WO2016202204A1 - 一种下载应用的方法和装置 - Google Patents

一种下载应用的方法和装置 Download PDF

Info

Publication number
WO2016202204A1
WO2016202204A1 PCT/CN2016/085213 CN2016085213W WO2016202204A1 WO 2016202204 A1 WO2016202204 A1 WO 2016202204A1 CN 2016085213 W CN2016085213 W CN 2016085213W WO 2016202204 A1 WO2016202204 A1 WO 2016202204A1
Authority
WO
WIPO (PCT)
Prior art keywords
download
application
downloading
information
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/085213
Other languages
English (en)
French (fr)
Chinese (zh)
Inventor
李佳佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to SG11201710305PA priority Critical patent/SG11201710305PA/en
Priority to JP2017565768A priority patent/JP6793667B2/ja
Priority to EP16810945.2A priority patent/EP3313041B1/en
Priority to PL16810945T priority patent/PL3313041T3/pl
Priority to ES16810945T priority patent/ES2811330T3/es
Priority to KR1020187000738A priority patent/KR102147026B1/ko
Publication of WO2016202204A1 publication Critical patent/WO2016202204A1/zh
Priority to US15/840,572 priority patent/US10693845B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner

Definitions

  • the present application relates to the field of network communication technologies, and in particular, to a method and apparatus for downloading an application.
  • An application is a computer program that is developed to run on an operating system in order to complete a particular task or tasks.
  • the application runs in user mode, which can interact directly with the user, and the general application has a visual user interface.
  • user mode which can interact directly with the user
  • the general application has a visual user interface.
  • the existing solution After receiving the user's installation of a new application or upgrading the old application, the existing solution uses an HTTP (Hypertext Transfer Protocol) channel to download the application package corresponding to the instruction, and installs the downloaded application package.
  • HTTP Hypertext Transfer Protocol
  • the data transmission based on the HTTP channel is transparent on the network, and the malicious person can easily tamper with the data in the HTTP channel, which seriously affects the stability of the application download.
  • the user's above instruction is a download instruction of the A application, and the result is that the installation package of the B application is downloaded.
  • the existing solution also uses the verification information of the application package to verify the application package downloaded to the local device. If the verification fails, the application package corresponding to the above instruction is re-downloaded until the verification succeeds. . Since the probability of data being hijacked in the HTTP channel is high, in practice, multiple loop downloads are required to obtain an application package that matches the above instructions, and the above multiple downloads undoubtedly consume a large amount of traffic data.
  • the technical problem to be solved by the embodiments of the present application is to provide a method for downloading an application, which can reduce the traffic data required for downloading an application.
  • the embodiment of the present application further provides a device for downloading an application, which is used to ensure implementation and application of the foregoing method.
  • the present application discloses a method for downloading an application, including:
  • the first application package corresponding to the download address information is downloaded by using an HTTP channel.
  • the downloading the description information further includes downloading the verification information, the method further comprising:
  • the first application package downloaded to the local device is verified according to the download verification information.
  • the method further includes:
  • the second application package corresponding to the download address information is downloaded by using an HTTPS channel.
  • the step of downloading the description information of the application by using the HTTPS channel includes:
  • the download description information corresponding to the download condition is downloaded by using the HTTPS channel.
  • the method further includes:
  • the download description information corresponding to the download condition corresponding application is stored locally;
  • step of downloading the first application package corresponding to the download address information by using an HTTP channel specifically, downloading, by using an HTTP channel, the first application package corresponding to the downloaded download address information.
  • the downloading condition comprises one or more of the following conditions: when the application downloading tool is started, when the application is started, and when the synchronization request of the server is received.
  • the downloading condition is that when the application downloading tool is started, the downloading condition corresponding application comprises a preset application; wherein the preset application comprises at least one of a popular application and a user configuration application.
  • the application also discloses an apparatus for downloading an application, including:
  • a first downloading module configured to download, by using an HTTPS channel, download description information of the application, where the download description information includes: download address information;
  • the second downloading module is configured to download the first application package corresponding to the download address information by using an HTTP channel.
  • the downloading the description information further includes downloading the verification information, the device further comprising:
  • the first verification module is configured to perform verification on the first application package downloaded to the local device according to the download verification information.
  • the device further comprises:
  • the third downloading module is configured to download the second application package corresponding to the download address information by using an HTTPS channel when the verification fails.
  • the first downloading module includes:
  • a fourth downloading submodule configured to download, by using an HTTPS channel, the download description information of the application corresponding to the download instruction in response to the download instruction of the user;
  • a fifth downloading submodule configured to download the download description information of the downloading condition corresponding application by using an HTTPS channel when the download condition is met.
  • the device further comprises:
  • a storage module configured to: before the second downloading module downloads the first application package corresponding to the download address information by using an HTTP channel, storing the download description information of the downloading condition corresponding application locally;
  • a reading module configured to read, according to a download instruction of the user, the download description information of the download instruction corresponding application from the local;
  • the second downloading module is specifically configured to download, by using an HTTP channel, the first application package corresponding to the downloaded download address information.
  • the downloading condition comprises one or more of the following conditions: when the application downloading tool is started, when the application is started, and when the synchronization request of the server is received.
  • the downloading condition is that when the application downloading tool is started, the downloading condition corresponding application comprises a preset application; wherein the preset application comprises at least one of a popular application and a user configuration application.
  • the embodiments of the present application include the following advantages:
  • the embodiment of the present application first downloads the download address information of the application by using the HTTPS channel, and then downloads the first application package corresponding to the download address information by using an HTTP channel.
  • the HTTPS channel is a security-oriented HTTP channel, it is relative to HTTP.
  • the channel has a higher security. Therefore, the embodiment of the present application can reduce the probability that the download address information is hijacked, that is, the accuracy of downloading the address information, by using the HTTP channel to download the downloaded address information of the application. Therefore, the accuracy of the first application package downloaded to the local device can be improved, and the high-accuracy application package can reduce the number of times of the cyclic download until the verification succeeds.
  • the embodiment of the present application can reduce the traffic data required for downloading the application;
  • the download address information of the application since the download address information of the application only needs to occupy a small number of bytes, the effect of the encrypted download address information on the data transmission length and the encryption process of downloading the address information have less impact on time consumption. Therefore, downloading the application's download address information using the HTTPS channel will not increase. Load the flow data required by the application.
  • FIG. 1 is a flow chart showing the steps of a first embodiment of a method for downloading an application according to the present application
  • FIG. 2 is a flow chart of steps of a second embodiment of a method for downloading an application according to the present application
  • FIG. 3 is a flow chart of steps of a third embodiment of a method for downloading an application according to the present application
  • FIG. 4 is a flow chart of steps of a fourth embodiment of a method for downloading an application of the present application
  • FIG. 5 is a structural block diagram of an apparatus embodiment for downloading an application of the present application.
  • the specific process of downloading an application package by using an HTTP channel is to download the download address information and the application package of the application by using an HTTP channel in turn.
  • the address information and application are downloaded in the HTTP channel.
  • the package may be hijacked and tampered with; if the user specifies that the downloaded application is an A application, the HTTP channel downloaded in the existing solution may be the download address of the B application, and the download address is downloaded if the download address itself is incorrect.
  • the probability of A application is very small.
  • HTTPS Hypertext Transfer Protocol over Secure Socket Layer
  • SSL Secure Sockets Layer
  • SSL Secure Sockets Layer
  • encryption and decryption operations require SSL assistance.
  • the HTTPS channel In the process of data transmission using the HTTPS channel, since the HTTPS channel needs to encrypt the original data, the encrypted data is larger than the original data, and the encryption process of the original data takes a certain time, and in addition, the HTTPS channel is established.
  • the process may specifically include a process of exchanging certificates; therefore, the HTTPS channel has a certain security disadvantage with respect to the HTTP channel, but has certain disadvantages in terms of data size and time consumption.
  • One of the core concepts of the embodiment of the present application is that the download process of the application package is decomposed into two steps, and the two steps are performed by using different transmission protocol channels, wherein the first step is for downloading the application by using the HTTPS channel.
  • the address information is downloaded, and the second part is used to download the first application package corresponding to the download address information obtained in the first step by using an HTTP channel;
  • the HTTPS channel is a security-targeted HTTP channel, it has an HTTP channel relative to the HTTP channel.
  • the security of the downloaded address information can be reduced, and the accuracy of the downloaded address information can be improved, so that the accuracy of the downloaded address information can be improved, and the accuracy of the downloaded address information can be improved.
  • the accuracy of the first application package downloaded to the local area is improved, and the high-accuracy application package will reduce the number of times of the cyclic download until the verification succeeds.
  • the embodiment of the present application can reduce the traffic data required for downloading the application; If the application to be downloaded is the A application, the HTTPS channel used in the embodiment of the present application downloads the download address of the A application, so that the accuracy of the application package downloaded to the local A application can be improved, thereby reducing the cyclic download until the verification. The number of successes.
  • the download address information of the application since the download address information of the application only needs to occupy a small number of bytes, the effect of the encrypted download address information on the data transmission length and the encryption process of downloading the address information have less impact on time consumption. Therefore, downloading the application's download address information using the HTTPS channel does not substantially increase the traffic data required to download the application.
  • FIG. 1 a flow chart of steps in a method for downloading an application of the present application is shown. Specifically, the method may include the following steps:
  • Step 101 Download the download description information of the application by using an HTTPS channel, where the download description information may specifically include: download address information;
  • Step 102 Download the first application package corresponding to the download address information by using an HTTP channel.
  • the embodiment of the present application can be applied to an application downloading tool with an application downloading function, such as an application market and a mobile phone management assistant.
  • an application downloading function such as an application market and a mobile phone management assistant.
  • the embodiment of the present application can reduce the required application for downloading the application package.
  • Traffic data; the application package here may specifically include: an installation package or an upgrade package of the application.
  • the technical solution 1 can download the download description information of the download instruction corresponding application by using an HTTPS channel in response to the download instruction of the user. For example, if the user clicks the download button of the application A in the application downloading tool, the user can be considered to trigger the download instruction for the application A, and the download description information corresponding to the application A of the download instruction is downloaded by using the HTTPS channel. It is to be understood that the user may trigger the above-mentioned downloading instruction in any manner, and the above-mentioned triggering instruction may correspond to any one or more applications.
  • the specific triggering instruction and the triggering manner thereof are not limited in the embodiment of the present application.
  • the technical solution 2 may download the download description information of the application corresponding to the download condition by using an HTTPS channel when the download condition is met.
  • the method may further include: downloading the download condition corresponding to the download description of the application
  • the information is stored locally; in response to the download instruction of the user, the download description information of the download instruction corresponding to the application is read locally, and the step 102 of downloading the first application package corresponding to the download address information by using an HTTP channel is specifically performed.
  • the first application package corresponding to the downloaded download address information may be downloaded by using an HTTP channel.
  • the download description information of the download application corresponding to the download instruction can be directly read directly from the local, so that the response efficiency and the download efficiency for the download instruction can be improved.
  • the downloading condition may specifically include one or more of the following conditions: when the application downloading tool is started, when the application is started, and when the synchronization request of the server is received.
  • the downloading condition may be that when the application downloading tool is started, the downloading condition corresponding application may include a preset application, and the preset application may specifically include: a popular application and a user configuration application. At least one of them.
  • the popular application can be used to indicate an application that has been paid attention to in the recent period of time, for example, it can be one or more applications that are searched, downloaded, installed, or recommended most by the user.
  • the user configuration application can be used to represent an application that the user has configured through the interface of the application download tool.
  • the client of the application downloading tool may send a first download request carrying the preset application information to the server to download the download description information of the preset application by using an HTTPS channel, and download the The download description information of the preset application is stored locally, because the user has not triggered the download instruction when the application download tool is started, so that when the download instruction of the user is received, the pre-stored download instruction can be directly read directly from the local.
  • the download description information of the application it is possible to improve the response efficiency and download efficiency for the download instruction.
  • the downloading condition may be when the application is started, and the downloading condition corresponding application may include: launching an application or an application associated with the launching application, where an application having an association relationship It can be determined by a person skilled in the art according to the actual situation that the application having the association relationship may be the same category application, the same development application or the process association application, etc.; for example, the WeChat APP (Application, Application) is the same as the developer of the QQ APP, The two have an associated relationship; for example, the landlord APP and the tractor APP belong to the chess category, and the two have an associated relationship; for example, if the shopping APP needs to use the payment APP, the two may have an associated relationship, such as Jingdong.
  • the APP has an association relationship with the Alipay APP, etc., and it can be understood that the specific application of the present application does not limit the specific relationship and the specific application with the associated relationship.
  • the download condition may be when a synchronization request of the server is received
  • the downloading condition corresponding application may include: an application corresponding to the synchronization request, and the like.
  • the server when detecting a new application uploaded by the developer or an application updated by the developer, the server may send the synchronization request to the client, and carry the information of the new application or the updated application in the synchronization request, thereby The client may download the download description information of the application corresponding to the synchronization request by using an HTTPS channel.
  • the embodiment of the present application first downloads the download address information of the application by using an HTTPS channel, and then downloads the first application package corresponding to the download address information by using an HTTP channel.
  • the HTTPS channel is a security-oriented HTTP channel, which has a higher security than the HTTP channel. Therefore, the download address information of the HTTP channel download application is compared with the existing solution, and the embodiment of the present application can be reduced.
  • the probability that the download address information is hijacked that is, the accuracy of downloading the address information, can improve the accuracy of downloading the first application package to the local, and the high-accuracy application package will reduce the cyclic download until the verification succeeds.
  • the number of times therefore, the embodiment of the present application can reduce the traffic data required to download an application;
  • the download address information of the application since the download address information of the application only needs to occupy a small number of bytes, the effect of the encrypted download address information on the data transmission length and the encryption process of downloading the address information have less impact on time consumption. Therefore, downloading the application's download address information using the HTTPS channel does not substantially increase the traffic data required to download the application.
  • FIG. 2 a flow chart of the steps of the second embodiment of the method for downloading an application of the present application is shown, which may specifically include the following steps:
  • Step 201 Download the download description information of the application by using the HTTPS channel, where the download description information may specifically include: download address information and download verification information;
  • Step 202 Download the first application package corresponding to the download address information by using an HTTP channel.
  • Step 203 Perform verification on the first application package downloaded to the local according to the download verification information.
  • the download verification information content is added to the download description information, and the first application package downloaded to the local device is verified according to the download verification information. step;
  • the download verification information of the HTTP channel download application is used, and the embodiment can reduce the probability that the download address information and the download verification information are hijacked, that is, the matching degree between the download address information and the download address verification information can be improved.
  • the high-matching download address information and the download address check information will reduce the number of times the loop download is performed until the check succeeds. Therefore, the embodiment of the present application can further reduce the traffic data required for downloading the application;
  • the user specifies that the downloaded application is an A application.
  • the existing solution may use the HTTP channel to download the B.
  • the download address of the application and the download verification information of the C application, and the probability of downloading the A application is very small when the download address itself is incorrect, and the download verification information (application C) and the download address information (application B) are downloaded.
  • the probability of successful verification in the case of mismatch is very small, which greatly increases the number of cyclic downloads;
  • the HTTPS channel is used to download the download address of the A application and the download verification information of the A application, which can improve the accuracy of the application package downloaded to the local A application, and can improve the probability of successful verification. Therefore, the number of times of cyclic downloading until the verification is successful can be greatly reduced.
  • the download description information of the application may be obtained from the server by using an HTTPS channel, where the download description information may specifically include: a URL of the application (a uniform resource locator, Uniform Resoure Locator), summary information or signature information of the application, and download verification information; then, the first application package corresponding to the URL may be downloaded by using an HTTP channel, and after downloading, according to MD5 (Message Digest Algorithm Fifth Edition)
  • MD5 Message Digest Algorithm Fifth Edition
  • the message digest algorithm (5) performs a digest operation on the first application package downloaded to the local device, or performs a signature operation on the first application package by using a signature algorithm, and then uses the digest operation result and the download description information in the downloading description information.
  • the summary information is compared, or the signature operation result is compared with the signature information of the application in the download description information. If the comparison result is consistent, the verification is successful, and if the comparison result is inconsistent, the verification fails. It can be understood that the above-mentioned download verification information and the corresponding verification process are only examples. The specific download verification information and the corresponding verification process are not limited in the embodiment of the present application.
  • the embodiment can improve the matching degree between the download address information and the download address check information, and the high-matching download address information and the download address check information will reduce the number of times of cyclic downloading until the verification succeeds.
  • the application embodiment can further reduce the traffic data required to download an application.
  • FIG. 3 a flow chart of steps in a third embodiment of a method for downloading an application of the present application is shown, which may specifically include the following steps:
  • Step 301 Download the download description information of the application by using an HTTPS channel, where the download description information may specifically include: download address information and download verification information;
  • Step 302 Download the first application package corresponding to the download address information by using an HTTP channel.
  • Step 303 Perform verification on the first application package downloaded to the local device according to the download verification information.
  • Step 304 When the verification fails, the second application package corresponding to the download address information is downloaded by using an HTTPS channel.
  • the HTTPS channel may also be used. Loading a second application package corresponding to the download address information
  • the embodiment uses the HTTPS channel to download the second application package corresponding to the download address information.
  • the security of the HTTPS channel can be exploited to be downloaded.
  • the number of times is controlled twice (the first time is to download the first application package corresponding to the download address information by using the HTTP channel, and the second time is to download the second application corresponding to the download address information by using the HTTPS channel when the verification fails.
  • Package which uses the HTTP channel to cyclically download the application package multiple times compared to the existing solution, which can reduce the number of downloads, thereby saving the traffic data required to download the application.
  • the data in the HTTP channel is hijacked as an event of probability.
  • the embodiment of the present application can successfully download the application by using the first download;
  • the embodiment of the present application can successfully download the application only after the first download and the second download. Therefore, the embodiment of the present application can save the download to the maximum while ensuring the download success rate. Apply the required traffic data.
  • FIG. 4 a flow chart of steps of a fourth embodiment of a method for downloading an application of the present application is shown, which may specifically include the following steps:
  • Step 401 Download the download description information of the application by using the HTTPS channel, where the download description information may specifically include: download address information and download verification information;
  • Step 402 Download the first application package corresponding to the download address information by using an HTTP channel.
  • Step 403 according to the download verification information to verify the first application package downloaded to the local, if the verification is successful, step 406 is performed, if the verification fails, step 404 is performed;
  • Step 404 When the verification fails, the second application package corresponding to the download address information is downloaded by using an HTTPS channel.
  • Step 405 according to the download verification information, the second application package downloaded to the local is verified, if the verification is successful, step 406 is performed;
  • Step 406 ending the download process.
  • step 405 the process of verifying the second application package that is downloaded to the local device according to the download verification information is similar to the verification process of step 403. Therefore, the description is not repeated here.
  • step 405 may be repeatedly performed until the verification is successful.
  • FIG. 5 a structural block diagram of an apparatus for downloading an application of the present application is shown, which may specifically include the following modules:
  • the first downloading module 501 is configured to download download description information of the application by using an HTTPS channel, where the download description information includes: download address information;
  • the second downloading module 502 is configured to download the first application package corresponding to the download address information by using an HTTP channel.
  • the downloading the description information may further include downloading the verification information
  • the apparatus may further include:
  • the first verification module is configured to perform verification on the first application package downloaded to the local device according to the download verification information.
  • the device may further include:
  • the third downloading module is configured to download the second application package corresponding to the download address information by using an HTTPS channel when the verification fails.
  • the first downloading module 501 may further include:
  • a fourth downloading submodule configured to download, by using an HTTPS channel, the download description information of the application corresponding to the download instruction in response to the download instruction of the user;
  • a fifth downloading submodule configured to download the download description information of the downloading condition corresponding application by using an HTTPS channel when the download condition is met.
  • the apparatus may further include:
  • a storage module configured to store the download description information of the downloading condition corresponding application locally before the second downloading module 502 downloads the first application package corresponding to the download address information by using an HTTP channel;
  • a reading module configured to read, according to a download instruction of the user, the download description information of the download instruction corresponding application from the local;
  • the second downloading module 502 can be specifically configured to download the downloaded download address information by using an HTTP channel.
  • the first application package should be.
  • the downloading condition may specifically include one or more of the following conditions: when the application downloading tool is started, when the application is started, and when the synchronization request of the server is received.
  • the downloading condition may be: when the application downloading tool is started, the downloading condition corresponding application may specifically include a preset application; wherein the preset application may further include: At least one of an application and a user configuration application.
  • the description is relatively simple, and the relevant parts can be referred to the description of the method embodiment.
  • embodiments of the embodiments of the present application can be provided as a method, apparatus, or computer program product. Therefore, the embodiments of the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware. Moreover, embodiments of the present application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • the memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory.
  • RAM random access memory
  • ROM read only memory
  • Memory is an example of a computer readable medium.
  • Computer readable media includes both permanent and non-persistent, removable and non-removable media.
  • Information storage can be implemented by any method or technology. The information can be computer readable instructions, data structures, modules of programs, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other memory technology, compact disk read only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape storage or other magnetic storage devices or any other non-transportable media can be used to store information that can be accessed by a computing device.
  • computer readable media does not include non-persistent computer readable media, such as modulated data signals and carrier waves.
  • Embodiments of the present application are described with reference to flowcharts and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the present application. It should be understood that flowcharts and/or blocks may be implemented by computer program instructions. Each of the processes and/or blocks in the figures, and combinations of flows and/or blocks in the flowcharts and/or block diagrams. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing terminal device to produce a machine such that instructions are executed by a processor of a computer or other programmable data processing terminal device Means are provided for implementing the functions specified in one or more of the flow or in one or more blocks of the flow chart.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing terminal device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the instruction device implements the functions specified in one or more blocks of the flowchart or in a flow or block of the flowchart.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Information Transfer Between Computers (AREA)
  • Stored Programmes (AREA)
PCT/CN2016/085213 2015-06-16 2016-06-08 一种下载应用的方法和装置 Ceased WO2016202204A1 (zh)

Priority Applications (7)

Application Number Priority Date Filing Date Title
SG11201710305PA SG11201710305PA (en) 2015-06-16 2016-06-08 Application download method and device
JP2017565768A JP6793667B2 (ja) 2015-06-16 2016-06-08 アプリケーションダウンロード方法及び装置
EP16810945.2A EP3313041B1 (en) 2015-06-16 2016-06-08 Application download method and device
PL16810945T PL3313041T3 (pl) 2015-06-16 2016-06-08 Sposób i urządzenie do pobierania aplikacji
ES16810945T ES2811330T3 (es) 2015-06-16 2016-06-08 Procedimiento y dispositivo de descarga de aplicaciones
KR1020187000738A KR102147026B1 (ko) 2015-06-16 2016-06-08 애플리케이션 다운로드 방법 및 디바이스
US15/840,572 US10693845B2 (en) 2015-06-16 2017-12-13 Enhancing security of application downloads

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510334074.3 2015-06-16
CN201510334074.3A CN106257879B (zh) 2015-06-16 2015-06-16 一种下载应用的方法和装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/840,572 Continuation US10693845B2 (en) 2015-06-16 2017-12-13 Enhancing security of application downloads

Publications (1)

Publication Number Publication Date
WO2016202204A1 true WO2016202204A1 (zh) 2016-12-22

Family

ID=57544872

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/085213 Ceased WO2016202204A1 (zh) 2015-06-16 2016-06-08 一种下载应用的方法和装置

Country Status (9)

Country Link
US (1) US10693845B2 (enExample)
EP (1) EP3313041B1 (enExample)
JP (1) JP6793667B2 (enExample)
KR (1) KR102147026B1 (enExample)
CN (1) CN106257879B (enExample)
ES (1) ES2811330T3 (enExample)
PL (1) PL3313041T3 (enExample)
SG (1) SG11201710305PA (enExample)
WO (1) WO2016202204A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112217880A (zh) * 2020-09-24 2021-01-12 北京火山引擎科技有限公司 应用程序激活的归因方法、装置、介质和电子设备

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109040191B (zh) * 2018-07-03 2021-11-09 平安科技(深圳)有限公司 文件下载方法、装置、计算机设备和存储介质
CN109120594B (zh) * 2018-07-13 2021-08-13 北京三快在线科技有限公司 流量劫持检测方法及装置
CN111343217B (zh) * 2018-12-18 2023-04-07 阿里巴巴集团控股有限公司 资源数据下载方法、装置、终端设备及计算机存储介质
CN112822241B (zh) * 2020-12-31 2022-08-26 北京安博通科技股份有限公司 基于https协议的app动态缓存实现方法及装置
CN114007276B (zh) * 2021-10-27 2024-11-29 杭州萤石软件有限公司 ZigBee网络的入网处理方法、装置、设备及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6785719B1 (en) * 2002-08-06 2004-08-31 Digi International Inc. Distributed systems for providing secured HTTP communications over the network
CN103440281A (zh) * 2013-08-13 2013-12-11 北京卓易讯畅科技有限公司 一种用于获取下载文件的方法、装置与设备
CN103561040A (zh) * 2013-11-15 2014-02-05 中国科学院声学研究所 一种文件下载方法及系统
CN103841272A (zh) * 2014-03-25 2014-06-04 浙江翼信科技有限公司 一种发送语音消息的方法及装置

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3692290B2 (ja) * 2000-11-24 2005-09-07 株式会社エヌ・ティ・ティ・ドコモ データ取得方法および端末
JP2004102826A (ja) * 2002-09-11 2004-04-02 Ntt Data Corp コンテンツデータ処理方法、携帯電話端末およびサーバ装置
CA2508141C (en) * 2002-12-02 2009-11-03 Silverbrook Research Pty Ltd Dead nozzle compensation
JP4597551B2 (ja) * 2003-03-28 2010-12-15 株式会社リコー ソフトウェア更新装置、ソフトウェア更新システム、ソフトウェア更新方法及びプログラム
KR20060090669A (ko) * 2003-09-19 2006-08-14 피씨티이엘 인코포레이티드 무선 네트워크의 자동 업데이트 장치 및 방법
JP2007018365A (ja) * 2005-07-08 2007-01-25 Matsushita Electric Ind Co Ltd 宣言型言語で記述された再生制御環境の起動条件を考慮した情報記録媒体およびその再生装置、再生方法。
KR101180199B1 (ko) * 2008-11-18 2012-09-05 한국전자통신연구원 다운로더블 제한수신시스템, 상기 다운로더블 제한수신시스템에서 단말과 인증 서버 간의 양방향 통신을 위한 채널 설정 방법 및 메시지 구조
US9083791B2 (en) * 2009-01-22 2015-07-14 Yahoo ! Inc. Web-hosted framework for mobile applications
CN101610290A (zh) * 2009-07-22 2009-12-23 深圳市茁壮网络股份有限公司 下载管理的方法和下载管理单元及下载系统
JP2011141867A (ja) * 2009-12-10 2011-07-21 Sharp Corp データ表示装置およびサーバ装置
US20110179268A1 (en) * 2010-01-20 2011-07-21 Microsoft Corporation Protecting applications with key and usage policy
CN101951402B (zh) * 2010-09-17 2013-02-20 山东中创软件工程股份有限公司 一种Web Service可用性跟踪检测方法、装置及系统
US8983076B2 (en) * 2011-12-22 2015-03-17 Adobe Systems Incorporated Methods and apparatus for key delivery in HTTP live streaming
US9443012B2 (en) * 2012-01-31 2016-09-13 Ncr Corporation Method of determining http process information
CN103020180A (zh) * 2012-11-28 2013-04-03 北京奇虎科技有限公司 一种基于控制节点部署程序的方法和装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6785719B1 (en) * 2002-08-06 2004-08-31 Digi International Inc. Distributed systems for providing secured HTTP communications over the network
CN103440281A (zh) * 2013-08-13 2013-12-11 北京卓易讯畅科技有限公司 一种用于获取下载文件的方法、装置与设备
CN103561040A (zh) * 2013-11-15 2014-02-05 中国科学院声学研究所 一种文件下载方法及系统
CN103841272A (zh) * 2014-03-25 2014-06-04 浙江翼信科技有限公司 一种发送语音消息的方法及装置

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112217880A (zh) * 2020-09-24 2021-01-12 北京火山引擎科技有限公司 应用程序激活的归因方法、装置、介质和电子设备

Also Published As

Publication number Publication date
US20180103016A1 (en) 2018-04-12
KR20180018673A (ko) 2018-02-21
CN106257879A (zh) 2016-12-28
JP2018519596A (ja) 2018-07-19
EP3313041B1 (en) 2020-08-05
PL3313041T3 (pl) 2020-11-16
EP3313041A4 (en) 2019-01-09
ES2811330T3 (es) 2021-03-11
EP3313041A1 (en) 2018-04-25
US10693845B2 (en) 2020-06-23
KR102147026B1 (ko) 2020-08-24
JP6793667B2 (ja) 2020-12-02
CN106257879B (zh) 2020-02-14
SG11201710305PA (en) 2018-01-30

Similar Documents

Publication Publication Date Title
CN109214168B (zh) 固件升级方法及装置
CN104756076B (zh) 配置文件更新器
WO2016202204A1 (zh) 一种下载应用的方法和装置
EP3044936B1 (en) Method and apparatus of downloading and installing a client
US8931069B2 (en) Authentication with massively pre-generated one-time passwords
TWI679550B (zh) 帳號登入方法及裝置
TW201528844A (zh) 確定登錄網站的終端是否爲移動終端的方法及伺服器
WO2019019344A1 (zh) 网页数据爬取方法、装置、用户终端及可读存储介质
CN106716957A (zh) 高效且可靠的认证
WO2017071207A1 (zh) 一种应用安装方法、相关装置及应用安装系统
US20140032350A1 (en) Method and system for activating a software application while provisioning services for the application
CN104219198B (zh) 一种WebApp的防篡改方法
CN106709324A (zh) 用于验证应用安全性的方法和设备
CN104011730A (zh) 外部代码安全机制
US20160330030A1 (en) User Terminal For Detecting Forgery Of Application Program Based On Hash Value And Method Of Detecting Forgery Of Application Program Using The Same
CN106909409A (zh) 一种运行应用程序的apk插件的方法及装置
CN108564363B (zh) 一种交易处理方法、服务器、客户端及系统
CN106909406A (zh) 一种加载应用程序的apk插件的方法及装置
US12488126B2 (en) Methods for dynamic platform security configuration
US20210160180A1 (en) Secure preloading of serverless function sequences
JP2017187963A (ja) 電子機器およびシステム
US12267441B2 (en) System and method for securing operation of data processing systems during and after onboarding
HK1231273B (zh) 一种下载应用的方法和装置
US20260005837A1 (en) Secure authorization of the helm chart
HK1231273A (en) Method and apparatus for downloading application

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16810945

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 11201710305P

Country of ref document: SG

ENP Entry into the national phase

Ref document number: 2017565768

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20187000738

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2016810945

Country of ref document: EP