CN116127475A - Method and device for protecting data in process - Google Patents
Method and device for protecting data in process Download PDFInfo
- Publication number
- CN116127475A CN116127475A CN202111338912.6A CN202111338912A CN116127475A CN 116127475 A CN116127475 A CN 116127475A CN 202111338912 A CN202111338912 A CN 202111338912A CN 116127475 A CN116127475 A CN 116127475A
- Authority
- CN
- China
- Prior art keywords
- service
- operation result
- data
- electronic device
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 539
- 230000008569 process Effects 0.000 title claims abstract description 419
- 230000006854 communication Effects 0.000 claims abstract description 101
- 238000004891 communication Methods 0.000 claims abstract description 100
- 239000012634 fragment Substances 0.000 claims abstract description 46
- 238000012544 monitoring process Methods 0.000 claims abstract description 10
- 230000015654 memory Effects 0.000 claims description 74
- 238000012545 processing Methods 0.000 claims description 48
- 238000004590 computer program Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 5
- 230000006870 function Effects 0.000 description 31
- 238000007726 management method Methods 0.000 description 20
- 238000010586 diagram Methods 0.000 description 18
- 230000005236 sound signal Effects 0.000 description 13
- 238000010295 mobile communication Methods 0.000 description 12
- 238000013507 mapping Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 238000013528 artificial neural network Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000002093 peripheral effect Effects 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 230000001133 acceleration Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 230000009467 reduction Effects 0.000 description 3
- 239000007787 solid Substances 0.000 description 3
- 229920001621 AMOLED Polymers 0.000 description 2
- 230000003416 augmentation Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 239000002096 quantum dot Substances 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 238000013468 resource allocation Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 238000013529 biological neural network Methods 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 210000000988 bone and bone Anatomy 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 239000004020 conductor Substances 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 239000010985 leather Substances 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 229910044991 metal oxide Inorganic materials 0.000 description 1
- 150000004706 metal oxides Chemical class 0.000 description 1
- 230000001537 neural effect Effects 0.000 description 1
- 210000002569 neuron Anatomy 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
- 230000005855 radiation Effects 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 239000000344 soap Substances 0.000 description 1
- 230000003238 somatosensory effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/302—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Mathematical Physics (AREA)
- Quality & Reliability (AREA)
- Emergency Protection Circuit Devices (AREA)
- Selective Calling Equipment (AREA)
Abstract
The application discloses a method and a device for protecting data in a process. In the method, the electronic equipment executes a first service fragment through a service process to obtain a first operation result, wherein a target service comprises the first service fragment and a second service fragment; when the electronic equipment receives the indication information, the protection process executes the second service fragment to obtain a second operation result, wherein the protection process is used for monitoring the service process, and the indication information is used for indicating the execution of the second service fragment; the electronic equipment transmits a second operation result from the protection process to the service process through inter-process communication; and the electronic equipment obtains the operation result of the target service based on the first operation result and the second operation result through the service process. By implementing the method and the device, the protection process and the service process can be bound, and the protection process can monitor the safety of the service process, so that the safety of data in the process is ensured.
Description
Technical Field
The present disclosure relates to the field of computers, and in particular, to a method and apparatus for protecting data in a process.
Background
With the popularization of terminal technology, the higher the requirement of data security of application programs. However, since some applications on the terminal device cannot perform operations such as private data processing and key protection through a three-party hardware security environment (Trusted Execution Environment, TEE), software reinforcement technology is adopted in the industry to protect data security. For example, security of core assets (e.g., keys and data) is ensured through a series of security precautions such as anti-debug, code obfuscation, and code integrity.
The anti-debugging is an extremely important link, and can prevent the application from being debugged and broken by malicious attackers, and find out important hidden logic and private data of the service. The method protects the business process by a protection process, wherein the business process is a process for running the core asset and the private data, and the protection process can be called as an anti-debugging process. However, since the anti-debug process is easily maliciously bypassed, imitated or terminated, data security is low.
How to ensure the security of data in a process is a problem to be solved at present.
Disclosure of Invention
The embodiment of the application provides a method and a device for protecting data in a process, wherein in the method, an electronic device executes a service fragment of a target service through the protection process, so that the protection process and the service process are bound, and the security that the protection process can monitor the service process is ensured. By implementing the technical scheme, the protection process can be prevented from being maliciously bypassed, imitated or terminated, and the security that the protection process can monitor the service process is ensured, so that the security of data in the process is ensured.
In a first aspect, an embodiment of the present application provides a method for protecting data in a process, where the method is applied to an electronic device, and the method includes:
the electronic equipment responds to the operation aiming at the application program, and executes a first service fragment through a service process to obtain a first operation result, wherein the target service comprises one or more first service fragments and one or more second service fragments;
when the electronic equipment receives the indication information, the protection process executes the second service fragment to obtain a second operation result, wherein the protection process is used for monitoring the service process, and the indication information is used for indicating the execution of the second service fragment;
the electronic equipment transmits a second operation result from the protection process to the service process through inter-process communication;
and the electronic equipment obtains the operation result of the target service based on the first operation result and the second operation result through the service process.
With reference to the first aspect, in one possible implementation manner, the electronic device uses at least two inter-process communication modes to transfer the second operation result.
According to the method and the device, the electronic equipment executes the service fragment of the target service through the protection process, so that the protection process and the service process are bound, wherein the protection process is used for monitoring the service process. Because the protection process is bound with the service process, an attacker cannot bypass the protection process to directly acquire the data of the service process, so that the safety of the data in the protection process is realized by ensuring the safety of the protection process. The data in the process includes data of the service process, the protection process, and the target service, for example, code data of the service process and the protection process, data obtained by the service process and the protection, and the like.
With reference to the first aspect, in one possible implementation manner, the at least two inter-process communication manners include anonymous pipe communication and/or shared memory.
In the embodiment of the application, in the communication process of the protection process and the service process, a plurality of inter-process communication modes are adopted, so that an attacker is prevented from identifying the relationship between the protection process and the service process, the difficulty of cracking the code of the target service is improved, and the safety of data in the process is improved. For example, if an attacker identifies that the protection process and the business process communicate through an anonymous pipe, it is easy to think that the protection process and the business process are in a parent-child relationship.
With reference to the first aspect, in one possible implementation manner, the method further includes:
the electronic device communicates the indication information from the service process to the protection process by inter-process communication.
With reference to the first aspect, in one possible implementation manner, the method further includes:
the electronic equipment transmits the first data from the service process to the protection process through inter-process communication;
the electronic device executes the second service fragment through the protection process to obtain a second operation result, which comprises the following steps: and the electronic equipment calculates the first data to obtain a second operation result.
With reference to the first aspect, in one possible implementation manner, when the electronic device receives the indication information through the protection process, executing the second service segment includes:
the electronic equipment acquires second data;
and the electronic equipment performs operation on the second data to obtain a second operation result.
In the embodiment of the application, the electronic device acquires the second data through the protection process, the second data is not sent to the protection process by the service process, and the second data is the service data. That is, the service data is not concentrated in the service process, but split into the protection process, so that the difficulty of acquiring the service data is increased, and the safety of the service data can be protected.
With reference to the first aspect, in one possible implementation manner, the method further includes:
under the condition that the service process is started, the electronic equipment starts a protection process, and monitors the service process through the protection process;
and stopping the business process when the electronic equipment monitors that the business process is debugged by the protection process.
In the embodiment of the application, since the business process and the protection process are bound, the protection process can monitor the behavior of the business process in real time in the process of executing the business by the business process, and stop the business process when the business process is debugged, so that the safety of data in the process is ensured.
With reference to the first aspect, in one possible implementation manner, the method further includes:
and when the electronic equipment does not receive the second operation result, the electronic equipment obtains a third operation result based on the first operation result.
In this embodiment of the present application, the service process sends indication information, where the indication information is used to instruct the protection process to obtain the second operation result, and if the service process does not receive the second operation result within a preset time, the service process may still continue to execute the following service segment. It will be appreciated that in this case the third operation result obtained by the business process is not the operation result of the target business, but is an erroneous result. By the method, debugging of an attacker can be confused, and the time of the attacker is prolonged, so that the attacker is difficult to crack the code of the target service, and the safety of data in a process is ensured.
In a second aspect, an embodiment of the present application provides an apparatus for protecting data in a process, where the apparatus includes: the system comprises a first processing module for executing a business process, a second processing module for executing a protection process and an inter-process communication module, wherein the protection process is used for monitoring the business process; wherein:
the first processing module is used for: executing a first service segment in response to an operation aiming at an application program to obtain a first operation result, wherein the target service comprises one or more first service segments and one or more second service segments;
The second processing module is used for: executing the second service fragment when the protection process receives the indication information, so as to obtain a second operation result, wherein the indication information is used for indicating the execution of the second service fragment;
the inter-process communication module is used for: transmitting the second operation result from the protection process to the business process;
the first processing module is also used for; and obtaining an operation result of the target service based on the first operation result and the second operation result.
With reference to the second aspect, in one possible implementation manner, the inter-process communication module uses at least two inter-process communication modes to transmit the second operation result.
With reference to the second aspect, in one possible implementation manner, at least two inter-process communication manners include anonymous pipe communication and/or shared memory.
With reference to the second aspect, in one possible implementation manner, the inter-process communication module is configured to transfer the indication information from the service process to the protection process through inter-process communication.
With reference to the second aspect, in one possible implementation manner, the inter-process communication module is configured to transfer the first data from the service process to the protection process through inter-process communication;
the second processing module is specifically configured to: and calculating the first data to obtain a second operation result.
With reference to the second aspect, in one possible implementation manner, the second processing module is specifically configured to: acquiring second data; and carrying out operation on the second data to obtain a second operation result.
With reference to the second aspect, in one possible implementation manner, the first processing module is configured to: under the condition that a service process is started, a protection process is started, and the service process is monitored through the protection process;
the second processing module is used for: and stopping the business progress when the business progress is monitored to be debugged.
With reference to the second aspect, in one possible implementation manner, the first processing module is configured to: and when the business process does not receive the second operation result, obtaining a third operation result based on the first operation result.
In a third aspect, an electronic device includes: one or more processors, memory, and a display screen; the memory is coupled with the one or more processors, the memory for storing computer program code comprising computer instructions for invoking the computer instructions to cause the electronic device to perform the method as described in the first aspect and any possible implementation of the first aspect.
In a fourth aspect, embodiments of the present application provide a chip for application to an electronic device, the chip comprising one or more processors for invoking computer instructions to cause the electronic device to perform a method as described in the first aspect and any possible implementation of the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product comprising instructions which, when run on an electronic device, cause the electronic device to perform a method as described in the first aspect and any possible implementation of the first aspect.
In a sixth aspect, embodiments of the present application provide a computer readable storage medium comprising instructions that, when executed on an electronic device, cause the electronic device to perform a method as described in the first aspect and any possible implementation of the first aspect.
It will be appreciated that the electronic device provided in the third aspect, the chip provided in the fourth aspect, the computer program product provided in the fifth aspect, and the computer storage medium provided in the sixth aspect are all configured to perform the method provided by the embodiments of the present application.
Drawings
The drawings used in the embodiments of the present application are described below.
Fig. 1 is a schematic diagram of a protection process protection service process according to an embodiment of the present application;
fig. 2 is a schematic diagram of a service process protection service data according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device 100 according to an embodiment of the present application;
fig. 4 is a software block diagram of an electronic device 100 according to an embodiment of the present application;
FIG. 5 is a flowchart of a method for protecting data in a process according to an embodiment of the present application;
fig. 6 is a schematic diagram of a split target service according to an embodiment of the present application;
fig. 7 is a schematic diagram of a first service segment and a second service segment provided in an embodiment of the present application;
FIG. 8 is a schematic diagram of another method for protecting data in a process according to an embodiment of the present application;
FIG. 9 is a schematic diagram of a business process and a protection process for performing multiparty operation according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of an apparatus 200 for protecting data in a process according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of another apparatus 300 for protecting data in a process according to an embodiment of the present application.
Detailed Description
The terminology used in the following embodiments of the application is for the purpose of describing particular embodiments only and is not intended to be limiting of embodiments of the application. As used in the specification of the embodiments of the present application and the appended claims, the singular forms "a," "an," "the," "said," "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates to the contrary. It should also be understood that the term "and/or" as used in the embodiments of the present application refers to and encompasses any or all possible combinations of one or more of the listed items.
APK (collectively: android application package, android application package) is an application package file format used by the Android operating system for distributing and installing mobile applications and middleware. Code of an Android application program is expected to run on an Android device, and the code must be compiled first and then packaged into a file which can be identified by an Android system and can be run, and the file format which can be identified and run by the Android system is "APK".
Technical terms related to the embodiments of the present application are described below.
(1) Progress of a process
The process is the minimum unit of computer resource allocation, and each process has own virtual address space; the virtual address space does not actually exist in the computer. Each process is assigned its own virtual address space and can only access the virtual address space to which it is assigned.
In theory, the virtual address space is limited by the size of the physical memory, for example, if the physical memory is 4GB, the address range of the virtual address space should be 0x00000000 to 0xFFFFFFFF; a physical address space is an entity that exists in computers that maintains unique independence in each computer, and may also be referred to as physical memory. For example, on a 32-bit machine, the physical memory size could theoretically reach 4GB, but if 512MB of memory is actually loaded, the real effective part of the physical address space is only 512MB, and the other parts are invalid; there is a mapping between the virtual address space and the physical address space, the mapping being done by a memory management unit (memory management unit, MMU), and the process can operate the physical address space indirectly by operating its own virtual address space.
(2) Secure multiparty computing (Secure Multi-Party Computation)
Secure multiparty computing may also be referred to as multiparty computing, which is studied primarily for the problem of how to securely compute a commitment function without a trusted third party. The mathematical description is that n participants P1, P2, … Pn are required to jointly calculate a function in a safe manner, wherein the safety refers to the correctness of an output result and the confidentiality of input information and output information is ensured. Specifically, each participant P1 has its own secret input information X1, and n participants are to calculate a function f (X1, X2, …, xn) = (Y1, Y2, …, yn) together, and at the end of the calculation, each participant Pi can only learn Yi and cannot learn any information of the other party. In brief, the secure multi-party computing protocol serves as a sub-field of cryptography that allows multiple data owners to cooperatively compute without trust from each other, outputting the results of the computation, and ensuring that no party can obtain any other information than the resulting results of the computation.
In the prior art, to protect core assets (e.g., keys or data), the industry has commonly used anti-debug methods. The method protects a business process by a protection process, wherein the business process is a process for running core assets and private data. It should be noted that the protection process may be referred to as an anti-debug process.
Referring to fig. 1, fig. 1 is a schematic diagram of a protection process protection service process in the prior art.
As shown in fig. 1, when an Application Program (APK) is to execute a target service, a service process corresponding to the target service may be called (loadlibrary); furthermore, the business process can perform initialization configuration, such as state detection and configuration; the business process may start a protection process that monitors the operation behavior of the business process executing the target business. When the protection process monitors that the business process is debugged, the protection process can send indication information to the system so as to stop the business process from executing the target business.
However, since the protection process is an independent code, when part of the code of the protection process is tampered, the whole anti-debugging logic is not affected, and the anti-debugging is easily bypassed; and because the protection process is an independent process, when the protection process is identified by an attacker, the attacker can easily adopt the attack to maliciously bypass, imitate and terminate, and the protection process cannot play a role in protecting the business process.
Referring to fig. 2, fig. 2 is a schematic diagram of a service process for protecting service data.
As shown in FIG. 2, some cryptographic algorithms are typically used in the business process to secure the operation of the core data of the business. The core data may be a key or personal information of a user, and the cryptographic algorithm may include white-box testing, a cryptographic confusion technology, a Virtualization Management Platform (VMP), and the like.
However, since the data operations of the service are performed in a single process, that is, since the service process is responsible for all data operations of the service, an attacker can easily acquire the resource, for example, by dump, as long as the attacker finds the resource memory in the service process. Meanwhile, the program running logic in a single process is relatively simple, the program running logic is easy to be identified by an attacker, and after the attacker knows the program running logic, the attacker can attack the business process by adopting a richer means, such as tampering with a memory, random jump and the like.
In summary, since the protection process is easily bypassed or attacked maliciously, the protection process cannot guarantee the security of the service process, so that the service process is easy to crack the code and the data of the service process is easy to steal, and the security of the data in the process cannot be guaranteed.
Based on the above problems, the present application provides a method for protecting data in a process, which uses the principle of multiparty operation to bind a protection process and a service process by executing a service fragment of a target service by the protection process, where the protection process is used for monitoring the service process, so that an attacker cannot obtain the data in the process while attacking the protection process, and the method protects the security of the service process and the service data by ensuring the security of the protection process.
Fig. 3 is a schematic structural diagram of an electronic device 100 according to an embodiment of the present application.
The embodiment will be specifically described below taking the electronic device 100 as an example. It should be understood that electronic device 100 may have more or fewer components than shown, may combine two or more components, or may have a different configuration of components. The various components shown in the figures may be implemented in hardware, software, or a combination of hardware and software, including one or more signal processing and/or application specific integrated circuits.
The electronic device 100 may include: processor 110, external memory interface 120, internal memory 121, universal serial bus (universal serial bus, USB) interface 130, charge management module 140, power management module 141, battery 142, antenna 1, antenna 2, mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headset interface 170D, sensor module 180, keys 190, motor 191, indicator 192, camera 193, display 194, and subscriber identity module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.
It is to be understood that the structure illustrated in the embodiments of the present application does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, electronic device 100 may include more or fewer components than shown, or certain components may be combined, or certain components may be split, or different arrangements of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
The processor 110 may include one or more processing units, such as: the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), a controller, a memory, a video codec, a digital signal processor (digital signal processor, DSP), a baseband processor, and/or a neural network processor (neural-network processing unit, NPU), etc. Wherein the different processing units may be separate devices or may be integrated in one or more processors.
The controller may be a neural hub and a command center of the electronic device 100, among others. The controller can generate operation control signals according to the instruction operation codes and the time sequence signals to finish the control of instruction fetching and instruction execution.
A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby improving the efficiency of the system.
In some embodiments, the processor 110 may include one or more interfaces. The interfaces may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous receiver transmitter (universal asynchronous receiver/transmitter, UART) interface, a mobile industry processor interface (mobile industry processor interface, MIPI), a general-purpose input/output (GPIO) interface, a subscriber identity module (subscriber identity module, SIM) interface, and/or a universal serial bus interface, among others.
The I2C interface is a bi-directional synchronous serial bus comprising a serial data line (SDA) and a serial clock line (derail clock line, SCL). In some embodiments, the processor 110 may contain multiple sets of I2C buses. The processor 110 may be coupled to the touch sensor 180K, charger, flash, camera 193, etc., respectively, through different I2C bus interfaces. For example: the processor 110 may be coupled to the touch sensor 180K through an I2C interface, such that the processor 110 communicates with the touch sensor 180K through an I2C bus interface to implement a touch function of the electronic device 100.
The I2S interface may be used for audio communication. In some embodiments, the processor 110 may contain multiple sets of I2S buses. The processor 110 may be coupled to the audio module 170 via an I2S bus to enable communication between the processor 110 and the audio module 170. In some embodiments, the audio module 170 may transmit an audio signal to the wireless communication module 160 through the I2S interface, to implement a function of answering a call through the bluetooth headset.
PCM interfaces may also be used for audio communication to sample, quantize and encode analog signals. In some embodiments, the audio module 170 and the wireless communication module 160 may be coupled through a PCM bus interface. In some embodiments, the audio module 170 may also transmit audio signals to the wireless communication module 160 through the PCM interface to implement a function of answering a call through the bluetooth headset. Both the I2S interface and the PCM interface may be used for audio communication.
The UART interface is a universal serial data bus for asynchronous communications. The bus may be a bi-directional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is typically used to connect the processor 110 with the wireless communication module 160. For example: the processor 110 communicates with a bluetooth module in the wireless communication module 160 through a UART interface to implement a bluetooth function. In some embodiments, the audio module 170 may transmit an audio signal to the wireless communication module 160 through a UART interface, to implement a function of playing music through a bluetooth headset.
The MIPI interface may be used to connect the processor 110 to peripheral devices such as a display 194, a camera 193, and the like. The MIPI interfaces include camera serial interfaces (camera serial interface, CSI), display serial interfaces (display serial interface, DSI), and the like. In some embodiments, processor 110 and camera 193 communicate through a CSI interface to implement the photographing functions of electronic device 100. The processor 110 and the display 194 communicate via a DSI interface to implement the display functionality of the electronic device 100.
The GPIO interface may be configured by software. The GPIO interface may be configured as a control signal or as a data signal. In some embodiments, a GPIO interface may be used to connect the processor 110 with the camera 193, the display 194, the wireless communication module 160, the audio module 170, the sensor module 180, and the like. The GPIO interface may also be configured as an I2C interface, an I2S interface, a UART interface, an MIPI interface, etc.
The SIM interface may be used to communicate with the SIM card interface 195 to perform functions of transferring data to or reading data from the SIM card.
The USB interface 130 is an interface conforming to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, or the like. The USB interface 130 may be used to connect a charger to charge the electronic device 100, and may also be used to transfer data between the electronic device 100 and a peripheral device. And can also be used for connecting with a headset, and playing audio through the headset. The interface may also be used to connect other electronic devices, such as AR devices, etc.
It should be understood that the interfacing relationship between the modules illustrated in the embodiments of the present application is only illustrative, and does not limit the structure of the electronic device 100. In other embodiments of the present application, the electronic device 100 may also use different interfacing manners, or a combination of multiple interfacing manners in the foregoing embodiments.
The charge management module 140 is configured to receive a charge input from a charger. The charger can be a wireless charger or a wired charger.
The power management module 141 is used for connecting the battery 142, and the charge management module 140 and the processor 110. The power management module 141 receives input from the battery 142 and/or the charge management module 140 and provides power to the processor 110, the internal memory 121, the external memory, the display 194, the camera 193, the wireless communication module 160, and the like.
The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, a modem processor, a baseband processor, and the like.
The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in the electronic device 100 may be used to cover a single or multiple communication bands. Different antennas may also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed into a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.
The mobile communication module 150 may provide a solution for wireless communication including 2G/3G/4G/5G, etc., applied to the electronic device 100. The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA), etc. The mobile communication module 150 may receive electromagnetic waves from the antenna 1, perform processes such as filtering, amplifying, and the like on the received electromagnetic waves, and transmit the processed electromagnetic waves to the modem processor for demodulation. The mobile communication module 150 can amplify the signal modulated by the modem processor, and convert the signal into electromagnetic waves through the antenna 1 to radiate. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be provided in the same device as at least some of the modules of the processor 110.
The modem processor may include a modulator and a demodulator. The modulator is used for modulating the low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then transmits the demodulated low frequency baseband signal to the baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then transferred to the application processor. The application processor outputs sound signals through an audio device (not limited to the speaker 170A, the receiver 170B, etc.), or displays images or video through the display screen 194. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be provided in the same device as the mobile communication module 150 or other functional module, independent of the processor 110.
The wireless communication module 160 may provide solutions for wireless communication including wireless local area network (wireless local area networks, WLAN) (e.g., wireless fidelity (wireless fidelity, wi-Fi) network), bluetooth (BT), global navigation satellite system (global navigation satellite system, GNSS), frequency modulation (frequency modulation, FM), near field wireless communication technology (near field communication, NFC), infrared technology (IR), etc., as applied to the electronic device 100. The wireless communication module 160 may be one or more devices that integrate at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, modulates the electromagnetic wave signals, filters the electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, frequency modulate it, amplify it, and convert it to electromagnetic waves for radiation via the antenna 2.
In some embodiments, antenna 1 and mobile communication module 150 of electronic device 100 are coupled, and antenna 2 and wireless communication module 160 are coupled, such that electronic device 100 may communicate with a network and other devices through wireless communication techniques. The wireless communication techniques may include the Global System for Mobile communications (global system for mobile communications, GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), wideband code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC, FM, and/or IR techniques, among others. The GNSS may include a global satellite positioning system (global positioning system, GPS), a global navigation satellite system (global navigation satellite system, GLONASS), a beidou satellite navigation system (beidou navigation satellite system, BDS), a quasi zenith satellite system (quasi-zenith satellite system, QZSS) and/or a satellite based augmentation system (satellite based augmentation systems, SBAS).
The electronic device 100 implements display functions through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or change display information.
The display screen 194 is used to display images, videos, and the like. The display 194 includes a display panel. The display panel may employ a liquid crystal display (liquid crystal display, LCD), an organic light-emitting diode (OLED), an active-matrix organic light emitting diode (AMOLED), a flexible light-emitting diode (flex), a mini, a Micro-OLED, a quantum dot light-emitting diode (quantum dot light emitting diodes, QLED), or the like. In some embodiments, the electronic device 100 may include 1 or N display screens 194, N being a positive integer greater than 1.
The electronic device 100 may implement photographing functions through an ISP, a camera 193, a video codec, a GPU, a display screen 194, an application processor, and the like.
The ISP is used to process data fed back by the camera 193. For example, when photographing, the shutter is opened, light is transmitted to the camera photosensitive element through the lens, the optical signal is converted into an electric signal, and the camera photosensitive element transmits the electric signal to the ISP for processing and is converted into an image visible to naked eyes. ISP can also optimize the noise, brightness and skin color of the image. The ISP can also optimize parameters such as exposure, color temperature and the like of a shooting scene. In some embodiments, the ISP may be provided in the camera 193.
The camera 193 is used to capture still images or video. The object generates an optical image through the lens and projects the optical image onto the photosensitive element. The photosensitive element may be a charge coupled device (charge coupled device, CCD) or a Complementary Metal Oxide Semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, which is then transferred to the ISP to be converted into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. The DSP converts the digital image signal into an image signal in a standard RGB, YUV, or the like format. In some embodiments, electronic device 100 may include 1 or N cameras 193, N being a positive integer greater than 1.
The digital signal processor is used for processing digital signals, and can process other digital signals besides digital image signals. For example, when the electronic device 100 selects a frequency bin, the digital signal processor is used to fourier transform the frequency bin energy, or the like.
Video codecs are used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 may play or record video in a variety of encoding formats, such as: dynamic picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4, etc.
The NPU is a neural-network (NN) computing processor, and can rapidly process input information by referencing a biological neural network structure, for example, referencing a transmission mode between human brain neurons, and can also continuously perform self-learning. Applications such as intelligent awareness of the electronic device 100 may be implemented through the NPU, for example: image recognition, face recognition, speech recognition, text understanding, etc.
The external memory interface 120 may be used to connect an external memory card, such as a Micro SD card, to enable expansion of the memory capabilities of the electronic device 100. The external memory card communicates with the processor 110 through an external memory interface 120 to implement data storage functions. For example, files such as music, video, etc. are stored in an external memory card.
The internal memory 121 may be used to store computer executable program code including instructions. The processor 110 executes various functional applications of the electronic device 100 and data processing by executing instructions stored in the internal memory 121. The internal memory 121 may include a storage program area and a storage data area. The storage program area may store an operating system, an application required for at least one function (such as a face recognition function, a fingerprint recognition function, a mobile payment function, etc.), and the like. The storage data area may store data created during use of the electronic device 100 (e.g., face information template data, fingerprint information templates, etc.), and so on. In addition, the internal memory 121 may include a high-speed random access memory, and may further include a nonvolatile memory such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (universal flash storage, UFS), and the like.
The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, an application processor, and the like. Such as music playing, recording, etc.
The audio module 170 is used to convert digital audio information into an analog audio signal output and also to convert an analog audio input into a digital audio signal. The audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be disposed in the processor 110, or a portion of the functional modules of the audio module 170 may be disposed in the processor 110.
The speaker 170A, also referred to as a "horn," is used to convert audio electrical signals into sound signals. The electronic device 100 may listen to music, or to hands-free conversations, through the speaker 170A.
A receiver 170B, also referred to as a "earpiece", is used to convert the audio electrical signal into a sound signal. When electronic device 100 is answering a telephone call or voice message, voice may be received by placing receiver 170B in close proximity to the human ear.
The earphone interface 170D is used to connect a wired earphone. The headset interface 170D may be a USB interface 130 or a 3.5mm open mobile electronic device platform (open mobile terminal platform, OMTP) standard interface, a american cellular telecommunications industry association (cellular telecommunications industry association of the USA, CTIA) standard interface.
The pressure sensor 180A is used to sense a pressure signal, and may convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194. The pressure sensor 180A is of various types, such as a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, and the like. The capacitive pressure sensor may be a capacitive pressure sensor comprising at least two parallel plates with conductive material. The capacitance between the electrodes changes when a force is applied to the pressure sensor 180A. The electronic device 100 determines the strength of the pressure from the change in capacitance. When a touch operation is applied to the display screen 194, the electronic apparatus 100 detects the touch operation intensity according to the pressure sensor 180A. The electronic device 100 may also calculate the location of the touch based on the detection signal of the pressure sensor 180A. In some embodiments, touch operations that act on the same touch location, but at different touch operation strengths, may correspond to different operation instructions. For example: and executing an instruction for checking the short message when the touch operation with the touch operation intensity smaller than the first pressure threshold acts on the short message application icon. And executing an instruction for newly creating the short message when the touch operation with the touch operation intensity being greater than or equal to the first pressure threshold acts on the short message application icon.
The gyro sensor 180B may be used to determine a motion gesture of the electronic device 100. In some embodiments, the angular velocity of electronic device 100 about three axes (i.e., x, y, and z axes) may be determined by gyro sensor 180B. The gyro sensor 180B may be used for photographing anti-shake. For example, when the shutter is pressed, the gyro sensor 180B detects the shake angle of the electronic device 100, calculates the distance to be compensated by the lens module according to the angle, and makes the lens counteract the shake of the electronic device 100 through the reverse motion, so as to realize anti-shake. The gyro sensor 180B may also be used for navigating, somatosensory game scenes.
The air pressure sensor 180C is used to measure air pressure. In some embodiments, electronic device 100 calculates altitude from barometric pressure values measured by barometric pressure sensor 180C, aiding in positioning and navigation.
The magnetic sensor 180D includes a hall sensor. The electronic device 100 may detect the opening and closing of the flip cover using the magnetic sensor 180D. In some embodiments, when the electronic device 100 is a flip machine, the electronic device 100 may detect the opening and closing of the flip according to the magnetic sensor 180D. And then according to the detected opening and closing state of the leather sheath or the opening and closing state of the flip, the characteristics of automatic unlocking of the flip and the like are set.
The acceleration sensor 180E may detect the magnitude of acceleration of the electronic device 100 in various directions (typically three axes). The magnitude and direction of gravity may be detected when the electronic device 100 is stationary. The electronic equipment gesture recognition method can also be used for recognizing the gesture of the electronic equipment, and is applied to horizontal and vertical screen switching, pedometers and other applications.
A distance sensor 180F for measuring a distance. The electronic device 100 may measure the distance by infrared or laser. In some embodiments, the electronic device 100 may range using the distance sensor 180F to achieve quick focus.
The proximity light sensor 180G may include, for example, a Light Emitting Diode (LED) and a light detector, such as a photodiode. The light emitting diode may be an infrared light emitting diode. The electronic device 100 emits infrared light outward through the light emitting diode. The electronic device 100 detects infrared reflected light from nearby objects using a photodiode. When sufficient reflected light is detected, it may be determined that there is an object in the vicinity of the electronic device 100. When insufficient reflected light is detected, the electronic device 100 may determine that there is no object in the vicinity of the electronic device 100. The electronic device 100 can detect that the user holds the electronic device 100 close to the ear by using the proximity light sensor 180G, so as to automatically extinguish the screen for the purpose of saving power. The proximity light sensor 180G may also be used in holster mode, pocket mode to automatically unlock and lock the screen.
The ambient light sensor 180L is used to sense ambient light level. The electronic device 100 may adaptively adjust the brightness of the display 194 based on the perceived ambient light level. The ambient light sensor 180L may also be used to automatically adjust white balance when taking a photograph. Ambient light sensor 180L may also cooperate with proximity light sensor 180G to detect whether electronic device 100 is in a pocket to prevent false touches.
The fingerprint sensor 180H is used to collect a fingerprint. The electronic device 100 may utilize the collected fingerprint feature to unlock the fingerprint, access the application lock, photograph the fingerprint, answer the incoming call, etc.
The temperature sensor 180J is for detecting temperature. In some embodiments, the electronic device 100 performs a temperature processing strategy using the temperature detected by the temperature sensor 180J. For example, when the temperature reported by temperature sensor 180J exceeds a threshold, electronic device 100 performs a reduction in the performance of a processor located in the vicinity of temperature sensor 180J in order to reduce power consumption to implement thermal protection. In other embodiments, when the temperature is below another threshold, the electronic device 100 heats the battery 142 to avoid the low temperature causing the electronic device 100 to be abnormally shut down. In other embodiments, when the temperature is below a further threshold, the electronic device 100 performs boosting of the output voltage of the battery 142 to avoid abnormal shutdown caused by low temperatures.
The touch sensor 180K, also referred to as a "touch panel". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is for detecting a touch operation acting thereon or thereabout. The touch sensor may communicate the detected touch operation to the application processor to determine the touch event type. Visual output related to touch operations may be provided through the display 194. In other embodiments, the touch sensor 180K may also be disposed on the surface of the electronic device 100 at a different location than the display 194.
The keys 190 include a power-on key, a volume key, etc. The keys 190 may be mechanical keys. Or may be a touch key. The electronic device 100 may receive key inputs, generating key signal inputs related to user settings and function controls of the electronic device 100.
The motor 191 may generate a vibration cue. The motor 191 may be used for incoming call vibration alerting as well as for touch vibration feedback. For example, touch operations acting on different applications (e.g., photographing, audio playing, etc.) may correspond to different vibration feedback effects. The motor 191 may also correspond to different vibration feedback effects by touching different areas of the display screen 194. Different application scenarios (such as time reminding, receiving information, alarm clock, game, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect may also support customization.
The indicator 192 may be an indicator light, may be used to indicate a state of charge, a change in charge, a message indicating a missed call, a notification, etc.
The SIM card interface 195 is used to connect a SIM card. The SIM card may be inserted into the SIM card interface 195, or removed from the SIM card interface 195 to enable contact and separation with the electronic device 100. The electronic device 100 may support 1 or N SIM card interfaces, N being a positive integer greater than 1. The SIM card interface 195 may support Nano SIM cards, micro SIM cards, and the like. The same SIM card interface 195 may be used to insert multiple cards simultaneously. The types of the plurality of cards may be the same or different. The SIM card interface 195 may also be compatible with different types of SIM cards. The SIM card interface 195 may also be compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to realize functions such as communication and data communication.
In this embodiment, the electronic device 100 may execute the method for protecting data in the process through the processor 110.
Fig. 4 is a software block diagram of an electronic device 100 according to an embodiment of the present application.
The layered architecture divides the software into several layers, each with distinct roles and branches. The layers communicate with each other through a software interface. In some embodiments, the system is divided into four layers, from top to bottom, an application layer, an application framework layer, runtime (run time) and system libraries, and a kernel layer, respectively.
The application layer may include a series of application packages.
As shown in fig. 4, the application package may include applications (also referred to as applications) such as data protection modules, cameras, gallery, calendar, talk, WLAN, music, video, and so on.
The application framework layer provides an application programming interface (application programming interface, API) and programming framework for application programs of the application layer. The application framework layer includes a number of predefined functions.
As shown in fig. 4, the application framework layer may include a window manager, a content provider, a view system, a telephony manager, a resource manager, a notification manager, and the like.
The window manager is used for managing window programs. The window manager can acquire the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.
The content provider is used to store and retrieve data and make such data accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebooks, etc.
The view system includes visual controls, such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, a display interface including a text message notification icon may include a view displaying text and a view displaying a picture.
The telephony manager is used to provide the communication functions of the electronic device 100. Such as the management of call status (including on, hung-up, etc.).
The resource manager provides various resources for the application program, such as localization strings, icons, pictures, layout files, video files, and the like.
The notification manager allows the application to display notification information in a status bar, can be used to communicate notification type messages, can automatically disappear after a short dwell, and does not require user interaction. Such as notification manager is used to inform that the download is complete, message alerts, etc. The notification manager may also be a notification presented in the form of a chart or scroll bar text in the system top status bar, such as a notification of a background running application, or a notification presented on a screen in the form of a dialog interface. For example, a text message is prompted in a status bar, a prompt tone is emitted, the electronic device vibrates, and an indicator light blinks, etc.
The Runtime (run time) includes core libraries and virtual machines. Run time is responsible for scheduling and management of the system.
The core library consists of two parts: one part is the function that the programming language (e.g., the java language) needs to call, and the other part is the core library of the system.
The application layer and the application framework layer run in a virtual machine. The virtual machine executes the programming files (e.g., java files) of the application layer and the application framework layer as binary files. The virtual machine is used for executing the functions of object life cycle management, stack management, thread management, security and exception management, garbage collection and the like.
The system library may include a plurality of functional modules. For example: surface manager (surface manager), media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., openGL ES), two-dimensional graphics engines (e.g., SGL), etc.
The surface manager is used to manage the display subsystem and provides a fusion of two-Dimensional (2D) and three-Dimensional (3D) layers for multiple applications.
Media libraries support a variety of commonly used audio, video format playback and recording, still image files, and the like. The media library may support a variety of audio and video encoding formats, such as MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, etc.
The three-dimensional graphic processing library is used for realizing 3D graphic drawing, image rendering, synthesis, layer processing and the like.
The 2D graphics engine is a drawing engine for 2D drawing.
The kernel layer is a layer between hardware and software. The kernel layer at least comprises a display driver, a camera driver, an audio driver, a sensor driver and a virtual card driver.
The workflow of the electronic device 100 software and hardware is illustrated below in connection with capturing a photo scene.
When touch sensor 180K receives a touch operation, a corresponding hardware interrupt is issued to the kernel layer. The kernel layer processes the touch operation into the original input event (including information such as touch coordinates, time stamp of touch operation, etc.). The original input event is stored at the kernel layer. The application framework layer acquires an original input event from the kernel layer, and identifies a control corresponding to the input event. Taking the touch operation as a touch click operation, taking a control corresponding to the click operation as an example of a control of a camera application icon, the camera application calls an interface of an application framework layer, starts the camera application, further starts a camera driver by calling a kernel layer, and captures a still image or video by the camera 193.
Based on the electronic device, a method for protecting data in a process provided by the embodiment of the application is specifically introduced.
Referring to fig. 5, fig. 5 is a flowchart of a method for protecting data in a process according to an embodiment of the present application, and as shown in fig. 5, the method for protecting data in a process includes some or all of the following steps:
S101, the electronic device receives an operation for an application program, where the operation is used to instruct execution of a target service, and the target service includes one or more first service segments and one or more second service segments.
The application program comprises one or more target services, and the target services can generate a display interface or encryption and decryption data and the like; the operation for the application program may be, but not limited to, downloading the application program for the user, or touching a control on the interface of the application program for the user.
It can be appreciated that the target service is split into multiple service segments, where the content and data size of each service segment may be the same or different. For convenience of description, in the embodiment of the present application, a service segment executed by a service process is referred to as a first service segment, and a service segment executed by a protection process is referred to as a second service segment.
Taking fig. 6 and fig. 7 as an example, an embodiment of splitting a target service is provided.
Referring to fig. 6, fig. 6 illustrates a schematic diagram of a split target service. The target traffic is represented in fig. 6 by a solid rectangle, which can be split into a total of 5 traffic segments A, B, C, D and E.
Referring to fig. 7, fig. 7 schematically illustrates a first traffic segment and a second traffic segment. As shown in fig. 7, if the service process executes B, C and E for a total of three service segments, then the three service segments may be referred to as the first service segment; the protection process executes two traffic segments a and D, which may be referred to as second traffic segments.
The application program may be a payment application, such as a wallet, or a video application, which is not limited herein.
S102, the electronic equipment responds to the operation aiming at the application program, starts a service process, and executes a first service fragment through the service process to obtain a first operation result.
In some embodiments, the electronic device responds to an operation for an application program, and creates and starts a service process corresponding to a target service corresponding to the operation; and the electronic equipment executes at least one first service fragment through the service process to obtain at least one first operation result. For example, a user clicks a control of a user interface of the application program, the control is used for instructing the electronic device to encrypt user information, and the electronic device starts a business process responsible for encrypting the user information in response to the clicking operation of the user; furthermore, the electronic device encrypts the user information through the business process.
Wherein a business process may be one or more processes. In one implementation, the target service corresponds to a plurality of service processes, that is, the electronic device may execute a first service fragment of the target service through the plurality of service processes. For example, the electronic device initiates M business processes in response to an operation for an application, M being a positive integer greater than 2. It can be appreciated that when the target service corresponds to M service processes, there are at least M first service segments, and each service process is used for executing at least one first service segment.
And S103, under the condition that the service process is started, the electronic equipment starts a protection process, and monitors the service process through the protection process.
In some embodiments, after the service process is started, the electronic device creates and starts a protection process corresponding to the service process through the service process, and monitors the service process through the protection process. For example, the protection process may monitor and analyze the behavior of the business process, determine whether the business process is debugged based on the behavior of the business process, and may continue monitoring when the protection process monitors that the business process is executing the business normally; and when the operation process is monitored to be debugged, an instruction can be sent to an operating system of the electronic equipment so as to enable the operating system to stop the operation process.
Wherein the business process corresponds to at least one protection process. It should be noted that, the protection process may be copied by the service process, that is, the service process is a parent process of the protection process, and the protection process and the service process may not be in a parent-child relationship, where the relationship between the protection process and the service process is not limited.
Optionally, the number of protection processes corresponding to the business processes may be one or more. It can be appreciated that when the service processes correspond to N protection processes, N is a positive integer greater than 2, there are at least N second service segments, and each protection process is configured to execute at least one second service segment.
For convenience of description, the method for protecting data in the process of the present application is introduced below with the business process and the protection process as main bodies. Referring to fig. 8, fig. 8 is a schematic diagram of another method for protecting data in a process according to an embodiment of the present application. As shown in fig. 8, fig. 8 illustrates an example of a primary interaction between a service process and a protection process, and after the service process starts the protection process, the protection process may monitor the service process; the business process can execute the first business segment to obtain a first operation result; the service process may send indication information to the protection process, the indication information being used to execute the second service fragment; the protection process can execute the second service fragment to obtain a second operation result; the protection process can send a second operation result to the service process through inter-process communication; the business process obtains the operation result of the target business based on the first operation result and the second operation result.
See for details the following steps S104 to S108.
And S104, the electronic equipment sends indication information through the service process, wherein the indication information is used for indicating the protection process to execute the second service fragment.
The indication information may be a signal (signal). For example, the signal is used to instruct the protection process to initialize, and then the service process may initiate a signal after starting the service operation; further, the protection process may perform an initialization procedure after intercepting the signal.
In some embodiments, when the protection process is unexpected, if the protection process is terminated by an attacker, the signal may be received by the service process, and the service process may continue to perform the service operation when it is determined that the protection process does not receive the signal, or may terminate the service calculation. For example, after the service process sends the indication information, the indication information indicates the protection process to execute the second service segment to obtain the second operation data, so that the service process does not receive the second operation result from the protection process within the preset time, and the service process can continue to execute the first service segment corresponding to the service process to obtain the third operation result. It can be understood that, due to the lack of the second operation result, the third operation result obtained by the service process is not the operation result of the target service, and the method can prevent the attacker from obtaining the correct operation result through an error operation result, confuse the judgment of the attacker, and can delay the debugging time of the attacker.
S105, the electronic equipment transmits the first data from the service process to the protection process through inter-process communication.
The first data may be data required by the protection process to execute the second service fragment, that is, operation data of the protection process. For example, after the business process encrypts the personal information with the first key, first data is obtained; the business process transmits the first data to the protection process through inter-process communication; furthermore, the protection process may encrypt the first data based on the second key to obtain encrypted data, and then send the encrypted data to the protection process. Wherein the personal information may be authentication credentials of the device, etc.
Inter-process communication (IPC) is a communication mode for sharing messages between one process and another process, and is mainly used for message passing between different processes in a computer system. The process is the minimum unit of computer resource allocation, and each process has own virtual address space; the virtual address space does not actually exist in the computer. Each process is assigned its own virtual address space and can only access the virtual address space to which it is assigned. Theoretically, the virtual address space is limited by the size of the physical memory, and if the physical memory is 4GB, the address range of the virtual address space should be 0x 00000000-0 xFFFFFFFF; a physical address space is an entity that exists in computers that maintains unique independence in each computer, and may also be referred to as physical memory. For example, on a 32-bit machine, the physical memory size could theoretically reach 4GB, but if 512MB of memory is actually loaded, the real effective part of the physical address space is only 512MB, and the other parts are invalid; there is a mapping between the virtual address space and the physical address space, the mapping being done by a memory management unit (memory management unit, MMU), and the process can operate the physical address space indirectly by operating its own virtual address space.
In the embodiment of the present application, the inter-process communication method may include PIPE (PIPE), message queuing, semaphore, shared memory, socket (Socket), and the like, which are not limited herein.
Inter-process communication is described below using pipes and shared memory as examples.
For example, a pipe for interprocess communication is a special file in memory. The pipeline is divided into a named pipeline and an anonymous pipeline, the named pipeline allows communication between two processes which are not related, the anonymous pipeline can only communicate unidirectionally, and the anonymous pipeline can only be used among processes with relatives and is commonly used for parent-child processes.
For another example, shared memory used for inter-process communication is the same physical memory that process a and process B are allowed to access, process a and process B can map the same piece of physical memory to their own virtual address space, and then both process a and process B can access the physical memory. When the process A transmits the data A to the process B through the shared memory, the process A writes the data A into the own virtual address space, the data A in the virtual address space of the process A is mapped to the shared memory through the mapping relation between the virtual address space of the process A and the shared memory, and then the data A in the shared memory is mapped to the virtual address space of the process B through the mapping relation between the virtual address space of the process B and the shared memory. That is, the process a writes the data a in its own virtual address space, and the data a is immediately mapped to the virtual address space of the process B that can access the same shared memory, so that the data a is timely read by the process B.
And S106, the electronic equipment executes the second service fragment through the protection process when the protection process receives the indication information, and a second operation result is obtained.
In some embodiments, when receiving the indication information sent by the service process, the protection process acquires second data from the physical memory corresponding to the protection process; and further, performing operation on the second data to obtain a second operation result. The second data may be operation data of the target service, that is, the target service splits part of the data into protection processes. It can be appreciated that the method avoids the data of the target service from being concentrated in one process, and can improve the safety of the service data.
In other embodiments, the protection process executes the second service fragment upon receiving the indication information and the first data sent by the service process. For example, the service process may send the indication information and the first data to the protection process at the same time, and then, the protection process performs an operation on the first data to obtain a second operation result. It is also understood that the content of the second traffic segment is the operation on the first data, and therefore the protection process executes the second traffic segment, i.e. the operation on the first data. For example, after the business process encrypts the personal information with the first key, first data is obtained; the business process transmits the first data and the indication information to the protection process; furthermore, the protection process encrypts the first data through the second key based on the indication information to obtain encrypted data; and the protection process sends the encrypted data to the protection process.
According to the embodiment of the application, the electronic equipment splits the target service, executes the partial service fragments of the target service through the protection process, and loses the codes for realizing the partial service fragments if an attacker attacks the protection process, so that the difficulty of the attacker to acquire the codes for realizing the target service is improved, and the protection of the service process is enhanced.
And S107, the electronic equipment transmits the second operation result from the protection process to the service process through inter-process communication.
The inter-process communication methods used in S105 and S107 may be the same or different.
S108, the electronic equipment obtains the operation result of the target service through the service process based on the first operation result and the second operation result.
Wherein, the business process and the protection process can execute one or more business segments; the order in which the service processes and the protection are performed to execute the service fragments is not limited, and the service fragments can be processed according to actual services. For example, the service process may send a first operation result to the protection process after executing the first service fragment; the protection process calculates based on the first operation result to obtain a second operation result; the business process carries out operation based on the second operation result to obtain a third business result; and the service process then carries out operation of the next first service fragment based on the third service result, invites the protection process to calculate other second service fragments, obtains the results of the other second service fragments, and finally obtains the operation result of the target service.
Taking fig. 9 as an example, a procedure of multiparty operation between a business process and a protection process is described. As shown in fig. 9, the hatched area is used to represent a main service, which is a service fragment executed by a service process, and a service fragment executed by a main service and a protection process is a target service. The multiparty operation process can be that the business process invites the protection process to perform different business operations for a plurality of times; and after the protection process is operated, the operation results are respectively returned to the business process.
In some embodiments, the business process and the protection process may communicate messages or data via various inter-process communication modes when the business process and the protection process perform multiparty operations. It can be understood that the business process and the protection process transmit data through different inter-process communication modes, so that the difficulty of an attacker in cracking the process code can be improved, and the purpose of protecting the process is achieved.
Referring to fig. 10, fig. 10 is a schematic structural diagram of an apparatus 200 for protecting data in a process according to an embodiment of the present application, and as shown in fig. 10, the apparatus 200 for protecting data in a process according to an embodiment of the present application at least includes: a first processing module 210 for executing a business process, a second processing module 220 for executing a protection process for monitoring the business process, and an inter-process communication module 230; wherein:
The first processing module 210 is configured to: executing a first service segment in response to an operation aiming at an application program to obtain a first operation result, wherein the target service comprises one or more first service segments and one or more second service segments;
the second processing module 220 is configured to: executing the second service fragment when the protection process receives the indication information, so as to obtain a second operation result, wherein the indication information is used for indicating the execution of the second service fragment;
the inter-process communication module 230 is configured to: transmitting the second operation result from the protection process to the business process;
the first processing module 210 is further configured to; and obtaining an operation result of the target service based on the first operation result and the second operation result.
In one possible implementation, the inter-process communication module 230 communicates the second operation result using at least two inter-process communication methods.
In one possible implementation, the at least two modes of inter-process communication include anonymous pipe communication and/or shared memory.
In one possible implementation, the inter-process communication module 230 is configured to communicate the indication information from the service process to the protection process through inter-process communication.
In one possible implementation, the inter-process communication module 230 is configured to communicate the first data from the service process to the protection process through inter-process communication;
The second processing module 220 is specifically configured to: and calculating the first data to obtain a second operation result.
In one possible implementation, the second processing module 220 is specifically configured to: acquiring second data; and carrying out operation on the second data to obtain a second operation result.
In one possible implementation, the first processing module 210 is configured to: under the condition that a service process is started, a protection process is started, and the service process is monitored through the protection process;
the second processing module 220 is configured to: and stopping the business progress when the business progress is monitored to be debugged.
In one possible implementation, the first processing module 210 is configured to: and when the business process does not receive the second operation result, obtaining a third operation result based on the first operation result.
In particular, the specific implementation of the above-mentioned operations performed by the apparatus 200 may refer to descriptions in the related content of the above-mentioned method embodiments, and for brevity of description, details are not repeated here.
It should be understood that the above-described apparatus 200 is only one example provided by embodiments of the present application, and that the apparatus 200 for protecting data in progress may have more or less components than those shown in fig. 10, may combine two or more components, or may have different configuration implementations of components.
The embodiment of the present application further provides another apparatus 300 for protecting data in a process, referring to fig. 11, fig. 11 is a schematic structural diagram of an apparatus 300 for protecting data in a process provided in the present application, where the apparatus 300 includes: processor 310, communication interface 330, and memory 320, wherein processor 310, communication interface 330, and memory 320 are coupled by bus 340. Wherein,,
processor 310 may include one or more general-purpose processors, where a general-purpose processor may be any type of device capable of processing electronic instructions, including a CPU, microprocessor, microcontroller, main processor, controller, application specific integrated circuit (application specific integrated circuit, ASIC), and the like. The processor 310 reads the program code stored in the memory 320 and cooperates with the communication interface 330 to perform some or all of the steps of the method performed by the apparatus 200 in the above-described embodiments of the present application.
The communication interface 330 may be a wired interface (e.g., an ethernet interface) or a wireless interface (e.g., a cellular network interface or using a wireless local area network interface) for communicating with other computing nodes or devices. When the communication interface 330 is a wired interface, the communication interface 330 may employ a protocol family over a transmission control protocol/internet protocol (transmission control protocol/internet protocol, TCP/IP), such as a remote function call (remote function call, RFC) protocol, a simple object access protocol (simple object access protocol, SOAP) protocol, a simple network management protocol (simple network management protocol, SNMP) protocol, a common object request broker architecture (common object request broker architecture, CORBA) protocol, and a distributed protocol, among others.
The memory 320 may store program codes and program data. Wherein the program code comprises: code of the creation module 110, code of the communication module 120, etc., the program data includes: first data, second data, control information of the second process, control information of the third process, and so on. In practice, the memory 320 may include volatile memory (volatile memory), such as random access memory (random access memory, RAM); the memory may also include a non-volatile memory (ROM), such as a read-only memory (ROM), a flash memory (flash memory), a Hard Disk Drive (HDD), or a Solid State Drive (SSD), as well as combinations of the above types of memory.
Bus 340 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The bus 340 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 11, but not only one bus or one type of bus.
It should be understood that the above-described apparatus 300 is only one example provided by embodiments of the present application, and that the apparatus for protecting data in progress may have more or less components than those shown in fig. 11, may combine two or more components, or may have different configuration implementations of the components.
The embodiment of the present application further provides a computer storage medium, in which instructions are stored, when the computer storage medium runs on a processor, the method steps in the above method embodiment may be implemented, and the specific implementation of the method steps in the execution of the processor of the computer storage medium may refer to the specific operation of the above method embodiment, which is not described herein again.
The present application also provides a computer program product, which when read and executed by a computer, implements some or all of the steps of the inter-process communication method described in the above method embodiments.
In the above-described embodiments, all or part of the functions may be implemented by software, hardware, or a combination of software and hardware. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer readable storage medium. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
Those of ordinary skill in the art will appreciate that implementing all or part of the above-described method embodiments may be accomplished by a computer program to instruct related hardware, the program may be stored in a computer readable storage medium, and the program may include the above-described method embodiments when executed. And the aforementioned storage medium includes: ROM or random access memory RAM, magnetic or optical disk, etc.
Claims (19)
1. A method of protecting data in a process, the method being applied to an electronic device, the method comprising:
the electronic equipment responds to the operation aiming at the application program, and executes a first service fragment through a service process to obtain a first operation result, wherein the target service comprises one or more first service fragments and one or more second service fragments;
when the electronic equipment receives indication information, the second service fragment is executed through the protection process to obtain a second operation result, the protection process is used for monitoring the service process, and the indication information is used for indicating the execution of the second service fragment;
The electronic equipment transmits the second operation result from the protection process to the service process through inter-process communication;
and the electronic equipment obtains the operation result of the target service based on the first operation result and the second operation result through the service process.
2. The method of claim 1, wherein the electronic device communicates the second result of the operation using at least two interprocess communication means.
3. The method of claim 2, wherein the at least two inter-process communication means comprise anonymous pipe communication and/or shared memory.
4. A method according to any one of claims 1-3, characterized in that the method further comprises:
the electronic equipment transmits the indication information from the business process to the protection process through inter-process communication.
5. The method according to any one of claims 1-4, further comprising:
the electronic equipment transmits first data from the business process to the protection process through inter-process communication;
the electronic device executes a second service fragment through a protection process to obtain a second operation result, which comprises the following steps: and the electronic equipment calculates the first data to obtain the second operation result.
6. The method according to any one of claims 1-4, wherein the electronic device executing the second service fragment when receiving the indication information through the protection process comprises:
the electronic equipment acquires second data;
and the electronic equipment performs operation on the second data to obtain a second operation result.
7. The method according to any one of claims 1-5, further comprising:
the electronic equipment starts the protection process under the condition that the service process is started, and monitors the service process through the protection process;
and stopping the business process by the electronic equipment when the protection process monitors that the business process is debugged.
8. The method according to any one of claims 1-7, further comprising:
and when the electronic equipment does not receive the second operation result, obtaining a third operation result based on the first operation result.
9. An apparatus for protecting data in a process, the apparatus comprising: the system comprises a first processing module for executing a business process, a second processing module for executing a protection process and an inter-process communication module, wherein the protection process is used for monitoring the business process; wherein:
The first processing module is used for: executing a first service segment in response to an operation aiming at an application program to obtain a first operation result, wherein a target service comprises one or more first service segments and one or more second service segments;
the second processing module is used for: executing the second service fragment when the protection process receives the indication information to obtain a second operation result, wherein the indication information is used for indicating the execution of the second service fragment;
the inter-process communication module is used for: transmitting the second operation result from the protection process to the business process;
the first processing module is also used for; and obtaining the operation result of the target service based on the first operation result and the second operation result.
10. The apparatus of claim 9, wherein the inter-process communication module communicates the second result of the operation using at least two inter-process communication means.
11. The apparatus of claim 10, wherein the at least two inter-process communication means comprise anonymous pipe communication and/or shared memory.
12. The apparatus according to any of claims 9-11, wherein the inter-process communication module is configured to communicate the indication information from the business process to the protection process by inter-process communication.
13. The apparatus according to any of claims 9-12, wherein the inter-process communication module is configured to communicate first data from the business process to the protection process via inter-process communication;
the second processing module is specifically configured to: and calculating the first data to obtain a second operation result.
14. The apparatus according to any of the claims 9-12, wherein the second processing module is specifically configured to: acquiring second data; and carrying out operation on the second data to obtain a second operation result.
15. The apparatus of any one of claims 9-14, wherein the first processing module is configured to: under the condition that the service process is started, starting the protection process, and monitoring the service process through the protection process;
the second processing module is used for: and stopping the business process when the business progress is monitored to be debugged.
16. The apparatus of any one of claims 9-15, wherein the first processing module is configured to: and when the business process does not receive the second operation result, obtaining a third operation result based on the first operation result.
17. An electronic device comprising one or more processors and one or more memories; wherein the one or more memories are coupled to the one or more processors, the one or more memories for storing computer program code comprising computer instructions that, when executed by the one or more processors, cause the electronic device to perform the method of any of claims 1-8.
18. A computer program product comprising instructions which, when run on an electronic device, cause the electronic device to perform the method of any of claims 1-8.
19. A computer readable storage medium comprising instructions which, when run on an electronic device, cause the electronic device to perform the method of any of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111338912.6A CN116127475A (en) | 2021-11-12 | 2021-11-12 | Method and device for protecting data in process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111338912.6A CN116127475A (en) | 2021-11-12 | 2021-11-12 | Method and device for protecting data in process |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116127475A true CN116127475A (en) | 2023-05-16 |
Family
ID=86301408
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111338912.6A Pending CN116127475A (en) | 2021-11-12 | 2021-11-12 | Method and device for protecting data in process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116127475A (en) |
-
2021
- 2021-11-12 CN CN202111338912.6A patent/CN116127475A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110321790B (en) | Method for detecting countermeasure sample and electronic equipment | |
| US11910197B2 (en) | Service processing method and device | |
| CN111046365A (en) | Face image transmission method, numerical value transfer method, device and electronic equipment | |
| CN111191213B (en) | Method for deleting security service and electronic equipment | |
| CN112352239B (en) | Application authority management method and electronic equipment | |
| CN113408016B (en) | Method and device for storing ciphertext | |
| EP4030680A1 (en) | Application processing method and related product | |
| WO2021184264A1 (en) | Data saving method, data access method, and related apparatus and device | |
| CN114553814B (en) | Method and device for processing push message | |
| WO2022160991A1 (en) | Permission control method and electronic device | |
| CN111062323A (en) | Face image transmission method, numerical value transfer method, device and electronic equipment | |
| CN114546969A (en) | File sharing method and device and electronic equipment | |
| CN114692119A (en) | Method for verifying application and electronic equipment | |
| CN116669020B (en) | Password management method, password management system and electronic equipment | |
| WO2023071985A1 (en) | Remote payment method, electronic device, and system | |
| CN116305093B (en) | Method for operating applet and electronic device | |
| CN115017495B (en) | Timing verification method, electronic device, and readable storage medium | |
| CN114828098B (en) | Data transmission method and electronic equipment | |
| CN116527266A (en) | Data aggregation method and related equipment | |
| CN116127475A (en) | Method and device for protecting data in process | |
| US20240233933A1 (en) | Contact tracing method and related device | |
| RU2809740C2 (en) | Method for processing file stored in external memory | |
| CN117234351B (en) | Touch processing method, terminal equipment and storage medium | |
| WO2022042273A1 (en) | Key using method and related product | |
| CN118797664A (en) | Data encryption method and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |