WO2016165215A1 - Procédé et appareil pour le chargement de signature de code sur des applications - Google Patents

Procédé et appareil pour le chargement de signature de code sur des applications Download PDF

Info

Publication number
WO2016165215A1
WO2016165215A1 PCT/CN2015/083878 CN2015083878W WO2016165215A1 WO 2016165215 A1 WO2016165215 A1 WO 2016165215A1 CN 2015083878 W CN2015083878 W CN 2015083878W WO 2016165215 A1 WO2016165215 A1 WO 2016165215A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
signature
information
code
server
Prior art date
Application number
PCT/CN2015/083878
Other languages
English (en)
Chinese (zh)
Inventor
杜金芳
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016165215A1 publication Critical patent/WO2016165215A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software

Definitions

  • This paper relates to the field of Internet technology, and in particular to a method and apparatus for loading code signatures by an application.
  • the system program installed by the terminal verifies the application downloaded to the terminal, and the verification method is performed by the terminal system program on the downloaded application to be installed.
  • the code signature is verified to identify the source of the software and the true identity of the software developer.
  • the code signature is typically authorized by the certificate authority of the end system program to the application publisher and loaded by the application publisher in the application.
  • the code signature may be at risk of tampering.
  • the application publisher forcibly deletes the original code signature in the application developed by others, and then re-overwrites it with the code signature owned by itself, so that the identity of the application becomes its own identifier. , causing the application to be ambiguous. What's more, if the code signature is obtained by the illegal publisher, it may be used by the illegal publisher to publish the illegal application, which poses a great threat to the security of the user terminal.
  • the main purpose of the embodiments of the present invention is to provide a method and apparatus for loading code signatures by an application program, to avoid malicious tampering or misappropriation of code signatures, and to improve application security.
  • the embodiment of the invention provides a method for an application to load a code signature, comprising the steps of:
  • the server verifies the identity information of the requesting party
  • the server After the server verifies the identity information of the requesting party, the server uses the signature authorized by the certification authority. The private key loads the code signature of the application;
  • the server backs up the signed application and the current signature information of the application in the backup record.
  • the step of loading, by the server, the code signature of the application by using a signature private key authorized by the certificate authority includes:
  • the application is loaded with a code signature by using a signature private key authorized by the certification authority, and the code signature of the application is encrypted according to the identification information of the application, the time of the signature, and the signature private key.
  • the step of the server backing up the signed application and the current signature information of the application in the backup record includes:
  • the method further includes:
  • the server refuses to sign the application
  • the server searches for the historical signature information of the application in the backup record
  • the server When the historical signature information of the application is found, the server sends the latest version of the application backed up in the backup record to the requesting party, or sends update prompt information to the requesting party.
  • the method further includes:
  • the server compares whether the current signature information of the reported application is consistent with the historical signature information of the application backed up in the backup record;
  • the server sends the latest version of the application backed up in the backup record to the requestor or the user, or Send an update prompt message to the requestor or consumer.
  • the embodiment of the invention further provides an apparatus for loading code signatures by an application, comprising:
  • a receiving module configured to receive a code signing request sent by the requesting party, where the code signing request includes the identity information of the requesting party and an application to be signed;
  • a verification module configured to verify identity information of the requestor
  • a signing module configured to load a code signature of the application by using a signature private key authorized by a certificate authority after the identity information of the requester is verified;
  • the backup module is configured to back up the application after the signature and the current signature information of the application in the backup record.
  • the signature module is set to:
  • the application is loaded with a code signature by using a signature private key authorized by the certification authority, and the code signature of the application is encrypted according to the identification information of the application, the time of the signature, and the signature private key.
  • the backup module is set to:
  • the device that loads the code signature by the application further includes a sending module
  • the signing module is further configured to refuse to sign the application when the identity information verification of the requesting party fails;
  • the backup module is further configured to: search for historical signature information of the application in the backup record;
  • the sending module is configured to: when the historical signature information of the application is found, send the latest version of the application backed up in the backup record to the requester, or send update prompt information to the Requester.
  • the device that loads the code signature by the application further includes a comparison module
  • the receiving module is further configured to receive current signature information of the application reported by the requesting party or the user;
  • the comparing module is configured to compare whether the current signature information of the reported application is consistent with the historical signature information of the application backed up in the backup record;
  • the sending module is further configured to: when the reported current signature information is inconsistent with the backed up historical signature information, send the latest version of the application backed up in the backup record to the requesting party or the user, or send Update the prompt information to the requestor or consumer.
  • the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the above method.
  • the private key authorized by the certification authority is stored in the server, and the server loads the code signature on the application that needs to be signed, thereby preventing the illegal user from maliciously tampering or stealing the code signature, preventing the private key from being leaked, and also facilitating the code.
  • the unified management of signatures further enhances the security of signatures and ensures the secure dissemination and use of applications.
  • FIG. 1 is a flow chart of a method for loading code signatures of an application according to a first embodiment of the present invention
  • FIG. 2 is a flowchart of a method for loading code signatures of an application according to a second embodiment of the present invention
  • FIG. 3 is a flowchart of a method for loading code signatures of an application according to a third embodiment of the present invention.
  • FIG. 4 is a flowchart of a method for loading code signatures of an application according to a fourth embodiment of the present invention.
  • FIG. 5 is a flowchart of a method for loading code signatures of an application according to a fifth embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a first embodiment of the present invention
  • FIG. 7 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a second embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a third embodiment of the present invention.
  • FIG. 1 is a flowchart of a method for loading code signatures of an application according to a first embodiment of the present invention.
  • the method for loading code signature of an application proposed in this embodiment includes:
  • Step S10 The server receives a code signing request sent by the requesting party;
  • the code signature of the application to be published is uniformly implemented by the server.
  • the application publisher needs to send a code signing request as a request direction server before the application is published, and the code signing request includes the identity information of the requesting party and the application to be signed.
  • the requesting party can network with the server for loading the signature in this embodiment through the terminal or the third-party server, and report the request.
  • Step S20 the server verifies the identity information of the requesting party
  • the server verifies the identity of the requesting party, verifies whether the requesting party is a legitimate user, and has a signature authority, that is, whether the authentication authority has authorized the development of the application to be signed.
  • Step S30 after the server verifies that the identity information of the requesting party is passed, the server loads the code signature of the application by using the signature private key authorized by the certificate authority;
  • the application After the server completes the authentication of the requesting party, the application is code signed with the signed private key.
  • the private key authorized by the certification authority is stored in the server, and the server loads the code signature on the application that needs to be signed, thereby preventing the malicious user from maliciously tampering or stealing the code. Signatures also facilitate the unified management of code signatures.
  • step S40 the server backs up the signed application and the current signature information of the application in the backup record.
  • the server After the signature is completed, the server backs up the information of the signature and the signed application.
  • the signature information of the backup includes the identification information of the application and the signed information, and may also include the original information before the signature if necessary.
  • the backed up information may be arranged in the order in which the signatures are loaded, or only the information in which the signatures are sequentially loaded in the last place is stored by means of the overlay update.
  • the signed application can be published directly through the server, or sent to the requesting party by the server, and then released by the requesting party.
  • the server loads the code signature on the application that needs to be signed, thereby preventing the malicious user from maliciously tampering or stealing the code signature, preventing the private key from being leaked, and also facilitating the Unified management of code signatures further enhances the security of signatures and ensures the secure dissemination and use of applications.
  • FIG. 2 is a flowchart of a method for loading code signatures of an application according to a second embodiment of the present invention. This embodiment includes all the steps in the embodiment shown in FIG. 1, and is specifically described in step S30. Step S30 includes:
  • Step S31 the server loads the code signature of the application by using the signature private key authorized by the certification authority, and encrypts the code signature of the application according to the identification information of the application, the time of the signature, and the signature private key.
  • the server loads the code signature of the application, and also uses the signature private key to encrypt the code signature of the application, adding a part of the encryption information to the code signature, because the application is added during the encryption.
  • the identification information and the time of the signature, even if the same application, the encrypted information loaded at different times is different, which is beneficial to further improve the security of the signature.
  • FIG. 3 is a flowchart of a method for loading code signatures of an application according to a third embodiment of the present invention. This embodiment includes all the steps in the embodiment shown in FIG. 1, and is specifically described in step S40. Step S40 includes:
  • Step S41 the server determines whether there is history signature information of the application in the backup record; if yes, step S42 is performed; if not, step S43 is performed;
  • the application that completes this signature may not be the first time to load the signature. If it is not the first-signed application, it has already been backed up in the server when the application was previously loaded with the signature, then the backup record of the server can be found. The backup file when the application was previously loaded with the signature.
  • Step S42 updating the application in the backup record to the signed application, and updating the historical signature information to the signature information;
  • the application and signature information in the backup record are updated to the content of the signature by overwriting the update.
  • Coverage update helps to save server storage space.
  • Step S43 creating a record of the application in the backup record according to the identification information of the application,
  • the record includes the identification information of the application and the current signature information, and the application corresponding to the signature is saved corresponding to the record of the application.
  • the application that completed the signature loading is the first time to load the signature, there is no information about the application in the backup record of the server, and a new record can be created in the backup record for recording the signed application. Identification information, signature information, and signed applications. After the next time the new code signature is loaded into the application, the application's identification information can be found and the corresponding signature information and application can be updated. In this embodiment, by copying the signature record, the code signature of the signed application and the application is uniformly managed, and the security of the application is improved.
  • FIG. 4 is a flowchart of a method for loading code signatures of an application according to a fourth embodiment of the present invention. This embodiment includes all the steps in the embodiment shown in FIG. 1, and the processing flow of the requester that fails the authentication is added. Optionally, after step S20, the method further includes:
  • Step S51 when the verification of the identity information of the requesting party fails, the server rejects the signature application
  • the application when verifying the identity of the requesting party, if the requesting party without the signature authority refuses to sign the uploaded application, the application cannot be released because the code signature cannot be loaded, even if it is released, due to the system in the user terminal.
  • the program cannot be verified by signature, can not be recognized by the system program, and can not run normally on the system, avoiding the harm of the illegal application to the terminal system.
  • Step S52 the server searches for the historical signature information of the application in the backup record
  • Step S53 when the historical signature information of the application is found, the server sends the latest version of the application backed up in the backup record to the requesting party, or sends the update prompt information to the requesting party.
  • the server can also find the application in the backup record that is the same as or similar to the application uploaded by the requester, and deliver the backed up application to the requester, since the backed up application is A code-signed application is loaded and is a secure application.
  • the requester can update the application on the requestor terminal or the third-party server to the application sent by the server to improve the security of the application.
  • the server can also send prompt information only to the requesting party, and the requesting party can choose whether to download and install the server backup. Use the program.
  • FIG. 5 is a flowchart of a method for loading code signatures of an application according to a fifth embodiment of the present invention. This embodiment includes all the steps in the embodiment shown in FIG. 1, and the processing flow of the reported application consistency verification is also added. Optionally, after step S40, the method further includes:
  • Step S61 The server receives current signature information of the application reported by the requesting party or the user;
  • an escalation program may be preset in the application, and the reporting procedure is triggered once the requesting party or the user's terminal connects to the Internet, and the requesting party or the user's terminal reports to the server. Signature information for the application installed on the terminal.
  • Step S62 The server compares whether the current signature information of the reported application is consistent with the historical signature information of the application backed up in the backup record;
  • Step S63 When the reported current signature information is inconsistent with the backed up historical signature information, the server sends the latest version of the application backed up in the backup record to the requesting party or the user, or sends the update prompt information to the requesting party or the user.
  • the server After receiving the reported signature information, the server compares it with the backup signature information to determine whether they are consistent. If they are consistent, the signature of the application has not been tampered with, and the application is secure. If not, the application is inconsistent.
  • the program may be at risk of the signature being tampered with, or the application is not the latest version currently released, it is necessary to update the application in the terminal.
  • the server can send the latest version of the application in the backup record to the requester or the consumer's terminal, or prompt the user to install the latest version, ensuring the security of the application.
  • FIG. 6 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a first embodiment of the present invention.
  • the apparatus for loading code signature of the application proposed in this embodiment is set on the server, and includes:
  • the receiving module 10 is configured to receive a code signing request sent by the requesting party, where the code signing request includes the identity information of the requesting party and the application to be signed;
  • the verification module 20 is configured to verify the identity information of the requesting party
  • the signing module 30 is configured to be authenticated by the certification authority after the verification of the identity information of the requesting party is passed.
  • the signature private key of the right loads the code signature of the application;
  • the backup module 40 is configured to back up the signed application and the current signature information of the application in the backup record.
  • the code signature of the application to be published is uniformly implemented by the server.
  • the request direction server sends a code signing request, where the code signing request includes the identity information of the requesting party and the application to be signed.
  • the requesting party can network with the server for loading the signature in this embodiment through the terminal or the third-party server, and report the request.
  • the server verifies the identity of the requesting party, verifies whether the requesting party is a legitimate user, and has a signature authority, that is, whether the authentication authority has authorized the development of the application to be signed.
  • the application After the server completes the authentication of the requesting party, the application is code signed with the signed private key.
  • the private key authorized by the certification authority is stored in the server, and the server loads the code signature on the application that needs to be signed, thereby preventing the malicious user from maliciously tampering or stealing the code. Signatures also facilitate the unified management of code signatures.
  • the server After the signature is completed, the server backs up the information of the signature and the signed application.
  • the signature information of the backup includes the identification information of the application and the signed information, and may also include the original information before the signature if necessary.
  • the backed up information may be arranged in the order in which the signatures are loaded, or only the information in which the signatures are sequentially loaded in the last place is stored by means of the overlay update.
  • the signed application can be published directly through the server, or sent to the requesting party by the server, and then released by the requesting party.
  • the server loads the code signature on the application that needs to be signed, thereby preventing the malicious user from maliciously tampering or stealing the code signature, preventing the private key from being leaked, and also facilitating the Unified management of code signatures further enhances the security of signatures and ensures the secure dissemination and use of applications.
  • the signature module 30 is configured to:
  • the application is code-signed with the signature private key authorized by the certificate authority, and the code signature of the application is encrypted according to the identification information of the application, the time of the signature, and the signature private key.
  • the server is loading the code signature for the application while still
  • the signature of the application is used to encrypt the code of the application, and a part of the encrypted information is added to the code signature. Since the identification information of the application and the time of the signature are added during encryption, even the same application is used.
  • the encrypted information of the signatures loaded at different times is different, which is beneficial to further improve the security of the signature.
  • the backup module 40 is configured to:
  • the application in the backup record is updated to the signed application, and the historical signature information is updated to the signature information
  • the application record is created in the backup record according to the identification information of the application, and the record includes the identification information of the application and the current signature information, and the application corresponding to the signature is saved corresponding to the record of the application.
  • the application that completes this signature may not be the first time to load the signature. If it is not the first-signed application, it has already been backed up in the server when the application was previously loaded with the signature, then the backup record of the server can be found. The backup file when the application was previously loaded with the signature. After the previous backup record is found, the application and signature information in the backup record are updated to the content of the signature by overwriting the update. Coverage update helps to save server storage space.
  • the application that completed the signature loading is the first time to load the signature, there is no information about the application in the backup record of the server, and a new record can be created in the backup record for recording the signed application. Identification information, signature information, and signed applications. After the next time the new code signature is loaded into the application, the application's identification information can be found and the corresponding signature information and application can be updated. In this embodiment, by copying the signature record, the code signature of the signed application and the application is uniformly managed, and the security of the application is improved.
  • FIG. 7 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a second embodiment of the present invention.
  • This embodiment includes all the modules in the embodiment shown in FIG. 6, in order to achieve identity
  • the sending module 50 is also added as follows:
  • the signature module 30 is further configured to reject the signature application when the identity information verification of the requester fails.
  • the backup module 40 is further configured to search for historical signature information of the application in the backup record;
  • the sending module 50 is configured to, when the historical signature information of the application is found, send the latest version of the application backed up in the backup record to the requesting party, or send the update prompt information to the requesting party.
  • the application when verifying the identity of the requesting party, if the requesting party without the signature authority refuses to sign the uploaded application, the application cannot be released because the code signature cannot be loaded, even if it is released, due to the system in the user terminal.
  • the program cannot be verified by signature, can not be recognized by the system program, and can not run normally on the system, avoiding the harm of the illegal application to the terminal system.
  • the server can also find the application in the backup record that is the same as or similar to the application uploaded by the requester, and deliver the backed up application to the requester, since the backed up application is A code-signed application is loaded and is a secure application.
  • the requester can update the application on the requestor terminal or the third-party server to the application sent by the server to improve the security of the application.
  • the server can also send a prompt message only to the requester, and the requester can choose whether to download and install the server backup application.
  • FIG. 8 is a schematic structural diagram of an apparatus for loading code signatures of an application according to a third embodiment of the present invention.
  • This embodiment includes all the modules in the embodiment shown in FIG. 6.
  • the comparison module 60 is also added, as follows:
  • the receiving module 10 is further configured to receive current signature information of the application reported by the requesting party or the user;
  • the comparison module 60 is configured to compare whether the current signature information of the reported application is consistent with the historical signature information of the application backed up in the backup record;
  • the sending module 50 is further configured to: when the reported current signature information is inconsistent with the backed up historical signature information, send the latest version of the application backed up in the backup record to the requesting party or the user, or send the update prompt information to the requesting party or User.
  • an escalation program may be preset in the application, and the reporting procedure is triggered once the requesting party or the user's terminal connects to the Internet, and the requesting party or the user's terminal reports to the server. Signature information for the application installed on the terminal.
  • the server After receiving the reported signature information, the server compares it with the backup signature information to determine whether they are consistent. If they are consistent, the signature of the application has not been tampered with, and the application is secure. If not, the application is inconsistent.
  • the program may be at risk of the signature being tampered with, or the application is not the latest version currently released, it is necessary to update the application in the terminal.
  • the server can send the latest version of the application in the backup record to the requester or the consumer's terminal, or prompt the user to install the latest version, ensuring the security of the application.
  • all or part of the steps of the above embodiments may also be implemented by using an integrated circuit. These steps may be separately fabricated into individual integrated circuit modules, or multiple modules or steps may be fabricated into a single integrated circuit module. achieve.
  • the devices/function modules/functional units in the above embodiments may be implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of multiple computing devices.
  • each device/function module/functional unit in the above embodiment When each device/function module/functional unit in the above embodiment is implemented in the form of a software function module and sold or used as a stand-alone product, it can be stored in a computer readable storage medium.
  • the above mentioned computer readable storage medium may be a read only memory, a magnetic disk or an optical disk or the like.
  • the above technical solution avoids malicious users from maliciously tampering or stealing code signatures, prevents private keys from being leaked, and is also beneficial to unified management of code signatures, further improving signature security, and ensuring application security transmission and use.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé et un appareil permettant de charger une signature de code sur des applications, le procédé consistant à : recevoir une demande de signature de code envoyée par un demandeur (S10), la demande de signature de code comprenant des informations d'identité du demandeur et des applications à signer ; vérifier les informations d'identité du demandeur (S20) ; une fois que les informations d'identité du demandeur passent avec succès la vérification, utiliser des clés privées de signature autorisées par un mécanisme d'authentification pour charger une signature de code sur les applications (S30) ; et sauvegarder les applications signées à cette occasion, ainsi que les informations de signature des applications dans un fichier de sauvegarde (S40). Dans la solution technique décrite précédemment, les clés privées autorisées par le mécanisme d'authentification sont mémorisées dans un serveur et une signature de code est chargée sur les applications qui doivent être signées par le serveur de manière unifiée, ce qui permet d'éviter une altération malveillante ou l'utilisation illégale de code signature par des utilisateurs non autorisés et également la fuite des clés privées, de faciliter la gestion unifiée de signature de code, d'améliorer davantage la sécurité de signature, et de garantir la transmission et l'utilisation sécurisées des applications.
PCT/CN2015/083878 2015-04-15 2015-07-13 Procédé et appareil pour le chargement de signature de code sur des applications WO2016165215A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510179073.6 2015-04-15
CN201510179073.6A CN106155663A (zh) 2015-04-15 2015-04-15 应用程序加载代码签名的方法和装置

Publications (1)

Publication Number Publication Date
WO2016165215A1 true WO2016165215A1 (fr) 2016-10-20

Family

ID=57125521

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/083878 WO2016165215A1 (fr) 2015-04-15 2015-07-13 Procédé et appareil pour le chargement de signature de code sur des applications

Country Status (2)

Country Link
CN (1) CN106155663A (fr)
WO (1) WO2016165215A1 (fr)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789075B (zh) * 2016-12-27 2019-12-24 艾体威尔电子技术(北京)有限公司 Pos数字签名防切机系统
CN106712963A (zh) * 2016-12-27 2017-05-24 艾体威尔电子技术(北京)有限公司 一种pos防切机远程签名系统及方法
CN108280947A (zh) * 2017-11-29 2018-07-13 艾体威尔电子技术(北京)有限公司 一种pos机远程解锁的系统和方法
CN110780884B (zh) * 2019-09-05 2022-04-12 腾讯科技(深圳)有限公司 一种信息处理方法、装置及设备
CN112667996A (zh) * 2020-12-28 2021-04-16 南方电网数字电网研究院有限公司 变电站可信管理系统、方法、装置和计算机设备
DE202022102514U1 (de) 2022-05-07 2022-05-20 Tanweer ALAM Kryptographiebasiertes intelligentes System für die Sicherheitsverwaltung von Mikrocodesignaturen

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7272228B2 (en) * 2003-06-12 2007-09-18 International Business Machines Corporation System and method for securing code and ensuring proper execution using state-based encryption
CN101149773A (zh) * 2007-08-27 2008-03-26 中国人民解放军空军电子技术研究所 一种基于软件实名认证的系统及其安全查证方法
CN102891843A (zh) * 2012-09-18 2013-01-23 北京深思洛克软件技术股份有限公司 本地服务单元认证安卓客户端应用程序的方法
CN103577206A (zh) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 一种应用软件的安装方法和装置

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9280337B2 (en) * 2006-12-18 2016-03-08 Adobe Systems Incorporated Secured distribution of software updates
CN101399666A (zh) * 2007-09-28 2009-04-01 中国银联股份有限公司 文件数字证书安全控制方法及系统
CN103685138B (zh) * 2012-08-30 2016-12-21 卓望数码技术(深圳)有限公司 移动互联网上的Android平台应用软件的认证方法和系统
KR101711021B1 (ko) * 2013-09-09 2017-03-13 한국전자통신연구원 모바일 신뢰 모듈 기반의 전자 서명을 제공하기 위한 시스템 및 그 방법
CN104392168A (zh) * 2014-11-27 2015-03-04 上海斐讯数据通信技术有限公司 一种应用程序的验证方法
CN104486086B (zh) * 2014-12-26 2017-10-20 北京奇虎科技有限公司 数字签名方法及移动终端和服务器

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7272228B2 (en) * 2003-06-12 2007-09-18 International Business Machines Corporation System and method for securing code and ensuring proper execution using state-based encryption
CN101149773A (zh) * 2007-08-27 2008-03-26 中国人民解放军空军电子技术研究所 一种基于软件实名认证的系统及其安全查证方法
CN103577206A (zh) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 一种应用软件的安装方法和装置
CN102891843A (zh) * 2012-09-18 2013-01-23 北京深思洛克软件技术股份有限公司 本地服务单元认证安卓客户端应用程序的方法

Also Published As

Publication number Publication date
CN106155663A (zh) 2016-11-23

Similar Documents

Publication Publication Date Title
US10338946B1 (en) Composable machine image
CN110597538B (zh) 一种基于ota升级系统的软件升级方法和ota升级系统
CN112417379B (zh) 一种集群许可证管理方法、装置、授权服务器及存储介质
US11012241B2 (en) Information handling system entitlement validation
WO2016165215A1 (fr) Procédé et appareil pour le chargement de signature de code sur des applications
US20190280883A1 (en) Key-Attestation-Contingent Certificate Issuance
US8856544B2 (en) System and method for providing secure virtual machines
US8364965B2 (en) Optimized integrity verification procedures
JP6357158B2 (ja) 仮想マシンによる安全なデータ処理
KR101740256B1 (ko) 모바일 앱 무결성 보증 장치 및 방법
US8966248B2 (en) Secure software file transfer systems and methods for vehicle control modules
US10686768B2 (en) Apparatus and method for controlling profile data delivery
US8898469B2 (en) Software feature authorization through delegated agents
EP2659373B1 (fr) Système et procédé de mise à jour de logiciel sécurisée
WO2015184891A1 (fr) Procédé de gestion et de contrôle de sécurité, appareil et système pour système android
US8856538B2 (en) Secured flash programming of secondary processor
US20130151848A1 (en) Cryptographic certification of secure hosted execution environments
US8175269B2 (en) System and method for enterprise security including symmetric key protection
US8341616B2 (en) Updating digitally signed active content elements without losing attributes associated with an original signing user
JP2022529689A (ja) ブロックチェーンを用いたバージョン履歴管理
US7210034B2 (en) Distributed control of integrity measurement using a trusted fixed token
US20120213370A1 (en) Secure management and personalization of unique code signing keys
US10461926B2 (en) Cryptographic evidence of persisted capabilities
CN110619194B (zh) 一种升级包加密、解密方法及装置
US7330982B1 (en) Secured automated process for signed, encrypted or validated content generation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15888919

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15888919

Country of ref document: EP

Kind code of ref document: A1