WO2017211205A1 - Method and device for updating whitelist - Google Patents

Method and device for updating whitelist Download PDF

Info

Publication number
WO2017211205A1
WO2017211205A1 PCT/CN2017/086319 CN2017086319W WO2017211205A1 WO 2017211205 A1 WO2017211205 A1 WO 2017211205A1 CN 2017086319 W CN2017086319 W CN 2017086319W WO 2017211205 A1 WO2017211205 A1 WO 2017211205A1
Authority
WO
WIPO (PCT)
Prior art keywords
whitelist
terminal
application
update request
verification code
Prior art date
Application number
PCT/CN2017/086319
Other languages
French (fr)
Chinese (zh)
Inventor
汪婵
彭峰
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2017211205A1 publication Critical patent/WO2017211205A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Definitions

  • the embodiments of the present invention relate to the field of communications, and in particular, to a whitelist updating method and apparatus.
  • Mobile Payment refers to a service that allows users to use their mobile terminals, such as mobile phones or tablets, to pay for goods or services they consume.
  • mobile payments typically use secure authentication in the form of SMS verification codes (eg, financial transaction information, specifically, bank account numbers, bank passwords, payment verification codes, order notifications, etc.). That is, when the user performs mobile payment on the website or the application (Application, referred to as APP), the sender code of the verification code corresponding to the website background or the application sends a short message service (SMS) to the mobile phone number bound by the user.
  • SMS short message service
  • the short message carries the short message verification code generated by the website or the application according to the preset rule. After the user receives the short message, the user fills in the short message verification code on the website or the application, and the subsequent operation can be completed after the verification is passed.
  • the APP can read the short message permission by applying, and after determining that the right to read the short message, the APP can read all the short messages in the mobile terminal system, and obtain the required short message verification code from the mobile terminal system, if Currently, the mobile terminal uses the mobile phone number that needs to be verified, so that the user can manually prevent the verification code from being manually input. Currently, except for the short message application, most of the main functions of the APP application for the short message permission are to read the short message verification code.
  • the sender code of the verification code corresponding to the application can be written into the whitelist of the terminal, so that if the sender number of the verification code corresponding to the application does not exist in the whitelist, the terminal system can remind the terminal user to send the verification.
  • the sender code of the code verification code has a security risk, which can prevent users from being scammed by false text messages.
  • the whitelist is updated, and the sender number of the verification code corresponding to the application is updated.
  • the whitelist is usually upgraded by a large version (such as OTA (Over-the-Air Technology) upgrade), that is, when the application has a new service or changes the verification code sender number.
  • OTA Over-the-Air Technology
  • the terminal developer develops the corresponding version upgrade software, and the terminal updates the whitelist through the corresponding version upgrade software update.
  • the update method requires a long period of time.
  • the application can't modify the whitelist actively, only by applying in advance.
  • the whitelist list covers a large number of applications; when each application needs to update the whitelist list for reasons such as business development and change, the whitelist list on each terminal cannot be updated in time.
  • An embodiment of the present invention provides a whitelist updating method and apparatus for updating a verification code sender number corresponding to each application in the terminal whitelist list and/or each service of the application in a timely manner.
  • an embodiment of the present invention provides a whitelist update method, which is applied to a terminal, where the first application is run on the terminal, and the method includes: generating, according to the first application, or the first service generation of the first application. Triggering the whitelist update request, the terminal determining whether the first application has the right to update the terminal whitelist list, wherein the whitelist update request includes the identifier of the first application, and the verification code of the whitelist update request generator a sender number; the verification code sender number is a white list update request generator; the terminal white list is used to store a verification code sender number for transmitting the verification code message; if it is determined that the first application has a whitelist of the updated terminal Permission, at least update the verification code sender number of the whitelist update request generator to the terminal whitelist.
  • An embodiment of the present invention provides a whitelist update method, by receiving a whitelist update request for updating a terminal whitelist list sent by a first application, and updating the first application after determining that the first application has the right to update the terminal whitelist.
  • the terminal whitelist list such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to whitelist the list.
  • the developer submits an application request to update the terminal whitelist list, and updates the verification code sender for storing the verification code message according to the trigger of the first application generation or the whitelist update request generated by the first service of the first application.
  • the terminal whitelist list of the number is simple, and solves the problem that the application cannot update the terminal whitelist list and update the terminal whitelist list period in the prior art.
  • the terminal further includes a display screen, and correspondingly, the terminal determines that the first application has the right to update the terminal whitelist list, including: updating based on the whitelist a triggering of the request, the terminal displaying, by using a display screen, a first prompt message for prompting the user whether to grant the first application the right to update the terminal whitelist list; if the terminal detects that the user inputs the first indication information, It is determined that the first application has the right to update the terminal whitelist list. In this way, the user can determine whether the first application is a security application according to the first prompt message. When the user determines that the first application is a security program, the user authorizes the first application to have the right to update the terminal whitelist. In this way, the security of the verification code sender number can be recognized by the user.
  • determining that the first application has the right to update the terminal whitelist list includes: acquiring, by the terminal, the first application according to the trigger of the whitelist update request a certificate and an identifier; the terminal determines whether the certificate of the first application matches the preset certificate, and whether the identifier of the first application matches the preset identifier; if the terminal determines that the certificate of the first application matches the preset certificate, and the If the identifier of an application matches the preset identifier, it is determined that the first application has the right to update the terminal whitelist list. In this way, the reliability of each verification code sender number stored in the terminal whitelist list can be improved, and the user can identify the verification code sender number with security risks, thereby preventing the user from being fraudulently spoofed.
  • the whitelist is further The new request generator's verification code sender number is updated to the terminal whitelist list, including: the terminal determines whether the whitelist update request generator's verification code sender number is already registered in the terminal whitelist list; if the terminal determines the whitelist update If the verification code sender number of the request generator is not registered in the terminal whitelist, the terminal writes the identifier of the first application and the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application. Enter the terminal whitelist. In this way, the verification code sender number of the whitelist update request generator can be registered in the terminal whitelist list in time.
  • the method further includes: if the terminal determines that the verification code sender number of the whitelist update request generator is already registered In the terminal whitelist list, the terminal determines whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is the verification code of the whitelist update request generator that has been registered in the terminal whitelist list.
  • the party number, the new verification code sender number is the verification code sender number of the white list update request generator in the white list update request; if the terminal determines that the original verification code sender number is inconsistent with the new verification code sender number, the terminal The original verification code sender number is deleted from the terminal whitelist list, and the new verification code sender number is written into the terminal whitelist list corresponding to the identifier of the first application. In this way, when the verification code sender number of the whitelist update request generator is changed, the verification code sender number of the whitelist update request generator can be updated in the terminal white list in time.
  • the method further includes: acquiring, by the terminal, a whitelist of the terminal
  • the whitelist update request generator uses the frequency of the preset time; the terminal deletes the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist from the terminal whitelist. In this way, when the storage space of the terminal whitelist is fixed, the storage space of the terminal whitelist is saved.
  • the method further includes: sending at least a verification code sender number of the whitelist update request generator for updating a first whitelist update request of the verification code sender number of the whitelist update request generator in the server whitelist list, so that the server is based on the first
  • the whitelist update request periodically synchronizes the updated server whitelist to the terminal that communicates with the server; thus, the server may be caused to update the whitelist update request sender's verification code sender number in the server whitelist list, and then By connecting with the server, the terminal can update the terminal whitelist list in the terminal that communicates with the server, so that the terminal can update the terminal whitelist list without upgrading the version.
  • the first whitelist update request further includes an identifier and a certificate of the first application, and the server determines, according to the identifier and the certificate of the first application, whether to update the server whitelist in the server.
  • the embodiment of the present invention further provides a whitelist update method, which is applied to a server, where the method includes: receiving, by the server, an identifier of the first application, and a verification code sender number of the whitelist update request generator.
  • First whitelist update to indicate update server whitelist list
  • the whitelist update request is generated by the first application or the first service of the first application; the server determines whether the first whitelist update request satisfies the update condition; and the server determines that the first whitelist update request satisfies the update condition
  • the server updates at least the verification code sender number of the whitelist update request generator to the server whitelist. In this way, the server can update the verification code sender number of the whitelist update request generator in the server whitelist list stored in the server in time.
  • the method further includes: the server, according to the preset period, synchronizing the updated server whitelist to the terminal that communicates with the server. In this way, the terminal can update the terminal whitelist list in the terminal by communicating with the server.
  • the first whitelist update request further includes a certificate and an identifier of the first application; if the first whitelist update request is sent by the terminal, The update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the identifier of the first application is pre-stored in the server. The identifier corresponding to the first application is consistent; when the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries the update information corresponding to the terminal, and the update information includes the updated version difference. And an update time and a result of whether the verification code sender number of the whitelist update request generator has been updated in the terminal whitelist list.
  • an embodiment of the present invention provides a whitelist updating apparatus, which is applied to a terminal, where the terminal runs a first application, and the apparatus includes: a determining unit, configured to generate or the first application based on the first application. Triggering a whitelist update request generated by the first service, determining whether the first application has the right to update a terminal whitelist for storing the verification code sender number of the whitelist update request generator, wherein the white
  • the list update request includes an identifier of the first application and a verification code sender number of the whitelist update request generator; a determining unit, configured to determine that the first application has the right to update the whitelist of the terminal; and an update unit, configured to: When the determining unit determines that the first application has the right to update the whitelist list of the terminal, at least the verification code sender number of the whitelist update request generator is updated to the terminal whitelist, and the terminal whitelist is used for storing the transmission verification.
  • the verification code sender number of the code message Triggering a whitelist update request
  • the terminal further includes a display screen
  • the corresponding determining unit includes: a display module, configured to display the trigger based on the whitelist update request to the user through the display screen a first prompt message for prompting the user whether to grant the first application the right to update the terminal whitelist list;
  • the first determining module is configured to determine whether the user input is used to indicate that the user agrees to the Determining, by the first application, the first indication information of the right to update the whitelist of the terminal; the first determining module, configured to: when the first determining module determines that the user inputs the first indication information, determining that the first application has the update The permissions of the terminal whitelist.
  • the determining unit includes: an acquiring module, configured to acquire a certificate and an identifier of the first application based on a trigger of the whitelist update request; a module, configured to determine whether the certificate of the first application matches the preset certificate, and whether the identifier of the first application matches the preset identifier, and the second determining module is configured to determine, in the second determining module, the first application The certificate matches the preset certificate, and the identifier of the first application matches the preset identifier When it is determined, the first application has the right to update the terminal whitelist list.
  • the updating unit includes: a third determining module, configured to determine whether the verification code sender number of the whitelist update request generator is already registered in the terminal white a first update module, configured to: when the third determination module determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the identifier of the first application and the first The verification code sender number of the whitelist update request generator corresponding to the identifier of the application is written in the terminal whitelist.
  • the device further includes: a fourth determining module, configured to determine, in the third determining module, a whitelist update request When the sender's verification code sender number is registered in the terminal whitelist list, it is determined whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is already registered in the terminal whitelist list.
  • a fourth determining module configured to determine, in the third determining module, a whitelist update request When the sender's verification code sender number is registered in the terminal whitelist list, it is determined whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is already registered in the terminal whitelist list.
  • the whitelist update request sender's verification code sender number, the new verification code sender number is the verification code sender number of the whitelist update request generator in the whitelist update request; the second update module is used in the When the determining module determines that the original verification code sender number is inconsistent with the new verification code sender number, the original verification code sender number is deleted from the terminal whitelist list, and the new verification code sender number is written into the terminal whitelist list.
  • the device further includes: a statistics unit, configured to obtain The frequency of use of the whitelist update request generator in the terminal whitelist list in the preset time; the deleting unit is configured to use the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist list And the identifier of the whitelist update request generator is deleted from the terminal whitelist.
  • a statistics unit configured to obtain The frequency of use of the whitelist update request generator in the terminal whitelist list in the preset time
  • the deleting unit is configured to use the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist list
  • the identifier of the whitelist update request generator is deleted from the terminal whitelist.
  • the device further includes: a sending unit, configured to The server sends a first whitelist update request, so that the server periodically synchronizes the updated server whitelist list to the terminal connected to the server according to the first whitelist update request; the first whitelist update request carries at least The whitelist update request generator's verification code sender number; the first whitelist update request is used to update the verification code sender number of the whitelist update request generator in the server whitelist list, and the server whitelist is used to store the transmission verification code.
  • the verification code sender number of the message configured to The server sends a first whitelist update request, so that the server periodically synchronizes the updated server whitelist list to the terminal connected to the server according to the first whitelist update request; the first whitelist update request carries at least The whitelist update request generator's verification code sender number; the first whitelist update request is used to update the verification code sender number of the whitelist update request generator in the server whitelist list, and the server whitelist is used to store the transmission verification code.
  • the embodiment of the present invention provides a whitelist updating apparatus, which is applied to a server, where the apparatus includes: a receiving unit, configured to receive a first whitelist update request, where the first whitelist update request is used to indicate an update server.
  • the first whitelist update request includes at least an identifier of the first application, a verification code sender number of the whitelist update request generator; wherein the whitelist update request is generated by the first application or the first application The first service is generated; the server whitelist is used to store the verification code sender number of the verification code message; the determining unit is configured to determine whether the first whitelist update request satisfies the update condition; and the update unit is configured to determine, in the determining unit, A whitelist update request satisfies the update condition, and the server at least adds the verification code sender number of the whitelist update request generator Update to the server whitelist list.
  • the apparatus further includes: a synchronization unit, configured to synchronize the updated server whitelist list to the terminal that communicates with the server according to a preset period.
  • the first whitelist update request further includes a certificate and an identifier of the first application, and if the first whitelist update request is sent by the terminal,
  • the update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the identifier of the first application is pre-stored in the server.
  • the identifier corresponding to the first application is consistent; when the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries the update information corresponding to the terminal, and the update information includes the updated version.
  • an embodiment of the present invention provides a terminal, including: a processor, a memory, a system bus, and a communication interface;
  • the memory is configured to store a computer execution instruction
  • the processor is connected to the memory through the system bus, and when the terminal is running, the processor executes the computer execution instruction stored in the memory, so that The terminal performs the whitelist update method as described in the above first aspect or any one of the foregoing aspects.
  • an embodiment of the present invention provides a readable medium, including a computer executing instruction, when the processor of the terminal executes the computer to execute an instruction, the terminal performs any one of the foregoing first aspect or the first aspect.
  • the whitelist update method described in the alternative described in the alternative.
  • an embodiment of the present invention provides a server, including: a processor, a memory, a system bus, and a communication interface;
  • the memory is configured to store a computer executing instructions
  • the processor is coupled to the memory via the system bus, and when the server is running, the processor executes the computer executed instructions stored in the memory to enable The server performs the whitelist update method as described in the second aspect or the second aspect of the second aspect.
  • an embodiment of the present invention provides a readable medium, including computer execution instructions, when the processor of the server executes the computer execution instruction, the server performs any one of the foregoing second aspect or the second aspect.
  • the whitelist update method described in the alternative is described in the alternative.
  • the embodiment of the present invention provides a communication system, where the communication system includes a plurality of terminals and a server, and the multiple terminals may be the terminal described in any one of the foregoing third aspect or the third aspect.
  • the server may be the server described in the above fourth aspect or any one of the optional aspects of the fourth aspect; or
  • the plurality of user equipments may be the user equipments described in the fifth aspect above, and the server may be the server described in the seventh aspect above.
  • the user equipment may further include the readable medium of the sixth aspect
  • the server may further include the readable medium of the eighth aspect.
  • An embodiment of the present invention provides a whitelist updating method and apparatus, which are sent by receiving a first application. Sending a whitelist update request for updating the terminal whitelist list, after determining that the first application has the right to update the terminal whitelist list, updating the terminal whitelist list, so that when the whitelist update request generator sends the verification code
  • the party number is changed or the verification code sender number of the whitelist update request generator needs to be re-registered in the whitelist list, it is not necessary to apply to the developer of the whitelist list to request to update the terminal whitelist list, but according to the first application.
  • FIG. 1 is a schematic flowchart 1 of a white list updating method according to an embodiment of the present invention.
  • FIG. 2 is a second schematic flowchart of a whitelist updating method according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart 3 of a method for updating a white list according to an embodiment of the present disclosure
  • FIG. 4 is a schematic flowchart 4 of a white list updating method according to an embodiment of the present invention.
  • FIG. 5 is a schematic flowchart of a whitelist update method according to another embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram 1 of a white list updating apparatus according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram 2 of a white list updating apparatus according to an embodiment of the present disclosure.
  • FIG. 8 is a schematic structural diagram of another whitelist updating apparatus according to an embodiment of the present disclosure.
  • FIG. 9 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure.
  • FIG. 10 is a schematic structural diagram of a server according to an embodiment of the present disclosure.
  • FIG. 11 is a schematic structural diagram of a hardware of a terminal according to an embodiment of the present invention.
  • a method for updating a whitelist list which is provided by the processor in the embodiment, by receiving a whitelist update request for updating a terminal whitelist list sent by the application, determining that the application has After updating the permission of the whitelist list, the terminal whitelist list is updated, and when the verification code sender number corresponding to any application is changed or the verification code sender number needs to be re-registered in the whitelist list, the user can be timely and autonomous.
  • the method is simple, when the verification code sender number of the application is changed or needs to be re-registered, the application of the whitelist is not required to request the update of the whitelist list, and the application in the prior art is solved. Unable to update the whitelist list and update the whitelist list week Long.
  • the terminal in the embodiment of the present invention includes a processor, a display screen connected to the processor by an application running on the processor, and a whitelist management entity.
  • An operating system of the terminal in the embodiment of the present invention Without limitation, the operating system of the terminal may be Android, Windows Phone, or iOS.
  • the terminal in the embodiment of the present invention may be a mobile phone, a mobile computer, a tablet computer, a personal digital assistant (PDA), a media player, a smart TV, a smart wearable device (such as a smart watch, Intelligent glasses, smart bracelets, etc.), electronic readers, handheld game consoles, and in-vehicle electronic devices, etc.
  • the terminal has functions such as running an application (Application, APP), accessing the network, and positioning.
  • the application of the embodiment of the present invention may be any application installed on the terminal, including but not limited to browser, email, instant messaging service, word processing, keyboard virtual, widget, encryption. , digital rights management, voice recognition, voice replication, positioning (such as those provided by GPS), music playback, and more.
  • an embodiment of the present invention provides a method for updating a whitelist, which is applied to a terminal, where the terminal includes a processor, and a first application running on the processor, where the method includes:
  • the terminal determines, according to a trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or the first a first service generation of an application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist is used for storing Send the verification code sender number of the verification code message;
  • An embodiment of the present invention provides a whitelist update method, by receiving a whitelist update request for updating a terminal whitelist list sent by a first application, and updating the first application after determining that the first application has the right to update the terminal whitelist.
  • the terminal whitelist list such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to whitelist the list.
  • the developer submits an application request to update the terminal whitelist list, and updates the terminal whitelist list according to the trigger of the whitelist update request generated by the first application or the first service of the first application, and the method is simple and solves the present problem.
  • the application cannot update the terminal whitelist list and update the terminal whitelist list period.
  • the embodiment of the present invention does not limit the specific form of the whitelist of the terminal, as long as the terminal whitelist can be used to store the verification code sender number of the verification code message.
  • the terminal whitelist may include a plurality of entries, each entry for storing an identifier of an application and a verification code sender number or application identifier of the application and a service of the application. Correspondence between them.
  • the embodiment of the present invention does not advance the specific form of the verification code message and the specific content of the verification code message.
  • the line definition, the verification code message may contain letters and/or numbers.
  • the method and principle of updating the verification code sender number corresponding to each service in the terminal whitelist list are the same, and the embodiment of the present invention only uses the first application program and the authentication code sender number corresponding to each application in the terminal.
  • the first service is described as an example and does not have any indicative meaning.
  • the first service is any service corresponding to the first application.
  • the first application is any application running on the terminal processor, for example, a browser, a client of QQ, Bank of China, or the like.
  • the service corresponding to the first application may be a service generated by the first application when it is used.
  • the service may be a service when the Taobao application is paying, and the service may also be a QQ login.
  • the identifier of the first application may be a package name corresponding to the first application.
  • the package name of the first application is com.chinamworld. .bocmbci.
  • each service of each application is also identified.
  • the identifier of each service in the embodiment of the present invention is not limited, and may be set as needed, as long as the service can distinguish other services by the identifier of the service.
  • the embodiment of the present invention does not limit the specific form of the whitelist update request, and may be set as needed, where the whitelist update request includes the identifier of the first application, and the whitelist update request generator.
  • the verification code sender number which is the service corresponding to the application or application that generates the whitelist update request.
  • the triggering manner of the whitelist update request of the terminal is not limited in the embodiment of the present invention, because the identifier of the first application does not change, but the verification code sender number of the first application and each service of the first application There may be a difference between the corresponding verification code sender numbers, so when the terminal is triggered by the whitelist update request generated by the first application and the whitelist update request generated by the first service of the first application, the whitelist update There is a difference in the sender code of the verification code carried in the request.
  • the first application when the first application is first installed on the terminal, it can be determined that the terminal is triggered by the whitelist update request, and the whitelist update request carries the identifier of the first application. And the verification code sender number of the first application.
  • the Taobao application or the QQ application when the Taobao application or the QQ application is installed on the terminal for the first time, the Taobao application or the QQ application respectively obtains the verification code sender number corresponding to the Taobao application or the QQ application respectively to the corresponding application server.
  • the whitelist update request carries the identifier of the first application and the verification code sender number of the first application.
  • the indication information that the user starts the first application is used to instruct the first application to acquire the short message verification code sent by the verification code sender number corresponding to the first application.
  • the user when the U.S. application is installed on the terminal, when the user first uses it, the user’s display screen is displayed to the user whether it is necessary to obtain the corresponding U.S. application.
  • a verification code sender number after determining that the first indication information sent by the user is received, sending a request message to the server corresponding to the Meituan application to obtain the corresponding corresponding to the Meituan application Verification code sender number.
  • the terminal after the first application is installed on the terminal, if it is detected that the terminal uses the indication information of the first service of the first application for the first time, it may be determined that the terminal is triggered by the whitelist update request, and the The whitelist update request carries the identifier of the first application and the verification code sender number of the first service of the first application.
  • the Meituan application obtains the user's trigger instruction and then corresponds to the Meituan application.
  • the server sends a request message to obtain a verification code sender number corresponding to the order payment service in the Meituan application.
  • the method for obtaining the sender code of the verification code carried in the whitelist update request in the embodiment of the present invention is not limited, and exemplary:
  • the terminal acquires a verification code sender number of the first application or a verification code sender number of the first service of the first application from a configuration file corresponding to the first application.
  • the developer When developing the first application, the developer writes the verification code sender number of the first application and the verification code sender number of each service of the first application into the first application configuration file of the application, so that the developer The first application's configuration file comes with the verification code sender number of the first application and the verification code sender number of each service of the first application, so that when the first application is used for the first time, or The first service of the first application is used for the first time.
  • the terminal may obtain the verification code sender number of the first application from the configuration file of the first application or the The verification code sender number of the first service of the first application.
  • the embodiment of the present invention acquires, by the terminal from the configuration file of the first application, the verification code sender number of the first application or the verification code sender number of the first service of the first application.
  • the method is not limited, and reference may be made to the prior art.
  • the terminal sends the application to the application server of the first application. Querying the request message, so that the application server of the first application queries the verification code sender number of the first application or the verification code sender number of the first service of the first application according to the query request message.
  • the embodiment of the present invention does not limit the specific format and length of the verification code sender number, and may be set as needed.
  • the verification code sender number of the Bank of China is 95566; the verification code of the China Merchants Bank is sent.
  • the party number is 95555 and so on.
  • the embodiment of the present invention determines, by the terminal, that the first application has the right to update the terminal whitelist list, and on the other hand, may determine whether the user inputs the first indication information, and may pass the verification. Whether the certificate of the first application matches the preset preset certificate, and whether the identifier of the first application matches the preset identifier.
  • the terminal in order to improve the reliability of the verification code sender number stored in the terminal whitelist, the terminal further includes a display screen.
  • the determining that the first application has the right to update the terminal whitelist list includes:
  • the terminal displays a first prompt message to the user through the display screen, where the first prompt message is used to prompt the user whether to agree to grant the update to the first application.
  • S1022A The terminal determines whether the user inputs the first indication information, and the first indication information is used to indicate that the user agrees to grant the first application permission to update the terminal whitelist.
  • the terminal determines that the first application has the right to update the terminal whitelist list.
  • the terminal of the embodiment of the present invention includes a display screen, and the display screen may be a touch-sensitive display screen or a non-touch display screen, which is not limited by the embodiment of the present invention.
  • the first indication information may be a first letter or a first number sent by the user to the preset number by using a short message form, or may be a click by the user collected by the touch controller according to the prompt message in the first prompt information. Is sent to the processor after the word "or agree”.
  • the display screen when the display screen is a touch display screen, the display screen includes a touch screen, a touch screen sensor, and a touch screen controller; wherein the touch screen sensor is configured to detect a user operation instruction, wherein the operation instruction may be The user's touch command may also be a user's selection command. After receiving the operation command, the touch screen sends the operation command to the touch screen controller.
  • the main function of the touch screen controller is to receive touch information from the touch screen sensor and Converted into contact coordinates, and then sent to the terminal's processor, which can also receive commands from the terminal's processor and execute them.
  • the display screen is a touch-type display screen
  • the touch controller determines, according to the "Yes” command collected by the touch sensor, that the first application has the right to update the terminal whitelist list. Otherwise, there is no permission to update the terminal whitelist list.
  • the user input first indication information may carry the corresponding first letter or the first number to the preset number in the form of a short message if agreed, if not Agree to send the second letter or the second number to the preset number in the form of a short message, where the preset number is set by the terminal according to requirements, and if the terminal receives the first letter or the first number, the first An application has the right to update the terminal whitelist list, otherwise it is determined that the first application does not have the right to update the terminal whitelist.
  • the method further includes:
  • the form and content of the second indication information may refer to the form and the content of the first indication information.
  • the embodiments of the present invention are not described herein again.
  • FIG. 3 differs from FIG. 2 in that the determining that the first application has the right to update the terminal whitelist list is exemplary.
  • the first application has the right to update the terminal whitelist list, including:
  • the terminal acquires a certificate and an identifier of the first application according to the trigger of the whitelist update request.
  • the device when the first application is installed on the terminal, can obtain the application information corresponding to the first application, including: a package name, a certificate, a signature, a hash value, and version information.
  • the identifier of the first application may be an application package name of the first application.
  • S1022 The terminal determines whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
  • the method further includes:
  • the terminal after determining that the first application does not have the right to update the terminal whitelist, the terminal sends a response message to the first application, to indicate that the first application is not The user has the right to update the terminal whitelist list. At this time, the terminal whitelist list update ends.
  • step S102 is not limited in the embodiment of the present invention.
  • the following steps may be implemented:
  • S1021 The terminal determines whether the verification code sender number of the whitelist update request generator is already registered in the terminal whitelist list;
  • the terminal When the whitelist update request generator is the first application or the first service of the first application, the terminal performs an inquiry in the terminal whitelist according to the identifier of the first application. Determining whether the verification code sender number of the first application is already registered in the terminal whitelist.
  • the terminal determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the terminal identifies the identifier of the first application and the first The verification code sender number of the whitelist update request generator corresponding to the identifier of an application is written in the terminal whitelist list.
  • the terminal determines the terminal by using the identifier of the first application as an index.
  • the identifier of the first application does not exist in the whitelist, it may be determined that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist.
  • each service type includes multiple services, and each service corresponds to one verification code sender number. At this time, the identifier of one application corresponds to multiple verification code sender numbers. When an application has only one service, at this time, the identifier of one application may correspond to one verification code sender number, or may correspond to two verification code sender numbers.
  • the identifier of the first application and the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application are written in the terminal whitelist.
  • the manner is not limited, and specific reference may be made to the manner in the prior art.
  • the embodiment of the present invention further includes:
  • the terminal determines whether the original verification code sender number of the whitelist update request generator is already registered in the terminal whitelist, the terminal determines whether the original verification code sender number and the new verification code sender number are Consistent; the original verification code sender number is a verification code sender number of the white list update request generator that has been registered in the terminal whitelist list, and the new verification code sender number is the white list The verification code sender number of the whitelist update request generator in the update request;
  • the terminal determines that the original verification code sender number is inconsistent with the new verification code sender number, the terminal deletes the original verification code sender number from the terminal whitelist list, and The new verification code sender number is written in a location in the terminal whitelist list corresponding to the identifier of the first application.
  • the embodiment of the present invention does not limit the storage manner of the whitelist of the terminal.
  • the whitelist of the terminal in the embodiment of the present invention may be stored in the whitelist management entity.
  • the specific structure of the management entity is not limited.
  • the whitelist management entity may be a hardware entity capable of implementing a whitelist of storage/management terminals, or may be implemented by a hardware entity and a software module to implement a whitelist of storage/management terminals.
  • the device, the whitelist management entity in the embodiment of the present invention may include: a storage module and a management module, wherein the storage module is configured to store the terminal whitelist.
  • the management module is configured to manage the terminal whitelist list, for example, adding a verification code sender number of an application or an application service in the terminal whitelist list, and deleting the verification of the service of an application or an application.
  • Code sender number the verification code sender number of the service that updates an application or application.
  • the whitelist management entity can be installed in the terminal or installed outside the terminal.
  • the storage module may be a baseband modem, and the storage module and the management module may run under a TEE (Trusted Execution Environment) or a REE (Rich Execution Environment). Can also run Under SE (Secure Element).
  • TEE is a standardized and trusted execution environment defined by the Global Platform International Standards Organization (GlobalPlatform), which is a secure area residing on the main processor of the connected device to ensure that it is in a trusted execution environment. Storage, processing and protection of sensitive data.
  • the Trusted Execution Environment is a trusted operating system with secure processing capabilities and security peripheral operations. It is isolated and independent from REE on the same device. Compared with TEE, REE has powerful processing and multimedia operating systems.
  • SE consists of software and tamper-resistant hardware, limited processing capacity, no peripherals, support for high-level security, such as SIM card, financial IC card, smart SD card, etc., can be combined with TEE Run together.
  • the method provided by the embodiment of the present invention further includes the following step S104:
  • S104 The verification code sender number corresponding to the first application is deleted from the terminal whitelist list, where the first application is in the terminal whitelist list, and the user usage frequency is lower than the preset time in the preset time. Set the threshold for the application.
  • the step S104 can be specifically implemented by the following steps:
  • S1041 The terminal acquires a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time;
  • the frequency of use may be the number of times the user clicks on each application within a preset period, and the frequency of use of each application may be stored in a memory of the terminal, and the frequency of use may be from a memory of the terminal by the processor of the terminal. Obtained in.
  • the embodiment of the present invention does not limit the manner in which the processor obtains the frequency of use of the application from the memory of the terminal, and may be selected according to requirements, and details are not described herein again.
  • the preset period is not limited in the embodiment of the present invention, and may be set as needed, for example, one week, one month, or one year.
  • S1042 The terminal deletes, from the terminal whitelist, the verification code sender number of the whitelist update request generator whose frequency is less than a preset threshold in the terminal whitelist.
  • the verification code sender number corresponding to the first application may refer to a verification code sender corresponding to the service.
  • the verification code sender number whose frequency is lower than the preset threshold is used in the number.
  • the preset threshold is not limited in the embodiment of the present invention, and may be set as needed.
  • the method further includes:
  • a whitelist update request carries at least the verification code sender number of the whitelist update request generator; the first whitelist update request is used to update the whitelist update request generator in the server whitelist list Verification code sender number.
  • the embodiment of the present invention does not limit the server, and the server is used to store the server.
  • a whitelist list for storing a verification code sender number corresponding to each application in the plurality of applications and a verification code sender number of the service corresponding to each application, the verification code sender number being used
  • the verification code message is sent; the terminal can update the terminal white list in the terminal by connecting with the server.
  • the server can be a cloud server.
  • the embodiment of the present invention further provides a whitelist update method, which is applied to a server.
  • the method includes:
  • the server receives a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list.
  • the first whitelist update request includes at least an identifier of the first application, and a whitelist update. a verification code sender number of the requesting generator; wherein the whitelist update request is generated by the first application or generated by the first service of the first application;
  • the server in the embodiment of the present invention is configured to store a server whitelist, where the server whitelist is used to store a verification code sender number corresponding to each application in multiple applications, and a corresponding one of each application.
  • the verification code sender number of the service, and the terminal can update the terminal white list in the terminal by connecting with the server.
  • the server determines whether the first whitelist update request meets an update condition.
  • the first whitelist update request further carries a certificate and an identifier of the first application.
  • the update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the The identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
  • the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
  • the first whitelist update request sent by the application server corresponding to the application that establishes the connection with the server to the server may be determined not to be sent by the terminal.
  • the certificate corresponding to the first application can be obtained by:
  • the developer sends a first request to the server, where the first request is used to update the authorization information of the server whitelist stored in the server;
  • the server sends a certificate according to the first request, where the certificate is used to determine whether the first application has the right to update a server whitelist stored in the server;
  • the developer packages the certificate in an application configuration file of the first application (for example, an APK, an Android PackageAndroid installation package), that is, obtains a certificate of the first application.
  • an application configuration file of the first application for example, an APK, an Android PackageAndroid installation package
  • the certificate corresponding to the first application stored in the server may be acquired by the server after receiving the first request, or the server may receive the first request. At the same time, the certificate corresponding to the first application is obtained.
  • the server determines, if the first whitelist update request meets an update condition, the service The server then updates at least the verification code sender number of the whitelist update request generator to the server whitelist.
  • the server in the embodiment of the present invention synchronizes the updated server whitelist to the terminal that communicates with the server according to a preset period. .
  • the preset period is not limited in the embodiment of the present invention, and may be set according to requirements, or may be set according to update information of each terminal acquired by the application server, where the update information includes updated version difference, update time, and update. result.
  • the preset period in the embodiment of the present invention may be one week, one year, or one month.
  • the embodiment of the present invention provides a whitelist update method, where the server receives the first whitelist update request, and after determining that the first whitelist update request satisfies the update condition, the sender code of the whitelist update request generator is sent. Update to the server whitelist list, so that the terminal can update the terminal whitelist list by synchronizing with the server. The problem that the update period caused by the upgrade of the large version is required when the application cannot update the whitelist list and the terminal updates the terminal whitelist list in the prior art is solved.
  • the manner of obtaining the identifier corresponding to the first application and the identifier corresponding to the first application stored in the server is similar to the manner of the certificate of the first application, and the embodiment of the present invention is no longer used herein. Narration.
  • the embodiment of the present invention provides a whitelist updating apparatus.
  • the whitelist updating apparatus is applied to a terminal, and is used to execute the steps performed by the terminal in the above method.
  • the whitelist updating device may include a module corresponding to the corresponding step.
  • the whitelist update device includes:
  • the determining unit 601 is configured to determine, according to a trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or a first service generation of the first application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist is used for Storing a verification code sender number for transmitting a verification code message;
  • the determining unit 602 is configured to determine that the first application has the right to update the whitelist of the terminal;
  • the updating unit 603 is configured to: when the determining unit determines that the first application has the right to update the whitelist of the terminal, update at least the verification code sender number of the whitelist update request generator to the terminal In the whitelist list.
  • the terminal further includes a display screen, and correspondingly, the determining unit 602 includes:
  • the display module 6021A is configured to display, by using the display screen, a first prompt message to the user by using the display screen, where the first prompt message is used to prompt the user whether to agree to grant an update to the first application.
  • the first determining module 6022A is configured to determine whether the user inputs the first indication information, where the first indication information is used to indicate that the user agrees to grant the first application to update the terminal whitelist. List permissions;
  • the first determining module 6023A is configured to determine, when the first determining module determines that the user inputs the first indication information, determining that the first application has the right to update the terminal whitelist.
  • the determining unit 602 includes:
  • the obtaining module 6021B is configured to acquire a certificate and an identifier of the first application according to the trigger of the whitelist update request;
  • the second determining module 6022B is configured to determine whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
  • a second determining module 6023B configured to: when the second determining module determines that the certificate of the first application matches the preset certificate, and the identifier of the first application matches the preset identifier, determining the first An application has the right to update the terminal whitelist list.
  • the updating unit 603 includes:
  • a third determining module configured to determine whether a verification code sender number of the whitelist update request generator is already registered in the terminal whitelist
  • a first update module configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the identifier of the first application is And the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application is written in the terminal whitelist.
  • the updating unit 603 further includes:
  • a fourth determining module configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is registered in the terminal whitelist, determine the original verification code sender number and the new Verification code sender number is consistent; the original verification code sender number is a verification code sender number of the white list update request generator that has been registered in the terminal white list, the new verification code sender The number is a verification code sender number of the whitelist update request generator in the whitelist update request;
  • a second update module configured to: when the fourth determining module determines that the original verification code sender number is inconsistent with the new verification code sender number, then send the original verification code sender number from the terminal whitelist list And deleting, and writing the new verification code sender number into a location in the terminal whitelist list corresponding to the identifier of the first application.
  • the device further includes:
  • a statistic unit configured to acquire a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time
  • a deleting unit configured to delete, from the terminal whitelist, the verification code sender number of the whitelist update request generator whose usage frequency is less than a preset threshold in the terminal whitelist.
  • the device further includes:
  • a sending unit configured to send a first whitelist update request to the server, so that the server periodically synchronizes the updated server whitelist list to the terminal that communicates with the server according to the first whitelist update request;
  • the first whitelist update request carries at least the verification code sender number of the whitelist update request generator; the first whitelist update request is used to update the service The white card of the whitelist update request generator's verification code sender number.
  • an embodiment of the present invention provides a whitelist updating apparatus, where the whitelist updating apparatus is configured to execute the steps performed by a server in the whitelist updating method.
  • the whitelist updating device may include a module corresponding to the corresponding step.
  • the whitelist updating device includes:
  • the receiving unit 801 is configured to receive a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list; and the first whitelist update request includes at least an identifier, a whitelist of the first application. Updating a verification code sender number of the request generator; wherein the white list update request is generated by the first application or generated by the first service of the first application;
  • the determining unit 802 is configured to determine whether the first whitelist update request meets an update condition
  • the updating unit 803 is configured to: when the determining unit determines that the first whitelist update request meets an update condition, the server updates at least the verification code sender number of the whitelist update request generator to the server white In the list of names.
  • the device further includes:
  • a synchronization unit configured to synchronize the updated server whitelist list to the terminal that communicates with the server according to a preset period.
  • the first whitelist update request further carries a certificate and an identifier of the first application.
  • the update condition is a certificate of the first application included in the first whitelist update request and the first application pre-stored in the server
  • the certificate corresponding to the program is consistent, and the identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
  • the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
  • an embodiment of the present invention provides a terminal, including: a processor 30, a memory 31, a system bus 32, and a communication interface 33;
  • the memory 31 is configured to store computer execution instructions
  • the processor 30 is coupled to the memory 31 via the system bus 32, and when the terminal is running, the processor 30 executes the memory stored by the memory 31
  • the computer executes the instructions, so that the terminal performs the method performed by the terminal in the whitelist updating method shown in any one of FIG. 1 to FIG. 4, and the specific whitelist updating method can be referred to any of the foregoing FIG. 1 to FIG.
  • the related description in the embodiment shown is not described here.
  • the processor 30 can be a central processing unit (English: central processing unit, abbreviation: CPU).
  • the processor 30 can also be other general-purpose processors, digital signal processing (DSP), application specific integrated circuit (ASIC), field programmable gate array (English) : field-programmable gate array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • DSP digital signal processing
  • ASIC application specific integrated circuit
  • FPGA field-programmable gate array
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the processor 30 can be a dedicated processor, and the dedicated processor can include a baseband processing chip, At least one of a radio frequency processing chip or the like. Further, the dedicated processor may also include a chip having other dedicated processing functions of the user equipment.
  • the memory 31 may include a volatile memory (English: volatile memory), such as a random access memory (English: random-access memory, abbreviation: RAM); the memory 31 may also include a non-volatile memory (English: Non-volatile memory, such as read-only memory (English: read-only memory, abbreviation: ROM), flash memory (English: flash memory), hard disk (English: hard disk drive, abbreviation: HDD) or solid state drive (English) : solid-state drive, abbreviated: SSD); the memory 31 may also include a combination of the above types of memories.
  • a volatile memory such as a random access memory (English: random-access memory, abbreviation: RAM)
  • the memory 31 may also include a non-volatile memory (English: Non-volatile memory, such as read-only memory (English: read-only memory, abbreviation: ROM), flash memory (English: flash memory), hard disk (English: hard disk drive, abbreviation: HDD) or solid state drive (English)
  • the system bus 32 can include a data bus, a power bus, a control bus, and a signal status bus. For the sake of clarity in the present embodiment, various buses are illustrated as the system bus 32 in FIG.
  • the communication interface 33 may specifically be a transceiver on the terminal.
  • the transceiver can be a wireless transceiver.
  • the wireless transceiver can be an antenna of the terminal or the like.
  • the processor 30 transmits and receives data to and from other devices, such as a base station, through the communication interface 33.
  • the embodiment of the present invention provides a terminal, by receiving a whitelist update request for updating a terminal whitelist list sent by the first application, and updating the terminal whitelist after determining that the first application has the right to update the terminal whitelist list.
  • List such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to present to the developer of the whitelist list
  • the application requests to update the terminal whitelist list, and the terminal whitelist list is updated in time according to the trigger of the first application generated or the whitelist update request generated by the first service of the first application, which is simple and solves the prior art.
  • the application cannot update the terminal whitelist list autonomously and update the terminal whitelist list period.
  • each step in the flow of the whitelist updating method described in any one of the above-mentioned FIG. 1 to FIG. 10 can be implemented by the processor 30 in hardware form executing the computer-executed instructions in the form of software stored in the memory 31. . To avoid repetition, we will not repeat them here.
  • the embodiment further provides a storage medium, which may include the memory 31.
  • the embodiment of the present invention provides a readable medium, including computer execution instructions, when the processor of the user equipment executes the computer to execute an instruction, the terminal performs any one of the foregoing first aspect or the first aspect.
  • an embodiment of the present invention provides a server, including: a processor 40, a memory 41, a system bus 42, and a communication interface 43;
  • the memory 41 is configured to store computer execution instructions
  • the processor 40 is coupled to the memory 41 via the system bus 42, and when the server is running, the processor 40 executes the memory stored by the memory 41
  • the computer executes the instructions to cause the server to perform the method performed by the server in the whitelist update method as described in FIG.
  • For a specific whitelist update method refer to the related description in the foregoing embodiment shown in FIG. 5, and details are not described herein again.
  • the embodiment of the present invention provides a server, after receiving the first whitelist update request, after determining that the first whitelist update request satisfies the update condition, updating the verification code sender number of the whitelist update request generator to the In the server whitelist list, the terminal can update the terminal whitelist list by synchronizing with the server.
  • the prior art application cannot be solved by itself.
  • the main update whitelist list and the terminal update the terminal whitelist list require a long update period caused by upgrading the large version.
  • the embodiment of the present invention provides a readable medium, including computer execution instructions.
  • a processor of a server executes the computer execution instruction, the server performs a method corresponding to the server in the whitelist update as described in FIG. 5.
  • the processor 40 can be a CPU.
  • the processor 40 can also be other general purpose processors, DSPs, ASICs, FPGAs or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and the like.
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the processor 40 may be a dedicated processor, which may include at least one of a baseband processing chip, a radio frequency processing chip, and the like. Further, the dedicated processor may also include a chip having other dedicated processing functions of the server.
  • the memory 41 may include a volatile memory such as a random access memory RAM; the memory 41 may also include a non-volatile memory such as a read only memory ROM, a flash memory, an HDD or an SSD; A combination of memories of the above kind may be included.
  • a volatile memory such as a random access memory RAM
  • the memory 41 may also include a non-volatile memory such as a read only memory ROM, a flash memory, an HDD or an SSD; A combination of memories of the above kind may be included.
  • the system bus 42 can include a data bus, a power bus, a control bus, and a signal status bus. For the sake of clarity in the present embodiment, various buses are illustrated as system bus 42 in FIG.
  • the communication interface 43 may specifically be a transceiver on a server.
  • the transceiver can be a wireless transceiver.
  • the processor 40 performs data transmission and reception with other devices, such as user equipment, through the communication interface 43.
  • each step of the server in the method flow shown in FIG. 5 above may be implemented by the processor 40 in hardware form executing a computer-executed instruction in the form of software stored in the memory 41. To avoid repetition, we will not repeat them here.
  • FIG. 11 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
  • the mobile terminal provided by the embodiment of the present invention may be used to implement the method implemented by the embodiments of the present invention shown in FIG. 1 to FIG. 4, for convenience of description. Only parts related to the embodiments of the present invention are shown, and the specific technical details are not disclosed. Please refer to the embodiments of the present invention shown in FIGS.
  • the mobile terminal can be a terminal device such as a mobile phone, a tablet computer, a notebook computer, a UMPC (Ultra-mobile Personal Computer), a netbook, a PDA (Personal Digital Assistant), and the like.
  • the mobile phone will be described as an example, and FIG. 11 is a block diagram showing a part of the structure of the mobile phone 300 related to each embodiment of the present invention.
  • the mobile phone 300 includes components such as an RF (radio frequency) circuit 320, a memory 330, an input unit 340, a display unit 350, a gravity sensor 360, an audio circuit 370, a processor 380, and a power source 390.
  • RF radio frequency
  • FIG. 11 the structure of the handset shown in FIG. 11 does not constitute a limitation to the handset, and may include more or less components than those illustrated, or some components may be combined, or different components may be arranged.
  • the components of the mobile phone 300 will be specifically described below with reference to FIG. 3:
  • the RF circuit 320 can be used for transmitting and receiving information or during a call, and receiving and transmitting the signal. Specifically, after receiving the downlink information of the base station, the processing is performed by the processor 380. In addition, the uplink data is sent to the base. station.
  • RF circuits include, but are not limited to, an antenna, at least one amplifier, a transceiver, a coupler, an LNA (low noise amplifier), a duplexer, and the like.
  • RF circuitry 320 can also communicate with the network and other devices via wireless communication.
  • the wireless communication may use any communication standard or protocol, including but not limited to GSM (global system of mobile communication), GPRS (general packet radio service), CDMA (code division multiple access) , code division multiple access), WCDMA (wideband code division multiple access), LTE (long term evolution), e-mail, SMS (short messaging service), and the like.
  • GSM global system of mobile communication
  • GPRS general packet radio service
  • CDMA code division multiple access
  • WCDMA wideband code division multiple access
  • LTE long term evolution
  • e-mail short messaging service
  • the memory 330 can be used to store software programs and modules, and the processor 380 executes various functional applications and data processing of the mobile phone 300 by running software programs and modules stored in the memory 330.
  • the memory 330 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to The data created by the use of the mobile phone 300 (such as audio data, image data, phone book, etc.) and the like.
  • memory 330 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
  • the input unit 340 can be configured to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the handset 300.
  • the input unit 340 can include a touch screen 341 as well as other input devices 342.
  • a touch screen 341, also referred to as a touch panel, can collect touch operations on or near the user (such as the user's operation on or near the touch screen 341 using any suitable object or accessory such as a finger, stylus, etc.), and The corresponding connecting device is driven according to a preset program.
  • the touch screen 341 may include two parts of a touch detection device and a touch controller.
  • the touch detection device detects the touch orientation of the user, and detects a signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts the touch information into contact coordinates, and sends the touch information.
  • the processor 380 is provided and can receive commands from the processor 380 and execute them.
  • the touch screen 341 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves.
  • the input unit 340 may also include other input devices 342.
  • other input devices 342 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, power switch buttons, etc.), trackballs, mice, joysticks, and the like.
  • the display unit 350 can be used to display information input by the user or information provided to the user and various menus of the mobile phone 300.
  • the display unit 350 may include a display panel 351.
  • the display panel 341 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like.
  • the touch screen 341 can cover the display panel 351, and when the touch screen 341 detects a touch operation on or near it, transmits to the processor 380 to determine the type of the touch event, and then the processor 380 displays the panel according to the type of the touch event.
  • a corresponding visual output is provided on the 351.
  • the touch screen 341 and the display panel 351 function as two separate components to implement the input and input functions of the mobile phone 300, in some embodiments, the touch screen 341 can be integrated with the display panel 351 to implement the mobile phone 300. Input and output functions.
  • Gravity sensor 360 can detect the phone in all directions (usually The three-axis acceleration, the magnitude and direction of gravity can be detected at rest, and can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, Tap) and so on.
  • the handset 300 can also include other sensors, such as light sensors.
  • the light sensor can include an ambient light sensor and a proximity light sensor.
  • the ambient light sensor can adjust the brightness of the display panel 341 according to the brightness of the ambient light; the proximity light sensor can detect whether an object approaches or contacts the mobile phone, and can close the display panel 341 and/or the backlight when the mobile phone 300 moves to the ear.
  • the mobile phone 300 can also be configured with other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, an infrared sensor, and the like, and will not be described herein.
  • Audio circuitry 370, speaker 371, microphone 372 can provide an audio interface between the user and handset 300.
  • the audio circuit 370 can transmit the converted electrical data of the received audio data to the speaker 371, and convert it into a sound signal output by the speaker 371; on the other hand, the microphone 372 converts the collected sound signal into an electrical signal, by the audio circuit 370. After receiving, it is converted to audio data, and then the audio data is output to the RF circuit 320 for transmission to, for example, another mobile phone, or the audio data is output to the memory 330 for further processing.
  • Processor 380 is the control center of handset 300, which connects various portions of the entire handset using various interfaces and lines, by running or executing software programs and/or modules stored in memory 330, and recalling data stored in memory 330, The various functions and processing data of the mobile phone 300 are performed to perform overall monitoring of the mobile phone.
  • the processor 380 may include one or more processing units; preferably, the processor 380 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, an application, and the like.
  • the modem processor primarily handles wireless communications. It will be appreciated that the above described modem processor may also not be integrated into the processor 380.
  • the handset 300 also includes a power source 390 (such as a battery) that supplies power to the various components.
  • a power source 390 such as a battery
  • the power source can be logically coupled to the processor 380 via a power management system to manage functions such as charging, discharging, and power management through the power management system.
  • the mobile phone 300 may further include a WiFi (Wireless Fidelity) module, a Bluetooth module, and the like, and details are not described herein again.
  • WiFi Wireless Fidelity
  • Bluetooth Wireless Fidelity
  • the memory 330 is further configured to store various execution instructions when the terminal performs the whitelist update mode.
  • the processor 380 is further configured to determine, according to the trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is used by the first application. Generating or generating a first service of the first application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal The whitelist is used to store the verification code sender number of the whitelist update request generator;
  • At least the verification code sender number of the whitelist update request generator is updated to the terminal whitelist.
  • the disclosed system, apparatus, and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the modules or units is only a logical function division.
  • there may be another division manner for example, multiple units or components may be used. Combinations can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including a plurality of instructions for causing a computer device (which may be a personal computer, a server, Either a network device or the like) or a processor performs all or part of the steps of the method described in various embodiments of the invention.
  • the storage medium is a non-transitory medium, including: a flash memory, a mobile hard disk, a read only memory, a random access memory, a magnetic disk, or an optical disk, and the like, which can store program code.

Abstract

The invention relates to the field of communications. Provided are a method and device for updating a whitelist capable of timely updating a whitelist of a terminal. The method comprises: upon trigging of a whitelist update request, determining, by a terminal, whether a first application has authority to update a whitelist thereof (S101), the whitelist being used to store the number of an authentication code sender of a party generating the whitelist update request; and if it is determined that the first application has the authority to update the whitelist of the terminal, updating the whitelist with at least the number of the authentication code sender of the party generating the whitelist update request (S102).

Description

一种白名单更新方法和装置White list updating method and device
本申请要求于2016年6月7日提交中国专利局、申请号为201610404438.5的中国专利申请的优先权,其全部内容通过引用包含于本申请中。The present application claims priority to Chinese Patent Application No. 201610404438.5, filed on Jun. 7, 2016, the entire content of which is hereby incorporated by reference.
技术领域Technical field
本发明实施例涉及通信领域,尤其涉及一种白名单更新方法和装置。The embodiments of the present invention relate to the field of communications, and in particular, to a whitelist updating method and apparatus.
背景技术Background technique
移动支付(Mobile Payment)是指允许用户使用其移动终端,例如,手机或平板电脑,对所消费的商品或服务进行账务支付的一种服务方式。随着移动支付的兴起,移动支付通常利用短信验证码(例如,金融交易方面的信息,具体地,可以是银行账号、银行密码、支付验证码、订单通知等)的形式来进行安全验证。即用户在网站或者应用程序(Application,简称APP)上进行移动支付时,网站后台或者应用程序对应的验证码发送方号码向用户事先绑定的手机号码发送短信(Short Message Service,SMS),该短信中携带有网站或者应用程序按照预设规则生成的短信验证码,用户收到短信之后,在网站或者应用程序上填写该短信验证码,验证通过之后,才能完成后续操作。Mobile Payment refers to a service that allows users to use their mobile terminals, such as mobile phones or tablets, to pay for goods or services they consume. With the rise of mobile payments, mobile payments typically use secure authentication in the form of SMS verification codes (eg, financial transaction information, specifically, bank account numbers, bank passwords, payment verification codes, order notifications, etc.). That is, when the user performs mobile payment on the website or the application (Application, referred to as APP), the sender code of the verification code corresponding to the website background or the application sends a short message service (SMS) to the mobile phone number bound by the user. The short message carries the short message verification code generated by the website or the application according to the preset rule. After the user receives the short message, the user fills in the short message verification code on the website or the application, and the subsequent operation can be completed after the verification is passed.
目前,在安卓(Android)操作系统中,APP可以通过申请读取短信权限,在确定具有读取短信权限之后,APP可以读取移动终端系统中所有短信,并从中获取需要的短信验证码,若当前移动终端使用的就是需要验证的手机号码,则可以避免用户手动输入验证码;目前,除了短信应用,其他绝大部分APP申请短信权限的主要功能都是为了读取短信验证码。目前可以将应用程序对应的验证码发送方号码写入终端白名单列表中,这样若所述应用程序对应的验证码发送方号码不存在于白名单列表中,则终端系统可以提醒终端用户发送验证码短信的验证码发送方号码存在安全隐患,这样可以防止用户被虚假短信诈骗。由于在实际使用中,可能存在应用程序增加新业务或者变更应用程序对应的验证码发送方号码的问题,此时需要更新白名单列表,以及时更新应用程序对应的验证码发送方号码。At present, in the Android (Android) operating system, the APP can read the short message permission by applying, and after determining that the right to read the short message, the APP can read all the short messages in the mobile terminal system, and obtain the required short message verification code from the mobile terminal system, if Currently, the mobile terminal uses the mobile phone number that needs to be verified, so that the user can manually prevent the verification code from being manually input. Currently, except for the short message application, most of the main functions of the APP application for the short message permission are to read the short message verification code. The sender code of the verification code corresponding to the application can be written into the whitelist of the terminal, so that if the sender number of the verification code corresponding to the application does not exist in the whitelist, the terminal system can remind the terminal user to send the verification. The sender code of the code verification code has a security risk, which can prevent users from being scammed by false text messages. In actual use, there may be a problem that the application adds a new service or changes the sender number of the verification code corresponding to the application. In this case, the whitelist is updated, and the sender number of the verification code corresponding to the application is updated.
现有技术中,通常白名单是通过大版本的统一升级方式(如:OTA(Over-the-Air Technology,空间下载技术)升级),即当应用程序有新增业务或者变更验证码发送方号码时,应用程序的开发商向白名单列表的开发商提出申请请求更新白名单列表,然后终端开发商开发出相应的版本升级软件,终端通过相应的版本升级软件更新实现白名单列表的更新,这种更新方式需要较长的周期性。且应用程序不能主动修改白名单,只能通过提前申请的方式。同时白名单列表涵盖的应用程序很多;在各个应用程序进行业务拓展、变更等原因需要更新白名单列表时,不能保证每台终端上的白名单列表进行及时的更新。In the prior art, the whitelist is usually upgraded by a large version (such as OTA (Over-the-Air Technology) upgrade), that is, when the application has a new service or changes the verification code sender number. When the developer of the application requests the developer of the whitelist to request to update the whitelist, the terminal developer develops the corresponding version upgrade software, and the terminal updates the whitelist through the corresponding version upgrade software update. The update method requires a long period of time. And the application can't modify the whitelist actively, only by applying in advance. At the same time, the whitelist list covers a large number of applications; when each application needs to update the whitelist list for reasons such as business development and change, the whitelist list on each terminal cannot be updated in time.
发明内容 Summary of the invention
本发明的实施例提供一种白名单更新方法和装置,用以及时的更新终端白名单列表中每个应用程序和/或该应用程序的每个业务对应的验证码发送方号码。An embodiment of the present invention provides a whitelist updating method and apparatus for updating a verification code sender number corresponding to each application in the terminal whitelist list and/or each service of the application in a timely manner.
为达到上述目的,本发明的实施例采用如下技术方案:In order to achieve the above object, embodiments of the present invention adopt the following technical solutions:
第一方面,本发明实施例提供一种白名单更新方法,应用于终端,该终端上运行有第一应用程序,该方法包括:基于第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发,终端判断第一应用程序是否具有更新终端白名单列表的权限,其中,白名单更新请求包含所述第一应用程序的标识、以及白名单更新请求生成者的验证码发送方号码;该验证码发送方号码为白名单更新请求生成者的;终端白名单列表用于存储发送验证码消息的验证码发送方号码;若确定第一应用程序具有更新终端的白名单列表的权限,则至少将白名单更新请求生成者的验证码发送方号码更新至终端白名单列表中。In a first aspect, an embodiment of the present invention provides a whitelist update method, which is applied to a terminal, where the first application is run on the terminal, and the method includes: generating, according to the first application, or the first service generation of the first application. Triggering the whitelist update request, the terminal determining whether the first application has the right to update the terminal whitelist list, wherein the whitelist update request includes the identifier of the first application, and the verification code of the whitelist update request generator a sender number; the verification code sender number is a white list update request generator; the terminal white list is used to store a verification code sender number for transmitting the verification code message; if it is determined that the first application has a whitelist of the updated terminal Permission, at least update the verification code sender number of the whitelist update request generator to the terminal whitelist.
本发明实施例提供一种白名单更新方法,通过接收第一应用程序发送的用于更新终端白名单列表的白名单更新请求,在确定第一应用程序具有更新终端白名单列表的权限之后,更新终端白名单列表,这样,当白名单更新请求生成者的验证码发送方号码变更或者需要重新在白名单列表中注册白名单更新请求生成者的验证码发送方号码时,无需向白名单列表的开发商提出申请请求更新终端白名单列表,而是根据第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发及时更新用于存储发送验证码消息的验证码发送方号码的终端白名单列表,该方法简单,解决了现有技术中应用程序无法自主更新终端白名单列表以及更新终端白名单列表周期长的问题。An embodiment of the present invention provides a whitelist update method, by receiving a whitelist update request for updating a terminal whitelist list sent by a first application, and updating the first application after determining that the first application has the right to update the terminal whitelist. The terminal whitelist list, such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to whitelist the list. The developer submits an application request to update the terminal whitelist list, and updates the verification code sender for storing the verification code message according to the trigger of the first application generation or the whitelist update request generated by the first service of the first application. The terminal whitelist list of the number is simple, and solves the problem that the application cannot update the terminal whitelist list and update the terminal whitelist list period in the prior art.
结合第一方面,在第一方面的第一种可能的实现方式中,该终端还包括显示屏,相应的,终端确定第一应用程序具有更新终端白名单列表的权限,包括:基于白名单更新请求的触发,终端通过显示屏向用户展示用于提示用户是否同意向所述第一应用程序授予更新终端白名单列表的权限的第一提示消息;终端若检测到用户输入第一指示信息,则确定第一应用程序具有更新终端白名单列表的权限。这样一来,用户可以根据第一提示消息,判断第一应用程式是否为安全应用程序,当用户确定第一应用程序为安全程序时,用户授权第一应用程序具有更新终端白名单列表的权限,这样,可以将通过用户识别出验证码发送方号码的安全性。In conjunction with the first aspect, in a first possible implementation manner of the first aspect, the terminal further includes a display screen, and correspondingly, the terminal determines that the first application has the right to update the terminal whitelist list, including: updating based on the whitelist a triggering of the request, the terminal displaying, by using a display screen, a first prompt message for prompting the user whether to grant the first application the right to update the terminal whitelist list; if the terminal detects that the user inputs the first indication information, It is determined that the first application has the right to update the terminal whitelist list. In this way, the user can determine whether the first application is a security application according to the first prompt message. When the user determines that the first application is a security program, the user authorizes the first application to have the right to update the terminal whitelist. In this way, the security of the verification code sender number can be recognized by the user.
结合第一方面,在第一方面的第二种可能的实现方式中,确定第一应用程序具有更新终端白名单列表的权限,包括:基于白名单更新请求的触发,终端获取第一应用程序的证书和标识;终端判断第一应用程序的证书和预设证书是否匹配,且第一应用程序的标识和预设标识是否匹配;终端若确定第一应用程序的证书和预设证书匹配,且第一应用程序的标识和预设标识匹配,则确定第一应用程序具有更新终端白名单列表的权限。这样一来,可以提高存储在终端白名单列表中每个验证码发送方号码的可靠性,便于用户识别存在安全隐患的验证码发送方号码,这样可以防止用户被虚假短信诈骗。With reference to the first aspect, in a second possible implementation manner of the first aspect, determining that the first application has the right to update the terminal whitelist list includes: acquiring, by the terminal, the first application according to the trigger of the whitelist update request a certificate and an identifier; the terminal determines whether the certificate of the first application matches the preset certificate, and whether the identifier of the first application matches the preset identifier; if the terminal determines that the certificate of the first application matches the preset certificate, and the If the identifier of an application matches the preset identifier, it is determined that the first application has the right to update the terminal whitelist list. In this way, the reliability of each verification code sender number stored in the terminal whitelist list can be improved, and the user can identify the verification code sender number with security risks, thereby preventing the user from being fraudulently spoofed.
结合第一方面,在第一方面的第一种可能的实现方式中,至少将白名单更 新请求生成者的验证码发送方号码更新至终端白名单列表中,包括:终端判断白名单更新请求生成者的验证码发送方号码是否已经注册在终端白名单列表中;终端若确定白名单更新请求生成者的验证码发送方号码未注册在终端白名单列表中,则终端将第一应用程序的标识以及与第一应用程序的标识对应的白名单更新请求生成者的验证码发送方号码写入终端白名单列表中。这样一来,可以在终端白名单列表中及时注册白名单更新请求生成者的验证码发送方号码。In combination with the first aspect, in the first possible implementation of the first aspect, at least the whitelist is further The new request generator's verification code sender number is updated to the terminal whitelist list, including: the terminal determines whether the whitelist update request generator's verification code sender number is already registered in the terminal whitelist list; if the terminal determines the whitelist update If the verification code sender number of the request generator is not registered in the terminal whitelist, the terminal writes the identifier of the first application and the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application. Enter the terminal whitelist. In this way, the verification code sender number of the whitelist update request generator can be registered in the terminal whitelist list in time.
结合第一方面的第三种可能的实现方式,在第一方面的第四种可能的实现方式中,该方法还包括:终端若确定白名单更新请求生成者的验证码发送方号码已注册在终端白名单列表中,终端判断原验证码发送方号码与新验证码发送方号码是否一致;原验证码发送方号码为已经注册在终端白名单列表中的白名单更新请求生成者的验证码发送方号码,新验证码发送方号码为所述白名单更新请求中白名单更新请求生成者的验证码发送方号码;终端若确定原验证码发送方号码与新验证码发送方号码不一致,则终端将原验证码发送方号码从终端白名单列表中删除,并将新验证码发送方号码写入终端白名单列表中与第一应用程序的标识对应的位置。这样一来,当白名单更新请求生成者的验证码发送方号码变更时,可以及时在终端白名单中更新该白名单更新请求生成者的验证码发送方号码。In conjunction with the third possible implementation of the first aspect, in a fourth possible implementation manner of the first aspect, the method further includes: if the terminal determines that the verification code sender number of the whitelist update request generator is already registered In the terminal whitelist list, the terminal determines whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is the verification code of the whitelist update request generator that has been registered in the terminal whitelist list. The party number, the new verification code sender number is the verification code sender number of the white list update request generator in the white list update request; if the terminal determines that the original verification code sender number is inconsistent with the new verification code sender number, the terminal The original verification code sender number is deleted from the terminal whitelist list, and the new verification code sender number is written into the terminal whitelist list corresponding to the identifier of the first application. In this way, when the verification code sender number of the whitelist update request generator is changed, the verification code sender number of the whitelist update request generator can be updated in the terminal white list in time.
结合第一方面至第一方面的第四种可能的实现方式中任意一种可能的实现方式,在第一方面的第五种可能的实现方式中,该方法还包括:终端获取终端白名单列表中白名单更新请求生成者在预设时间内的使用频率;终端将终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码从终端白名单列表中删除。这样可以在终端白名单列表存储空间一定时,节约终端白名单列表存储空间。With reference to the first aspect to any possible implementation of the fourth possible implementation manner of the first aspect, in a fifth possible implementation manner of the first aspect, the method further includes: acquiring, by the terminal, a whitelist of the terminal The whitelist update request generator uses the frequency of the preset time; the terminal deletes the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist from the terminal whitelist. In this way, when the storage space of the terminal whitelist is fixed, the storage space of the terminal whitelist is saved.
当结合第一方面至第一方面的第五种可能的实现方式中任意一种可能的实现方式,在第一方面的第六种可能的实现方式中,该方法还包括:向服务器发送至少携带有白名单更新请求生成者的验证码发送方号码,用于更新服务器白名单列表中所述白名单更新请求生成者的验证码发送方号码的第一白名单更新请求,以使得服务器根据第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与服务器通信的终端;这样一来,可以使得服务器更新服务器白名单列表中白名单更新请求生成者的验证码发送方号码,然后终端通过与服务器连接,即可更新与服务器通信的终端中终端白名单列表,这样终端不需要通过升级版本即可实现更新终端白名单列表。In a sixth possible implementation manner of the first aspect, the method further includes: sending at least a verification code sender number of the whitelist update request generator for updating a first whitelist update request of the verification code sender number of the whitelist update request generator in the server whitelist list, so that the server is based on the first The whitelist update request periodically synchronizes the updated server whitelist to the terminal that communicates with the server; thus, the server may be caused to update the whitelist update request sender's verification code sender number in the server whitelist list, and then By connecting with the server, the terminal can update the terminal whitelist list in the terminal that communicates with the server, so that the terminal can update the terminal whitelist list without upgrading the version.
当然,该第一白名单更新请求中还包括第一应用程序的标识和证书,用于服务器根据该第一应用程序的标识和证书判断是否更新服务器中的服务器白名单列表。Of course, the first whitelist update request further includes an identifier and a certificate of the first application, and the server determines, according to the identifier and the certificate of the first application, whether to update the server whitelist in the server.
第二方面,本发明实施例还提供一种白名单更新方法,应用于服务器中,该方法包括:服务器接收至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码,用于指示更新服务器白名单列表的第一白名单更新请 求;其中,白名单更新请求由第一应用程序生成或第一应用程序的第一业务生成;服务器判断第一白名单更新请求是否满足更新条件;服务器若确定第一白名单更新请求满足更新条件,服务器则至少将所述白名单更新请求生成者的验证码发送方号码更新至服务器白名单列表中。这样一来,服务器可以及时更新存储在服务器中的服务器白名单列表中白名单更新请求生成者的验证码发送方号码。In a second aspect, the embodiment of the present invention further provides a whitelist update method, which is applied to a server, where the method includes: receiving, by the server, an identifier of the first application, and a verification code sender number of the whitelist update request generator. First whitelist update to indicate update server whitelist list The whitelist update request is generated by the first application or the first service of the first application; the server determines whether the first whitelist update request satisfies the update condition; and the server determines that the first whitelist update request satisfies the update condition The server updates at least the verification code sender number of the whitelist update request generator to the server whitelist. In this way, the server can update the verification code sender number of the whitelist update request generator in the server whitelist list stored in the server in time.
结合第二方面,在第二方面的第一种可能的实现方式中,该方法还包括:服务器按照预设周期,将更新后的服务器白名单列表同步至与服务器通信的终端。这样终端通过与服务器通信,即可更新终端中的终端白名单列表。With reference to the second aspect, in a first possible implementation manner of the second aspect, the method further includes: the server, according to the preset period, synchronizing the updated server whitelist to the terminal that communicates with the server. In this way, the terminal can update the terminal whitelist list in the terminal by communicating with the server.
结合第二方面,在第二方面的第二种可能的实现方式中,第一白名单更新请求中还携带有第一应用程序的证书和标识;若第一白名单更新请求为终端发送的,则更新条件为第一白名单更新请求中包含的第一应用程序的证书和预先存储在服务器中第一应用程序对应的证书一致,且所述第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致;当第一白名单更新请求不是终端发送的,则更新条件为第一白名单更新请求中携带有终端对应的更新信息,更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。With reference to the second aspect, in a second possible implementation manner of the second aspect, the first whitelist update request further includes a certificate and an identifier of the first application; if the first whitelist update request is sent by the terminal, The update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the identifier of the first application is pre-stored in the server. The identifier corresponding to the first application is consistent; when the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries the update information corresponding to the terminal, and the update information includes the updated version difference. And an update time and a result of whether the verification code sender number of the whitelist update request generator has been updated in the terminal whitelist list.
第三方面,本发明实施例提供一种白名单更新装置,应用于终端,该终端上运行有第一应用程序,该装置包括:判断单元,用于基于第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发,判断第一应用程序是否具有更新用于存储所述白名单更新请求生成者的验证码发送方号码的终端白名单列表的权限,其中,该白名单更新请求包含第一应用程序的标识、以及白名单更新请求生成者的验证码发送方号码;判定单元,用于确定第一应用程序具有更新终端的白名单列表的权限;更新单元,用于在判定单元确定第一应用程序具有更新终端的白名单列表的权限时,至少将白名单更新请求生成者的验证码发送方号码更新至终端白名单列表中,终端白名单列表用于存储发送验证码消息的验证码发送方号码。In a third aspect, an embodiment of the present invention provides a whitelist updating apparatus, which is applied to a terminal, where the terminal runs a first application, and the apparatus includes: a determining unit, configured to generate or the first application based on the first application. Triggering a whitelist update request generated by the first service, determining whether the first application has the right to update a terminal whitelist for storing the verification code sender number of the whitelist update request generator, wherein the white The list update request includes an identifier of the first application and a verification code sender number of the whitelist update request generator; a determining unit, configured to determine that the first application has the right to update the whitelist of the terminal; and an update unit, configured to: When the determining unit determines that the first application has the right to update the whitelist list of the terminal, at least the verification code sender number of the whitelist update request generator is updated to the terminal whitelist, and the terminal whitelist is used for storing the transmission verification. The verification code sender number of the code message.
第三方面,在第三方面的第一种可能的实现方式中,终端还包括显示屏,相应的判定单元,包括:展示模块,用于基于白名单更新请求的触发,通过显示屏向用户展示用于提示用户是否同意向所述第一应用程序授予更新所述终端白名单列表的权限的第一提示消息;第一判断模块,用于判断是否检测到用户输入的用于指示用户同意向所述第一应用程序授予更新终端白名单列表的权限的第一指示信息;第一确定模块,用于在第一判断模块确定检测到用户输入第一指示信息,则确定第一应用程序具有更新所述终端白名单列表的权限。In a third aspect, in a first possible implementation manner of the third aspect, the terminal further includes a display screen, and the corresponding determining unit includes: a display module, configured to display the trigger based on the whitelist update request to the user through the display screen a first prompt message for prompting the user whether to grant the first application the right to update the terminal whitelist list; the first determining module is configured to determine whether the user input is used to indicate that the user agrees to the Determining, by the first application, the first indication information of the right to update the whitelist of the terminal; the first determining module, configured to: when the first determining module determines that the user inputs the first indication information, determining that the first application has the update The permissions of the terminal whitelist.
结合第三方面,在第三方面的第二种可能的实现方式中,判定单元,包括:获取模块,用于基于白名单更新请求的触发,获取第一应用程序的证书和标识;第二判断模块,用于判断第一应用程序的证书和预设证书是否匹配,且第一应用程序的标识和预设标识是否匹配;第二确定模块,用于在第二判断模块确定第一应用程序的证书和预设证书匹配,且第一应用程序的标识和预设标识匹配 时,确定第一应用程序具有更新所述终端白名单列表的权限。With reference to the third aspect, in a second possible implementation manner of the third aspect, the determining unit includes: an acquiring module, configured to acquire a certificate and an identifier of the first application based on a trigger of the whitelist update request; a module, configured to determine whether the certificate of the first application matches the preset certificate, and whether the identifier of the first application matches the preset identifier, and the second determining module is configured to determine, in the second determining module, the first application The certificate matches the preset certificate, and the identifier of the first application matches the preset identifier When it is determined, the first application has the right to update the terminal whitelist list.
结合第三方面,在第三方面的第三种可能的实现方式中,更新单元,包括:第三判断模块,用于判断白名单更新请求生成者的验证码发送方号码是否已经注册在终端白名单列表中;第一更新模块,用于在第三判断模块确定白名单更新请求生成者的验证码发送方号码未注册在终端白名单列表时,则将第一应用程序的标识以及与第一应用程序的标识对应的白名单更新请求生成者的验证码发送方号码写入终端白名单列表中。With reference to the third aspect, in a third possible implementation manner of the third aspect, the updating unit includes: a third determining module, configured to determine whether the verification code sender number of the whitelist update request generator is already registered in the terminal white a first update module, configured to: when the third determination module determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the identifier of the first application and the first The verification code sender number of the whitelist update request generator corresponding to the identifier of the application is written in the terminal whitelist.
结合第三方面的第三种可能的实现方式,在第三方面的第四种可能的实现方式中,所述装置还包括:第四判断模块,用于在第三判断模块确定白名单更新请求生成者的验证码发送方号码已注册在终端白名单列表中时,判断原验证码发送方号码与新验证码发送方号码是否一致;原验证码发送方号码为已经注册在终端白名单列表中的所述白名单更新请求生成者的验证码发送方号码,新验证码发送方号码为白名单更新请求中白名单更新请求生成者的验证码发送方号码;第二更新模块,用于在第四判断模块确定原验证码发送方号码与新验证码发送方号码不一致时,则将原验证码发送方号码从终端白名单列表中删除,并将新验证码发送方号码写入终端白名单列表中与第一应用程序的标识对应的位置。In conjunction with the third possible implementation of the third aspect, in a fourth possible implementation manner of the third aspect, the device further includes: a fourth determining module, configured to determine, in the third determining module, a whitelist update request When the sender's verification code sender number is registered in the terminal whitelist list, it is determined whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is already registered in the terminal whitelist list. The whitelist update request sender's verification code sender number, the new verification code sender number is the verification code sender number of the whitelist update request generator in the whitelist update request; the second update module is used in the When the determining module determines that the original verification code sender number is inconsistent with the new verification code sender number, the original verification code sender number is deleted from the terminal whitelist list, and the new verification code sender number is written into the terminal whitelist list. The location corresponding to the identity of the first application.
结合第三方面至第三方面的第四种可能的实现方式中任意一种可能的实现方式,在第三方面的第五种可能的实现方式中,该装置还包括:统计单元,用于获取终端白名单列表中白名单更新请求生成者在预设时间内的使用频率;删除单元,用于将终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码以及白名单更新请求生成者的标识从终端白名单列表中删除。With reference to any one of the possible implementations of the third aspect to the fourth possible implementation of the third aspect, in a fifth possible implementation manner of the third aspect, the device further includes: a statistics unit, configured to obtain The frequency of use of the whitelist update request generator in the terminal whitelist list in the preset time; the deleting unit is configured to use the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist list And the identifier of the whitelist update request generator is deleted from the terminal whitelist.
结合第三方面至第三方面的第五种可能的实现方式中任意一种可能的实现方式,在第三方面的第六种可能的实现方式中,该装置还包括:发送单元,用于向服务器发送第一白名单更新请求,以使得所述服务器根据第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与服务器连接的终端;第一白名单更新请求中至少携带有白名单更新请求生成者的验证码发送方号码;第一白名单更新请求用于更新服务器白名单列表中白名单更新请求生成者的验证码发送方号码,服务器白名单列表用于存储发送验证码消息的验证码发送方号码。With reference to any one of the possible implementation manners of the third aspect to the fifth possible implementation manner of the third aspect, in a sixth possible implementation manner of the third aspect, the device further includes: a sending unit, configured to The server sends a first whitelist update request, so that the server periodically synchronizes the updated server whitelist list to the terminal connected to the server according to the first whitelist update request; the first whitelist update request carries at least The whitelist update request generator's verification code sender number; the first whitelist update request is used to update the verification code sender number of the whitelist update request generator in the server whitelist list, and the server whitelist is used to store the transmission verification code. The verification code sender number of the message.
第四方面,本发明实施例提供一种白名单更新装置,应用于服务器中,所述装置包括:接收单元,用于接收第一白名单更新请求,第一白名单更新请求用于指示更新服务器白名单列表;第一白名单更新请求至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码;其中,白名单更新请求由第一应用程序生成或第一应用程序的第一业务生成;服务器白名单列表用于存储发送验证码消息的验证码发送方号码;判断单元,用于判断第一白名单更新请求是否满足更新条件;更新单元,用于在判断单元确定第一白名单更新请求满足更新条件,服务器则至少将白名单更新请求生成者的验证码发送方号码 更新至服务器白名单列表中。In a fourth aspect, the embodiment of the present invention provides a whitelist updating apparatus, which is applied to a server, where the apparatus includes: a receiving unit, configured to receive a first whitelist update request, where the first whitelist update request is used to indicate an update server. a whitelist list; the first whitelist update request includes at least an identifier of the first application, a verification code sender number of the whitelist update request generator; wherein the whitelist update request is generated by the first application or the first application The first service is generated; the server whitelist is used to store the verification code sender number of the verification code message; the determining unit is configured to determine whether the first whitelist update request satisfies the update condition; and the update unit is configured to determine, in the determining unit, A whitelist update request satisfies the update condition, and the server at least adds the verification code sender number of the whitelist update request generator Update to the server whitelist list.
结合第四方面,在第四方面的第一种可能的实现方式中,该装置还包括:同步单元,用于按照预设周期,将更新后的服务器白名单列表同步至与服务器通信的终端。In conjunction with the fourth aspect, in a first possible implementation manner of the fourth aspect, the apparatus further includes: a synchronization unit, configured to synchronize the updated server whitelist list to the terminal that communicates with the server according to a preset period.
结合第四方面,在第四方面的第二种可能的实现方式中,第一白名单更新请求中还携带有第一应用程序的证书和标识,若第一白名单更新请求为终端发送的,则更新条件为第一白名单更新请求中包含的第一应用程序的证书和预先存储在服务器中第一应用程序对应的证书一致,且第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致;当所述第一白名单更新请求不是终端发送的,则更新条件为第一白名单更新请求中携带有终端对应的更新信息,所述更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。With reference to the fourth aspect, in a second possible implementation manner of the fourth aspect, the first whitelist update request further includes a certificate and an identifier of the first application, and if the first whitelist update request is sent by the terminal, The update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the identifier of the first application is pre-stored in the server. The identifier corresponding to the first application is consistent; when the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries the update information corresponding to the terminal, and the update information includes the updated version. The difference, the update time, and the result of whether the verification code sender number of the whitelist update request generator has been updated in the terminal whitelist list.
第五方面,本发明实施例提供一种终端,包括:处理器、存储器、系统总线和通信接口;In a fifth aspect, an embodiment of the present invention provides a terminal, including: a processor, a memory, a system bus, and a communication interface;
所述存储器用于存储计算机执行指令,所述处理器与所述存储器通过所述系统总线连接,当所述终端运行时,所述处理器执行所述存储器存储的所述计算机执行指令,以使所述终端执行如上述第一方面或者第一方面的任意一种可选方式中所述的白名单更新方法。The memory is configured to store a computer execution instruction, the processor is connected to the memory through the system bus, and when the terminal is running, the processor executes the computer execution instruction stored in the memory, so that The terminal performs the whitelist update method as described in the above first aspect or any one of the foregoing aspects.
第六方面,本发明实施例提供一种可读介质,包括计算机执行指令,当终端的处理器执行所述计算机执行指令时,所述终端执行如上述第一方面或者第一方面的任意一种可选方式中所述的白名单更新方法。In a sixth aspect, an embodiment of the present invention provides a readable medium, including a computer executing instruction, when the processor of the terminal executes the computer to execute an instruction, the terminal performs any one of the foregoing first aspect or the first aspect. The whitelist update method described in the alternative.
第七方面,本发明实施例提供一种服务器,包括:处理器、存储器、系统总线和通信接口;In a seventh aspect, an embodiment of the present invention provides a server, including: a processor, a memory, a system bus, and a communication interface;
所述存储器用于存储计算机执行指令,所述处理器与所述存储器通过所述系统总线连接,当所述服务器运行时,所述处理器执行所述存储器存储的所述计算机执行指令,以使所述服务器执行如上述第二方面或者第二方面的任意一种可选方式中所述的白名单更新方法。The memory is configured to store a computer executing instructions, the processor is coupled to the memory via the system bus, and when the server is running, the processor executes the computer executed instructions stored in the memory to enable The server performs the whitelist update method as described in the second aspect or the second aspect of the second aspect.
第八方面,本发明实施例提供一种可读介质,包括计算机执行指令,当服务器的处理器执行所述计算机执行指令时,所述服务器执行如上述第二方面或者第二方面的任意一种可选方式中所述的白名单更新方法。In an eighth aspect, an embodiment of the present invention provides a readable medium, including computer execution instructions, when the processor of the server executes the computer execution instruction, the server performs any one of the foregoing second aspect or the second aspect. The whitelist update method described in the alternative.
第九方面,本发明实施例提供一种通信系统,该通信系统包括多个终端和服务器,该多个终端可以为上述第三方面或者第三方面的任意一种可选方式中所述的终端,以及该服务器可以为上述第四方面或者第四方面的任意一种可选方式中所述的服务器;或者,A ninth aspect, the embodiment of the present invention provides a communication system, where the communication system includes a plurality of terminals and a server, and the multiple terminals may be the terminal described in any one of the foregoing third aspect or the third aspect. And the server may be the server described in the above fourth aspect or any one of the optional aspects of the fourth aspect; or
该多个用户设备可以为上述第五方面所述的用户设备,以及该服务器可以为上述第七方面所述的服务器。The plurality of user equipments may be the user equipments described in the fifth aspect above, and the server may be the server described in the seventh aspect above.
可选的,上述用户设备还可以包括第六方面所述的可读介质,上述服务器还可以包括第八方面所述的可读介质。Optionally, the user equipment may further include the readable medium of the sixth aspect, and the server may further include the readable medium of the eighth aspect.
本发明实施例提供一种白名单更新方法和装置,通过接收第一应用程序发 送的用于更新终端白名单列表的白名单更新请求,在确定第一应用程序具有更新终端白名单列表的权限之后,更新终端白名单列表,这样,当白名单更新请求生成者的验证码发送方号码变更或者需要重新在白名单列表中注册白名单更新请求生成者的验证码发送方号码时,无需向白名单列表的开发商提出申请请求更新终端白名单列表,而是根据第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发及时更新终端白名单列表,该方法简单,解决了现有技术中应用程序无法自主更新终端白名单列表以及更新终端白名单列表周期长的问题。An embodiment of the present invention provides a whitelist updating method and apparatus, which are sent by receiving a first application. Sending a whitelist update request for updating the terminal whitelist list, after determining that the first application has the right to update the terminal whitelist list, updating the terminal whitelist list, so that when the whitelist update request generator sends the verification code When the party number is changed or the verification code sender number of the whitelist update request generator needs to be re-registered in the whitelist list, it is not necessary to apply to the developer of the whitelist list to request to update the terminal whitelist list, but according to the first application. Generating or triggering the whitelist update request generated by the first service of the first application to update the terminal whitelist list in time, which is simple, and solves the problem that the application cannot update the terminal whitelist list and update the terminal whitelist list in the prior art. A long cycle problem.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图1为本发明实施例提供的白名单更新方法的流程示意图一;1 is a schematic flowchart 1 of a white list updating method according to an embodiment of the present invention;
图2为本发明实施例提供的白名单更新方法的流程示意图二;2 is a second schematic flowchart of a whitelist updating method according to an embodiment of the present invention;
图3为本发明实施例提供的白名单更新方法的流程示意图三;FIG. 3 is a schematic flowchart 3 of a method for updating a white list according to an embodiment of the present disclosure;
图4为本发明实施例提供的白名单更新方法的流程示意图四;4 is a schematic flowchart 4 of a white list updating method according to an embodiment of the present invention;
图5为本发明另一实施例提供的白名单更新方法的流程示意图;FIG. 5 is a schematic flowchart of a whitelist update method according to another embodiment of the present invention;
图6为本发明实施例提供的一种白名单更新装置的结构示意图一;FIG. 6 is a schematic structural diagram 1 of a white list updating apparatus according to an embodiment of the present disclosure;
图7为本发明实施例提供的一种白名单更新装置的结构示意图二;FIG. 7 is a schematic structural diagram 2 of a white list updating apparatus according to an embodiment of the present disclosure;
图8为本发明实施例提供的另一种白名单更新装置的结构示意图;FIG. 8 is a schematic structural diagram of another whitelist updating apparatus according to an embodiment of the present disclosure;
图9为本发明实施例提供的一种终端的结构示意图;FIG. 9 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure;
图10为本发明实施例提供的一种服务器的结构示意图;FIG. 10 is a schematic structural diagram of a server according to an embodiment of the present disclosure;
图11为本发明实施例提供的一种终端的硬件结构示意图。FIG. 11 is a schematic structural diagram of a hardware of a terminal according to an embodiment of the present invention.
具体实施方式detailed description
本发明实施例的原理:The principle of the embodiment of the invention:
本发明实施例针对现有技术中对终端中的白名单列表进行更新时,当应用程序的验证码发送方号码变更时,应用程序无法自主且及时更新白名单列表,以及大版本升级更新白名单周期较长的问题而提出的一种更新白名单列表的方法,在本实施例中处理器通过接收应用程序发送的用于更新终端白名单列表的白名单更新请求,在确定所述应用程序具有更新白名单列表的权限之后,更新所述终端白名单列表,当任意一个应用程序对应的验证码发送方号码变更或者需要重新在白名单列表中注册验证码发送方号码时,可以及时并自主的更新白名单列表,该方法简单,当应用程序的验证码发送方号码变更时或者需要重新注册时,无需向白名单列表的开发商提出申请请求更新白名单列表,解决了现有技术中应用程序无法自主更新白名单列表以及更新白名单列表周期长的问题。In the embodiment of the present invention, when updating the whitelist list in the terminal in the prior art, when the verification code sender number of the application is changed, the application cannot update the whitelist list and update the whitelist in a large version. A method for updating a whitelist list, which is provided by the processor in the embodiment, by receiving a whitelist update request for updating a terminal whitelist list sent by the application, determining that the application has After updating the permission of the whitelist list, the terminal whitelist list is updated, and when the verification code sender number corresponding to any application is changed or the verification code sender number needs to be re-registered in the whitelist list, the user can be timely and autonomous. Updating the whitelist list, the method is simple, when the verification code sender number of the application is changed or needs to be re-registered, the application of the whitelist is not required to request the update of the whitelist list, and the application in the prior art is solved. Unable to update the whitelist list and update the whitelist list week Long.
本发明实施例中的终端包括处理器、运行在处理器上的应用程序与所述处理器相连的显示屏以及白名单管理实体。本发明实施例对所述终端的操作系统 不进行限定,所述终端的操作系统可以为Android、Windows Phone或iOS等。The terminal in the embodiment of the present invention includes a processor, a display screen connected to the processor by an application running on the processor, and a whitelist management entity. An operating system of the terminal in the embodiment of the present invention Without limitation, the operating system of the terminal may be Android, Windows Phone, or iOS.
在具体实施过程中,本发明实施例的终端可以为移动电话、移动电脑、平板电脑、个人数字助理(Personal Digital Assistant,PDA)、媒体播放器、智能电视、智能可穿戴设备(如智能手表、智能眼镜和智能手环等)、电子阅读器、手持游戏机和车载电子设备等,所述终端具有运行应用程序(Application,APP)、接入网络以及定位等功能。In a specific implementation, the terminal in the embodiment of the present invention may be a mobile phone, a mobile computer, a tablet computer, a personal digital assistant (PDA), a media player, a smart TV, a smart wearable device (such as a smart watch, Intelligent glasses, smart bracelets, etc.), electronic readers, handheld game consoles, and in-vehicle electronic devices, etc., the terminal has functions such as running an application (Application, APP), accessing the network, and positioning.
本发明实施例的应用程序可以为安装在终端上的任何应用程序,示例性的,包括但不限于浏览器、电子邮件、即时消息服务、文字处理、键盘虚拟、窗口小部件(Widget)、加密、数字版权管理、语音识别、语音复制、定位(例如由全球定位系统提供的功能)、音乐播放等等。The application of the embodiment of the present invention may be any application installed on the terminal, including but not limited to browser, email, instant messaging service, word processing, keyboard virtual, widget, encryption. , digital rights management, voice recognition, voice replication, positioning (such as those provided by GPS), music playback, and more.
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
如图1所示,本发明实施例提供一种白名单更新方法,应用于终端中,所述终端包括处理器,以及运行在所述处理器上的第一应用程序,所述方法包括:As shown in FIG. 1 , an embodiment of the present invention provides a method for updating a whitelist, which is applied to a terminal, where the terminal includes a processor, and a first application running on the processor, where the method includes:
S101、基于白名单更新请求的触发,所述终端判断所述第一应用程序是否具有更新终端白名单列表的权限,其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成,所述白名单更新请求包含所述第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码;所述终端白名单列表用于存储发送验证码消息的验证码发送方号码;S101. The terminal determines, according to a trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or the first a first service generation of an application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist is used for storing Send the verification code sender number of the verification code message;
S102、若确定所述第一应用程序具有更新终端的白名单列表的权限,则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中。S102. If it is determined that the first application has the right to update the whitelist of the terminal, update at least the verification code sender number of the whitelist update request generator to the terminal whitelist.
本发明实施例提供一种白名单更新方法,通过接收第一应用程序发送的用于更新终端白名单列表的白名单更新请求,在确定第一应用程序具有更新终端白名单列表的权限之后,更新终端白名单列表,这样,当白名单更新请求生成者的验证码发送方号码变更或者需要重新在白名单列表中注册白名单更新请求生成者的验证码发送方号码时,无需向白名单列表的开发商提出申请请求更新终端白名单列表,而是根据第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发及时更新终端白名单列表,该方法简单,解决了现有技术中应用程序无法自主更新终端白名单列表以及更新终端白名单列表周期长的问题。An embodiment of the present invention provides a whitelist update method, by receiving a whitelist update request for updating a terminal whitelist list sent by a first application, and updating the first application after determining that the first application has the right to update the terminal whitelist. The terminal whitelist list, such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to whitelist the list. The developer submits an application request to update the terminal whitelist list, and updates the terminal whitelist list according to the trigger of the whitelist update request generated by the first application or the first service of the first application, and the method is simple and solves the present problem. In the prior art, the application cannot update the terminal whitelist list and update the terminal whitelist list period.
其中,本发明实施例对所述终端白名单列表的具体形式不进行限定,只要该终端白名单列表可以用来存储发送验证码消息的验证码发送方号码即可。The embodiment of the present invention does not limit the specific form of the whitelist of the terminal, as long as the terminal whitelist can be used to store the verification code sender number of the verification code message.
例如,所述终端白名单列表可以包括多个记录项,每个记录项用于存储一个应用程序的标识与所述应用程序的验证码发送方号码或应用程序的标识与所述应用程序的业务之间的对应关系。For example, the terminal whitelist may include a plurality of entries, each entry for storing an identifier of an application and a verification code sender number or application identifier of the application and a service of the application. Correspondence between them.
本发明实施例对所述验证码消息的具体形式和验证码消息的具体内容不进 行限定,该验证码消息可以包含字母和/或数字。The embodiment of the present invention does not advance the specific form of the verification code message and the specific content of the verification code message. The line definition, the verification code message may contain letters and/or numbers.
由于终端中每个应用程序对应的验证码发送方号码,每个业务对应的验证码发送方号码在终端白名单列表中更新方式和原理均相同,故本发明实施例仅以第一应用程序和第一业务为例进行说明,并不具有任何指示性含义,该第一业务为第一应用程序对应的任何一个业务,The method and principle of updating the verification code sender number corresponding to each service in the terminal whitelist list are the same, and the embodiment of the present invention only uses the first application program and the authentication code sender number corresponding to each application in the terminal. The first service is described as an example and does not have any indicative meaning. The first service is any service corresponding to the first application.
其中,第一应用程序为运行在终端处理器上的任何一个应用程序,例如,可以为浏览器,也可以为QQ、中国银行的客户端等。第一应用程序对应的业务可以是第一应用程序在使用时产生的业务,例如,业务可以是淘宝应用程序在支付时的业务,该业务也可以对应的为QQ登录。The first application is any application running on the terminal processor, for example, a browser, a client of QQ, Bank of China, or the like. The service corresponding to the first application may be a service generated by the first application when it is used. For example, the service may be a service when the Taobao application is paying, and the service may also be a QQ login.
其中,所述第一应用程序的标识可以为所述第一应用程序对应的包名,例如,当所述第一应用程序为中国银行时,所述第一应用程序的包名为com.chinamworld.bocmbci。The identifier of the first application may be a package name corresponding to the first application. For example, when the first application is a Chinese bank, the package name of the first application is com.chinamworld. .bocmbci.
当然,每个应用程序的每个业务也是存在标识的,本发明实施例每个业务的标识不进行限定,可以根据需要进行设置,只要通过该业务的标识使得该业务可以区别其他业务即可。其中,本发明实施例对所述白名单更新请求的具体形式不进行限定,可以根据需要进行设置,其中该白名单更新请求包含第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码,该白名单更新请求生成者是指生成白名单更新请求的应用程序或应用程序对应的业务。Certainly, each service of each application is also identified. The identifier of each service in the embodiment of the present invention is not limited, and may be set as needed, as long as the service can distinguish other services by the identifier of the service. The embodiment of the present invention does not limit the specific form of the whitelist update request, and may be set as needed, where the whitelist update request includes the identifier of the first application, and the whitelist update request generator. The verification code sender number, which is the service corresponding to the application or application that generates the whitelist update request.
其中,本发明实施例对终端被白名单更新请求的触发方式不进行限定,由于第一应用程序的标识不变,但是第一应用程序的验证码发送方号码和第一应用程序的每个业务对应的验证码发送方号码之间会存在差异,故当终端被第一应用程序生成的白名单更新请求触发和第一应用程序的第一业务生成的白名单更新请求触发时,该白名单更新请求中携带的验证码发送方号码存在差异。The triggering manner of the whitelist update request of the terminal is not limited in the embodiment of the present invention, because the identifier of the first application does not change, but the verification code sender number of the first application and each service of the first application There may be a difference between the corresponding verification code sender numbers, so when the terminal is triggered by the whitelist update request generated by the first application and the whitelist update request generated by the first service of the first application, the whitelist update There is a difference in the sender code of the verification code carried in the request.
示例性的,一方面,当第一应用程序首次安装在所述终端上时,即可确定为该终端被白名单更新请求触发,此时该白名单更新请求中携带有第一应用程序的标识和第一应用程序的验证码发送方号码。Exemplarily, on the one hand, when the first application is first installed on the terminal, it can be determined that the terminal is triggered by the whitelist update request, and the whitelist update request carries the identifier of the first application. And the verification code sender number of the first application.
例如,当首次在终端上安装淘宝应用程序或者QQ应用程序时,淘宝应用程序或者QQ应用程序分别向其对应的应用服务器获取淘宝应用程序或者QQ应用程序分别对应的验证码发送方号码。For example, when the Taobao application or the QQ application is installed on the terminal for the first time, the Taobao application or the QQ application respectively obtains the verification code sender number corresponding to the Taobao application or the QQ application respectively to the corresponding application server.
另一方面,当第一应用程序安装在终端上之后,若确定首次检测到用户启动第一应用程序的指示信息时,即可确定为该终端被白名单更新请求触发,此时该白名单更新请求中携带有第一应用程序的标识和第一应用程序的验证码发送方号码。该用户启动第一应用程序的指示信息用于指示所述第一应用程序获取所述第一应用程序对应的验证码发送方号码发送的短信验证码。On the other hand, after the first application is installed on the terminal, if it is determined that the user initiates the indication information of the first application for the first time, it can be determined that the terminal is triggered by the whitelist update request, and the whitelist is updated at this time. The request carries the identifier of the first application and the verification code sender number of the first application. The indication information that the user starts the first application is used to instruct the first application to acquire the short message verification code sent by the verification code sender number corresponding to the first application.
示例性的,以美团应用程序为例,当美团应用程序被安装在终端上之后,在用户第一次使用时,通过终端的显示屏向用户展示是否需要获取所述美团应用程序对应的验证码发送方号码,在确定接收到用户发的第一指示信息之后,向美团应用程序对应的服务器发送请求消息用以获取所述美团应用程序对应的 验证码发送方号码。Exemplarily, taking the Meituan application as an example, when the U.S. application is installed on the terminal, when the user first uses it, the user’s display screen is displayed to the user whether it is necessary to obtain the corresponding U.S. application. a verification code sender number, after determining that the first indication information sent by the user is received, sending a request message to the server corresponding to the Meituan application to obtain the corresponding corresponding to the Meituan application Verification code sender number.
第三方面,当第一应用程序安装在终端上之后,若检测到终端首次使用第一应用程序的第一业务的指示信息时,即可确定为该终端被白名单更新请求触发,此时该白名单更新请求中携带有第一应用程序的标识和第一应用程序的第一业务的验证码发送方号码。In a third aspect, after the first application is installed on the terminal, if it is detected that the terminal uses the indication information of the first service of the first application for the first time, it may be determined that the terminal is triggered by the whitelist update request, and the The whitelist update request carries the identifier of the first application and the verification code sender number of the first service of the first application.
示例性的,当美团应用程序被安装在终端上之后,在用户第一次使用美团应用程序点单付款时,美团应用程序获取到用户的触发指令之后,向美团应用程序对应的服务器发送请求消息用以获取所述美团应用程序中点单付款业务对应的验证码发送方号码。Illustratively, after the US group application is installed on the terminal, when the user first uses the Meituan application to order payment, the Meituan application obtains the user's trigger instruction and then corresponds to the Meituan application. The server sends a request message to obtain a verification code sender number corresponding to the order payment service in the Meituan application.
其中,本发明实施例中白名单更新请求中携带的验证码发送方号码的获取方式不进行限定,示例性的:The method for obtaining the sender code of the verification code carried in the whitelist update request in the embodiment of the present invention is not limited, and exemplary:
一方面,所述终端从所述第一应用程序对应的配置文件中获取所述第一应用程序的验证码发送方号码或者所述第一应用程序的第一业务的验证码发送方号码。In one aspect, the terminal acquires a verification code sender number of the first application or a verification code sender number of the first service of the first application from a configuration file corresponding to the first application.
开发者在开发第一应用程序时,将第一应用程序的验证码发送方号码及第一应用程序的每个业务的验证码发送方号码写入应用程序的第一应用程序配置文件中,使得第一应用程序的配置文件中自带有第一应用程序的验证码发送方号码及第一应用程序的每个业务的验证码发送方号码,这样当第一应用程序第一次被使用,或者第一应用程序的第一业务首次被使用,第一应用程序首次安装在终端上时,终端可以从第一应用程序的配置文件中获取所述第一应用程序的验证码发送方号码或者所述第一应用程序的第一业务的验证码发送方号码。When developing the first application, the developer writes the verification code sender number of the first application and the verification code sender number of each service of the first application into the first application configuration file of the application, so that the developer The first application's configuration file comes with the verification code sender number of the first application and the verification code sender number of each service of the first application, so that when the first application is used for the first time, or The first service of the first application is used for the first time. When the first application is first installed on the terminal, the terminal may obtain the verification code sender number of the first application from the configuration file of the first application or the The verification code sender number of the first service of the first application.
其中,本发明实施例对所述终端从第一应用程序的配置文件中获取所述第一应用程序的验证码发送方号码或者所述第一应用程序的第一业务的验证码发送方号码的方式不进行限定,可以参考现有技术。The embodiment of the present invention acquires, by the terminal from the configuration file of the first application, the verification code sender number of the first application or the verification code sender number of the first service of the first application. The method is not limited, and reference may be made to the prior art.
另一方面,当检测到第一应用程序首次安装在终端上或第一应用程序的第一业务首次被使用时,或第一应用程序首次被使用时,终端向第一应用程序的应用服务器发送查询请求消息,以使得第一应用程序的应用服务器根据该查询请求消息查询第一应用程序的验证码发送方号码或第一应用程序的第一业务的验证码发送方号码。On the other hand, when it is detected that the first application is first installed on the terminal or the first service of the first application is used for the first time, or when the first application is used for the first time, the terminal sends the application to the application server of the first application. Querying the request message, so that the application server of the first application queries the verification code sender number of the first application or the verification code sender number of the first service of the first application according to the query request message.
终端接收所述第一应用程序对应的应用服务器发送的查询响应消息,所述查询响应消息包含所述第一应用程序的验证码发送方号码或第一应用程序的第一业务的验证码发送方号码。Receiving, by the terminal, a query response message sent by the application server corresponding to the first application, where the query response message includes a verification code sender number of the first application or a verification code sender of the first service of the first application number.
其中,本发明实施例对所述验证码发送方号码的具体形式以及长度不进行限定,可以根据需要进行设置,示例性的,中国银行的验证码发送方号码为95566;招商银行的验证码发送方号码为95555等。The embodiment of the present invention does not limit the specific format and length of the verification code sender number, and may be set as needed. For example, the verification code sender number of the Bank of China is 95566; the verification code of the China Merchants Bank is sent. The party number is 95555 and so on.
本发明实施例对所述终端确定所述第一应用程序具有更新所述终端白名单列表的权限的方式,一方面可以通过判断是否检测到用户输入第一指示信息,另一方面可以通过校验第一应用程序的证书是否和预设预设证书匹配,第一应用程序的标识和预设标识是否匹配。 The embodiment of the present invention determines, by the terminal, that the first application has the right to update the terminal whitelist list, and on the other hand, may determine whether the user inputs the first indication information, and may pass the verification. Whether the certificate of the first application matches the preset preset certificate, and whether the identifier of the first application matches the preset identifier.
示例性的,为了提高存储在终端白名单列表中验证码发送方号码的可靠性,所述终端还包括显示屏,Exemplarily, in order to improve the reliability of the verification code sender number stored in the terminal whitelist, the terminal further includes a display screen.
相应的,如图2所示,所述确定所述第一应用程序具有更新所述终端白名单列表的权限,包括:Correspondingly, as shown in FIG. 2, the determining that the first application has the right to update the terminal whitelist list includes:
S1021A、基于所述白名单更新请求的触发,所述终端通过所述显示屏向用户展示第一提示消息,所述第一提示消息用于提示用户是否同意向所述第一应用程序授予更新所述终端白名单列表的权限;S1021A, based on the trigger of the whitelist update request, the terminal displays a first prompt message to the user through the display screen, where the first prompt message is used to prompt the user whether to agree to grant the update to the first application. The permission of the terminal whitelist list;
S1022A、所述终端判断是否检测到用户输入第一指示信息;所述第一指示信息用于指示用户同意向所述第一应用程序授予更新所述终端白名单列表的权限。S1022A: The terminal determines whether the user inputs the first indication information, and the first indication information is used to indicate that the user agrees to grant the first application permission to update the terminal whitelist.
S1023A、所述终端若检测到用户输入第一指示信息,则确定所述第一应用程序具有更新所述终端白名单列表的权限。S1023A. If the terminal detects that the user inputs the first indication information, the terminal determines that the first application has the right to update the terminal whitelist list.
本发明实施例的终端包括显示屏,所述显示屏可以为触摸式的显示屏,也可以为非触摸式的显示屏,本发明实施例对此不进行限制。The terminal of the embodiment of the present invention includes a display screen, and the display screen may be a touch-sensitive display screen or a non-touch display screen, which is not limited by the embodiment of the present invention.
其中,所述第一指示信息可以为用户通过短信形式向预设的号码发送的第一字母或者第一数字,也可以是触摸控制器采集的用户根据第一提示信息中的提示消息点击的“是”或者“同意”字样之后向处理器发送的。The first indication information may be a first letter or a first number sent by the user to the preset number by using a short message form, or may be a click by the user collected by the touch controller according to the prompt message in the first prompt information. Is sent to the processor after the word "or agree".
示例性的,当所述显示屏为触摸式的显示屏时,所述显示屏包括触摸屏、触摸屏感应器以及触摸屏控制器;其中,触摸屏感应器用于检测用户操作指令,其中,所述操作指令可以是用户的触摸指令也可以是用户的选择指令,触摸屏接收所述操作指令后将所述操作指令发送给触摸屏控制器,触摸屏控制器的主要作用是从触摸屏感应器上接收触摸信息,并将它转换成触点坐标,再送给终端的处理器,它同时能接收终端的处理器发来的命令并加以执行。当所述显示屏为触摸式的显示屏时,若显示在所述显示屏上的对话框中的第一提示消息中写有同意授权点击“是”或者“同意”,不同意授权点击“否”或者“不同意”等字样时,用户可以直接点击“是”,触摸控制器根据触摸感应器采集的“是”指令,确定所述第一应用程序具有更新所述终端白名单列表的权限,否则,则不具有更新所述终端白名单列表的权限。Exemplarily, when the display screen is a touch display screen, the display screen includes a touch screen, a touch screen sensor, and a touch screen controller; wherein the touch screen sensor is configured to detect a user operation instruction, wherein the operation instruction may be The user's touch command may also be a user's selection command. After receiving the operation command, the touch screen sends the operation command to the touch screen controller. The main function of the touch screen controller is to receive touch information from the touch screen sensor and Converted into contact coordinates, and then sent to the terminal's processor, which can also receive commands from the terminal's processor and execute them. When the display screen is a touch-type display screen, if the first prompt message displayed in the dialog box on the display screen is written with the consent authorization click "Yes" or "Agree", disagree with the authorization click "No" "or "disagree", the user can directly click "Yes", and the touch controller determines, according to the "Yes" command collected by the touch sensor, that the first application has the right to update the terminal whitelist list. Otherwise, there is no permission to update the terminal whitelist list.
当所述显示屏为非触摸式的显示屏时,所述用户输入第一指示信息中可以携带如果同意则以短信形式发送相应的第一字母或者第一数字至预设的号码中,若不同意则以短信形式发送第二字母或者第二数字至预设的号码中,所述预设的号码为终端根据需要设定的,若终端接收到第一字母或者第一数字则确定所述第一应用程序具有更新所述终端白名单列表的权限,否则则确定所述第一应用程序不具有更新所述终端白名单列表的权限。When the display screen is a non-touch display screen, the user input first indication information may carry the corresponding first letter or the first number to the preset number in the form of a short message if agreed, if not Agree to send the second letter or the second number to the preset number in the form of a short message, where the preset number is set by the terminal according to requirements, and if the terminal receives the first letter or the first number, the first An application has the right to update the terminal whitelist list, otherwise it is determined that the first application does not have the right to update the terminal whitelist.
可选的,所述方法还包括:Optionally, the method further includes:
S1024A、所述终端若检测到用户输入第二指示信息,则确定所述第一应用程序不具有更新所述终端白名单列表的权限,所述第二指示信息用于指示所述用户不同意向所述第一应用程序授予更新白名单列表的权限。S1024A, if the terminal detects that the user inputs the second indication information, it is determined that the first application does not have the right to update the terminal whitelist list, and the second indication information is used to indicate that the user has different intentions. The first application grants permission to update the whitelist.
当然第二指示信息的形式和内容可以参考上述第一指示信息的形式和内 容,本发明实施例在此不再赘述。Of course, the form and content of the second indication information may refer to the form and the content of the first indication information. The embodiments of the present invention are not described herein again.
另一方面,如图3所示,图3与图2的区别在于所述确定所述第一应用程序具有更新所述终端白名单列表的权限的方式上,示例性的,所述确定所述第一应用程序具有更新所述终端白名单列表的权限,包括:On the other hand, as shown in FIG. 3, FIG. 3 differs from FIG. 2 in that the determining that the first application has the right to update the terminal whitelist list is exemplary. The first application has the right to update the terminal whitelist list, including:
S1021B、基于所述白名单更新请求的触发,所述终端获取所述第一应用程序的证书和标识;S1021B. The terminal acquires a certificate and an identifier of the first application according to the trigger of the whitelist update request.
其中,当所述第一应用程序安装在所述终端上,所述终端即可获知所述第一应用程序对应的应用信息,包括:包名、证书、签名、hash值及版本信息。The device, when the first application is installed on the terminal, can obtain the application information corresponding to the first application, including: a package name, a certificate, a signature, a hash value, and version information.
其中,所述第一应用程序的标识可以为所述第一应用程序的应用包名。The identifier of the first application may be an application package name of the first application.
S1022B、所述终端判断所述第一应用程序的证书和预设证书是否匹配,且所述第一应用程序的标识和预设标识是否匹配;S1022: The terminal determines whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
S1023B、所述终端若确定所述第一应用程序的证书和预设证书匹配,且所述第一应用程序的标识和预设标识匹配,则确定所述第一应用程序具有更新所述终端白名单列表的权限。S1023B, if the terminal determines that the certificate of the first application matches the preset certificate, and the identifier of the first application matches the preset identifier, determining that the first application has the terminal white Permissions for the list of lists.
所述方法还包括:The method further includes:
S1024B、当所述第一应用程序的证书和所述预设证书不匹配,或所述第一应用程序的标识和预设标识不匹配时,则确定所述第一应用程序不具有更新所述终端白名单列表的权限。S1024B, when the certificate of the first application does not match the preset certificate, or the identifier of the first application does not match the preset identifier, determining that the first application does not have the update Permissions for the terminal whitelist.
需要说明的是,在确定所述第一应用程序不具有更新所述终端白名单列表的权限之后,所述终端向所述第一应用程序发送响应消息,用于指示所述第一应用程序不具有更新终端白名单列表的权限,此时,终端白名单列表更新结束。It is to be noted that, after determining that the first application does not have the right to update the terminal whitelist, the terminal sends a response message to the first application, to indicate that the first application is not The user has the right to update the terminal whitelist list. At this time, the terminal whitelist list update ends.
本发明实施例对所述步骤S102的具体实现方式不进行限定,示例性的,如图4所示,可以通过以下步骤实现:The specific implementation manner of the step S102 is not limited in the embodiment of the present invention. For example, as shown in FIG. 4, the following steps may be implemented:
S1021、所述终端判断所述白名单更新请求生成者的验证码发送方号码是否已经注册在所述终端白名单列表中;S1021: The terminal determines whether the verification code sender number of the whitelist update request generator is already registered in the terminal whitelist list;
其中,当白名单更新请求生成者为第一应用程序或第一应用程序的第一业务时,所述终端根据所述第一应用程序的标识为索引在所述终端白名单列表中进行查询,判断所述第一应用程序的验证码发送方号码是否已经注册在所述终端白名单列表中。When the whitelist update request generator is the first application or the first service of the first application, the terminal performs an inquiry in the terminal whitelist according to the identifier of the first application. Determining whether the verification code sender number of the first application is already registered in the terminal whitelist.
S1022、所述终端若确定所述白名单更新请求生成者的验证码发送方号码未注册在所述终端白名单列表中,则所述终端将所述第一应用程序的标识以及与所述第一应用程序的标识对应的所述白名单更新请求生成者的验证码发送方号码写入所述终端白名单列表中。S1022. If the terminal determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the terminal identifies the identifier of the first application and the first The verification code sender number of the whitelist update request generator corresponding to the identifier of an application is written in the terminal whitelist list.
由于在终端白名单列表中存储的是白名单更新请求生成者的验证码发送方号码与第一应用程序的标识之间的对应关系,故当终端以第一应用程序的标识为索引,确定终端白名单列表中不存在第一应用程序的标识时,即可以确定所述白名单更新请求生成者的验证码发送方号码未注册在所述终端白名单列表中。Since the correspondence between the verification code sender number of the whitelist update request generator and the identifier of the first application is stored in the terminal whitelist, the terminal determines the terminal by using the identifier of the first application as an index. When the identifier of the first application does not exist in the whitelist, it may be determined that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist.
其中,所述第一应用程序的标识和所述第一应用程序的验证码发送方号码 之间存在对应关系。当一个应用程序存在多个业务类型时,每个业务类型包括多个业务时,每个业务对应一个验证码发送方号码,此时一个应用程序的标识对应多个验证码发送方号码。当一个应用程序只有一个业务时,此时,一个应用程序的标识可以对应1个验证码发送方号码,也可以对应两个验证码发送方号码。The identifier of the first application and the verification code sender number of the first application There is a correspondence between them. When an application has multiple service types, each service type includes multiple services, and each service corresponds to one verification code sender number. At this time, the identifier of one application corresponds to multiple verification code sender numbers. When an application has only one service, at this time, the identifier of one application may correspond to one verification code sender number, or may correspond to two verification code sender numbers.
本发明实施例对将所述第一应用程序的标识以及与所述第一应用程序的标识对应的所述白名单更新请求生成者的验证码发送方号码写入所述终端白名单列表中的方式不进行限定,具体可以参考现有技术中的方式。In the embodiment of the present invention, the identifier of the first application and the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application are written in the terminal whitelist. The manner is not limited, and specific reference may be made to the manner in the prior art.
当然,当一个应用程序的标识在所述终端白名单列表中存在记录项时,则可以确定所述白名单更新请求生成者的验证码发送方号码已注册在所述终端白名单列表中,此时为了及时更新终端白名单列表中每个应用程序的验证码发送方号码或者第一业务的验证码发送方号码,本发明实施例还包括:Certainly, when an identifier of an application has a record item in the terminal whitelist list, it may be determined that the verification code sender number of the whitelist update request generator is registered in the terminal whitelist list, where In order to update the verification code sender number of each application in the terminal whitelist list or the verification code sender number of the first service, the embodiment of the present invention further includes:
S1023、所述终端若确定所述白名单更新请求生成者的验证码发送方号码已注册在所述终端白名单列表中,所述终端判断原验证码发送方号码与新验证码发送方号码是否一致;所述原验证码发送方号码为已经注册在所述终端白名单列表中的所述白名单更新请求生成者的验证码发送方号码,所述新验证码发送方号码为所述白名单更新请求中所述白名单更新请求生成者的验证码发送方号码;S1023. If the terminal determines that the verification code sender number of the whitelist update request generator is already registered in the terminal whitelist, the terminal determines whether the original verification code sender number and the new verification code sender number are Consistent; the original verification code sender number is a verification code sender number of the white list update request generator that has been registered in the terminal whitelist list, and the new verification code sender number is the white list The verification code sender number of the whitelist update request generator in the update request;
S1024、所述终端若确定所述原验证码发送方号码与新验证码发送方号码不一致,则所述终端将所述原验证码发送方号码从所述终端白名单列表中删除,并将所述新验证码发送方号码写入所述终端白名单列表中与所述第一应用程序的标识对应的位置。S1024. If the terminal determines that the original verification code sender number is inconsistent with the new verification code sender number, the terminal deletes the original verification code sender number from the terminal whitelist list, and The new verification code sender number is written in a location in the terminal whitelist list corresponding to the identifier of the first application.
本发明实施例对所述终端白名单列表的存储方式不进行限定,示例性的,本发明实施例中的终端白名单列表可以存储在白名单管理实体中,本发明实施例对所述白名单管理实体的具体结构不进行限定,该白名单管理实体可以为能够实现存储/管理终端白名单列表的硬件实体,也可以是硬件实体与软件模块共同实现的能够实现存储/管理终端白名单列表的装置,本发明实施例中的白名单管理实体可以包括:存储模块和管理模块,其中,存储模块用于存储所述终端白名单列表。管理模块用于管理所述终端白名单列表,例如,在所述终端白名单列表增加某个应用程序或应用程序的业务的验证码发送方号码,删除某个应用程序或应用程序的业务的验证码发送方号码,更新某个应用程序或应用程序的业务的验证码发送方号码。更改所述终端白名单列表中的一些验证码发送方号码和第一应用程序的标识之间的对应关系;以及根据终端发送的查询请求消息判断验证码发送方号码或者应用程序的标识是否存储在终端白名单列表。当然也可以终端进行交互,该白名单管理实体可以安装在终端内,也可以安装在终端外。The embodiment of the present invention does not limit the storage manner of the whitelist of the terminal. For example, the whitelist of the terminal in the embodiment of the present invention may be stored in the whitelist management entity. The specific structure of the management entity is not limited. The whitelist management entity may be a hardware entity capable of implementing a whitelist of storage/management terminals, or may be implemented by a hardware entity and a software module to implement a whitelist of storage/management terminals. The device, the whitelist management entity in the embodiment of the present invention may include: a storage module and a management module, wherein the storage module is configured to store the terminal whitelist. The management module is configured to manage the terminal whitelist list, for example, adding a verification code sender number of an application or an application service in the terminal whitelist list, and deleting the verification of the service of an application or an application. Code sender number, the verification code sender number of the service that updates an application or application. Changing a correspondence between some verification code sender numbers in the terminal whitelist list and an identifier of the first application; and determining, according to the query request message sent by the terminal, whether the verification code sender number or the identifier of the application is stored in the Terminal whitelist list. Of course, the terminal can also interact. The whitelist management entity can be installed in the terminal or installed outside the terminal.
所述存储模块可以为基带Modem,所述存储模块和所述管理模块可以运行在TEE(Trusted Execution Environment,可信执行环境)下,也可以运行在Android等REE(Rich Execution Environment,富执行环境)下,也可以运行 在SE(Secure Element,安全单元)下。其中,TEE为全球平台国际标准组织(GlobalPlatform)定义的标准化的可信执行环境,可信执行环境是一个驻留在所连接设备的主处理器上的安全区域,以确保在可信执行环境中的敏感数据的存储、处理和保护。可信执行环境是具有安全处理能力和提供安全外设操作的可信操作系统,在同一个设备上同REE相互隔离、独立运行;与TEE相比,REE具有强大处理能力和多媒体功能的操作系统,如Android、Windows Phone、iOS等;SE由软件和防篡改硬件组成,处理能力有限、无外设,支持高级别的安全性,如SIM卡、金融IC卡、智能SD卡等,可以与TEE一起运行。The storage module may be a baseband modem, and the storage module and the management module may run under a TEE (Trusted Execution Environment) or a REE (Rich Execution Environment). Can also run Under SE (Secure Element). Among them, TEE is a standardized and trusted execution environment defined by the Global Platform International Standards Organization (GlobalPlatform), which is a secure area residing on the main processor of the connected device to ensure that it is in a trusted execution environment. Storage, processing and protection of sensitive data. The Trusted Execution Environment is a trusted operating system with secure processing capabilities and security peripheral operations. It is isolated and independent from REE on the same device. Compared with TEE, REE has powerful processing and multimedia operating systems. Such as Android, Windows Phone, iOS, etc.; SE consists of software and tamper-resistant hardware, limited processing capacity, no peripherals, support for high-level security, such as SIM card, financial IC card, smart SD card, etc., can be combined with TEE Run together.
需要说明的是,本发明实施例提供的终端白名单列表的方法可以在上述任意一个环境中使用。It should be noted that the method for the terminal whitelist list provided by the embodiment of the present invention may be used in any of the foregoing environments.
为了节省终端白名单列表存储空间,本发明实施例提供的方法还包括以下步骤S104:In order to save the storage space of the terminal whitelist, the method provided by the embodiment of the present invention further includes the following step S104:
S104、从所述终端白名单列表中删除第一应用程序对应的验证码发送方号码,其中,所述第一应用程序为所述终端白名单列表中,预设时间内用户使用频率低于预设阈值的应用程序。S104: The verification code sender number corresponding to the first application is deleted from the terminal whitelist list, where the first application is in the terminal whitelist list, and the user usage frequency is lower than the preset time in the preset time. Set the threshold for the application.
其中,所述步骤S104具体可以通过以下步骤实现:The step S104 can be specifically implemented by the following steps:
S1041、所述终端获取所述终端白名单列表中所述白名单更新请求生成者在预设时间内的使用频率;S1041: The terminal acquires a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time;
其中,使用频率可以为在预设周期内用户点击每个应用程序的次数,该每个应用程序的使用频率均可以存储在终端的存储器中,该使用频率可以通过终端的处理器从终端的存储器中获得。本发明实施例对所述处理器从所述终端的存储器中获取应用程序使用频率的方式不进行限定,可以根据需要进行选择,本发明实施例在此不再赘述。The frequency of use may be the number of times the user clicks on each application within a preset period, and the frequency of use of each application may be stored in a memory of the terminal, and the frequency of use may be from a memory of the terminal by the processor of the terminal. Obtained in. The embodiment of the present invention does not limit the manner in which the processor obtains the frequency of use of the application from the memory of the terminal, and may be selected according to requirements, and details are not described herein again.
本发明实施例对所述预设周期不进行限定,可以根据需要进行设置,例如一周、一个月或者一年。The preset period is not limited in the embodiment of the present invention, and may be set as needed, for example, one week, one month, or one year.
S1042、所述终端将所述终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码从所述终端白名单列表中删除。S1042: The terminal deletes, from the terminal whitelist, the verification code sender number of the whitelist update request generator whose frequency is less than a preset threshold in the terminal whitelist.
需要说明的是,当所述第一应用程序包括多个业务类型,每个业务类型包括多个业务时,所述第一应用程序对应的验证码发送方号码可以指业务对应的验证码发送方号码中使用频率低于预设阈值的验证码发送方号码。It should be noted that, when the first application includes multiple service types, and each service type includes multiple services, the verification code sender number corresponding to the first application may refer to a verification code sender corresponding to the service. The verification code sender number whose frequency is lower than the preset threshold is used in the number.
本发明实施例对所述预设阈值不进行限定,可以根据需要进行设置。The preset threshold is not limited in the embodiment of the present invention, and may be set as needed.
进一步可选的,为了使得每个终端及时更新终端白名单列表,所述方法还包括:Further, in order to enable each terminal to update the terminal whitelist list in time, the method further includes:
S105、向服务器发送第一白名单更新请求,以使得所述服务器根据所述第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与所述服务器通信的终端;所述第一白名单更新请求中至少携带有所述白名单更新请求生成者的验证码发送方号码;所述第一白名单更新请求用于更新所述服务器白名单列表中所述白名单更新请求生成者的验证码发送方号码。S105. Send a first whitelist update request to the server, so that the server periodically synchronizes the updated server whitelist list to the terminal that communicates with the server according to the first whitelist update request. A whitelist update request carries at least the verification code sender number of the whitelist update request generator; the first whitelist update request is used to update the whitelist update request generator in the server whitelist list Verification code sender number.
其中,本发明实施例对所述服务器不进行限定,该服务器用于存储服务器 白名单列表,该服务器白名单列表用于存储多个应用程序中每个应用程序对应的验证码发送方号码以及每个应用程序对应的业务的验证码发送方号码,该验证码发送方号码用于发送验证码消息;终端通过与该服务器连接可以更新终端中的终端白名单列表。该服务器可以为云服务器。The embodiment of the present invention does not limit the server, and the server is used to store the server. a whitelist list for storing a verification code sender number corresponding to each application in the plurality of applications and a verification code sender number of the service corresponding to each application, the verification code sender number being used The verification code message is sent; the terminal can update the terminal white list in the terminal by connecting with the server. The server can be a cloud server.
如图5所示,本发明实施例还提供一种白名单更新方法,应用于服务器中,如图5所示,所述方法包括:As shown in FIG. 5, the embodiment of the present invention further provides a whitelist update method, which is applied to a server. As shown in FIG. 5, the method includes:
S501、所述服务器接收第一白名单更新请求,所述第一白名单更新请求用于指示更新服务器白名单列表;所述第一白名单更新请求至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码;其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成;S501. The server receives a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list. The first whitelist update request includes at least an identifier of the first application, and a whitelist update. a verification code sender number of the requesting generator; wherein the whitelist update request is generated by the first application or generated by the first service of the first application;
其中,本发明实施例中的所述服务器用于存储服务器白名单列表,该服务器白名单列表用于存储多个应用程序中每个应用程序对应的验证码发送方号码以及每个应用程序对应的业务的验证码发送方号码,终端通过与该服务器连接可以更新终端中的终端白名单列表。The server in the embodiment of the present invention is configured to store a server whitelist, where the server whitelist is used to store a verification code sender number corresponding to each application in multiple applications, and a corresponding one of each application. The verification code sender number of the service, and the terminal can update the terminal white list in the terminal by connecting with the server.
S502、所述服务器判断所述第一白名单更新请求是否满足更新条件;S502. The server determines whether the first whitelist update request meets an update condition.
其中,所述第一白名单更新请求中还携带有第一应用程序的证书和标识。The first whitelist update request further carries a certificate and an identifier of the first application.
为了使得服务器实时掌握终端对各个应用程序在白名单列表中验证码发送方号码的更新情况,以及减少升级大版本白名单列表的次数,进一步减少服务器的负担,若所述第一白名单更新请求为终端发送的,则所述更新条件为所述第一白名单更新请求中包含的第一应用程序的证书和预先存储在所述服务器中所述第一应用程序对应的证书一致,且所述第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致;In order to enable the server to grasp in real time the update status of the verification code sender number of each application in the whitelist list, and reduce the number of times of upgrading the large version whitelist list, further reduce the burden on the server, if the first white list update request For the terminal, the update condition is that the certificate of the first application included in the first whitelist update request is consistent with the certificate corresponding to the first application stored in the server, and the The identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
当所述第一白名单更新请求不是终端发送的,则所述更新条件为所述第一白名单更新请求中携带有终端对应的更新信息,所述更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。When the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
可以将与所述服务器建立连接的应用程序对应的应用服务器向所述服务器发送的第一白名单更新请求确定为不是终端发送的。The first whitelist update request sent by the application server corresponding to the application that establishes the connection with the server to the server may be determined not to be sent by the terminal.
其中,所述第一应用程序对应的证书可以通过以下方式获取:The certificate corresponding to the first application can be obtained by:
A1、开发者在开发第一应用程序时,向服务器发送第一请求,所述第一请求用于更新存储在所述服务器中的服务器白名单列表的授权信息;A1. When developing the first application, the developer sends a first request to the server, where the first request is used to update the authorization information of the server whitelist stored in the server;
A2、服务器根据所述第一请求下发证书,所述证书用于判断所述第一应用程序是否具有更新存储在服务器中服务器白名单列表的权限;A2. The server sends a certificate according to the first request, where the certificate is used to determine whether the first application has the right to update a server whitelist stored in the server;
A3、开发者将所述证书打包在第一应用程序的应用程序配置文件中(例如,APK,Android PackageAndroid安装包),即获得所述第一应用程序的证书。A3. The developer packages the certificate in an application configuration file of the first application (for example, an APK, an Android PackageAndroid installation package), that is, obtains a certificate of the first application.
其中,所述预先存储在所述服务器中所述第一应用程序对应的证书可以为所述服务器在接收到所述第一请求之后获取的,也可以是所述服务器在接收所述第一请求的同时获取所述第一应用程序对应的证书。The certificate corresponding to the first application stored in the server may be acquired by the server after receiving the first request, or the server may receive the first request. At the same time, the certificate corresponding to the first application is obtained.
S503、所述服务器若确定所述第一白名单更新请求满足更新条件,所述服 务器则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中。S503. The server determines, if the first whitelist update request meets an update condition, the service The server then updates at least the verification code sender number of the whitelist update request generator to the server whitelist.
为了使得终端可以不用通过升级大版本达到更新终端白名单列表的目的,本发明实施例中所述服务器按照预设周期,将更新后的所述服务器白名单列表同步至与所述服务器通信的终端。In order to enable the terminal to achieve the purpose of updating the terminal whitelist list by upgrading the large version, the server in the embodiment of the present invention synchronizes the updated server whitelist to the terminal that communicates with the server according to a preset period. .
本发明实施例对所述预设周期不进行限定,可以根据需求进行设置,也可以根据应用服务器获取的每个终端的更新信息进行设置,所述更新信息包括更新版本差值、更新时间以及更新结果。The preset period is not limited in the embodiment of the present invention, and may be set according to requirements, or may be set according to update information of each terminal acquired by the application server, where the update information includes updated version difference, update time, and update. result.
其中,本发明实施例中的预设周期可以为一周、一年或者一个月。The preset period in the embodiment of the present invention may be one week, one year, or one month.
本发明实施例提供一种白名单更新方法,通过服务器接收第一白名单更新请求,在确定第一白名单更新请求满足更新条件之后,将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中,这样终端通过与该服务器进行同步,即可实现更新终端白名单列表的目的。解决了现有技术中应用程序无法自主更新白名单列表以及终端更新终端白名单列表时需要升级大版本引起的更新周期长的问题。The embodiment of the present invention provides a whitelist update method, where the server receives the first whitelist update request, and after determining that the first whitelist update request satisfies the update condition, the sender code of the whitelist update request generator is sent. Update to the server whitelist list, so that the terminal can update the terminal whitelist list by synchronizing with the server. The problem that the update period caused by the upgrade of the large version is required when the application cannot update the whitelist list and the terminal updates the terminal whitelist list in the prior art is solved.
其中,对于获取第一应用程序对应的标识以及预先存储在所述服务器中所述第一应用程序对应的标识的方式与上述第一应用程序的证书的方式类似,本发明实施例在此不再赘述。The manner of obtaining the identifier corresponding to the first application and the identifier corresponding to the first application stored in the server is similar to the manner of the certificate of the first application, and the embodiment of the present invention is no longer used herein. Narration.
如图6所示,本发明实施例提供一种白名单更新装置,如图6所示,所述白名单更新装置应用于终端中,用于执行以上方法中的终端所执行的步骤。所述白名单更新装置可以包括相应步骤所对应的模块。示例的,该白名单更新装置包括:As shown in FIG. 6, the embodiment of the present invention provides a whitelist updating apparatus. As shown in FIG. 6, the whitelist updating apparatus is applied to a terminal, and is used to execute the steps performed by the terminal in the above method. The whitelist updating device may include a module corresponding to the corresponding step. For example, the whitelist update device includes:
判断单元601,用于基于白名单更新请求的触发,判断所述第一应用程序是否具有更新终端白名单列表的权限,其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成,所述白名单更新请求包含所述第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码;所述终端白名单列表用于存储发送验证码消息的验证码发送方号码;The determining unit 601 is configured to determine, according to a trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or a first service generation of the first application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist is used for Storing a verification code sender number for transmitting a verification code message;
判定单元602,用于确定所述第一应用程序具有更新终端的白名单列表的权限;The determining unit 602 is configured to determine that the first application has the right to update the whitelist of the terminal;
更新单元603,用于在所述判定单元确定所述第一应用程序具有更新终端的白名单列表的权限时,至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中。The updating unit 603 is configured to: when the determining unit determines that the first application has the right to update the whitelist of the terminal, update at least the verification code sender number of the whitelist update request generator to the terminal In the whitelist list.
可选的,如图7所示,所述终端还包括显示屏,相应的,所述判定单元602,包括:Optionally, as shown in FIG. 7, the terminal further includes a display screen, and correspondingly, the determining unit 602 includes:
展示模块6021A,用于基于所述白名单更新请求的触发,通过所述显示屏向用户展示第一提示消息,所述第一提示消息用于提示用户是否同意向所述第一应用程序授予更新所述终端白名单列表的权限;The display module 6021A is configured to display, by using the display screen, a first prompt message to the user by using the display screen, where the first prompt message is used to prompt the user whether to agree to grant an update to the first application. The authority of the terminal whitelist list;
第一判断模块6022A,用于判断是否检测到用户输入第一指示信息;所述第一指示信息用于指示用户同意向所述第一应用程序授予更新所述终端白名单 列表的权限;The first determining module 6022A is configured to determine whether the user inputs the first indication information, where the first indication information is used to indicate that the user agrees to grant the first application to update the terminal whitelist. List permissions;
第一确定模块6023A,用于在所述第一判断模块确定检测到用户输入第一指示信息,则确定所述第一应用程序具有更新所述终端白名单列表的权限。The first determining module 6023A is configured to determine, when the first determining module determines that the user inputs the first indication information, determining that the first application has the right to update the terminal whitelist.
可选的,如图7所示,所述判定单元602,包括:Optionally, as shown in FIG. 7, the determining unit 602 includes:
获取模块6021B,用于基于所述白名单更新请求的触发,获取所述第一应用程序的证书和标识;The obtaining module 6021B is configured to acquire a certificate and an identifier of the first application according to the trigger of the whitelist update request;
第二判断模块6022B,用于判断所述第一应用程序的证书和预设证书是否匹配,且所述第一应用程序的标识和预设标识是否匹配;The second determining module 6022B is configured to determine whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
第二确定模块6023B,用于在所述第二判断模块确定所述第一应用程序的证书和预设证书匹配,且所述第一应用程序的标识和预设标识匹配时,确定所述第一应用程序具有更新所述终端白名单列表的权限。a second determining module 6023B, configured to: when the second determining module determines that the certificate of the first application matches the preset certificate, and the identifier of the first application matches the preset identifier, determining the first An application has the right to update the terminal whitelist list.
可选的,所述更新单元603,包括:Optionally, the updating unit 603 includes:
第三判断模块,用于判断所述白名单更新请求生成者的验证码发送方号码是否已经注册在所述终端白名单列表中;a third determining module, configured to determine whether a verification code sender number of the whitelist update request generator is already registered in the terminal whitelist;
第一更新模块,用于在所述第三判断模块确定所述白名单更新请求生成者的验证码发送方号码未注册在所述终端白名单列表时,则将所述第一应用程序的标识以及与所述第一应用程序的标识对应的所述白名单更新请求生成者的验证码发送方号码写入所述终端白名单列表中。a first update module, configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the identifier of the first application is And the verification code sender number of the whitelist update request generator corresponding to the identifier of the first application is written in the terminal whitelist.
可选的,所述更新单元603还包括:Optionally, the updating unit 603 further includes:
第四判断模块,用于在所述第三判断模块确定所述白名单更新请求生成者的验证码发送方号码已注册在所述终端白名单列表中时,判断原验证码发送方号码与新验证码发送方号码是否一致;所述原验证码发送方号码为已经注册在所述终端白名单列表中的所述白名单更新请求生成者的验证码发送方号码,所述新验证码发送方号码为所述白名单更新请求中所述白名单更新请求生成者的验证码发送方号码;a fourth determining module, configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is registered in the terminal whitelist, determine the original verification code sender number and the new Verification code sender number is consistent; the original verification code sender number is a verification code sender number of the white list update request generator that has been registered in the terminal white list, the new verification code sender The number is a verification code sender number of the whitelist update request generator in the whitelist update request;
第二更新模块,用于在所述第四判断模块确定所述原验证码发送方号码与新验证码发送方号码不一致时,则将所述原验证码发送方号码从所述终端白名单列表中删除,并将所述新验证码发送方号码写入所述终端白名单列表中与所述第一应用程序的标识对应的位置。a second update module, configured to: when the fourth determining module determines that the original verification code sender number is inconsistent with the new verification code sender number, then send the original verification code sender number from the terminal whitelist list And deleting, and writing the new verification code sender number into a location in the terminal whitelist list corresponding to the identifier of the first application.
可选的,所述装置还包括:Optionally, the device further includes:
统计单元,用于获取所述终端白名单列表中所述白名单更新请求生成者在预设时间内的使用频率;a statistic unit, configured to acquire a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time;
删除单元,用于将所述终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码从所述终端白名单列表中删除。And a deleting unit, configured to delete, from the terminal whitelist, the verification code sender number of the whitelist update request generator whose usage frequency is less than a preset threshold in the terminal whitelist.
可选的,所述装置还包括:Optionally, the device further includes:
发送单元,用于向服务器发送第一白名单更新请求,以使得所述服务器根据所述第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与所述服务器通信的终端;所述第一白名单更新请求中至少携带有所述白名单更新请求生成者的验证码发送方号码;所述第一白名单更新请求用于更新所述服务 器白名单列表中所述白名单更新请求生成者的验证码发送方号码。a sending unit, configured to send a first whitelist update request to the server, so that the server periodically synchronizes the updated server whitelist list to the terminal that communicates with the server according to the first whitelist update request; The first whitelist update request carries at least the verification code sender number of the whitelist update request generator; the first whitelist update request is used to update the service The white card of the whitelist update request generator's verification code sender number.
如图8所示,本发明实施例提供一种白名单更新装置,所述白名单更新装置用于执行以上白名单更新方法中的服务器所执行的步骤。所述白名单更新装置可以包括相应步骤所对应的模块,如图8所示,所述白名单更新装置包括:As shown in FIG. 8, an embodiment of the present invention provides a whitelist updating apparatus, where the whitelist updating apparatus is configured to execute the steps performed by a server in the whitelist updating method. The whitelist updating device may include a module corresponding to the corresponding step. As shown in FIG. 8, the whitelist updating device includes:
接收单元801,用于接收第一白名单更新请求,所述第一白名单更新请求用于指示更新服务器白名单列表;所述第一白名单更新请求至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码;其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成;The receiving unit 801 is configured to receive a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list; and the first whitelist update request includes at least an identifier, a whitelist of the first application. Updating a verification code sender number of the request generator; wherein the white list update request is generated by the first application or generated by the first service of the first application;
判断单元802,用于判断所述第一白名单更新请求是否满足更新条件;The determining unit 802 is configured to determine whether the first whitelist update request meets an update condition;
更新单元803,用于在所述判断单元确定所述第一白名单更新请求满足更新条件,所述服务器则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中。The updating unit 803 is configured to: when the determining unit determines that the first whitelist update request meets an update condition, the server updates at least the verification code sender number of the whitelist update request generator to the server white In the list of names.
可选的,所述装置还包括:Optionally, the device further includes:
同步单元,用于按照预设周期,将更新后的所述服务器白名单列表同步至与所述服务器通信的终端。And a synchronization unit, configured to synchronize the updated server whitelist list to the terminal that communicates with the server according to a preset period.
可选的,所述第一白名单更新请求中还携带有第一应用程序的证书和标识,Optionally, the first whitelist update request further carries a certificate and an identifier of the first application.
若所述第一白名单更新请求为终端发送的,则所述更新条件为所述第一白名单更新请求中包含的第一应用程序的证书和预先存储在所述服务器中所述第一应用程序对应的证书一致,且所述第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致;If the first whitelist update request is sent by the terminal, the update condition is a certificate of the first application included in the first whitelist update request and the first application pre-stored in the server The certificate corresponding to the program is consistent, and the identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
当所述第一白名单更新请求不是终端发送的,则所述更新条件为所述第一白名单更新请求中携带有终端对应的更新信息,所述更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。When the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
如图9所示,本发明实施例提供一种终端,包括:处理器30、存储器31、系统总线32和通信接口33;As shown in FIG. 9, an embodiment of the present invention provides a terminal, including: a processor 30, a memory 31, a system bus 32, and a communication interface 33;
所述存储器31用于存储计算机执行指令,所述处理器30与所述存储器31通过所述系统总线32连接,当所述终端运行时,所述处理器30执行所述存储器31存储的所述计算机执行指令,以使所述终端执行如图1-图4任意之一所示的白名单更新方法中终端所执行的方法,具体的白名单更新方法可参见上述如图1-图4任意之一所示的实施例中的相关描述,此处不再赘述。The memory 31 is configured to store computer execution instructions, the processor 30 is coupled to the memory 31 via the system bus 32, and when the terminal is running, the processor 30 executes the memory stored by the memory 31 The computer executes the instructions, so that the terminal performs the method performed by the terminal in the whitelist updating method shown in any one of FIG. 1 to FIG. 4, and the specific whitelist updating method can be referred to any of the foregoing FIG. 1 to FIG. The related description in the embodiment shown is not described here.
所述处理器30可以为中央处理器(英文:central processing unit,缩写:CPU)。所述处理器30还可以为其他通用处理器、数字信号处理器(英文:digital signal processing,简称DSP)、专用集成电路(英文:application specific integrated circuit,简称ASIC)、现场可编程门阵列(英文:field-programmable gate array,简称FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor 30 can be a central processing unit (English: central processing unit, abbreviation: CPU). The processor 30 can also be other general-purpose processors, digital signal processing (DSP), application specific integrated circuit (ASIC), field programmable gate array (English) : field-programmable gate array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
所述处理器30可以为专用处理器,该专用处理器可以包括基带处理芯片、 射频处理芯片等中的至少一个。进一步地,该专用处理器还可以包括具有用户设备其他专用处理功能的芯片。The processor 30 can be a dedicated processor, and the dedicated processor can include a baseband processing chip, At least one of a radio frequency processing chip or the like. Further, the dedicated processor may also include a chip having other dedicated processing functions of the user equipment.
所述存储器31可以包括易失性存储器(英文:volatile memory),例如随机存取存储器(英文:random-access memory,缩写:RAM);所述存储器31也可以包括非易失性存储器(英文:non-volatile memory),例如只读存储器(英文:read-only memory,缩写:ROM),快闪存储器(英文:flash memory),硬盘(英文:hard disk drive,缩写:HDD)或固态硬盘(英文:solid-state drive,缩写:SSD);所述存储器31还可以包括上述种类的存储器的组合。The memory 31 may include a volatile memory (English: volatile memory), such as a random access memory (English: random-access memory, abbreviation: RAM); the memory 31 may also include a non-volatile memory (English: Non-volatile memory, such as read-only memory (English: read-only memory, abbreviation: ROM), flash memory (English: flash memory), hard disk (English: hard disk drive, abbreviation: HDD) or solid state drive (English) : solid-state drive, abbreviated: SSD); the memory 31 may also include a combination of the above types of memories.
所述系统总线32可以包括数据总线、电源总线、控制总线和信号状态总线等。本实施例中为了清楚说明,在图9中将各种总线都示意为系统总线32。The system bus 32 can include a data bus, a power bus, a control bus, and a signal status bus. For the sake of clarity in the present embodiment, various buses are illustrated as the system bus 32 in FIG.
所述通信接口33具体可以是终端上的收发器。该收发器可以为无线收发器。例如,无线收发器可以是终端的天线等。所述处理器30通过所述通信接口33与其他设备,例如基站之间进行数据的收发。The communication interface 33 may specifically be a transceiver on the terminal. The transceiver can be a wireless transceiver. For example, the wireless transceiver can be an antenna of the terminal or the like. The processor 30 transmits and receives data to and from other devices, such as a base station, through the communication interface 33.
本发明实施例提供一种终端,通过接收第一应用程序发送的用于更新终端白名单列表的白名单更新请求,在确定第一应用程序具有更新终端白名单列表的权限之后,更新终端白名单列表,这样,当白名单更新请求生成者的验证码发送方号码变更或者需要重新在白名单列表中注册白名单更新请求生成者的验证码发送方号码时,无需向白名单列表的开发商提出申请请求更新终端白名单列表,而是根据第一应用程序生成或第一应用程序的第一业务生成的白名单更新请求的触发及时更新终端白名单列表,该方法简单,解决了现有技术中应用程序无法自主更新终端白名单列表以及更新终端白名单列表周期长的问题。The embodiment of the present invention provides a terminal, by receiving a whitelist update request for updating a terminal whitelist list sent by the first application, and updating the terminal whitelist after determining that the first application has the right to update the terminal whitelist list. List, such that when the whitelist update request generator's verification code sender number is changed or the whitelist update request generator's verification code sender number needs to be re-registered in the whitelist list, there is no need to present to the developer of the whitelist list The application requests to update the terminal whitelist list, and the terminal whitelist list is updated in time according to the trigger of the first application generated or the whitelist update request generated by the first service of the first application, which is simple and solves the prior art. The application cannot update the terminal whitelist list autonomously and update the terminal whitelist list period.
在具体实现过程中,上述如图1-图10任意之一所述的白名单更新方法流程中的各步骤均可以通过硬件形式的处理器30执行存储器31中存储的软件形式的计算机执行指令实现。为避免重复,此处不再赘述。In the specific implementation process, each step in the flow of the whitelist updating method described in any one of the above-mentioned FIG. 1 to FIG. 10 can be implemented by the processor 30 in hardware form executing the computer-executed instructions in the form of software stored in the memory 31. . To avoid repetition, we will not repeat them here.
本实施例还提供一种存储介质,该存储介质可以包括所述存储器31。The embodiment further provides a storage medium, which may include the memory 31.
本发明实施例提供一种可读介质,包括计算机执行指令,当用户设备的处理器执行所述计算机执行指令时,所述终端执行如上述第一方面或者第一方面的任意一种可选方式中所述的白名单更新方法。The embodiment of the present invention provides a readable medium, including computer execution instructions, when the processor of the user equipment executes the computer to execute an instruction, the terminal performs any one of the foregoing first aspect or the first aspect. The whitelist update method described in the above.
如图10所示,本发明实施例提供一种服务器,包括:处理器40、存储器41、系统总线42和通信接口43;As shown in FIG. 10, an embodiment of the present invention provides a server, including: a processor 40, a memory 41, a system bus 42, and a communication interface 43;
所述存储器41用于存储计算机执行指令,所述处理器40与所述存储器41通过所述系统总线42连接,当所述服务器运行时,所述处理器40执行所述存储器41存储的所述计算机执行指令,以使所述服务器执行如图5所述的白名单更新方法中服务器该执行的方法。具体的白名单更新方法可参见上述如图5所示的实施例中的相关描述,此处不再赘述。The memory 41 is configured to store computer execution instructions, the processor 40 is coupled to the memory 41 via the system bus 42, and when the server is running, the processor 40 executes the memory stored by the memory 41 The computer executes the instructions to cause the server to perform the method performed by the server in the whitelist update method as described in FIG. For a specific whitelist update method, refer to the related description in the foregoing embodiment shown in FIG. 5, and details are not described herein again.
本发明实施例提供一种服务器,通过接收第一白名单更新请求,在确定第一白名单更新请求满足更新条件之后,将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中,这样终端通过与该服务器进行同步,即可实现更新终端白名单列表的目的。解决了现有技术中应用程序无法自 主更新白名单列表以及终端更新终端白名单列表时需要升级大版本引起的更新周期长的问题。The embodiment of the present invention provides a server, after receiving the first whitelist update request, after determining that the first whitelist update request satisfies the update condition, updating the verification code sender number of the whitelist update request generator to the In the server whitelist list, the terminal can update the terminal whitelist list by synchronizing with the server. The prior art application cannot be solved by itself. The main update whitelist list and the terminal update the terminal whitelist list require a long update period caused by upgrading the large version.
本发明实施例提供一种可读介质,包括计算机执行指令,当服务器的处理器执行所述计算机执行指令时,所述服务器执行如图5中所述的白名单更新中服务器所对应的方法。The embodiment of the present invention provides a readable medium, including computer execution instructions. When a processor of a server executes the computer execution instruction, the server performs a method corresponding to the server in the whitelist update as described in FIG. 5.
所述处理器40可以为CPU。所述处理器40还可以为其他通用处理器、DSP、ASIC、FPGA或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor 40 can be a CPU. The processor 40 can also be other general purpose processors, DSPs, ASICs, FPGAs or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and the like. The general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
所述处理器40可以为专用处理器,该专用处理器可以包括基带处理芯片、射频处理芯片等中的至少一个。进一步地,该专用处理器还可以包括具有服务器其他专用处理功能的芯片。The processor 40 may be a dedicated processor, which may include at least one of a baseband processing chip, a radio frequency processing chip, and the like. Further, the dedicated processor may also include a chip having other dedicated processing functions of the server.
所述存储器41可以包括易失性存储器,例如随机存取存储器RAM;所述存储器41也可以包括非易失性存储器,例如只读存储器ROM,快闪存储器,HDD或SSD;所述存储器41还可以包括上述种类的存储器的组合。The memory 41 may include a volatile memory such as a random access memory RAM; the memory 41 may also include a non-volatile memory such as a read only memory ROM, a flash memory, an HDD or an SSD; A combination of memories of the above kind may be included.
所述系统总线42可以包括数据总线、电源总线、控制总线和信号状态总线等。本实施例中为了清楚说明,在图10中将各种总线都示意为系统总线42。The system bus 42 can include a data bus, a power bus, a control bus, and a signal status bus. For the sake of clarity in the present embodiment, various buses are illustrated as system bus 42 in FIG.
所述通信接口43具体可以是服务器上的收发器。该收发器可以为无线收发器。所述处理器40通过所述通信接口43与其他设备,例如用户设备之间进行数据的收发。The communication interface 43 may specifically be a transceiver on a server. The transceiver can be a wireless transceiver. The processor 40 performs data transmission and reception with other devices, such as user equipment, through the communication interface 43.
在具体实现过程中,上述如图5所示的方法流程中服务器的各步骤均可以通过硬件形式的处理器40执行存储器41中存储的软件形式的计算机执行指令实现。为避免重复,此处不再赘述。In a specific implementation process, each step of the server in the method flow shown in FIG. 5 above may be implemented by the processor 40 in hardware form executing a computer-executed instruction in the form of software stored in the memory 41. To avoid repetition, we will not repeat them here.
图11为本发明实施例提供的一种移动终端的结构示意图,本发明实施例提供的移动终端可以用于实施上述图1-图4所示的本发明各实施例实现的方法,为了便于说明,仅示出了与本发明实施例相关的部分,具体技术细节未揭示的,请参照图1-图4所示的本发明各实施例。FIG. 11 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention. The mobile terminal provided by the embodiment of the present invention may be used to implement the method implemented by the embodiments of the present invention shown in FIG. 1 to FIG. 4, for convenience of description. Only parts related to the embodiments of the present invention are shown, and the specific technical details are not disclosed. Please refer to the embodiments of the present invention shown in FIGS.
该移动终端可以为手机、平板电脑、笔记本电脑、UMPC(Ultra-mobile Personal Computer,超级移动个人计算机)、上网本、PDA(Personal Digital Assistant,个人数字助理)等终端设备,本发明实施例以移动终端为手机为例进行说明,图11示出的是与本发明各实施例相关的手机300的部分结构的框图。The mobile terminal can be a terminal device such as a mobile phone, a tablet computer, a notebook computer, a UMPC (Ultra-mobile Personal Computer), a netbook, a PDA (Personal Digital Assistant), and the like. The mobile phone will be described as an example, and FIG. 11 is a block diagram showing a part of the structure of the mobile phone 300 related to each embodiment of the present invention.
如图11所示,手机300包括:RF(radio frequency,射频)电路320、存储器330、输入单元340、显示单元350、重力传感器360、音频电路370、处理器380、以及电源390等部件。本领域技术人员可以理解,图11中示出的手机结构并不构成对手机的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。下面结合图3对手机300的各个构成部件进行具体的介绍:As shown in FIG. 11, the mobile phone 300 includes components such as an RF (radio frequency) circuit 320, a memory 330, an input unit 340, a display unit 350, a gravity sensor 360, an audio circuit 370, a processor 380, and a power source 390. It will be understood by those skilled in the art that the structure of the handset shown in FIG. 11 does not constitute a limitation to the handset, and may include more or less components than those illustrated, or some components may be combined, or different components may be arranged. The components of the mobile phone 300 will be specifically described below with reference to FIG. 3:
RF电路320可用于收发信息或通话过程中,信号的接收和发送,特别地,将基站的下行信息接收后,给处理器380处理;另外,将上行的数据发送给基 站。通常,RF电路包括但不限于天线、至少一个放大器、收发信机、耦合器、LNA(low noise amplifier,低噪声放大器)、双工器等。此外,RF电路320还可以通过无线通信与网络和其他设备通信。所述无线通信可以使用任一通信标准或协议,包括但不限于GSM(global system of mobile communication,全球移动通讯系统)、GPRS(general packet radio service,通用分组无线服务)、CDMA(code division multiple access,码分多址)、WCDMA(wideband code division multiple access,宽带码分多址)、LTE(long term evolution,长期演进)、电子邮件、SMS(short messaging service,短消息服务)等。The RF circuit 320 can be used for transmitting and receiving information or during a call, and receiving and transmitting the signal. Specifically, after receiving the downlink information of the base station, the processing is performed by the processor 380. In addition, the uplink data is sent to the base. station. Generally, RF circuits include, but are not limited to, an antenna, at least one amplifier, a transceiver, a coupler, an LNA (low noise amplifier), a duplexer, and the like. In addition, RF circuitry 320 can also communicate with the network and other devices via wireless communication. The wireless communication may use any communication standard or protocol, including but not limited to GSM (global system of mobile communication), GPRS (general packet radio service), CDMA (code division multiple access) , code division multiple access), WCDMA (wideband code division multiple access), LTE (long term evolution), e-mail, SMS (short messaging service), and the like.
存储器330可用于存储软件程序以及模块,处理器380通过运行存储在存储器330的软件程序以及模块,从而执行手机300的各种功能应用以及数据处理。存储器330可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据手机300的使用所创建的数据(比如音频数据、图像数据、电话本等)等。此外,存储器330可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The memory 330 can be used to store software programs and modules, and the processor 380 executes various functional applications and data processing of the mobile phone 300 by running software programs and modules stored in the memory 330. The memory 330 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to The data created by the use of the mobile phone 300 (such as audio data, image data, phone book, etc.) and the like. Moreover, memory 330 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
输入单元340可用于接收输入的数字或字符信息,以及产生与手机300的用户设置以及功能控制有关的键信号输入。具体地,输入单元340可包括触摸屏341以及其他输入设备342。触摸屏341,也称为触控面板,可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触摸屏341上或在触摸屏341附近的操作),并根据预先设定的程式驱动相应的连接装置。可选的,触摸屏341可包括触摸检测装置和触摸控制器两个部分。其中,触摸检测装置检测用户的触摸方位,并检测触摸操作带来的信号,将信号传送给触摸控制器;触摸控制器从触摸检测装置上接收触摸信息,并将它转换成触点坐标,再送给处理器380,并能接收处理器380发来的命令并加以执行。此外,可以采用电阻式、电容式、红外线以及表面声波等多种类型实现触摸屏341。除了触摸屏341,输入单元340还可以包括其他输入设备342。具体地,其他输入设备342可以包括但不限于物理键盘、功能键(比如音量控制按键、电源开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。The input unit 340 can be configured to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the handset 300. In particular, the input unit 340 can include a touch screen 341 as well as other input devices 342. A touch screen 341, also referred to as a touch panel, can collect touch operations on or near the user (such as the user's operation on or near the touch screen 341 using any suitable object or accessory such as a finger, stylus, etc.), and The corresponding connecting device is driven according to a preset program. Alternatively, the touch screen 341 may include two parts of a touch detection device and a touch controller. Wherein, the touch detection device detects the touch orientation of the user, and detects a signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts the touch information into contact coordinates, and sends the touch information. The processor 380 is provided and can receive commands from the processor 380 and execute them. In addition, the touch screen 341 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves. In addition to the touch screen 341, the input unit 340 may also include other input devices 342. In particular, other input devices 342 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, power switch buttons, etc.), trackballs, mice, joysticks, and the like.
显示单元350可用于显示由用户输入的信息或提供给用户的信息以及手机300的各种菜单。显示单元350可包括显示面板351,可选的,可以采用LCD(Liquid Crystal Display,液晶显示器)、OLED(Organic Light-Emitting Diode,有机发光二极管)等形式来配置显示面板341。进一步的,触摸屏341可覆盖显示面板351,当触摸屏341检测到在其上或附近的触摸操作后,传送给处理器380以确定触摸事件的类型,随后处理器380根据触摸事件的类型在显示面板351上提供相应的视觉输出。虽然在图3中,触摸屏341与显示面板351是作为两个独立的部件来实现手机300的输入和输入功能,但是在某些实施例中,可以将触摸屏341与显示面板351集成而实现手机300的输入和输出功能。The display unit 350 can be used to display information input by the user or information provided to the user and various menus of the mobile phone 300. The display unit 350 may include a display panel 351. Alternatively, the display panel 341 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like. Further, the touch screen 341 can cover the display panel 351, and when the touch screen 341 detects a touch operation on or near it, transmits to the processor 380 to determine the type of the touch event, and then the processor 380 displays the panel according to the type of the touch event. A corresponding visual output is provided on the 351. Although in FIG. 3, the touch screen 341 and the display panel 351 function as two separate components to implement the input and input functions of the mobile phone 300, in some embodiments, the touch screen 341 can be integrated with the display panel 351 to implement the mobile phone 300. Input and output functions.
重力传感器(gravity sensor)360,可以检测手机在各个方向上(一般为 三轴)加速度的大小,静止时可检测出重力的大小及方向,可用于识别手机姿态的应用(比如横竖屏切换、相关游戏、磁力计姿态校准)、振动识别相关功能(比如计步器、敲击)等。 Gravity sensor 360, can detect the phone in all directions (usually The three-axis acceleration, the magnitude and direction of gravity can be detected at rest, and can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, Tap) and so on.
手机300还可以包括其它传感器,比如光传感器。具体地,光传感器可包括环境光传感器及接近光传感器。其中,环境光传感器可根据环境光线的明暗来调节显示面板341的亮度;接近光传感器可以检测是否有物体靠近或接触手机,可在手机300移动到耳边时,关闭显示面板341和/或背光。手机300还可配置的陀螺仪、气压计、湿度计、温度计、红外线传感器等其他传感器,在此不再赘述。The handset 300 can also include other sensors, such as light sensors. In particular, the light sensor can include an ambient light sensor and a proximity light sensor. The ambient light sensor can adjust the brightness of the display panel 341 according to the brightness of the ambient light; the proximity light sensor can detect whether an object approaches or contacts the mobile phone, and can close the display panel 341 and/or the backlight when the mobile phone 300 moves to the ear. . The mobile phone 300 can also be configured with other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, an infrared sensor, and the like, and will not be described herein.
音频电路370、扬声器371、麦克风372可提供用户与手机300之间的音频接口。音频电路370可将接收到的音频数据转换后的电信号,传输到扬声器371,由扬声器371转换为声音信号输出;另一方面,麦克风372将收集的声音信号转换为电信号,由音频电路370接收后转换为音频数据,再将音频数据输出至RF电路320以发送给比如另一手机,或者将音频数据输出至存储器330以便进一步处理。 Audio circuitry 370, speaker 371, microphone 372 can provide an audio interface between the user and handset 300. The audio circuit 370 can transmit the converted electrical data of the received audio data to the speaker 371, and convert it into a sound signal output by the speaker 371; on the other hand, the microphone 372 converts the collected sound signal into an electrical signal, by the audio circuit 370. After receiving, it is converted to audio data, and then the audio data is output to the RF circuit 320 for transmission to, for example, another mobile phone, or the audio data is output to the memory 330 for further processing.
处理器380是手机300的控制中心,利用各种接口和线路连接整个手机的各个部分,通过运行或执行存储在存储器330内的软件程序和/或模块,以及调用存储在存储器330内的数据,执行手机300的各种功能和处理数据,从而对手机进行整体监控。可选的,处理器380可包括一个或多个处理单元;优选的,处理器380可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器380中。 Processor 380 is the control center of handset 300, which connects various portions of the entire handset using various interfaces and lines, by running or executing software programs and/or modules stored in memory 330, and recalling data stored in memory 330, The various functions and processing data of the mobile phone 300 are performed to perform overall monitoring of the mobile phone. Optionally, the processor 380 may include one or more processing units; preferably, the processor 380 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, an application, and the like. The modem processor primarily handles wireless communications. It will be appreciated that the above described modem processor may also not be integrated into the processor 380.
手机300还包括给各个部件供电的电源390(比如电池),优选的,电源可以通过电源管理系统与处理器380逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。The handset 300 also includes a power source 390 (such as a battery) that supplies power to the various components. Preferably, the power source can be logically coupled to the processor 380 via a power management system to manage functions such as charging, discharging, and power management through the power management system.
尽管未示出,手机300还可以包括WiFi(wireless fidelity,无线保真)模块、蓝牙模块等,在此不再赘述。Although not shown, the mobile phone 300 may further include a WiFi (Wireless Fidelity) module, a Bluetooth module, and the like, and details are not described herein again.
在本发明实施例中,存储器330还用于存储终端执行白名单更新方式时的各种执行指令。In the embodiment of the present invention, the memory 330 is further configured to store various execution instructions when the terminal performs the whitelist update mode.
在本发明实施例中,处理器380还用于基于白名单更新请求的触发,判断所述第一应用程序是否具有更新终端白名单列表的权限,其中,白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成,所述白名单更新请求包含所述第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码;所述终端白名单列表用于存储所述白名单更新请求生成者的验证码发送方号码;In the embodiment of the present invention, the processor 380 is further configured to determine, according to the trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is used by the first application. Generating or generating a first service of the first application, the whitelist update request including an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal The whitelist is used to store the verification code sender number of the whitelist update request generator;
若确定第一应用程序具有更新终端的白名单列表的权限,则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中。If it is determined that the first application has the right to update the whitelist of the terminal, at least the verification code sender number of the whitelist update request generator is updated to the terminal whitelist.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,仅以上述各功能模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分 配由不同的功能模块完成,即将装置的内部结构划分成不同的功能模块,以完成以上描述的全部或者部分功能。上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。It will be clearly understood by those skilled in the art that for the convenience and brevity of the description, only the division of each functional module described above is exemplified. In practical applications, the above functions may be divided as needed. The configuration is completed by different functional modules, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above. For the specific working process of the system, the device and the unit described above, reference may be made to the corresponding process in the foregoing method embodiments, and details are not described herein again.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述模块或单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接。In the several embodiments provided by the present application, it should be understood that the disclosed system, apparatus, and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the modules or units is only a logical function division. In actual implementation, there may be another division manner, for example, multiple units or components may be used. Combinations can be integrated into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of a software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器执行本发明各个实施例所述方法的全部或部分步骤。所述存储介质是非短暂性(英文:non-transitory)介质,包括:快闪存储器、移动硬盘、只读存储器、随机存取存储器、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including a plurality of instructions for causing a computer device (which may be a personal computer, a server, Either a network device or the like) or a processor performs all or part of the steps of the method described in various embodiments of the invention. The storage medium is a non-transitory medium, including: a flash memory, a mobile hard disk, a read only memory, a random access memory, a magnetic disk, or an optical disk, and the like, which can store program code.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以所述权利要求的保护范围为准。 The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope of the present invention. It should be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the appended claims.

Claims (20)

  1. 一种白名单更新方法,其特征在于,应用于终端,所述终端上运行有第一应用程序,所述方法包括:A method for updating a whitelist is characterized in that it is applied to a terminal, and the first application is run on the terminal, and the method includes:
    基于白名单更新请求的触发,所述终端判断所述第一应用程序是否具有更新终端白名单列表的权限,其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成,所述白名单更新请求包含所述第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码;所述终端白名单列表用于存储发送验证码消息的验证码发送方号码;The terminal determines, according to a trigger of the whitelist update request, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or the first application a first service generation of the program, where the whitelist update request includes an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist is used to store the transmission verification The verification code sender number of the code message;
    若确定所述第一应用程序具有更新终端的白名单列表的权限,则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中。If it is determined that the first application has the right to update the whitelist of the terminal, at least the verification code sender number of the whitelist update request generator is updated to the terminal whitelist.
  2. 根据权利要求1所述的方法,其特征在于,所述终端还包括显示屏,The method of claim 1 wherein said terminal further comprises a display screen.
    所述终端确定所述第一应用程序具有更新所述终端白名单列表的权限,包括:The terminal determines that the first application has the right to update the terminal whitelist list, including:
    基于所述白名单更新请求的触发,所述终端通过所述显示屏向用户展示第一提示消息,所述第一提示消息用于提示用户是否同意向所述第一应用程序授予更新所述终端白名单列表的权限;The terminal, according to the trigger of the whitelist update request, displays, by using the display screen, a first prompt message to the user, where the first prompt message is used to prompt the user whether to agree to grant the first application to update the terminal. Permissions for whitelists;
    所述终端判断是否检测到用户输入第一指示信息;所述第一指示信息用于指示用户同意向所述第一应用程序授予更新所述终端白名单列表的权限;Determining, by the terminal, whether the user inputs the first indication information; the first indication information is used to indicate that the user agrees to grant the first application the right to update the terminal whitelist list;
    所述终端若检测到用户输入第一指示信息,则确定所述第一应用程序具有更新所述终端白名单列表的权限。If the terminal detects that the user inputs the first indication information, it determines that the first application has the right to update the terminal whitelist list.
  3. 根据权利要求1所述的方法,其特征在于,所述确定所述第一应用程序具有更新所述终端白名单列表的权限,包括:The method according to claim 1, wherein the determining that the first application has the right to update the terminal whitelist list comprises:
    基于所述白名单更新请求的触发,所述终端获取所述第一应用程序的证书和标识;The terminal acquires a certificate and an identifier of the first application according to the trigger of the whitelist update request;
    所述终端判断所述第一应用程序的证书和预设证书是否匹配,且所述第一应用程序的标识和预设标识是否匹配;Determining, by the terminal, whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
    所述终端若确定所述第一应用程序的证书和预设证书匹配,且所述第一应用程序的标识和预设标识匹配,则确定所述第一应用程序具有更新所述终端白名单列表的权限。If the terminal determines that the certificate of the first application matches the preset certificate, and the identifier of the first application matches the preset identifier, determining that the first application has the terminal whitelist list updated permission.
  4. 根据权利要求1所述的方法,其特征在于,所述至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中,包括:The method according to claim 1, wherein the updating of the verification code sender number of the whitelist update request generator to the terminal whitelist list comprises:
    所述终端判断所述白名单更新请求生成者的验证码发送方号码是否已经注册在所述终端白名单列表中;Determining, by the terminal, whether a verification code sender number of the whitelist update request generator is already registered in the terminal whitelist;
    所述终端若确定所述白名单更新请求生成者的验证码发送方号码未注册在所述终端白名单列表中,则所述终端将所述第一应用程序的标识以及与所述第一应用程序的标识对应的所述白名单更新请求生成者的验证码发送方号码写入所述终端白名单列表中。If the terminal determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the terminal identifies the identifier of the first application and the first application. The verification code sender number of the whitelist update request generator corresponding to the identifier of the program is written in the terminal whitelist list.
  5. 根据权利要求4所述的方法,其特征在于,所述方法还包括:The method of claim 4, wherein the method further comprises:
    所述终端若确定所述白名单更新请求生成者的验证码发送方号码已注册在 所述终端白名单列表中,所述终端判断原验证码发送方号码与新验证码发送方号码是否一致;所述原验证码发送方号码为已经注册在所述终端白名单列表中的所述白名单更新请求生成者的验证码发送方号码,所述新验证码发送方号码为所述白名单更新请求中所述白名单更新请求生成者的验证码发送方号码;If the terminal determines that the verification code sender number of the whitelist update request generator is already registered In the terminal whitelist list, the terminal determines whether the original verification code sender number is consistent with the new verification code sender number; the original verification code sender number is the one that has been registered in the terminal whitelist list. a whitelist update request sender's verification code sender number, the new verification code sender number being a verification code sender number of the whitelist update request generator in the whitelist update request;
    所述终端若确定所述原验证码发送方号码与新验证码发送方号码不一致,则所述终端将所述原验证码发送方号码从所述终端白名单列表中删除,并将所述新验证码发送方号码写入所述终端白名单列表中与所述第一应用程序的标识对应的位置。If the terminal determines that the original verification code sender number is inconsistent with the new verification code sender number, the terminal deletes the original verification code sender number from the terminal whitelist list, and the new The verification code sender number is written in a location in the terminal whitelist list corresponding to the identifier of the first application.
  6. 根据权利要求1-5任意一项所述的方法,其特征在于,所述方法还包括:The method of any of claims 1-5, wherein the method further comprises:
    所述终端获取所述终端白名单列表中所述白名单更新请求生成者在预设时间内的使用频率;Obtaining, by the terminal, a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time;
    所述终端将所述终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码从所述终端白名单列表中删除。The terminal deletes the verification code sender number of the whitelist update request generator whose frequency is less than the preset threshold in the terminal whitelist list from the terminal whitelist list.
  7. 根据权利要求1-6任意一项所述的方法,其特征在于,所述方法还包括:The method of any of claims 1-6, wherein the method further comprises:
    向服务器发送第一白名单更新请求,以使得所述服务器根据所述第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与所述服务器连接的终端;所述第一白名单更新请求中至少携带有所述白名单更新请求生成者的验证码发送方号码;所述第一白名单更新请求用于更新所述服务器白名单列表中所述白名单更新请求生成者的验证码发送方号码,所述服务器白名单列表用于存储发送验证码消息的验证码发送方号码。Sending a first whitelist update request to the server, so that the server periodically synchronizes the updated server whitelist list to the terminal connected to the server according to the first whitelist update request; the first white The list update request carries at least the verification code sender number of the whitelist update request generator; the first white list update request is used to update the verification of the whitelist update request generator in the server whitelist list. A code sender number, the server whitelist is used to store a verification code sender number for transmitting a verification code message.
  8. 一种白名单更新方法,其特征在于,应用于服务器中,所述方法包括:A method for updating a whitelist is characterized in that it is applied to a server, and the method includes:
    所述服务器接收第一白名单更新请求,所述第一白名单更新请求用于指示更新服务器白名单列表;所述第一白名单更新请求至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码;其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成;所述服务器白名单列表用于存储发送验证码消息的验证码发送方号码;The server receives a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list; the first whitelist update request includes at least an identifier of the first application, and a whitelist update request generation a verification code sender number; wherein the white list update request is generated by the first application or the first service of the first application; the server white list is used to store a verification code message Verification code sender number;
    所述服务器判断所述第一白名单更新请求是否满足更新条件;Determining, by the server, whether the first whitelist update request meets an update condition;
    所述服务器若确定所述第一白名单更新请求满足更新条件,所述服务器则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中。If the server determines that the first whitelist update request satisfies the update condition, the server updates at least the verification code sender number of the whitelist update request generator to the server whitelist.
  9. 根据权利要求8所述的方法,其特征在于,所述方法还包括:The method of claim 8 further comprising:
    所述服务器按照预设周期,将更新后的所述服务器白名单列表同步至与所述服务器通信的终端。The server synchronizes the updated server whitelist list to the terminal that communicates with the server according to a preset period.
  10. 根据权利要求8所述的方法,其特征在于,所述第一白名单更新请求中还携带有第一应用程序的证书和标识;The method according to claim 8, wherein the first whitelist update request further carries a certificate and an identifier of the first application;
    若所述第一白名单更新请求为终端发送的,则所述更新条件为所述第一白名单更新请求中包含的第一应用程序的证书和预先存储在所述服务器中所述第一应用程序对应的证书一致,且所述第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致; If the first whitelist update request is sent by the terminal, the update condition is a certificate of the first application included in the first whitelist update request and the first application pre-stored in the server The certificate corresponding to the program is consistent, and the identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
    当所述第一白名单更新请求不是终端发送的,则所述更新条件为所述第一白名单更新请求中携带有终端对应的更新信息,所述更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。When the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
  11. 一种白名单更新装置,其特征在于,应用于终端,所述终端上运行有第一应用程序,所述装置包括:A whitelist updating device is characterized in that it is applied to a terminal, and the terminal runs a first application, and the device includes:
    判断单元,用于基于白名单更新请求的触发,所述终端判断所述第一应用程序是否具有更新终端白名单列表的权限,其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成,所述白名单更新请求包含所述第一应用程序的标识、以及所述白名单更新请求生成者的验证码发送方号码;所述终端白名单列表用于存储发送验证码消息的验证码发送方号码;a determining unit, configured to determine, according to a trigger of the whitelist update request, the terminal, whether the first application has the right to update the terminal whitelist, wherein the whitelist update request is generated by the first application or The first service generation of the first application, the whitelist update request includes an identifier of the first application, and a verification code sender number of the whitelist update request generator; the terminal whitelist list a verification code sender number for storing a verification code message;
    判定单元,用于确定所述第一应用程序具有更新终端的白名单列表的权限;a determining unit, configured to determine that the first application has the right to update the whitelist of the terminal;
    更新单元,用于在所述判定单元确定所述第一应用程序具有更新终端的白名单列表的权限时,至少将所述白名单更新请求生成者的验证码发送方号码更新至所述终端白名单列表中。And an updating unit, configured to update at least the verification code sender number of the whitelist update request generator to the terminal white when the determining unit determines that the first application has the right to update the whitelist list of the terminal In the list of names.
  12. 根据权利要求11所述的装置,其特征在于,所述终端还包括显示屏,所述判定单元,包括:The device according to claim 11, wherein the terminal further comprises a display screen, and the determining unit comprises:
    展示模块,用于基于所述白名单更新请求的触发,通过所述显示屏向用户展示第一提示消息,所述第一提示消息用于提示用户是否同意向所述第一应用程序授予更新所述终端白名单列表的权限;a display module, configured to display, according to the trigger of the whitelist update request, a first prompt message to the user through the display screen, where the first prompt message is used to prompt the user whether to agree to grant the update to the first application The permission of the terminal whitelist list;
    第一判断模块,用于判断是否检测到用户输入第一指示信息;所述第一指示信息用于指示用户同意向所述第一应用程序授予更新所述终端白名单列表的权限;a first determining module, configured to determine whether the user inputs the first indication information, where the first indication information is used to indicate that the user agrees to grant the first application the right to update the terminal whitelist list;
    第一确定模块,用于在所述第一判断模块确定检测到用户输入第一指示信息,则确定所述第一应用程序具有更新所述终端白名单列表的权限。The first determining module is configured to determine, when the first determining module determines that the user inputs the first indication information, determining that the first application has the right to update the terminal whitelist.
  13. 根据权利要求11所述的装置,其特征在于,所述判定单元,包括:The device according to claim 11, wherein the determining unit comprises:
    获取模块,用于基于所述白名单更新请求的触发,获取所述第一应用程序的证书和标识;An acquiring module, configured to acquire a certificate and an identifier of the first application according to a trigger of the whitelist update request;
    第二判断模块,用于判断所述第一应用程序的证书和预设证书是否匹配,且所述第一应用程序的标识和预设标识是否匹配;a second determining module, configured to determine whether the certificate of the first application and the preset certificate match, and whether the identifier of the first application and the preset identifier match;
    第二确定模块,用于在所述第二判断模块确定所述第一应用程序的证书和预设证书匹配,且所述第一应用程序的标识和预设标识匹配时,确定所述第一应用程序具有更新所述终端白名单列表的权限。a second determining module, configured to: when the second determining module determines that the certificate of the first application matches the preset certificate, and the identifier of the first application matches the preset identifier, determining the first The application has the right to update the terminal whitelist list.
  14. 根据权利要求11所述的装置,其特征在于,所述更新单元,包括:The device according to claim 11, wherein the updating unit comprises:
    第三判断模块,用于判断所述白名单更新请求生成者的验证码发送方号码是否已经注册在所述终端白名单列表中;a third determining module, configured to determine whether a verification code sender number of the whitelist update request generator is already registered in the terminal whitelist;
    第一更新模块,用于在所述第三判断模块确定所述白名单更新请求生成者的验证码发送方号码未注册在所述终端白名单列表时,则将所述第一应用程序的标识以及与所述第一应用程序的标识对应的所述白名单更新请求生成者的验 证码发送方号码写入所述终端白名单列表中。a first update module, configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is not registered in the terminal whitelist, the identifier of the first application is And the verification of the whitelist update request generator corresponding to the identifier of the first application The certificate sender number is written in the terminal whitelist.
  15. 根据权利要求14所述的装置,其特征在于,所述装置还包括:The device according to claim 14, wherein the device further comprises:
    第四判断模块,用于在所述第三判断模块确定所述白名单更新请求生成者的验证码发送方号码已注册在所述终端白名单列表中时,判断原验证码发送方号码与新验证码发送方号码是否一致;所述原验证码发送方号码为已经注册在所述终端白名单列表中的所述白名单更新请求生成者的验证码发送方号码,所述新验证码发送方号码为所述白名单更新请求中所述白名单更新请求生成者的验证码发送方号码;a fourth determining module, configured to: when the third determining module determines that the verification code sender number of the whitelist update request generator is registered in the terminal whitelist, determine the original verification code sender number and the new Verification code sender number is consistent; the original verification code sender number is a verification code sender number of the white list update request generator that has been registered in the terminal white list, the new verification code sender The number is a verification code sender number of the whitelist update request generator in the whitelist update request;
    第二更新模块,用于在所述第四判断模块确定所述原验证码发送方号码与新验证码发送方号码不一致时,则将所述原验证码发送方号码从所述终端白名单列表中删除,并将所述新验证码发送方号码写入所述终端白名单列表中与所述第一应用程序的标识对应的位置。a second update module, configured to: when the fourth determining module determines that the original verification code sender number is inconsistent with the new verification code sender number, then send the original verification code sender number from the terminal whitelist list And deleting, and writing the new verification code sender number into a location in the terminal whitelist list corresponding to the identifier of the first application.
  16. 根据权利要求11-15任意一项所述的装置,其特征在于,所述装置还包括:The device according to any one of claims 11-15, wherein the device further comprises:
    统计单元,用于获取所述终端白名单列表中所述白名单更新请求生成者在预设时间内的使用频率;a statistic unit, configured to acquire a frequency of use of the whitelist update request generator in the terminal whitelist list in a preset time;
    删除单元,用于将所述终端白名单列表中使用频率小于预设阈值的白名单更新请求生成者的验证码发送方号码从所述终端白名单列表中删除。And a deleting unit, configured to delete, from the terminal whitelist, the verification code sender number of the whitelist update request generator whose usage frequency is less than a preset threshold in the terminal whitelist.
  17. 根据权利要求11-16任意一项所述的装置,其特征在于,所述装置还包括:The device according to any one of claims 11-16, wherein the device further comprises:
    发送单元,用于向服务器发送第一白名单更新请求,以使得所述服务器根据所述第一白名单更新请求周期性的将更新后的服务器白名单列表同步至与所述服务器连接的终端;所述第一白名单更新请求中至少携带有所述白名单更新请求生成者的验证码发送方号码;所述第一白名单更新请求用于更新所述服务器白名单列表中所述白名单更新请求生成者的验证码发送方号码,所述服务器白名单列表用于存储发送验证码消息的验证码发送方号码。a sending unit, configured to send a first whitelist update request to the server, so that the server periodically synchronizes the updated server whitelist list to the terminal connected to the server according to the first whitelist update request; The first whitelist update request carries at least the verification code sender number of the whitelist update request generator; the first whitelist update request is used to update the whitelist update in the server whitelist list. A verification code sender number of the request generator, the server white list being used to store the verification code sender number of the transmission verification code message.
  18. 一种白名单更新装置,其特征在于,应用于服务器中,所述装置包括:A whitelist updating device, which is applied to a server, the device comprising:
    接收单元,用于接收第一白名单更新请求,所述第一白名单更新请求用于指示更新服务器白名单列表;所述第一白名单更新请求至少包括第一应用程序的标识、白名单更新请求生成者的验证码发送方号码;其中,所述白名单更新请求由所述第一应用程序生成或所述第一应用程序的第一业务生成;所述服务器白名单列表用于存储发送验证码消息的验证码发送方号码;a receiving unit, configured to receive a first whitelist update request, where the first whitelist update request is used to indicate an update server whitelist list; the first whitelist update request includes at least an identifier of the first application, and a whitelist update a verification code sender number of the requesting generator; wherein the whitelist update request is generated by the first application or the first service of the first application; the server whitelist is used to store the transmission verification The verification code sender number of the code message;
    判断单元,用于判断所述第一白名单更新请求是否满足更新条件;a determining unit, configured to determine whether the first whitelist update request meets an update condition;
    更新单元,用于在所述判断单元确定所述第一白名单更新请求满足更新条件,所述服务器则至少将所述白名单更新请求生成者的验证码发送方号码更新至所述服务器白名单列表中。And an update unit, configured to: when the determining unit determines that the first whitelist update request meets an update condition, the server updates at least the verification code sender number of the whitelist update request generator to the server whitelist List.
  19. 根据权利要求18所述的装置,其特征在于,所述装置还包括:The device of claim 18, wherein the device further comprises:
    同步单元,用于按照预设周期,将更新后的所述服务器白名单列表同步至与所述服务器通信的终端。 And a synchronization unit, configured to synchronize the updated server whitelist list to the terminal that communicates with the server according to a preset period.
  20. 根据权利要求18所述的装置,其特征在于,所述第一白名单更新请求中还携带有第一应用程序的证书和标识,The device according to claim 18, wherein the first whitelist update request further carries a certificate and an identifier of the first application.
    若所述第一白名单更新请求为终端发送的,则所述更新条件为所述第一白名单更新请求中包含的第一应用程序的证书和预先存储在所述服务器中所述第一应用程序对应的证书一致,且所述第一应用程序的标识与预先存储在所述服务器中所述第一应用程序对应的标识一致;If the first whitelist update request is sent by the terminal, the update condition is a certificate of the first application included in the first whitelist update request and the first application pre-stored in the server The certificate corresponding to the program is consistent, and the identifier of the first application is consistent with the identifier corresponding to the first application stored in the server in advance;
    当所述第一白名单更新请求不是终端发送的,则所述更新条件为所述第一白名单更新请求中携带有终端对应的更新信息,所述更新信息包括更新版本差值、更新时间以及所述白名单更新请求生成者的验证码发送方号码是否已在所述终端白名单列表中更新的结果。 When the first whitelist update request is not sent by the terminal, the update condition is that the first whitelist update request carries update information corresponding to the terminal, and the update information includes an updated version difference, an update time, and The result of whether the whitelist update request generator's verification code sender number has been updated in the terminal whitelist list.
PCT/CN2017/086319 2016-06-07 2017-05-27 Method and device for updating whitelist WO2017211205A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610404438.5A CN107480518A (en) 2016-06-07 2016-06-07 A kind of white list updating method and device
CN201610404438.5 2016-06-07

Publications (1)

Publication Number Publication Date
WO2017211205A1 true WO2017211205A1 (en) 2017-12-14

Family

ID=60577563

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/086319 WO2017211205A1 (en) 2016-06-07 2017-05-27 Method and device for updating whitelist

Country Status (2)

Country Link
CN (1) CN107480518A (en)
WO (1) WO2017211205A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110442361A (en) * 2019-06-27 2019-11-12 五八有限公司 A kind of gray scale dissemination method, device and electronic equipment
CN111381840A (en) * 2018-12-27 2020-07-07 中国移动通信集团终端有限公司 Method, device and equipment for updating application program
CN111726805A (en) * 2019-03-20 2020-09-29 青岛海信移动通信技术股份有限公司 Terminal and processing method
CN112069137A (en) * 2020-09-02 2020-12-11 北京百度网讯科技有限公司 Method and device for generating information, electronic equipment and computer readable storage medium
CN114286298A (en) * 2021-12-22 2022-04-05 中国电信股份有限公司 Number processing method, device and system and short message center
US20220166778A1 (en) * 2020-11-24 2022-05-26 Saudi Arabian Oil Company Application whitelisting based on file handling history
CN115017498A (en) * 2021-11-19 2022-09-06 荣耀终端有限公司 Method for operating applet and electronic device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108182041B (en) * 2017-12-18 2020-02-28 维沃移动通信有限公司 Data display method and mobile terminal
CN110889112B (en) * 2019-10-23 2022-03-04 中国航天系统科学与工程研究院 Software operation unified control system and method based on white list mechanism
CN112100612B (en) * 2020-09-03 2023-06-06 中国联合网络通信集团有限公司 Terminal authority protection method and device and terminal
CN112351131B (en) * 2020-09-30 2021-07-16 北京达佳互联信息技术有限公司 Control method and device of electronic equipment, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100112981A1 (en) * 2008-11-03 2010-05-06 Samsung Electronics Co. Ltd. Whitelist update method and apparatus for user equipment in mobile communication system
CN104933354A (en) * 2014-12-30 2015-09-23 国家电网公司 Trusted computing based white list static measurement method
CN105246058A (en) * 2015-09-01 2016-01-13 中国联合网络通信集团有限公司 Short message verification method and short message server
CN105376204A (en) * 2014-08-28 2016-03-02 宇龙计算机通信科技(深圳)有限公司 User terminal, authority granting method and system thereof

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013127713A (en) * 2011-12-19 2013-06-27 Neojapan Inc Information processing system, terminal device, information processing method and information processing program
CN104484599B (en) * 2014-12-16 2017-12-12 北京奇虎科技有限公司 A kind of behavior treating method and apparatus based on application program

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100112981A1 (en) * 2008-11-03 2010-05-06 Samsung Electronics Co. Ltd. Whitelist update method and apparatus for user equipment in mobile communication system
CN105376204A (en) * 2014-08-28 2016-03-02 宇龙计算机通信科技(深圳)有限公司 User terminal, authority granting method and system thereof
CN104933354A (en) * 2014-12-30 2015-09-23 国家电网公司 Trusted computing based white list static measurement method
CN105246058A (en) * 2015-09-01 2016-01-13 中国联合网络通信集团有限公司 Short message verification method and short message server

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111381840A (en) * 2018-12-27 2020-07-07 中国移动通信集团终端有限公司 Method, device and equipment for updating application program
CN111726805A (en) * 2019-03-20 2020-09-29 青岛海信移动通信技术股份有限公司 Terminal and processing method
CN110442361A (en) * 2019-06-27 2019-11-12 五八有限公司 A kind of gray scale dissemination method, device and electronic equipment
CN110442361B (en) * 2019-06-27 2024-02-09 五八有限公司 Gray release method and device and electronic equipment
CN112069137A (en) * 2020-09-02 2020-12-11 北京百度网讯科技有限公司 Method and device for generating information, electronic equipment and computer readable storage medium
US20220166778A1 (en) * 2020-11-24 2022-05-26 Saudi Arabian Oil Company Application whitelisting based on file handling history
CN115017498A (en) * 2021-11-19 2022-09-06 荣耀终端有限公司 Method for operating applet and electronic device
CN115017498B (en) * 2021-11-19 2023-02-28 荣耀终端有限公司 Method for operating applet and electronic device
CN114286298A (en) * 2021-12-22 2022-04-05 中国电信股份有限公司 Number processing method, device and system and short message center
CN114286298B (en) * 2021-12-22 2023-06-20 中国电信股份有限公司 Number processing method, device and system and short message center

Also Published As

Publication number Publication date
CN107480518A (en) 2017-12-15

Similar Documents

Publication Publication Date Title
WO2017211205A1 (en) Method and device for updating whitelist
EP3182314B1 (en) Fingerprint identification method and apparatus
CN107222485B (en) Authorization method and related equipment
US10078599B2 (en) Application access control method and electronic apparatus implementing the same
US9703971B2 (en) Sensitive operation verification method, terminal device, server, and verification system
WO2019061362A1 (en) Method and device for accessing device identifiers
WO2019205065A1 (en) Method for quickly opening application or application function, and terminal
CN108475304B (en) Method and device for associating application program and biological characteristics and mobile terminal
WO2019072039A1 (en) Service certificate management method, terminal, and server
WO2020125134A1 (en) Customized model tamper-proof method and apparatus, terminal device and storage medium
CN106921799A (en) A kind of mobile terminal safety means of defence and mobile terminal
WO2021115113A1 (en) Data processing method and device, and storage medium
WO2018049893A1 (en) Data transmission method and terminal device
WO2020024929A1 (en) Method for upgrading service application range of electronic identity card, and terminal device
WO2018000370A1 (en) Mobile terminal authentication method and mobile terminal
CN110869907A (en) Method and terminal for browsing application page
CN106815518B (en) Application installation method and electronic equipment
WO2019196693A1 (en) Application control method and device, readable storage medium and terminal
WO2018214748A1 (en) Method and apparatus for displaying application interface, terminal and storage medium
CN107153792B (en) Data security processing method and device and mobile terminal
WO2018094631A1 (en) Data processing method and terminal thereof
WO2019071581A1 (en) Application startup control method and user terminal
WO2015101254A1 (en) Information interaction method, apparatus and system
WO2019024882A1 (en) Method for automatically encrypting short message, storage device and mobile terminal
CN105791253B (en) Method and device for acquiring authentication information of website

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17809644

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17809644

Country of ref document: EP

Kind code of ref document: A1