CN114021105A - Application authentication method and device, electronic equipment and storage medium - Google Patents

Application authentication method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN114021105A
CN114021105A CN202111294231.4A CN202111294231A CN114021105A CN 114021105 A CN114021105 A CN 114021105A CN 202111294231 A CN202111294231 A CN 202111294231A CN 114021105 A CN114021105 A CN 114021105A
Authority
CN
China
Prior art keywords
authentication
security domain
application
target application
applications
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111294231.4A
Other languages
Chinese (zh)
Inventor
司余
王伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhizhangyi Technology Co ltd
Original Assignee
Beijing Zhizhangyi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhizhangyi Technology Co ltd filed Critical Beijing Zhizhangyi Technology Co ltd
Priority to CN202111294231.4A priority Critical patent/CN114021105A/en
Publication of CN114021105A publication Critical patent/CN114021105A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)

Abstract

The invention discloses an authentication method and device of an application, an electronic device and a storage medium, wherein the method comprises the following steps: responding to a starting instruction of a target application, and determining the working state information of other applications in a security domain to which the target application belongs; determining whether a target application authentication event is generated or not according to the working state information of the other applications; and if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication. According to the embodiment of the invention, through containerizing the application needing identity authentication, a plurality of applications share identity authentication configuration information of a security domain, the complicated situation of independent authentication of each application is avoided, the authentication steps of the applications are simplified under the condition of ensuring the running safety of the applications, and the authentication efficiency of the applications is improved.

Description

Application authentication method and device, electronic equipment and storage medium
Technical Field
The embodiment of the invention relates to the technical field of mobile terminals, in particular to an application authentication method and device, electronic equipment and a storage medium.
Background
With the development of smart phones, smart phones have become an indispensable tool or necessary product for life in human life, comprehensively meet personalized requirements of users, and bring brand new application experience. Meanwhile, people are also more and more aware of mobile phone security and privacy.
At present, on a mobile phone end, two approaches are provided for application protection, one is an application lock function provided by a mobile phone manufacturer, and the other is application lock software provided by a mobile phone software manufacturer. The application lock functions of the applications provided by the mobile phone manufacturer are independent, each application needs to be configured independently, and each application needs to be unlocked when being opened, so that the operation is complex. The application lock provided by the mobile phone software provider is affected by various mobile phone manufacturers and systems, the function is unstable, the application authority in the mobile phone system is shrunk and is easy to crack, the application lock can be bypassed, and the application can be directly accessed, so that privacy leakage is caused.
Disclosure of Invention
The invention provides an application authentication method, an application authentication device, electronic equipment and a storage medium, and aims to simplify the application authentication steps under the condition of ensuring the running safety of an application.
In a first aspect, an embodiment of the present invention provides an authentication method for an application, where the method includes:
responding to a starting instruction of a target application, and determining the working state information of other applications in a security domain to which the target application belongs;
determining whether a target application authentication event is generated or not according to the working state information of the other applications;
and if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
In a second aspect, an embodiment of the present invention further provides an authentication apparatus for an application, where the apparatus includes:
the working state determining module is used for responding to a starting instruction of the target application and determining the working state information of other applications in the security domain to which the target application belongs;
the authentication event generation module is used for determining whether to generate a target application authentication event according to the working state information of the other applications;
and the information authentication module is used for acquiring user identity information if the target application authentication event is detected, authenticating the user identity information according to the identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
In a third aspect, an embodiment of the present invention further provides an electronic device, where the electronic device includes:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the method for authenticating an application according to any embodiment of the present invention.
In a fourth aspect, the embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the authentication method for an application according to any embodiment of the present invention.
According to the application authentication method, the application authentication device, the electronic equipment and the storage medium, working state information of other applications in a security domain to which a target application belongs is determined by responding to a starting instruction of the target application; determining whether a target application authentication event is generated or not according to the working state information of the other applications; and if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to the identity authentication configuration information of the security domain, starting the target application under the condition of successful authentication, solving the problems that each application needs to be authenticated independently and the authentication is easy to crack in the prior art, simplifying the authentication steps of the application under the condition of ensuring the running safety of the application, further improving the authentication efficiency of the application, and providing a new idea for the authentication of the application.
Drawings
Fig. 1 is a flowchart of an authentication method for an application according to an embodiment of the present invention;
fig. 2 is a flowchart of an authentication method for an application according to a second embodiment of the present invention;
fig. 3 is a flowchart of an authentication method for an application according to a third embodiment of the present invention;
fig. 4 is a block diagram of an authentication apparatus for an application according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of an application authentication method according to an embodiment of the present invention, which is applicable to a case where multiple applications with authentication requirements are authenticated. The method can be executed by the authentication device of the application provided by the embodiment of the invention, and the device can be realized in a software and/or hardware manner and can be integrated on the electronic equipment.
Specifically, as shown in fig. 1, the authentication method for an application provided in the embodiment of the present invention may include the following steps:
and S110, responding to a starting instruction of the target application, and determining the working state information of other applications in the security domain to which the target application belongs.
The target application is an application to be started, for which a user has a privacy requirement, such as: wechat related to private information, social applications such as QQ, payment applications such as Payment treasures and Wechat related to user fund security. The user can send out a starting instruction of the target application by clicking the identification of the target application on the intelligent equipment, can also send out the starting instruction of the target application by voice, and can also send out the starting instruction of the target application by other modes.
In the application, a containerization platform is provided, and the identity authentication function is added to the common application through containerization. After the application is containerized, a security domain of the application is formed and used for realizing identity authentication and background control. Only one security domain may be set in one smart device, or a plurality of security domains may be set in one smart device. For example, all applications with privacy requirements in one intelligent device can be set in the same security domain; multiple security domains can also be set according to different application categories, for example, social applications such as WeChat and QQ related to privacy information are set in the security domain A, and payment applications such as Payment treasures and WeChat related to user fund security are set in the security domain B.
Preferably, the intelligent device may be configured with a security domain management and control application, and the identity authentication configuration information of the security domain may be configured through the security domain management and control application; wherein, the identity authentication configuration information comprises at least one of the following: identity authentication mode, unlocking password and timeout duration. The timeout duration is the longest interval duration within which another application can be started without authentication after the application enters the background and runs in the security domain. Further, the identity authentication mode may be gesture authentication, fingerprint authentication, face authentication, or any combination thereof. Correspondingly, the unlocking password comprises at least one of the following: an unlock gesture, an unlock fingerprint, and an unlock face.
One security domain includes at least two applications, and at least one other application in addition to the target application. The working state information of the other applications may include start time, background time, close time, and the like of the other applications, and it may be determined that the other applications have successfully completed the identity authentication through the working state information of the other applications.
The intelligent equipment responds to a starting instruction sent by a user to the target application, determines a security domain of the target application, and further determines working state information of other applications in the security domain to determine whether identity authentication needs to be carried out on the target application.
And S120, determining whether a target application authentication event is generated or not according to the working state information of other applications.
The target application authentication event is generated, and it can be understood that identity authentication needs to be performed on the target application. All applications in the same security domain share identity authentication configuration information of the security domain, namely all applications in the same security domain share an unlocking password and timeout time.
In an optional embodiment of the present application, after an application in the security domain succeeds in identity authentication, the application is switched to another application in the security domain, and if the waiting time does not reach the timeout time, the another application may be free from authentication starting; and if the waiting time exceeds the overtime time, generating a target application authentication event to authenticate the user identity information again.
In another optional embodiment of the present application, if no other application in the security domain successfully completes the identity authentication, a target application authentication event needs to be generated to authenticate the user identity information.
S130, if the target application authentication event is detected, user identity information is obtained, authentication is carried out on the user identity information according to identity authentication configuration information of the security domain, and the target application is started under the condition that the authentication is successful.
The user identity information comprises a user name and an unlocking password. After the user identity information is obtained, the identity authentication configuration information of the security domain and the user identity information can be compared, and if the identity authentication configuration information and the user identity information are matched, the authentication is successful. In case the authentication is successful, the target application may be launched.
If the authentication fails, the user is provided with the service of forgetting the password and logging in again. If the user selects to forget the password, jumping to the management and control application of the security domain to reset the password; and if the user selects to log in again, re-acquiring the user identity information input by the user and judging whether the user identity information is matched with the identity configuration information of the security domain or not until the matching is successful, and starting the target application. And if the authentication is not successful after the preset times, jumping to the management and control application of the security domain to reset the password.
According to the technical scheme of the embodiment, the working state information of other applications in the security domain to which the target application belongs is determined by responding to the starting instruction of the target application; determining whether a target application authentication event is generated or not according to the working state information of other applications; if a target application authentication event is detected, user identity information is obtained, authentication is carried out on the user identity information according to identity authentication configuration information of a security domain, and the target application is started under the condition that the authentication is successful.
Example two
Fig. 2 is a flowchart of an authentication method for an application according to a second embodiment of the present invention, which is further optimized based on the above embodiment, and provides a specific description of how to determine whether to generate an authentication event for a target application.
Specifically, as shown in fig. 2, the method includes:
s210, responding to a starting instruction of the target application, and determining the working state information of other applications in the security domain to which the target application belongs.
S220, according to the working state information of other applications, whether the identity authentication of at least one other application in the security domain is successful by adopting the identity authentication configuration information of the security domain is determined.
The identity authentication information of the security domain comprises at least one of the following: identity authentication mode, unlocking password and timeout duration. The timeout duration is the longest interval duration within which another application can be started without authentication after the application enters the background and runs in the security domain. Further, the identity authentication mode may be gesture authentication, fingerprint authentication, face authentication, or any combination thereof. Correspondingly, the unlocking password comprises at least one of the following: an unlock gesture, an unlock fingerprint, and an unlock face. Preferably, the identity authentication information of the security domain may be configured by the security domain management device.
It should be noted that all applications in the same security domain share identity authentication configuration information of the security domain, that is, all applications in the same security domain share the unlocking password and the timeout time. One security domain includes at least two applications, and at least one other application in addition to the target application. The operating state information of the other applications may include start time, background time, and off time of the other applications, and the like.
Because the application can be started only after the identity authentication of the security domain is successful, whether the identity authentication configuration information of the security domain is adopted to successfully authenticate the identity of at least one other application in the security domain can be determined according to the working state information of the other applications.
And S230, if so, judging whether the waiting time of the target application exceeds the overtime time.
The waiting time is the time difference between the time when other applications in the security domain enter the background and the current time. It will be appreciated that in the event that the shortest wait duration of the target application exceeds the timeout duration, all of the wait durations of the target application exceed the timeout duration.
Preferably, the time when the other applications enter the background can be specifically the time closest to the current time. It is to be understood that the waiting time period in the present embodiment is exclusively referred to as the shortest waiting time period.
Further, after it is determined that the identity authentication configuration information of the security domain is adopted to successfully authenticate the identity of at least one other application in the security domain, it is further required to determine whether the waiting time length exceeds the timeout time length.
And if the other applications in the security domain are not successfully authenticated, generating a target application authentication event so as to authenticate the user identity information.
And S240, if the waiting time exceeds the overtime time, generating a target application authentication event.
And under the condition that the waiting time exceeds the overtime length, the previous identity authentication is invalid, and a target application authentication event needs to be generated so as to perform identity authentication on the target application again according to the identity authentication configuration information of the security domain.
If the waiting time does not exceed the overtime time, the previous identity authentication is still valid, and the target application can be started without authentication.
And S250, if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
According to the technical scheme of the embodiment, a specific case introduction for determining whether the target application authentication event is generated is given, and whether the identity authentication configuration information of the security domain is adopted to successfully authenticate the identity of at least one other application in the security domain is determined through the working state information of other applications; if the waiting time of the target application does not exceed the overtime time, starting the target application without authentication; otherwise, generating a target application authentication event to authenticate the user identity information, achieving the effect of simplifying the authentication steps of the application under the condition of ensuring the running safety of the application, and improving the authentication efficiency of the application.
EXAMPLE III
Fig. 3 is a flowchart of an authentication method for an application according to a third embodiment of the present invention, which is further optimized based on the third embodiment of the present invention, and provides a specific description of detecting a security domain to manage an application login state.
Specifically, as shown in fig. 3, the method includes:
s310, responding to a starting instruction of the target application, and detecting a login state of the security domain management and control application.
The security domain management and control application is used for configuring identity authentication configuration information of the security domain and monitoring the working state of each application in the security domain.
The identity authentication of the security domain needs to be established on the premise that the security domain management and control application logs in, and only if the security domain management and control end application logs in and is in a background running state, the working state of each application in the security domain can be monitored and controlled. For example, the start time, background time, etc. of the respective applications are monitored.
In this embodiment, in response to a start instruction for a target application, a login state of a security domain management and control application needs to be detected first.
S320, judging whether the security domain management and control application is logged in; if the security domain management and control application is logged in, executing S350; if the security domain management application is not logged in, S330 is performed.
The security domain management and control application can monitor and control the working state of each application in the security domain only under the condition of logging in. In this embodiment, after determining whether the security domain management and control application has logged in, if the security domain management and control application has logged in, acquiring identity authentication configuration information of a security domain of the target application, and determining working state information of other applications in the security domain to which the target application belongs; if the security domain management and control application is not logged in, the identity authentication configuration information of the security domain of the target application is acquired after the security domain management and control application is logged in, and the working state information of other applications in the security domain to which the target application belongs is determined.
S330, the target application is placed in a background, and the user jumps to a login page of the security domain management and control application.
Before the security domain manages and controls the application to log in, all containerized applications in the security domain cannot be used. Therefore, when the security domain management application is judged not to be logged in, the user jumps to a login page of the security domain management application, so that the user can conveniently log in.
It should be noted that before the user logs in, the user registration needs to be completed in the security domain management application. Further, after the registration is completed, the login password can be reset in the security domain management and control application.
S340, obtaining the login information of the management and control application input by the user, controlling the login of the security domain management and control application, and restarting the target application.
The user can input the login information of the management and control application from the login page of the security domain management and control application, wherein the login information of the management and control application comprises a user name and a password. The intelligent equipment acquires the login information of the management and control application input by the user, controls the security domain management and control application to log in, and restarts the target application.
S350, obtaining identity authentication configuration information of the security domain of the target application, and determining working state information of other applications in the security domain to which the target application belongs.
And S360, determining whether a target application authentication event is generated or not according to the working state information of other applications.
And S370, if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
According to the technical scheme, a specific situation introduction for detecting the login state of the security domain management and control application is given, and the login state of the security domain management and control application is detected by responding to a starting instruction of a target application; judging whether the security domain management and control application is logged in; if not, placing the target application in a background, and jumping to a login page of the security domain management and control application; the method comprises the steps of obtaining control application login information input by a user, controlling the security domain to control application login, restarting the target application, achieving the purpose of immediately jumping to the target application after login, and achieving the effect of improving the authentication efficiency of the target application.
Example four
Fig. 4 is a schematic structural diagram of an authentication apparatus for an application according to a fourth embodiment of the present invention, where the apparatus is adapted to execute an authentication method for an application according to the fourth embodiment of the present invention, and can simplify an authentication step of an application under a condition that operation security of the application is ensured. As shown in fig. 4, the apparatus includes an operation state determination module 410, an authentication event generation module 420, and an identity information authentication module 430.
The working state determining module 410 is configured to determine, in response to a start instruction for a target application, working state information of other applications in a security domain to which the target application belongs;
the authentication event generation module 420 is configured to determine whether to generate a target application authentication event according to the working state information of the other applications;
and the identity information authentication module 430 is configured to, if a target application authentication event is detected, acquire user identity information, authenticate the user identity information according to identity authentication configuration information of the security domain, and start the target application when the authentication is successful.
According to the technical scheme of the embodiment, the working state information of other applications in the security domain to which the target application belongs is determined by responding to the starting instruction of the target application; determining whether a target application authentication event is generated or not according to the working state information of other applications; if a target application authentication event is detected, user identity information is obtained, authentication is carried out on the user identity information according to identity authentication configuration information of a security domain, and the target application is started under the condition that the authentication is successful.
Preferably, the authentication event generating module 420 specifically includes: an authentication determining unit, a timeout judging unit and a first generating unit.
The authentication determining unit is used for determining whether identity authentication of at least one other application in the security domain is successful by adopting identity authentication configuration information of the security domain according to working state information of the other applications;
the overtime judging unit is used for judging whether the waiting time of the target application exceeds the overtime time if the waiting time of the target application exceeds the overtime time; the waiting time is the time difference between the time when other applications in the security domain enter the background and the current time;
the first generation unit is used for generating a target application authentication event if the waiting time length exceeds the overtime time length; otherwise, the target application is started without authentication.
Preferably, the authentication event generating module 420 further includes: and the second generation unit is used for generating a target application authentication event if the other applications in the security domain do not successfully authenticate the identity.
Preferably, the apparatus further comprises: the device comprises a login state detection module and a first configuration acquisition module.
The login state monitoring module is used for detecting the login state of the security domain management and control application; the first configuration acquisition module is used for acquiring identity authentication configuration information of the security domain if the security domain management and control application is logged in.
Preferably, the apparatus further comprises: the system comprises a skip login module, a control login module and a second configuration acquisition module.
The system comprises a login skip module, a login control module and a login control module, wherein the login skip module is used for placing a target application in a background and skipping to a login page of a security domain management and control application if the security domain management and control application does not log in; the control login module is used for acquiring the login information of the control application input by the user and controlling the security domain to control the login of the application; and the second configuration acquisition module is used for restarting the target application and acquiring the identity authentication configuration information of the security domain to which the target application belongs.
Preferably, the apparatus further comprises: the security domain configuration module is used for configuring identity authentication configuration information of the security domain through security domain management and control application; wherein, the identity authentication configuration information comprises at least one of the following: identity authentication mode, unlocking password and timeout duration.
The authentication device for the application provided by the embodiment of the invention can execute the authentication method for the application provided by any embodiment of the invention, and has the corresponding functional module and beneficial effect of the execution method.
EXAMPLE five
Fig. 5 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention. FIG. 5 illustrates a block diagram of an exemplary electronic device 12 suitable for use in implementing embodiments of the present invention. The electronic device 12 shown in fig. 5 is only an example and should not bring any limitation to the function and the scope of use of the embodiment of the present invention.
As shown in FIG. 5, electronic device 12 is embodied in the form of a general purpose computing device. The components of electronic device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Electronic device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by electronic device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM)30 and/or cache memory 32. The electronic device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 5, and commonly referred to as a "hard drive"). Although not shown in FIG. 5, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. System memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in system memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally carry out the functions and/or methodologies of the described embodiments of the invention.
Electronic device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with electronic device 12, and/or with any devices (e.g., network card, modem, etc.) that enable electronic device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Also, the electronic device 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via the network adapter 20. As shown, the network adapter 20 communicates with other modules of the electronic device 12 via the bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with electronic device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing by executing programs stored in the system memory 28, for example, implementing an authentication method of an application provided by an embodiment of the present invention.
EXAMPLE six
An embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the authentication method for an application provided in any embodiment of the present invention.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.

Claims (10)

1. A method for authenticating an application, the method comprising:
responding to a starting instruction of a target application, and determining the working state information of other applications in a security domain to which the target application belongs;
determining whether a target application authentication event is generated or not according to the working state information of the other applications;
and if the target application authentication event is detected, acquiring user identity information, authenticating the user identity information according to identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
2. The method of claim 1, wherein determining whether to generate a target application authentication event according to the operating state information of the other application comprises:
determining whether identity authentication of at least one other application in the security domain is successful by adopting the identity authentication configuration information of the security domain according to the working state information of the other applications;
if yes, judging whether the waiting time of the target application exceeds the overtime time; the waiting time is the time difference between the time when other applications in the security domain enter the background and the current time;
if the waiting time length exceeds the overtime time length, generating the target application authentication event; otherwise, starting the target application without authentication.
3. The method of claim 2, wherein after determining whether the identity authentication of the at least one other application in the security domain using the identity authentication configuration information of the security domain has been successful according to the operating state information of the other applications, further comprising:
and if the other applications in the security domain are not successfully authenticated, generating the target application authentication event.
4. The method of claim 1, further comprising:
detecting a login state of a security domain management and control application;
and if the security domain management and control application is logged in, acquiring identity authentication configuration information of the security domain.
5. The method of claim 4, wherein after detecting the login state of the security domain governing application, further comprising:
if the security domain management and control application is not logged in, placing the target application in a background, and jumping to a login page of the security domain management and control application;
acquiring control application login information input by a user, and controlling the security domain control application to log in;
and restarting the target application, and acquiring the identity authentication configuration information of the security domain to which the target application belongs.
6. The method of claim 1, further comprising:
configuring identity authentication configuration information of the security domain through security domain management and control application; wherein the identity authentication configuration information includes at least one of: identity authentication mode, unlocking password and timeout duration.
7. An authentication apparatus for an application, the apparatus comprising:
the working state determining module is used for responding to a starting instruction of the target application and determining the working state information of other applications in the security domain to which the target application belongs;
the authentication event generation module is used for determining whether to generate a target application authentication event according to the working state information of the other applications;
and the information authentication module is used for acquiring user identity information if the target application authentication event is detected, authenticating the user identity information according to the identity authentication configuration information of the security domain, and starting the target application under the condition of successful authentication.
8. The apparatus of claim 7, further comprising:
the login state monitoring module is used for detecting the login state of the security domain management and control application;
and the configuration information acquisition module is used for acquiring the identity authentication configuration information of the security domain if the security domain management and control application is logged in.
9. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement an authentication method for an application as claimed in any one of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out a method of authentication of an application according to any one of claims 1-6.
CN202111294231.4A 2021-11-03 2021-11-03 Application authentication method and device, electronic equipment and storage medium Pending CN114021105A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111294231.4A CN114021105A (en) 2021-11-03 2021-11-03 Application authentication method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111294231.4A CN114021105A (en) 2021-11-03 2021-11-03 Application authentication method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN114021105A true CN114021105A (en) 2022-02-08

Family

ID=80060285

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111294231.4A Pending CN114021105A (en) 2021-11-03 2021-11-03 Application authentication method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN114021105A (en)

Similar Documents

Publication Publication Date Title
US11914693B2 (en) Fingerprint recognition method and apparatus, and touchscreen terminal
US10447839B2 (en) Device locator disable authentication
CN109150907B (en) Vehicle-mounted industrial personal computer login method, device, system, computer equipment and medium
US8121359B2 (en) Fingerprint identification system and method of an electronic device
EP3058497B1 (en) Secure remote modification of device credentials using device-generated credentials
US11038684B2 (en) User authentication using a companion device
US9450949B2 (en) Method for computer access control by means of mobile end device
EP2895982B1 (en) Hardware-enforced access protection
CN109416800A (en) A kind of authentication method and mobile terminal of mobile terminal
CN103870743A (en) Information processing apparatus, and lock execution method
CN113630253A (en) Login method, device, computer system and readable storage medium
US20210255688A1 (en) Information processing apparatus, information processing method, and program
CN112887922B (en) Message sending method and electronic equipment
CN113158156A (en) Service processing method, system, device, electronic equipment and storage medium
US20190116497A1 (en) Mobile device wireless restricted peripheral sessions
CN112966249A (en) Multi-user account switching method and device, computer equipment and medium
CN114021105A (en) Application authentication method and device, electronic equipment and storage medium
KR102248132B1 (en) Method, apparatus and program of log-in using biometric information
CN112560116A (en) Function control method, device and storage medium
CN110851881A (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN106161371B (en) Method, device and system for retrieving account information
CN112600843B (en) Authentication method, storage medium and gateway
CN114297603A (en) Biological characteristic authentication method and device based on cloud mobile phone, cloud mobile phone platform and storage medium
CN116451203A (en) User identity authentication method and device, electronic equipment and storage medium
CN116702108A (en) Authentication method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination