation result of the version of the application that needs to be evaluated may be generated. The privacy risk assessment result of the version of the application needing to be assessed comprises the following steps: the information comprises indication information indicating whether the privacy authority requirement condition is consistent with the privacy authority application condition, indication information indicating whether the version usage privacy authority of the application needing to be evaluated is legal, and indication information indicating whether the SDK usage privacy authority associated with the version of the application needing to be evaluated is legal.
For example, the application is an APP running on an Android operating system, and after a privacy risk assessment result of a version of the APP to be assessed is generated, the privacy risk assessment result of the version of the APP to be assessed may be provided to relevant people such as a security engineer. The privacy risk assessment result of the to-be-assessed version of the APP includes: the information comprises indication information indicating whether the privacy permission requirement condition of the version of the APP needing to be evaluated is consistent with the privacy permission application condition, indication information indicating whether the version of the APP needing to be evaluated is legal to use the privacy permission, and indication information indicating whether the SDK associated with the version of the APP needing to be evaluated is legal to use the privacy permission.
In this embodiment, after generating the privacy risk assessment result of the version of the application that needs to be assessed, the privacy risk assessment result of the version of the application that needs to be assessed may be provided to relevant personnel, such as a security engineer.
In this embodiment, any situation that causes the situation of the requirement of the privacy authority to be inconsistent with the situation of the application of the privacy authority, the situation that the version of the application that needs to be evaluated uses the privacy authority illegally, and the situation that the SDK associated with the version of the application that needs to be evaluated uses the privacy authority illegally can be referred to as a privacy risk situation. When a privacy risk condition is detected, the privacy risk assessment result may further include information describing the detected privacy risk condition.
Referring to fig. 3, a flow diagram of another embodiment of a privacy risk assessment method according to the present application is shown. The method comprises the following steps:
step 301, one or more items of detection are performed on the version of the application that needs to be evaluated by detecting whether there is a situation associated with the detected item.
In the embodiment, when the privacy risk of the version of the application needing to be evaluated is evaluated, the version of the application needing to be evaluated can be detected to be consistent with the application condition of the privacy authority, the legality of the version of the application needing to be evaluated using the privacy authority, and the legality of the SDK associated with the version of the application needing to be evaluated using the privacy authority.
In the embodiment, the consistency between the privacy authority requirement condition of the version needing to be evaluated of the application and the privacy authority application condition is determined by detecting whether one or more of the following conditions exist in the version needing to be evaluated of the application: all privacy permissions applied by the version of the application needing to be evaluated comprise unused privacy permissions, and the version of the application needing to be evaluated can use the unused privacy permissions of the version of the application needing to be evaluated.
In this embodiment, when detecting the consistency between the privacy authority requirement condition and the privacy authority application condition, the condition that needs to be detected may be one or more of the conditions that all the privacy authorities applied by the version that needs to be evaluated of the application include unused privacy authorities, the version that needs to be evaluated of the application may use the privacy authorities that do not apply by the version that needs to be evaluated of the application, and the like. When the condition needing to be detected is one, and when the condition needing to be detected exists in the version needing to be evaluated of the application, the condition that the privacy authority requirement of the version needing to be evaluated of the application is inconsistent with the condition that the privacy authority application of the version needing to be evaluated of the application can be determined. When a plurality of conditions needing to be detected exist, and when any condition of the versions needing to be evaluated of the application is detected, the condition that the privacy authority requirement of the versions needing to be evaluated of the application is inconsistent with the condition that the privacy authority application of the versions needing to be evaluated of the application is determined.
In this embodiment, the file that records the privacy authority of the version application that needs to be evaluated of the application may be analyzed to obtain all privacy authorities of the version application that needs to be evaluated of the application.
In this embodiment, the code of the installation package of the version of the application that needs to be evaluated may be analyzed to determine all privacy authorities that can be used by the version of the application that needs to be evaluated. Which may also be referred to as performing static code analysis, determines the privacy permissions that the version of the application that needs to be evaluated may use.
For example, the application is an APP running on an Android operating system, and all privacy authorities of the APP application are determined in advance by analyzing an Android manifest. A third-party SDK feature library, an Android system permission knowledge library and a permission-API feature library can be constructed in advance. Each information item in the third party SDK feature repository may contain an identification of an SDK and an identification of privacy rights that the SDK may use. Each information item in the Android system permission knowledge base can contain an identifier of a permission in the Android system. Each information item in the permission-API feature library comprises an identifier of a permission in an Android system and an identifier of an API called when the permission is used. When the code of the installation package of the version needing to be evaluated of the application is analyzed, all privacy authorities which can be used by the version needing to be evaluated of the application can be determined by combining a third-party SDK characteristic library, an Android system authority knowledge library and an authority-API characteristic library.
In this embodiment, the execution condition of the code when the code of the version of the application that needs to be evaluated is loaded and run can be monitored, and the privacy permission used by the version of the application that needs to be evaluated is determined, so that the use condition of the privacy permission of the version of the application that needs to be evaluated is determined.
In this embodiment, the unused privacy authority of all privacy authorities of the version application that needs to be evaluated of the application may be referred to as a redundant privacy authority. According to the determined privacy permission application condition and the version privacy permission use condition of the application which needs to be evaluated, whether the version of the application which needs to be evaluated has the condition that at least part of privacy permissions in all applied privacy permissions are not used can be detected. In other words, whether all privacy authorities of the version application needing to be evaluated of the application contain redundant privacy authorities can be detected according to the determined privacy authority application condition and the version privacy authority use condition needing to be evaluated of the application.
In this embodiment, the unused privacy authority of all privacy authorities of the version application requiring evaluation of the application may be a privacy elimination-due authority that is not required to be used in the version application requiring evaluation of the application, and the privacy elimination-due authority is determined to be a privacy elimination-due authority based on the function associated with the privacy elimination-due authority being eliminated.
For example, the application is an APP running on an Android operating system, for the latest version, which is the version needing evaluation, a function of the last version is removed from the latest version of the APP, the function removed from the latest version of the APP may use a privacy authority, and the function removed from the latest version of the APP may use a privacy authority as the privacy authority that should be removed. In the latest version of the APP, there is no need to reuse the privacy permissions that are available for the function that was removed in the latest version of the APP. When the APP is upgraded to the latest version from the last version, directly defaulting that the latest version of the APP applies for all privacy authorities of the last version application. Because the latest version of the APP can not use the function removed from the latest version of the APP when the latest version of the APP is loaded and run, it can be detected that all privacy permissions applied by the latest version of the APP include the privacy permission that should be removed and that the privacy permission that should not be used in the version of the APP that needs to be evaluated is included.
In this embodiment, the privacy permissions prohibiting use of the version of the application that needs to be evaluated may be associated with a version upgrade of the operating system. The privacy authority of the version-prohibited use of the application, which needs to be evaluated, is determined as prohibited due to a version upgrade of an operating system associated with the application.
In the embodiment, the validity of the version of the application needing to be evaluated using the privacy authority is determined by detecting whether one or more of the following conditions exist in the version of the application needing to be evaluated: the version of the application needing evaluation applies for a privacy permission prohibiting the version of the application needing evaluation from using, and the version of the application needing evaluation can use the privacy permission prohibiting the version of the application needing evaluation from using.
In this embodiment, when detecting the validity of the privacy authority used by the version of the application that needs to be evaluated, the condition that needs to be detected may be one or more of a condition that the privacy authority used by the version of the application that needs to be evaluated is prohibited, a condition that the privacy authority used by the version of the application that needs to be evaluated can be prohibited, and the like. When the condition needing to be detected is one, when the condition needing to be detected exists in the version needing to be evaluated of the application, the fact that the version needing to be evaluated of the application uses the privacy authority can be determined to be illegal. When a plurality of situations needing to be detected exist, when any situation of the versions of the application needing to be evaluated is detected, and when the situations that the versions of the application needing to be evaluated exist, the privacy permission of the versions of the application needing to be evaluated are detected, the fact that the privacy permission is used is determined to be illegal.
For example, the application is an APP running on an Android operating system. And upgrading the Android operating system version, taking safety consideration into account, and applying and using all versions needing to be evaluated of the applications of all third parties with certain privacy authorities. Whether the APP applies for the privacy permission prohibited from being used or not and whether the APP can use the privacy permission prohibited from being used or not can be detected.
In this embodiment, the validity of the privacy permissions used by the plug-ins associated with the versions of the application that need to be evaluated is determined by detecting whether one or more of the following conditions exist: the SDK associated with the version of the application needing evaluation can use the privacy permission which forbids the SDK associated with the version of the application needing evaluation from being used in the privacy permission applied by the version of the application needing evaluation, and the SDK associated with the version of the application needing evaluation can use the privacy permission which is not applied by the version of the application needing evaluation. The condition needing to be detected can be one or more of the conditions that the SDK associated with the version needing to be evaluated of the application can use the privacy authority applied by the version needing to be evaluated, the privacy authority used by the SDK associated with the version needing to be evaluated of the application is forbidden, the SDK associated with the version needing to be evaluated of the application can use the privacy authority not applied by the version needing to be evaluated of the application, and the like. When the detection-needed condition is one, when the detection-needed condition is detected, the plug-in associated with the version of the application needing evaluation can be determined to be illegal to use the privacy authority. When a plurality of situations needing to be detected exist, when any situation exists, and when the situation that the detection is needed exists in the version needing to be evaluated of the application is detected, the fact that the plug-in associated with the version needing to be evaluated of the application uses the privacy authority can be determined to be illegal.
In this embodiment, whether the SDK associated with the version of the application that needs to be evaluated can use the privacy permission that prohibits the SDK associated with the version of the application that needs to be evaluated from being used in the privacy permission that the version of the application that needs to be evaluated applies for, and whether the SDK associated with the version of the application that needs to be evaluated can use the privacy permission that the version of the application that needs to be evaluated does not apply for, may be respectively detected.
And step 302, generating a privacy risk assessment result of the version of the application needing to be assessed.
In this embodiment, after obtaining the privacy risk detection result of the version of the application that needs to be evaluated, the privacy risk evaluation result of the version of the application that needs to be evaluated may be generated. The privacy risk assessment result of the version of the application needing to be assessed comprises the following steps: the information comprises indication information indicating whether the privacy authority requirement condition is consistent with the privacy authority application condition, indication information indicating whether the version usage privacy authority of the application needing to be evaluated is legal, and indication information indicating whether the SDK usage privacy authority associated with the version of the application needing to be evaluated is legal.
For example, the application is an APP running on an Android operating system, and after a privacy risk assessment result of a version of the APP to be assessed is generated, the privacy risk assessment result of the version of the APP to be assessed may be provided to relevant people such as a security engineer. The privacy risk assessment result of the version of the application needing to be assessed comprises: the information comprises indication information indicating whether the privacy permission requirement condition of the version of the APP needing to be evaluated is consistent with the privacy permission application condition, indication information indicating whether the version of the APP needing to be evaluated is legal to use the privacy permission, and indication information indicating whether the SDK associated with the version of the APP needing to be evaluated is legal to use the privacy permission.
Referring to fig. 4, as an implementation of the methods shown in the above-mentioned figures, the present application provides an embodiment of a privacy risk assessment apparatus, which corresponds to the method embodiment shown in fig. 2. The specific implementation of the corresponding operations that the respective units in the apparatus are configured to perform may refer to the specific implementation of the corresponding operations described in the method embodiments.
As shown in fig. 4, the privacy risk assessment apparatus of the present embodiment includes: a detection unit 401 and an evaluation unit 402. The detection unit 401 is configured to perform one or more of the following detections on the version of the application that needs to be evaluated, so as to obtain a privacy risk detection result of the version of the application that needs to be evaluated: the method comprises the following steps of consistency of a privacy permission requirement condition and a privacy permission application condition, legality of using a privacy permission by a version needing to be evaluated of an application, and legality of using the privacy permission by a plug-in associated with the version needing to be evaluated of the application, wherein the privacy permission is a permission for acquiring privacy data of a user; the evaluation unit 402 is configured to generate a privacy risk evaluation result of the version of the application requiring evaluation based on the privacy risk detection result of the version of the application requiring evaluation.
In some optional implementations of this embodiment, the consistency between the privacy authority requirement condition of the version of the application that needs to be evaluated and the privacy authority application condition is determined by detecting whether one or more of the following conditions exist in the version of the application that needs to be evaluated: all applied privacy authorities include unused privacy authorities and unapplied privacy authorities that can be used.
In some optional implementations of this embodiment, the unused privacy permission in all privacy permissions of the application is a privacy removal permission that is not required to be used in the version that needs to be evaluated, and the privacy removal permission is determined as a privacy removal permission based on the function associated with the privacy removal permission being removed.
In some optional implementations of the embodiment, the validity of the version of the application requiring evaluation for using the privacy authority is determined by detecting whether one or more of the following conditions exist in the version of the application requiring evaluation: applying for a first disabled privacy permission, the first disabled privacy permission may be used, wherein the first disabled privacy permission is determined to be disabled due to a version upgrade of an operating system associated with the application.
In some optional implementations of the embodiment, the validity of the use of the privacy privilege by the plug-in associated with the version of the application that needs to be evaluated is determined by detecting whether one or more of the following conditions exist: the plug-in can use a second forbidden privacy permission, and the plug-in can use the non-applied privacy permission of the version of the application which needs to be evaluated, wherein the second forbidden privacy permission is the privacy permission which is forbidden to be used by the plug-in the privacy permission applied by the version of the application which needs to be evaluated.
In some optional implementations of this embodiment, the privacy risk assessment apparatus further includes: the obtaining unit is configured to analyze the code of the installation package of the version of the application needing to be evaluated, and obtain associated information required for detecting one or more of the following items of detection of the version of the application needing to be evaluated, wherein the associated information comprises: the identification of the privacy authority applied by the version of the application needing to be evaluated and the identification of the privacy authority usable by the version of the application needing to be evaluated.
FIG. 5 illustrates a schematic diagram of a computer system suitable for use in implementing a server according to embodiments of the present application.
As shown in fig. 5, the computer system includes a Central Processing Unit (CPU)501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the computer system are also stored. The CPU501, ROM 502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506; an output portion 507; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. A drive 510 is also connected to the I/O interface 505 as needed. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, the processes described in the embodiments of the present application may be implemented as computer programs. For example, embodiments of the present application include a computer program product comprising a computer program carried on a computer readable medium, the computer program comprising instructions for carrying out the method illustrated in the flow chart. The computer program can be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program performs the above-described functions defined in the method of the present application when executed by the Central Processing Unit (CPU) 501.
The present application also provides a server, which may be configured with one or more processors; a memory for storing one or more programs, the one or more programs may include instructions for performing the operations described in the above embodiments. The one or more programs, when executed by the one or more processors, cause the one or more processors to perform the instructions of the operations described in the above embodiments.
The present application also provides a computer readable medium, which may be included in a server; or the device can exist independently and is not assembled into the server. The computer readable medium carries one or more programs which, when executed by the server, cause the server to perform the operations described in the above embodiments.
It should be noted that the computer readable medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may include, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with a message execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with a message execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable messages for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer messages.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be understood by those skilled in the art that the scope of the invention herein referred to is not limited to the technical embodiments with the specific combination of the above technical features, but also encompasses other technical embodiments with any combination of the above technical features or their equivalents without departing from the inventive concept. For example, technical embodiments formed by replacing the above-mentioned features with (but not limited to) technical features having similar functions disclosed in the present application.

Claims (12)

1. A privacy risk assessment method, comprising:
the following detection is carried out on the version of the application needing to be evaluated to obtain a privacy risk detection result of the version of the application needing to be evaluated: the method comprises the following steps of consistency of a privacy permission requirement condition and a privacy permission application condition, legality of using a privacy permission by a version needing to be evaluated of an application, and legality of using the privacy permission by a plug-in associated with the version needing to be evaluated of the application, wherein the privacy permission is a permission for acquiring privacy data of a user; the legitimacy of the use privacy permission is related to a forbidden privacy permission, the forbidden privacy permission is related to version upgrade of an operating system related to the application, and the forbidden privacy permission is determined to be forbidden due to the version upgrade of the operating system related to the application;
generating a privacy risk evaluation result of the version of the application needing to be evaluated based on the privacy risk detection result of the version of the application needing to be evaluated;
the consistency between the privacy authority requirement condition of the version needing to be evaluated of the application and the privacy authority application condition is determined by detecting whether one or more of the following conditions exist in the version needing to be evaluated of the application: all applied privacy authorities include unused privacy authorities and unapplied privacy authorities that can be used.
2. The method of claim 1, an unused privacy permission of all privacy permissions of the application being a de-privately-permitted permission that is not required for use in a version of the application requiring evaluation, the de-privately-permitted permission being determined to be de-privately-permitted based on a function associated with the de-privately-permitted being removed.
3. The method of claim 2, wherein the validity of the version of the application requiring evaluation for use of the privacy privileges is determined by detecting whether one or more of the following conditions exist for the version of the application requiring evaluation: applying for a first disabled privacy permission, the first disabled privacy permission may be used, wherein the first disabled privacy permission is determined to be disabled due to a version upgrade of an operating system associated with the application.
4. The method of claim 3, the validity of the plug-in usage privacy permissions associated with the version of the application that needs to be evaluated is determined by detecting whether one or more of the following conditions exist: the plug-in can use a second forbidden privacy permission, and the plug-in can use the non-applied privacy permission of the version of the application which needs to be evaluated, wherein the second forbidden privacy permission is the privacy permission which is forbidden to be used by the plug-in the privacy permission applied by the version of the application which needs to be evaluated.
5. The method according to one of claims 1-4, the method further comprising:
analyzing the code of the installation package of the version of the application needing to be evaluated to obtain associated information required for detecting one or more of the following items of detection on the version of the application needing to be evaluated, wherein the associated information comprises: the identification of the privacy authority applied by the version of the application needing to be evaluated and the identification of the privacy authority usable by the version of the application needing to be evaluated.
6. A privacy risk assessment apparatus, comprising:
the detection unit is configured to perform one or more of the following detections on the version of the application to be evaluated to obtain a privacy risk detection result of the version of the application to be evaluated: the method comprises the following steps of consistency of a privacy permission requirement condition and a privacy permission application condition, legality of using a privacy permission by a version needing to be evaluated of an application, and legality of using the privacy permission by a plug-in associated with the version needing to be evaluated of the application, wherein the privacy permission is a permission for acquiring privacy data of a user; the validity of the use privacy authority is related to the forbidden privacy authority, the forbidden privacy authority is related to the version upgrade of the operating system related to the application, and the forbidden privacy authority is determined to be forbidden due to the version upgrade of the operating system related to the application;
an evaluation unit configured to generate a privacy risk evaluation result of the version of the application requiring evaluation based on a privacy risk detection result of the version of the application requiring evaluation;
the consistency between the privacy authority requirement condition of the version needing to be evaluated of the application and the privacy authority application condition is determined by detecting whether one or more of the following conditions exist in the version needing to be evaluated of the application: all applied privacy authorities include unused privacy authorities and unapplied privacy authorities that can be used.
7. The apparatus of claim 6, an unused privacy permission of all privacy permissions of the application being a de-privately-permitted permission that is not required for use in the version that needs to be evaluated, the de-privately-permitted permission being determined as a de-privately-permitted based on a function associated with the de-privately-permitted being removed.
8. The apparatus of claim 7, the validity of the version of the application requiring evaluation using the privacy privileges is determined by detecting whether one or more of the following conditions exist for the version of the application requiring evaluation: applying for a first disabled privacy permission, the first disabled privacy permission may be used, wherein the first disabled privacy permission is determined to be disabled due to a version upgrade of an operating system associated with the application.
9. The apparatus of claim 8, the validity of the plug-in usage privacy permissions associated with a version of an application that needs to be evaluated is determined by detecting whether one or more of the following: the plug-in can use a second forbidden privacy permission, and the plug-in can use the non-applied privacy permission of the version of the application which needs to be evaluated, wherein the second forbidden privacy permission is the privacy permission which is forbidden to be used by the plug-in the privacy permission applied by the version of the application which needs to be evaluated.
10. The apparatus according to one of claims 6-9, the apparatus further comprising:
the obtaining unit is configured to analyze a code of an installation package of the version of the application needing to be evaluated, and obtain associated information required for detecting one or more of the following items of the version of the application needing to be evaluated, wherein the associated information comprises: the identification of the privacy authority applied by the version of the application needing to be evaluated and the identification of the privacy authority usable by the version of the application needing to be evaluated are obtained.
11. A server, comprising:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method recited in any of claims 1-5.
12. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-5.
CN201811498176.9A 2018-12-07 2018-12-07 Privacy risk assessment method and device Active CN109344657B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811498176.9A CN109344657B (en) 2018-12-07 2018-12-07 Privacy risk assessment method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811498176.9A CN109344657B (en) 2018-12-07 2018-12-07 Privacy risk assessment method and device

Publications (2)

Publication Number Publication Date
CN109344657A CN109344657A (en) 2019-02-15
CN109344657B true CN109344657B (en) 2022-09-13

Family

ID=65303395

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811498176.9A Active CN109344657B (en) 2018-12-07 2018-12-07 Privacy risk assessment method and device

Country Status (1)

Country Link
CN (1) CN109344657B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110505348B (en) * 2019-08-27 2020-10-09 烟台中科网络技术研究所 Risk assessment method for APP collection of user personal sensitive information
CN111221733A (en) * 2020-01-06 2020-06-02 北京小米移动软件有限公司 Information processing method and device, mobile terminal and storage medium
WO2021174541A1 (en) * 2020-03-06 2021-09-10 深圳市欢太科技有限公司 Privacy security assessment method and apparatus, server, and storage medium
CN112230935B (en) * 2020-11-03 2022-07-01 支付宝(杭州)信息技术有限公司 Privacy risk detection method, device and equipment in application
CN113139186A (en) * 2021-04-14 2021-07-20 北京开元华创信息技术有限公司 Personal information security audit evaluation system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104346566A (en) * 2013-07-31 2015-02-11 腾讯科技(深圳)有限公司 Method, device, terminal, server and system for detecting privacy authority risks
CN105117544A (en) * 2015-08-21 2015-12-02 李涛 Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing
CN106407838A (en) * 2016-09-21 2017-02-15 乐视控股(北京)有限公司 A memo information management method and device
CN106529274A (en) * 2016-10-26 2017-03-22 努比亚技术有限公司 Terminal and information security protection method thereof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9729583B1 (en) * 2016-06-10 2017-08-08 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104346566A (en) * 2013-07-31 2015-02-11 腾讯科技(深圳)有限公司 Method, device, terminal, server and system for detecting privacy authority risks
CN105117544A (en) * 2015-08-21 2015-12-02 李涛 Android platform App risk assessment method based on mobile cloud computing and Android platform App risk assessment device based on mobile cloud computing
CN106407838A (en) * 2016-09-21 2017-02-15 乐视控股(北京)有限公司 A memo information management method and device
CN106529274A (en) * 2016-10-26 2017-03-22 努比亚技术有限公司 Terminal and information security protection method thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于有向信息流的Android隐私泄露类恶意应用检测方法;吴敬征等;《中国科学院大学学报》;20151115(第06期);全文 *

Also Published As

Publication number Publication date
CN109344657A (en) 2019-02-15

Similar Documents

Publication Publication Date Title
CN109344657B (en) Privacy risk assessment method and device
CN109598127B (en) Privacy risk assessment method and device
KR101402057B1 (en) Analyzing system of repackage application through calculation of risk and method thereof
US20200014734A1 (en) Method and system for application security evaluation
Arslan et al. Permission-based malware detection system for android using machine learning techniques
US9141801B2 (en) Apparatus and method for analyzing permission of application for mobile devices and detecting risk
KR101214893B1 (en) Apparatus and method for detecting similarity amongf applications
CN108763951B (en) Data protection method and device
CN109598146B (en) Privacy risk assessment method and device
KR101277517B1 (en) Apparatus and method for detecting falsified application
CN112115473A (en) Method for security detection of Java open source assembly
CN111353143A (en) Sensitive authority detection method and device and storage medium
CN112231702A (en) Application protection method, device, equipment and medium
CN111159712B (en) Detection method, device and storage medium
CN106407815B (en) Vulnerability detection method and device
Seghir et al. Evicheck: Digital evidence for android
CN114637675A (en) Software evaluation method and device and computer readable storage medium
CN113342660A (en) File testing method, device, system, electronic equipment and readable storage medium
CN113254837A (en) Application program evaluation method, device, system, equipment and medium
CN108280343B (en) Method, device and system for detecting application security in android environment
Cam et al. Detect repackaged android applications by using representative graphs
KR20150133038A (en) Method and apparatus for detecting illegally copied application
CN109409038A (en) A kind of dynamic link library file cracks risk checking method and device
CN108256320B (en) Dynamic detection method, device, equipment and storage medium for differential domain
CN110929233B (en) Information processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant