CN110851881B - Security detection method and device for terminal equipment, electronic equipment and storage medium - Google Patents

Security detection method and device for terminal equipment, electronic equipment and storage medium Download PDF

Info

Publication number
CN110851881B
CN110851881B CN201911056600.9A CN201911056600A CN110851881B CN 110851881 B CN110851881 B CN 110851881B CN 201911056600 A CN201911056600 A CN 201911056600A CN 110851881 B CN110851881 B CN 110851881B
Authority
CN
China
Prior art keywords
account number
terminal equipment
input
user
account
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911056600.9A
Other languages
Chinese (zh)
Other versions
CN110851881A (en
Inventor
张伟超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Oppo Communication Technology Co ltd
Original Assignee
Chengdu Oppo Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Oppo Communication Technology Co ltd filed Critical Chengdu Oppo Communication Technology Co ltd
Priority to CN201911056600.9A priority Critical patent/CN110851881B/en
Publication of CN110851881A publication Critical patent/CN110851881A/en
Application granted granted Critical
Publication of CN110851881B publication Critical patent/CN110851881B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

The disclosure provides a security detection method and device of terminal equipment, electronic equipment and a storage medium, and relates to the technical field of terminals. The method comprises the following steps: acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; when the security information is acquired, prompting a user to input an account number of the terminal equipment; acquiring an input account number input by a user; determining whether the input account number is consistent with the account number of the terminal equipment; and when the input account number is inconsistent with the account number of the terminal equipment, continuing to prompt a user to input the account number of the terminal equipment. The method can carry out safety detection on the terminal equipment based on the safety information stored in the RPMB partition of the terminal equipment, and ensure that the terminal equipment is used safely.

Description

Security detection method and device for terminal equipment, electronic equipment and storage medium
Technical Field
The disclosure relates to the technical field of terminals, and in particular relates to a security detection method and device for terminal equipment, electronic equipment and a storage medium.
Background
With the continuous development of terminal devices (such as smart phones, tablet computers and the like), more and more functions bring great convenience to study, life and entertainment of people, people depend on the terminal devices more and more, and a lot of user data and privacy information are stored in the terminal devices.
But may be lost or stolen during use of the terminal device. The lost or stolen terminal equipment can be used continuously by people through modes of machine brushing, factory setting recovery and the like. And after the user is used continuously, the data and the privacy information stored before the user are restored through some software, so that great potential safety hazards are brought to the user.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure aims to provide a method and apparatus for detecting security of a terminal device, an electronic device, and a storage medium, which overcome at least to some extent the problem that the terminal device cannot be ensured to be used safely due to the limitations of the related art.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to one aspect of the present disclosure, there is provided a security detection method of a terminal device, including: acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; when the security information is acquired, prompting a user to input an account number of the terminal equipment; acquiring an input account number input by a user; determining whether the input account number is consistent with the account number of the terminal equipment; and when the input account number is inconsistent with the account number of the terminal equipment, continuing to prompt a user to input the account number of the terminal equipment.
According to an embodiment of the present disclosure, acquiring security information stored in a playback-protection memory block of a terminal device includes: when entering a startup guide interface, detecting whether the safety information is stored in the replay protection memory block; and acquiring the safety information when the safety information is stored in the replay protection memory block.
According to an embodiment of the present disclosure, the method further comprises: and prompting a user to input an account number and a password of the terminal equipment when the input account number is determined to be consistent with the account number of the terminal equipment.
According to an embodiment of the present disclosure, the method further comprises: acquiring an input password input by a user; transmitting the account number of the terminal equipment and the input password to a server to request the server to verify whether the input password corresponds to the account number of the terminal equipment; and when receiving the verification passing message sent by the server, confirming that the terminal equipment is safely used.
According to an embodiment of the present disclosure, confirming that the terminal device is securely used includes: and confirming that the terminal equipment is used by a machine owner of the terminal equipment.
According to an embodiment of the present disclosure, the method further comprises: transmitting the account number of the terminal equipment and the equipment identifier of the terminal equipment to a server; receiving encryption information returned by the server after encrypting the account number and the equipment identifier of the terminal equipment; and storing the encrypted information into the replay protection memory block.
According to an embodiment of the present disclosure, sending the account number of the terminal device and the device identifier of the terminal device to a server includes: prompting a user to register in the server; acquiring the account number, the equipment identifier and the set password of the account number which are input by a user in the registration process; and sending the account number, the equipment identifier and the password to the server.
According to another aspect of the present disclosure, there is provided a security detection apparatus for a terminal device, including: the information acquisition device is used for acquiring the safety information stored in the replay protection memory block of the terminal equipment, wherein the safety information comprises an account number of the terminal equipment; the user prompting module is used for prompting a user to input an account number of the terminal equipment when the information acquisition device acquires the safety information; the account acquisition device is used for acquiring an input account input by a user; the account number determining module is used for determining whether the input account number is consistent with the account number of the terminal equipment; and the user prompting module further prompts the user to continuously input the account number of the terminal equipment when the user determines that the input account number is inconsistent with the account number of the terminal equipment.
According to still another aspect of the present disclosure, there is provided an electronic apparatus including: a processor and a memory; the memory is used for storing executable instructions of the processor; the processor is configured to perform any of the methods described above via execution of the executable instructions.
According to yet another aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements any of the methods described above.
According to the security detection method for the terminal equipment, the account number of the terminal equipment stored in the RPMB partition of the terminal equipment is compared with the input account number input by the user, so that the security condition of the terminal equipment is detected. If the two are inconsistent, the user is always prompted to input the correct account, so that the terminal equipment cannot be used, and the safe use of the terminal equipment is ensured.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without undue effort.
Fig. 1 exemplarily shows a flowchart of a security detection method of a terminal device in an embodiment of the present disclosure.
Fig. 2 schematically illustrates a flowchart of another security detection method of a terminal device in an embodiment of the disclosure.
Fig. 3 schematically illustrates a flowchart of a security detection method of still another terminal device in an embodiment of the disclosure.
Fig. 4 exemplarily shows a block diagram of a security detection apparatus of a terminal device in an embodiment of the present disclosure.
Fig. 5 schematically illustrates a block diagram of an electronic device in an embodiment of the disclosure.
Fig. 6 schematically illustrates a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software or in one or more hardware modules or integrated circuits or in different networks and/or processor devices and/or microcontroller devices.
Hereinafter, each step of the security detection method of the terminal device in the exemplary embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings and examples.
Fig. 1 exemplarily shows a flowchart of a security detection method of a terminal device in an embodiment of the present disclosure. The method provided by the embodiment of the disclosure can be executed by any terminal equipment with calculation processing capability.
The terminal device may be a mobile terminal such as a mobile phone, a game console, a tablet computer, an electronic book reader, a smart glasses, an MP4 (MovingPicture Experts Group Audio Layer IV, dynamic image expert compression standard audio layer 4) player, a smart home device, an AR (Augmented Reality ) device, a VR (Virtual Reality) device, or a personal computer (Personal Computer, PC) such as a laptop portable computer and a desktop computer, etc.
Referring to fig. 1, a security detection method 10 of a terminal device includes:
in step S102, security information stored in a playback-protection memory block (Replay Protected Memory Block, RPMB) of the terminal device is acquired.
The security information includes: and (5) an account number of the terminal equipment.
The trusted execution environment (TEE, trusted Execution Environment) is a concept proposed by Global Platform organization (GP). Security issues are also of increasing concern for the open environment of mobile devices, not just end users, but also service providers, mobile operators, and chip vendors. The TEE is an operating environment that coexist with a Rich operating system (Rich OS, typically Android, etc.) on the device, and provides security services to the Rich OS. It has its own execution space, has a higher security level than the Rich OS, and can meet the security requirements of most applications.
The RPMB partition is a partition with security features in one of the embedded multimedia cards (Embedded Multi Media Card, eMMC). When the eMMC writes data into the RPMB partition, the legitimacy of the data can be checked, and only a designated Host (Host) can write; meanwhile, when reading data, a signature mechanism is also provided, so that the data read by the host is the internal data of the RPMB partition, and is not forged by an attacker.
The data stored in the RPMB partition of the terminal equipment cannot be deleted even after the terminal equipment is refreshed or factory settings are restored, and the data cannot be tampered, so that the security is high.
The security information stored in the RPMB partition may be obtained through an interface provided by the terminal equipment TEE environment.
In some embodiments, the security information may be obtained through a boot guide program, that is, when the terminal device is used for the first time, or after operations such as being refreshed, restoring factory settings, etc., the terminal device enters a boot guide interface, and whether the security information of the terminal device is stored in the RPMB partition is detected. For example, if the terminal device is used for the first time instead of being used for the first time after operations such as being refreshed, restoring factory settings, etc., as a brand new terminal device, security information of the terminal device is not stored in the RPMB partition. If the terminal device is used for the first time after operations such as being refreshed, factory setting being restored and the like, the security information of the terminal device is stored in the RPMB partition. And when the security information is detected to be stored in the RPMB partition, the security information is acquired.
In step S104, when the security information is obtained, prompting the user to input an account of the terminal device, obtaining an input account input by the user, and determining whether the input account is consistent with the account of the terminal device; and when the input account number is inconsistent with the account number of the terminal equipment, continuing to prompt the user to input the account number of the terminal equipment.
As described above, the data stored in the RPMB partition is not deleted even after the terminal device is refreshed or factory settings are restored, and has high security and is not tampered with.
If the security information of the terminal equipment is stored in the RPMB partition, the security information is acquired from the RPMB partition, the account number of the terminal equipment in the security information is extracted, and a user is prompted to input the account number. For example, the user may be prompted to enter an account number for the terminal device via a user interface of the terminal device.
An input account number input by a user is acquired, and the input account number is compared with an account number acquired from the RPMB partition. If the comparison results are inconsistent, the user can be continuously prompted to input the account number of the terminal equipment. Therefore, a user who cannot correctly input the account number stored in the RPMB partition of the terminal equipment cannot use the terminal equipment, and safe use of the terminal equipment is ensured.
It should be noted that, in addition to the above-mentioned security detection method performed in the boot stage, the security detection may be performed by acquiring the security information after each boot of the terminal device. For example, after the terminal device is started up each time, if the user sets to unlock the terminal device by means of a password or a fingerprint, the security information stored in the RPMB partition may be obtained before the device is unlocked by means of inputting the password or the fingerprint, and whether the terminal device is used safely is detected based on the security information. And only if the security detection passes (e.g., if the user entered input account matches an account stored in the RPMB partition), the user is allowed to unlock the terminal device. If the user feels that the security verification is troublesome in each startup, the security verification can be performed when the terminal device is turned off in each startup, and the security verification is performed only once in the startup guide stage.
According to the security detection method for the terminal equipment, the account number of the terminal equipment stored in the RPMB partition of the terminal equipment is compared with the input account number input by the user, so that the security condition of the terminal equipment is detected. If the two are inconsistent, the user is always prompted to input the correct account, so that the terminal equipment cannot be used, and the safe use of the terminal equipment is ensured.
Fig. 2 schematically illustrates a flowchart of another security detection method of a terminal device in an embodiment of the disclosure. The method 20 shown in fig. 2 further includes, in contrast to the method 10 shown in fig. 1:
in step S202, when it is determined that the input account number input by the user is consistent with the account number acquired from the RPMB, the user is prompted to input the account number password of the terminal device.
If the user interface of the terminal equipment is used, the user is prompted to further input the account password corresponding to the account.
In addition, the method 20 may further include:
in step S204, an input password input by the user is acquired.
The input password input by the user is acquired through a user interface of the terminal equipment.
In step S206, the account number of the terminal device and the input password are transmitted to the server to request the server to verify whether the input password corresponds to the account number of the terminal device.
The server is, for example, a server in an account system, and is used for storing account information, device information, password information and the like of the terminal device.
In step S208, when receiving the authentication passing message transmitted by the server, it is confirmed that the terminal device is safely used.
Confirming that the terminal device is securely used may include, for example: the confirmation terminal device is used by the owner of the terminal device or by a user authorized by the owner (e.g., a user notified of the account number stored in the RPMB as described above).
Further, according to the security detection method of the terminal device provided by the embodiment of the disclosure, after the account comparison is passed, the user is prompted to input the password corresponding to the account again, and the account and the password are sent to the account system server for verification, so that the use security of the terminal device is further verified.
It should be noted that, if the verification method in the method 10 is performed every time the terminal device is turned on, the unlocking operation of the terminal device is performed after receiving the verification passing message sent by the server, that is, only when the terminal device is confirmed to be used safely, the subsequent unlocking operation is further performed.
Furthermore, in addition to verifying whether the passwords match by the server, it may also be verified by the terminal device itself. For example, the security information stored in the RPMB partition may also include a password corresponding to the terminal device account number. After the terminal equipment acquires the input password input by the user, the input password is compared with the password in the acquired security information, and whether the input password input by the user corresponds to the account is confirmed, so that the security of the terminal equipment is further verified by the terminal equipment.
Fig. 3 schematically illustrates a flowchart of a security detection method of still another terminal device in an embodiment of the disclosure. The difference from the method 10 shown in fig. 1 is that before step S102 of the method 10, that is, before the security information stored in the RPMB partition of the terminal device is acquired, the security detection method 30 for a terminal device shown in fig. 3 further includes:
in step S302, an account number of the terminal device and a device identification of the terminal device are transmitted to the server.
For example, in some embodiments, the user is prompted to register in the server through a user interface, an account number and a password input by the user in the registration process and a device identifier of the user are obtained, and the account number, the password and the device identifier are sent to the server.
The registration process may be performed, for example, in a boot guide interface of the terminal device. For a new, completely unused terminal device, after its power-on, a power-on guide procedure is entered. First, the security verification process of the method 10 described above may be performed, for example, to obtain security information stored in the RPMB partition through an interface provided by its TEE environment. If the security information is not stored in the RPMB partition, the user may continue to be directed to perform an account registration process to register the device in the account server.
The device identification of the device may be, for example, an international mobile equipment identity (International Mobile Equipment Identity, IMEI) of the user, which device identification may uniquely identify the terminal device. Alternatively, the device identifier may be other identifiers that can uniquely identify the terminal device, for example, a notebook computer, and the device identifier may also be a physical MAC (Media Access Control ) address, etc.
Alternatively, the above-described registration process may be performed whenever the terminal device is securely used (as described above, secure use refers to use by the owner of the terminal device or by a person authorized by the owner). In order to ensure that the above-mentioned security detection method can be executed, if the terminal device detects that the user is not registered in the above-mentioned account system in the process of being used safely, the user can be reminded to register (e.g. periodically reminded) so as to bind the registered account with the device in the account system. And storing the security information returned by the account system server in the RPMB partition.
In addition, the terminal equipment can also directly send any account number and corresponding password set by the terminal equipment and equipment identification of the terminal equipment to an account number system for binding storage. Or, only any account number and equipment identifier are sent to the account number system server, and the password is distributed by the account number system server and is contained in the security information returned to the terminal equipment.
In step S304, encrypted information returned by the server after encrypting the account number and the device identifier of the terminal device is received.
The server may encrypt the security information including the account number of the terminal device, and return the encrypted information to the terminal device.
In step S306, the encryption information is stored into the RPMB partition.
The encrypted information is the security information stored in the RPMB partition.
If the server returns the encrypted information to the terminal device, the terminal device needs to decrypt the secure information when the secure information is acquired from the RPMB partition. The encryption and decryption algorithm used by the server and the terminal equipment is not limited in the disclosure, and any encryption and decryption algorithm which can be simultaneously applied to the terminal equipment and the server can be used.
It is noted that the above-described figures are merely schematic illustrations of processes involved in a method according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily appreciated that the processes shown in the above figures do not indicate or limit the temporal order of these processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, for example, among a plurality of modules.
The following are device embodiments of the present disclosure that may be used to perform method embodiments of the present disclosure. For details not disclosed in the embodiments of the apparatus of the present disclosure, please refer to the embodiments of the method of the present disclosure.
Fig. 4 exemplarily shows a block diagram of a security detection apparatus of a terminal device in an embodiment of the present disclosure. The device provided by the embodiment of the disclosure can be applied to any terminal equipment with calculation processing capability.
Referring to fig. 4, the security detection device 40 of the terminal apparatus includes: an information acquisition device 402, a user prompt module 404, an account acquisition device 406, and an account determination module 408.
The information obtaining device 402 is configured to obtain security information stored in a playback protection memory block of the terminal device, where the security information includes an account number of the terminal device.
The user prompting module 404 is configured to prompt a user to input an account of the terminal device when the information acquisition device acquires the security information.
The account acquisition device 406 is configured to acquire an input account input by a user.
The account determining module 408 is configured to determine whether the input account is consistent with an account of the terminal device.
The user prompting module 404 further prompts the user to input the account number of the terminal device when the user determines that the input account number is inconsistent with the account number of the terminal device.
According to the security detection device for the terminal equipment, the account number of the terminal equipment stored in the RPMB partition of the terminal equipment is compared with the input account number input by the user, so that the security condition of the terminal equipment is detected. If the two are inconsistent, the user is always prompted to input the correct account, so that the terminal equipment cannot be used, and the safe use of the terminal equipment is ensured.
In some embodiments, the information acquisition device 402 includes: and a storage detection unit and an information acquisition unit. The storage detection unit is used for detecting whether the replay protection memory block stores safety information or not when the boot guide interface is accessed. The information acquisition unit is used for acquiring the safety information when the safety information stored in the replay protection memory block is detected.
In some embodiments, user prompt module 404 is further to: and prompting the user to input the account password of the terminal equipment when the input account is determined to be consistent with the account of the terminal equipment.
In some embodiments, the apparatus 40 further comprises: the device comprises a password acquisition module, a first information sending module and a security confirmation module. The password acquisition module is used for acquiring an input password input by a user. The first information sending module is used for sending an account number of the terminal equipment and an input password to the server so as to request the server to verify whether the input password corresponds to the account number of the terminal equipment. The security confirmation module is used for confirming that the terminal equipment is used safely when receiving the verification passing message sent by the server.
In some embodiments, the security confirmation module is configured to confirm that the terminal device is used by a host of the terminal device.
In some embodiments, the apparatus 40 further comprises: the second information sending module is used for sending the account number of the terminal equipment and the equipment identifier of the terminal equipment to the server. The information receiving module is used for receiving encrypted information returned by the server after the account number and the equipment identifier of the terminal equipment are encrypted. The information storage module is used for storing the encrypted information into the replay protection memory block.
In some embodiments, the second information sending module includes: the system comprises a user prompting unit, an information acquisition unit and an information sending unit. The user prompting unit is used for prompting the user to register in the server. The information acquisition unit is used for acquiring an account number, a device identifier and a password of the set account number which are input by a user in a registration process. The information sending unit is used for sending the account number, the equipment identifier and the password to the server.
It should be noted that the block diagrams shown in the above figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software or in one or more hardware modules or integrated circuits or in different networks and/or processor devices and/or microcontroller devices.
Those skilled in the art will appreciate that the various aspects of the present disclosure may be implemented as a system, method, or program product. Accordingly, various aspects of the disclosure may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
The embodiment of the disclosure also provides a device for executing the security detection method of each terminal device disclosed in the embodiment of the method of the disclosure.
An electronic device 800 according to such an embodiment of the present disclosure is described below with reference to fig. 5. The electronic device 800 shown in fig. 5 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 5, the electronic device 800 is embodied in the form of a general purpose computing device. Components of electronic device 800 may include, but are not limited to: the at least one processing unit 810, the at least one memory unit 820, and a bus 830 connecting the various system components, including the memory unit 820 and the processing unit 810.
Wherein the storage unit stores program code that is executable by the processing unit 810 such that the processing unit 810 performs steps according to various exemplary embodiments of the present disclosure described in the above section of the present specification. For example, the processing unit 810 may perform step S102 shown in fig. 1 to obtain the security information stored in the playback-protection memory block of the terminal device; step S104, when the security information is acquired, prompting a user to input an account of the terminal equipment, acquiring an input account input by the user, and determining whether the input account is consistent with the account of the terminal equipment; and when the input account number is inconsistent with the account number of the terminal equipment, continuing to prompt the user to input the account number of the terminal equipment.
The storage unit 820 may include readable media in the form of volatile storage units, such as Random Access Memory (RAM) 8201 and/or cache memory 8202, and may further include Read Only Memory (ROM) 8203.
Storage unit 820 may also include a program/utility 8204 having a set (at least one) of program modules 8205, such program modules 8205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
Bus 830 may be one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 800 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 600, and/or any device (e.g., router, modem, etc.) that enables the electronic device 800 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 650. Also, electronic device 800 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 860. As shown, network adapter 860 communicates with other modules of electronic device 800 over bus 830. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 600, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, a computer-readable storage medium having stored thereon a program product capable of implementing the method described above in the present specification is also provided. In some possible implementations, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the disclosure as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.
Referring to fig. 6, a program product 900 for implementing the above-described method according to an embodiment of the present disclosure is described, which may employ a portable compact disc read-only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
Furthermore, although the steps of the methods in the present disclosure are depicted in a particular order in the drawings, this does not require or imply that the steps must be performed in that particular order or that all illustrated steps be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims (8)

1. A security detection method for a terminal device, comprising:
acquiring security information stored in a replay protection memory block of a terminal device, wherein the security information comprises an account number of the terminal device; and
when the security information is acquired, prompting a user to input an account number of the terminal equipment; acquiring an input account number input by a user; determining whether the input account number is consistent with the account number of the terminal equipment; when the input account number is inconsistent with the account number of the terminal equipment, continuing to prompt a user to input the account number of the terminal equipment; when the input account number is consistent with the account number of the terminal equipment, prompting a user to input an account number and a password of the terminal equipment so as to confirm whether the terminal equipment is safely used or not according to the account number and the input password of the terminal equipment;
the obtaining the security information stored in the replay protection memory block of the terminal device includes: when entering a startup guide interface, detecting whether the safety information is stored in the replay protection memory block; and acquiring the safety information when the safety information is stored in the replay protection memory block.
2. The method as recited in claim 1, further comprising:
acquiring an input password input by a user;
transmitting the account number of the terminal equipment and the input password to a server to request the server to verify whether the input password corresponds to the account number of the terminal equipment; and
and when receiving the verification passing message sent by the server, confirming that the terminal equipment is safely used.
3. The method of claim 2, wherein confirming that the terminal device is securely used comprises: and confirming that the terminal equipment is used by a machine owner of the terminal equipment.
4. The method as recited in claim 1, further comprising:
transmitting the account number of the terminal equipment and the equipment identifier of the terminal equipment to a server;
receiving encryption information returned by the server after encrypting the account number and the equipment identifier of the terminal equipment; and
and storing the encrypted information into the replay protection memory block.
5. The method of claim 4, wherein transmitting the account number of the terminal device and the device identification of the terminal device to a server comprises:
prompting a user to register in the server;
acquiring the account number, the equipment identifier and the set password of the account number which are input by a user in the registration process; and
and sending the account number, the equipment identifier and the password to the server.
6. A security detection apparatus for a terminal device, comprising:
the information acquisition device is used for acquiring the safety information stored in the replay protection memory block of the terminal equipment, wherein the safety information comprises an account number of the terminal equipment;
the user prompting module is used for prompting a user to input an account number of the terminal equipment when the information acquisition device acquires the safety information;
the account acquisition device is used for acquiring an input account input by a user; and
the account determining module is used for determining whether the input account is consistent with the account of the terminal equipment;
the user prompting module is further used for continuously prompting a user to input the account of the terminal equipment when the input account is determined to be inconsistent with the account of the terminal equipment;
the user prompting module is also used for prompting a user to input an account number and a password of the terminal equipment when the input account number is determined to be consistent with the account number of the terminal equipment, so as to confirm whether the terminal equipment is safely used or not according to the account number and the input password of the terminal equipment;
the obtaining the security information stored in the replay protection memory block of the terminal device includes: when entering a startup guide interface, detecting whether the safety information is stored in the replay protection memory block; and acquiring the safety information when the safety information is stored in the replay protection memory block.
7. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any one of claims 1-5 via execution of the executable instructions.
8. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the method of any of claims 1-5.
CN201911056600.9A 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium Active CN110851881B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911056600.9A CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911056600.9A CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110851881A CN110851881A (en) 2020-02-28
CN110851881B true CN110851881B (en) 2023-07-04

Family

ID=69599768

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911056600.9A Active CN110851881B (en) 2019-10-31 2019-10-31 Security detection method and device for terminal equipment, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110851881B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116456023A (en) * 2022-01-10 2023-07-18 荣耀终端有限公司 Terminal anti-theft method and terminal equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007200211A (en) * 2006-01-30 2007-08-09 Nec Corp Authentication system
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
US8551186B1 (en) * 2010-12-06 2013-10-08 Amazon Technologies, Inc. Audible alert for stolen user devices
CN103634109A (en) * 2013-10-31 2014-03-12 小米科技有限责任公司 Operation right authentication method and device
CN109558718A (en) * 2018-11-30 2019-04-02 努比亚技术有限公司 Application program login method, computer end, mobile terminal, system and storage medium

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6002704B2 (en) * 2014-02-20 2016-10-05 シャープ株式会社 Image forming apparatus, user authentication system, and user authentication method
CN105335677A (en) * 2014-07-24 2016-02-17 小米科技有限责任公司 Anti-theft method and device of mobile terminal
CN106295349B (en) * 2015-05-29 2020-06-05 阿里巴巴集团控股有限公司 Account stolen risk identification method, identification device and prevention and control system
US10523637B2 (en) * 2015-07-22 2019-12-31 Paypal, Inc. Anonymous account security exchange
US20190268155A1 (en) * 2016-12-02 2019-08-29 Huawei Technologies Co., Ltd. Method for Ensuring Terminal Security and Device
CN106845282A (en) * 2017-01-06 2017-06-13 奇酷互联网络科技(深圳)有限公司 Mobile terminal and its method of controlling security and device
CN106686008B (en) * 2017-03-03 2019-01-11 腾讯科技(深圳)有限公司 Information storage means and device
CN107734176A (en) * 2017-10-25 2018-02-23 深圳市金立通信设备有限公司 Loss guard method, terminal and the computer-readable recording medium of mobile terminal
CN108156169A (en) * 2017-12-28 2018-06-12 惠州Tcl家电集团有限公司 Account login validation method, system and computer readable storage medium
CN109978551A (en) * 2019-03-29 2019-07-05 北京投肯科技有限公司 A kind of account information confirmation and method for retrieving and device based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007200211A (en) * 2006-01-30 2007-08-09 Nec Corp Authentication system
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
US8551186B1 (en) * 2010-12-06 2013-10-08 Amazon Technologies, Inc. Audible alert for stolen user devices
CN103634109A (en) * 2013-10-31 2014-03-12 小米科技有限责任公司 Operation right authentication method and device
CN109558718A (en) * 2018-11-30 2019-04-02 努比亚技术有限公司 Application program login method, computer end, mobile terminal, system and storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Improvement of Key Exchange protocol to prevent Man-in-the-middle attack in the satellite environment;In-A Song 等;《terminal safety detect id》;全文 *
基于Android平台的数据安全检测研究;陈洪昌;《万方学位论文》;全文 *
基于生物信息的Android身份认证研究;常晋云;《中国优秀硕士学位论文全文数据库 信息科技辑》;全文 *

Also Published As

Publication number Publication date
CN110851881A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
CN112771826B (en) Application program login method, application program login device and mobile terminal
US9270466B2 (en) System and method for temporary secure boot of an electronic device
JP6239788B2 (en) Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium
CN108335105B (en) Data processing method and related equipment
CN104115152A (en) Method and apparatus for protecting digital content using device authentication
JP2013242644A (en) Virtual computer system, control method, and program
CN110324358B (en) Video data management and control authentication method, module, equipment and platform
CN112468294B (en) Access method and authentication equipment of vehicle-mounted TBOX
JP2013545195A (en) Bound data card and mobile host authentication method, apparatus and system
CN112967056A (en) Access information processing method and device, electronic equipment and medium
CN109977039A (en) HD encryption method for storing cipher key, device, equipment and readable storage medium storing program for executing
US20110154436A1 (en) Provider Management Methods and Systems for a Portable Device Running Android Platform
CN110334531B (en) Virtual machine key management method, master node, system, storage medium and device
CN110851881B (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN110807186B (en) Method, device, equipment and storage medium for safe storage of storage equipment
KR101711024B1 (en) Method for accessing temper-proof device and apparatus enabling of the method
CN103020509B (en) A kind of terminal device encryption and decryption method, device and terminal device
CN110659522B (en) Storage medium security authentication method and device, computer equipment and storage medium
CN112560116A (en) Function control method, device and storage medium
US20090187898A1 (en) Method for securely updating an autorun program and portable electronic entity executing it
CN110781472A (en) Fingerprint data storage and verification method, terminal and storage medium
CN106603237B (en) Safe payment method and device
CN111246480A (en) Application communication method, system, equipment and storage medium based on SIM card
KR20200059106A (en) Method for sharing digital key between devices
JP2009260688A (en) Security system and method thereof for remote terminal device in wireless wide-area communication network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant