WO2018098881A1 - Procédé et dispositif de traitement d'accès pour application - Google Patents

Procédé et dispositif de traitement d'accès pour application Download PDF

Info

Publication number
WO2018098881A1
WO2018098881A1 PCT/CN2016/112862 CN2016112862W WO2018098881A1 WO 2018098881 A1 WO2018098881 A1 WO 2018098881A1 CN 2016112862 W CN2016112862 W CN 2016112862W WO 2018098881 A1 WO2018098881 A1 WO 2018098881A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
access
interface
kernel
kernel interface
Prior art date
Application number
PCT/CN2016/112862
Other languages
English (en)
Chinese (zh)
Inventor
杨斌
Original Assignee
深圳Tcl新技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳Tcl新技术有限公司 filed Critical 深圳Tcl新技术有限公司
Publication of WO2018098881A1 publication Critical patent/WO2018098881A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of application access security, and in particular, to an access processing method and apparatus for an application.
  • the application is usually scanned for security when the application is installed, and the scanned application has hidden malicious interface calls, but this method can only perform a security scan when the application is installed, if the application After the program installation scan is completed, and further update the code by remote access in the background, there is still a security risk.
  • the main object of the present invention is to provide an access processing method and apparatus for an application, which aims to solve the technical problem that the application still has security risks after the security scan of the application.
  • the present invention provides an access processing method for an application, and the access processing method of the application includes:
  • the system call is intercepted to prevent the application from accessing the system kernel interface and generating an intercept warning prompt.
  • the access processing method of the application further includes:
  • the present invention further provides an access processing method for an application, where the access processing method of the application includes:
  • the system call is intercepted to prevent the application from accessing the system kernel interface.
  • determining whether the application has access to the system kernel interface includes:
  • the access processing method of the application further includes:
  • intercepting the system call to prevent the application from accessing the system kernel interface includes:
  • the system call is intercepted to prevent the application from accessing the system kernel interface and generating an intercept warning prompt.
  • determining whether the application has the right to access the system kernel interface includes:
  • the kernel function corresponding to the system call is determined according to a preset function mapping table for invoking execution of the kernel function.
  • the present invention further provides an access processing device for an application, where the access processing device of the application includes:
  • a detection module configured to detect whether an application currently accesses a system kernel interface through a system call
  • a judging module configured to determine, when the application currently accesses the system kernel interface by using a system call, whether the application has the right to access the kernel interface of the system;
  • a processing module configured to: when the application does not have the right to access the system kernel interface, intercept the system call to prevent the application from accessing the system kernel interface.
  • the determining module comprises:
  • An obtaining unit configured to acquire identity information of the application and a permission mapping table of the application accessing the kernel interface when the currently existing application accesses the system kernel interface through the system call;
  • the determining unit is configured to determine, according to the identity information and the rights mapping table, whether the application has the right to access the system kernel interface.
  • the detecting module is further configured to:
  • the processing module is further configured to:
  • the system call is intercepted to prevent the application from accessing the system kernel interface and generating an intercept warning prompt.
  • the processing module is further configured to:
  • the kernel function corresponding to the system call is determined according to a preset function mapping table for invoking execution of the kernel function.
  • the system kernel interface when a malicious application is usually running, in order to implement a certain function or purpose, the system kernel interface is generally accessed through a system call, thereby causing a security risk to the user. Therefore, by detecting whether an application exists to access the system kernel interface through a system call, when it exists, it determines whether the application has the right to access the system kernel interface, and if the application does not have the corresponding permission, intercepts the application.
  • the invention can further prevent the illegal application from accessing the system kernel interface on the basis of the security scan of the application, thereby improving the security of the system operation.
  • FIG. 1 is a schematic flowchart of an embodiment of an access processing method of an application according to the present invention
  • FIG. 2 is a schematic diagram showing spatial division of an Android system in an access processing method of an application according to the present invention
  • step S20 in FIG. 1 is a schematic diagram showing the refinement process of step S20 in FIG. 1;
  • FIG. 4 is a schematic diagram of functional modules of an embodiment of an access processing apparatus of an application according to the present invention.
  • FIG. 5 is a schematic diagram of a refinement function module of the judging module in FIG. 4.
  • FIG. 5 is a schematic diagram of a refinement function module of the judging module in FIG. 4.
  • the core idea of the present invention is that when a malicious application is usually running, in order to implement a certain function or purpose, the system kernel interface is generally accessed through a system call, thereby causing a security risk to the user. Therefore, in the present invention, when the application accesses the kernel through the system call, the interception is completed, thereby fundamentally preventing the illegal access of the application and improving the security of the system operation.
  • the invention provides an access processing method of an application.
  • FIG. 1 is a schematic flowchart diagram of an embodiment of an access processing method of an application program according to the present invention.
  • the access processing method of the application includes:
  • Step S10 detecting whether an application currently accesses the system kernel interface through a system call
  • Android usually divides the entire virtual address space into two parts: user space and kernel space. It also stipulates that user space cannot directly access kernel space, while kernel space can access user space. By dividing this level, the kernel space can be made more stable and secure. However, if the application process needs to access the kernel or use a kernel function, it usually needs to pass the system call (System Call) to complete. In Android, system calls are the only way for user space to access kernel space. as shown in picture 2.
  • a system call is a set of function interfaces provided by the kernel that allows a process running on user space to interact with the kernel.
  • a user process accesses a hardware device or some resources of an operating system through a system call, and the like.
  • Android application programming interface API to access the Android kernel, such as network interface, file system interface, CPU FM interface.
  • the type of the application program accessing the system kernel interface through the system call for example, a network interface, a file system interface, a CPU FM interface, and the like.
  • the manner of detecting the system call generated by the application is not limited, and is specifically set according to actual needs.
  • Step S20 when the currently existing application accesses the system kernel interface through the system call, determining whether the application has the right to access the system kernel interface;
  • the determination manner is not limited.
  • the corresponding authority mapping table may be set in advance for determination.
  • the system function of all applications is filtered by the filtering function provided by the system kernel, thereby determining whether the application has the right to access the corresponding system kernel interface. .
  • the filter function needs to be performed in the privilege level mode of the Android system, the system mode needs to be converted from the user level mode to the privilege level mode before filtering the application system call.
  • the user level mode and the privilege level mode are two security level modes of the Android system.
  • all applications run in the user level mode, and the Android kernel system functions run in the privilege level mode.
  • the filter function can scan any system call of any application.
  • a trap call generates a system call to trigger a processor interrupt, which in turn is converted from a user-level mode to a privileged-level mode.
  • Step S30 when the application does not have the right to access the system kernel interface, intercept the system call to prevent the application from accessing the system kernel interface.
  • the system call generated by the application is intercepted, thereby fundamentally preventing malicious applications from accessing the system kernel interface, thereby causing security risks.
  • the manner of intercepting the system call generated by the application is not limited.
  • the system function of the illegal application is intercepted by the intercept function of the system kernel. Intercept.
  • the system kernel interface when a malicious application is usually running, in order to implement a certain function or purpose, the system kernel interface is generally accessed through a system call, thereby causing a security risk to the user. Therefore, by detecting whether an application exists to access the system kernel interface through a system call, when it exists, it determines whether the application has the right to access the system kernel interface, and if the application does not have the corresponding permission, intercepts the application.
  • the invention can further prevent the illegal application from accessing the system kernel interface on the basis of the security scan of the application, thereby improving the security of the system operation.
  • FIG. 3 is a schematic diagram of the refinement process of step S20 in FIG.
  • the foregoing step S20 further includes:
  • Step S201 when the application program currently accesses the system kernel interface through the system call, acquiring the identity information of the application, and the permission mapping table of the application program accessing the kernel interface;
  • the identity information of the acquired application is not limited, and may be, for example, a process PID, an application name, an application category, an application credibility level, and the like.
  • the acquired application's identity information may be process PID: 1234, application name: A, application category: file management class, application credibility level: level 3.
  • the permission mapping table of the application accessing the kernel interface may be set in advance according to the category of the application, the credibility of the application, the confidentiality level of the kernel interface, and the like.
  • an application that is set according to the category of the application accesses the permission mapping table of the kernel interface, as shown in Table 1.
  • Application category System kernel interface access Document management Interface A, B, C Word processing All interfaces image display Interface A, B, C, D, E
  • an application that is set according to the credibility of the application accesses the permissions map of the kernel interface, as shown in Table 2:
  • Application credibility System kernel interface access Level 1 Interface A, B, C Level 2 Interface A, B, C Level 3 Interface A, B, C, D, E
  • Step S202 Determine, according to the identity information and the rights mapping table, whether the application has the right to access a system kernel interface.
  • the mapping relationship between the application program and the access authority of the kernel interface as shown in Table 1 is obtained, and the identity information of the application is obtained.
  • the identity information of the application it is known that the application belongs to the picture display category, and according to Table 1, it can be determined that the application does not have the right to access the kernel interface of the Android system.
  • the method includes:
  • the kernel function corresponding to the system call is determined according to a preset function mapping table for invoking execution of the kernel function.
  • the application can only access the system kernel network interface through the system call.
  • the kernel function corresponding to the system call number is invoked to achieve the The purpose of the application to access the system kernel network interface.
  • the system call number is generated when the application accesses the system kernel through a system call.
  • the application program uses the system call through the application programming interface, and generates a system call number, which is found in the system call table and corresponds to the system call number.
  • the Android kernel function which is called in the Android kernel to implement the system call to the Android kernel interface.
  • step S30 specifically includes:
  • the system call is intercepted and an intercept warning prompt is generated.
  • the method for suspending the application to access the kernel of the system is not limited, and may be intercepting the system call generated by the application through the application programming interface API, or directly killing Dead this application process. And exit the kernel space to return to the user space, the system will generate an intrusion report and push it to the user, for example, the application name C, at time T, illegally call the Android kernel interface, blocked, and can also prompt the user to be prompted.
  • the access processing method of the application further includes:
  • the mapping relationship between the application and the access rights of the kernel interface can be formulated through preset rules.
  • the preset rule is that only the application that comes with the smart terminal has the right to access the kernel interface, so that only the application that is included in the system has access to the kernel on the smart terminal.
  • the permissions of the interface, other third-party software installed on the smart terminal do not have access to the system kernel interface.
  • the mapping relationship between the application and the access rights of the kernel interface may also be pre-defined by the user.
  • the user formulates a mapping relationship between the application and the access authority of the kernel interface of the Android system.
  • the method is not limited, for example, according to the name of the application, the function classification of the application, the credibility level of the application, etc., and the type of the kernel interface of the Android system is not limited, such as a network interface, a file system interface, a CPU FM interface, and the like.
  • the application can be set to not have the call permission to the Android kernel interface, or can be set to have one or more call permissions to the Android kernel interface.
  • the application has the right to invoke the kernel network interface of the Android system, the application A has the right to call the Android kernel network interface.
  • the application of the file management category has the right to invoke the kernel system file system interface of the Android system. At this time, all file management category applications in the Android system have the right to call the Android kernel file system interface.
  • the application with the credibility level 5 has the function of calling Android.
  • the scenario in which the user formulates the mapping relationship between the application and the access authority of the Android system kernel interface is not limited. For example, it can be either when the application is installed or when the application is running.
  • an interface is popped up for the user to formulate a mapping relationship between the application and the access authority of the Android system kernel interface.
  • the trap instruction is executed to convert the system from the user level mode to the privilege level mode, and In privilege level mode, all interface calls brought by the application are detected, and the corresponding kernel interface is invoked according to the interface of the application to ask the user whether the application has the right to call one or more kernel interfaces in the kernel interfaces.
  • the mapping relationship is stored for a long time until the user manually deletes the mapping relationship.
  • the mapping relationship may be temporarily stored, and the user ends the application to the application. The use of the mapping is automatically removed after the application's process is closed.
  • the information of the rights mapping table is monitored.
  • the application applies to modify the permission mapping table
  • the application submits the modification permission request for example, deletes the mapping relationship between an application and the system kernel interface or adds a mapping relationship between an application and the system kernel interface.
  • a warning screen is generated, prompting the user to perform identity authentication, which may be through password verification, fingerprint verification, facial recognition, etc., and only through authentication can complete the operation of modifying the permission mapping table; otherwise, the permission mapping table information is not made. modify.
  • the present invention provides an access processing device for an application.
  • FIG. 4 is a schematic diagram of functional modules of an access processing apparatus of an application program according to the present invention.
  • the access processing device of the application includes:
  • the detecting module 10 is configured to detect whether an application currently accesses the system kernel interface through a system call
  • Android usually divides the entire virtual address space into two parts: user space and kernel space. It also stipulates that user space cannot directly access kernel space, while kernel space can access user space. By dividing this level, the kernel space can be made more stable and secure. However, if the application process needs to access the kernel or use a kernel function, it usually needs to pass the system call (System Call) to complete. In Android, system calls are the only way for user space to access kernel space. as shown in picture 2.
  • a system call is a set of function interfaces provided by the kernel that allows a process running on user space to interact with the kernel.
  • a user process accesses a hardware device or some resources of an operating system through a system call, and the like.
  • Android application programming interface API to access the Android kernel, such as network interface, file system interface, CPU FM interface.
  • the type of the application program accessing the system kernel interface through the system call for example, a network interface, a file system interface, a CPU FM interface, and the like.
  • the manner of detecting the system call generated by the application is not limited, and is specifically set according to actual needs.
  • the determining module 20 is configured to determine, when the application currently accesses the system kernel interface by using a system call, whether the application has the right to access the system kernel interface;
  • the determination manner is not limited.
  • the corresponding authority mapping table may be set in advance for determination.
  • the system function of all applications is filtered by the filtering function provided by the system kernel, thereby determining whether the application has the right to access the corresponding system kernel interface. .
  • the filter function needs to be performed in the privilege level mode of the Android system, the system mode needs to be converted from the user level mode to the privilege level mode before filtering the application system call.
  • the user level mode and the privilege level mode are two security level modes of the Android system.
  • all applications run in the user level mode, and the Android kernel system functions run in the privilege level mode.
  • the filter function can scan any system call of any application.
  • a trap call generates a system call to trigger a processor interrupt, which in turn is converted from a user-level mode to a privileged-level mode.
  • the processing module 30 is configured to intercept the system call when the application does not have the right to access the system kernel interface to prevent the application from accessing the system kernel interface.
  • the system call generated by the application is intercepted, thereby fundamentally preventing malicious applications from accessing the system kernel interface, thereby causing security risks.
  • the manner of intercepting the system call generated by the application is not limited.
  • the system function of the illegal application is intercepted by the intercept function of the system kernel. Intercept.
  • the system kernel interface when a malicious application is usually running, in order to implement a certain function or purpose, the system kernel interface is generally accessed through a system call, thereby causing a security risk to the user. Therefore, by detecting whether an application exists to access the system kernel interface through a system call, when it exists, it determines whether the application has the right to access the system kernel interface, and if the application does not have the corresponding permission, intercepts the application.
  • the invention can further prevent the illegal application from accessing the system kernel interface on the basis of the security scan of the application, thereby improving the security of the system operation.
  • FIG. 5 is a schematic diagram of a refinement function module of the judging module in FIG. 4.
  • the judging module 20 includes:
  • the obtaining unit 201 is configured to acquire, when the application currently accesses the system kernel interface by using a system call, the identity information of the application, and the permission mapping table of the application accessing the kernel interface;
  • the identity information of the acquired application is not limited, and may be, for example, a process PID, an application name, an application category, an application credibility level, and the like.
  • the acquired application's identity information may be process PID: 1234, application name: A, application category: file management class, application credibility level: level 3.
  • the permission mapping table of the application accessing the kernel interface may be set in advance according to the category of the application, the credibility of the application, the confidentiality level of the kernel interface, and the like.
  • an application that is set according to the category of the application accesses the permission mapping table of the kernel interface, as shown in Table 3.
  • an application that is set according to the credibility of the application accesses the permissions map of the kernel interface, as shown in Table 4:
  • Table 4 Application credibility System kernel interface access Level 1 Interface A, B, C Level 2 Interface A, B, C Level 3 Interface A, B, C, D, E
  • the determining unit 202 is configured to determine, according to the identity information and the rights mapping table, whether the application has the right to access a system kernel interface.
  • the mapping relationship between the application program and the access authority of the kernel interface as shown in Table 3 is obtained, and the identity information of the application is obtained. According to the identity information of the application, it is known that the application belongs to the picture display category, and according to Table 3, it can be judged that the application does not have the right to access the kernel interface of the Android system.
  • the processing module 30 is further configured to:
  • the kernel function corresponding to the system call is determined according to a preset function mapping table for invoking execution of the kernel function.
  • the application can only access the system kernel network interface through the system call.
  • the kernel function corresponding to the system call number is invoked to achieve the The purpose of the application to access the system kernel network interface.
  • the system call number is generated when the application accesses the system kernel through a system call.
  • the application program uses the system call through the application programming interface, and generates a system call number, which is found in the system call table and corresponds to the system call number.
  • the Android kernel function which is called in the Android kernel to implement the system call to the Android kernel interface.
  • the processing module 30 is further configured to:
  • the system call is intercepted and an intercept warning prompt is generated.
  • the method for suspending the application to access the kernel of the system is not limited, and may be intercepting the system call generated by the application through the application programming interface API, or directly killing Dead this application process. And exit the kernel space to return to the user space, the system will generate an intrusion report and push it to the user, for example, the application name C, at time T, illegally call the Android kernel interface, blocked, and can also prompt the user to be prompted.
  • the detecting module 10 is further configured to:
  • the mapping relationship between the application and the access rights of the kernel interface can be formulated through preset rules.
  • the preset rule is that only the application that comes with the smart terminal has the right to access the kernel interface, so that only the application that is included in the system has access to the kernel on the smart terminal.
  • the permissions of the interface, other third-party software installed on the smart terminal do not have access to the system kernel interface.
  • the mapping relationship between the application and the access rights of the kernel interface may also be pre-defined by the user.
  • the user formulates a mapping relationship between the application and the access authority of the kernel interface of the Android system.
  • the method is not limited, for example, according to the name of the application, the function classification of the application, the credibility level of the application, etc., and the type of the kernel interface of the Android system is not limited, such as a network interface, a file system interface, a CPU FM interface, and the like.
  • the application can be set to not have the call permission to the Android kernel interface, or can be set to have one or more call permissions to the Android kernel interface.
  • the application has the right to invoke the kernel network interface of the Android system, the application A has the right to call the Android kernel network interface.
  • the application of the file management category has the right to invoke the kernel system file system interface of the Android system. At this time, all file management category applications in the Android system have the right to call the Android kernel file system interface.
  • the application with the credibility level 5 has the function of calling Android.
  • the scenario in which the user formulates the mapping relationship between the application and the access authority of the Android system kernel interface is not limited. For example, it can be either when the application is installed or when the application is running.
  • an interface is popped up for the user to formulate a mapping relationship between the application and the access authority of the Android system kernel interface.
  • the trap instruction is executed to convert the system from the user level mode to the privilege level mode, and In privilege level mode, all interface calls brought by the application are detected, and the corresponding kernel interface is invoked according to the interface of the application to ask the user whether the application has the right to call one or more kernel interfaces in the kernel interfaces.
  • the mapping relationship is stored for a long time until the user manually deletes the mapping relationship.
  • the mapping relationship may be temporarily stored, and the user ends the application to the application. The use of the mapping is automatically removed after the application's process is closed.
  • the information of the rights mapping table is monitored. Generated when the application requests to modify the permission mapping table and submit a modification permission request, such as deleting the mapping relationship between an application and the system kernel interface or adding a mapping relationship between an application and the system kernel interface.
  • a warning screen prompts the user to perform identity authentication, which may be through password verification, fingerprint verification, facial recognition, etc., and only through authentication can the operation of modifying the permission mapping table be completed; otherwise, the permission mapping table information is not modified.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un dispositif de traitement d'accès pour une application. Le procédé de traitement d'accès pour une application consiste à : détecter si une application accédant à une interface de noyau de système au moyen d'un appel de système existe actuellement (S10); déterminer, lorsqu'une application accédant à une interface de noyau de système au moyen d'un appel de système existe actuellement, si l'application a une autorisation pour accéder à l'interface de noyau de système (S20); et intercepter, lorsque l'application n'a pas d'autorisation pour accéder à l'interface de noyau de système, l'appel de système de façon à empêcher l'application d'accéder à l'interface de noyau de système (S30). Le procédé et le dispositif peuvent empêcher une application illégale d'accéder à une interface de noyau de système, et améliorer la sécurité de fonctionnement du système.
PCT/CN2016/112862 2016-12-01 2016-12-29 Procédé et dispositif de traitement d'accès pour application WO2018098881A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611093519.4A CN106778208A (zh) 2016-12-01 2016-12-01 应用程序的访问处理方法及装置
CN201611093519.4 2016-12-01

Publications (1)

Publication Number Publication Date
WO2018098881A1 true WO2018098881A1 (fr) 2018-06-07

Family

ID=58882696

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/112862 WO2018098881A1 (fr) 2016-12-01 2016-12-29 Procédé et dispositif de traitement d'accès pour application

Country Status (2)

Country Link
CN (1) CN106778208A (fr)
WO (1) WO2018098881A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109871287A (zh) * 2018-12-15 2019-06-11 中国平安人寿保险股份有限公司 接口调用方法、装置、计算机装置及存储介质

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107679412B (zh) * 2017-09-15 2021-05-18 福建星瑞格软件有限公司 一种拦截数据库访问数据的方法以及装置
CN110287694B (zh) * 2019-06-26 2021-08-20 维沃移动通信有限公司 应用程序管理方法、移动终端及存储介质
CN110276209B (zh) * 2019-06-28 2022-01-28 维沃移动通信有限公司 一种告警方法及移动终端
CN111124506A (zh) * 2019-11-12 2020-05-08 中国电子科技集团公司第三十研究所 基于应用层的运算卡驱动实现方法
CN111079135A (zh) * 2019-11-27 2020-04-28 浪潮商用机器有限公司 一种内核访问方法、装置和介质
CN111083541B (zh) * 2019-12-30 2022-10-04 深圳Tcl数字技术有限公司 接口调用方法、装置、智能电视及可读存储介质
CN113836497A (zh) * 2020-06-24 2021-12-24 武汉杰开科技有限公司 程序运行方法、集成电路芯片及相关装置
CN112084490A (zh) * 2020-09-09 2020-12-15 南京烽火星空通信发展有限公司 一种基于Linux内核调用实现软件源代码的保护方法及系统
CN112163130A (zh) * 2020-10-28 2021-01-01 河北时代电子有限公司 一种关于社保数据查询的访问处理方法
CN112199662B (zh) * 2020-12-09 2021-02-19 江苏东大集成电路系统工程技术有限公司 一种基于自适配插件的权限校验系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621624B2 (en) * 2008-06-17 2013-12-31 Electronics And Telecommunications Research Institute Apparatus and method for preventing anomaly of application program
CN103593238A (zh) * 2012-08-16 2014-02-19 腾讯科技(深圳)有限公司 控制应用程序编程接口调用的方法及装置
CN104680084A (zh) * 2015-03-20 2015-06-03 北京瑞星信息技术有限公司 计算机中保护用户隐私的方法和系统
CN105701415A (zh) * 2016-01-04 2016-06-22 上海斐讯数据通信技术有限公司 一种移动终端内核权限管理系统及方法

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102542182A (zh) * 2010-12-15 2012-07-04 苏州凌霄科技有限公司 基于Windows平台的强制访问控制装置及控制方法
CN103268451B (zh) * 2013-06-08 2017-12-05 上海斐讯数据通信技术有限公司 一种基于移动终端的动态权限管理系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621624B2 (en) * 2008-06-17 2013-12-31 Electronics And Telecommunications Research Institute Apparatus and method for preventing anomaly of application program
CN103593238A (zh) * 2012-08-16 2014-02-19 腾讯科技(深圳)有限公司 控制应用程序编程接口调用的方法及装置
CN104680084A (zh) * 2015-03-20 2015-06-03 北京瑞星信息技术有限公司 计算机中保护用户隐私的方法和系统
CN105701415A (zh) * 2016-01-04 2016-06-22 上海斐讯数据通信技术有限公司 一种移动终端内核权限管理系统及方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109871287A (zh) * 2018-12-15 2019-06-11 中国平安人寿保险股份有限公司 接口调用方法、装置、计算机装置及存储介质

Also Published As

Publication number Publication date
CN106778208A (zh) 2017-05-31

Similar Documents

Publication Publication Date Title
WO2018098881A1 (fr) Procédé et dispositif de traitement d'accès pour application
WO2019227557A1 (fr) Procédé de gestion de clé, dispositif, support de stockage et appareil
WO2013079010A1 (fr) Procédé et dispositif de traitement d'exécution d'application
WO2019100604A1 (fr) Procédé et appareil d'interrogation de compte, dispositif, et support de stockage lisible par ordinateur
WO2016101745A1 (fr) Procédé d'activation de jeton de terminal mobile
WO2016108468A1 (fr) Terminal utilisateur, appareil de fourniture de services, procédé de commande de terminal utilisateur, procédé de commande d'appareil de fourniture de services, et système de recherche à base d'indexation de chiffrement
WO2019051887A1 (fr) Procédé et dispositif permettant de commander un appareil ménager, et support d'informations lisible par ordinateur
WO2020224247A1 (fr) Procédé, appareil et dispositif de provenance de données basés sur la chaine de blocs, et support d'informations lisible
WO2014187168A1 (fr) Procédé et appareil de stockage et de gestion d'informations basés sur un navigateur webkit
WO2022050652A1 (fr) Procédé, appareil et support d'enregistrement lisible par ordinateur pour la commande d'un compte
WO2013085281A1 (fr) Procédé et dispositif de sécurité dans un service informatique en nuage
WO2019196213A1 (fr) Procédé, appareil et dispositif de test d'interface, et support d'informations lisible par ordinateur
WO2015172684A1 (fr) Procédé de connexion à un ap, terminal et serveur
WO2019127971A1 (fr) Procédé de synchronisation d'images pour registre d'images, système, dispositif et support d'informations
WO2019161597A1 (fr) Procédé, appareil et dispositif d'envoi d'informations sur la base d'une messagerie instantanée, et support d'informations
WO2019033904A1 (fr) Procédé et système d'authentification de connexion et support d'informations lisible par ordinateur
WO2019051902A1 (fr) Procédé de commande de terminal, climatiseur et support d'informations lisible par un ordinateur
WO2019051898A1 (fr) Procédé et appareil de commande de dispositif, et support d'informations lisible par ordinateur
WO2015196960A1 (fr) Procédé et système de vérification de la sécurité d'une url pour un terminal mobile
WO2018028121A1 (fr) Procédé et dispositif de gestion de l'espace de stockage d'une partition de données
WO2017071352A1 (fr) Procédé de poussée de mot de passe, système de poussée, et dispositif terminal
WO2018076870A1 (fr) Procédé et appareil de traitement de données, support de stockage, serveur, et système de traitement de données
WO2018076811A1 (fr) Dispositif électronique, support d'informations, système, dispositif et procédé de partage de données
WO2019085301A1 (fr) Procédé, appareil et dispositif de rétroaction d'appel manqué pour un téléphone fixe, et support de stockage lisible
WO2018053963A1 (fr) Procédé et appareil de mise à niveau d'un système de téléviseur intelligent

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16923001

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16923001

Country of ref document: EP

Kind code of ref document: A1