CN114174990A - Data management method and device, electronic element and terminal equipment - Google Patents

Data management method and device, electronic element and terminal equipment Download PDF

Info

Publication number
CN114174990A
CN114174990A CN202080047554.0A CN202080047554A CN114174990A CN 114174990 A CN114174990 A CN 114174990A CN 202080047554 A CN202080047554 A CN 202080047554A CN 114174990 A CN114174990 A CN 114174990A
Authority
CN
China
Prior art keywords
application
memory
file
data
execution file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202080047554.0A
Other languages
Chinese (zh)
Inventor
李纪赛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Goodix Technology Co Ltd
Original Assignee
Shenzhen Goodix Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Goodix Technology Co Ltd filed Critical Shenzhen Goodix Technology Co Ltd
Publication of CN114174990A publication Critical patent/CN114174990A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The embodiment of the application provides a data management method and device, an electronic element and terminal equipment. The method comprises the following steps: stripping application state data from the application file stored in the first memory of the first element, and generating an application execution file according to a part of files left after the application state data is stripped from the application file; saving the application execution file and the application state data in the first memory, and deleting the application file in the first memory; saving backup data of the application execution file in a second memory of the second element; deleting the application execution file saved in the first memory when there is a storage space release request for the first memory. According to the method of the embodiment of the application, the storage space of the electronic element can be expanded on the premise of not reducing the safety level of the application data.

Description

Data management method and device, electronic element and terminal equipment Technical Field
The present application relates to the field of terminal technologies, and in particular, to a data management method and apparatus, an electronic component, and a terminal device.
Background
With the continuous popularization of mobile terminal equipment and internet of things terminal equipment, the application function requirements of users on the mobile terminal equipment and the internet of things terminal equipment are continuously improved. In some application scenarios, the mobile terminal device and the internet of things terminal device expand application functions by installing electronic elements capable of loading applications. For example, as the mobile terminal device and the terminal device of the internet of things have higher requirements on security. Secure elements typified by smart cards, embedded secure elements (eses), and the like are increasingly used in terminal devices. The safety element is used as a safety unit module on the terminal equipment and is combined with a main processor of the terminal equipment, so that safety functions such as safety storage, a safety cryptographic algorithm, a safety trust root and the like are provided for the terminal equipment, and the safety capability of the terminal equipment is enhanced.
Most electronic components capable of loading applications run a multi-application operating system, and support multiple applications to be loaded into the electronic components at the same time. In practical application scenarios, a large number of applications with complex functions are often loaded and installed in an electronic component capable of loading applications. These applications, when loaded into an electronic component, occupy a large storage space of the electronic component. The electronic components are limited by the process and cost, the memory resources of the chip are limited, and the increasing requirements are difficult to meet, so that the further exertion of the application expansion capability of the electronic components is limited.
Disclosure of Invention
The application data management method and device, the electronic element and the terminal device are provided for solving the problem that the storage space of the electronic element in the prior art cannot meet the requirements of practical application scenes.
The embodiment of the application adopts the following technical scheme:
in a first aspect, an embodiment of the present application provides a data management method, including:
data stripping operation: stripping application state data from the application files stored in the first memory, and generating application execution files according to the files left after the application state data is stripped from the application files, wherein: the first memory is an internal memory of a first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running the application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element may implement the application function by running the application execution file;
saving the application execution file and the application state data in the first memory, and deleting the application file in the first memory;
saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
deleting the application execution file saved in the first memory when there is a storage space release request for the first memory.
In a possible implementation manner of the first aspect, the application file is stored in the first memory in a manner of serialized data blocks;
the application execution file is the data block left after the data block of the application file is stripped from the application state data.
In a possible implementation manner of the first aspect, before the data stripping operation:
judging whether the application corresponding to the application file is a migratable application of the first element, wherein the migratable application is an application which does not influence the normal operation of the first element after being uninstalled;
and when the application corresponding to the application file is a migratable application of the first element, executing the data stripping operation and the subsequent operation steps.
In a possible implementation manner of the first aspect, the method further includes:
saving file state description information in the first memory, wherein the file state description information is used for recording whether the application execution file is saved in the first memory;
and/or the presence of a gas in the gas,
and storing file position description information in the first memory, wherein the file position description information is used for recording the storage position of the backup data in the second memory.
In a possible implementation manner of the first aspect, the storing backup data of the application execution file in the second storage includes:
the backup data of the application execution file is the original data of the application execution file;
alternatively, the first and second electrodes may be,
the backup data of the application execution file is generated after the encryption and integrity signature operations are executed on the application execution file.
In a possible implementation manner of the first aspect, the method further includes:
when an application recovery request exists, determining an application to be recovered corresponding to the application recovery request;
confirming backup data corresponding to the application to be recovered in the second storage;
and obtaining an application execution file corresponding to the application to be restored according to the backup data corresponding to the application to be restored, and copying the application execution file corresponding to the application to be restored to the first storage.
In a possible implementation manner of the first aspect, the method further includes:
when an application running request exists, determining an application to be run corresponding to the application running request;
determining a storage position of an application execution file corresponding to the application to be run;
when the application execution file corresponding to the application to be run is not saved in the first memory, and the backup data of the application execution file corresponding to the application to be run is saved in the second memory, initiating an application recovery request for the application to be run.
In a possible implementation manner of the first aspect, the method further includes:
after the application execution file is deleted from the first storage, when the first storage has an idle space, an application recovery request for an application corresponding to the application execution file is initiated.
In a possible implementation manner of the first aspect, the method further includes:
when an application unloading request exists, determining an application to be unloaded corresponding to the application unloading request;
and deleting the application execution file corresponding to the application to be uninstalled from the first memory, and deleting the backup data of the application execution file corresponding to the application to be uninstalled from the second memory.
In a possible implementation manner of the first aspect, the second memory is a memory of the main processor.
In a second aspect, an embodiment of the present application provides a data management apparatus, including:
a data stripping module, configured to strip application state data from an application file stored in a first memory, and generate an application execution file according to a part of a file left after the application state data is stripped from the application file, where: the first memory is an internal memory of a first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running the application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element may implement the application function by running the application execution file;
a data management module to:
saving the application execution file and the application state data in the first memory, and deleting the application file in the first memory;
saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
deleting the application execution file saved in the first memory when there is a storage space release request for the first memory.
In a third aspect, an embodiment of the present application provides an electronic component, which includes a first memory and a first processor, wherein:
when the electronic element loads an application, the first memory is used for storing an application file corresponding to the application;
the first memory is further adapted to store first computer program instructions which, when executed by the first processor, trigger the electronic component to carry out the method steps as described in the above first aspect.
In a fourth aspect, an embodiment of the present application provides a terminal device, where the terminal device includes a second memory and a second processor, where:
the terminal device may be mounted with the electronic component as described in the third aspect;
the second memory is used for storing application execution files from the electronic element;
the second memory is further adapted to store second computer program instructions which, when executed by the second processor, trigger the terminal device to respond to a request by the electronic component and/or control the electronic component such that the electronic component implements the method steps as described in the above-mentioned first aspect.
According to the technical scheme provided by the embodiment of the application, at least the following technical effects can be realized:
according to the method of the embodiment of the application, the application state data in the application file is stripped to generate the application execution file, and the expansion of the storage space of the electronic element can be realized by storing the backup data of the application execution file and deleting the original application execution file on the premise of not reducing the safety level of the application data;
moreover, according to the method of the embodiment of the application, the application execution file is pre-stored, so that the processor resources occupied when the application execution file is deleted and the storage space is released are greatly reduced, the execution time for releasing the storage space by deleting the application execution file is more flexible, and the influence of the operation of releasing the storage space on other application processes of the security element is greatly reduced;
furthermore, according to the method of the embodiment of the application, the application execution file does not contain the application execution variable, so that the application execution file does not need to be synchronized when the application execution variable changes, and the influence of file synchronization on other application processes of the secure element is avoided;
Drawings
FIG. 1 is a flow chart illustrating an embodiment of a data management method according to the present application;
FIG. 2 is a flowchart illustrating an embodiment of a data management method according to the present application
FIG. 3 is a block diagram of an embodiment of a data management device according to the present application;
fig. 4 is a block diagram of an embodiment of a terminal device according to the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terminology used in the description of the embodiments section of the present application is for the purpose of describing particular embodiments of the present application only and is not intended to be limiting of the present application.
The application provides a data management method aiming at the problem that the storage space of an electronic element in the prior art cannot meet the requirements of practical application scenes. To propose the method of the embodiment of the present application, the inventors first analyzed the practical application scenario of the electronic component.
In a practical application scenario, some electronic components installed in the terminal device for extending application functions may be independently loaded with applications. That is, when the electronic component loads an application, it can save an application file of the application in its own internal memory; and, the electronic component itself has a processor, and it can independently run the application file in the internal memory through its own processor to implement the corresponding application function. For example, when the secure element loads a secure application, it saves the application files of the secure application in its internal memory. When the terminal device realizes the safety protection function through the safety element, the processor of the safety element operates the application file stored in the internal memory of the safety element to realize the safety protection function, but the main processor of the terminal device operates the application file to realize the safety protection function.
The independent loading of the application by the electronic component results in the application file of the application occupying the internal memory space of the electronic component. As electronic components are loaded with increasing applications, the free space of the internal memory of the electronic component is less and less, which eventually results in insufficient internal memory space of the electronic component.
However, although electronic components are loaded with a number of different applications, not all applications are used consistently frequently. Therefore, in a feasible application scheme, when the storage space of the electronic element is insufficient, the application file corresponding to the application which is not frequently used can be temporarily migrated to a memory (external memory) of other equipment except the electronic element, so that the storage space is temporarily made free to meet the current application scene requirement. And then migrating the applications migrated to other storage devices back when the migrated application files need to be used. Therefore, the storage space of the electronic element can be expanded in a phase-changing manner on the premise of not changing the hardware configuration of the electronic element.
However, there is some highly sensitive information related to data security in the application files saved on the electronic component. For example, for a secure element, some application files in the secure element contain highly sensitive information such as amount, counter value, etc. If the highly sensitive information related to data security is migrated to the external memory, the security sensitive information is separated from the protection of the electronic element, thereby causing data security loopholes. Even if security measures such as encryption, replay counters, etc. can be performed on the application file migrated to the external storage, there is still a risk of a reduction in the security level.
Furthermore, the migration of the application file involves the establishment of a data transmission channel with the external memory and the transmission of the application file data, which occupies considerable processor resources and thus affects other application processing processes of the electronic component. One possible solution is to backup application files that can be migrated on the electronic component to the external memory in advance when the electronic component is idle, and to delete the application files that have been backed up to make up the storage space when the internal storage space of the electronic component is insufficient, without migrating the application files.
However, in some application scenarios, an application execution variable related to an actual application scenario exists in the application file, and a specific value of the application execution variable may change along with execution of the application. This makes it necessary to synchronously update the latest application execution variable to the external memory if the application execution variable in the application file is updated after the application file is backed up to the external memory in advance, which also adversely affects the runtime performance of the application in the electronic component.
Based on the analysis of the application scenario, in an embodiment of the present application, the application file is divided into two parts, one part is an executable application code (application execution file) that does not include sensitive information and application execution variables, and the other part is application state data that includes the sensitive information and the application execution variables. And in combination with the application state data, the electronic element runs the application execution file to realize the application function realized by running the original application file.
When the internal storage space of the electronic component is insufficient, the application execution file can be migrated to the external storage to temporarily make up the storage space. Since the application execution file does not contain sensitive information related to data security, migration of the application execution file does not degrade the security level of the application file. According to the method of the embodiment of the application, the application state data is stripped, the backup of the application files can be realized on the premise of not reducing the safety level of the application data, and therefore the expansion of the storage space of the electronic element is realized in a mode of deleting part of the application files.
Meanwhile, because the application execution file is backed up in advance, the occupied processor resources are greatly reduced when the application execution file is only deleted to release the storage space, the execution time for releasing the storage space by deleting the application execution file is more flexible, and the influence of the operation of releasing the storage space on other application processes of the electronic element is greatly reduced; furthermore, the application execution file does not contain the application execution variable, so that the application execution file does not need to be synchronized when the application execution variable changes, and the influence of file synchronization on other application processes of the secure element is avoided.
The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating an embodiment of a data management method according to the present application. As shown in fig. 1, in an embodiment of the present application, the following steps are performed to implement the data management method of the embodiment of the present application:
step 110, data stripping operation: stripping application state data from the application files stored in the first memory, and generating application execution files according to the files left after the application state data is stripped from the application files, wherein: the first memory is an internal memory of the first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running an application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element can realize the application function by running the application execution file;
step 121, saving the application execution file and the application state data in the first memory;
step 122, deleting the application file in the first memory;
step 130, saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
step 140, determining whether there is a storage space release request for the first memory;
if not, return to step 140;
if so, step 141 is executed to delete the application execution file stored in the first memory.
According to the method shown in fig. 1, the application state data in the application file is stripped to generate the application execution file, and the expansion of the storage space of the electronic component can be realized by saving the backup data of the application execution file and deleting the original application execution file on the premise of not reducing the security level of the application data. Moreover, according to the method shown in fig. 1, the application execution file is pre-stored, so that the processor resources occupied when the application execution file is deleted to release the storage space are greatly reduced, the execution time for releasing the storage space by deleting the application execution file is more flexible, and the influence of the operation of releasing the storage space on other application processes of the secure element is greatly reduced; furthermore, the application execution file does not contain the application execution variable, so that the application execution file does not need to be synchronized when the application execution variable changes, and the influence of file synchronization on other application processes of the secure element is avoided.
Further, in an embodiment of the present application, the first element is a secure element of the device, and the steps 110 to 140 are performed by the secure element, so as to prevent the application file from being separated from the protection of the secure element, and improve data security.
Further, in an embodiment of the present application, the first component is a main processor of the device, and the second memory is a memory of the main processor. Therefore, the transmission path of the backup data can be simplified as much as possible, and the transmission efficiency of the backup data is accelerated.
Further, in an actual application scenario, the steps shown in fig. 1 may have a variety of different implementations. In the process of implementing the technical scheme of the embodiment of the application, a corresponding implementation mode can be adopted according to the specific application scene requirements.
Specifically, in an application scenario, the application file stored in the first storage is executable data formed by unpacking and serializing the application package downloaded from the first component. When an application data package is downloaded by a first element, the application data package cannot be directly run, and an executable application file is generated after unpacking and serialization, and the application file is stored in a first memory so that a processor of the first element can call and execute the application file.
Further, in an application scenario, serialization for application package data refers to serializing an executable file in the application package data into one or more contiguously stored binary data blocks. That is, the application file is saved in the first memory as serialized data blocks. The application execution file generated after the data stripping operation is executed is the data block of the application file left after the application state data is stripped.
Further, in an application scenario, when processing an application file, the application file is divided in units of applications, that is, one application file corresponds to one application. When the storage space is released, the application execution file is also deleted in units of applications. The application executable file and the application have a corresponding relation, and the scheduling is carried out by taking the application as a unit, so that the management of the persistent storage space of the electronic element is facilitated, and the expansion of the storage capacity of the electronic element is facilitated. The application and the application execution file have a corresponding relation, and the corresponding relation can enable the scheduling of the application execution file to be more consistent with the cognition of a user, so that the user is prevented from being confused.
Further, in an actual application scenario, not all applications loaded on the first element may be migrated to the external memory. Some critical applications cannot be migrated (cannot be deleted, e.g., system applications) and therefore cannot be freed by deleting the critical application, and it is not practical to backup the critical application to the external storage in advance. Therefore, in an embodiment of the present application, only applications that can be migrated are backed up in advance. That is, in step 130, no data stripping operation is performed on application files that cannot participate in the migration.
Specifically, in an embodiment of the present application, step 110 is preceded by:
judging whether the application corresponding to the application file is a transferable application of the first element or not, wherein the transferable application is an application which does not influence the normal operation of the first element after being unloaded;
and when the application corresponding to the application file is a migratable application of the first element, executing a data stripping operation and a subsequent operation step.
Further, considering that performing a data stripping operation on only a part of the application files may cause confusion on saving the application files, in an embodiment of the present application, in step 110, a migratable application that may participate in migration is identified from among the applications loaded by the first element; executing data stripping operation on application files corresponding to all the migratable applications; a data stripping operation is performed on all application files of the first component. In step 121, a set of migratable files is constructed in the first storage, where the set of migratable files contains application execution files corresponding to all migratable applications. In step 130, the backup data of all application execution files in the set of migratable files is saved to the second memory. In step 141, when there is a storage space release request, one or more application execution files in the set of migratable files currently saved in the first memory are deleted.
Specifically, in the implementation manner, the migratable application may be determined according to specific application requirements. The migratable file set is a subset of the full set of application execution files in the first component, and the range of the migratable file set can be preset or can be specified by a specific instruction at a later stage.
In the above embodiment, the setting of the set of migratable files may be adapted to the requirements of the first element operating system, such as the Java Card operating system, which is complex.
Further, in an actual application scenario, for implementation of step 140, it may be determined whether to initiate a storage space release request according to an actual application requirement. For example: when the internal storage space of the first element is abundant, a storage space release request is not initiated; the storage space release request is initiated only when the internal storage space of the first element is short, so that the storage area of the first element can be fully used, and the safe storage capacity of the first element can be fully exerted. For another example, an instruction is sent from the external controller to the first element to request the first element to delete one or more application execution files in the first memory.
Specifically, for example, in an embodiment of the present application, a storage space occupation threshold is set, and a storage space release request is initiated when the storage space occupation of the first element exceeds the preset storage space occupation threshold (for example, the storage space release request is initiated when the storage space vacancy of the first element is less than 10%).
Specifically, for another example, in an embodiment of the present application, when the first element needs to perform a data saving operation (for example, a new application needs to be loaded, or a deleted application execution file needs to be restored), it is determined whether the current storage space is sufficient for performing the data saving operation, and a storage space release request is initiated when the current storage space is insufficient for performing the data saving operation.
Further, in an actual application scenario, for implementation of step 141, the application execution file that needs to be deleted may be determined according to actual application requirements.
For example, in one implementation of step 141, when there is a storage space release request, all application execution files in the set of migratable files that are currently saved in the first memory are deleted.
For another example, in one implementation of step 141, when there is a storage space release request, the size of the storage space that needs to be released to satisfy the current data storage requirement is calculated, and one or more application execution files in the migratable file set that are currently saved in the first memory are deleted, so that the sum of the data amounts of the deleted application execution files is the size of the storage space that needs to be released to satisfy the current data storage requirement.
For another example, in one implementation of step 141, when there is a request to release the storage space, the application execution file with the lowest running frequency is preferentially deleted.
Further, in an actual application scenario, after the storage space is released by deleting the application execution file, if the deleted application execution file needs to be executed, the application execution file needs to be restored from the backup data saved in the second storage.
As shown in fig. 1, the data management method according to an embodiment of the present application further includes the following steps:
step 150, judging whether an application recovery request exists;
if not, returning to step 150;
when there is an application resume request, perform step 151;
step 151, determining an application to be restored corresponding to the application restoration request;
step 152, confirming the backup data corresponding to the application to be restored in the second memory;
step 153, obtaining an application execution file corresponding to the application to be restored according to the backup data corresponding to the application to be restored, and copying the application execution file corresponding to the application to be restored to the first storage.
Specifically, in an embodiment of the present application, file location description information is stored in the first memory, and the file location description information is used to record the storage location of the backup data that has been stored in the second memory. In this way, when the application execution file is restored from the backup data saved in the second storage to the first storage, the backup data corresponding to the application execution file in the second storage can be located through the file location description information.
Specifically, in an application scenario, the file location description information stored in the first memory is generated by the controller of the second memory. And after the second memory stores the backup data, the controller of the second memory generates corresponding file position description information according to the storage position of the backup data stored in the second memory, and feeds the file position description information back to the controller of the first memory.
Further, in an actual application scenario, for implementation of step 150, it may be determined whether to initiate an application recovery request according to an actual application requirement.
For example, in an embodiment of the present application, when an application execution file that needs to be executed has been deleted in the first storage, an application recovery request is initiated, so that the file is executed according to the saved backup recovery application. Specifically, the method comprises the following steps:
when an application running request exists, determining an application to be run corresponding to the application running request;
determining a storage position of an application execution file corresponding to an application to be run;
and when the application execution file corresponding to the application to be executed is not saved in the first memory and the backup data of the application execution file corresponding to the application to be executed is saved in the second memory, initiating an application recovery request aiming at the application to be executed.
Specifically, in an embodiment of the present application, file state description information is stored in the first memory, and the file state description information is used to record whether the application execution file whose backup data has been stored in the second memory is stored in the first memory. Therefore, the storage position of the application execution file corresponding to the application to be run can be determined by reading the file state description information.
For another example, in an embodiment of the present application, after the application execution file is deleted from the first storage, when there is an idle space in the first storage, an application recovery request for an application corresponding to the deleted application execution file is initiated.
Specifically, when there are multiple recoverable applications, the application with the highest probability of being executed may be backed up and recovered, so that it is not necessary to wait for recovery of the backup when the application needs to execute the file later.
Specifically, the method comprises the following steps:
when the first memory has an idle space, initiating an application recovery request for the application execution file A, wherein:
the application execution file a is an application execution file with the highest execution probability among application execution files that are not stored in the first memory but are stored in the second memory.
Further, in an implementation manner of step 130, the backup data of the application execution file saved in the second storage is the original data of the application execution file.
Further, in order to improve data security, in an implementation manner of step 130, the backup data of the application execution file saved in the second storage is data generated after performing encryption and integrity signing operations on the application execution file.
Specifically, in step 130, the application executes the file encryption and integrity signing operations to generate backup data, and then copies the backup data to the second storage. Further, when the backup is restored, the encrypted and integrity-signed backup data is copied from the second storage to the first storage, then file decryption and signature verification are performed on the backup data to obtain a corresponding application execution file, and finally the application execution file after the file decryption and signature verification is stored in the first storage.
In particular, in one implementation of step 130, the encrypted and signed keys are stored in the first component and are not readable. The key is unique to each first element and is different from one another. This ensures that the application executing file backup data residing in the second memory is not available to an attacker to destroy the security capabilities of the first component.
Further, in an actual application scenario, when the application execution file in the first storage is deleted, the corresponding application requirement may not release the storage space, or the first element may need to uninstall the application. In this case, if only the application execution file in the first memory is deleted, the application execution files on the second memory are caused to accumulate continuously, thereby generating a large amount of invalid data. Therefore, in an embodiment of the present application, when there is an application uninstall request, an application to be uninstalled corresponding to the application uninstall request is determined; and deleting the application execution file corresponding to the application to be uninstalled from the first memory, and deleting the backup data of the application execution file corresponding to the application to be uninstalled from the second memory.
Fig. 2 is a flowchart illustrating an embodiment of a data management method according to the present application. As shown in fig. 2, in an embodiment of the present application, the first component performs the following steps to implement the data management method of the embodiment of the present application:
step 200, downloading an application B;
step 201, executing serialization operation on the downloaded application B, generating a serialized application file B and storing the application file B in an internal memory of a first element;
step 210, executing data stripping operation on the application file B, stripping application execution variables and sensitive information from the application file B, and generating independent application execution variable data B, sensitive information data B and an application executable file B;
step 211, saving the application execution variable data B, the sensitive information data B and the application executable file B to the internal memory, deleting the application file B saved in the internal memory of the first element, and saving the file state description information of the application executable file B in the internal memory of the first element;
step 213, encrypting and integrity signing the application executable file B to generate backup data of the application executable file B;
step 214, saving the backup data of the application executable file B to the memory of the second element, and saving the file position description information of the application executable file B in the internal memory of the first element;
step 220, judging whether a storage space release request aiming at the internal memory of the first element exists;
if not, return to step 220;
if so, go to step 221;
step 221, deleting the application executable file B stored in the internal memory of the first component, and updating the file state description information of the application executable file B stored in the internal memory of the first component;
step 230, judging whether an operation request aiming at the application B exists;
if not, return to step 230;
if so, go to step 231;
step 231, reading the file state description information of the application executable file B saved in the internal memory of the first element to confirm the saved state of the application executable file B;
step 233, when the application executable file B is not saved in the internal memory of the first component, reading the file location description information of the application executable file B saved in the internal memory of the first component, and locating the backup data of the application executable file B in the memory of the second component;
step 234, copying the backup data of the application executable file B in the memory of the second element to the first element;
step 235, decrypting and signature verifying the copied backup data to obtain an application executable file B;
at step 236, application executable B is saved in the internal memory of the first component.
It is to be understood that some or all of the steps or operations in the above-described embodiments are merely examples, and other operations or variations of various operations may be performed by the embodiments of the present application. Further, the various steps may be performed in a different order presented in the above-described embodiments, and it is possible that not all of the operations in the above-described embodiments are performed.
Further, based on the data management method provided in an embodiment of the present application, an embodiment of the present application also provides a data management device. FIG. 3 is a block diagram of an embodiment of a data management device according to the present application. In an embodiment of the present application, as shown in fig. 3, in an embodiment of the present application, a data management apparatus 300 includes:
a data stripping module 310, configured to strip application state data from the application file stored in the first memory, and generate an application execution file according to a part of the file left after the application state data is stripped from the application file, where: the first memory is an internal memory of the first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running an application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element can realize the application function by running the application execution file;
a data management module 320 for:
saving an application execution file and application state data in a first memory, and deleting the application file in the first memory;
saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
when there is a storage space release request for the first memory, the application execution file saved in the first memory is deleted.
Further, in a possible implementation, the data management module 320 is further configured to:
when an application recovery request exists, determining an application to be recovered corresponding to the application recovery request;
confirming backup data corresponding to the application to be recovered in the second memory;
and obtaining an application execution file corresponding to the application to be restored according to the backup data corresponding to the application to be restored, and copying the application execution file corresponding to the application to be restored to the first storage.
The apparatus provided in the embodiment of the present application shown in fig. 3 may be used to implement the technical solution of the embodiment of the present application shown in fig. 1, and the implementation principle and technical effects of the apparatus may further refer to the related description in the method embodiment.
In the description of the embodiments of the present application, for convenience of description, the device is described as being divided into various modules/units by functions, the division of each module/unit is only a division of logic functions, and the functions of each module/unit can be implemented in one or more pieces of software and/or hardware when the embodiments of the present application are implemented.
The embodiments herein are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments herein. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Based on the above analysis description, according to the scheme of the method embodiment and the apparatus embodiment of the present application, an embodiment of the present application further provides an electronic component, which includes a first memory and a first processor, wherein:
the electronic component is mountable on a terminal device including the second memory;
when the electronic element loads an application, a first memory of the electronic element is used for storing an application file corresponding to the application;
the first memory of the electronic component is further adapted to store first computer program instructions which, when executed by the first processor, trigger the electronic component to carry out the method steps of the embodiment as shown in fig. 1.
Further, an embodiment of the present application further provides a terminal device. The terminal device includes a second memory and a second processor, wherein:
the terminal equipment can be provided with the electronic element provided by the embodiment of the application, and the electronic element comprises a first memory and a first processor;
the second memory of the terminal equipment is used for storing backup data of an application execution file from the electronic element provided by the embodiment of the application;
the second memory of the terminal device is further adapted to store second computer program instructions which, when executed by the second processor of the terminal device, trigger the terminal device to respond to a request by the electronic component and/or to control the electronic component such that the electronic component implements the method steps of the embodiment as shown in fig. 1.
Further, in an application scenario, the electronic component is a secure element, and the memory of the main processor of the terminal device to which the secure element is mounted is the second memory. One embodiment of the present application provides a system for expanding the storage capacity of a secure element through a non-volatile memory of a host processor. The system comprises a terminal device provided with a safety element, wherein the terminal device comprises a main processor, and a data interaction channel is arranged between the main processor and the safety element. The system utilizes the application execution files which do not contain sensitive information and application execution variables in the backup storage safety element with large storage space safety of the main processor, so that when the storage space of the safety element is insufficient, some application execution files can be temporarily removed, and the purpose of storing more applications and data in the safety element with limited resources is achieved.
Fig. 4 is a block diagram of an embodiment of a terminal device according to the present application. In an embodiment of the present application, as shown in fig. 4, the terminal device includes a main processor 400 and an electronic component 410, and a data interaction path is provided between the main processor 400 and the electronic component 410, and has a data interaction capability. The main processor 400 and the electronic component 410 have respective memory areas.
Specifically, the main processor 400 may be an application processing chip, which is a resource-rich chip and has a larger memory resource. The electronic component 410 may be a secure component, and specifically, may be an embedded secure component (eSE), and may also be a Subscriber Identity Module (SIM) Card or a Universal Integrated Circuit Card (UICC) Card. The secure element 310 may conform to ISO/IEC 7816 specifications, Java smart Card (Java Card) specifications, global platform Card (GlobalPlatform Card) specifications, and the like.
In a practical application scenario, the number of connection channels between the main processor 300 and the secure element 310 is not limited to one. The connection form between the main processor 400 and the electronic component 410 is not limited to direct connection, and may be indirect connection through a third module, for example, Near Field Communication (NFC) chip connection. The communication interface protocol of the host processor and the secure element is not limited to a particular interface protocol, such as SPI, I2C, UART, 7816, etc. In one embodiment, there is only one connection between host processor 400 and electronic component 410, and host processor 400 and electronic component 410 are directly connected via the SPI interface. In another embodiment, the main processor 400 and the electronic component 410 have two connection paths, one path is used for data transmission between the main processor 400 and the electronic component 410; the other path is for the electronics 410 to send an active signal to the host processor 400.
The main processor 400 includes an electronic component access module 401 and a backup management module 402. In one embodiment, the electronic access module 401 and the backup management module 402 run on the main processor 400. They may exist in the form of a secure element driver running in Linux, or may be a trusted application in a trusted execution environment.
The electronic component access module 401 is configured to access the electronic component 410, and perform data transmission through a data interaction path between the main processor 400 and the electronic component 410. In one embodiment, the electronic component access module 401 sends an instruction in compliance with an Application Protocol Data Unit (APDU) format defined by the ISO/IEC 7816-4 specification to access the electronic component 410. In another embodiment, electronics access module 401 may also employ a custom data transfer protocol.
The backup management module 402 is used to store the application execution file exported from the electronic component 410 in the storage area of the main processor 400. The backup data of the application execution files stored in the storage area of the main processor 400 correspond to file location description information, which is generated by the backup management module 402 of the main processor 400 and stored in the electronic component 410. The electronic component 410 may determine the storage location of the backup data in the storage area of the main processor 400 and the occupied space size according to the file location description information. In this embodiment, the file location description information is 8 bytes, and is used to record the file identifier and the offset for storing the backup data. In other embodiments, the file location description information may also adopt other definition methods.
The electronic component 410 includes a file management application module 411, a file preparation module 412, a file encryption/decryption module 413, a file migration module 414, and a file restoration module 415.
The file management application module 411 is an application that can be selected in the electronic component 410, and is used to establish a connection with the electronic component access module 401 of the main processor 400, accept data incoming from the electronic component access module 401 in the main processor 400, and organize response data returned. In one embodiment, the file management application module 411 is a security application that can be selected through a SELECT APDU.
The file preparation module 412 performs a data stripping operation on the application file in the electronic component 410, generating an application execution file and application state data. In one embodiment, the application file stored in the storage area of the electronic component 410 is a CAP file conforming to the Java Card standard, and is composed of several components. The application file is stored in the form of a block of continuously stored binary data after the CAP file is serialized. The file preparation module 412 strips the application state data from the CAP file serialized binary data to leave the application execution data, which is also a block of contiguously stored binary data.
The file encryption/decryption module 413 is configured to encrypt and sign the application execution file to generate backup data, so that the backup data finally stored in the storage area of the main processor 400 is encrypted and signed data.
The file encryption/decryption module 413 is further configured to perform signature verification and decryption to generate an application execution file when the encrypted and signed backup data is imported from the storage area of the main processor 400 into the electronic component 410. The encryption and signature keys are present in the electronic component 410 and are not readable. The encryption and signature employ symmetric cryptographic algorithms, the keys being unique to each secure element and different from one another. In one embodiment, the hash algorithm SHA2 and the symmetric cipher algorithm AES are employed.
The file migration module 414, when there is a storage space release request, removes (deletes) one or more application execution files from the storage area of the electronic component 410, and releases the storage space occupied by them. And, record the file status description information of each application execution file, i.e., whether the application execution file exists in the storage area of the electronic component 410. In one embodiment, the storage release request is not initiated when the secure element internal storage is abundant (available storage is greater than or equal to 10% of the total storage), and is only initiated when the secure element internal storage is tight.
The application execution files corresponding to the applications that can participate in migration in the electronic element 410 form a migratable file set, the migratable file set is a subset of the full set of application execution files in the electronic element 410, and the number of the application execution files included in the migratable file set is not less than 2. The scope of the set of migratable files may be predetermined or determined at a later time by specific instructions. Only application execution files belonging to the set of migratable files will be backed up for storage in the storage area of the main processor 400 and temporarily removed from the electronic component 410 when the storage space is released. In one embodiment, the range of migratable file sets is: only the application execution file corresponding to the secure application managed by the card package application on the main processor 400 belongs to the migratable file set.
When an application restoration request is made, the file restoration module 415 imports one or more backup data from the storage area of the main processor 400 into the storage area of the electronic component 410, and decrypts and checks the data to generate a corresponding application execution file.
In an application scenario, the system shown in fig. 4 performs the following steps to implement the save operation of the application execution file:
the electronic component 410 serializes the downloaded application files for storage as a contiguously stored binary data block;
the file preparation module 412 of the electronic component 410 strips the application state data from the binary data block of the application file, and generates an application execution file based on the file remaining after data stripping;
the electronic component access module 401 accesses the file management application module 411 of the electronic component 410 to obtain the size of the application execution file;
backup management module 402 applies for space in the storage area of main processor 400;
the electronic component access module 401 performs a series of interactions with the file management application module 411, reads backup data generated after an application execution file is encrypted and signed from the electronic component 410, stores the backup data in a storage area of the main processor 400, and after the storage is completed, the backup management module 402 generates file location description information;
the electronic component access module 401 accesses the file management application module 411 of the electronic component 410, and transmits the file location description information to the electronic component 410;
the electronic component 410 records the file location description information, and the backup data is saved.
In an embodiment, the timing of initiating the saving operation of the backup data is initiated by the electronic component access module 401 of the main processor 400 at a time after the operation of downloading the application is performed on the electronic component 410. The download application is to download a CAP file and install a Java Applet application into the electronic component 410 through a series of APDU commands according to the GlobalPlatform specification. In another embodiment, the initiation timing of the above-mentioned saving operation of the backup data may also be determined by the electronic component 410, and the electronic component 410 sends a signal to the main processor 400 to trigger the electronic component access module 401 of the main processor 400 to initiate a flow of the saving operation of the backup data.
In an application scenario, the system shown in fig. 4 performs the following steps to implement the deletion operation of the backup data:
the electronic component access module 401 accesses the file management application module 411 of the electronic component 410, and obtains file location description information corresponding to an application needing to be uninstalled;
the backup management module 402 locates the backup data in the storage area of the main processor 400 according to the file location description information, and deletes the backup data stored in the main processor.
In an embodiment, the above-mentioned deletion operation of the backup data is initiated by the electronic component access module 401 of the main processor 400 at a time after the uninstall application operation is performed on the electronic component 410. The uninstall operation of the electronic component 410 is to delete a certain CAP file or Java Applet through a series of APDU commands according to the GlobalPlatform specification. In another embodiment, the initiation timing of the above-mentioned deleting operation of the backup data may also be determined by the electronic component 410, and the electronic component 410 sends a signal to the main processor 400 to trigger the electronic component access module 401 of the main processor 400 to initiate the flow of the deleting operation of the backup data.
In one application scenario, the system shown in fig. 4 performs the following steps to achieve the release of storage space:
file migration module 414 in electronic component 410 deletes one or more application executables, freeing up their occupied storage space;
the file migration module 414 in the electronic component 410 updates the file state description information of the application executable, i.e., the application executable is in an unavailable state in the electronic component 410.
In an embodiment, when the internal storage space of the electronic component 410 is tight, the electronic component 410 determines that the space occupied by the one or more application executables needs to be released, and the file migration module 414 of the secure element initiates the storage space release request. In another embodiment, the initiation timing of the above-mentioned memory space releasing operation may be that at any time, the electronic component access module 401 of the main processor 400 initiates a memory space releasing request to the electronic component 410.
In an application scenario, the system shown in FIG. 4 performs the following steps to enable the recovery of an application executable:
the electronic component 410 transmits file location description information of the application executable file requiring restoration to the electronic component access module 401;
the backup management module 402 imports the backup data of the application executable file into the electronic component 410 according to the file location description information;
the backup data is decrypted and signed to generate an application executable file, and the application executable file is stored in the storage area of the electronic component 410.
The file migration module 414 of the electronic component 410 updates the file state description information of the application executable, i.e., the application executable is available in the electronic component 410.
In an embodiment, the initiation timing of the recovery operation of the application executable file is determined by a user, or determined by some subsequent influence caused by some operations of the user. The user may be a person operating the mobile device or an operator of the secure element remote management server. When the user decides to restore the image, the application program on the main processor is triggered to run, and the image restoration operation is triggered by the application program of the main processor. In another alternative embodiment, the initiation timing of the image recovery operation may also be determined by the secure element, and the secure element sends a signal to the host processor to trigger the security access module of the host processor to initiate the flow of the image recovery operation.
In one embodiment, the file state description information of the application executable is also synchronously saved in the backup management module 402 of the main processor 400. Specifically, the file state description information of the application executable file includes state information of a Java Applet corresponding to a CAP file belonging to the migratable file set in the electronic component 410, and is displayed to the user, and the user triggers a recovery process of the application executable file.
In another embodiment, a signal is sent by the electronics component 410 to the host processor to initiate a recovery operation flow of the application executable. The backup management module 402 of the main processor 400 does not need to record the file state description information of the application executable file, and the recovery operation of the application executable file can be performed implicitly without being shown to the user.
The apparatus, elements, devices or modules described in the embodiments of the present application may be implemented by a computer chip or an entity, or by a product with certain functions. Specifically, in an embodiment of the present application, the terminal device may be: mobile terminals (mobile phones, tablet computers, notebook computers), local terminals (personal/industrial computers), cloud servers, and the like.
Specifically, the processors of the devices, elements, and apparatuses in the embodiments of the present application may be Central Processing Units (CPUs), and may further include other types of processors. The processor may have the capability to operate one or more software programs, which may be stored on the storage medium.
In particular, the memories of the devices, elements, and apparatuses in the embodiments of the present application may be any computer-readable medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
In particular, in an embodiment of the present application, the processor and the memory may be combined into a processing device, and more generally, independent components, and the processor is configured to execute the program code stored in the memory to implement the method described in the embodiment of the present application. In particular implementations, the memory may be integrated within the processor or may be separate from the processor.
Further, the apparatuses, devices, modules, or units illustrated in the embodiments of the present application may be specifically implemented by a computer chip or an entity, or implemented by a product with certain functions.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
In the several embodiments provided in the present application, any function, if implemented in the form of a software functional unit and sold or used as a separate product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application.
Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media having computer-usable program code embodied in the medium.
Specifically, an embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the method provided by the embodiment of the present application.
An embodiment of the present application further provides a computer program product, which includes a computer program, when it runs on a computer, causes the computer to execute the method provided by the embodiment of the present application.
In the embodiments of the present application, "at least one" means one or more, "and" a plurality "means two or more. "and/or" describes the association relationship of the associated objects, and means that there may be three relationships, for example, a and/or B, and may mean that a exists alone, a and B exist simultaneously, and B exists alone. Wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" and similar expressions refer to any combination of these items, including any combination of singular or plural items. For example, at least one of a, b, and c may represent: a, b, c, a and b, a and c, b and c or a and b and c, wherein a, b and c can be single or multiple.
In the embodiments of the present application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the specific embodiments of the present application, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure, and all the changes or substitutions should be covered by the protection scope of the present application. The protection scope of the present application shall be subject to the protection scope of the claims.

Claims (13)

  1. A method for managing data, comprising:
    data stripping operation: stripping application state data from the application files stored in the first memory, and generating application execution files according to the files left after the application state data is stripped from the application files, wherein: the first memory is an internal memory of a first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running the application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element may implement the application function by running the application execution file;
    saving the application execution file and the application state data in the first memory, and deleting the application file in the first memory;
    saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
    deleting the application execution file saved in the first memory when there is a storage space release request for the first memory.
  2. The method of claim 1, wherein the application file is stored in the first memory as serialized data blocks;
    the application execution file is the data block left after the data block of the application file is stripped from the application state data.
  3. The method of claim 1 or 2, wherein prior to the data stripping operation:
    judging whether the application corresponding to the application file is a migratable application of the first element, wherein the migratable application is an application which does not influence the normal operation of the first element after being uninstalled;
    and when the application corresponding to the application file is a migratable application of the first element, executing the data stripping operation and the subsequent operation steps.
  4. The method according to any one of claims 1 to 3, further comprising:
    saving file state description information in the first memory, wherein the file state description information is used for recording whether the application execution file is saved in the first memory;
    and/or the presence of a gas in the gas,
    and storing file position description information in the first memory, wherein the file position description information is used for recording the storage position of the backup data in the second memory.
  5. The method according to any one of claims 1 to 4, wherein the backup data of the application execution file is saved in the second memory, wherein:
    the backup data of the application execution file is the original data of the application execution file;
    alternatively, the first and second electrodes may be,
    the backup data of the application execution file is generated after the encryption and integrity signature operations are executed on the application execution file.
  6. The method according to any one of claims 1 to 5, further comprising:
    when an application recovery request exists, determining an application to be recovered corresponding to the application recovery request;
    confirming backup data corresponding to the application to be recovered in the second storage;
    and obtaining an application execution file corresponding to the application to be restored according to the backup data corresponding to the application to be restored, and copying the application execution file corresponding to the application to be restored to the first storage.
  7. The method of claim 6, further comprising:
    when an application running request exists, determining an application to be run corresponding to the application running request;
    determining a storage position of an application execution file corresponding to the application to be run;
    when the application execution file corresponding to the application to be run is not saved in the first memory, and the backup data of the application execution file corresponding to the application to be run is saved in the second memory, initiating an application recovery request for the application to be run.
  8. The method of claim 6, further comprising:
    after the application execution file is deleted from the first storage, when the first storage has an idle space, an application recovery request for an application corresponding to the application execution file is initiated.
  9. The method according to any one of claims 1 to 8, further comprising:
    when an application unloading request exists, determining an application to be unloaded corresponding to the application unloading request;
    and deleting the application execution file corresponding to the application to be uninstalled from the first memory, and deleting the backup data of the application execution file corresponding to the application to be uninstalled from the second memory.
  10. The method of any one of claims 1 to 9, wherein the second memory is a memory of a host processor.
  11. A data management apparatus, comprising:
    a data stripping module, configured to strip application state data from an application file stored in a first memory, and generate an application execution file according to a part of a file left after the application state data is stripped from the application file, where: the first memory is an internal memory of a first element; the first element is an element which can independently load an application in the equipment, and the first element can realize an application function by running the application file; the application state data comprises application execution variables and sensitive information related to data security; in combination with the application state data, the first element may implement the application function by running the application execution file;
    a data management module to:
    saving the application execution file and the application state data in the first memory, and deleting the application file in the first memory;
    saving backup data of the application execution file in a second memory, wherein the second memory is a memory of a second element, and the first element and the second element belong to the same device;
    deleting the application execution file saved in the first memory when there is a storage space release request for the first memory.
  12. An electronic component, comprising a first memory and a first processor, wherein:
    when the electronic element loads an application, the first memory is used for storing an application file corresponding to the application;
    the first memory is further adapted to store first computer program instructions which, when executed by the first processor, trigger the electronic component to carry out the method steps of any one of claims 1-10.
  13. A terminal device, characterized in that the terminal device comprises a second memory and a second processor, wherein:
    the terminal device having the electronic component according to claim 13 mounted thereon;
    the second memory is used for storing backup data of an application execution file from the electronic element;
    the second memory is further adapted to store second computer program instructions which, when executed by the second processor, trigger the terminal device to respond to a request by the electronic component and/or control the electronic component such that the electronic component implements the method steps of any of claims 1-10.
CN202080047554.0A 2020-07-09 2020-07-09 Data management method and device, electronic element and terminal equipment Pending CN114174990A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/101042 WO2022006810A1 (en) 2020-07-09 2020-07-09 Data management method and apparatus, electronic element, and terminal device

Publications (1)

Publication Number Publication Date
CN114174990A true CN114174990A (en) 2022-03-11

Family

ID=79553462

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202080047554.0A Pending CN114174990A (en) 2020-07-09 2020-07-09 Data management method and device, electronic element and terminal equipment

Country Status (2)

Country Link
CN (1) CN114174990A (en)
WO (1) WO2022006810A1 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150205542A1 (en) * 2014-01-22 2015-07-23 Vmware, Inc. Virtual machine migration in shared storage environment
US10613849B2 (en) * 2016-09-23 2020-04-07 Visa International Service Association Update migration system and method
CN108469986B (en) * 2017-02-23 2021-04-09 华为技术有限公司 Data migration method and device
CN109871284A (en) * 2017-12-05 2019-06-11 北京元比特科技有限责任公司 The virtualization technology and method that a kind of application program is executed across Language Runtime
CN109240712B (en) * 2018-08-22 2022-03-22 深信服科技股份有限公司 Data migration method of secure working space, terminal and storage medium

Also Published As

Publication number Publication date
WO2022006810A1 (en) 2022-01-13

Similar Documents

Publication Publication Date Title
CN113656806B (en) Trusted starting method and device of block chain all-in-one machine
EP3103048B1 (en) Content item encryption on mobile devices
EP1918841A2 (en) Operating system monitoring setting information generator apparatus and operating system monitoring apparatus
CN106991321B (en) Method and device for running application program in multi-container system without trace
WO2017095565A1 (en) Methods and apparatus to provide for efficient and secure software updates
CN109657448B (en) Method and device for acquiring Root authority, electronic equipment and storage medium
CN108780482B (en) Method and device for managing applications in a secure device
US20170068531A1 (en) Method of deploying a set of software application(s)
JP6923582B2 (en) Information processing equipment, information processing methods, and programs
CN107066298B (en) Method and device for running application program without traces
CN107943501A (en) Embedded device upgrade method, device, computer equipment and storage medium
CN113961226B (en) Software development kit repairing method, terminal, server and equipment
CN105871539B (en) Key processing method and device
CN105187410A (en) Application self-upgrading method and system
EP3764224B1 (en) Resource permission processing method and apparatus, and storage medium and chip
CN111353150B (en) Trusted boot method, trusted boot device, electronic equipment and readable storage medium
CN110569042B (en) System, method, equipment and storage medium for supporting function of updating FPGA in virtual machine
CN112052446A (en) Password unit creation method, data processing method and device and electronic equipment
CN110046510B (en) Cross-cloud data migration method, device and system
CN111400771A (en) Target partition checking method and device, storage medium and computer equipment
CN107995230A (en) A kind of method for down loading and terminal
CN114174990A (en) Data management method and device, electronic element and terminal equipment
CN115878138A (en) Application pre-downloading method and device, computer and storage medium
CN111931222B (en) Application data encryption method, device, terminal and storage medium
WO2017209576A1 (en) Apparatus and method for controlling file back-up

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination