CN110851881A - Security detection method and device for terminal equipment, electronic equipment and storage medium - Google Patents

Security detection method and device for terminal equipment, electronic equipment and storage medium Download PDF

Info

Publication number
CN110851881A
CN110851881A CN201911056600.9A CN201911056600A CN110851881A CN 110851881 A CN110851881 A CN 110851881A CN 201911056600 A CN201911056600 A CN 201911056600A CN 110851881 A CN110851881 A CN 110851881A
Authority
CN
China
Prior art keywords
account
input
terminal equipment
user
terminal device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911056600.9A
Other languages
Chinese (zh)
Other versions
CN110851881B (en
Inventor
张伟超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Oppo Communication Technology Co Ltd
Original Assignee
Chengdu Oppo Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Oppo Communication Technology Co Ltd filed Critical Chengdu Oppo Communication Technology Co Ltd
Priority to CN201911056600.9A priority Critical patent/CN110851881B/en
Publication of CN110851881A publication Critical patent/CN110851881A/en
Application granted granted Critical
Publication of CN110851881B publication Critical patent/CN110851881B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The disclosure provides a security detection method and device for terminal equipment, electronic equipment and a storage medium, and relates to the technical field of terminals. The method comprises the following steps: acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; when the safety information is acquired, prompting a user to input an account of the terminal equipment; acquiring an input account input by a user; determining whether the input account number is consistent with an account number of the terminal equipment; and when the input account is determined to be inconsistent with the account of the terminal equipment, continuing to prompt the user to input the account of the terminal equipment. The method can perform security detection on the terminal equipment based on the security information stored in the RPMB partition of the terminal equipment, and ensure that the terminal equipment is used safely.

Description

Security detection method and device for terminal equipment, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of terminal technologies, and in particular, to a method and an apparatus for security detection of a terminal device, an electronic device, and a storage medium.
Background
With the continuous development of terminal equipment (such as smart phones, tablet computers and the like), the learning, life and entertainment of people are greatly facilitated by more and more functions, people rely on the terminal equipment more and more, and a great amount of user data and privacy information can be stored in the terminal equipment.
But may be lost or stolen during the use of the terminal device. The lost or stolen terminal device may be used continuously by people through ways of flashing, recovering factory settings and the like. And possibly after the system is continuously used, data and privacy information stored by a user before are recovered through some software, so that great potential safety hazards are brought to the user.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure is directed to a method and an apparatus for security detection of a terminal device, an electronic device, and a storage medium, which overcome, at least to some extent, the problem that the terminal device cannot be safely used due to the limitations of the related art.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to an aspect of the present disclosure, there is provided a security detection method for a terminal device, including: acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; when the safety information is acquired, prompting a user to input an account of the terminal equipment; acquiring an input account input by a user; determining whether the input account number is consistent with an account number of the terminal equipment; and when the input account is determined to be inconsistent with the account of the terminal equipment, continuing to prompt the user to input the account of the terminal equipment.
According to an embodiment of the present disclosure, the obtaining of the security information stored in the playback protection memory block of the terminal device includes: when entering a starting-up guide interface, detecting whether the safety information is stored in the replay protection memory block; and when detecting that the safety information is stored in the replay protection memory block, acquiring the safety information.
According to an embodiment of the present disclosure, the method further comprises: and when the input account is determined to be consistent with the account of the terminal equipment, prompting the user to input an account password of the terminal equipment.
According to an embodiment of the present disclosure, the method further comprises: acquiring an input password input by a user; sending the account number of the terminal equipment and the input password to a server to request the server to verify whether the input password corresponds to the account number of the terminal equipment; and confirming that the terminal equipment is safely used when receiving the verification passing message sent by the server.
According to an embodiment of the present disclosure, confirming that the terminal device is safely used includes: and confirming that the terminal equipment is used by the owner of the terminal equipment.
According to an embodiment of the present disclosure, the method further comprises: sending the account number of the terminal equipment and the equipment identification of the terminal equipment to a server; receiving encryption information which is returned by the server and used for encrypting the account number and the equipment identification of the terminal equipment; and storing the encryption information in the playback-protected memory block.
According to an embodiment of the present disclosure, sending the account of the terminal device and the device identifier of the terminal device to a server includes: prompting a user to register in the server; acquiring the account number, the equipment identification and the set password of the account number input by a user in the registration process; and sending the account number, the equipment identification and the password to the server.
According to another aspect of the present disclosure, there is provided a security detection apparatus of a terminal device, including: the information acquisition device is used for acquiring the safety information stored in the replay protection memory block of the terminal equipment, wherein the safety information comprises an account number of the terminal equipment; the user prompting module is used for prompting a user to input an account of the terminal equipment when the information acquisition device acquires the safety information; the account acquisition device is used for acquiring an input account input by a user; the account number determining module is used for determining whether the input account number is consistent with the account number of the terminal equipment or not; and the user prompting module further prompts the user to input the account of the terminal equipment when the input account is determined to be inconsistent with the account of the terminal equipment.
According to still another aspect of the present disclosure, there is provided an electronic device including: a processor and a memory; the memory is used for storing executable instructions of the processor; the processor is configured to perform any of the methods described above via execution of the executable instructions.
According to yet another aspect of the disclosure, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when executed by a processor, implements any of the methods described above.
According to the security detection method of the terminal device provided by the embodiment of the disclosure, the account of the terminal device stored in the RPMB partition of the terminal device is compared with the input account input by the user, so as to detect the security condition of the terminal device. If the two are not consistent, the user is always prompted to input a correct account number, so that the terminal equipment cannot be used, and the terminal equipment is ensured to be used safely.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without the exercise of inventive faculty.
Fig. 1 exemplarily shows a flowchart of a security detection method of a terminal device in an embodiment of the present disclosure.
Fig. 2 exemplarily shows a flowchart of a security detection method of another terminal device in the embodiment of the present disclosure.
Fig. 3 exemplarily shows a flowchart of a security detection method of a terminal device in another embodiment of the present disclosure.
Fig. 4 exemplarily shows a block diagram of a security detection apparatus of a terminal device in an embodiment of the present disclosure.
Fig. 5 exemplarily illustrates a block diagram of an electronic device in an embodiment of the present disclosure.
Fig. 6 schematically illustrates a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
Hereinafter, each step of the security detection method of the terminal device in the exemplary embodiment of the present disclosure will be described in more detail with reference to the drawings and the embodiments.
Fig. 1 exemplarily shows a flowchart of a security detection method of a terminal device in an embodiment of the present disclosure. The method provided by the embodiment of the disclosure can be executed by any terminal equipment with computing processing capacity.
The terminal device may be a mobile terminal such as a mobile phone, a game console, a tablet Computer, an electronic book reader, smart glasses, an MP4(moving picture Experts Group Audio Layer IV) player, an intelligent home device, an AR (Augmented Reality) device, a VR (Virtual Reality) device, or a Personal Computer (PC), such as a laptop Computer and a desktop Computer.
Referring to fig. 1, a security detection method 10 of a terminal device includes:
in step S102, security information stored in a playback Protected memory block (RPMB) of the terminal device is acquired.
The security information includes: the account number of the terminal device.
A Trusted Execution Environment (TEE) is a concept proposed by the global platform organization (GP). Security issues are also of increasing concern for the open environment of mobile devices, not just end users, but also service providers, mobile operators, and chip vendors. The TEE is a runtime environment that coexists with a Rich operating system (Rich OS, typically Android, etc.) on the device, and provides security services to the Rich OS. It has its own execution space, is higher than the security level of RichOS, can satisfy the security requirements of most applications.
The RPMB partition is a partition having a security feature in an Embedded multimedia Card (eMMC). When writing data into the RPMB partition, the eMMC can check the legality of the data, and only a specified Host (Host) can write the data; meanwhile, when data is read, a signature mechanism is provided, and the data read by the host is the data in the RPMB partition, but not the data forged by an attacker.
The data stored in the RPMB partition of the terminal equipment cannot be deleted even after the terminal equipment is booted or restored to factory setting, and the data cannot be tampered, so that the safety is high.
The security information stored in the RPMB partition can be acquired through an interface provided by a TEE environment of the terminal equipment.
In some embodiments, for example, the security information may be obtained through a boot wizard program, that is, when the terminal device is used for the first time, or used for the first time after being operated by a flush, a factory reset, or the like, the terminal device enters a boot wizard interface, and whether the security information of the terminal device is stored in the RPMB partition is detected. For example, if the terminal device is used for the first time, rather than being used for the first time after being booted, factory reset, and the like, as a completely new terminal device, the RPMB partition of the terminal device does not store the security information of the terminal device. If the terminal device is used for the first time after being refreshed, factory settings are restored and the like, the safety information of the terminal device is stored in the RPMB partition. And when the fact that the safety information is stored in the RPMB partition is detected, the safety information is obtained.
In step S104, when the security information is acquired, prompting the user to input an account number of the terminal device, acquiring an input account number input by the user, and determining whether the input account number is consistent with the account number of the terminal device; and when the input account is determined to be inconsistent with the account of the terminal equipment, continuing to prompt the user to input the account of the terminal equipment.
As described above, the data stored in the RPMB partition is not deleted even after the terminal device is booted or restored to the factory setting, and has high security and is not tampered.
And if the safety information of the terminal equipment is stored in the RPMB partition, acquiring the safety information from the RPMB partition, extracting an account of the terminal equipment, and prompting a user to input the account. For example, the user may be prompted to enter an account number of the terminal device through a user interface of the terminal device.
And acquiring an input account number input by a user, and comparing the input account number with an account number acquired from the RPMB partition. If the comparison result is inconsistent, the user can be continuously prompted to input the account number of the terminal equipment. Therefore, a user who cannot correctly input the account stored in the RPMB partition of the terminal equipment cannot use the terminal equipment, and the safe use of the terminal equipment is ensured.
It should be noted that, in addition to the above-mentioned method for performing security detection in the boot-up phase, the security information may also be obtained after the terminal device is booted each time to perform the security detection. For example, after the terminal device is powered on each time, if the user sets that the terminal device is unlocked by means of a password or a fingerprint, the security information stored in the RPMB partition may be acquired before the device is unlocked by means of inputting the password or the fingerprint, and whether the terminal device is safely used may be detected based on the security information. And only when the security check passes (e.g., when the input account number entered by the user is consistent with the account number stored in the RPMB partition, the security check is deemed to pass), the user is allowed to unlock the terminal device. If the user feels that the security verification is troublesome to be carried out every time the terminal device is started, the security verification can be carried out when the terminal device is closed every time the terminal device is started, and the security verification is carried out only once in a starting guide stage.
According to the security detection method of the terminal device provided by the embodiment of the disclosure, the account of the terminal device stored in the RPMB partition of the terminal device is compared with the input account input by the user, so as to detect the security condition of the terminal device. If the two are not consistent, the user is always prompted to input a correct account number, so that the terminal equipment cannot be used, and the terminal equipment is ensured to be used safely.
Fig. 2 exemplarily shows a flowchart of a security detection method of another terminal device in the embodiment of the present disclosure. The difference from the method 10 shown in fig. 1 is that the method 20 shown in fig. 2 further includes:
in step S202, when it is determined that the input account input by the user coincides with the account acquired from the RPMB, the user is prompted to input an account password of the terminal device.
And prompting the user to further input an account password corresponding to the account, for example, through a user interface of the terminal device.
Furthermore, the method 20 may further include:
in step S204, an input password input by the user is acquired.
For example, the input password input by the user is obtained through the user interface of the terminal device.
In step S206, the account of the terminal device and the input password are transmitted to the server to request the server to verify whether the input password corresponds to the account of the terminal device.
The server is, for example, a server in an account system, and is used for storing account information, device information, password information, and the like of the terminal device.
In step S208, when the authentication pass message transmitted by the server is received, it is confirmed that the terminal device is safely used.
Confirming that the terminal device is securely used may include, for example: it is confirmed that the terminal device is used by the owner of the terminal device or by a user authorized by the owner (for example, a user notified of the above-described account stored in the RPMB).
Further, according to the security detection method for the terminal device provided by the embodiment of the disclosure, after the account comparison is passed, the user is prompted to input the password corresponding to the account again, and the account and the password are sent to the account system server for verification, so as to further verify the security of the terminal device in use.
It should be noted that, if the verification method in the method 10 is executed each time the terminal device is turned on, the unlocking operation of the terminal device is executed after receiving the verification passing message sent by the server, that is, only when the terminal device is confirmed to be safely used, the subsequent unlocking operation is further executed.
Further, in addition to the server verifying whether the passwords match, the terminal device itself may verify. For example, the security information stored in the RPMB partition may also include a password for the corresponding terminal device account. And after acquiring the input password input by the user, the terminal equipment compares the input password with the password in the acquired safety information to confirm whether the input password input by the user corresponds to the account, so that the safety of the terminal equipment is further verified.
Fig. 3 exemplarily shows a flowchart of a security detection method of a terminal device in another embodiment of the present disclosure. The difference from the method 10 shown in fig. 1 is that, before step S102 of the method 10, that is, before acquiring the security information stored in the RPMB partition of the terminal device, the security detection method 30 of the terminal device shown in fig. 3 further includes:
in step S302, the account of the terminal device and the device identifier of the terminal device are sent to the server.
For example, in some embodiments, the user is prompted to register in the server through the user interface, an account, a password, and a device identifier of the user, which are input by the user in the registration process, are obtained, and the account, the password, and the device identifier are sent to the server.
The registration process can be performed, for example, in a power-on guide interface of the terminal device. For a new terminal device which is not used at all, after the terminal device is started, a starting guide program is entered. First, as the security verification process of the method 10 described above can be performed, the security information stored in the RPMB partition is acquired through the interface provided by its TEE environment. If the security information is not stored in the RPMB partition, the user may continue to be directed to perform an account registration process to register the device with the account server.
The device identifier of the above device may be, for example, an International Mobile Equipment Identity (IMEI) of the user, and the device identifier may uniquely identify the terminal device. Alternatively, the device identifier may also be other identifiers capable of uniquely identifying the terminal device, such as a notebook computer, and the device identifier may also be a physical MAC (Media Access Control) address thereof.
Alternatively, the registration process described above may be performed whenever the terminal device is securely used (as described above, secure use refers to use by the owner of the terminal device or by a person authorized by the owner). In order to ensure that the above security detection method can be executed, in the process of being used safely, if it is detected that the user has not registered in the above account system, the terminal device may prompt the user (e.g., periodically prompt) to register, so as to bind the account registered in the account system with the terminal device. And storing the security information returned by the account system server in the RPMB partition.
In addition, the terminal device can also directly send any account number and corresponding password set by the terminal device and the device identifier of the terminal device to an account number system for binding storage. Or only sending any account and equipment identification to the account system server, wherein the password is distributed by the account system server and contained in the security information returned to the terminal equipment.
In step S304, encrypted information obtained by encrypting the account and the device identifier of the terminal device and returned by the server is received.
The server may encrypt security information including an account number of the terminal device, and return the encrypted information to the terminal device.
In step S306, the encryption information is stored into the RPMB partition.
The encryption information is the security information stored in the RPMB partition.
It should be noted that, if the server returns the encrypted information to the terminal device, the terminal device needs to decrypt the encrypted information when acquiring the security information from the RPMB partition. The present disclosure does not limit the encryption and decryption algorithms used by the server and the terminal device, and any encryption and decryption algorithm that can be applied to both the terminal device and the server may be used.
It is noted that the above-mentioned figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
The following are embodiments of the disclosed apparatus that may be used to perform embodiments of the disclosed methods. For details not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method of the present disclosure.
Fig. 4 exemplarily shows a block diagram of a security detection apparatus of a terminal device in an embodiment of the present disclosure. The device provided by the embodiment of the disclosure can be applied to any terminal equipment with computing processing capability.
Referring to fig. 4, the security detection apparatus 40 of the terminal device includes: information acquisition device 402, user prompt module 404, account acquisition device 406, and account determination module 408.
The information obtaining device 402 is configured to obtain security information stored in a playback protection memory block of the terminal device, where the security information includes an account of the terminal device.
The user prompting module 404 is configured to prompt a user to input an account of the terminal device when the information obtaining apparatus obtains the security information.
The account number obtaining device 406 is used for obtaining an input account number input by a user.
The account determination module 408 is configured to determine whether the input account is consistent with the account of the terminal device.
The user prompting module 404 further prompts the user to input the account of the terminal device when it is determined that the input account is inconsistent with the account of the terminal device.
According to the security detection device of the terminal device provided by the embodiment of the disclosure, the account number of the terminal device stored in the RPMB partition of the terminal device is compared with the input account number input by the user, so as to detect the security condition of the terminal device. If the two are not consistent, the user is always prompted to input a correct account number, so that the terminal equipment cannot be used, and the terminal equipment is ensured to be used safely.
In some embodiments, information acquisition device 402 includes: a storage detection unit and an information acquisition unit. The storage detection unit is used for detecting whether the safety information is stored in the replay protection memory block when the boot guide interface is entered. The information acquisition unit is used for acquiring the security information when detecting that the playback protection memory block stores the security information.
In some embodiments, the user prompt module 404 is further configured to: and when the input account is determined to be consistent with the account of the terminal equipment, prompting the user to input the account password of the terminal equipment.
In some embodiments, the apparatus 40 further comprises: the password acquisition module, the first information sending module and the safety confirmation module. The password acquisition module is used for acquiring an input password input by a user. The first information sending module is used for sending the account number and the input password of the terminal equipment to the server so as to request the server to verify whether the input password corresponds to the account number of the terminal equipment. And the safety confirmation module is used for confirming that the terminal equipment is safely used when receiving the verification passing message sent by the server.
In some embodiments, the security confirmation module is configured to confirm that the terminal device is used by an owner of the terminal device.
In some embodiments, the apparatus 40 further comprises: the second information sending module is used for sending the account number of the terminal equipment and the equipment identification of the terminal equipment to the server. The information receiving module is used for receiving encrypted information which is returned by the server and used for encrypting the account number and the equipment identification of the terminal equipment. The information storage module is used for storing the encrypted information into the replay protection memory block.
In some embodiments, the second information sending module includes: the device comprises a user prompting unit, an information acquisition unit and an information sending unit. The user prompting unit is used for prompting the user to register in the server. The information acquisition unit is used for acquiring an account number, equipment identification and a set password of the account number input by a user in a registration process. The information sending unit is used for sending the account number, the equipment identification and the password to the server.
It is noted that the block diagrams shown in the above figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
The embodiment of the present disclosure further provides a device, configured to execute the security detection method for each terminal device disclosed in the embodiment of the present disclosure.
An electronic device 800 according to this embodiment of the disclosure is described below with reference to fig. 5. The electronic device 800 shown in fig. 5 is only an example and should not bring any limitations to the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 5, the electronic device 800 is in the form of a general purpose computing device. The components of the electronic device 800 may include, but are not limited to: the at least one processing unit 810, the at least one memory unit 820, and a bus 830 that couples the various system components including the memory unit 820 and the processing unit 810.
Wherein the storage unit stores program code that is executable by the processing unit 810 to cause the processing unit 810 to perform steps according to various exemplary embodiments of the present disclosure as described in the "exemplary methods" section above in this specification. For example, the processing unit 810 may execute step S102 shown in fig. 1, and obtain the security information stored in the playback-protected memory block of the terminal device; step S104, when the safety information is acquired, prompting a user to input an account number of the terminal equipment, acquiring an input account number input by the user, and determining whether the input account number is consistent with the account number of the terminal equipment; and when the input account is determined to be inconsistent with the account of the terminal equipment, continuing to prompt the user to input the account of the terminal equipment.
The storage unit 820 may include readable media in the form of volatile memory units such as a random access memory unit (RAM)8201 and/or a cache memory unit 8202, and may further include a read only memory unit (ROM) 8203.
The storage unit 820 may also include a program/utility 8204 having a set (at least one) of program modules 8205, such program modules 8205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 830 may be any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 800 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 600, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 800 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 650. Also, the electronic device 800 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 860. As shown, the network adapter 860 communicates with the other modules of the electronic device 800 via the bus 830. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 600, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the "exemplary methods" section above of this specification, when the program product is run on the terminal device.
Referring to fig. 6, a program product 900 for implementing the above method according to an embodiment of the present disclosure is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (10)

1. A security detection method of a terminal device is characterized by comprising the following steps:
acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; and
when the safety information is acquired, prompting a user to input an account of the terminal equipment; acquiring an input account input by a user; determining whether the input account number is consistent with an account number of the terminal equipment; and when the input account is determined to be inconsistent with the account of the terminal equipment, continuing to prompt the user to input the account of the terminal equipment.
2. The method according to claim 1, wherein obtaining the security information stored in the playback-protected memory block of the terminal device comprises:
when entering a starting-up guide interface, detecting whether the safety information is stored in the replay protection memory block; and
and when detecting that the safety information is stored in the replay protection memory block, acquiring the safety information.
3. The method of claim 1 or 2, further comprising:
and when the input account is determined to be consistent with the account of the terminal equipment, prompting the user to input an account password of the terminal equipment.
4. The method of claim 3, further comprising:
acquiring an input password input by a user;
sending the account number of the terminal equipment and the input password to a server to request the server to verify whether the input password corresponds to the account number of the terminal equipment; and
and when receiving the verification passing message sent by the server, confirming that the terminal equipment is safely used.
5. The method of claim 4, wherein confirming that the terminal device is securely used comprises: and confirming that the terminal equipment is used by the owner of the terminal equipment.
6. The method of claim 1, further comprising:
sending the account number of the terminal equipment and the equipment identification of the terminal equipment to a server;
receiving encryption information which is returned by the server and used for encrypting the account number and the equipment identification of the terminal equipment; and
storing the encrypted information in the playback-protected memory block.
7. The method of claim 6, wherein sending the account number of the terminal device and the device identifier of the terminal device to a server comprises:
prompting a user to register in the server;
acquiring the account number, the equipment identification and the set password of the account number input by a user in the registration process; and
and sending the account number, the equipment identification and the password to the server.
8. A safety detection device of a terminal device is characterized by comprising:
the information acquisition device is used for acquiring the safety information stored in the replay protection memory block of the terminal equipment, wherein the safety information comprises an account number of the terminal equipment;
the user prompting module is used for prompting a user to input an account of the terminal equipment when the information acquisition device acquires the safety information;
the account acquisition device is used for acquiring an input account input by a user; and
the account number determining module is used for determining whether the input account number is consistent with the account number of the terminal equipment or not;
and the user prompting module further prompts the user to input the account of the terminal equipment when the input account is determined to be inconsistent with the account of the terminal equipment.
9. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1-7 via execution of the executable instructions.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1-7.
CN201911056600.9A 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium Active CN110851881B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911056600.9A CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911056600.9A CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110851881A true CN110851881A (en) 2020-02-28
CN110851881B CN110851881B (en) 2023-07-04

Family

ID=69599768

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911056600.9A Active CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110851881B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023131209A1 (en) * 2022-01-10 2023-07-13 荣耀终端有限公司 Anti-theft method for terminal, and terminal device

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007200211A (en) * 2006-01-30 2007-08-09 Nec Corp Authentication system
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
US8551186B1 (en) * 2010-12-06 2013-10-08 Amazon Technologies, Inc. Audible alert for stolen user devices
CN103634109A (en) * 2013-10-31 2014-03-12 小米科技有限责任公司 Operation right authentication method and device
US20150234624A1 (en) * 2014-02-20 2015-08-20 Sharp Kabushiki Kaisha User authentication system
CN105335677A (en) * 2014-07-24 2016-02-17 小米科技有限责任公司 Anti-theft method and device of mobile terminal
US20170026343A1 (en) * 2015-07-22 2017-01-26 Paypal Inc. Anonymous Account Security Exchange
CN106845282A (en) * 2017-01-06 2017-06-13 奇酷互联网络科技(深圳)有限公司 Mobile terminal and its method of controlling security and device
CN107734176A (en) * 2017-10-25 2018-02-23 深圳市金立通信设备有限公司 Loss guard method, terminal and the computer-readable recording medium of mobile terminal
US20180077192A1 (en) * 2015-05-29 2018-03-15 Alibaba Group Holding Limited Account theft risk identification
CN108156169A (en) * 2017-12-28 2018-06-12 惠州Tcl家电集团有限公司 Account login validation method, system and computer readable storage medium
CN108307674A (en) * 2016-12-02 2018-07-20 华为技术有限公司 A kind of method and apparatus ensureing terminal security
CN109558718A (en) * 2018-11-30 2019-04-02 努比亚技术有限公司 Application program login method, computer end, mobile terminal, system and storage medium
CN109978551A (en) * 2019-03-29 2019-07-05 北京投肯科技有限公司 A kind of account information confirmation and method for retrieving and device based on block chain
US20190215157A1 (en) * 2017-03-03 2019-07-11 Tencent Technology (Shenzhen) Company Limited Information storage method, device, and computer-readable storage medium

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007200211A (en) * 2006-01-30 2007-08-09 Nec Corp Authentication system
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
US8551186B1 (en) * 2010-12-06 2013-10-08 Amazon Technologies, Inc. Audible alert for stolen user devices
CN103634109A (en) * 2013-10-31 2014-03-12 小米科技有限责任公司 Operation right authentication method and device
US20150234624A1 (en) * 2014-02-20 2015-08-20 Sharp Kabushiki Kaisha User authentication system
CN105335677A (en) * 2014-07-24 2016-02-17 小米科技有限责任公司 Anti-theft method and device of mobile terminal
US20180077192A1 (en) * 2015-05-29 2018-03-15 Alibaba Group Holding Limited Account theft risk identification
US20170026343A1 (en) * 2015-07-22 2017-01-26 Paypal Inc. Anonymous Account Security Exchange
CN108307674A (en) * 2016-12-02 2018-07-20 华为技术有限公司 A kind of method and apparatus ensureing terminal security
CN106845282A (en) * 2017-01-06 2017-06-13 奇酷互联网络科技(深圳)有限公司 Mobile terminal and its method of controlling security and device
US20190215157A1 (en) * 2017-03-03 2019-07-11 Tencent Technology (Shenzhen) Company Limited Information storage method, device, and computer-readable storage medium
CN107734176A (en) * 2017-10-25 2018-02-23 深圳市金立通信设备有限公司 Loss guard method, terminal and the computer-readable recording medium of mobile terminal
CN108156169A (en) * 2017-12-28 2018-06-12 惠州Tcl家电集团有限公司 Account login validation method, system and computer readable storage medium
CN109558718A (en) * 2018-11-30 2019-04-02 努比亚技术有限公司 Application program login method, computer end, mobile terminal, system and storage medium
CN109978551A (en) * 2019-03-29 2019-07-05 北京投肯科技有限公司 A kind of account information confirmation and method for retrieving and device based on block chain

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
IN-A SONG 等: "Improvement of Key Exchange protocol to prevent Man-in-the-middle attack in the satellite environment", 《TERMINAL SAFETY DETECT ID》 *
常晋云: "基于生物信息的Android身份认证研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
陈洪昌: "基于Android平台的数据安全检测研究", 《万方学位论文》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023131209A1 (en) * 2022-01-10 2023-07-13 荣耀终端有限公司 Anti-theft method for terminal, and terminal device
CN116456023A (en) * 2022-01-10 2023-07-18 荣耀终端有限公司 Terminal anti-theft method and terminal equipment

Also Published As

Publication number Publication date
CN110851881B (en) 2023-07-04

Similar Documents

Publication Publication Date Title
JP6239788B2 (en) Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium
US9270466B2 (en) System and method for temporary secure boot of an electronic device
CN102624699B (en) Method and system for protecting data
KR101281678B1 (en) Method and Apparatus for authorizing host in portable storage device and providing information for authorizing host, and computer readable medium thereof
CN108335105B (en) Data processing method and related equipment
KR101654778B1 (en) Hardware-enforced access protection
CN108763917B (en) Data encryption and decryption method and device
US8850220B2 (en) Method and apparatus with chipset-based protection for local and remote authentication of booting from peripheral devices
CN105934751B (en) Data erasure for target devices
JP2013242644A (en) Virtual computer system, control method, and program
CN110598384B (en) Information protection method, information protection device and mobile terminal
CN112468294B (en) Access method and authentication equipment of vehicle-mounted TBOX
CN112148314B (en) Mirror image verification method, device and equipment of embedded system and storage medium
CN113055157A (en) Biological characteristic verification method and device, storage medium and electronic equipment
CN106156549B (en) application program authorization processing method and device
US9977907B2 (en) Encryption processing method and device for application, and terminal
CN110807186B (en) Method, device, equipment and storage medium for safe storage of storage equipment
CN110851881B (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN115438374A (en) Data reading method, device, equipment, system and medium in storage equipment
CN103020509B (en) A kind of terminal device encryption and decryption method, device and terminal device
CN112966276B (en) Method, device and medium for safely starting computer
JP5049179B2 (en) Information processing terminal device and application program activation authentication method
KR20150072007A (en) Method for accessing temper-proof device and apparatus enabling of the method
JP4634924B2 (en) Authentication method, authentication program, authentication system, and memory card
CN108256336B (en) Binding and identifying method for operating system and mainboard

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant