TWM569868U - Electronic device with application program based self-checking mechanism - Google Patents

Electronic device with application program based self-checking mechanism Download PDF

Info

Publication number
TWM569868U
TWM569868U TW107211425U TW107211425U TWM569868U TW M569868 U TWM569868 U TW M569868U TW 107211425 U TW107211425 U TW 107211425U TW 107211425 U TW107211425 U TW 107211425U TW M569868 U TWM569868 U TW M569868U
Authority
TW
Taiwan
Prior art keywords
digital signature
application
java application
java
processing unit
Prior art date
Application number
TW107211425U
Other languages
Chinese (zh)
Inventor
許毓展
Original Assignee
許毓展
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 許毓展 filed Critical 許毓展
Priority to TW107211425U priority Critical patent/TWM569868U/en
Publication of TWM569868U publication Critical patent/TWM569868U/en

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

一種電子裝置包含一記錄有一Java應用程式的記憶體單元及一處理單元,該Java應用程式具有一Java本地介面模組以及一用於供該Java本地介面模組呼叫的檢核演算法,且該檢核演算法的程式碼是以機器碼的形式呈現。該處理單元於接收到一指示出開啟該Java應用程式的開啟指令時從該記憶體單元載入該Java應用程式,並藉由令該Java本地介面模組呼叫該檢核演算法以執行該檢核演算法,藉此,該處理單元於判斷出一嵌入於該Java應用程式中的應用端數位簽章與一儲存於一官方伺服器的開發端數位簽章彼此相符時開啟並執行該Java應用程式,否則不開啟該Java應用程式。An electronic device includes a memory unit recorded with a Java application and a processing unit, the Java application having a Java local interface module and a verification algorithm for calling the Java local interface module, and the The code of the check algorithm is presented in the form of a machine code. The processing unit loads the Java application from the memory unit when receiving an open command indicating that the Java application is started, and causes the Java local interface module to call the check algorithm to perform the check. The algorithm, whereby the processing unit opens and executes the Java application when it is determined that an application-side digital signature embedded in the Java application matches a development-side digital signature stored in an official server Program, otherwise the Java application will not be opened.

Description

具有應用程式自我檢核機制的電子裝置Electronic device with application self-checking mechanism

本新型是有關於一種電子裝置,特別是指一種具有應用程式自我檢核機制的電子裝置。The present invention relates to an electronic device, and more particularly to an electronic device having an application self-checking mechanism.

近年來,由於智慧型手機的普及,各種不同功能的應用程式(Application)如雨後春筍般出現,而大幅提高了現代人生活的便利性。In recent years, due to the popularity of smart phones, applications with different functions have sprung up, which has greatly improved the convenience of modern life.

Android作業系統(中文譯為「安卓」)是現今相當常見的智慧型手機作業系統之一,然而,支援Android作業系統的應用程式一直以來存在內部程式碼易被竄改的安全性問題。舉例來說,有心人士可能會將病毒或者木馬程式植入應用程式,再將竄改過的應用程式發佈於網路,而使用者將被竄改過的應用程式安裝至智慧型手機後,即可能導致手機中毒或個資外洩的情形發生。The Android operating system (Chinese translation for "Android") is one of the most common smart phone operating systems today. However, applications that support the Android operating system have always had security issues in which internal code is easily falsified. For example, a person who is interested may put a virus or Trojan in the application and then publish the modified application on the Internet. After the user installs the modified application to the smart phone, it may result in Cell phone poisoning or personal leakage occurs.

因此,如何在享受應用程式的便利同時一併兼顧其資訊安全性,便成為本案所欲探討的議題。Therefore, how to enjoy the convenience of the application while taking into account its information security has become the topic of discussion in this case.

因此,本新型的目的,在於提供一種能進一步提升資訊安全性的電子裝置。Therefore, the object of the present invention is to provide an electronic device capable of further improving information security.

本新型電子裝置包含一輸入單元、一記憶體單元,以及一電連接該輸入單元及該記憶體單元的處理單元。該記憶體單元記錄有一Java應用程式,該Java應用程式具有一Java本地介面模組以及一用於供該Java本地介面模組呼叫的檢核演算法,且該檢核演算法的程式碼是以機器碼的形式呈現。該處理單元於接收到一來自該輸入單元且指示出開啟該Java應用程式的開啟指令時,該處理單元從該記憶體單元載入該Java應用程式,並藉由令該Java本地介面模組呼叫該檢核演算法以執行該檢核演算法。藉由執行該檢核演算法,該處理單元於判斷出一嵌入於該Java應用程式中的應用端數位簽章與一儲存於一官方伺服器且對應該Java應用程式的開發端數位簽章彼此相符時,開啟並執行該Java應用程式,否則不開啟該Java應用程式。The electronic device of the present invention comprises an input unit, a memory unit, and a processing unit electrically connected to the input unit and the memory unit. The memory unit records a Java application having a Java local interface module and a check algorithm for calling the Java local interface module, and the code of the check algorithm is The form of the machine code is presented. When the processing unit receives an open command from the input unit and indicates that the Java application is started, the processing unit loads the Java application from the memory unit and calls the Java local interface module. The check algorithm performs the check algorithm. By executing the check algorithm, the processing unit determines that an application-side digital signature embedded in the Java application and a developer-side digital signature stored in an official server and corresponding to the Java application When the match is met, the Java application is opened and executed, otherwise the Java application is not opened.

在本新型電子裝置的一些實施態樣中,藉由執行該檢核演算法,該處理單元於判斷出該Java應用程式中未嵌入該應用端數位簽章,或者判斷出該應用端數位簽章與該開發端數位簽章彼此不相符時,該處理單元不開啟該Java應用程式。In some implementations of the electronic device of the present invention, the processing unit determines that the application digital signature is not embedded in the Java application, or determines that the application digital signature is determined by executing the verification algorithm. The processing unit does not open the Java application when the development side digital signature does not match each other.

在本新型電子裝置的一些實施態樣中,藉由執行該檢核演算法,該處理單元還產生一數位簽章請求,並根據該Java應用程式中所具有的一官方伺服器位址將該數位簽章請求傳送至該官方伺服器,以使該官方伺服器接收到該數位簽章請求時將該開發端數位簽章傳送至該電子裝置。In some implementations of the novel electronic device, the processing unit further generates a digital signature request by executing the verification algorithm, and according to an official server address of the Java application The digital signature request is transmitted to the official server to cause the official server to transmit the development digital signature to the electronic device upon receiving the digital signature request.

在本新型電子裝置的一些實施態樣中,藉由執行該檢核演算法,該處理單元還將該應用端數位簽章根據該Java應用程式中所具有的一官方伺服器位址傳送至該官方伺服器,以使該官方伺服器接收到該應用端數位簽章時將該應用端數位簽章與該開發端數位簽章比對,並回傳一指示出該應用端數位簽章是否與該開發端數位簽章相符的比對結果至該電子裝置。In some implementations of the present electronic device, the processing unit further transmits the application digital signature to the official server address according to the Java application by executing the verification algorithm. The official server, so that the official server receives the digital signature of the application, and compares the digital signature of the application with the digital signature of the development end, and returns a flag indicating whether the digital signature of the application end is The development side digital signature matches the matching result to the electronic device.

在本新型電子裝置的一些實施態樣中,該開發端數位簽章是至少根據一由該Java應用程式之開發者所管理的私鑰所產生。In some implementations of the novel electronic device, the development side digital signature is generated based at least on a private key managed by a developer of the Java application.

本新型之功效在於:該電子裝置的處理單元能藉由令該Java本地介面模組呼叫該檢核演算法的方式來執行該檢核演算法,並根據該應用端數位簽章與該開發端數位簽章的比對結果決定是否開啟並執行該Java應用程式,如此一來,能夠有效地檢核出該Java應用程式是否遭到竄改,而且,由於該檢核演算法的程式碼是以機器碼的形式呈現,故能確保該檢核演算法本身無法被反組議及修改,而進一步提升了該Java應用程式在應用上的資訊安全性。The effect of the novel is that the processing unit of the electronic device can execute the verification algorithm by causing the Java local interface module to call the verification algorithm, and according to the application end digital signature and the development end The comparison result of the digital signature determines whether the Java application is opened and executed, so that the Java application can be effectively checked whether the Java application has been tampered with, and since the code of the verification algorithm is a machine The form of the code is presented, so that the verification algorithm itself can not be reversed and modified, and the information security of the Java application is further improved.

在本新型被詳細描述之前,應當注意在以下的說明內容中,類似的元件是以相同的編號來表示。Before the present invention is described in detail, it should be noted that in the following description, similar elements are denoted by the same reference numerals.

參閱圖1,本新型電子裝置1之一第一實施例可例如被實施為一以Android作業系統運作的智慧型手機,且該電子裝置1適用於經由網際網路與一官方伺服器50通訊。在其他的實施例中,該電子裝置1也可被實施為一平板電腦、一筆記型電腦或者一桌上型電腦,並且,該電子裝置1的作業系統只要是能透過Java虛擬機器(英文為Java Virtual Machine,簡稱JVM)來執行以Java程式設計語言所開發的應用程式即可實施,而並不限於本實施例所舉例的Android作業系統。Referring to FIG. 1, a first embodiment of the present electronic device 1 can be implemented, for example, as a smart phone operating in an Android operating system, and the electronic device 1 is adapted to communicate with an official server 50 via the Internet. In other embodiments, the electronic device 1 can also be implemented as a tablet computer, a notebook computer, or a desktop computer, and the operating system of the electronic device 1 can be transmitted through a Java virtual machine. The Java Virtual Machine (JVM) can be implemented by executing an application developed in the Java programming language, and is not limited to the Android operating system exemplified in the embodiment.

該電子裝置1包含一輸入單元11、一輸出單元12、一記錄有一Java應用程式的記憶體單元13、一通訊單元14,以及一電連接該輸入單元11、該輸出單元12、該記憶體單元13及該通訊單元14的處理單元15。在本實施例中,該輸入單元11例如與該輸出單元12被共同實施為一觸控顯示螢幕,該記憶體單元13例如被實施為一快閃記憶體(Flash memory),該處理單元15則例如被實施為具有一中央處理器的控制電路板,但不以此為限。補充說明的是,在其他實施例中,當該電子裝置1是被實施為筆記型電腦或者桌上型電腦時,該輸入單元11可例如被實施為一鍵盤、一觸控板、一滑鼠的其中至少一者,且該輸出單元12被實施為一顯示螢幕,而不以本實施例為限。The electronic device 1 includes an input unit 11, an output unit 12, a memory unit 13 that records a Java application, a communication unit 14, and an electrical connection to the input unit 11, the output unit 12, and the memory unit. 13 and processing unit 15 of the communication unit 14. In this embodiment, the input unit 11 is implemented together with the output unit 12 as a touch display screen, and the memory unit 13 is implemented as a flash memory, for example, the processing unit 15 For example, it is implemented as a control circuit board having a central processing unit, but is not limited thereto. It is to be noted that, in other embodiments, when the electronic device 1 is implemented as a notebook computer or a desktop computer, the input unit 11 can be implemented as a keyboard, a touch pad, a mouse, for example. At least one of them, and the output unit 12 is implemented as a display screen, and is not limited to the embodiment.

特別說明的是,該電子裝置1例如是自一電腦可讀取記錄媒體獲得該Java應用程式,具體而言,該電腦可讀取記錄媒體可例如被實施為儲存有該Java應用程式的一光碟片、一記憶卡、一USB介面的隨身碟、一硬碟或者是其他種類的資料載體,但不以此為限。並且,當該電腦可讀取記錄媒體被設置於該電子裝置1時,該電腦可讀取記錄媒體即被作為該記憶體單元13,該處理單元15能藉由讀取該電腦可讀取記錄媒體以獲得該Java應用程式。或者,該電子裝置1也可例如是以該處理單元15經由該通訊單元14從網路上(例如從一應用程式商店)下載包含有該Java應用程式的一應用程式產品,再將下載所得的該Java應用程式儲存於該記憶體單元13,但不以為限。Specifically, the electronic device 1 obtains the Java application from a computer-readable recording medium. Specifically, the computer-readable recording medium can be implemented, for example, as a CD-ROM storing the Java application. A film, a memory card, a USB interface flash drive, a hard drive or other kind of data carrier, but not limited to this. Moreover, when the computer readable recording medium is disposed on the electronic device 1, the computer readable recording medium is used as the memory unit 13, and the processing unit 15 can read the record by reading the computer. The media gets the Java application. Alternatively, the electronic device 1 can also download an application product containing the Java application from the network (for example, from an application store) via the communication unit 14 via the communication unit 14, and then download the obtained application. The Java application is stored in the memory unit 13, but is not limited thereto.

補充說明的是,在本實施例中,該Java應用程式於該記憶體單元13中例如是處於已被安裝完成,而能被該處理單元15所開啟執行的狀態,但不以此為限。It is to be noted that, in this embodiment, the Java application is in the memory unit 13 for example, but is in a state that it has been installed and can be executed by the processing unit 15, but is not limited thereto.

該Java應用程式具有一Java本地介面模組、一用於供該Java本地介面模組呼叫的檢核演算法、一指示出該官方伺服器50之IP位址或網址的官方伺服器位址,以及一主要功能部分。The Java application has a Java native interface module, a check algorithm for the Java local interface module call, and an official server address indicating the IP address or URL of the official server 50. And a major functional part.

在本實施例中,該Java本地介面模組是應用JNI技術所編寫的一段程式碼(JNI的全名為Java Native Interface),而使得該處理單元15能透過Java虛擬機器呼叫以其它種類之程式語言(例如C、C++或組合語言等)所編寫的演算法、應用程式或函式庫。In this embodiment, the Java native interface module is a piece of code (JNI's full name called Java Native Interface) written by JNI technology, so that the processing unit 15 can call other kinds of programs through the Java virtual machine. An algorithm, application, or library written in a language such as C, C++, or a combination language.

在本實施例中,該檢核演算法是以機器語言(Machine Language)呈現,也就是說,該檢核演算法的程式碼是以經過編譯之機器碼(Machine Code)的形式呈現,因此,對於使用者而言,該檢核演算法的程式碼呈現為以二進制表示的多個0與1,而不具可讀性。In this embodiment, the check algorithm is presented in Machine Language, that is, the code of the check algorithm is presented in the form of a compiled Machine Code, and therefore, For the user, the code of the check algorithm appears as multiple 0s and 1s in binary, and is not readable.

該主要功能部分例如是指該Java應用程式中供該處理單元15實現該Java應用程式所提供之主要功能的軟體資源部分。舉例來說,假設該Java應用程式為一虛擬貨幣交易程式,則該Java應用程式的該主要功能部分可例如包含一建構出線上虛擬貨幣交易功能的主要演算法,以及一供使用者操作而進行線上虛擬貨幣交易的圖形化使用者介面等,但不以此為限。The main functional part is, for example, a software resource part of the Java application for the processing unit 15 to implement the main functions provided by the Java application. For example, if the Java application is a virtual currency transaction program, the main functional part of the Java application may include, for example, a main algorithm for constructing an online virtual currency transaction function, and a user operation. Graphical user interface for online virtual currency trading, etc., but not limited to this.

在本實施例中,該處理單元15能根據該Java應用程式所具有的該官方伺服器位址,而經由該通訊單元14透過網際網路與該官方伺服器50連線。具體而言,該官方伺服器50例如是由該Java應用程式之開發者所管理,且儲存了一對應該Java應用程式的開發端數位簽章,該開發端數位簽章例如是根據一由該Java應用程式之開發者所管理的私鑰以及該Java應用程式其中一部分的程式碼進行一雜湊運算程序而產生,而具有唯一性及不可否認性。In this embodiment, the processing unit 15 can connect to the official server 50 via the communication unit 14 via the communication unit 14 according to the official server address of the Java application. Specifically, the official server 50 is managed by a developer of the Java application, for example, and stores a pair of development end digital signatures of the Java application, and the development digital signature is, for example, based on The private key managed by the developer of the Java application and the code of a part of the Java application are generated by a hash operation program, which is unique and non-repudiation.

同時參閱圖1及圖2,以下示例性地詳細說明本實施例的該電子裝置1如何實施一應用程式自我檢核方法。Referring to FIG. 1 and FIG. 2 together, the following describes in detail how the electronic device 1 of the embodiment implements an application self-checking method.

首先,在步驟S1中,該處理單元15自該輸入單元11接收一指示出開啟該Java應用程式的開啟指令。該開啟指令例如是由該輸入單元11根據一使用者的操作而產生,而且,需注意的是,在本實施例中,該開啟指令是用於請求該處理單元15在該Java應用程式已被安裝完成的情形下開啟並執行該Java應用程式,以將該Java應用程式的主要功能提供給該使用者使用,但不以此為限。接著,進行步驟S2。First, in step S1, the processing unit 15 receives an open command from the input unit 11 indicating that the Java application is opened. The opening command is generated, for example, by the input unit 11 according to a user operation, and it should be noted that, in this embodiment, the opening command is used to request that the processing unit 15 has been used in the Java application. When the installation is complete, the Java application is opened and executed to provide the main function of the Java application to the user, but not limited thereto. Next, step S2 is performed.

在步驟S2中,該處理單元15於接收到該開啟指令時,從該記憶體單元13載入該Java應用程式,並令該Java本地介面模組呼叫該檢核演算法以藉此執行該檢核演算法。接著,進行步驟S3。In step S2, the processing unit 15 loads the Java application from the memory unit 13 upon receiving the open command, and causes the Java local interface module to call the check algorithm to perform the check. Nuclear algorithm. Next, step S3 is performed.

在步驟S3中,藉由執行該檢核演算法,該處理單元15判斷該Java應用程式中是否嵌入有一應用端數位簽章。當該處理單元15的判斷結果為是時,接著進行步驟S4。當該處理單元15的判斷結果為否時,接著進行步驟S7。In step S3, by executing the check algorithm, the processing unit 15 determines whether an application-side digital signature is embedded in the Java application. When the determination result of the processing unit 15 is YES, the process proceeds to step S4. When the determination result of the processing unit 15 is NO, the process proceeds to step S7.

在步驟S4中,藉由執行該檢核演算法,當該處理單元15判斷出該Java應用程式中嵌入有該應用端數位簽章時,該處理單元15產生一數位簽章請求,並根據該Java應用程式所具有的該官方伺服器位址,將該數位簽章請求經由該通訊單元14透過網際網路傳送至該官方伺服器50,以使該官方伺服器50接收到該數位簽章請求時將其所儲存的該開發端數位簽章回傳至該電子裝置1,以使該處理單元15自該官方伺服器50獲得該開發端數位簽章。補充說明的是,在其他實施例中,本步驟也可於該處理單元15接收到該開啟指令時就執行,而不以本實施例為限。接著,進行步驟S5。In step S4, by performing the check algorithm, when the processing unit 15 determines that the application end digital signature is embedded in the Java application, the processing unit 15 generates a digital signature request, and according to the The official server address of the Java application, the digital signature request is transmitted to the official server 50 via the communication unit 14 via the communication unit, so that the official server 50 receives the digital signature request. The development end digital signature is stored back to the electronic device 1 so that the processing unit 15 obtains the development end digital signature from the official server 50. It should be noted that, in other embodiments, this step may also be performed when the processing unit 15 receives the open command, and is not limited to the embodiment. Next, step S5 is performed.

在步驟S5中,藉由執行該檢核演算法,該處理單元15將該應用端數位簽章與該開發端數位簽章比對,並判斷該應用端數位簽章是否與該開發端數位簽章相符。當該處理單元15的判斷結果為是時,接著進行步驟S6。當該處理單元15的判斷結果為否時,接著進行步驟S7。In step S5, by executing the check algorithm, the processing unit 15 compares the application digital signature with the development end digital signature, and determines whether the application digital signature is signed with the development end number. The chapter matches. When the determination result of the processing unit 15 is YES, the process proceeds to step S6. When the determination result of the processing unit 15 is NO, the process proceeds to step S7.

在步驟S6中,該處理單元15於判斷出該應用端數位簽章與該開發端數位簽章彼此相符時,產生一指示出檢核成功的檢核結果,並結束該檢核演算法的執行。接著,進行步驟S8。In step S6, the processing unit 15 generates a check result indicating that the check is successful, and ends the execution of the check algorithm when it is determined that the application digital signature and the development end digital signature match each other. . Next, step S8 is performed.

在接續於步驟S3或步驟S5的步驟S7中,該處理單元15於判斷出該Java應用程式中並未嵌入該應用端數位簽章,或者判斷出該應用端數位簽章與該開發端數位簽章彼此不相符時,該處理單元15產生一指示出檢核失敗的檢核結果,並結束該檢核演算法的執行。接著,進行步驟S9。In the step S7 of the step S3 or the step S5, the processing unit 15 determines that the application digital signature is not embedded in the Java application, or determines that the application digital signature is digitally signed by the development end. When the chapters do not coincide with each other, the processing unit 15 generates a check result indicating that the check is failed, and ends the execution of the check algorithm. Next, step S9 is performed.

在步驟S8中,該處理單元15根據指示出檢核成功的該檢核結果開啟並執行該Java應用程式。In step S8, the processing unit 15 turns on and executes the Java application according to the check result indicating that the check is successful.

在步驟S9中,該處理單元15根據指示出檢核失敗的該檢核結果不開啟該Java應用程式,並產生一檢核失敗通知,且該處理單元15將該檢核失敗通知經由該輸出單元12輸出,該檢核失敗通知例如指示出「本應用程式已遭竄改,請至官方網站重新下載安裝」,但不以此為限。In step S9, the processing unit 15 does not open the Java application according to the check result indicating that the check fails, and generates a check failure notification, and the processing unit 15 notifies the check failure via the output unit. 12 output, the check failure notification, for example, indicates "This application has been tampered with, please go to the official website to re-install and install", but not limited to this.

值得說明的是,由於Java程式設計語言本身的語法具有可讀性,因此,以Java程式設計語言開發的應用程式在反組譯的難度上相對簡單,而特別容易被有心人士竄改或植入惡意程式。然而,以本實施例來說,該Java應用程式被開發完成後,其開發者會先以該私鑰產生對應該Java應用程式的該開發端數位簽章,並將該開發端數位簽章作為該應用端數位簽章而嵌入於該Java應用程式內,才將該Java應用程式發佈於網際網路供下載使用。也就是說,在該Java應用程式並未被竄改的情形下,嵌入於該Java應用程式內的該應用端數位簽章會與該開發端數位簽章彼此相符。而若該Java應用程式遭到有心人士的篡改,只要有心人士未取得由開發者所管理的該私鑰,則其在將該Java應用程式重新封裝時便無法產生與該開發端數位簽章相符的數位簽章,因此,有心人士僅能自行產生與該開發端數位簽章不相符的另一個數位簽章並將其作為新的應用端數位簽章,或者,有心人士也可能直接忽略而不製作新的應用端數位簽章。而本實施例中的該處理單元15藉由JNI技術來執行該檢核演算法,便能判斷出該Java應用程式中是否有嵌入該應用端數位簽章,以及該應用端數位簽章是否與該開發端數位簽章相符,如此一來,每當該處理單元15接收到該開啟指令時(亦即該電子裝置1的使用者每一次欲使用該Java應用程式時),該處理單元15皆會執行該檢核演算法,並有效地判斷出該Java應用程式是否曾遭到有心人士的篡改。而且,值得一提的是,由於該檢核演算法的程式碼是以經過編譯之機器碼的形式呈現而不具可讀性,因此,即使有心人士對該Java應用程式進行反組譯,也無法根據該檢核演算法的程式碼去理解或修改該檢核演算法的機制,如此一來,本實施例能確保該檢核演算法本身難以被篡改,而進一步提升了該Java應用程式整體的資訊安全性。It is worth noting that, because the syntax of the Java programming language itself is readable, applications developed in the Java programming language are relatively simple in the difficulty of anti-compilation, and are particularly susceptible to being tampered with or implanted by malicious people. Program. However, in this embodiment, after the Java application is developed, the developer first generates the development side digital signature corresponding to the Java application with the private key, and uses the development side digital signature as the signature. The application digital signature is embedded in the Java application, and the Java application is published on the Internet for download. That is to say, in the case that the Java application has not been tampered with, the application digital signature embedded in the Java application matches the development side digital signature. If the Java application is tampered with by a person who is interested, if the person does not have the private key managed by the developer, then the Java application cannot be re-encapsulated to match the digital signature of the development end. The digital signature, therefore, the interested person can only generate another digital signature that does not match the digital signature of the development end and use it as a new application-side digital signature, or the interested person may directly ignore it. Create a new application-side digital signature. The processing unit 15 in this embodiment performs the check algorithm by using the JNI technology, and can determine whether the Java application has the digital signature in the application end and whether the digital signature of the application end is The development end digital signature is matched, so that each time the processing unit 15 receives the open command (that is, each time the user of the electronic device 1 wants to use the Java application), the processing unit 15 The check algorithm is executed and it is effectively determined whether the Java application has been tampered with by a person of interest. Moreover, it is worth mentioning that since the code of the check algorithm is presented in the form of compiled machine code and is not readable, even if the person is interested in the reverse translation of the Java application, According to the code of the check algorithm, the mechanism of the check algorithm is understood or modified. In this way, the embodiment can ensure that the check algorithm itself is difficult to be tampered with, and further improve the overall Java application. Information security.

本新型電子裝置1之一第二實施例與第一實施例大致相同,以下針對第二實施例與第一實施例的差異之處進行說明。The second embodiment of the present electronic device 1 is substantially the same as the first embodiment, and the differences between the second embodiment and the first embodiment will be described below.

在第二實施例中,在該應用程式自我檢核方法被實施之前,該Java應用程式於該記憶體單元13中例如是處於尚未被安裝的狀態,也就是說,該Java應用程式是呈現為一個安裝檔而被記錄於該記憶體單元13中,且該Java應用程式能供該處理單元15開啟並執行一對應該Java應用程式的安裝程序。更具體地說,該Java應用程式的檔案格式可例如為一APK格式或一JAR格式,但不以此為限。並且,以第二實施例而言,在該應用程式自我檢核方法的步驟S1中,該開啟指令是用於請求該處理單元15開啟該Java應用程式並進行該安裝程序,以令該Java應用程式被安裝為能提供其主要功能給使用者使用的狀態。而在第二實施例的步驟S8中,該處理單元15是根據指示出檢核成功的該檢核結果開啟該Java應用程式,並執行對應該Java應用程式的該安裝程序。也就是說,在第二實施例中,該處理單元15僅有在準備安裝該Java應用程式時才會執行該檢核演算法,而不同於第一實施例。In the second embodiment, before the application self-checking method is implemented, the Java application is in a state in which the memory unit 13 is not yet installed, that is, the Java application is rendered as An installation file is recorded in the memory unit 13, and the Java application can be used by the processing unit 15 to open and execute a pair of Java application installation programs. More specifically, the file format of the Java application may be, for example, an APK format or a JAR format, but is not limited thereto. Moreover, in the second embodiment, in the step S1 of the application self-checking method, the opening command is used to request the processing unit 15 to open the Java application and perform the installer to make the Java application. The program is installed to provide the status of its main function for the user. In step S8 of the second embodiment, the processing unit 15 starts the Java application according to the check result indicating that the check is successful, and executes the installer corresponding to the Java application. That is, in the second embodiment, the processing unit 15 executes the check algorithm only when the Java application is ready to be installed, unlike the first embodiment.

本新型電子裝置1之一第三實施例與第一實施例大致相同,以下針對第三實施例與第一實施例的差異之處進行說明。The third embodiment of the present electronic device 1 is substantially the same as the first embodiment, and the differences between the third embodiment and the first embodiment will be described below.

同時參閱圖1及圖3,在第三實施例中,藉由執行該檢核演算法,該處理單元15在步驟S4中是將該應用端數位簽章根據該Java應用程式中所具有的一官方伺服器位址傳送至該官方伺服器50,以使該官方伺服器50接收到該應用端數位簽章時將該應用端數位簽章與該開發端數位簽章比對,並回傳一指示出該應用端數位簽章是否與該開發端數位簽章相符的比對結果至該電子裝置1。因此,該處理單元15在步驟S5中是根據接收自該官方伺服器50的該比對結果判斷該應用端數位簽章是否與該開發端數位簽章相符。Referring to FIG. 1 and FIG. 3, in the third embodiment, by performing the check algorithm, the processing unit 15 in step S4 is to mark the application end digital signature according to the Java application. The official server address is transmitted to the official server 50, so that the official server 50 compares the application digital signature with the development digital signature when receiving the digital signature of the application, and returns a A comparison result indicating whether the application digital signature matches the development side digital signature to the electronic device 1. Therefore, the processing unit 15 determines in step S5 whether the application digital signature is consistent with the development end digital signature based on the comparison result received from the official server 50.

綜上所述,本新型電子裝置1藉由實施該應用程式自我檢核方法,能使該處理單元15藉由令該Java本地介面模組呼叫該檢核演算法的方式來執行該檢核演算法,並根據該應用端數位簽章與該開發端數位簽章的比對結果決定是否開啟並執行該Java應用程式,如此一來,能夠有效地檢核出該Java應用程式是否遭到竄改,而且,由於該檢核演算法的程式碼是以機器碼的形式呈現,故能確保該檢核演算法本身無法被反組譯及篡改,而進一步提升了該Java應用程式在應用上的資訊安全性,所以確實能達成本新型之目的。In summary, the electronic device 1 of the present invention can implement the self-checking method of the application, so that the processing unit 15 can perform the check calculation by calling the Java local interface module to call the check algorithm. Method, and according to the comparison between the application digital signature and the digital signature of the development end, determine whether to open and execute the Java application, so that the Java application can be effectively checked whether the Java application has been tampered with. Moreover, since the code of the check algorithm is presented in the form of a machine code, it can ensure that the check algorithm itself cannot be reversely translated and falsified, thereby further improving the information security of the Java application in application. Sex, so it is indeed possible to achieve the purpose of this new type.

惟以上所述者,僅為本新型之實施例而已,當不能以此限定本新型實施之範圍,凡是依本新型申請專利範圍及專利說明書內容所作之簡單的等效變化與修飾,皆仍屬本新型專利涵蓋之範圍內。However, the above is only the embodiment of the present invention, and when it is not possible to limit the scope of the present invention, all the simple equivalent changes and modifications according to the scope of the patent application and the contents of the patent specification are still This new patent covers the scope.

1‧‧‧電子裝置
11‧‧‧輸入單元
12‧‧‧輸出單元
13‧‧‧記憶體單元
14‧‧‧通訊單元
15‧‧‧處理單元
50‧‧‧官方伺服器
S1~S9‧‧‧步驟1‧‧‧Electronic device
11‧‧‧ Input unit
12‧‧‧Output unit
13‧‧‧ memory unit
14‧‧‧Communication unit
15‧‧‧Processing unit
50‧‧‧Official server
S1~S9‧‧‧Steps

本新型之其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是本新型電子裝置的一第一實施例與一官方伺服器相配合的一方塊示意圖; 圖2是一流程圖,示例性地說明該第一實施例如何實施一應用程式自我檢核方法;及 圖3是一流程圖,示例性地說明本新型電子裝置的一第三實施例如何實施該應用程式自我檢核方法。Other features and effects of the present invention will be apparent from the following description of the drawings, wherein: FIG. 1 is a block diagram showing a first embodiment of the electronic device in accordance with an official server; 2 is a flowchart, exemplarily illustrating how the first embodiment implements an application self-checking method; and FIG. 3 is a flowchart exemplarily illustrating how a third embodiment of the novel electronic device implements the Application self-checking method.

Claims (5)

一種電子裝置,包含: 一輸入單元; 一記憶體單元,記錄有一Java應用程式,該Java應用程式具有一Java本地介面模組以及一用於供該Java本地介面模組呼叫的檢核演算法,且該檢核演算法的程式碼是以機器碼的形式呈現,及; 一處理單元,電連接該輸入單元及該記憶體單元,該處理單元於接收到一來自該輸入單元且指示出開啟該Java應用程式的開啟指令時,該處理單元從該記憶體單元載入該Java應用程式,並藉由令該Java本地介面模組呼叫該檢核演算法以執行該檢核演算法; 藉由執行該檢核演算法,該處理單元於判斷出一嵌入於該Java應用程式中的應用端數位簽章與一儲存於一官方伺服器且對應該Java應用程式的開發端數位簽章彼此相符時,開啟並執行該Java應用程式,否則不開啟該Java應用程式。An electronic device comprising: an input unit; a memory unit, recorded with a Java application, the Java application having a Java local interface module and a verification algorithm for calling the Java local interface module, And the code of the check algorithm is presented in the form of a machine code, and a processing unit electrically connects the input unit and the memory unit, the processing unit receives an input from the input unit and indicates that the device is turned on. When the Java application opens the instruction, the processing unit loads the Java application from the memory unit, and causes the Java local interface module to call the verification algorithm to execute the verification algorithm; The check algorithm, the processing unit determines that an application-side digital signature embedded in the Java application matches a development-end digital signature stored in an official server and corresponds to a Java application. Open and execute the Java application, otherwise the Java application will not be opened. 如請求項1所述的電子裝置,其中,藉由執行該檢核演算法,該處理單元於判斷出該Java應用程式中未嵌入該應用端數位簽章,或者判斷出該應用端數位簽章與該開發端數位簽章彼此不相符時,該處理單元不開啟該Java應用程式。The electronic device of claim 1, wherein the processing unit determines that the application digital signature is not embedded in the Java application, or determines that the application digital signature is determined by executing the verification algorithm. The processing unit does not open the Java application when the development side digital signature does not match each other. 如請求項1所述的電子裝置,其中,藉由執行該檢核演算法,該處理單元還產生一數位簽章請求,並根據該Java應用程式中所具有的一官方伺服器位址將該數位簽章請求傳送至該官方伺服器,以使該官方伺服器接收到該數位簽章請求時將該開發端數位簽章傳送至該電子裝置。The electronic device of claim 1, wherein the processing unit further generates a digital signature request by executing the verification algorithm, and according to an official server address of the Java application The digital signature request is transmitted to the official server to cause the official server to transmit the development digital signature to the electronic device upon receiving the digital signature request. 如請求項1所述的電子裝置,其中,藉由執行該檢核演算法,該處理單元還將該應用端數位簽章根據該Java應用程式中所具有的一官方伺服器位址傳送至該官方伺服器,以使該官方伺服器接收到該應用端數位簽章時將該應用端數位簽章與該開發端數位簽章比對,並回傳一指示出該應用端數位簽章是否與該開發端數位簽章相符的比對結果至該電子裝置。The electronic device of claim 1, wherein the processing unit further transmits the application digital signature to the official server address according to the Java application by executing the verification algorithm. The official server, so that the official server receives the digital signature of the application, and compares the digital signature of the application with the digital signature of the development end, and returns a flag indicating whether the digital signature of the application end is The development side digital signature matches the matching result to the electronic device. 如請求項1所述的電子裝置,其中,該開發端數位簽章是至少根據一由該Java應用程式之開發者所管理的私鑰所產生。The electronic device of claim 1, wherein the development side digital signature is generated based at least on a private key managed by a developer of the Java application.
TW107211425U 2018-08-21 2018-08-21 Electronic device with application program based self-checking mechanism TWM569868U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107211425U TWM569868U (en) 2018-08-21 2018-08-21 Electronic device with application program based self-checking mechanism

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107211425U TWM569868U (en) 2018-08-21 2018-08-21 Electronic device with application program based self-checking mechanism

Publications (1)

Publication Number Publication Date
TWM569868U true TWM569868U (en) 2018-11-11

Family

ID=65035785

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107211425U TWM569868U (en) 2018-08-21 2018-08-21 Electronic device with application program based self-checking mechanism

Country Status (1)

Country Link
TW (1) TWM569868U (en)

Similar Documents

Publication Publication Date Title
JP5821034B2 (en) Information processing apparatus, virtual machine generation method, and application distribution system
WO2019153544A1 (en) Annotation backend check method and apparatus, computer device and storage medium.
US10038558B2 (en) Cryptographically verified repeatable virtualized computing
US8694981B2 (en) Shared resource dependencies
JP6166839B2 (en) System and method for replacing application methods at runtime
KR101966754B1 (en) Generating and caching software code
US8826269B2 (en) Annotating virtual application processes
US20180069844A1 (en) Secure data destruction in a distributed environment using key protection mechanisms
JP5828081B2 (en) Information processing apparatus, information processing method, and program distribution system
WO2019019643A1 (en) Application program hot update method and apparatus, and terminal and storage medium
TWI420879B (en) Anti-hack protection to restrict installation of operating systems and other software
US9483636B2 (en) Runtime application integrity protection
JP5346608B2 (en) Information processing apparatus and file verification system
JP2008097597A (en) High integrity firmware
KR20160112757A (en) User device and integrity verification method for the same
CN107567629B (en) Dynamic firmware module loader in trusted execution environment container
KR20150102090A (en) Mechanism to support reliability, availability, and serviceability (ras) flows in a peer monitor
US20230334127A1 (en) System and method for protecting software licensing information via a trusted platform module
Dhobi et al. Secure firmware update over the air using trustzone
US11604656B2 (en) Method and apparatus for managing application
Choi et al. x86‐Android performance improvement for x86 smart mobile devices
CN115659340B (en) Counterfeit applet identification method and device, storage medium and electronic equipment
TWM569868U (en) Electronic device with application program based self-checking mechanism
CN111158771B (en) Processing method and device and computer equipment
TW202009766A (en) Electronic device having self-checking mechanism of application program, self-checking mechanism of application program, computer-readable medium, and application program product that opens and executes a Java application program when an application-end digital signature embedded in the Java application program matches a development-end digital signature

Legal Events

Date Code Title Description
MM4K Annulment or lapse of a utility model due to non-payment of fees