WO2017092507A1 - 应用加密方法、装置和应用访问方法、装置 - Google Patents

应用加密方法、装置和应用访问方法、装置 Download PDF

Info

Publication number
WO2017092507A1
WO2017092507A1 PCT/CN2016/101928 CN2016101928W WO2017092507A1 WO 2017092507 A1 WO2017092507 A1 WO 2017092507A1 CN 2016101928 W CN2016101928 W CN 2016101928W WO 2017092507 A1 WO2017092507 A1 WO 2017092507A1
Authority
WO
WIPO (PCT)
Prior art keywords
application software
access
decryption
application
encryption key
Prior art date
Application number
PCT/CN2016/101928
Other languages
English (en)
French (fr)
Inventor
杜鹏玲
卫伟
张家明
王明涛
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017092507A1 publication Critical patent/WO2017092507A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of information security technologies, and in particular, to an application encryption method, device, and application access method and apparatus.
  • Smart terminals such as mobile phones and PADs have become a necessity in people's lives and work.
  • hardware products such as Central Processing Unit (CPU), memory, expansion of storage devices, software such as operating system, application software optimization and upgrade, the rapid development and maturity of the Internet So that smart terminals have more rich and powerful functional applications.
  • the increasing performance of intelligent terminals enables users to install a large number of application software on smart terminals, such as social, shopping, email and mobile banking applications, which greatly facilitates people's daily applications. Since the data in these applications involves the security of users' privacy, property, etc., the traditional security protection method is to use the login user name and password to filter illegal access to these applications.
  • the application software generally provides a function of saving a password, so that the user can save the password and avoid repeatedly inputting the password in subsequent login or use.
  • the user is also convenient to use, and generally the function of saving the password is also started.
  • the security protection of intelligent terminals has become an important direction of current research.
  • the security protection of intelligent terminals is mainly for the interception of anti-virus, harassing calls or text messages, the installation or uninstallation of application software, the rights management of application software access systems, etc. Can be single, can not achieve the management of application software access security.
  • the main purpose of the present invention is to provide an application encryption method, device, and application access method and device, which are aimed at solving the technical problem of intelligent terminal application software access security management.
  • the present invention provides an application encryption method, where the application encryption method includes:
  • the step of calculating the encryption key according to the preset encryption algorithm and the access password, and updating the pre-configured relationship table according to the encryption key comprises:
  • the step of recording the correspondence between the identification information of the application software and the encryption key and updating the pre-configured relationship table comprises:
  • the application software does not have a corresponding encryption key, record the correspondence between the identification information of the application software and the encryption key, and update the relationship table;
  • the application software has a corresponding encryption key
  • obtaining the input decryption information for the response Decryption is performed by software; after the decryption is successful, the correspondence between the identification information of the application software and the encryption key is recorded, and the relationship table is updated.
  • the present invention further provides an application access method, where the application access method includes the following steps:
  • the method before the step of obtaining the decryption information input by the application software, the method further includes:
  • the step of acquiring the encryption key of the application software according to the pre-configured relationship table, and decrypting the application software according to the encryption key and the decryption information includes:
  • the applying the software according to the encryption key and the decryption information include:
  • the decryption key matches the encryption key, the decryption is successful.
  • the step of decrypting the application software according to the encryption key and the decryption information further includes:
  • the decryption information input by the user matches the decrypted password obtained by the solution, the decryption is successful.
  • the step of allowing access to the application software is further included:
  • the present invention further provides an application encryption device, where the application encryption device includes:
  • the acquisition module is configured to obtain an access password of the input accessed protection application software
  • a secret key module configured to calculate an encryption key according to the preset encryption algorithm and the access password, and update the pre-configured relationship table according to the encryption key;
  • an encryption module configured to encrypt the application software according to the relationship table.
  • the secret key module includes:
  • a calculating unit configured to calculate an encryption key according to the preset encryption algorithm and the access password
  • a first identifying unit configured to acquire identification information of the application software
  • an update unit configured to record a correspondence between the identification information of the application software and the encryption key, and update the pre-configured relationship table.
  • the update unit comprises:
  • a determining subunit configured to determine, according to the pre-configured relationship table and the identification information of the application software, whether the application software has a corresponding encryption key
  • Updating the subunit if the application software does not have a corresponding encryption key, recording a correspondence between the identification information of the application software and the encryption key, and updating the relationship table; if the application software has Corresponding encryption key, the obtained decryption information is used to decrypt the application software; after the decryption is successful, the correspondence between the identification information of the application software and the encryption key is recorded, and the relationship table is updated.
  • the present invention further provides an application access device, where the application access device includes:
  • a decryption module configured to acquire an encryption key of the application software according to a pre-configured relationship table, and decrypt the application software according to the encryption key and the decryption information
  • the access module is set to allow access to the application software if the decryption is successful.
  • the application accessing device further includes:
  • An authentication module configured to determine, according to the relationship table, whether the application software is protected by access Protect
  • the access module is further configured to allow access to the application software if the application software is not protected by access;
  • the obtaining module is further configured to: if the application software is protected by access, obtain decryption information input by the access application software.
  • the decryption module comprises:
  • a second identification unit configured to acquire identification information of the application software
  • a key unit configured to acquire an encryption key of the application software according to the pre-configured relationship table and the identification information of the application software
  • a decryption unit configured to decrypt the application software according to the encryption key and the decryption information.
  • the decryption unit comprises:
  • the encryption subunit is configured to perform encryption calculation on the decryption information input by the user according to a preset encryption algorithm to obtain a decryption key
  • the first parity subunit is configured to check whether the decryption key matches the encryption key; if the decryption key matches the encryption key, the decryption succeeds.
  • the decrypting unit further includes:
  • a decryption subunit configured to solve the encryption key according to a preset decryption algorithm, to obtain a decryption password of the application software, where the decryption algorithm is symmetric with the encryption algorithm;
  • a second check subunit configured to check whether the decrypted information input by the user matches the decrypted password obtained by the solution; if the decrypted information input by the user matches the decrypted password obtained by the solution, The decryption was successful.
  • the application accessing device further includes:
  • the prohibition module is set to prohibit access to the application software if the decryption fails.
  • Another embodiment of the present invention provides a computer storage medium storing execution instructions for performing the method in the above embodiments.
  • An application encryption method, device, and application access method and device which are provided by the user, obtain an access password of the accessed protection application software input by the user, and calculate an encryption key according to the preset encryption algorithm and the access password. Updating the pre-configured relational table; then, encrypting the application according to the relational table.
  • the encryption and access protection of the application software in the intelligent terminal are realized, the access rights of the application software in the intelligent terminal are uniformly managed, the illegal access is filtered, the access security of the application software is guaranteed, and the security of the intelligent terminal and the application software data is ensured.
  • FIG. 1 is a schematic flowchart of a first embodiment of an application encryption method according to the present invention
  • FIG. 2 is a schematic flowchart of a second embodiment of an application encryption method according to the present invention.
  • FIG. 3 is a schematic diagram of record field values of a relationship table according to an embodiment of the present invention.
  • FIG. 4 is a schematic flowchart of a third embodiment of an application encryption method according to the present invention.
  • FIG. 5 is a schematic flowchart of a first embodiment of an application access method according to the present invention.
  • FIG. 6 is a schematic flowchart of a second embodiment of an application access method according to the present invention.
  • FIG. 7 is a schematic flowchart of a third embodiment of an application access method according to the present invention.
  • FIG. 8 is a schematic flowchart of a fourth embodiment of an application access method according to the present invention.
  • FIG. 9 is a schematic flowchart of a fifth embodiment of an application access method according to the present invention.
  • FIG. 10 is a schematic flowchart of a sixth embodiment of an application access method according to the present invention.
  • FIG. 11 is a schematic diagram of functional modules of a first embodiment of an application encryption apparatus according to the present invention.
  • FIG. 12 is a schematic diagram of functional modules of a second embodiment of an application encryption apparatus according to the present invention.
  • FIG. 13 is a schematic diagram of functional modules of a third embodiment of an application encryption apparatus according to the present invention.
  • FIG. 14 is a schematic diagram of functional modules of a first embodiment of an application access device according to the present invention.
  • 15 is a schematic diagram of functional modules of a second embodiment of an application access device according to the present invention.
  • 16 is a schematic diagram of functional modules of a third embodiment of an application access device according to the present invention.
  • FIG. 17 is a schematic diagram of functional modules of a fourth embodiment of an application access device according to the present invention.
  • FIG. 18 is a schematic diagram of functional modules of a fifth embodiment of an application access device according to the present invention.
  • FIG. 19 is a schematic diagram of functional modules of a sixth embodiment of an application access device according to the present invention.
  • the main solution of the embodiment of the present invention is: obtaining an access password of the input accessed protection application software; calculating an encryption key according to the preset encryption algorithm and the access password, and updating the pre-configured according to the encryption key a relationship table; encrypting the application software according to the relationship table.
  • the password saving function enables the application software to be accessed without a password, which brings a huge security risk to the user's private information security.
  • the present invention provides a solution for managing different application software access rights in an intelligent terminal in a unified or personalized manner, ensuring access security of application software, and ensuring security of intelligent terminal and application software data.
  • the first embodiment of the present invention provides an application encryption method, where the application encryption method includes:
  • Step S10 Obtain an access password of the input accessed protection application software.
  • the embodiments of the present invention are mainly applied to the security protection of the intelligent terminal, and the application security management (Intel access security controller) is used to implement the security management of the intelligent terminal application software.
  • the application security management Intel access security controller
  • the application security access controller is located on the smart terminal.
  • the user can select all the application software or part of the application software in the smart terminal for access protection according to the needs of the actual application software.
  • the application security access controller acquires all application software on the current smart terminal, and generates an application software list for the user to select an application software that needs to be accessed and protected.
  • the user can select the application software to be added to the protection list of the application security access controller in the application software list according to actual needs, or select the default protection list generated by the application security access controller according to the preset rule.
  • the default protection list generated by the application security access controller according to the preset rule may be flexibly set according to actual usage requirements according to the usage frequency or function category of the application software, for example, selecting a hot according to the usage hotness of the application software in the current smart terminal.
  • the application software generates a default protection list, or selects a shopping, social, and financial application software in the current smart terminal to generate a default protection list.
  • the application security access controller After obtaining the user-selected access-protected application software, the application security access controller obtains the access password of the user-protected access-protected application software.
  • the user can separately set the access password for the accessed protection application software, or can uniformly set the access password for the accessed protection application software, which can be flexibly set according to actual needs.
  • the application security access controller prompts the user to set an access password for the accessed protection application, and the user performs an access password input.
  • the access password input by the user can be text, graphics, various biological features such as fingerprints, voiceprints, eye lines, etc., and can be flexibly set according to actual needs.
  • the application security access controller After obtaining the access password input by the user, the application security access controller prompts the user to perform secondary confirmation on the access password, so that the user performs the access password input again. If the access password entered by the user is the same, confirm that the access password is successfully entered. If the access password entered by the user is inconsistent, the input password fails to be confirmed, and the user is prompted to re-enter the access password.
  • the application security access controller obtains the access password of the access protected application input by the user.
  • Step S20 Calculate an encryption key according to the preset encryption algorithm and the access password, and update the pre-configured relationship table according to the encryption key.
  • the application security access controller After successfully obtaining the access password input by the user, first, the application security access controller encrypts the obtained access password according to a preset encryption algorithm to obtain an encryption key.
  • the encryption key is stored in the field.
  • the field type can be a string or other types. It can be flexibly set according to actual needs.
  • the preset encryption algorithm may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or a combination of the two, and may be flexibly set according to actual needs.
  • the symmetric algorithm may implement encryption of the access password by using an encryption algorithm to obtain an encryption key, and use a decryption algorithm to solve the encryption key to obtain a decryption password consistent with the access password;
  • the asymmetric algorithm may implement an encryption algorithm.
  • the password is encrypted to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • the application security access controller obtains the encryption key of the access protected application.
  • the application security access controller then stores the application's encryption key in a pre-configured relational table and updates the relationship table.
  • the pre-configured relationship table is used to record the application software protected by the access and the corresponding encryption key, and support the user to set the access password of multiple application software at the same time.
  • Step S30 Encrypt the application software according to the relationship table.
  • the application security access controller After completing the update of the relational table, the application security access controller obtains the corresponding encryption key from the relational table according to the application software.
  • the application security access controller then encrypts the application based on the acquired encryption key.
  • the encrypted application software When a user or other application software accesses the encrypted application software, it needs to be decrypted, and after obtaining the access right, the encrypted application software can be accessed to implement the access protection of the application software.
  • the application security access controller acquires an access password of the accessed protection application software input by the user; then, according to the preset encryption algorithm and the access password, calculates the encryption key, and updates the pre-configured relationship table; Then, according to the relationship table, the access protected application software is encrypted, the security protection of the intelligent terminal application software is realized, the access rights of the application software in the intelligent terminal are uniformly managed, the illegal access is filtered, and the security of the intelligent terminal and the application software data is ensured.
  • the second embodiment of the present invention provides an application encryption method. Based on the embodiment shown in FIG. 1, the step S20 includes:
  • Step S21 Calculate an encryption key according to the preset encryption algorithm and the access password.
  • the application security access controller After obtaining the access password input by the user, the application security access controller encrypts the obtained access password according to a preset encryption algorithm to obtain an encryption key.
  • the encryption key is stored in the field.
  • the field type can be a string or other types. It can be flexibly set according to actual needs.
  • the preset encryption algorithm may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or a combination of the two, and may be flexibly set according to actual needs.
  • the symmetric algorithm may implement encryption of the access password by using an encryption algorithm to obtain an encryption key, and use a decryption algorithm to solve the encryption key to obtain a decryption password consistent with the access password;
  • the asymmetric algorithm may implement an encryption algorithm.
  • the password is encrypted to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • each access protection The application software respectively corresponds to the encryption key obtained by encrypting the corresponding access password; if the user uniformly sets the access password of each access protection application software, the encryption key of each access protection application software is the same, and each access protection application software Corresponding to the obtained encryption key.
  • the application security access controller obtains the encryption key of the access protected application.
  • Step S22 Obtain identification information of the accessed protection application software.
  • the application security access controller obtains the identification information of the access protection application software according to the application software list and the user-selected access protection application software.
  • the identification information of the application software includes an application software ID, an application software name, and the like, which can identify the application software, and can be searched or matched to the unique corresponding application software according to the application software ID and the application software name.
  • the application security access controller stores the identification information of the access protection application software in a field.
  • the field type can be a string or other types, and can be flexibly set according to actual needs.
  • Step S23 Record the correspondence between the identification information of the accessed protection application software and the encryption key, and update the pre-configured relationship table.
  • the application security access controller records the obtained identification information of the accessed protection application software and the corresponding encryption key, and establishes a corresponding relationship.
  • the identification information of the access protection application software, the corresponding encryption key and the corresponding relationship are saved in a pre-configured relationship table, and the relationship table is updated.
  • the pre-configured relationship table is used to record the application protection information and the corresponding encryption key protected by the access.
  • the identification information of the accessed protected application software is taken as an application software ID and an application software name.
  • the record information of the identification information of the application software in the relationship table includes three field values. Referring to FIG. 3, the application software ID, the application software name, and the encryption key are included.
  • the field name of the field value is the application software ID, the application software name, and the encryption key.
  • the field of the application software ID is the Universally Unique Identifier (UUID) information of the access protection application software.
  • UUID Universally Unique Identifier
  • the field name of the software name is the name of the access protection application software, and the field of the encryption key means the key of the access protection application software.
  • the field types of the three field values are all strings.
  • the application security access controller calculates the encryption key according to the preset encryption algorithm and the access password, and acquires the identification information of the access protection application software; and then records the identification information of the access protection application software and It encrypts the correspondence of the secret keys and updates the pre-configured relational table.
  • the correspondence between the application software and the encryption key in the relationship table is updated, and the encryption key is obtained from the relationship table to encrypt the application software, thereby realizing the encryption of the application software.
  • the orderly management of the key, unified management of the encryption key of the application software in the intelligent terminal ensures the access security of the application software, and ensures the security of the intelligent terminal and the application software data.
  • the third embodiment of the present invention provides an application encryption method.
  • the step S23 includes:
  • Step S231 Determine, according to the pre-configured relationship table and the identification information of the application software, whether the application software has a corresponding encryption key.
  • relationship information of the application software and the corresponding encryption key are recorded in the relationship table, it is determined that the application software has a corresponding encryption key.
  • Step S232 If the application software does not have a corresponding encryption key, record the correspondence between the identification information of the application software and the encryption key, and update the relationship table.
  • the application security access controller determines that the current password is set to the initial setting.
  • the application security access controller uses the currently obtained encryption key as the encryption key corresponding to the application identification information, records the correspondence between the application identification information and the encryption key, and stores the relationship in the relationship. In the table.
  • the relationship table is updated to obtain a record of the application identification information and the encryption key.
  • Step S233 If the application software has a corresponding encryption key, obtain the input decryption information to decrypt the application software; after the decryption succeeds, record the correspondence between the identification information of the application software and the encryption key And update the relationship table.
  • the application security access controller determines that the current password is set to modify the password.
  • the application security access controller prompts the user to input a decryption password, and obtains decryption information input by the user.
  • the application security access controller then decrypts the application based on the relationship table and the decryption information entered by the user.
  • the application security access controller records the correspondence between the application identification information and the currently acquired encryption key, and updates the record of the application software in the record table.
  • the encryption key corresponding to the application identification information in the record table is an encryption key obtained according to the encrypted password currently input by the user.
  • the decryption fails, if the current application software fails to decrypt, the user password is incorrect or not prompted. To modify the permissions, the user can enter the password again to decrypt.
  • the application security access controller determines whether the application software has a corresponding encryption key according to the pre-configured relationship table and the identification information of the application software; if the application software does not have a corresponding encryption key, the current password is considered to be the current password.
  • Set to the initial setting record the correspondence between the identification information of the application software and the encryption key, and update the relationship table; if the application software has a corresponding encryption key, the current password is set to modify the password, and the decryption information input by the user is obtained.
  • the application software is decrypted; after the decryption is successful, the correspondence between the identification information of the application software and the encryption key is recorded, and the relationship table is updated.
  • the user modifies the password of the application software, the user is authenticated, which effectively ensures the security of the application software password setting and ensures the access security of the application software.
  • the first embodiment of the application access method of the present invention provides an application access method, where the application access method includes:
  • Step S40 Obtain decryption information input by the access application software.
  • the embodiments of the present invention are mainly applied to the security protection of the intelligent terminal, and the application security management (Intel access security controller) is used to implement the security management of the intelligent terminal application software.
  • the application security management Intel access security controller
  • the application security access controller is located on the smart terminal.
  • the application security access controller may pop up a display interface to prompt the user to input the decryption password.
  • the decryption information input by the user is obtained.
  • the decryption information input by the user may be text, graphics, various biological features such as fingerprints, voiceprints, eye lines, etc., and can be flexibly set according to actual needs.
  • the application security access controller obtains the decryption information input by the user.
  • Step S50 Acquire an encryption key of the application software according to the pre-configured relationship table, and decrypt the application software according to the encryption key and the decryption information.
  • the application security access controller After obtaining the decryption information input by the user, the application security access controller decrypts the application software according to the preset relationship table.
  • the application security access controller queries the preset relationship table to obtain the encryption key of the accessed application software.
  • the application security access controller decrypts the accessed application software according to the decryption information input by the user and the encryption key of the application software.
  • Step S60 If the decryption is successful, the access to the application software is allowed.
  • the application security access controller allows this access to the application software.
  • the application security access controller may control to open the accessed application software, allowing the application software to be accessed or retrieved.
  • the application security access controller can directly launch the accessed application software, and the display interface jumps to the accessed application software for subsequent operations by the user or other application software.
  • the application security access controller is pre-configured to allow access time so that the accessed application software can be directly accessed or invoked within a preset time. For example, if the preset allowable access time is 1 minute, the user can directly access the application software without inputting the decryption password within 1 minute after the application software is successfully unlocked.
  • the preset allowable access time can be flexibly set according to actual needs.
  • the application security access controller obtains the decryption information input by the application software; then, obtains the encryption key of the application software according to the pre-configured relationship table, and decrypts the application software according to the encryption key and the decryption information; If the decryption is successful, the application is allowed for this time.
  • Software access In this embodiment, the access protection of the application software in the intelligent terminal is implemented, the access rights of the application software in the intelligent terminal are uniformly managed, the illegal access is filtered, the access security of the application software is ensured, and the security of the intelligent terminal and the application software data is ensured.
  • the application access method of the present invention provides an application access method. Based on the foregoing embodiment shown in FIG. 5, the step S40 further includes:
  • Step S70 Determine, according to the relationship table, whether the application software is protected by access.
  • the application software protected by the application security access controller may be all application software in the smart terminal, or may be partial application software, and may be flexibly set according to actual needs.
  • the application security access controller After the application security access controller is started, if the user or other application software accesses and invokes the application software in the smart terminal, the application security access controller determines whether the accessed or invoked application software is protected by the application security access controller.
  • the application security access controller is pre-configured with a relation table, and records the application software and the corresponding encryption key protected by the application security access controller.
  • the application software protected by the application security access controller uses the identification information to identify different application software, and the identification information of the application software can be found and matched to the unique corresponding application software.
  • the encryption key corresponding to the application software is obtained by encrypting the password of the currently accessed application software set by the user.
  • the application security access controller acquires identification information of the accessed application software, such as an application software ID and an application software name.
  • the application security access controller queries, according to the obtained identification information, whether there is a record of the application software in the preset relationship table.
  • the identification information of the accessed application software and the corresponding encryption key are found in the preset relationship table, it is determined that the accessed application software is protected by the access.
  • the encryption key of the application determines that the accessed application software is not protected by access.
  • Step S80 If the application software is not protected by the access, the current access to the application software is allowed; if the application software is protected by the access, the process proceeds to step S40.
  • the application security access controller allows this access to the application software, and the user and other application software can directly access or invoke the application software.
  • the application security access controller needs the user to input the decryption information to decrypt the application software, prompting the user to input the decryption information of the application software, and decrypting the application software.
  • the application security access controller determines, according to the pre-configured relationship table root, whether the accessed application software is protected by access; if the accessed application software is not protected by the access, the application software is allowed. Access; if the accessed application is protected by access, the decrypted information input by the user is obtained.
  • the preset relationship table is used to determine whether the accessed application software is protected by access, thereby releasing access to the application that is not protected by the access protection, and implementing differentiated management of the application software in the intelligent terminal, and ensuring the application. The security of the software access ensures the convenience of the user.
  • the third embodiment of the application access method of the present invention provides an application access method, based on the embodiment shown in FIG. 5 or FIG. 6 (this embodiment takes FIG. 5 as an example).
  • the step S50 includes:
  • Step S51 Obtain identification information of the application software.
  • the application security access controller obtains the decryption information of the accessed application software input by the user, and obtains the accessed application software according to the accessed application software selected by the user.
  • Identification information such as application software ID, should Use the software name.
  • Step S52 Acquire an encryption key of the application software according to the pre-configured relationship table and the identification information of the application software.
  • the application security access controller searches for the application software record matching the identification information in the pre-configured relationship table according to the identification information of the accessed application software.
  • the encryption key corresponding to the currently accessed application software identification information is obtained.
  • the application security access controller obtains the encryption key of the accessed application software.
  • Step S53 Decrypt the application software according to the encryption key and the decryption information.
  • the application security access controller After obtaining the encryption key of the accessed application software and the decryption information input by the user, the application security access controller decrypts the accessed application software.
  • the application security access controller performs encryption calculation on the decryption information according to the preset encryption algorithm to obtain a decryption key.
  • the encryption key of the accessed application software is matched. If the string of the decryption key is exactly the same as the string of the encryption key, the decryption succeeds; if the string of the decryption key is inconsistent with the string of the encryption key, the decryption is unsuccessful.
  • the application security access controller solves the encryption key of the accessed application software according to the preset decryption algorithm to obtain a decryption password.
  • the decrypted password obtained by the solution is matched with the decrypted information input by the user. If the decrypted password obtained by the solution is completely consistent with the decrypted information input by the user, the decryption succeeds; if the decrypted password obtained by the solution is inconsistent with the decrypted information input by the user, the decryption is unsuccessful.
  • the application security visit The controller acquires the identification information of the accessed application software and the decryption information input by the user; and obtains the encryption key of the accessed application software according to the preset relationship table and the identification information of the accessed application software; According to the decryption information input by the user and the encryption key of the accessed application software, the accessed application software is decrypted.
  • the user needs to input the decryption password to decrypt, and after successful decryption, the application software is allowed to be accessed, the access security of the application software is ensured, and the security of the intelligent terminal and the application software data is ensured.
  • the fourth embodiment of the application access method of the present invention provides an application access method.
  • the step S53 includes:
  • Step S531 Perform encryption calculation on the decryption information input by the user according to a preset encryption algorithm to obtain a decryption key.
  • the accessed application software After obtaining the encryption key of the accessed application software and the decryption information input by the user, the accessed application software is decrypted.
  • the encryption algorithm can be used to encrypt the access password to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • the message digest algorithm is the fifth version (Message Digest Algorithm). 5, referred to as md5), easy to calculate, strong anti-modification.
  • the application security access controller performs encryption calculation on the decryption information according to the preset encryption algorithm to obtain a decryption key.
  • the field type of the decryption key is the same as the field type of the encryption key, and can be a string.
  • Step S532 Verify whether the decryption key matches the encryption key.
  • the decryption key obtained by the application security access controller is matched with the encryption key of the accessed application software.
  • the decryption key is determined. Matching with the encryption key of the accessed application software; if the string of the decryption key is inconsistent with the string of the encryption key, it is determined that the decryption key does not match the encryption key of the currently accessed application software.
  • Step S533 If the decryption key matches the encryption key, the decryption succeeds.
  • the application security access controller determines that the decryption information input by the user is the correct access password, and the decryption of the application software is successful this time.
  • the application security access controller performs encryption calculation on the decryption information input by the user according to the preset encryption algorithm to obtain a decryption key; and then checks the calculated decryption key and the encryption of the accessed application software. Whether the key is matched; if the decryption key matches the encryption key of the accessed application software, the decryption of the application software is successful.
  • the user needs to input the decryption information to decrypt, use the encryption algorithm to improve the security strength of the password protection, ensure the access security of the application software, and ensure the security of the intelligent terminal and the application software data.
  • the fifth embodiment of the present invention provides a terminal security protection method. Based on the foregoing embodiment shown in FIG. 7, the step S53 includes:
  • step S534 the encryption key is solved according to a preset decryption algorithm, and a decryption password of the application software is obtained, and the decryption algorithm is symmetric with the encryption algorithm.
  • the accessed application software After obtaining the encryption key of the accessed application software and the decryption information input by the user, the accessed application software is decrypted.
  • the encryption algorithm may be used to encrypt the access password to obtain an encryption key, and the encryption algorithm is used to solve the encryption key, and the access key is obtained. Code-consistent decryption password.
  • the preset encryption algorithm is symmetric with the preset decryption algorithm.
  • the application security access controller solves the encryption key of the accessed application software according to the preset decryption algorithm to obtain a decryption password.
  • Step S535 Verify whether the decryption information input by the user matches the decrypted password obtained by the solution.
  • the secure access controller After the decryption password is obtained by solving the encryption key of the accessed application software, the secure access controller verifies the decrypted password obtained by the solution, and matches the decrypted information input by the user.
  • the decryption information input by the user is completely consistent with the decrypted password obtained by the solution, it is determined that the decrypted information input by the user matches the decrypted password obtained by the solution; if the decrypted information input by the user is inconsistent with the decrypted password obtained by the solution, the user is determined The decrypted information entered does not match the decrypted password obtained by the solution.
  • Step S536 If the decryption information input by the user matches the decrypted password obtained by the solution, the decryption succeeds.
  • the application security access controller determines that the decryption information input by the user is the correct access password, and the decryption of the application software is successful this time.
  • the application security access controller solves the encryption key of the accessed application software according to the preset decryption algorithm, and obtains the decryption password of the accessed application software, and the preset decryption algorithm is symmetric with the encryption algorithm. And verifying whether the decrypted information input by the user matches the decrypted password obtained by the solution; if the decrypted information input by the user matches the decrypted password obtained by the solution, the decryption of the accessed application software is successful.
  • the user needs to input a decryption password to decrypt, and the encryption algorithm is used to improve the security strength of the password protection. The access security of the application software is blocked, and the security of the intelligent terminal and the application software data is ensured.
  • the sixth embodiment of the present invention provides an application access method, which is based on the embodiment shown in FIG. 5 or FIG. 6 (this embodiment takes FIG. 5 as an example).
  • the method further includes:
  • Step S90 If the decryption fails, the access to the application software is prohibited.
  • the application security access controller prohibits the access to the application software.
  • the application security access controller may prompt the user to have a password error or no access right, and notify the user to prohibit the current access.
  • the user can enter the decryption information again to unlock the application software.
  • the application security access controller locks the currently accessed application software. Moreover, the application security access controller controls to lock the current application software within a preset time, and does not allow decryption operations on the current application software.
  • the application security access controller prohibits the current access to the application software.
  • the access protection of the application software in the intelligent terminal is implemented, the illegal access to the application software is filtered, the access rights of the application software in the intelligent terminal are uniformly managed, the access security of the application software is ensured, and the security of the intelligent terminal and the application software is ensured. Sex.
  • the first embodiment of the present invention provides an application encryption device, where the application encryption device includes:
  • the acquisition module 100 is configured to obtain an access password of the input accessed protection application software.
  • the embodiments of the present invention are mainly applied to security protection of an intelligent terminal by applying an encryption device.
  • Implement encryption management of smart terminal application software are mainly applied to security protection of an intelligent terminal by applying an encryption device.
  • the application encryption device is located on the smart terminal.
  • the user can select all the application software or part of the application software in the smart terminal for access protection according to the needs of the actual application software.
  • the collection module 100 acquires all application software on the current smart terminal, and generates an application software list for the user to select an application software that needs to be accessed and protected.
  • the user can select the application software to be added to the protection list of the collection module 100 in the application software list according to actual needs, or select the default protection list generated by the collection module 100 according to the preset rule.
  • the default protection list generated by the collection module 100 according to the preset rule may be flexibly set according to actual usage requirements according to the usage frequency or function category of the application software, for example, selecting popular application software according to the usage heat of the application software in the current smart terminal. Generate a default protection list, or select the shopping, social, and financial applications in the current smart terminal to generate a default protection list.
  • the collection module 100 After acquiring the access-protected application software selected by the user, the collection module 100 acquires an access password of the accessed protection application software set by the user.
  • the user can separately set the access password for the accessed protection application software, or can uniformly set the access password for the accessed protection application software, which can be flexibly set according to actual needs.
  • the collection module 100 prompts the user to set an access password for the accessed protection application, and the user performs an access password input.
  • the access password input by the user can be text, graphics, various biological features such as fingerprints, voiceprints, eye lines, etc., and can be flexibly set according to actual needs.
  • the collecting module 100 After obtaining the access password input by the user, the collecting module 100 prompts the user to perform secondary confirmation on the access password, so that the user performs the access password input again. If the access password entered by the user is the same, confirm that the access password is successfully entered. If the access password entered by the user is inconsistent, the input password fails to be confirmed, and the user is prompted to re-enter the access password.
  • the acquisition module 100 acquires an access password of the accessed protected application software input by the user.
  • the secret key module 200 is configured to calculate an encryption key according to the preset encryption algorithm and the access password, and update the pre-configured relationship table according to the encryption key.
  • the secret key module 200 After successfully obtaining the access password input by the user, first, the secret key module 200 performs calculation and encryption on the obtained access password according to a preset encryption algorithm to obtain an encryption key.
  • the encryption key is stored in the field.
  • the field type can be a string or other types. It can be flexibly set according to actual needs.
  • the preset encryption algorithm may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or a combination of the two, and may be flexibly set according to actual needs.
  • the symmetric algorithm may implement encryption of the access password by using an encryption algorithm to obtain an encryption key, and use a decryption algorithm to solve the encryption key to obtain a decryption password consistent with the access password;
  • the asymmetric algorithm may implement an encryption algorithm.
  • the password is encrypted to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • the secret key module 200 obtains the encryption key of the access protected application software.
  • the secret key module 200 stores the encryption key of the application software in a pre-configured relation table and updates the relationship table.
  • the pre-configured relationship table is used to record the application software protected by the access and the corresponding encryption key, and support the user to set the access password of multiple application software at the same time.
  • the encryption module 300 is configured to encrypt the application software according to the relationship table.
  • the encryption module 300 acquires the corresponding encryption key from the relationship table according to the application software.
  • the encryption module 300 encrypts the application software according to the acquired encryption key.
  • the encrypted application software When a user or other application software accesses the encrypted application software, it needs to be decrypted, and after obtaining the access right, the encrypted application software can be accessed to implement the access protection of the application software.
  • the acquisition module 100 acquires an access password of the accessed protection application software input by the user; then, the secret key module 200 calculates the encryption key according to the preset encryption algorithm and the access password, and updates the pre-configured relationship.
  • the encryption module 300 then encrypts the access-protected application software according to the relationship table, implements security protection for the smart terminal application software, uniformly manages application software access rights in the intelligent terminal, filters illegal access, and ensures intelligent terminal and application software data. Security.
  • the second embodiment of the present invention provides an application encryption device.
  • the key module 200 includes:
  • the calculating unit 210 is configured to calculate the encryption key according to the preset encryption algorithm and the access password.
  • the calculating unit 210 After obtaining the access password input by the user, the calculating unit 210 performs calculation and encryption on the obtained access password according to the preset encryption algorithm to obtain an encryption key.
  • the encryption key is stored in the field.
  • the field type can be a string or other types. It can be flexibly set according to actual needs.
  • the preset encryption algorithm may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or a combination of the two, and may be flexibly set according to actual needs.
  • the symmetric algorithm may implement encryption of the access password by using an encryption algorithm to obtain an encryption key, and use a decryption algorithm to solve the encryption key to obtain a decryption password consistent with the access password;
  • the asymmetric algorithm may implement an encryption algorithm.
  • the password is encrypted to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • the access protection application software respectively corresponds to the encryption key obtained by encrypting the corresponding access password; if the user uniformly sets the access password of each access protection application software, The encryption key of each access protection application software is the same, and each access protection application software corresponds to the obtained encryption key.
  • computing unit 210 obtains the encryption key of the access protected application.
  • the first identifying unit 220 is configured to acquire identification information of the application software.
  • the first identification unit 220 obtains the identification information of the accessed protection application software according to the application software list and the accessed protection application software selected by the user.
  • the identification information of the application software includes an application software ID, an application software name, and the like, which can identify the application software, and can be searched or matched to the unique corresponding application software according to the application software ID and the application software name.
  • the first identification unit 220 stores the identification information of the access protection application software in a field, and the field type may be a character string or other types, and may be flexibly set according to actual needs.
  • the updating unit 230 is configured to record the correspondence between the identification information of the application software and the encryption key, and update the pre-configured relationship table.
  • the updating unit 230 records the obtained identification information of the accessed protection application software and the corresponding encryption key, and establishes the corresponding relationship.
  • the identification information of the access protection application software, the corresponding encryption key and the corresponding relationship are saved in a pre-configured relationship table, and the relationship table is updated.
  • the pre-configured relationship table is used to record the application protection information and the corresponding encryption key protected by the access.
  • the identification information of the accessed protected application software is taken as an application software ID and an application software name.
  • the record information of the identification information of the application software in the relationship table includes three field values. Referring to FIG. 3, the application software ID, the application software name, and the encryption key are included.
  • the field names of the field values are the application software ID, the application software name, and the encryption key respectively;
  • the field of the application software ID means the universal unique identification code of the access protection application software. (Universally Unique Identifier, UUID for short) information
  • the field name of the application software name is the name of the application that is protected by the access protection
  • the field of the encryption key is the key of the application that is protected by the access protection.
  • the field types of the three field values are all strings.
  • the calculating unit 210 calculates the encryption key according to the preset encryption algorithm and the access password; the first identifying unit 220 acquires the identification information of the accessed protection application software; and then, the updating unit 230 records the accessed protection application. Correspondence between the identification information of the software and its encryption key, and update the pre-configured relationship table. In this embodiment, after obtaining the encryption key of the application software, the correspondence between the application software and the encryption key in the relationship table is updated, and the encryption key is obtained from the relationship table to encrypt the application software, thereby realizing the encryption of the application software.
  • the orderly management of the key, unified management of the encryption key of the application software in the intelligent terminal ensures the access security of the application software, and ensures the security of the intelligent terminal and the application software data.
  • the third embodiment of the present invention provides an application encryption device.
  • the update unit 230 includes:
  • the determining subunit 231 is configured to determine whether the application software has a corresponding encryption key according to the pre-configured relationship table and the identification information of the application software.
  • the determining subunit 231 determines whether the current application software has a corresponding encryption key.
  • the determining subunit 231 searches whether the identification information of the application software and the corresponding encryption key are recorded in the relationship table.
  • the determining subunit 231 determines that the application software does not have a corresponding encryption key
  • the determination sub-unit 231 determines that the application software has a corresponding encryption key.
  • the update subunit 232 is configured to: if the application software does not have a corresponding encryption key, record a correspondence between the identification information of the application software and the encryption key, and update the relationship table; if the application software If there is a corresponding encryption key, the input decryption information is used to decrypt the application software; after the decryption is successful, the correspondence between the identification information of the application software and the encryption key is recorded, and the relationship table is updated.
  • the update subunit 232 determines that the current password is set to the initial setting.
  • the update subunit 232 uses the currently obtained encryption key as an encryption key corresponding to the application software identification information, records the correspondence between the application software identification information and the encryption key, and stores the correspondence relationship in the relationship table. in.
  • the relationship table is updated to obtain a record of the application identification information and the encryption key.
  • the update subunit 232 determines that the current password is set to modify the password.
  • the update subunit 232 prompts the user to input a decryption password, and obtains decryption information input by the user.
  • the update subunit 232 decrypts the application software based on the relationship table and the decryption information input by the user.
  • the update subunit 232 records the correspondence between the application software identification information and the currently acquired encryption key, and updates the record of the application software in the record table.
  • the encryption key corresponding to the application identification information in the record table is an encryption key obtained according to the encrypted password currently input by the user.
  • the decryption fails, if the current application software fails to decrypt, the user is prompted with a wrong password or no modification permission, and the user can input the password again for decryption.
  • the determining subunit 231 is based on the pre-configured relationship table and the application software. Identifying information, determining whether the application software has a corresponding encryption key; if the application software does not have a corresponding encryption key, the update subunit 232 considers that the current password is set as an initial setting, and records the identification information of the application software and the correspondence of the encryption key. Relationship, and update the relationship table; if the application software has a corresponding encryption key, the update sub-unit 232 considers that the current password is set to modify the password, and obtains the decryption information input by the user to decrypt the application software; after the decryption succeeds, the application software is recorded. Correspondence between the identification information and the encryption key, and update the relationship table. In this embodiment, when the user modifies the password of the application software, the user is authenticated, which effectively ensures the security of the application software password setting and ensures the access security of the application software.
  • the first embodiment of the application access device of the present invention provides an application access device, where the application access device includes:
  • the obtaining module 400 is configured to obtain decryption information input by the access application software.
  • the embodiments of the present invention are mainly applied to the security protection of the smart terminal, and the access security device is managed by the application access device.
  • the application access device is located on the smart terminal.
  • the obtaining module 400 may pop up a display interface to prompt the user to input the decryption password.
  • the decryption information input by the user is obtained.
  • the decryption information input by the user may be text, graphics, biometrics such as fingerprints, etc., and can be flexibly set according to actual needs.
  • the acquisition module 400 obtains decryption information input by the user.
  • the decryption module 500 is configured to acquire an encryption key of the application software according to a pre-configured relationship table, and decrypt the application software according to the encryption key and the decryption information.
  • the decryption module 500 decrypts the application software according to the preset relationship table.
  • the decryption module 500 queries the preset relationship table, Obtain the encryption key of the accessed application software.
  • the decryption module 500 decrypts the currently accessed application software according to the decryption information input by the user and the encryption key of the application software.
  • the access module 600 is configured to allow access to the application software if the decryption is successful.
  • the access module 600 allows this access to the application software.
  • the access module 600 may control to open the accessed application software, allowing the application software to be accessed or retrieved.
  • the access module 600 can directly launch the accessed application software, and jump the display interface to the accessed application software for subsequent operations by the user or other application software.
  • the access module 600 is pre-configured to allow access time so that the currently accessed application software can be directly accessed or invoked within a preset time. For example, if the preset allowable access time is 1 minute, the user can directly access the application software without inputting the decryption password within 1 minute after the application software is successfully unlocked.
  • the preset allowable access time can be flexibly set according to actual needs.
  • the obtaining module 400 acquires the decryption information input by the user accessing the application software; then, the decryption module 500 acquires the encryption key of the application software according to the pre-configured relationship table, and performs the application software according to the encryption key and the decryption information. Decryption; if the decryption is successful, the access module 600 allows access to the application this time.
  • the access protection of the application software in the intelligent terminal is implemented, the access rights of the application software in the intelligent terminal are uniformly managed, the illegal access is filtered, the access security of the application software is ensured, and the security of the intelligent terminal and the application software data is ensured.
  • the second embodiment of the application access device of the present invention An application access device is provided.
  • the application access device further includes:
  • the authentication module 700 is configured to determine, according to the relationship table, whether the application software is protected by access.
  • the application software protected by the application access device may be all application software in the smart terminal, or may be part of the application software, and may be flexibly set according to actual needs.
  • the authentication module 700 determines whether the accessed or invoked application software is protected by access.
  • the application access device is pre-configured with a relation table, and records the application software protected by the application access device and the corresponding encryption key.
  • the application software protected by the application access device identifies the different application software by using the identification information, and the identification information of the application software can be used to find and match the unique corresponding application software.
  • the encryption key corresponding to the application software is obtained by encrypting the password of the currently accessed application software set by the user.
  • the authentication module 700 obtains identification information of the accessed application software, such as an application software ID and an application software name.
  • the authentication module 700 queries, according to the obtained identification information, whether there is a record of the application software in the preset relationship table.
  • the identification information of the accessed application software and the corresponding encryption key are found in the preset relationship table, it is determined that the accessed application software is protected by the access.
  • the identification information of the accessed application software and the corresponding encryption key are not found in the preset relationship table, it is determined that the accessed application software is not protected by the access.
  • the access module 600 is further configured to allow access to the application software if the application software is not protected by access.
  • the access module 600 allows the access to the application software, and the user and other application software can directly access or invoke the application software.
  • the obtaining module 400 is further configured to acquire decryption information input by the access application software if the application software is protected by access.
  • the obtaining module 400 needs the user to input the decrypted information to decrypt the application software, and prompts the user to input the decrypted information of the application software to decrypt the application software.
  • the authentication module 700 determines whether the accessed application software is protected by access according to the pre-configured relationship table; if the accessed application software is not protected by the access, the access module 600 allows the current pair. The access of the application software; if the accessed application software is protected by the access, the obtaining module 400 acquires the decrypted information input by the user.
  • the preset relationship table is used to determine whether the accessed application software is protected by access, thereby releasing access to the application that is not protected by the access protection, and implementing differentiated management of the application software in the intelligent terminal, and ensuring the application. The security of the software access ensures the convenience of the user.
  • the third embodiment of the application access device of the present invention provides an application access device, which is based on the embodiment shown in FIG. 14 or FIG. 15 (this embodiment uses FIG. 14 as an example).
  • the decryption module 500 includes:
  • the second identification unit 510 is configured to acquire identification information of the application software.
  • the acquisition module 400 obtains the decryption information of the currently accessed application software input by the user, and the second identification unit 510 acquires the current accessed application software according to the selected application software selected by the user.
  • Access identification information of the application such as application software ID, application software name.
  • the secret key unit 520 is configured to acquire an encryption key of the application software according to the pre-configured relationship table and the identification information of the application software.
  • the secret key unit 520 searches for the application software record matching the identification information in the pre-configured relation table according to the identification information of the accessed application software.
  • the encryption key corresponding to the currently accessed application software identification information is obtained.
  • the secret key unit 520 obtains the encryption key of the currently accessed application software.
  • the decryption unit 530 is configured to decrypt the application software according to the encryption key and the decryption information.
  • the decryption unit 530 After obtaining the encryption key of the accessed application software and the decryption information input by the user, the decryption unit 530 decrypts the currently accessed application software.
  • the decryption unit 530 performs encryption calculation on the decryption information according to a preset encryption algorithm to obtain a decryption key.
  • the encryption key of the accessed application software is matched. If the string of the decryption key is exactly the same as the string of the encryption key, the decryption succeeds; if the string of the decryption key is inconsistent with the string of the encryption key, the decryption is unsuccessful.
  • the decryption unit 530 solves the encryption key of the currently accessed application software according to the preset decryption algorithm to obtain a decryption password.
  • the decrypted password obtained by the solution is matched with the decrypted information input by the user. If the decrypted password obtained by the solution is completely consistent with the decrypted information input by the user, the decryption succeeds; if the decrypted password obtained by the solution is inconsistent with the decrypted information input by the user, the decryption is unsuccessful.
  • the second identification unit 510 acquires the identification information of the currently accessed application software and the decryption information input by the user; the secret key unit 520 according to the preset relationship table. And this identification information of the accessed application software, get this time The encryption key of the accessed application software; then, the decryption unit 530 decrypts the currently accessed application software according to the decryption information input by the user and the encryption key of the currently accessed application software.
  • the user needs to input the decryption password to decrypt, and after successful decryption, the application software is allowed to be accessed, the access security of the application software is ensured, and the security of the intelligent terminal and the application software data is ensured.
  • the fourth embodiment of the application access device of the present invention provides an application access device.
  • the decryption unit 530 includes:
  • the encryption subunit 531 is configured to perform encryption calculation on the decryption information input by the user according to a preset encryption algorithm to obtain a decryption key.
  • the encryption sub-unit 531 After obtaining the encryption key of the accessed application software and the decryption information input by the user, the encryption sub-unit 531 decrypts the currently accessed application software.
  • the encryption algorithm can be used to encrypt the password to obtain the encryption key, but the encryption key cannot be solved to obtain the decryption password.
  • the message digest algorithm 5 Message Digest Algorithm 5
  • md5 easy to calculate, strong anti-modification.
  • the encryption sub-unit 531 performs encryption calculation on the decryption information according to a preset encryption algorithm to obtain a decryption key.
  • the field type of the decryption key is the same as the field type of the encryption key, and can be a string.
  • the first parity subunit 532 is configured to check whether the decryption key matches the encryption key; if the decryption key matches the encryption key, the decryption succeeds.
  • the first verification sub-unit 532 verifies the obtained decryption key, and matches the encryption key of the accessed application software.
  • the first syndrome is The element 532 determines that the decryption key matches the encryption key of the currently accessed application software; if the decryption key's character string does not match the encryption key's character string, the first verification sub-unit 532 determines the decryption key and the current time. The encryption key of the accessed application does not match.
  • the first verification sub-unit 532 determines that the decryption information input by the user is the correct access password, and the decryption of the application software is successful this time.
  • the encryption sub-unit 531 performs encryption calculation on the decryption information input by the user according to the preset encryption algorithm to obtain a decryption key; then, the first verification sub-unit 532 checks the calculated decryption key and this time. Whether the encryption key of the accessed application software matches, and if the decryption key matches the encryption key of the accessed application software, the decryption of the application software is successful.
  • the user needs to input the decryption information to decrypt, use the encryption algorithm to improve the security strength of the password protection, ensure the access security of the application software, and ensure the security of the intelligent terminal and the application software data.
  • the fifth embodiment of the present invention provides an application access device.
  • the decryption unit 530 further includes: based on the embodiment shown in FIG.
  • the decryption sub-unit 533 is configured to solve the encryption key according to a preset decryption algorithm to obtain a decryption password of the application software, and the decryption algorithm is symmetric with the encryption algorithm.
  • the decryption subunit 533 After obtaining the encryption key of the accessed application software and the decryption information input by the user, the decryption subunit 533 decrypts the currently accessed application software.
  • the encryption algorithm may be used to encrypt the access password to obtain an encryption key, and the encryption algorithm is used to solve the encryption key to obtain a decryption password consistent with the access password.
  • the preset encryption algorithm is symmetric with the preset decryption algorithm.
  • the decryption sub-unit 533 solves the encryption key of the currently accessed application software according to a preset decryption algorithm to obtain a decryption password.
  • the second check sub-unit 534 is configured to check whether the decryption information input by the user matches the decrypted password obtained by the solution; if the decryption information input by the user matches the decrypted password obtained by the solution, The decryption is successful.
  • the second verification sub-unit 534 checks the decrypted decrypted password and matches the decrypted information input by the user.
  • the second check subunit 534 determines that the decrypted information input by the user matches the decrypted decrypted password; if the decrypted information input by the user is obtained by the solution If the decryption passwords are inconsistent, the second syndrome unit 534 determines that the decryption information input by the user does not match the decrypted decryption password.
  • the second check subunit 534 determines that the decrypted information input by the user is the correct access password, and the decryption of the application software is successful this time.
  • the decryption sub-unit 533 solves the encryption key of the accessed application software according to the preset decryption algorithm, and obtains the decryption password of the accessed application software, and the preset decryption algorithm is symmetric with the encryption algorithm;
  • the second check sub-unit 534 verifies whether the decrypted information input by the user matches the decrypted decrypted password. If the decrypted information input by the user matches the decrypted decrypted password, the decryption of the accessed application software is successful.
  • the user needs to input the decryption password to decrypt, use the encryption algorithm to improve the security strength of the password protection, ensure the access security of the application software, and ensure the security of the intelligent terminal and the application software data.
  • the sixth embodiment of the application access device of the present invention provides an application access device, which is based on the embodiment shown in FIG. 14 or FIG. 15 (this embodiment uses FIG. 14 as an example).
  • the application access device further includes:
  • the prohibition module 800 is set to prohibit access to the application software if the decryption fails.
  • the prohibition module 800 prohibits the current access to the application software.
  • the prohibiting module 800 may prompt the user to have a password incorrect or no access right, and notify the user to prohibit the current access.
  • the user can enter the decryption password again to unlock the application software.
  • the prohibition module 800 locks the currently accessed application software. Moreover, the prohibition module 800 controls to lock the current application software within a preset time, and does not allow decryption operation on the current application software.
  • the prohibition module 800 prohibits the current access to the application software.
  • the access protection of the application software in the intelligent terminal is implemented, the illegal access to the application software is filtered, the access rights of the application software in the intelligent terminal are uniformly managed, the access security of the application software is ensured, and the security of the intelligent terminal and the application software is ensured. Sex.
  • Embodiments of the present invention also provide a storage medium.
  • an execution instruction is stored in the storage medium, and the execution instruction is used to execute the foregoing method.
  • the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM).
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • an application encryption method, apparatus, and application access method and apparatus provided by the embodiments of the present invention have the following beneficial effects: implementing encryption and access protection for application software in an intelligent terminal, and uniformly managing application software access in the intelligent terminal Permissions, filtering illegal access, ensuring access security of application software, and ensuring the security of intelligent terminal and application software data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

一种应用加密方法、应用加密装置、应用访问方法和应用访问装置,该应用加密方法包括:获取输入的受访问保护应用软件的访问密码(S10);根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表(S20);根据所述关系表加密所述应用软件(S30)。该方法实现了对智能终端中应用软件的访问保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。

Description

应用加密方法、装置和应用访问方法、装置 技术领域
本发明涉及信息安全技术领域,尤其涉及一种应用加密方法、装置和应用访问方法、装置。
背景技术
手机、PAD等智能终端目前已成为人们生活工作中的必需品。随着科技进步,硬件产品如中央处理器(Central Processing Unit,简称为CPU)、内存、外扩存储设备的更新换代,软件如操作系统、应用软件的优化和升级,互联网络的快速发展与成熟,使得智能终端具有更加丰富、强大的功能应用。
智能终端性能的日益提升,使得用户可以在智能终端上安装大量的应用软件,例如社交、购物、邮箱和手机银行等应用软件,极大地便利了人们的日常应用。由于这些应用软件中的数据涉及到用户的隐私、财产等的安全,传统的安全保护方式是使用登录的用户名和密码,过滤对这些应用软件的非法访问。
人们在日常生活中会有多种不同类型或强度的密码,例如银行卡密码、邮箱密码、社交网站密码等,不但不易于记忆,而且每次在使用时重新输入也不够便捷。因此,应用软件为提高产品的易用性,一般都提供有保存密码的功能,使用户保存密码后可以在后续的登录或使用中避免重复输入密码。用户为使用方便,一般也都会启动该保存密码的功能。
但是,若移动终端借与他人使用或丢失等情况发生时,其他用户无需密码便可以直接访问这些应用软件,给用户的私密信息保护带来了安全隐患,会给用户造成重大的损失。智能终端的安全保护成为了当前研究的重要方向。目前智能终端的安全保护,主要是针对杀毒、骚扰电话或短信的拦截、应用软件的安装或卸载、应用软件访问系统的权限管理等,保护功 能单一,不能实现对应用软件访问安全的管理。
发明内容
本发明的主要目的在于提供一种应用加密方法、装置和应用访问方法、装置,旨在解决智能终端应用软件访问安全管理的技术问题。
为实现上述目的,本发明提供一种应用加密方法,所述应用加密方法包括:
获取输入的受访问保护应用软件的访问密码;
根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表;
根据所述关系表加密所述应用软件。
优选的,所述根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表的步骤包括:
根据预置的加密算法和所述访问密码,计算得到加密秘钥;
获取所述应用软件的识别信息;
记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
优选的,所述记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表的步骤包括:
根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥;
若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表;
若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应 用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
此外,为实现上述目的,本发明还提供一种应用访问方法,所述应用访问方法包括以下步骤:
获取访问应用软件输入的解密信息;
根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密;
若解密成功,则允许本次对所述应用软件的访问。
优选的,所述获取访问应用软件输入的解密信息的步骤之前,还包括:
根据所述关系表判断所述应用软件是否受到访问保护;
若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问;
若所述应用软件受到访问保护,则转入执行步骤:获取访问应用软件输入的解密信息。
优选的,所述根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密的步骤包括:
获取所述应用软件的识别信息;
根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥;
根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
优选的,所述根据所述加密秘钥和所述解密信息,对所述应用软件进 行解密的步骤包括:
根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥;
检验所述解密秘钥与所述加密秘钥是否匹配;
若所述解密秘钥与所述加密秘钥匹配,则解密成功。
优选的,所述根据所述加密秘钥和所述解密信息,对所述应用软件进行解密的步骤还包括:
根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称;
校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配;
若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
优选的,所述若解密成功,则允许本次对所述应用软件的访问的步骤之后,还包括:
若解密失败,则禁止本次对所述应用软件的访问。
此外,为实现上述目的,本发明还提供一种应用加密装置,所述应用加密装置包括:
采集模块,设置为获取输入的受访问保护应用软件的访问密码;
秘钥模块,设置为根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表;
加密模块,设置为根据所述关系表加密所述应用软件。
优选的,所述秘钥模块包括:
计算单元,设置为根据预置的加密算法和所述访问密码,计算得到加密秘钥;
第一识别单元,设置为获取所述应用软件的识别信息;
更新单元,设置为记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
优选的,所述更新单元包括:
判断子单元,设置为根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥;
更新子单元,设置为若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表;若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
此外,为实现上述目的,本发明还提供一种应用访问装置,所述应用访问装置包括:
获取模块,设置为获取访问应用软件输入的解密信息;
解密模块,设置为根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密;
访问模块,设置为若解密成功,则允许本次对所述应用软件的访问。
优选的,所述应用访问装置还包括:
鉴权模块,设置为根据所述关系表判断所述应用软件是否受到访问保 护;
所述访问模块,还设置为若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问;
所述获取模块,还设置为若所述应用软件受到访问保护,则获取访问应用软件输入的解密信息。
优选的,所述解密模块包括:
第二识别单元,设置为获取所述应用软件的识别信息;
秘钥单元,设置为根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥;
解密单元,设置为根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
优选的,所述解密单元包括:
加密子单元,设置为根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥;
第一校验子单元,设置为检验所述解密秘钥与所述加密秘钥是否匹配;若所述解密秘钥与所述加密秘钥匹配,则解密成功。
优选的,所述解密单元还包括:
解密子单元,设置为根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称;
第二校验子单元,设置为校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配;若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
优选的,所述应用访问装置还包括:
禁止模块,设置为若解密失败,则禁止本次对所述应用软件的访问。
本发明另一实施例提供了一种计算机存储介质,所述计算机存储介质存储有执行指令,所述执行指令用于执行上述实施例中的方法。
本发明实施例提出的一种应用加密方法、装置和应用访问方法、装置,通过获取用户输入的受访问保护应用软件的访问密码;根据预置的加密算法和访问密码,计算得到加密秘钥并更新预先配置的关系表;然后,根据关系表加密所述应用软件。实现了对智能终端中应用软件的加密和访问保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
附图说明
图1为本发明应用加密方法第一实施例的流程示意图;
图2为本发明应用加密方法第二实施例的流程示意图;
图3为本发明实施例中一种关系表的记录字段值示意图;
图4为本发明应用加密方法第三实施例的流程示意图;
图5为本发明应用访问方法第一实施例的流程示意图;
图6为本发明应用访问方法第二实施例的流程示意图;
图7为本发明应用访问方法第三实施例的流程示意图;
图8为本发明应用访问方法第四实施例的流程示意图;
图9为本发明应用访问方法第五实施例的流程示意图;
图10为本发明应用访问方法第六实施例的流程示意图;
图11为本发明应用加密装置第一实施例的功能模块示意图;
图12为本发明应用加密装置第二实施例的功能模块示意图;
图13为本发明应用加密装置第三实施例的功能模块示意图;
图14为本发明应用访问装置第一实施例的功能模块示意图;
图15为本发明应用访问装置第二实施例的功能模块示意图;
图16为本发明应用访问装置第三实施例的功能模块示意图;
图17为本发明应用访问装置第四实施例的功能模块示意图;
图18为本发明应用访问装置第五实施例的功能模块示意图;
图19为本发明应用访问装置第六实施例的功能模块示意图。
本发明目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。
具体实施方式
应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。
本发明实施例的主要解决方案是:获取输入的受访问保护应用软件的访问密码;根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表;根据所述关系表加密所述应用软件。
由于现有技术使用用户名和密码的方式控制应用软件的访问,但是密码保存功能使得无需密码即可访问应用软件,给用户的私密信息安全带来了巨大的安全隐患。
本发明提供一种解决方案,能够统一或个性化的管理智能终端中不同的应用软件访问权限,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
参照图1,本发明应用加密方法第一实施例提供一种应用加密方法,所述应用加密方法包括:
步骤S10、获取输入的受访问保护应用软件的访问密码。
本发明实施例主要应用于智能终端的安全保护,通过应用安全访问控制器(Application Security Access Controller,简称为ASAC),实现对智能终端应用软件访问安全的管理。
在本实施例中,应用安全访问控制器位于智能终端上。
在应用安全访问控制器启动后,用户可以根据实际应用软件的需要,选择智能终端中的全部应用软件或部分应用软件进行访问保护。
可选地,作为一种实施方式,首先,应用安全访问控制器获取当前智能终端上的全部应用软件,并生成应用软件列表,以供用户选择需要进行访问保护的应用软件。
用户可以根据实际需要,在应用软件列表中选择应用软件加入到应用安全访问控制器的保护列表中,或是选择应用安全访问控制器根据预设规则生成的默认保护列表。
其中,应用安全访问控制器根据预设规则生成的默认保护列表,可以是根据应用软件的使用频率或功能类别,可根据实际需要灵活设置,例如:根据当前智能终端中应用软件的使用热度选取热门应用软件生成默认保护列表,或是选择当前智能终端中的购物类、社交类、金融类应用软件生成默认保护列表。
在获取用户选择的受访问保护的应用软件后,应用安全访问控制器获取用户设置的受访问保护应用软件的访问密码。其中,用户可以分别对受访问保护应用软件进行访问密码设置,也可以统一对受访问保护应用软件进行访问密码设置,可根据实际需要灵活设置。
应用安全访问控制器提示用户对受访问保护应用软件设置访问密码,用户进行访问密码输入。
用户输入的访问密码可以是文字、图形、各种生物特征如指纹、声纹、眼纹等方式,可根据实际需要灵活设置。
在获取用户输入的访问密码后,应用安全访问控制器提示用户对访问密码进行二次确认,使用户再次进行访问密码输入。若用户两次输入的访问密码一致,则确认本次访问密码输入成功;若用户两次输入的访问密码不一致,则确认本次访问密码输入失败,提示用户重新输入访问密码。
由此,应用安全访问控制器获取用户输入的受访问保护应用软件的访问密码。
步骤S20、根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表。
在成功获取用户输入的访问密码后,首先,应用安全访问控制器根据预置的加密算法,将获取的访问密码进行计算加密,得到加密秘钥。加密秘钥以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
其中,预置的加密算法可以是对称加密算法、非对称加密算法或者其二者的结合,可根据实际需要灵活设置。在本实施例中,对称算法可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算得到与访问密码一致的解密密码;非对称算法可以实现使用加密算法对密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码。
由此,应用安全访问控制器得到受访问保护应用软件的加密秘钥。
然后,应用安全访问控制器将应用软件的加密秘钥存储在预先配置的关系表,并更新关系表。
需要说明的是,预先配置的关系表用于记录受访问保护的应用软件和对应的加密秘钥,支持用户同时设置多个应用软件的访问密码。
步骤S30、根据所述关系表加密所述应用软件。
在完成关系表的更新后,应用安全访问控制器根据应用软件,从关系表中获取对应的加密秘钥。
然后,应用安全访问控制器根据获取的加密秘钥,加密应用软件。
当用户或其他应用软件访问被加密的应用软件时,需进行解密,获得访问权限后,才能够访问被加密的应用软件,实现对应用软件的访问保护。
在本实施例中,应用安全访问控制器获取用户输入的受访问保护应用软件的访问密码;然后,根据预置的加密算法和访问密码,计算得到加密秘钥,并更新预先配置的关系表;然后根据关系表,加密受访问保护应用软件,实现了对智能终端应用软件的安全保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保证了智能终端和应用软件数据的安全性。
进一步的,参照图2,本发明应用加密方法第二实施例提供一种应用加密方法,基于上述图1所示的实施例,所述步骤S20包括:
步骤S21、根据预置的加密算法和所述访问密码,计算得到加密秘钥。
在获取用户输入的访问密码后,应用安全访问控制器根据预置的加密算法,将获取的访问密码进行计算加密,得到加密秘钥。
加密秘钥以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
其中,预置的加密算法可以是对称加密算法、非对称加密算法或者其二者的结合,可根据实际需要灵活设置。在本实施例中,对称算法可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算得到与访问密码一致的解密密码;非对称算法可以实现使用加密算法对密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码。
若用户分别设置各受访问保护应用软件的访问密码,则各受访问保护 应用软件的分别对应相应的访问密码加密后得到的加密秘钥;若用户统一设置各受访问保护应用软件的访问密码,则各受访问保护应用软件的加密秘钥相同,各受访问保护应用软件分别对应得到的加密秘钥。
由此,应用安全访问控制器得到受访问保护应用软件的加密秘钥。
步骤S22、获取所述受访问保护应用软件的识别信息。
应用安全访问控制器根据应用软件列表和用户选择的受访问保护应用软件,得到受访问保护应用软件的识别信息。
其中,应用软件的识别信息包括应用软件ID、应用软件名称等可以标识应用软件的信息,根据应用软件ID、应用软件名称可以查找或匹配到唯一对应的应用软件。
应用安全访问控制器将受访问保护应用软件的识别信息以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
步骤S23、记录所述受访问保护应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
应用安全访问控制器记录得到的受访问保护应用软件的识别信息和对应的加密秘钥,并建立其对应关系。
然后,将受访问保护应用软件的识别信息、对应的加密秘钥及其对应关系保存在预先配置的关系表中,更新关系表。每个受访问保护应用软件对应关系表中的一条记录。
需要说明的是,预先配置的关系表用于记录受访问保护的应用软件识别信息和对应的加密秘钥。
以获取的受访问保护应用软件的识别信息为应用软件ID、应用软件名称,进行举例说明。
该应用软件的识别信息在关系表中的记录信息包括三个字段值,参照图3,包括应用软件ID、应用软件名称和加密秘钥。
其中,字段值的字段名称分别为应用软件ID、应用软件名称和加密秘钥;应用软件ID的字段含义为受访问保护应用软件的通用唯一识别码(Universally Unique Identifier,简称为UUID)信息,应用软件名称的字段含义为受访问保护应用软件的名称,加密秘钥的字段含义为受访问保护应用软件的秘钥。三个字段值的字段类型均为字符串。
在本实施例中,应用安全访问控制器根据预置的加密算法和访问密码,计算得到加密秘钥;并获取受访问保护应用软件的识别信息;然后,记录受访问保护应用软件的识别信息和其加密秘钥的对应关系,并更新预先配置的关系表。本实施例中,获取应用软件的加密秘钥后,更新关系表中应用软件和加密秘钥的对应关系,并从关系表中获取加密秘钥对应用软件进行加密,实现了对应用软件加密秘钥的有序管理,统一管理智能终端中应用软件的加密秘钥,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
进一步的,参照图4,本发明应用加密方法第三实施例提供一种应用加密方法,基于上述图2所示的实施例,所述步骤S23包括:
步骤S231、根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥。
在获取受访问保护应用软件的识别信息后,根据预先配置的关系表,判断当前应用软件是否有对应的加密秘钥。
可选地,作为一种实施方式,根据应用软件的识别信息,查找关系表中是否有应用软件的识别信息和对应的加密秘钥的记录。
若关系表中无应用软件的识别信息和对应的加密秘钥的记录,则判定应用软件没有对应的加密秘钥;
若关系表中有应用软件的识别信息和对应的加密秘钥的记录,则判定应用软件已有对应的加密秘钥。
步骤S232、若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
若应用软件无对应的加密秘钥,应用安全访问控制器判定当前的密码设置为初始设置。
可选地,作为一种实施方式,应用安全访问控制器将当前获取的加密秘钥作为应用软件识别信息对应的加密秘钥,记录应用软件识别信息和加密秘钥的对应关系,并存储到关系表中。
然后,更新关系表,得到应用软件识别信息和加密秘钥的记录。
步骤S233、若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
若应用软件有对应的加密秘钥,应用安全访问控制器判定当前的密码设置为修改密码。
可选地,作为一种实施方式,首先,应用安全访问控制器提示用户输入解密密码,获取用户输入的解密信息。
然后,应用安全访问控制器根据关系表和用户输入的解密信息,对应用软件进行解密。
若解密成功,则应用安全访问控制器记录应用软件识别信息和当前获取的加密秘钥的对应关系,并更新记录表中应用软件的记录。由此,记录表中应用软件识别信息对应的加密秘钥,为根据用户当前输入的加密密码得到的加密秘钥。
若解密失败,若对当前应用软件解密失败,则提示用户密码错误或无 修改权限,用户可以再次输入密码进行解密。
在本实施例中,应用安全访问控制器根据预先配置的关系表和应用软件的识别信息,判断应用软件是否有对应的加密秘钥;若应用软件无对应的加密秘钥,则认为当前的密码设置为初始设置,记录应用软件的识别信息和加密秘钥的对应关系,并更新关系表;若应用软件有对应的加密秘钥,则认为当前的密码设置为修改密码,获取用户输入的解密信息对应用软件进行解密;解密成功后,记录应用软件的识别信息和加密秘钥的对应关系,并更新关系表。本实施例实现了用户修改应用软件的密码时,对用户进行鉴权,有效的保障了应用软件密码设置的安全性,保障了应用软件的访问安全。
参照图5,本发明应用访问方法第一实施例提供一种应用访问方法,所述应用访问方法包括:
步骤S40、获取访问应用软件输入的解密信息。
本发明实施例主要应用于智能终端的安全保护,通过应用安全访问控制器(Application Security Access Controller,简称为ASAC),实现对智能终端应用软件访问安全的管理。
在本实施例中,应用安全访问控制器位于智能终端上。
可选地,作为一种实施方式,当用户访问智能终端的应用软件时,应用安全访问控制器可以弹出显示界面,提示用户输入解密密码。
然后,获取用户输入的解密信息。用户输入的解密信息可以是文字、图形、各种生物特征如指纹、声纹、眼纹等方式,可根据实际需要灵活设置。
由此,应用安全访问控制器得到用户输入的解密信息。
步骤S50、根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密。
在获取用户输入的解密信息后,应用安全访问控制器根据预置的关系表对应用软件进行解密。
可选地,作为一种实施方式,首先,应用安全访问控制器查询预置的关系表,获取本次被访问应用软件的加密秘钥。
然后,应用安全访问控制器根据用户输入的解密信息和应用软件的加密秘钥,对本次被访问应用软件进行解密。
步骤S60、若解密成功,则允许本次对所述应用软件的访问。
若成功对本次被访问应用软件解密,则应用安全访问控制器允许本次对应用软件的访问。
可选地,作为一种实施方式,应用安全访问控制器可以控制打开本次被访问的应用软件,允许该应用软件被访问或调取。
应用安全访问控制器可以直接启动本次被访问的应用软件,并将显示界面跳转到本次被访问的应用软件,以供用户或其他应用软件进行后续的操作。
或者,应用安全访问控制器预设有允许访问时间,使得本次被访问应用软件在预设的时间内可以被直接访问或调用。例如,预设的允许访问时间为1分钟,则在应用软件成功被解锁之后的1分钟之内,用户可以不用输入解密密码直接访问该应用软件。预设的允许访问时间可根据实际需要灵活设置。
在本实施例中,应用安全访问控制器获取访问应用软件输入的解密信息;然后,根据预先配置的关系表获取应用软件的加密秘钥,并根据加密秘钥和解密信息对应用软件进行解密;若解密成功,则允许本次对该应用 软件的访问。本实施例实现了对智能终端中应用软件的访问保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图6,本发明应用访问方法第二实施例提供一种应用访问方法,基于上述图5所示的实施例,所述步骤S40之前还包括:
步骤S70、根据所述关系表判断所述应用软件是否受到访问保护。
受应用安全访问控制器保护的应用软件可以是智能终端中的全部应用软件,也可以是部分应用软件,可根据实际需要灵活设置。
在应用安全访问控制器启动后,若用户或其他应用软件访问、调用智能终端中的应用软件,则应用安全访问控制器判断被访问或调用的应用软件是否受到应用安全访问控制器的访问保护。
需要说明的是,应用安全访问控制器预先配置有关系表,记录了受应用安全访问控制器保护的应用软件和对应的加密秘钥。
其中,受应用安全访问控制器保护的应用软件使用识别信息标识不同的应用软件,通过应用软件的识别信息可以查找并匹配到唯一对应的应用软件。应用软件对应的加密秘钥,为对用户预先设置的本次被访问应用软件的密码进行加密得到。
可选地,作为一种实施方式,首先,应用安全访问控制器获取本次被访问应用软件的识别信息,例如应用软件ID、应用软件名称。
然后,应用安全访问控制器根据得到的识别信息,查询预置的关系表中是否有应用软件的记录。
若在预置的关系表中查找到本次被访问应用软件的识别信息和对应的加密秘钥,则判定本次被访问应用软件受到访问保护。
若在预置的关系表中未查找到本次被访问应用软件的识别信息和对 应的加密秘钥,则判定本次被访问应用软件未受到访问保护。
步骤S80、若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问;若所述应用软件受到访问保护,则转入执行步骤S40。
若本次被访问应用软件未受到访问保护,则应用安全访问控制器允许本次对应用软件的访问,用户及其他应用软件可直接访问或调用该应用软件。
若本次被访问应用软件受到访问保护,则应用安全访问控制器需要用户输入解密信息对应用软件进行解密,提示用户输入应用软件的解密信息,对应用软件进行解密。
在本实施例中,应用安全访问控制器根据预先配置的关系表根判断本次被访问的应用软件是否受到访问保护;若本次被访问应用软件未受到访问保护,则允许本次对应用软件的访问;若本次被访问应用软件受到访问保护,则获取用户输入的解密信息。本实施例通过预置的关系表,判断本次被访问应用软件是否受到访问保护,从而放行对未受到访问保护应用软件的访问,实现了对智能终端中应用软件的差异化管理,在保障应用软件的访问安全的同时,保证了用户使用的便捷性。
在一个可选的实施例中,参照图7,本发明应用访问方法第三实施例提供一种应用访问方法,基于上述图5或图6所示的实施例(本实施例以图5为例),所述步骤S50包括:
步骤S51、获取所述应用软件的识别信息。
若本次被访问应用软件受到访问保护,则应用安全访问控制器获取用户输入的本次被访问应用软件的解密信息后,根据用户选择的本次被访问应用软件,获取本次被访问应用软件的识别信息,例如应用软件ID、应 用软件名称。
步骤S52、根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥。
应用安全访问控制器根据本次被访问应用软件的识别信息,在预先配置的关系表中,查找识别信息匹配的应用软件记录。
然后,根据查找到的应用软件记录,获取与本次被访问应用软件识别信息对应的加密秘钥。
由此,应用安全访问控制器得到本次被访问应用软件的加密秘钥。
步骤S53、根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,应用安全访问控制器对本次被访问应用软件进行解密。
可选地,作为一种实施方式,首先,应用安全访问控制器根据预置的加密算法对解密信息进行加密计算,得到解密秘钥。
然后,根据得到的解密秘钥,与本次被访问应用软件的加密秘钥进行匹配。若解密秘钥的字符串与加密秘钥的字符串完全一致,则本次解密成功;若解密秘钥的字符串与加密秘钥的字符串不一致,则本次解密不成功。
作为另一种实施方式,首先,应用安全访问控制器根据预置的解密算法解算本次被访问应用软件的加密秘钥,得到解密密码。
然后,根据解算得到的解密密码,与用户输入的解密信息进行匹配。若解算得到的解密密码与用户输入的解密信息完全一致,则本次解密成功;若解算得到的解密密码与用户输入的解密信息不一致,则本次解密不成功。
在本实施例中,若本次被访问应用软件受到访问保护,则应用安全访 问控制器获取本次被访问应用软件的识别信息和用户输入的解密信息;根据预置的关系表和本次被访问应用软件的识别信息,获取本次被访问应用软件的加密秘钥;然后,根据用户输入的解密信息和本次被访问应用软件的加密秘钥,对本次被访问应用软件进行解密。本实施例对于受到访问保护的应用软件,需用户输入解密密码进行解密,成功解密后允许访问应用软件,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图8,本发明应用访问方法第四实施例提供一种应用访问方法,基于上述图7所示的实施例,所述步骤S53包括:
步骤S531、根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,对本次被访问应用软件进行解密。
若预置的加密算法为非对称算法,可以实现使用加密算法对访问密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码,例如:消息摘要算法第五版(Message Digest Algorithm 5,简称为md5),易于计算,抗修改性强。
可选地,作为一种实施方式,首先,应用安全访问控制器根据预置的加密算法对解密信息进行加密计算,得到解密秘钥。解密秘钥的字段类型与加密秘钥的字段类型相同,可以是字符串。
步骤S532、检验所述解密秘钥与所述加密秘钥是否匹配。
在获取解密秘钥后,应用安全访问控制器校验得到的解密秘钥,与本次被访问应用软件的加密秘钥进行匹配。
若解密秘钥的字符串与加密秘钥的字符串完全一致,则判定解密秘钥 与本次被访问应用软件的加密秘钥匹配;若解密秘钥的字符串与加密秘钥的字符串不一致,则判定解密秘钥与本次被访问应用软件的加密秘钥不匹配。
步骤S533、若所述解密秘钥与所述加密秘钥匹配,则解密成功。
若解密秘钥与本次被访问应用软件的加密秘钥匹配,则应用安全访问控制器判定用户输入的解密信息为正确的访问密码,本次对应用软件的解密成功。
在本实施例中,应用安全访问控制器根据预置的加密算法对用户输入的解密信息进行加密计算,得到解密秘钥;然后,检验计算得到的解密秘钥与本次被访问应用软件的加密秘钥是否匹配;若解密秘钥与本次被访问应用软件的加密秘钥匹配,则本次对应用软件的解密成功。本实施例对于受到访问保护的应用软件,需用户输入解密信息进行解密,使用加密算法提高密码保护的安全强度,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图9,本发明应用访问方法第五实施例提供一种能终端安全保护方法,基于上述图7所示的实施例,所述步骤S53包括:
步骤S534、根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,对本次被访问应用软件进行解密。
若预置的加密算法为对称算法,可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算,得到与访问密 码一致的解密密码。预置的加密算法与预置的解密算法对称。
可选地,作为一种实施方式,首先,应用安全访问控制器根据预置的解密算法,对本次被访问应用软件的加密秘钥进行解算,得到解密密码。
步骤S535、校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配。
在对本次被访问应用软件的加密秘钥进行解算得到解密密码后,应用安全访问控制器校验解算得到的解密密码,与用户输入的解密信息进行匹配。
若用户输入的解密信息与解算得到的解密密码完全一致,则判定用户输入的解密信息与解算得到的解密密码匹配;若用户输入的解密信息与解算得到的解密密码不一致,则判定用户输入的解密信息与解算得到的解密密码不匹配。
步骤S536、若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
若用户输入的解密信息与解算得到的解密密码匹配,则应用安全访问控制器判定用户输入的解密信息为正确的访问密码,本次对应用软件的解密成功。
在本实施例中,应用安全访问控制器根据预置的解密算法解算本次被访问应用软件的加密秘钥,得到本次被访问应用软件的解密密码,预置的解密算法与加密算法对称;校验用户输入的解密信息与解算得到的解密密码是否匹配;若用户输入的解密信息与解算得到的解密密码匹配,则本次被访问应用软件的解密成功。本实施例对于受到访问保护的应用软件,需用户输入解密密码进行解密,使用加密算法提高密码保护的安全强度,保 障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图10,本发明应用访问方法第六实施例提供一种应用访问方法,基于上述图5或图6所示的实施例(本实施例以图5为例),所述步骤S50之后,还包括:
步骤S90、若解密失败,则禁止本次对所述应用软件的访问。
若用户输入的解密信息未成功解密本次被访问应用,则应用安全访问控制器禁止本次对应用软件的访问。
可选地,作为一种实施方式,应用安全访问控制器可以提示用户密码错误或无访问权限,通知用户禁止本次访问。
用户可以再次输入解密信息,对应用软件进行解锁。
若在预设的时间内,用户解密同一应用软件的失败次数超过预设的阈值,则应用安全访问控制器锁定当前被访问应用软件。并且,应用安全访问控制器控制在预设的时间之内对当前应用软件进行锁定,不允许对当前应用软件的解密操作。
在本实施例中,若对本次被访问应用软件的解密失败,则应用安全访问控制器禁止本次对应用软件的访问。本实施例实现了对智能终端中应用软件的访问保护,过滤对应用软件的非法访问,统一管理智能终端中应用软件访问权限,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
参照图11,本发明应用加密装置第一实施例提供一种应用加密装置,所述应用加密装置包括:
采集模块100,设置为获取输入的受访问保护应用软件的访问密码。
本发明实施例主要应用于智能终端的安全保护,通过应用加密装置, 实现对智能终端应用软件的加密管理。
在本实施例中,应用加密装置位于智能终端上。
在应用加密装置启动后,用户可以根据实际应用软件的需要,选择智能终端中的全部应用软件或部分应用软件进行访问保护。
具体的,作为一种实施方式,首先,采集模块100获取当前智能终端上的全部应用软件,并生成应用软件列表,以供用户选择需要进行访问保护的应用软件。
用户可以根据实际需要,在应用软件列表中选择应用软件加入到采集模块100的保护列表中,或是选择采集模块100根据预设规则生成的默认保护列表。
其中,采集模块100根据预设规则生成的默认保护列表,可以是根据应用软件的使用频率或功能类别,可根据实际需要灵活设置,例如:根据当前智能终端中应用软件的使用热度选取热门应用软件生成默认保护列表,或是选择当前智能终端中的购物类、社交类、金融类应用软件生成默认保护列表。
在获取用户选择的受访问保护的应用软件后,采集模块100获取用户设置的受访问保护应用软件的访问密码。其中,用户可以分别对受访问保护应用软件进行访问密码设置,也可以统一对受访问保护应用软件进行访问密码设置,可根据实际需要灵活设置。
采集模块100提示用户对受访问保护应用软件设置访问密码,用户进行访问密码输入。
用户输入的访问密码可以是文字、图形、各种生物特征如指纹、声纹、眼纹等方式,可根据实际需要灵活设置。
在获取用户输入的访问密码后,采集模块100提示用户对访问密码进行二次确认,使用户再次进行访问密码输入。若用户两次输入的访问密码一致,则确认本次访问密码输入成功;若用户两次输入的访问密码不一致,则确认本次访问密码输入失败,提示用户重新输入访问密码。
由此,采集模块100获取用户输入的受访问保护应用软件的访问密码。
秘钥模块200,设置为根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表。
在成功获取用户输入的访问密码后,首先,秘钥模块200根据预置的加密算法,将获取的访问密码进行计算加密,得到加密秘钥。加密秘钥以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
其中,预置的加密算法可以是对称加密算法、非对称加密算法或者其二者的结合,可根据实际需要灵活设置。在本实施例中,对称算法可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算得到与访问密码一致的解密密码;非对称算法可以实现使用加密算法对密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码。
由此,秘钥模块200得到受访问保护应用软件的加密秘钥。
然后,秘钥模块200将应用软件的加密秘钥存储在预先配置的关系表,并更新关系表。
需要说明的是,预先配置的关系表用于记录受访问保护的应用软件和对应的加密秘钥,支持用户同时设置多个应用软件的访问密码。
加密模块300,设置为根据所述关系表加密所述应用软件。
在完成关系表的更新后,加密模块300根据应用软件,从关系表中获取对应的加密秘钥。
然后,加密模块300根据获取的加密秘钥,加密应用软件。
当用户或其他应用软件访问被加密的应用软件时,需进行解密,获得访问权限后,才能够访问被加密的应用软件,实现对应用软件的访问保护。
在本实施例中,采集模块100获取用户输入的受访问保护应用软件的访问密码;然后,秘钥模块200根据预置的加密算法和访问密码,计算得到加密秘钥,并更新预先配置的关系表;然后加密模块300根据关系表,加密受访问保护应用软件,实现了对智能终端应用软件的安全保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图12,本发明应用加密装置第二实施例提供一种应用加密装置,基于上述图11所示的实施例,所述秘钥模块200包括:
计算单元210,设置为根据预置的加密算法和所述访问密码,计算得到加密秘钥。
在获取用户输入的访问密码后,计算单元210根据预置的加密算法,将获取的访问密码进行计算加密,得到加密秘钥。
加密秘钥以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
其中,预置的加密算法可以是对称加密算法、非对称加密算法或者其二者的结合,可根据实际需要灵活设置。在本实施例中,对称算法可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算得到与访问密码一致的解密密码;非对称算法可以实现使用加密算法对密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码。
若用户分别设置各受访问保护应用软件的访问密码,则各受访问保护应用软件的分别对应相应的访问密码加密后得到的加密秘钥;若用户统一设置各受访问保护应用软件的访问密码,则各受访问保护应用软件的加密秘钥相同,各受访问保护应用软件分别对应得到的加密秘钥。
由此,计算单元210得到受访问保护应用软件的加密秘钥。
第一识别单元220,设置为获取所述应用软件的识别信息。
第一识别单元220根据应用软件列表和用户选择的受访问保护应用软件,得到受访问保护应用软件的识别信息。
其中,应用软件的识别信息包括应用软件ID、应用软件名称等可以标识应用软件的信息,根据应用软件ID、应用软件名称可以查找或匹配到唯一对应的应用软件。
第一识别单元220将受访问保护应用软件的识别信息以字段进行存储,字段类型可以是字符串,也可以是其他类型,可根据实际需要灵活设置。
更新单元230,设置为记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
更新单元230记录得到的受访问保护应用软件的识别信息和对应的加密秘钥,并建立其对应关系。
然后,将受访问保护应用软件的识别信息、对应的加密秘钥及其对应关系保存在预先配置的关系表中,更新关系表。每个受访问保护应用软件对应关系表中的一条记录。
需要说明的是,预先配置的关系表用于记录受访问保护的应用软件识别信息和对应的加密秘钥。
以获取的受访问保护应用软件的识别信息为应用软件ID、应用软件名称,进行举例说明。
该应用软件的识别信息在关系表中的记录信息包括三个字段值,参照图3,包括应用软件ID、应用软件名称和加密秘钥。
其中,字段值的字段名称分别为应用软件ID、应用软件名称和加密秘钥;应用软件ID的字段含义为受访问保护应用软件的通用唯一识别码 (Universally Unique Identifier,简称为UUID)信息,应用软件名称的字段含义为受访问保护应用软件的名称,加密秘钥的字段含义为受访问保护应用软件的秘钥。三个字段值的字段类型均为字符串。
在本实施例中,计算单元210根据预置的加密算法和访问密码,计算得到加密秘钥;第一识别单元220获取受访问保护应用软件的识别信息;然后,更新单元230记录受访问保护应用软件的识别信息和其加密秘钥的对应关系,并更新预先配置的关系表。本实施例中,获取应用软件的加密秘钥后,更新关系表中应用软件和加密秘钥的对应关系,并从关系表中获取加密秘钥对应用软件进行加密,实现了对应用软件加密秘钥的有序管理,统一管理智能终端中应用软件的加密秘钥,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图13,本发明应用加密装置第三实施例提供一种应用加密装置,基于上述图12所示的实施例,所述更新单元230包括:
判断子单元231,设置为根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥。
在获取受访问保护应用软件的识别信息后,根据预先配置的关系表,判断子单元231判断当前应用软件是否有对应的加密秘钥。
可选地,作为一种实施方式,根据应用软件的识别信息,判断子单元231查找关系表中是否有应用软件的识别信息和对应的加密秘钥的记录。
若关系表中无应用软件的识别信息和对应的加密秘钥的记录,则判断子单元231判定应用软件没有对应的加密秘钥;
若关系表中有应用软件的识别信息和对应的加密秘钥的记录,则判断子单元231判定应用软件已有对应的加密秘钥。
更新子单元232,设置为若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表;若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
若应用软件无对应的加密秘钥,更新子单元232判定当前的密码设置为初始设置。
可选的,作为一种实施方式,更新子单元232将当前获取的加密秘钥作为应用软件识别信息对应的加密秘钥,记录应用软件识别信息和加密秘钥的对应关系,并存储到关系表中。
然后,更新关系表,得到应用软件识别信息和加密秘钥的记录。
若应用软件有对应的加密秘钥,更新子单元232判定当前的密码设置为修改密码。
可选的,作为一种实施方式,首先,更新子单元232提示用户输入解密密码,获取用户输入的解密信息。
然后,更新子单元232根据关系表和用户输入的解密信息,对应用软件进行解密。
若解密成功,则更新子单元232记录应用软件识别信息和当前获取的加密秘钥的对应关系,并更新记录表中应用软件的记录。由此,记录表中应用软件识别信息对应的加密秘钥,为根据用户当前输入的加密密码得到的加密秘钥。
若解密失败,若对当前应用软件解密失败,则提示用户密码错误或无修改权限,用户可以再次输入密码进行解密。
在本实施例中,判断子单元231根据预先配置的关系表和应用软件的 识别信息,判断应用软件是否有对应的加密秘钥;若应用软件无对应的加密秘钥,则更新子单元232认为当前的密码设置为初始设置,记录应用软件的识别信息和加密秘钥的对应关系,并更新关系表;若应用软件有对应的加密秘钥,则更新子单元232认为当前的密码设置为修改密码,获取用户输入的解密信息对应用软件进行解密;解密成功后,记录应用软件的识别信息和加密秘钥的对应关系,并更新关系表。本实施例实现了用户修改应用软件的密码时,对用户进行鉴权,有效的保障了应用软件密码设置的安全性,保障了应用软件的访问安全。
参照图14,本发明应用访问装置第一实施例提供一种应用访问装置,所述应用访问装置包括:
获取模块400,设置为获取访问应用软件输入的解密信息。
本发明实施例主要应用于智能终端的安全保护,通过应用访问装置,实现对智能终端应用软件访问安全的管理。
在本实施例中,应用访问装置位于智能终端上。
可选地,作为一种实施方式,当用户访问智能终端的应用软件时,获取模块400可以弹出显示界面,提示用户输入解密密码。
然后,获取用户输入的解密信息。用户输入的解密信息可以是文字、图形、生物特征如指纹等,可根据实际需要灵活设置。
由此,获取模块400得到用户输入的解密信息。
解密模块500,设置为根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密
在获取用户输入的解密信息后,解密模块500根据预置的关系表对应用软件进行解密。
可选地,作为一种实施方式,首先,解密模块500查询预置的关系表, 获取本次被访问应用软件的加密秘钥。
然后,解密模块500根据用户输入的解密信息和应用软件的加密秘钥,对本次被访问应用软件进行解密。
访问模块600,设置为若解密成功,则允许本次对所述应用软件的访问。
若解密模块500成功对本次被访问应用软件解密,则访问模块600允许本次对应用软件的访问。
可选地,作为一种实施方式,访问模块600可以控制打开本次被访问的应用软件,允许该应用软件被访问或调取。
访问模块600可以直接启动本次被访问的应用软件,并将显示界面跳转到本次被访问的应用软件,以供用户或其他应用软件进行后续的操作。
或者,访问模块600预设有允许访问时间,使得本次被访问应用软件在预设的时间内可以被直接访问或调用。例如,预设的允许访问时间为1分钟,则在应用软件成功被解锁之后的1分钟之内,用户可以不用输入解密密码直接访问该应用软件。预设的允许访问时间可根据实际需要灵活设置。
在本实施例中,获取模块400获取用户访问应用软件输入的解密信息;然后,解密模块500根据预先配置的关系表获取应用软件的加密秘钥,并根据加密秘钥和解密信息对应用软件进行解密;若解密成功,则访问模块600允许本次对该应用软件的访问。本实施例实现了对智能终端中应用软件的访问保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图15,本发明应用访问装置第二实施例 提供一种应用访问装置,基于上述图14所示的实施例,所述应用访问装置还包括:
鉴权模块700,设置为根据所述关系表判断所述应用软件是否受到访问保护。
受应用访问装置保护的应用软件可以是智能终端中的全部应用软件,也可以是部分应用软件,可根据实际需要灵活设置。
在应用访问装置启动后,若用户或其他应用软件访问、调用智能终端中的应用软件,则鉴权模块700判断被访问或调用的应用软件是否受到访问保护。
需要说明的是,应用访问装置预先配置有关系表,记录了受应用访问装置保护的应用软件和对应的加密秘钥。
其中,受应用访问装置保护的应用软件使用识别信息标识不同的应用软件,通过应用软件的识别信息可以查找并匹配到唯一对应的应用软件。应用软件对应的加密秘钥,为对用户预先设置的本次被访问应用软件的密码进行加密得到。
可选地,作为一种实施方式,首先,鉴权模块700获取本次被访问应用软件的识别信息,例如应用软件ID、应用软件名称。
然后,鉴权模块700根据得到的识别信息,查询预置的关系表中是否有应用软件的记录。
若在预置的关系表中查找到本次被访问应用软件的识别信息和对应的加密秘钥,则判定本次被访问应用软件受到访问保护。
若在预置的关系表中未查找到本次被访问应用软件的识别信息和对应的加密秘钥,则判定本次被访问应用软件未受到访问保护。
所述访问模块600,还设置为若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问。
若本次被访问应用软件未受到访问保护,则访问模块600允许本次对应用软件的访问,用户及其他应用软件可直接访问或调用该应用软件。
所述获取模块400,还设置为若所述应用软件受到访问保护,则获取访问应用软件输入的解密信息。
若本次被访问应用软件受到访问保护,则获取模块400需要用户输入解密信息对应用软件进行解密,提示用户输入应用软件的解密信息,对应用软件进行解密。
在本实施例中,鉴权模块700根据预先配置的关系表根判断本次被访问的应用软件是否受到访问保护;若本次被访问应用软件未受到访问保护,则访问模块600允许本次对应用软件的访问;若本次被访问应用软件受到访问保护,则获取模块400获取用户输入的解密信息。本实施例通过预置的关系表,判断本次被访问应用软件是否受到访问保护,从而放行对未受到访问保护应用软件的访问,实现了对智能终端中应用软件的差异化管理,在保障应用软件的访问安全的同时,保证了用户使用的便捷性。
在一个可选的实施例中,参照图16,本发明应用访问装置第三实施例提供一种应用访问装置,基于上述图14或15所示的实施例(本实施例以图14为例),所述解密模块500包括:
第二识别单元510,设置为获取所述应用软件的识别信息。
若本次被访问应用软件受到访问保护,则获取模块400获取用户输入的本次被访问应用软件的解密信息后,第二识别单元510根据用户选择的本次被访问应用软件,获取本次被访问应用软件的识别信息,例如应用软件ID、应用软件名称。
秘钥单元520,设置为根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥。
秘钥单元520根据本次被访问应用软件的识别信息,在预先配置的关系表中,查找识别信息匹配的应用软件记录。
然后,根据查找到的应用软件记录,获取与本次被访问应用软件识别信息对应的加密秘钥。
由此,秘钥单元520得到本次被访问应用软件的加密秘钥。
解密单元530,设置为根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,解密单元530对本次被访问应用软件进行解密。
可选地,作为一种实施方式,首先,解密单元530根据预置的加密算法对解密信息进行加密计算,得到解密秘钥。
然后,根据得到的解密秘钥,与本次被访问应用软件的加密秘钥进行匹配。若解密秘钥的字符串与加密秘钥的字符串完全一致,则本次解密成功;若解密秘钥的字符串与加密秘钥的字符串不一致,则本次解密不成功。
作为另一种实施方式,首先,解密单元530根据预置的解密算法解算本次被访问应用软件的加密秘钥,得到解密密码。
然后,根据解算得到的解密密码,与用户输入的解密信息进行匹配。若解算得到的解密密码与用户输入的解密信息完全一致,则本次解密成功;若解算得到的解密密码与用户输入的解密信息不一致,则本次解密不成功。
在本实施例中,若本次被访问应用软件受到访问保护,则第二识别单元510获取本次被访问应用软件的识别信息和用户输入的解密信息;秘钥单元520根据预置的关系表和本次被访问应用软件的识别信息,获取本次 被访问应用软件的加密秘钥;然后,解密单元530根据用户输入的解密信息和本次被访问应用软件的加密秘钥,对本次被访问应用软件进行解密。本实施例对于受到访问保护的应用软件,需用户输入解密密码进行解密,成功解密后允许访问应用软件,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图17,本发明应用访问装置第四实施例提供一种应用访问装置,基于上述图16所示的实施例,所述解密单元530包括:
加密子单元531,设置为根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,加密子单元531对本次被访问应用软件进行解密。
若预置的加密算法为非对称算法,可以实现使用加密算法对密码进行加密得到加密秘钥,但不能对加密秘钥解算得到解密密码,例如:消息摘要算法第五版(Message Digest Algorithm 5,简称为md5),易于计算,抗修改性强。
可选地,作为一种实施方式,首先,加密子单元531根据预置的加密算法对解密信息进行加密计算,得到解密秘钥。解密秘钥的字段类型与加密秘钥的字段类型相同,可以是字符串。
第一校验子单元532,设置为检验所述解密秘钥与所述加密秘钥是否匹配;若所述解密秘钥与所述加密秘钥匹配,则解密成功。
在获取解密秘钥后,第一校验子单元532校验得到的解密秘钥,与本次被访问应用软件的加密秘钥进行匹配。
若解密秘钥的字符串与加密秘钥的字符串完全一致,则第一校验子单 元532判定解密秘钥与本次被访问应用软件的加密秘钥匹配;若解密秘钥的字符串与加密秘钥的字符串不一致,则第一校验子单元532判定解密秘钥与本次被访问应用软件的加密秘钥不匹配。
若解密秘钥与本次被访问应用软件的加密秘钥匹配,则第一校验子单元532判定用户输入的解密信息为正确的访问密码,本次对应用软件的解密成功。
在本实施例中,加密子单元531根据预置的加密算法对用户输入的解密信息进行加密计算,得到解密秘钥;然后,第一校验子单元532检验计算得到的解密秘钥与本次被访问应用软件的加密秘钥是否匹配,若解密秘钥与本次被访问应用软件的加密秘钥匹配,则本次对应用软件的解密成功。本实施例对于受到访问保护的应用软件,需用户输入解密信息进行解密,使用加密算法提高密码保护的安全强度,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图18,本发明应用访问装置第五实施例提供一种应用访问装置,基于上述图16所示的实施例,所述解密单元530还包括:
解密子单元533,设置为根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称。
在得到本次被访问应用软件的加密秘钥和用户输入的解密信息后,解密子单元533对本次被访问应用软件进行解密。
若预置的加密算法为对称算法,可以实现使用加密算法对访问密码进行加密得到加密秘钥,使用解密算法对加密秘钥进行解算,得到与访问密码一致的解密密码。预置的加密算法与预置的解密算法对称。
可选地,作为一种实施方式,首先,解密子单元533根据预置的解密算法,对本次被访问应用软件的加密秘钥进行解算,得到解密密码。
第二校验子单元534,设置为校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配;若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
在对本次被访问应用软件的加密秘钥进行解算得到解密密码后,第二校验子单元534校验解算得到的解密密码,与用户输入的解密信息进行匹配。
若用户输入的解密信息与解算得到的解密密码完全一致,则第二校验子单元534判定用户输入的解密信息与解算得到的解密密码匹配;若用户输入的解密信息与解算得到的解密密码不一致,则第二校验子单元534判定用户输入的解密信息与解算得到的解密密码不匹配。
若用户输入的解密信息与解算得到的解密密码匹配,则第二校验子单元534判定用户输入的解密信息为正确的访问密码,本次对应用软件的解密成功。
在本实施例中,解密子单元533根据预置的解密算法解算本次被访问应用软件的加密秘钥,得到本次被访问应用软件的解密密码,预置的解密算法与加密算法对称;第二校验子单元534校验用户输入的解密信息与解算得到的解密密码是否匹配,若用户输入的解密信息与解算得到的解密密码匹配,则本次被访问应用软件的解密成功。本实施例对于受到访问保护的应用软件,需用户输入解密密码进行解密,使用加密算法提高密码保护的安全强度,保障了应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
在一个可选的实施例中,参照图19,本发明应用访问装置第六实施例提供一种应用访问装置,基于上述图14或15所示的实施例(本实施例以图14为例),所述应用访问装置还包括:
禁止模块800,设置为若解密失败,则禁止本次对所述应用软件的访问。
若用户输入的解密信息未成功解密本次被访问应用,则禁止模块800禁止本次对应用软件的访问。
可选地,作为一种实施方式,禁止模块800可以提示用户密码错误或无访问权限,通知用户禁止本次访问。
用户可以再次输入解密密码,对应用软件进行解锁。
若在预设的时间内,解密同一应用软件的失败次数超过预设的阈值,则禁止模块800锁定当前被访问应用软件。并且,禁止模块800控制在预设的时间之内对当前应用软件进行锁定,不允许对当前应用软件的解密操作。
在本实施例中,若对本次被访问应用软件的解密失败,则禁止模块800禁止本次对应用软件的访问。本实施例实现了对智能终端中应用软件的访问保护,过滤对应用软件的非法访问,统一管理智能终端中应用软件访问权限,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。
本发明的实施例还提供了一种存储介质。可选地,在本实施例中,上述存储介质中存储有执行指令,该执行指令用于执行上述的方法。
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(Read-Only Memory,简称为ROM)、随机存取存储器(Random Access Memory,简称为RAM)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。
以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。
工业实用性
如上所述,本发明实施例提供的一种应用加密方法、装置和应用访问方法、装置具有以下有益效果:实现了对智能终端中应用软件的加密和访问保护,统一管理智能终端中应用软件访问权限,过滤非法访问,保障应用软件的访问安全,保证了智能终端和应用软件数据的安全性。

Claims (18)

  1. 一种应用加密方法,所述应用加密方法包括:
    获取输入的受访问保护应用软件的访问密码;
    根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表;
    根据所述关系表加密所述应用软件。
  2. 如权利要求1所述的应用加密方法,其中,所述根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表的步骤包括:
    根据预置的加密算法和所述访问密码,计算得到加密秘钥;
    获取所述应用软件的识别信息;
    记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
  3. 如权利要求2所述的应用加密方法,其中,所述记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表的步骤包括:
    根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥;
    若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表;
    若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
  4. 一种应用访问方法,所述应用访问方法包括以下步骤:
    获取访问应用软件输入的解密信息;
    根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密;
    若解密成功,则允许本次对所述应用软件的访问。
  5. 如权利要求4所述的应用访问方法,其中,所述获取访问应用软件输入的解密信息的步骤之前,还包括:
    根据所述关系表判断所述应用软件是否受到访问保护;
    若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问;
    若所述应用软件受到访问保护,则转入执行步骤:获取访问应用软件输入的解密信息。
  6. 如权利要求4或5所述的应用访问方法,其中,所述根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密的步骤包括:
    获取所述应用软件的识别信息;
    根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥;
    根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
  7. 如权利要求6所述的应用访问方法,其中,所述根据所述加密秘钥和所述解密信息,对所述应用软件进行解密的步骤包括:
    根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥;
    检验所述解密秘钥与所述加密秘钥是否匹配;
    若所述解密秘钥与所述加密秘钥匹配,则解密成功。
  8. 如权利要求6所述的应用访问方法,其中,所述根据所述加 密秘钥和所述解密信息,对所述应用软件进行解密的步骤还包括:
    根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称;
    校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配;
    若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
  9. 如权利要求4或5所述的应用访问方法,其中,所述若解密成功,则允许本次对所述应用软件的访问的步骤之后,还包括:
    若解密失败,则禁止本次对所述应用软件的访问。
  10. 一种应用加密装置,所述应用加密装置包括:
    采集模块,设置为获取输入的受访问保护应用软件的访问密码;
    秘钥模块,设置为根据预置的加密算法和所述访问密码计算得到加密秘钥,并根据所述加密秘钥更新预先配置的关系表;
    加密模块,设置为根据所述关系表加密所述应用软件。
  11. 如权利要求10所述的应用加密装置,其中,所述秘钥模块包括:
    计算单元,设置为根据预置的加密算法和所述访问密码,计算得到加密秘钥;
    第一识别单元,设置为获取所述应用软件的识别信息;
    更新单元,设置为记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新预先配置的关系表。
  12. 如权利要求11所述的应用加密装置,其中,所述更新单元包括:
    判断子单元,设置为根据预先配置的关系表和所述应用软件的识别信息,判断所述应用软件是否有对应的加密秘钥;
    更新子单元,设置为若所述应用软件无对应的加密秘钥,则记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表;若所述应用软件有对应的加密秘钥,则获取输入的解密信息对所述应用软件进行解密;解密成功后,记录所述应用软件的识别信息和所述加密秘钥的对应关系,并更新所述关系表。
  13. 一种应用访问装置,所述应用访问装置包括:
    获取模块,设置为获取访问应用软件输入的解密信息;
    解密模块,设置为根据预先配置的关系表获取所述应用软件的加密秘钥,并根据所述加密秘钥和所述解密信息对所述应用软件进行解密;
    访问模块,设置为若解密成功,则允许本次对所述应用软件的访问。
  14. 如权利要求13所述的应用访问装置,其中,所述应用访问装置还包括:
    鉴权模块,设置为根据所述关系表判断所述应用软件是否受到访问保护;
    所述访问模块,还设置为若所述应用软件未受到访问保护,则允许本次对所述应用软件的访问;
    所述获取模块,还设置为若所述应用软件受到访问保护,则获取访问应用软件输入的解密信息。
  15. 如权利要求13或14所述的应用访问装置,其中,所述解密模块包括:
    第二识别单元,设置为获取所述应用软件的识别信息;
    秘钥单元,设置为根据预先配置的关系表和所述应用软件的识别信息,获取所述应用软件的加密秘钥;
    解密单元,设置为根据所述加密秘钥和所述解密信息,对所述应用软件进行解密。
  16. 如权利要求15所述的应用访问装置,其中,所述解密单元包括:
    加密子单元,设置为根据预置的加密算法对所述用户输入的解密信息进行加密计算,得到解密秘钥;
    第一校验子单元,设置为检验所述解密秘钥与所述加密秘钥是否匹配;若所述解密秘钥与所述加密秘钥匹配,则解密成功。
  17. 如权利要求15所述的应用访问装置,其中,所述解密单元还包括:
    解密子单元,设置为根据预置的解密算法解算所述加密秘钥,得到所述应用软件的解密密码,所述解密算法与所述加密算法对称;
    第二校验子单元,设置为校验所述用户输入的解密信息与所述解算得到的解密密码是否匹配;若所述用户输入的解密信息与所述解算得到的解密密码匹配,则解密成功。
  18. 如权利要求13或14所述的应用访问装置,其中,所述应用访问装置还包括:
    禁止模块,设置为若解密失败,则禁止本次对所述应用软件的访问。
PCT/CN2016/101928 2015-12-03 2016-10-12 应用加密方法、装置和应用访问方法、装置 WO2017092507A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510885145.9A CN106845264A (zh) 2015-12-03 2015-12-03 应用加密方法、装置和应用访问方法、装置
CN201510885145.9 2015-12-03

Publications (1)

Publication Number Publication Date
WO2017092507A1 true WO2017092507A1 (zh) 2017-06-08

Family

ID=58796228

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/101928 WO2017092507A1 (zh) 2015-12-03 2016-10-12 应用加密方法、装置和应用访问方法、装置

Country Status (2)

Country Link
CN (1) CN106845264A (zh)
WO (1) WO2017092507A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111797430A (zh) * 2020-06-30 2020-10-20 平安国际智慧城市科技股份有限公司 数据校验方法、装置、服务器及存储介质
CN112084537A (zh) * 2020-09-02 2020-12-15 英博超算(南京)科技有限公司 一种jtag保护机制

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022264170A1 (en) * 2021-06-17 2022-12-22 Jupitice Justice Technologies Pvt Ltd A method and a device for securing access to an application

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102938032A (zh) * 2012-10-17 2013-02-20 中兴通讯股份有限公司 一种对通讯终端上应用程序加、解密的方法、系统和终端
US20130227702A1 (en) * 2012-02-27 2013-08-29 Yong Deok JUN System and method for syntagmatically managing and operating certification using anonymity code and quasi-public syntagmatic certification center
CN104102858A (zh) * 2013-04-07 2014-10-15 中兴通讯股份有限公司 应用程序加密处理方法、装置和终端
CN104144411A (zh) * 2013-05-08 2014-11-12 中兴通讯股份有限公司 加密、解密终端及应用于终端的加密和解密方法
CN104202744A (zh) * 2014-08-14 2014-12-10 腾讯科技(深圳)有限公司 一种智能终端的操作认证方法、终端及系统
CN104363094A (zh) * 2014-10-30 2015-02-18 广东欧珀移动通信有限公司 一种认证应用程序用户身份的方法、装置和系统

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130227702A1 (en) * 2012-02-27 2013-08-29 Yong Deok JUN System and method for syntagmatically managing and operating certification using anonymity code and quasi-public syntagmatic certification center
CN102938032A (zh) * 2012-10-17 2013-02-20 中兴通讯股份有限公司 一种对通讯终端上应用程序加、解密的方法、系统和终端
CN104102858A (zh) * 2013-04-07 2014-10-15 中兴通讯股份有限公司 应用程序加密处理方法、装置和终端
CN104144411A (zh) * 2013-05-08 2014-11-12 中兴通讯股份有限公司 加密、解密终端及应用于终端的加密和解密方法
CN104202744A (zh) * 2014-08-14 2014-12-10 腾讯科技(深圳)有限公司 一种智能终端的操作认证方法、终端及系统
CN104363094A (zh) * 2014-10-30 2015-02-18 广东欧珀移动通信有限公司 一种认证应用程序用户身份的方法、装置和系统

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111797430A (zh) * 2020-06-30 2020-10-20 平安国际智慧城市科技股份有限公司 数据校验方法、装置、服务器及存储介质
CN111797430B (zh) * 2020-06-30 2023-10-03 平安国际智慧城市科技股份有限公司 数据校验方法、装置、服务器及存储介质
CN112084537A (zh) * 2020-09-02 2020-12-15 英博超算(南京)科技有限公司 一种jtag保护机制
CN112084537B (zh) * 2020-09-02 2023-09-08 英博超算(南京)科技有限公司 一种jtag调试系统

Also Published As

Publication number Publication date
CN106845264A (zh) 2017-06-13

Similar Documents

Publication Publication Date Title
TWI684890B (zh) 使用憑證導出之加密密鑰改良韌體服務安全性的計算裝置之系統及方法
US9740849B2 (en) Registration and authentication of computing devices using a digital skeleton key
JP4892470B2 (ja) 汎用認識システムおよび汎用認識方法
EP2731043B1 (en) Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method
CN113168476A (zh) 操作系统中个性化密码学安全的访问控制
US20080072066A1 (en) Method and apparatus for authenticating applications to secure services
CN113474774A (zh) 用于认可新验证器的系统和方法
US20160105285A1 (en) Deriving cryptographic keys from biometric parameters
CN113545006A (zh) 远程授权访问锁定的数据存储设备
JP2008541264A (ja) コンピュータセキュリティシステムおよびコンピュータセキュリティ方法
US20190034616A1 (en) Secure authentication protocol systems and methods
KR101724401B1 (ko) 생체 정보 인식과 키 분할 방식을 이용한 공인인증 시스템 및 그 방법, 그 방법을 수행하는 프로그램이 기록된 기록매체
US8296841B2 (en) Trusted platform module supported one time passwords
WO2021190197A1 (zh) 生物支付设备的认证方法、装置、计算机设备和存储介质
BR112015015256B1 (pt) Método e aparelho para o gerenciamento de código de acesso
US20170201528A1 (en) Method for providing trusted service based on secure area and apparatus using the same
US9894062B2 (en) Object management for external off-host authentication processing systems
CN113383511A (zh) 用于解锁数据存储设备的恢复密钥
WO2017092507A1 (zh) 应用加密方法、装置和应用访问方法、装置
CN113383510A (zh) 数据存储设备的多角色解锁
CN106156549B (zh) 应用程序授权处理方法及装置
CN113316915B (zh) 解锁数据存储设备
EP2920732B1 (en) Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method
US9977907B2 (en) Encryption processing method and device for application, and terminal
KR101745390B1 (ko) 데이터 유출 방지장치 및 그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16869818

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16869818

Country of ref document: EP

Kind code of ref document: A1