CN111222122A - Application authority management method and device and embedded equipment - Google Patents
Application authority management method and device and embedded equipment Download PDFInfo
- Publication number
- CN111222122A CN111222122A CN201911406281.XA CN201911406281A CN111222122A CN 111222122 A CN111222122 A CN 111222122A CN 201911406281 A CN201911406281 A CN 201911406281A CN 111222122 A CN111222122 A CN 111222122A
- Authority
- CN
- China
- Prior art keywords
- application
- permission
- authority
- list
- apk file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an application authority management method, an application authority management device and an embedded device. The method is applied to an Android Things platform and comprises the following steps: aiming at any application in an application list, acquiring the latest apk file of the application; acquiring the apk file of the application before the update; reading the authority recorded in the latest apk file to form a current authority list; reading the authority recorded in the apk file before the update to form an authority list before the update; and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list. According to the method, the authorization permission acquired before and after the application on the Android Things platform is analyzed, and the malicious permission which is introduced in the updating process and is irrelevant to the application function is determined, so that the malicious function is prevented from being executed efficiently and conveniently by utilizing the malicious permission.
Description
Technical Field
The invention relates to the technical field of embedded equipment, in particular to an application authority management method and device and embedded equipment.
Background
Android Things is an operating system for internet of Things-oriented applications launched by Google in 2016, 12 months. The same tools, Android frames and Google APIs as those used for Android development are used, so that application development facing the Internet of things is simpler, and the method is widely applied.
Typically, an application on the Android Things platform does not pop up a dialog box to ask the user whether the application is authorized for before authorization. Therefore, the malicious intrusion can acquire additional authorization, execute malicious functions, steal personal information of the user and the like under the condition that the user cannot be aware of the malicious intrusion, and cause security threats.
Disclosure of Invention
The invention provides an application authority management method, an application authority management device and embedded equipment, and aims to solve the problem that the application authority management security of the existing android things platform is low.
In a first aspect, the invention provides an application authority management method applied to an Android Things platform, which includes the following steps:
for any application within the application manifest,
acquiring the latest apk file of the application; acquiring the apk file of the application before the update;
reading the authority recorded in the latest apk file to form a current authority list;
reading the authority recorded in the apk file before the update to form an authority list before the update;
and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
Further, the application authority management method further includes:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
Further, the application authority management method further includes:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
Further, the application authority management method further includes:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
Further, the application authority management method further includes:
scanning log records of applications installed on the embedded device, determining the applications which are updated once in a set monitoring period, and forming an application list.
In a second aspect, the present invention provides an application authority management apparatus configured in an embedded device applying an Android Things platform, where the apparatus includes:
an apk file acquisition unit configured to:
acquiring the latest apk file of the target application; acquiring an apk file before the latest update of the target application;
a permission list generation unit operable to:
reading the authority recorded in the latest apk file of the target application to form a current authority list;
reading the authority recorded in the apk file before the latest updating of the target application to form an authority list before updating;
a permission comparison unit, configured to:
and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
Further, the application authority management device further includes:
a security/sensitive permission determination unit to:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
Further, the application authority management device further includes:
a verified apk file generating unit, configured to:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
Further, the application authority management device further includes:
a target application update unit to:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
In a third aspect, the present invention provides an application rights management embedded device,
configuring an application developed based on an Android Things platform;
the application authority management device described in the second aspect is configured.
According to the application permission management method, the device and the embedded equipment, the authorization permission obtained before and after the application on the Android Things platform is updated is analyzed, and the malicious permission which is introduced in the updating process and is irrelevant to the application function is determined, so that malicious operations such as malicious function execution, user personal information stealing and the like by utilizing the malicious permission are avoided, the privacy of users is protected, the safety of the application program and the embedded equipment developed based on the Android Things platform is improved, and the method, the device and the embedded equipment are efficient and convenient.
Drawings
A more complete understanding of exemplary embodiments of the present invention may be had by reference to the following drawings in which:
fig. 1 is a schematic flow chart of a rights management method before and after application update of an Android Things platform according to a preferred embodiment of the present invention;
fig. 2 is a schematic composition diagram of a rights management device before and after an application update of an Android Things platform according to a preferred embodiment of the present invention;
fig. 3 is a flowchart of a rights management method before and after an application of an Android Things platform is updated according to another preferred embodiment of the present invention.
Detailed Description
The exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, however, the present invention may be embodied in many different forms and is not limited to the embodiments described herein, which are provided for complete and complete disclosure of the present invention and to fully convey the scope of the present invention to those skilled in the art. The terminology used in the exemplary embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, the same units/elements are denoted by the same reference numerals.
Unless otherwise defined, terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Further, it will be understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and will not be interpreted in an idealized or overly formal sense.
The application program of the Android platform can actively ask the user whether to authorize the application permissions for other applications or devices on the equipment at run time if the application permissions need to be obtained for the permissions. If the pay bank app can be installed, or when a user needs to use a camera in the pay bank app to take a picture, the Android operating system is requested to obtain the use permission of the camera on the smart phone of the user.
In general, an application running on the Android Things platform does not need to acquire information or instructions through a human-computer interaction interface. In addition, the embedded device developed based on the Android Things platform is not provided with a human-computer interaction interface for popping up a running dialog box. Thus, Android Things applications do not support the application of permissions to users at runtime, but instead pre-authorize all permissions declared in the Manifest file when the application is installed.
However, when an application is installed on the Android threads platform, a mechanism that all permissions requested for the application are authorized by default leads to the problems of permission abuse (such as user information leakage caused by accessing external equipment and accessing a recording or shooting function) or excessive application permission, and reduces the safety or the use performance of the equipment, and the like.
For example, malicious intrusion is authorized by updating an application program to obtain additional rights that are unrelated to the functions of the embedded device or the functions of the application, thereby performing malicious functions, stealing user personal information, and the like.
The invention provides a method, a device and a user terminal for managing application permission of an Android thins platform, which are triggered by application program updating, and aims to solve the problem that additional permission can be introduced to the application program of the Android thining platform to cause security threat during updating.
As shown in fig. 1, the application authority management method according to the embodiment of the present invention is applied to an Android Things platform, and includes:
for any application within the application manifest,
step S100: acquiring the latest apk file of the application; acquiring the apk file of the application before the update;
step S200: reading the authority recorded in the latest apk file to form a current authority list;
reading the authority recorded in the apk file before the update to form an authority list before the update;
step S300: and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
According to the application permission management method, the authorization permission acquired before and after the application on the Android Things platform is updated is analyzed, and the malicious permission which is introduced in the updating process and is irrelevant to the application function is determined, so that malicious operations such as executing the malicious function by using the malicious permission, stealing user personal information and the like are avoided, the privacy of a user is protected, and the safety of an application program and embedded equipment developed based on the Android Things platform is improved.
Further, the application authority management method of the embodiment further includes:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
It should be understood that a dangerous or sensitive right is a right that requires denial of authorization; security rights are the rights that an application function must have in order to execute. Further, the application authority management method of the embodiment further includes:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
The application permission management method of the embodiment deletes the sensitive permission from the latest apk file, and adds the security permission to the latest apk file, thereby actively performing permission management on the target application.
Further, the application authority management method of the embodiment further includes:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
According to the application authority management method, the verified apk file is operated, the target application is updated, normal operation of the application can be guaranteed, and functional loss or safety risk caused by abuse authorization or wrong authorization is avoided.
Further, the application authority management method of the embodiment further includes:
scanning log records of applications installed on the embedded device, determining the applications which are updated once in a set monitoring period, and forming an application list.
It should be understood that the set monitoring period is determined according to the update frequency of the application installed on the embedded device, and may be a day, a week, or several hours. Within this set monitoring period, the application has done and only done one update.
It should be understood that multiple updates may be applied during the set monitoring period. At this time, the update closest to the current time is taken.
As shown in fig. 2, an application authority management apparatus according to an embodiment of the present invention is configured in an embedded device applying an Android Things platform, and the apparatus includes:
an apk file acquiring unit 10 for:
acquiring the latest apk file of the target application; acquiring an apk file before the latest update of the target application;
a permission list generating unit 20 for:
reading the authority recorded in the latest apk file of the target application to form a current authority list;
reading the authority recorded in the apk file before the latest updating of the target application to form an authority list before updating;
a permission comparison unit 30, configured to:
and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
Further, the application authority management apparatus of this embodiment further includes:
a security/sensitive permission determination unit to:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
Further, the application authority management apparatus of this embodiment further includes:
a verified apk file generating unit, configured to:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
Further, the application authority management apparatus of this embodiment further includes:
a target application update unit to:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
The application authority management embedded equipment provided by the embodiment of the invention is configured with an application developed based on an Android Things platform;
the application authority management device of the foregoing embodiment is configured.
The application permission management method, the application permission management device and the user terminal solve the problem that the Android Things platform does not support the application of the dynamic permission during running, so that the user permission is abused or maliciously used.
Specifically, the collected authority lists in the Manifest files before and after application updating are analyzed, and the same authority items before and after updating, deleted authority items after updating and newly added authority items after updating are analyzed.
Aiming at the application function, by combining with the dangerous authority possibly causing potential safety hazard in the Android authority protection level provided by the Google official, judging whether the application adds malicious authority irrelevant to the application function through updating, and actively responding to the safety threat possibly caused by the malicious authority.
The function used here means a function to be provided by a predetermined application program; whereas a dangerous or sensitive right is a right that is independent of the function that the application should have. For example, the application aiming at the electronic access control obtains the positioning authority through declaration; at this time, the positioning authority belongs to the danger authority obtained by the access control application.
In specific implementation, the application authority management method can read an apk file of an application by using Python or other scripting languages, and after decompression, a manifest file is obtained; whether the file contains the sentence at the beginning of the android and the key for describing the authority name determined in advance is judged by reading the file line by line, so that whether the related authority is recorded is determined.
According to the application authority management method provided by the embodiment of the invention, the corresponding detection result can be output according to the input APK file, and the method is simple to implement, efficient and convenient.
The application permission management method is applied to an Android Things platform, analyzes the permission list in the Manifest file by compiling scripts and forming an automation program, provides service for dangerous permission analysis according to Google official Android permission protection level and application function, and responds to possible safety threats.
The application authority management method of the embodiment of the invention forms a tool for providing the authority analysis service. During programming, source codes are not required to be provided, script codes can be adopted for implementation, and script instructions can be directly written, so that the method is simple and easy to use.
The process of rights analysis and management is described in detail with reference to fig. 3:
1) acquiring an APK file of an application program of a version before updating;
acquiring an APK file of an application program of an updated version;
2) acquiring a Manifest file of an application program of a version before updating;
acquiring a Manifest file of an updated version of an application program; the Manifest file is used for declaring the authority of the application program;
3) analyzing the two Manifest files obtained in step 2):
reading the file line by line, acquiring a statement at the beginning of' android.
4) Determining the permission difference before and after application updating, and identifying the same permission before and after updating, the added permission and the deleted permission;
5) and responding to the authority which may generate the potential safety hazard in the function of the application and the Android authority protection level by taking the authority which may generate the collected user data, the data leakage and the like as the potential safety hazard.
Table 1 shows a sensitive authority list provided by google, which usually causes a security risk. For specific applications, a sensitive permission list causing potential safety hazards needs to be determined according to the functions of the applications.
TABLE 1 list of permissions that typically raise a safety hazard
During specific implementation, the authority in the application Manifest file before and after updating, the same authority before and after updating, and the authority for deleting and adding after updating are collected by the script;
analyzing according to the application function and the authority possibly causing the security threat in the Google official Android authority level protection, and responding to the potential safety hazard possibly generated in advance;
in summary, the application permission management method in the embodiment of the present invention obtains the addition and deletion permissions after updating by collecting the application permissions before and after updating, and analyzes according to the application function and the dangerous permission list, so that security threats such as privacy disclosure and permission abuse caused by permissions can be discovered before application use, and a security guarantee is provided for a user.
The application authority management method has certain universality and can be used for applications on an Android Things platform.
An Android Application Package (APK) is an application package file format used by an Android operating system for distributing and installing mobile applications and middleware.
The code of an Android application program is required to be run on an Android device, and the code must be compiled first and then packaged into a file which can be recognized by an Android system to be run, and the file format which can be recognized and run by the Android system is 'APK'.
An APK file contains compiled code files (. dex files), file resources (resources), native resource files (assets), certificates (certifies), and manifest files (manifest files).
The APK file is based on ZIP file format, and is similar to the JAR file in construction mode, and the Internet media types are as follows: application/vnd.android.package-archive.
The invention has been described above by reference to a few embodiments. However, other embodiments of the invention than the one disclosed above are equally possible within the scope of the invention, as would be apparent to a person skilled in the art from the appended claims.
Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a// the [ device, component, etc ]" are to be interpreted openly as at least one instance of a device, component, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
Claims (10)
1. The application authority management method is applied to an Android Things platform and comprises the following steps:
for any application within the application manifest,
acquiring the latest apk file of the application; acquiring the apk file of the application before the update;
reading the authority recorded in the latest apk file to form a current authority list;
reading the authority recorded in the apk file before the update to form an authority list before the update;
and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
2. The application rights management method of claim 1, further comprising:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
3. The application rights management method of claim 2, further comprising:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
4. The application rights management method of claim 3, further comprising:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
5. The application rights management method of claim 1, further comprising:
scanning log records of applications installed on the embedded device, determining the applications which are updated once in a set monitoring period, and forming an application list.
6. An application authority management device, configured in an embedded device applying an Android Things platform, the device comprising:
an apk file acquisition unit configured to:
acquiring the latest apk file of the target application; acquiring an apk file before the latest update of the target application;
a permission list generation unit operable to:
reading the authority recorded in the latest apk file of the target application to form a current authority list;
reading the authority recorded in the apk file before the latest updating of the target application to form an authority list before updating;
a permission comparison unit, configured to:
and comparing the current permission list with the permission list before updating to generate a consistent permission list, a newly added permission list and/or a newly deleted permission list.
7. The application right management device according to claim 6, further comprising:
a security/sensitive permission determination unit to:
determining sensitive authorities in a consistent authority list according to a dangerous authority list provided by Android Things; and/or
Determining the sensitive authority in the newly added authority list according to a dangerous authority list provided by the Android Things and a safety authority list corresponding to the application function; and/or
And determining the safety permission in the new deletion permission list according to the dangerous permission list provided by the Android Things and the safety permission list corresponding to the function of the application.
8. The application right management device according to claim 7, further comprising:
a verified apk file generating unit, configured to:
generating a verified apk file:
deleting the sensitive permission in the consistent permission list from the latest apk file;
deleting the sensitive permission in the newly added permission list from the latest apk file;
and adding the security permission in the new deletion permission list to the latest apk file.
9. The application right management device according to claim 8, further comprising:
a target application update unit to:
running the verified apk file to update the application;
wherein, the apk file comprises a Manifest file;
the security authority for the application is described in a statement beginning with android in the Manifest file.
10. An application rights management embedded device, characterized in that,
configuring an application developed based on an Android Things platform;
an application rights management device according to any of claims 6 to 9 is configured.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911406281.XA CN111222122A (en) | 2019-12-31 | 2019-12-31 | Application authority management method and device and embedded equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911406281.XA CN111222122A (en) | 2019-12-31 | 2019-12-31 | Application authority management method and device and embedded equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111222122A true CN111222122A (en) | 2020-06-02 |
Family
ID=70832774
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911406281.XA Pending CN111222122A (en) | 2019-12-31 | 2019-12-31 | Application authority management method and device and embedded equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111222122A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114743297A (en) * | 2022-03-30 | 2022-07-12 | 广东医科大学顺德妇女儿童医院(佛山市顺德区妇幼保健院) | Inpatient passing management method and system |
| CN116702163A (en) * | 2022-09-27 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and terminal equipment |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110099636A1 (en) * | 2009-10-22 | 2011-04-28 | Innostor Technology Corporation | Read-only protection method for removable storage medium |
| CN102630320A (en) * | 2010-10-04 | 2012-08-08 | 松下电器产业株式会社 | Information processing device and method for preventing unauthorized application cooperation |
| CN102867143A (en) * | 2012-08-22 | 2013-01-09 | 中国科学技术大学 | Quick filtering method for malicious application programs |
| KR20130013459A (en) * | 2011-07-28 | 2013-02-06 | 주식회사 포스코아이씨티 | Method and system for managing mobile terminal |
| CN103310153A (en) * | 2013-04-28 | 2013-09-18 | 中国人民解放军理工大学 | Fine-grained authority control method based on Android platform |
| CN103546436A (en) * | 2012-07-13 | 2014-01-29 | 中兴通讯股份有限公司 | Security control method, terminal, and cloud server |
| CN103761472A (en) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | Application program accessing method and device based on intelligent terminal |
| CN103839000A (en) * | 2014-02-21 | 2014-06-04 | 北京奇虎科技有限公司 | Application program installation method and device based on intelligent terminal equipment |
| CN104462978A (en) * | 2014-12-24 | 2015-03-25 | 北京奇虎科技有限公司 | Method and device for application program authority management |
| CN105068921A (en) * | 2015-07-23 | 2015-11-18 | 清华大学 | App comparative analysis based Android application store credibility evaluation method |
| CN106295311A (en) * | 2016-08-05 | 2017-01-04 | 北京智能管家科技有限公司 | A kind of system authority control method and device |
| CN107133513A (en) * | 2017-05-10 | 2017-09-05 | 中南大学 | It is a kind of support Android run when authority mechanism third-party application between communications access control method |
| CN108681671A (en) * | 2018-05-21 | 2018-10-19 | 中国科学技术大学 | A kind of Android mobile attacks source tracing method |
| CN109076126A (en) * | 2017-03-21 | 2018-12-21 | 华为技术有限公司 | Permission update method and terminal device |
| CN109815682A (en) * | 2018-12-27 | 2019-05-28 | 北京字节跳动网络技术有限公司 | A kind of pair of permission is tracked the method, apparatus and computer readable medium of management |
| CN110298176A (en) * | 2018-10-25 | 2019-10-01 | 贵州财经大学 | Intelligent terminal App permission privacy risk monitoring and evaluation system and method |
-
2019
- 2019-12-31 CN CN201911406281.XA patent/CN111222122A/en active Pending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110099636A1 (en) * | 2009-10-22 | 2011-04-28 | Innostor Technology Corporation | Read-only protection method for removable storage medium |
| CN102630320A (en) * | 2010-10-04 | 2012-08-08 | 松下电器产业株式会社 | Information processing device and method for preventing unauthorized application cooperation |
| KR20130013459A (en) * | 2011-07-28 | 2013-02-06 | 주식회사 포스코아이씨티 | Method and system for managing mobile terminal |
| CN103546436A (en) * | 2012-07-13 | 2014-01-29 | 中兴通讯股份有限公司 | Security control method, terminal, and cloud server |
| CN102867143A (en) * | 2012-08-22 | 2013-01-09 | 中国科学技术大学 | Quick filtering method for malicious application programs |
| CN103310153A (en) * | 2013-04-28 | 2013-09-18 | 中国人民解放军理工大学 | Fine-grained authority control method based on Android platform |
| CN103761472A (en) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | Application program accessing method and device based on intelligent terminal |
| CN103839000A (en) * | 2014-02-21 | 2014-06-04 | 北京奇虎科技有限公司 | Application program installation method and device based on intelligent terminal equipment |
| CN104462978A (en) * | 2014-12-24 | 2015-03-25 | 北京奇虎科技有限公司 | Method and device for application program authority management |
| CN105068921A (en) * | 2015-07-23 | 2015-11-18 | 清华大学 | App comparative analysis based Android application store credibility evaluation method |
| CN106295311A (en) * | 2016-08-05 | 2017-01-04 | 北京智能管家科技有限公司 | A kind of system authority control method and device |
| CN109076126A (en) * | 2017-03-21 | 2018-12-21 | 华为技术有限公司 | Permission update method and terminal device |
| CN107133513A (en) * | 2017-05-10 | 2017-09-05 | 中南大学 | It is a kind of support Android run when authority mechanism third-party application between communications access control method |
| CN108681671A (en) * | 2018-05-21 | 2018-10-19 | 中国科学技术大学 | A kind of Android mobile attacks source tracing method |
| CN110298176A (en) * | 2018-10-25 | 2019-10-01 | 贵州财经大学 | Intelligent terminal App permission privacy risk monitoring and evaluation system and method |
| CN109815682A (en) * | 2018-12-27 | 2019-05-28 | 北京字节跳动网络技术有限公司 | A kind of pair of permission is tracked the method, apparatus and computer readable medium of management |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114743297A (en) * | 2022-03-30 | 2022-07-12 | 广东医科大学顺德妇女儿童医院(佛山市顺德区妇幼保健院) | Inpatient passing management method and system |
| CN114743297B (en) * | 2022-03-30 | 2023-08-08 | 广东医科大学顺德妇女儿童医院(佛山市顺德区妇幼保健院) | Hospitalized patient passing management method and system |
| CN116702163A (en) * | 2022-09-27 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and terminal equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI696950B (en) | Method for detecting high-level functionality of application executing on computing device, and system and computer program thereof | |
| KR102546601B1 (en) | Method and apparatus for protecting kernel control-flow integrity using static binary instrumentaiton | |
| US9158919B2 (en) | Threat level assessment of applications | |
| US7613918B2 (en) | System and method for enforcing a security context on a downloadable | |
| CN108763951B (en) | Data protection method and device | |
| US10783041B2 (en) | Backup and recovery of data files using hard links | |
| Schmeelk et al. | Android malware static analysis techniques | |
| US20060053492A1 (en) | Software tracking protection system | |
| CN104392176A (en) | Mobile terminal and method for intercepting device manager authority thereof | |
| US7890756B2 (en) | Verification system and method for accessing resources in a computing environment | |
| CN106557669A (en) | A kind of authority control method and device of application program installation process | |
| KR20160098912A (en) | Method for Re-adjusting Application Permission and User terminal for performing the same Method | |
| JP2010182196A (en) | Information processing apparatus and file verification system | |
| Singh et al. | Analysis of malicious behavior of android apps | |
| CN106557687A (en) | A kind of authority control method and device of application program installation process | |
| CN111222122A (en) | Application authority management method and device and embedded equipment | |
| US9967263B2 (en) | File security management apparatus and management method for system protection | |
| EP3574428B1 (en) | Safe data access through any data channel | |
| US20040250086A1 (en) | Method and system for protecting against software misuse and malicious code | |
| CN106982428B (en) | Security configuration method, security control device and security configuration device | |
| CN107392010B (en) | Root operation execution method and device, terminal equipment and storage medium | |
| CN116450373A (en) | Code running method, device, equipment and computer readable storage medium | |
| Msgna et al. | Secure application execution in mobile devices | |
| US8788845B1 (en) | Data access security | |
| US11611570B2 (en) | Attack signature generation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |