CN111796909B - Lightweight mobile application virtualization system - Google Patents
Lightweight mobile application virtualization system Download PDFInfo
- Publication number
- CN111796909B CN111796909B CN202010588083.6A CN202010588083A CN111796909B CN 111796909 B CN111796909 B CN 111796909B CN 202010588083 A CN202010588083 A CN 202010588083A CN 111796909 B CN111796909 B CN 111796909B
- Authority
- CN
- China
- Prior art keywords
- container
- application
- request
- creating
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 claims abstract description 117
- 230000008569 process Effects 0.000 claims abstract description 111
- 230000000694 effects Effects 0.000 claims description 25
- 238000009434 installation Methods 0.000 claims description 10
- 239000011230 binding agent Substances 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 claims description 3
- 238000013507 mapping Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 102100038612 Calmodulin-regulated spectrin-associated protein 3 Human genes 0.000 description 1
- 101000741294 Homo sapiens Calmodulin-regulated spectrin-associated protein 3 Proteins 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000036316 preload Effects 0.000 description 1
- 239000007858 starting material Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
- G06F9/45516—Runtime code conversion or optimisation
- G06F9/45525—Optimisation or modification within the same instruction set architecture, e.g. HP Dynamo
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a lightweight mobile application virtualization system, which comprises a container starting auxiliary process and an AMS process which are arranged in an Android system, and a container root process for managing containers; the container starts an auxiliary process to construct an Intent data packet, creates and sends a request for creating a virtualized application to the AMS process according to the Intent data packet; the AMS process receives a request for creating a virtualized application, analyzes the received Intent data packet, and sends a request for creating a container process to the container root process according to the Intent data packet; the container root process creates and initializes an application running environment, creates a container process after receiving a request for creating the container process, obtains package information of the container application from the AMS process according to the sent request for loading the container application, and starts the container application. To reduce the system resources that need to be occupied by application virtualization.
Description
Technical Field
The invention belongs to the technical field of virtualization, and particularly relates to a lightweight mobile application virtualization system.
Background
The advent and popularity of mobile smart devices has created a number of problems and challenges. The huge demand of the mobile application market guides the mobile application development threshold to be reduced, and in addition, an imperfect authority mechanism and security model of an intelligent device operating system are adopted, so that the mobile operating system becomes the most attractive target of the current virus software. Meanwhile, the dependence of users on mobile applications is increased, and a plurality of terminal devices are required to play different roles of the users to meet different application scene requirements so as to protect personal privacy and data security of the users.
The virtualization technology has the characteristics of improving the safety of applications and meeting the requirements of solving multiple scene roles, and the combination of the virtualization technology and a mobile operating system is an important direction of the current solution. Unlike traditional operating system application virtualization, an android operating system can be operated after the kernel initialization of the android device is completed, and a large number of system services are operated in the android system to allow user-state processes to access system resources. The apps in the application market need to be installed, loaded and run in the android system framework, and are controlled and managed by the android system. The existing solutions are that a complete android operating system is operated in a virtual machine or a container through system-level virtualization, such as Cells, condroid, nezha and Gemini, resource access service is provided for user applications, and then target applications are operated in virtualized operating system environments, so that response time and resource consumption of application virtualization are greatly increased, and the method is not applicable to intelligent equipment terminals with limited resources.
Application publication number CN106572014a discloses a virtualized network system, application publication number CN103207762a discloses a storage virtualized system, and both virtualized systems are not suitable for an Android system.
Disclosure of Invention
The invention aims to provide a lightweight mobile application virtualization system so as to reduce system resources required to be occupied by application virtualization and improve the availability of the application virtualization on intelligent mobile equipment.
In order to achieve the above object, the present invention provides the following technical solutions:
a lightweight mobile application virtualization system comprises a container starting auxiliary process and a Activity Manager Service (AMS) process which are arranged in an Android system, and a container root process for managing containers;
the container starts an auxiliary process to construct an Intent data packet, and creates and sends a request for creating a virtualized application to the Activity Manager Service process according to the Intent data packet;
the Activity Manager Service process receives a request for creating a virtualized application, analyzes the received Intent data packet, and sends a request for creating a container process to a container root process according to the Intent data packet; sending package information of the container application to the container root process according to the received loading container application request;
the container root process creates and initializes an application running environment, creates a container process after receiving a request for creating the container process, obtains package information of the container application from the Activity Manager Service process according to the sent request for loading the container application, and starts the container application.
When an Intnt data packet is constructed, a FLAG_ACTIVITY_CONTAINER identifier for identifying that the virtualized application is requested to be started is added to the Intnt data packet.
Preferably, before sending the request for creating the container application, the container starting auxiliary process further performs application checking, initiates a target component query request to the Package Manager Service, checks whether the target component to be started is installed, if the target component is not installed, initiates a target component installation request to the Package Manager Service, and installs the target application according to the installation package address of the target application transmitted by the target component installation request.
Preferably, after analyzing the Intint data packet, the Activity Manager Service checks whether the target application program is installed in the current Android system according to the packet name and UID of the target application program recorded in the Intint data, if the installation record exists, it looks up and judges whether the application process of the target application program exists, if the application process does not exist, it creates a new record according to the packet name and UID of the target application program, so as to store the information of the application program;
checking whether the Intnt data contains a FLAG_ACTIVITY_CONTAINER FLAG, and if so, sending a CONTAINER process creation request to the CONTAINER root process through a CONTAINER socket.
Preferably, the creating and initializing the application running environment by the container root process includes:
creating a Java virtual machine, registering a jni function, loading a zygoteInit class in the jni function, and preloading Java class and Android resources.
Preferably, the creating a container process includes:
checking abi of uid, gid, gids, capabilities security authority and application program in the request of creating the container process, and checking to create a corresponding sub-process by calling a fork system call and loading an ActivityThread for initializing the container application;
during initialization, the ActivityThread can set a system path to be used in the application, set the position where the certificate of the current application is stored, set the name of a process and create a Binder thread pool for processing Binder communication of Android system services.
Preferably, after receiving the request for loading the container application, the activityManagerservice searches package information of the container application according to the uid of the sender of the Binder request, and transmits the package information to the container process;
and the container process loads and starts the target container application after receiving the packet information of the target container application.
In order to realize the application virtualization instance, the container root process sets a container identifier for each container as a container application instance ID, wherein the container identifier maps the matching relationship between the container application instance and the corresponding application process record;
through the container identifier and the application program ID, when the container identifier and the application program ID cannot be matched with the existing container identifier and the existing application program ID, a new container process and a new Activity Stack are created for the container application, and the same-application multi-virtualization instance is realized.
Preferably, the container root process also creates a list of allowed access rights for each container, and sets a name Namespace ID for each list of allowed access rights;
when the container application is to access the system service of the Android system through the service manager service of the Android system, the service manager service opens the corresponding system service to the container application according to the access service contained in the permission access authority list corresponding to the Namespace ID.
Compared with the prior art, the invention has the following beneficial effects:
the lightweight mobile application virtualization system provided by the invention realizes application level virtualization by utilizing a container technology under the android operating system environment, and the same application can be provided with a plurality of virtualization instances, and meanwhile, the access limit of the virtualization application to system services is controlled. The system resource occupied by application virtualization is reduced, the availability of the application virtualization on the intelligent mobile device is improved, and huge support is provided for improving the safety of the application and solving the requirements of multiple scene roles.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a block diagram of a lightweight mobile application virtualization system provided by an embodiment;
FIG. 2 is an exemplary diagram of an application virtualization multi-instance provided by an embodiment;
fig. 3 is a flow chart of system service access control provided by an embodiment.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the detailed description is presented by way of example only and is not intended to limit the scope of the invention.
In order to realize application level virtualization in an android operating system environment, the same application can be provided with a plurality of virtualization instances, and access limitation of the virtualization application to system services is controlled. A lightweight mobile application virtualization system is provided, as shown in fig. 1, and comprises container start auxiliary processes, namely a container start auxiliary tool process and a Activity Manager Service process, arranged in an Android system, and a container root process, namely a container-init process, used for managing containers. The container tool sends a request for creating a virtualized application to an android system service ActivityManagerservice process, and after the container-init process initializes an application running environment and receives an ActivityManagerservice starting application request, the process is created and a target application is loaded. The operation flow of the whole system is shown in figure 1.
The container starting auxiliary process, the container tool, is arranged in the Android system host, and mainly achieves the functions of constructing the Intnt, checking the application and sending a request for creating the virtualized application to the ActivityManagerservice.
For constructing an Intnt flow, a CONTAINER tool constructs an Intnt data packet according to a user identifier of a starter and a target application component name, wherein the Intnt data packet is a data packet used for data transmission by an android system, a FLAG_ACTIVITY_CONTAINER identifier is added to the Intnt data packet, and the FLAG_ACTIVITY_CONTAINER identifier is used for identifying whether a normal application or a virtualized application is requested to be started.
Before sending the request for starting and creating the container application, the container starting auxiliary process also performs application checking, initiates a target component query request to the Package Manager Service to check whether the target component to be started is installed, initiates a target component installation request to the Package Manager Service if the target component is not installed, and installs the target application according to the installation package address of the target application transmitted by the target component installation request.
After the application checking is finished, the container starts a request for creating the virtualized application, which is initiated by the auxiliary process to the ActivityManagerService, and the request for creating the virtualized application is sent to an android system on the host machine by the aid of an Intent data packet created before.
The ActivityManagerService process is a service process of the android system, and is subjected to functional modification, and the ActivityManagerService is mainly used for processing and creating a virtualized application request.
After receiving a virtualized application creating request, an ActivityManagerService process analyzes an Intent data packet contained in the virtualized application creating request, checks whether a target application is installed in a current Android system according to a packet name and a UID of the target application recorded in the Intent data, searches and judges whether an application process of the target application exists if an installation record exists, and creates a new record according to the packet name and the UID of the target application if the application process does not exist, so as to store information of the application;
checking whether the Intnt data contains a FLAG_ACTIVITY_CONTAINER FLAG, and if so, sending a CONTAINER process creation request to the CONTAINER root process through a CONTAINER socket.
The container root process container-init is a core for realizing the virtualized application, and is mainly used for creating and initializing an application running environment, creating a container process and starting the container application, and each part is described in detail below.
In the process of creating and initializing an application running environment, a container root process, namely a container-init, mainly creates a Java virtual machine, registers a jni function, loads a zygoteInit class in the jni function, and preloads Java class and Android resources.
The method comprises the steps that a container root process creates a container process after receiving a container process creation request, specifically checks abi of uid, gid, gids, capabilities security authority and application program in the container process creation request, and then calls a fork system to call and create a corresponding sub-process and loads an ActivityThread to initialize container application;
during initialization, the ActivityThread can set a system path to be used in the application, set the position where the certificate of the current application is stored, set the name of a process and create a Binder thread pool for processing Binder communication of Android system services.
After receiving a request for loading the container application, activityManagerService searches package information of the container application according to the uid of a sender of the Binder request and transmits the package information to the container process; the container process loads and starts the target container application after receiving the packet information of the target container application.
When the target application started by the container is not started in the host or other containers, the Activity ManagerService creates a new container process and an Activity Stack for the target application to start and store the Activity of the target application because the application process record matched with the target application process record and the Activity Stack cannot be found. When the host or other container starts the target application with the same name, the activityManagerservice will not create the corresponding container process and the Activity Stack due to the existence of the record ID, resulting in failure of starting the container process.
When the target application started by the container is not started in the host or other containers, as the application process Record matched with the target application cannot be found in the Activity Record and the Activity Stack, the Activity ManagerService can create a new container process and an Activity Stack for the target application so as to start and store the activities of the target application. When a host or other container starts up multiple virtualized instances of an existing application, the activitymanageservicedoes not create a corresponding container process and Activity Stack due to the existence of the record ID, resulting in a failed start-up of the application virtualization.
FIG. 2 depicts an application virtualization multi-instance solution, where the container root process sets a container identifier for each container as a container application instance ID, the container identifier mapping the matching relationship of the container application instance to the corresponding application process record;
in the embodiment, the IPC Namespace ID of the container is used as the identifier of the user ID, different containers have different IPC Namespace IDs, and the application records of different containers are isolated from each other due to the different identifiers of the user IDs. When the ActivityManagerService searches the record according to the UID+APPId as an index, only an application record list corresponding to the current container is searched, and when similar applications are started, a new container process and a new Activity Stack are created for the application container because the UID+APPId cannot be matched, so that the same-application multi-virtualization instance is realized.
The android application virtualized instance and the user on the host share the android system service on the host, and the application instance obtains the address of the corresponding service through the service manager service and can obtain the corresponding system resource through the system service, so that the risk of data leakage on the host, such as sensor data of equipment, network information and the like, is increased.
As shown in fig. 3, the lightweight mobile application virtualization system performs access rights control on the access rights of the system service on the android application virtualization instance. Specifically, the container root process also creates a permission access list for each container, and sets a name Namespace ID for each permission access list; when the container application is to access the system service of the Android system through the service manager service of the Android system, the service manager service opens the corresponding system service to the container application according to the access service contained in the permission access authority list corresponding to the Namespace ID.
When the user application wants to acquire the service, the service inquiry request is required to be sent to the service manager, the service manager service calls the do_find_service method after receiving the request, and the service address is inquired according to the service name sent by the requester. If the corresponding service address exists, checking whether the service requester meets the SELinux service access authority, and if so, returning the service address to the Binderclient. When creating an application container, we write the system service name that the container is allowed to access into the configuration file. When the container runs, the name of the container, the IPC Namespace ID of the container and the system services that the container is allowed to access are mapped by parsing the application container. When the virtualized application instance wants to acquire a service, the IPC Namespace of the current process is sent to the servicemanager through current- > nsproxy- > ipc_ns. After the servicemanager receives the service inquiry request and checks that the SELinux service access authority of the request sender is satisfied, whether the current request caller can acquire the requested service name is checked through the mapping from the Namespace ID to the system service, and if the check is not passed, the acquisition of the system resource is refused.
The lightweight mobile application virtualization system provided by the embodiment is designed on the android operating system and realizes lightweight application level virtualization, and compared with the existing system level virtualization, the lightweight mobile application virtualization system reduces consumption of system resources such as response time, memory occupation, disk occupation and the like of application virtualization in a mode of sharing android system services by a plurality of application instances. Meanwhile, the technical implementation of the lightweight mobile application virtualization system modifies the source code of the android system, enhances the portability of the scheme, and can be adapted to the android systems customized by different versions and different manufacturers.
The foregoing detailed description of the preferred embodiments and advantages of the invention will be appreciated that the foregoing description is merely illustrative of the presently preferred embodiments of the invention, and that no changes, additions, substitutions and equivalents of those embodiments are intended to be included within the scope of the invention.
Claims (9)
1. The lightweight mobile application virtualization system is characterized by comprising a container starting auxiliary process and a Activity Manager Service process which are arranged in an Android system, and a container root process for managing containers;
the container starts an auxiliary process to construct an Intent data packet, and creates and sends a virtualized application creating request to the Activity Manager Service process according to the Intent data packet;
the Activity Manager Service process receives a request for creating a virtualized application, analyzes the received Intent data packet, and sends a request for creating a container process to the container root process according to the Intent data packet; sending package information of the container application to the container root process according to the received loading container application request;
the container root process creates and initializes an application running environment, creates a container process after receiving a request for creating the container process, obtains package information of the container application from the Activity Manager Service process according to the sent request for loading the container application, and starts the container application.
2. The lightweight mobile application virtualization system of claim 1, wherein upon construction of an Intent packet, a FLAG_ACTIVITY_CONTAINER identification is added to the Intent packet to identify that the virtualized application is requested to be launched.
3. The lightweight mobile application virtualization system of claim 1 wherein the container launch assist process further performs an application check before sending a request to launch the creation container application, initiates a target component query request to Package Manager Service to see if the target component to be launched is installed, initiates a target component install request to Package Manager Service if the target component is not installed, and installs the target application based on the installation package address of the target application entered by the target component install request.
4. The lightweight mobile application virtualization system according to claim 1, wherein after the Activity Manager Service parses the Intent data packet, it checks whether the target application is installed in the current Android system according to the packet name and UID of the target application recorded in the Intent data, if the installation record exists, it searches and judges whether the application process of the target application exists, if the application process does not exist, it creates a new record according to the packet name and UID of the target application, so as to store the information of the application;
checking whether the Intnt data contains a FLAG_ACTIVITY_CONTAINER FLAG, and if so, sending a CONTAINER process creation request to the CONTAINER root process through a CONTAINER socket.
5. The lightweight mobile application virtualization system of claim 1 wherein the container root process creating and initializing an application runtime environment comprises:
creating a Java virtual machine, registering a jni function, loading a zygoteInit class in the jni function, and preloading Java class and Android resources.
6. The lightweight mobile application virtualization system of claim 1, wherein said creating a container process comprises:
checking abi of uid, gid, gids, capabilities security authority and application program in the request of creating the container process, and checking to create a corresponding sub-process by calling a fork system call and loading an ActivityThread for initializing the container application;
during initialization, the ActivityThread can set a system path to be used in the application, set the position where the certificate of the current application is stored, set the name of a process and create a Binder thread pool for processing Binder communication of Android system services.
7. The lightweight mobile application virtualization system of claim 1, wherein the activitymanageservice, upon receiving a container application loading request, searches for package information of a container application according to a uid of a sender of a Binder request and transmits the package information to the container process;
and the container process loads and starts the target container application after receiving the packet information of the target container application.
8. The lightweight mobile application virtualization system of any one of claims 1-7 wherein the container root process sets a container identifier for each container as a container application instance ID, the container identifier mapping a matching relationship of the container application instance to a corresponding application process record;
through the container identifier and the application program ID, when the container identifier and the application program ID cannot be matched with the existing container identifier and the existing application program ID, a new container process and a new Activity Stack are created for the container application, and the same-application multi-virtualization instance is realized.
9. The lightweight mobile application virtualization system of any one of claims 1-7 wherein the container root process further creates a list of allowed access rights for each container, setting a name Namespace ID for each allowed access rights list;
when the container application is to access the system service of the Android system through the service manager service of the Android system, the service manager service opens the corresponding system service to the container application according to the access service contained in the permission access authority list corresponding to the Namespace ID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010588083.6A CN111796909B (en) | 2020-06-24 | 2020-06-24 | Lightweight mobile application virtualization system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010588083.6A CN111796909B (en) | 2020-06-24 | 2020-06-24 | Lightweight mobile application virtualization system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111796909A CN111796909A (en) | 2020-10-20 |
| CN111796909B true CN111796909B (en) | 2024-04-02 |
Family
ID=72803178
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010588083.6A Active CN111796909B (en) | 2020-06-24 | 2020-06-24 | Lightweight mobile application virtualization system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111796909B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110769320B (en) * | 2019-11-19 | 2021-10-15 | 三星电子(中国)研发中心 | Method, system and device for sharing content by intelligent equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20130093804A (en) * | 2012-01-06 | 2013-08-23 | 한국전자통신연구원 | Apparatus and method for secure and consistent runtime based confidential execution of application services |
| CN103593225A (en) * | 2013-10-30 | 2014-02-19 | 浙江大学 | Method for multiplexing Binder IPC mechanism by multiple Android systems in mobile virtualization scene |
| CN106095530A (en) * | 2016-06-08 | 2016-11-09 | 电子科技大学 | The container of a kind of many android system automatically creates and startup method |
| GB201700073D0 (en) * | 2017-01-04 | 2017-02-15 | Cisco Tech Inc | Method and apparatus for container-based virtualisation |
| CN106471791A (en) * | 2015-04-07 | 2017-03-01 | 华为技术有限公司 | Method and apparatus for the PC cluster framework based on mobile device |
| CN106897611A (en) * | 2017-03-03 | 2017-06-27 | 金光 | Secure virtual mobile applications running environment system and method and application without root authority |
-
2020
- 2020-06-24 CN CN202010588083.6A patent/CN111796909B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20130093804A (en) * | 2012-01-06 | 2013-08-23 | 한국전자통신연구원 | Apparatus and method for secure and consistent runtime based confidential execution of application services |
| CN103593225A (en) * | 2013-10-30 | 2014-02-19 | 浙江大学 | Method for multiplexing Binder IPC mechanism by multiple Android systems in mobile virtualization scene |
| CN106471791A (en) * | 2015-04-07 | 2017-03-01 | 华为技术有限公司 | Method and apparatus for the PC cluster framework based on mobile device |
| CN106095530A (en) * | 2016-06-08 | 2016-11-09 | 电子科技大学 | The container of a kind of many android system automatically creates and startup method |
| GB201700073D0 (en) * | 2017-01-04 | 2017-02-15 | Cisco Tech Inc | Method and apparatus for container-based virtualisation |
| CN106897611A (en) * | 2017-03-03 | 2017-06-27 | 金光 | Secure virtual mobile applications running environment system and method and application without root authority |
Non-Patent Citations (1)
| Title |
|---|
| 一种基于组件的应用虚拟化方法;王千;张激;高元钧;计算机工程;第39卷(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111796909A (en) | 2020-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108170503B (en) | Method, terminal and storage medium for cross-system android application running | |
| CN101755271B (en) | Method and apparatus for managing access privilege in CLDC OSGI environment | |
| CN110011823B (en) | Remote management implementation method and device for Internet of things equipment | |
| US5566326A (en) | Copy file mechanism for transferring files between a host system and an emulated file system | |
| US8621081B2 (en) | Hypervisor controlled user device that enables available user device resources to be used for cloud computing | |
| US20140033208A1 (en) | Method and device for loading application program | |
| CN105550595A (en) | Private data access method and system for intelligent communication equipment | |
| US7770202B2 (en) | Cross assembly call interception | |
| US10411957B2 (en) | Method and device for integrating multiple virtual desktop architectures | |
| CN115378735B (en) | Data processing method and device, storage medium and electronic equipment | |
| US7444624B2 (en) | Method for the secure interpretation of programs in electronic devices | |
| CN115374481B (en) | Data desensitization processing method and device, storage medium and electronic equipment | |
| WO2022170946A1 (en) | Access control method and related apparatus | |
| CN111796909B (en) | Lightweight mobile application virtualization system | |
| CN115048642B (en) | Communication method between trusted applications in multi-trusted execution environment and electronic equipment | |
| CN111339173A (en) | Data sharing method, server and readable storage medium | |
| CN116467704A (en) | Resource calling method and device | |
| CN111666579B (en) | Computer device, access control method thereof and computer readable medium | |
| US20180210770A1 (en) | Enabling wpd devices to be managed at the capability level | |
| CN110502354B (en) | Java intelligent card and calling method of application program interface thereof | |
| US10862757B2 (en) | Isolating a redirected biometric device to a remote session | |
| CN108804236B (en) | AIDL file sharing method and system | |
| CN117235771B (en) | Permission management and control method of application program and electronic equipment | |
| CN111984343B (en) | Plug-in resource searching method, device, equipment and readable storage medium | |
| CN115981576B (en) | Method for sharing data, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wang Zonghui Inventor after: Zhang Xinhao Inventor after: Liu Peiyu Inventor after: Chen Wenzhi Inventor before: Wang Zonghui Inventor before: Zhang Xinhao Inventor before: Liu Peiyu Inventor before: Chen Wenzhi |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |