WO2019100897A1 - 一种应用程序启动方法、启动装置及计算机可读存储介质 - Google Patents

一种应用程序启动方法、启动装置及计算机可读存储介质 Download PDF

Info

Publication number
WO2019100897A1
WO2019100897A1 PCT/CN2018/111755 CN2018111755W WO2019100897A1 WO 2019100897 A1 WO2019100897 A1 WO 2019100897A1 CN 2018111755 W CN2018111755 W CN 2018111755W WO 2019100897 A1 WO2019100897 A1 WO 2019100897A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
program
input event
smart terminal
sandbox
Prior art date
Application number
PCT/CN2018/111755
Other languages
English (en)
French (fr)
Inventor
徐晖
马鲲霄
杨师正
Original Assignee
南昌黑鲨科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 南昌黑鲨科技有限公司 filed Critical 南昌黑鲨科技有限公司
Priority to JP2020528472A priority Critical patent/JP2021504826A/ja
Priority to KR1020207014912A priority patent/KR20200090784A/ko
Priority to EP18882067.4A priority patent/EP3699756A4/en
Publication of WO2019100897A1 publication Critical patent/WO2019100897A1/zh
Priority to US16/882,432 priority patent/US20200342093A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/76Adapting program code to run in a different environment; Porting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Definitions

  • the present invention relates to the field of applications, and in particular, to an application startup method, a boot device, and a computer readable storage medium.
  • the prior art solution is to modify the framework layer (Framework) code, such as modifying the view class (View) or the input management service (InputManagerService), thereby implementing the modification of the input event reported by the underlying driver, so that the application
  • the program successfully identifies and processes the modified event.
  • the publisher of the Android operating system often updates.
  • the framework layer code needs to be re-migrated to maintain the recognition process of the input event.
  • the modified code cannot be directly applied to the smart terminal of other operating system versions (ie, the ROM version), and the versatility of the software is poor.
  • the invention provides a method for realizing recognition and processing of an input event without modifying the framework layer of the Android operating system, and realizing a modification of the operating environment parameter by presetting a sandbox program in the intelligent terminal.
  • the operating environment parameter starts the application [ibid., it is necessary to emphasize versatility]; the method also improves the versatility of the software and satisfies the requirements for running on smart terminals of different operating system versions.
  • the invention discloses an application startup method, which comprises the following steps:
  • S101 preset at least one sandbox program in a smart terminal, where the sandbox program customizes a set of operating environment parameters for processing input events;
  • S103 Start an application based on the operating environment parameter.
  • the running environment parameter includes a member variable of a root view class.
  • the application startup method further includes:
  • the input event includes an external input event corresponding to an external input device connected to the smart terminal and a touch input event corresponding to the smart terminal touch screen.
  • the sandbox program is preset at an application layer of the smart terminal operating system.
  • the invention also discloses an application starting device, comprising:
  • a preset module preset at least one sandbox program in a smart terminal, wherein the sandbox program customizes a set of operating environment parameters for processing input events;
  • the running environment parameter includes a member variable of a root view class.
  • the application launching device further includes:
  • a processing module connected to the startup module and the preset module, when the application receives an input event, controlling a root view class in the operating environment parameter to replace a root view class in the operating system of the smart terminal The input event is identified and reported.
  • the input event includes an external input event corresponding to an external input device connected to the smart terminal and a touch input event corresponding to the smart terminal touch screen.
  • the preset module presets the sandbox program at an application layer of the smart terminal operating system.
  • the invention also discloses a computer readable storage medium having stored thereon a computer program, the computer program being executed by the processor to implement the following steps:
  • S105 preset at least one sandbox program in a smart terminal, and customize a set of operating environment parameters for processing the input event in the sandbox program;
  • S107 Start an application based on the operating environment parameter.
  • the running environment parameter includes a member variable of a root view class.
  • the application startup method further includes:
  • the input event includes an external input event corresponding to an external input device connected to the smart terminal and a touch input event corresponding to the smart terminal touch screen.
  • the sandbox program is preset at an application layer of the operating system of the smart terminal.
  • FIG. 1 is a flow chart showing an application startup method in accordance with a preferred embodiment of the present invention
  • FIG. 2 is a block diagram showing the structure of an application launching apparatus in accordance with a preferred embodiment of the present invention
  • FIG. 3 is a flow chart showing a computer program in the computer readable storage medium in accordance with a preferred embodiment of the present invention.
  • FIG. 4 is a block diagram of an operating system in accordance with an application launch method in accordance with a preferred embodiment of the present invention.
  • first, second, third, etc. may be used in the present disclosure to describe various information, such information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information without departing from the scope of the present disclosure.
  • second information may also be referred to as first information.
  • word "if” as used herein may be interpreted as "when” or “when” or “in response to a determination.”
  • the application startup method includes the following steps:
  • S101 preset at least one sandbox program in a smart terminal, where the sandbox program customizes a set of operating environment parameters for processing input events.
  • the sandbox program referred to as sandbox, is also called (sandbox) and is used to build an environment that restricts the running of programs. It is a typical security model.
  • the sandbox program restricts program execution on the one hand to protect system resources, and on the other hand to protect the program itself from malicious access and data leakage.
  • the system resources include a CPU, a memory, a file system, a network, and the like.
  • the core of its security model is the sandbox. Different sandboxes can be set to correspond to different system resource access restrictions. All Java programs can be specified with sandboxes and security policies can be customized.
  • the sandbox program includes rights, code sources, protection domains, policy files, secret key libraries, and the like, and is used to set permission operations, protection scopes, and various security policies for the protected program code.
  • the Java sandbox implementation controls the execution of the application by rewriting the class loader and security manager through the set global security manager.
  • the sandbox program is disposed in the smart terminal, and defines a set of operating environment parameters for processing an input event, and is stored in the smart terminal in a configuration file.
  • the running of various applications requires the support of the running environment, which is a broad concept, embodied in a collection of various classes or services defined by the operating system related to the application, especially each The properties of the class and the member variables support the various parameters required for the application to run.
  • the running environment parameters defined in the sandbox program are distributed in a class related to processing an input event, and the running environment parameter may be a member variable of an individual class, or may be The entire class is defined again.
  • This step redefines the member variables in the class or class related to processing the input event in the sandbox program, and presets the monitoring of the input event, and when the input event is generated, the sandbox is run.
  • the input environment event is processed by a runtime environment parameter defined within the program.
  • the operating environment parameters defined in the sandbox program are not limited to the operating environment modification of the application layer, and may also involve the system runtime layer or the driver layer; the operating environment parameters are not limited to a certain class, method, or service, and may be A collection of multiple classes, methods, or services to implement the runtime environment required by the application.
  • the sandbox program is run, and only the sandbox program is run first, so that the corresponding running environment parameters can be provided for subsequent application running.
  • Running the sandbox program can be implemented in a variety of ways.
  • a command can be run in the development environment to start a sandbox program, such as running a command to open a security manager in Java, or running a sandbox program.
  • the application that needs to run in the sandbox program is placed in the same folder, and when the user opens the folder, the sandbox program is triggered to run.
  • the monitoring of the related interface of the input event is started, so that the processing of the input event is hijacked, and the original operating environment parameter in the operating system no longer functions.
  • S103 Start an application based on the operating environment parameter.
  • This step implements the startup of the application, and the operation of the application is based on a preset operating environment parameter in the sandbox program.
  • the sandbox program may preset a protection domain, that is, which applications are associated in the sandbox program, and when the sandbox program runs, the associated application in the protection domain runs according to The preset operating environment parameters of the sandbox program are run.
  • the launching of the application may be initiated by an operation of the receiving user, for example, the user performs a touch operation on the application icon to open the application.
  • the application is in a different process than the sandboxed program, but inherits the runtime environment of the sandboxed application, as seen from the outside, equivalent to the application running inside the sandboxed program.
  • the interaction between the application and the operating system is implemented by the sandbox program, that is, various types of input events acquired by the application are processed according to operating environment parameters defined in the sandbox program, and the original operating system
  • the relevant runtime environment parameters are not visible to the application.
  • other runtime environment parameters are still supported to run by the application in accordance with the configuration within the operating system.
  • the application is a client process of the sandbox program, and the sandbox program is a host process of the application, and the application is based on a sandbox program runtime.
  • the operating environment communicates with the sandbox program, and the sandbox program exposes a preset API to the application, providing functions, in addition to processing the input event, such as acquiring system status, geographic location information, and the like.
  • the runtime environment parameter includes a member variable of a root view class.
  • the improved embodiment optimizes the customized running environment parameters in the sandbox program, that is, the member variables of the root view class.
  • the root view class is an important class in the application layer of the Android operating system, and the English is ViewRootImpl, which functions to fill the view object (View), complete the management task of the specific view object; the root view class and the window management service (WindowManagerService) communicates and manages the interface to be displayed.
  • the member variables of the root view class by processing the member variables of the root view class, each input event is processed, and the result of the input event is reflected in the display interface.
  • the application startup method further includes:
  • the improved embodiment implements step S104 on the basis that the running environment parameter includes a member variable of the root view class.
  • the underlying driver of the smart terminal recognizes the input operation and forms an input event, and then reports the input event layer by layer.
  • This step implements a process of processing an input event.
  • the application detects that an input event occurs, the application identifies the input event according to the root view class provided by the sandbox program, and reports the input event to other The function program module processes it.
  • the security policy of the sandbox program may define an acquisition path of the runtime environment parameter that is performed when the input event occurs to implement replacement of the root view class.
  • the application processes the input event according to the default operating environment of the operating system, especially for different input events, which may not be recognized effectively, and only the same type can be identified.
  • Input events such as touch screen input events.
  • the input event includes an external input event corresponding to an external input device connected to the smart terminal and a touch input event corresponding to the smart terminal touch screen.
  • the improved embodiment further defines the type of the input event.
  • the smart terminal operating system in the prior art generates an external input event for the input operation received by the external input device, and generates a touch input event for the input operation received by the smart terminal touch screen, but the application layer of the operating system cannot Input events are identified and differentiated, resulting in two input events not coexisting, and the user can only select one input operation.
  • the sandbox program monitors an input event reported from an interface of the operating system framework layer, and identifies and processes different input events through a customized root view class, so that the application (such as a game)
  • the program has the ability to recognize the operation of the touch screen and the input operation of the external device. The user can perform two input operations at the same time, enriching the input operation mode and improving the experience.
  • the sandbox program is preset at an application layer of the smart terminal operating system.
  • the sandbox program works in an application layer of the operating system, and the running environment parameters involved are mainly classes or methods of the application layer, and the event is obtained from the operating system framework layer during work, and the framework layer itself is not modified. . In this way, even if the operating system is upgraded, the sandbox program needs to be transplanted at the application layer, and no other layer of code modification is involved, which reduces the workload of the migration.
  • the sandbox program acts as a barrier to ensure data security and prevent data leakage [as in the previous situation, this side Can you emphasize that "it can be easily applied to different Android system (ROM) platforms at the same time]]; at the same time, the sandbox program and application can be easily applied to different Android operating system (ROM) platforms, with better Versatility.
  • FIG. 4 a block diagram of an operating system in accordance with an application launch method in accordance with a preferred embodiment of the present invention.
  • Figure 4 shows the layers of the Android operating system, including the Application, Framework, Android Native, and Android Driver. The layers are only displayed. Each module related to the present invention.
  • the driver layer includes a touch screen driver and an external input device driver for identifying input operations received by the touch screen and the external input device, and forming an input event.
  • the local runtime layer includes an input management service local runtime (InputManagerService Native) to provide local support for the processing of input events.
  • the framework layer includes an input management service (InputManagerService) and a view class (View). The input management service manages the input events and reports them to the application layer, and the view class controls the display of the display interface.
  • the sandbox program and the application program of the present invention are all at the application layer, and the application originally installed in the operating system becomes an application 'on the basis of the sandbox program, and the application is based on the sand
  • the running environment provided by the box program runs, and the input event reported from the framework layer passes through the sandbox program and then reports to the application program.
  • the customization requirements of the input events are realized, so that the application launched from the sandbox can 'acquire the customization ability and provide more scalability and security for the application. Sex.
  • the application launching apparatus 10 includes:
  • the preset module 11 presets at least one sandbox program in a smart terminal, and the sandbox program defines a set of operating environment parameters for processing input events.
  • the preset module 11 configures a configuration file of the sandbox program, for example, a sandbox program in Java includes a right, a code source, a protection domain, a policy file, a secret key library, and the like, and records operating environment parameters. Write the class loader and security manager to control the execution of the application through the set global security manager.
  • the operating environment parameter defined by the preset module 11 in the sandbox program is related to the processing of the input event of the smart terminal, and may be a member variable of an individual class, or may be defined again for the entire class;
  • the runtime environment parameters are also not limited to a certain class, method, or service, and may be a collection of multiple classes, methods, or services to implement the runtime environment required by the application.
  • the running module 12 is connected to the preset module 11 to run the sandbox program.
  • the running module 12 may be a running instruction in a development environment; the user interaction operation at the application layer may also be associated with the sandbox program, and when there is a user interaction operation (for example, opening a folder), the sand is run. Box program. After the sandbox program is run, the monitoring of the related interface of the input event is started, so that the processing of the input event is hijacked, and the original operating environment parameter in the operating system no longer functions.
  • the startup module 13 is connected to the preset module 11 and starts an application based on the operating environment parameter.
  • the preset environment 11 obtains the running environment parameters required for the operation, and does not directly interact with the operating system.
  • the startup module 13 can be set to receive a startup operation of the user, for example, the user performs a touch operation on the application icon to open the application.
  • other runtime environment parameters are still supported to run by the application in accordance with the configuration within the operating system.
  • the running environment parameter includes a member variable of a root view class.
  • the application launching apparatus 10 further includes:
  • the processing module 14 is connected to the startup module 13 and the preset module 11.
  • the root view class in the operating environment parameter is controlled to replace the root in the operating system of the smart terminal.
  • the view class identifies and reports the input event.
  • the processing module 14 monitors whether the application receives an input event, and when an input event occurs, the processing module 14 provides a root according to the sandbox program.
  • the view class identifies the input event and reports it to other functional program modules for processing.
  • the input event includes an external input event and an intelligent terminal corresponding to an external input device connected to the smart terminal. Touch input event corresponding to the touch screen.
  • the external input event and the touch input event have different identifiers, and the preset operating environment of the preset module 11 can identify the identifiers of the two input events and process the input events.
  • the preset module 11 presets the sandbox program at an application layer of the smart terminal operating system.
  • the sandbox program works in an application layer of the operating system, and the running environment parameters involved are mainly classes or methods of the application layer, and the event is obtained from the operating system framework layer during work, and the framework layer itself is not modified. .
  • FIG. 3 is a schematic flow chart of a computer program in a computer readable storage medium according to a preferred embodiment of the present invention, wherein the computer readable storage medium stores a computer program, and the computer program is implemented by a processor The following steps:
  • S105 preset at least one sandbox program in a smart terminal, and customize a set of operating environment parameters for processing an input event in the sandbox program;
  • S107 Start an application based on the operating environment parameter.
  • the runtime environment parameter includes a member variable of a root view class.
  • step S107 the application startup method further includes:
  • the input event includes an external input event corresponding to an external input device connected to the smart terminal and a touch input event corresponding to the smart terminal touch screen.
  • step S105 the sandbox program is preset at an application layer of the smart terminal operating system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)

Abstract

一种应用程序启动方法、启动装置及计算机可读存储介质,所述应用程序启动方法包括以下步骤:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数(S101);运行所述沙箱程序(S102);基于所述运行环境参数启动一应用程序(S103)。上述技术方案实施后,在应用层实现了对输入事件的劫持及注入,无需修改安卓操作系统的框架层代码,大大减少了操作系统版本升级时框架层的移植工作量;提供了沙箱程序的模型,使得普通应用程序可以运行在沙箱程序内部,确保应用程序边界的可靠性,避免由于第三方操作系统或骇客程序造成的用户数据失窃;能够在不同操作系统版本上运行,提升了通用性。

Description

一种应用程序启动方法、启动装置及计算机可读存储介质 技术领域
本发明涉及应用程序领域,尤其涉及一种应用程序启动方法、启动装置及计算机可读存储介质。
技术背景
目前智能手机、平板电脑等智能终端的应用越来越普及,特别是基于安卓操作系统(Android System)的智能终端,第三方在该操作系统的架构上开发了满足各种应用需求的应用程序,也就是APP。这些应用程序往往需要和用户进行人机交互,也就是接收用户的输入操作,特别是游戏等需要连接外部输入设备的应用程序,会产生手柄输入事件、触摸屏输入事件等不同的输入事件,因此需要在操作系统的基础上对不同的输入事件进行修改,以满足应用程序的使用需求。
目前对于Android输入事件的修改,现有技术的方案是通过修改框架层(Framework)代码,比如修改视图类(View)或者输入管理服务(InputManagerService),从而实现修改底层驱动上报的输入事件,让应用程序顺利识别并处理被修改后的事件。
然而现有技术仍存在以下问题:
1、安卓操作系统的发布方经常会进行更新,对于更新后的操作系统,需要重新对框架层代码进行移植以保持对输入事件的识别处理;
2、如果按照修改操作系统的方式对输入事件进行处理,修改的代码无法直接应用到其他操作系统版本(即ROM版本)的智能终端上,软件的通用性较差。
因此,需要一种可以在不修改安卓操作系统框架层的前提下实现识别并处理输入事件的方法,减少安卓操作系统版本升级时框架层的代码移植工作量[同上,也需要一种可以做到更加通用的修改方案(即本方案)],且该方法能够在不同操作系统版本的智能终端上实现,提升软件的通用性。
发明概要
本发明提供了一种在不修改安卓操作系统框架层的前提下实现识别并处理输入事件的方法,通过在所述智能终端内预设一沙箱程序,实现对运行环境参数的修改,基于所 述运行环境参数启动所述应用程序[同上,需要强调一下通用性];该方法还提升了软件的通用性,满足在不同操作系统版本的智能终端上运行的需求。
本发明公开了一种应用程序启动方法,包括以下步骤:
S101:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
S102:运行所述沙箱程序;
S103:基于所述运行环境参数启动一应用程序。
优选地,步骤S101中,所述运行环境参数包括根视图类的成员变量。
优选地,步骤S103之后,所述应用程序启动方法还包括:
S104:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
优选地,步骤S101中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
优选地,步骤S101中,于所述智能终端操作系统的应用层预设所述沙箱程序。
本发明还公开了一种应用程序启动装置,包括:
预设模块,于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
运行模块,与所述预设模块连接,运行所述沙箱程序;
启动模块,与所述预设模块连接,基于所述运行环境参数启动一应用程序;
优选地,所述预设模块预设所述沙箱程序时,所述运行环境参数包括根视图类的成员变量。
优选地,所述应用程序启动装置还包括:
处理模块,与所述启动模块及预设模块连接,当所述应用程序接收一输入事件时,控制所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
优选地,所述预设模块预设所述沙箱程序时,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
优选地,所述预设模块于所述智能终端操作系统的应用层预设所述沙箱程序。
本发明还公开了一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现以下步骤:
S105:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处 理输入事件的运行环境参数;
S106:运行所述沙箱程序;
S107:基于所述运行环境参数启动一应用程序。
优选地,步骤S105中,所述运行环境参数包括根视图类的成员变量。
优选地,步骤S107之后,所述应用程序启动方法还包括:
S108:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
优选地,步骤S105中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
优选地,步骤S105中,于所述智能终端操作系统的应用层预设所述沙箱程序。
采用了上述技术方案后,与现有技术相比,具有以下有益效果:
1.在应用层实现了对输入事件的劫持及注入,无需修改安卓操作系统的框架层代码,大大减少了操作系统版本升级时框架层的移植工作量;
2.提供了沙箱程序的模型,使得普通应用程序可以运行在沙箱程序内部,确保应用程序边界的可靠性,避免由于第三方ROM或骇客程序造成的用户数据失窃;
3.能够在不同操作系统版本上运行,提升了通用性。
附图说明
图1为符合本发明一优选实施例中应用程序启动方法的流程示意图;
图2为符合本发明一优选实施例中应用程序启动装置的结构框图;
图3为符合本发明一优选实施例中所述计算机可读存储介质中计算机程序的流程示意图;
图4为符合本发明一优选实施例中应用程序启动方法的操作系统框图。
附图标记:
10-应用程序启动装置、11-预设模块、12-运行模块、13-启动模块、14-处理模块。
发明内容
以下结合附图与具体实施例进一步阐述本发明的优点。
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施 例中所描述的实施方式并不代表与本公开相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本公开的一些方面相一致的装置和方法的例子。
在本公开使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本公开。在本公开和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。
应当理解,尽管在本公开可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本公开范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。
在本发明的描述中,需要理解的是,术语“纵向”、“横向”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”“内”、“外”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本发明和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本发明的限制。
在本发明的描述中,除非另有规定和限定,需要说明的是,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是机械连接或电连接,也可以是两个元件内部的连通,可以是直接相连,也可以通过中间媒介间接相连,对于本领域的普通技术人员而言,可以根据具体情况理解上述术语的具体含义。
在后续的描述中,使用用于表示元件的诸如“模块”、“部件”或“单元”的后缀仅为了有利于本发明的说明,其本身并没有特定的意义。因此,“模块”与“部件”可以混合地使用。
参阅图1,为符合本发明一优选实施例中应用程序启动方法的流程示意图,所述应用程序启动方法包括以下步骤:
S101:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数。
所述沙箱程序,简称沙箱,又被称为(sandbox),用于构建限制程序运行的环境,是一种典型的安全模型。所述沙箱程序限制程序运行一方面是为了保护系统资源,同时另一方面也为了保护程序自己,免受恶意访问以及数据泄露。所述系统资源又包括CPU、内存、文件系统、网络等。例如在Java语言开发中,其安全模型的核心就是沙箱,可设 置不同的沙箱对应不同的系统资源访问限制,所有的Java程序运行都可以指定沙箱,可以定制安全策略。所述沙箱程序包括权限、代码源、保护域、策略文件、秘钥库等要素,用于对被保护的程序代码设定权限操作、保护范围以及各种安全策略。Java沙箱实现通过重写类加载器和安全管理器,通过设置的全局安全管理器来控制执行应用程序的权限。
本实施例中,所述沙箱程序设于所述智能终端内,其内部定义了一组用于处理输入事件的运行环境参数,以配置文件形式存储于所述智能终端内。对于安卓操作系统,各种应用程序的运行需要运行环境的支持,所述运行环境是一个广义的概念,体现为各种与应用程序相关的操作系统已定义的类或服务的集合,特别是各个类的属性和成员变量,支撑了应用程序运行所需的各种参数。本步骤预设所述沙箱程序时,所述沙箱程序内定义的运行环境参数分布在与处理输入事件有关的类中,所述运行环境参数可以是个别的类的成员变量,也可以对整个类进行再次定义。本步骤于所述沙箱程序内重新定义了与处理输入事件相关的类或类中的成员变量,并预设了对所述输入事件的监听,当有输入事件产生时,运行所述沙箱程序内定义的运行环境参数来对所述输入事件进行处理。所述沙箱程序内定义的运行环境参数并不限于对应用层的运行环境修改,还可能涉及系统运行库层或者驱动层;所述运行环境参数也不限于某个类、方法或服务,可以是多个类、方法或服务的集合,以实现所述应用程序所需的运行环境。
S102:运行所述沙箱程序。
本步骤运行所述沙箱程序,只有先运行了所述沙箱程序,才能为后续的应用程序运行提供相应的运行环境参数。运行所述沙箱程序,可通过多种方式实现,在开发阶段,可在开发环境下运行命令来启动沙箱程序,例如Java中运行打开安全管理器的命令;也可将沙箱程序的运行与相应的操作关联,例如将需要在沙箱程序内运行的应用程序放入同一个文件夹中,当用户打开该文件夹时,即触发所述沙箱程序的运行。所述沙箱程序运行后,启动对所述输入事件的相关接口的监听,以便对输入事件的处理进行劫持,所述操作系统内原有的运行环境参数不再起作用。
S103:基于所述运行环境参数启动一应用程序。
本步骤实现所述应用程序的启动,所述应用程序的运行基于所述沙箱程序中预设的运行环境参数。所述沙箱程序中可预设保护域,也就是定义了哪些应用程序是在所述沙箱程序中关联的,当所述沙箱程序运行后,在保护域内关联的应用程序运行时会按照所述沙箱程序的预设运行环境参数运行。所述应用程序的启动可以是接收用户的操作启动,例如用户对应用程序图标执行触摸操作打开应用程序。需要注意的是,所述应用程序与所述沙箱程序处于不同进程,但会继承沙箱应用的运行时环境,从外部看起来,等同于 是所述应用程序运行在所述沙箱程序内部。所述应用程序与操作系统的交互通过所述沙箱程序实现,即所述应用程序获取的各类输入事件须经基于所述沙箱程序内定义的运行环境参数进行处理,操作系统内原有的相关运行环境参数对于所述应用程序而言是不可见的。除了所述沙箱程序内定义的运行环境参数,其他的运行环境参数仍按照操作系统内的配置支持所述应用程序运行。从两者的从属关系上来看,所述应用程序是沙箱程序的客户端进程,而所述沙箱程序则是所述应用程序的宿主进程,所述应用程序会基于沙箱程序运行时的运行环境与沙箱程序进行通讯,沙箱程序会向所述应用程序暴露预设的API,提供相应功能,除了对输入事件处理以外,还可提供诸如获取系统状态,地理位置信息等功能。
作为所述应用程序启动方法的进一步改进,所述步骤S101中,所述运行环境参数包括根视图类的成员变量。本改进实施例对所述沙箱程序中自定义的运行环境参数进行了优选,即为所述根视图类的成员变量。所述根视图类为安卓操作系统应用层中的重要的类,英文为ViewRootImpl,其作用为对视图对象(View)进行填充,完成具体的视图对象的管理任务;根视图类还与窗口管理服务(WindowManagerService)进行沟通,管理要显示的界面。在本实施例中,通过对根视图类的成员变量进行自定义,实现对各输入事件进行处理,并将输入事件的结果反映在显示界面中。
进一步地,步骤S103之后,所述应用程序启动方法还包括:
S104:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
本改进实施例在所述运行环境参数包括根视图类的成员变量的基础上,实现了步骤S104。当所述智能终端触摸屏或其他输入设备接收了输入操作,所述智能终端的底层驱动识别所述输入操作并形成输入事件,再将所述输入事件逐层上报。本步骤实现对输入事件的处理过程,当所述应用程序监听到有输入事件发生时,所述应用程序根据所述沙箱程序提供的根视图类对所述输入事件进行识别,并上报给其他功能程序模块进行处理。所述沙箱程序的安全策略可以对输入事件发生时进行的运行环境参数的获取路径进行定义,以实现对所述根视图类的替换。而现有技术中,若没有运行沙箱程序,所述应用程序会根据操作系统默认的运行环境对所述输入事件进行处理,特别是对于不同的输入事件可能无法有效识别,仅能识别同一类型的输入事件,例如触摸屏输入事件。
作为所述应用程序启动方法的进一步改进,所述步骤S101中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。本改进实施例对所述输入事件的种类作了进一步限定。用户在使用所述智能终 端运行需要大量复杂操作的应用程序时,例如玩游戏,仅通过智能终端触摸屏的输入操作难以满足交互需求,还需通过外部输入设备,例如游戏手柄与所述智能终端通信连接后进行辅助输入操作。现有技术中的智能终端操作系统对于所述外部输入设备接收的输入操作产生一外部输入事件,对于智能终端触摸屏接收的输入操作产生一触摸输入事件,然而操作系统的应用层无法对上述两种输入事件进行识别并区分处理,导致了两种输入事件无法并存,用户只能选择一种输入操作。本实施例中所述沙箱程序监听从所述操作系统框架层的接口上报的输入事件,并通过自定义的根视图类对不同的输入事件进行识别及处理,使得所述应用程序(例如游戏程序)具备对触摸屏操作和外部设备输入操作的识别能力,用户能够同时进行两种输入操作,丰富了输入操作方式,提升了体验效果。
作为所述应用程序启动方法的进一步改进,所述步骤S101中,于所述智能终端操作系统的应用层预设所述沙箱程序。所述沙箱程序工作于所述操作系统的应用层,其涉及的运行环境参数也主要为应用层的类或方法,工作时从所述操作系统框架层获取事件,无需对框架层本身进行修改。这样以来,即便操作系统进行了升级,也只需将沙箱程序在应用层进行移植,不涉及其他层的代码修改,减少了移植工作量。同时,由于所述应用程序直接与沙箱程序交互而非与操作系统交互,所述沙箱程序起到了屏障的作用,能够保障数据的安全性,防止数据泄露[与之前的情况一样,这边能否强调一下“同时可以方便地应用到不同的安卓系统(ROM)平台”];同时,该沙箱程序及应用程序可以方便地应用到不同的安卓操作系统(ROM)平台,具有较好的通用性。
参阅图4,为符合本发明一优选实施例中应用程序启动方法的操作系统框图。图4展示了安卓(Android)操作系统下的各层,包括应用层(Application)、框架层(Framework)、本地运行库层(Android Native)及驱动层(Android Driver),各层仅展示了与本发明相关的各模块。其中,驱动层包括了触摸屏驱动程序以及外部输入设备驱动程序,用于识别触摸屏及外部输入设备接收的输入操作,并形成输入事件。所述本地运行库层包括了输入管理服务本地运行库(InputManagerService Native),为输入事件的处理提供本地支持。框架层包括了输入管理服务(InputManagerService)和视图类(View),输入管理服务对输入事件进行管理,并上报给应用层,视图类则控制显示界面的显示。本发明涉及的沙箱程序及应用程序均在应用层,原本安装于操作系统内的应用程序在所述沙箱程序的基础上运行后变为应用程序’,所述应用程序’基于所述沙箱程序提供的运行环境运行,从框架层上报的输入事件经过所述沙箱程序后再上报至所述应用程序’。通过修改沙箱程序内部的运行环境,实现了输入事件的客制化需求,从而使得从沙箱内部启动的应用程序’获取客制化的能力,并为应用程序提供更多的扩展性和安全性。
参阅图2,为符合本发明一优选实施例中应用程序启动装置10的结构框图,所述应用程序启动装置10包括:
-预设模块11
所述预设模块11于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数。所述预设模块11配置所述沙箱程序的配置文件,例如在Java中的沙箱程序包括权限、代码源、保护域、策略文件、秘钥库等要素,记录了运行环境参数,通过重写类加载器和安全管理器,通过设置的全局安全管理器来控制执行应用程序的权限。所述预设模块11于所述沙箱程序内自定义的运行环境参数与所述智能终端输入事件的处理有关,可以是个别的类的成员变量,也可以对整个类进行再次定义;所述运行环境参数也不限于某个类、方法或服务,可以是多个类、方法或服务的集合,以实现所述应用程序所需的运行环境
-运行模块12
所述运行模块12与所述预设模块11连接,运行所述沙箱程序。所述运行模块12可以是开发环境下的运行指令;也可以将在应用层的用户交互操作与所述沙箱程序进行关联,当有用户交互操作(例如打开文件夹)时,运行所述沙箱程序。所述沙箱程序运行后,启动对所述输入事件的相关接口的监听,以便对输入事件的处理进行劫持,所述操作系统内原有的运行环境参数不再起作用。
-启动模块13
所述启动模块13与所述预设模块11连接,基于所述运行环境参数启动一应用程序。所述启动模块13启动所述应用程序时,通过所述预设模块11获取运行所需的运行环境参数,并不直接与操作系统交互。所述启动模块13可以设为接收用户的启动操作而启动,例如用户对应用程序图标执行触摸操作打开应用程序。除了所述沙箱程序内定义的运行环境参数,其他的运行环境参数仍按照操作系统内的配置支持所述应用程序运行。
作为所述应用程序启动装置10的进一步,所述预设模块11预设所述沙箱程序时,所述运行环境参数包括根视图类的成员变量。通过对根视图类的成员变量进行自定义,实现对各输入事件进行处理,并将输入事件的结果反映在显示界面中。
进一步地,所述应用程序启动装置10还包括:
-处理模块14
所述处理模块14与所述启动模块13及预设模块11连接,当所述应用程序接收一输入事件时,控制所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。所述启动模块13启动所述应用程序后,所述处理模 块14对所述应用程序是否接收输入事件进行监听,当有输入事件发生时,所述处理模块14根据所述沙箱程序提供的根视图类对所述输入事件进行识别,并上报给其他功能程序模块进行处理。
作为所述应用程序启动装置10的进一步改进,所述预设模块11预设所述沙箱程序时,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。所述外部输入事件及触摸输入事件具有不同的标识位,所述预设模块11预设的运行环境能够识别上述两种输入事件的标识位并对输入事件进行处理。
作为所述应用程序启动装置10的进一步改进,所述预设模块11于所述智能终端操作系统的应用层预设所述沙箱程序。所述沙箱程序工作于所述操作系统的应用层,其涉及的运行环境参数也主要为应用层的类或方法,工作时从所述操作系统框架层获取事件,无需对框架层本身进行修改。
参阅图3,为符合本发明一优选实施例中所述计算机可读存储介质中计算机程序的流程示意图,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现以下步骤:
S105:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
S106:运行所述沙箱程序;
S107:基于所述运行环境参数启动一应用程序。
作为所述计算机程序的进一步改进,步骤S105中,所述运行环境参数包括根视图类的成员变量。
进一步地,步骤S107之后,所述应用程序启动方法还包括:
S108:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
作为所述计算机程序的进一步改进,步骤S105中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
作为所述计算机程序的进一步改进,步骤S105中,于所述智能终端操作系统的应用层预设所述沙箱程序。
上述计算机程序的方法步骤与本发明中的应用程序启动方法的实现方式一致,不再赘述。
应当注意的是,本发明的实施例有较佳的实施性,且并非对本发明作任何形式的限 制,任何熟悉该领域的技术人员可能利用上述揭示的技术内容变更或修饰为等同的有效实施例,但凡未脱离本发明技术方案的内容,依据本发明的技术实质对以上实施例所作的任何修改或等同变化及修饰,均仍属于本发明技术方案的范围内。

Claims (15)

  1. 一种应用程序启动方法,其特征在于,包括以下步骤:
    S101:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
    S102:运行所述沙箱程序;
    S103:基于所述运行环境参数启动一应用程序。
  2. 如权利要求1所述的应用程序启动方法,其特征在于,
    步骤S101中,所述运行环境参数包括根视图类的成员变量。
  3. 如权利要求2所述的应用程序启动方法,其特征在于,
    步骤S103之后,所述应用程序启动方法还包括:
    S104:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
  4. 如权利要求1-3任一项所述的应用程序启动方法,其特征在于,
    步骤S101中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
  5. 如权利要求1-3任一项所述的应用程序启动方法,其特征在于,
    步骤S101中,于所述智能终端操作系统的应用层预设所述沙箱程序。
  6. 一种应用程序启动装置,其特征在于,包括:
    预设模块,于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
    运行模块,与所述预设模块连接,运行所述沙箱程序;
    启动模块,与所述预设模块连接,基于所述运行环境参数启动一应用程序
  7. 如权利要求6所述的应用程序启动装置,其特征在于,
    所述预设模块预设所述沙箱程序时,所述运行环境参数包括根视图类的成员变量。
  8. 如权利要求7所述的应用程序启动装置,其特征在于,
    所述应用程序启动装置还包括:
    处理模块,与所述启动模块及预设模块连接,当所述应用程序接收一输入事件时,控制所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
  9. 如权利要求6-8任一项所述的应用程序启动装置,其特征在于,
    所述预设模块预设所述沙箱程序时,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
  10. 如权利要求6-8任一项所述的应用程序启动装置,其特征在于,
    所述预设模块于所述智能终端操作系统的应用层预设所述沙箱程序。
  11. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现以下步骤:
    S105:于一智能终端内预设至少一个沙箱程序,所述沙箱程序内自定义一组用于处理输入事件的运行环境参数;
    S106:运行所述沙箱程序;
    S107:基于所述运行环境参数启动一应用程序。
  12. 如权利要求11所述的计算机可读存储介质,其特征在于,
    步骤S105中,所述运行环境参数包括根视图类的成员变量。
  13. 如权利要求12所述的计算机可读存储介质,其特征在于,
    步骤S107之后,所述应用程序启动方法还包括:
    S108:当所述应用程序接收一输入事件时,所述运行环境参数内的根视图类代替所述智能终端操作系统中的根视图类对所述输入事件进行识别并上报。
  14. 如权利要求11-13任一项所述的计算机可读存储介质,其特征在于,
    步骤S105中,所述输入事件包括与所述智能终端连接的外部输入设备对应的外部输入事件及智能终端触摸屏对应的触摸输入事件。
  15. 如权利要求11-13任一项所述的计算机可读存储介质,其特征在于,
    步骤S105中,于所述智能终端操作系统的应用层预设所述沙箱程序。
PCT/CN2018/111755 2017-11-24 2018-10-24 一种应用程序启动方法、启动装置及计算机可读存储介质 WO2019100897A1 (zh)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP2020528472A JP2021504826A (ja) 2017-11-24 2018-10-24 アプリケーションプログラムの起動方法、起動装置およびコンピュータ読み取り可能な記憶媒体
KR1020207014912A KR20200090784A (ko) 2017-11-24 2018-10-24 응용 프로그램 시작 방법, 시작 장치 및 컴퓨터 판독가능 저장 매체
EP18882067.4A EP3699756A4 (en) 2017-11-24 2018-10-24 APPLICATION PROGRAM LAUNCH PROCEDURE AND LAUNCH DEVICE AND COMPUTER READABLE STORAGE MEDIUM
US16/882,432 US20200342093A1 (en) 2017-11-24 2020-05-22 Application program starting method and apparatus and computer readable storage medium

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201711190478.5A CN107832105B (zh) 2017-11-24 2017-11-24 一种应用程序启动方法、启动装置及计算机可读存储介质
CN201711190478.5 2017-11-24

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/882,432 Continuation US20200342093A1 (en) 2017-11-24 2020-05-22 Application program starting method and apparatus and computer readable storage medium

Publications (1)

Publication Number Publication Date
WO2019100897A1 true WO2019100897A1 (zh) 2019-05-31

Family

ID=61653479

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/111755 WO2019100897A1 (zh) 2017-11-24 2018-10-24 一种应用程序启动方法、启动装置及计算机可读存储介质

Country Status (6)

Country Link
US (1) US20200342093A1 (zh)
EP (1) EP3699756A4 (zh)
JP (1) JP2021504826A (zh)
KR (1) KR20200090784A (zh)
CN (1) CN107832105B (zh)
WO (1) WO2019100897A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113672907A (zh) * 2021-07-29 2021-11-19 济南浪潮数据技术有限公司 基于JVM沙箱与黑白名单的Java安全防范方法、装置及介质

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107832105B (zh) * 2017-11-24 2022-02-15 南昌黑鲨科技有限公司 一种应用程序启动方法、启动装置及计算机可读存储介质
CN110543789B (zh) 2018-05-29 2023-05-16 腾讯科技(深圳)有限公司 手柄与第三方应用程序进行适配的方法、装置及存储介质
CN109101815B (zh) * 2018-07-27 2023-04-07 平安科技(深圳)有限公司 一种恶意软件检测方法及相关设备
CN109344606A (zh) * 2018-08-15 2019-02-15 北京奇虎科技有限公司 运行应用程序安装包的方法及装置
CN110781493B (zh) * 2019-09-30 2023-04-18 奇安信科技集团股份有限公司 一种运行应用程序的处理方法、终端及服务器
CN113297568B (zh) * 2021-06-04 2024-04-30 国网汇通金财(北京)信息科技有限公司 一种基于沙箱的数据处理方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468600B1 (en) * 2011-03-04 2013-06-18 Adobe Systems Incorporated Handling instruction received from a sandboxed thread of execution
CN105678165A (zh) * 2016-01-29 2016-06-15 博雅网信(北京)科技有限公司 一种移动端的沙盒化键盘系统及其数据传输方法
CN106201699A (zh) * 2016-07-15 2016-12-07 北京光年无限科技有限公司 在机器人操作系统中启动应用的方法及装置
CN106874731A (zh) * 2017-04-14 2017-06-20 深信服科技股份有限公司 一种基于终端的应用层多用户方法及装置
CN107832105A (zh) * 2017-11-24 2018-03-23 南昌黑鲨科技有限公司 一种应用程序启动方法、启动装置及计算机可读存储介质

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7941813B1 (en) * 2006-02-17 2011-05-10 Parallels Holdings, Ltd. System and method for using virtual machine for driver installation sandbox
US9436459B2 (en) * 2010-05-28 2016-09-06 Red Hat, Inc. Generating cross-mapping of vendor software in a cloud computing environment
CN102508675B (zh) * 2011-12-28 2015-01-07 Tcl集团股份有限公司 基于android平台鼠标移动的响应处理方法及装置
CN104008327B (zh) * 2013-02-26 2017-12-01 腾讯科技(深圳)有限公司 一种安全输入方法和系统
WO2015126133A1 (en) * 2014-02-21 2015-08-27 Samsung Electronics Co., Ltd. Method and apparatus to sandbox run-time android applications with lightweight container
CN104391707B (zh) * 2014-12-05 2018-01-30 上海斐讯数据通信技术有限公司 一种应用程序的启动方法及启动装置
EP3048552A1 (en) * 2015-01-21 2016-07-27 Samsung Electronics Co., Ltd. Apparatus and method for running multiple instances of a same application in mobile devices
CN104766007B (zh) * 2015-03-27 2017-07-21 杭州安恒信息技术有限公司 一种基于文件系统过滤驱动实现沙箱快速恢复的方法
CN105893067A (zh) * 2015-06-03 2016-08-24 福建创意嘉和软件有限公司 基于PC机实现运行Android系统应用的方法
CN106096395A (zh) * 2016-06-16 2016-11-09 北京奇虎科技有限公司 一种安卓应用的保护处理方法和装置
CN106384045B (zh) * 2016-09-12 2020-10-27 电子科技大学 基于应用程序虚拟化的安卓存储应用沙箱及通信方法
CN106874751A (zh) * 2017-01-13 2017-06-20 北京奇虎科技有限公司 在系统保护模式下的输入方法、装置和移动终端

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468600B1 (en) * 2011-03-04 2013-06-18 Adobe Systems Incorporated Handling instruction received from a sandboxed thread of execution
CN105678165A (zh) * 2016-01-29 2016-06-15 博雅网信(北京)科技有限公司 一种移动端的沙盒化键盘系统及其数据传输方法
CN106201699A (zh) * 2016-07-15 2016-12-07 北京光年无限科技有限公司 在机器人操作系统中启动应用的方法及装置
CN106874731A (zh) * 2017-04-14 2017-06-20 深信服科技股份有限公司 一种基于终端的应用层多用户方法及装置
CN107832105A (zh) * 2017-11-24 2018-03-23 南昌黑鲨科技有限公司 一种应用程序启动方法、启动装置及计算机可读存储介质

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113672907A (zh) * 2021-07-29 2021-11-19 济南浪潮数据技术有限公司 基于JVM沙箱与黑白名单的Java安全防范方法、装置及介质
CN113672907B (zh) * 2021-07-29 2023-12-22 济南浪潮数据技术有限公司 基于JVM沙箱与黑白名单的Java安全防范方法、装置及介质

Also Published As

Publication number Publication date
US20200342093A1 (en) 2020-10-29
CN107832105A (zh) 2018-03-23
KR20200090784A (ko) 2020-07-29
EP3699756A4 (en) 2021-08-04
CN107832105B (zh) 2022-02-15
EP3699756A1 (en) 2020-08-26
JP2021504826A (ja) 2021-02-15

Similar Documents

Publication Publication Date Title
WO2019100897A1 (zh) 一种应用程序启动方法、启动装置及计算机可读存储介质
US10607007B2 (en) Micro-virtual machine forensics and detection
US9110701B1 (en) Automated identification of virtual machines to process or receive untrusted data based on client policies
US9501310B2 (en) Micro-virtual machine forensics and detection
US8893222B2 (en) Security system and method for the android operating system
US9626204B1 (en) Automated provisioning of secure virtual execution environment using virtual machine templates based on source code origin
US9921860B1 (en) Isolation of applications within a virtual machine
US8972980B2 (en) Automated provisioning of secure virtual execution environment using virtual machine templates based on requested activity
US9239909B2 (en) Approaches for protecting sensitive data within a guest operating system
US8909940B2 (en) Extensible pre-boot authentication
US9148428B1 (en) Seamless management of untrusted data using virtual machines
US7516477B2 (en) Method and system for ensuring that computer programs are trustworthy
US8650578B1 (en) System and method for intercepting process creation events
EP3370449B1 (en) Method and device for configuring security indication information
US9767274B2 (en) Approaches for efficient physical to virtual disk conversion
US20090319806A1 (en) Extensible pre-boot authentication
US20090193491A1 (en) Secure element manager
KR101308859B1 (ko) 임시 관리자 권한 부여 기능을 가진 단말기 및 이를 이용한 임시 관리자 권한 부여 방법
CN107430669B (zh) 计算系统和方法
CN106557669A (zh) 一种应用程序安装过程的权限控制方法及装置
US10986137B2 (en) Clipboard hardening
CN106557687A (zh) 一种应用程序安装过程的权限控制方法及装置
CN113268450A (zh) 文件访问方法及装置、电子设备、存储介质
JP2004303242A (ja) 高信頼性コンピューティングシステムにおけるセキュリティ属性
EP1222537B1 (en) Resource access control system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18882067

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2020528472

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2018882067

Country of ref document: EP

Effective date: 20200522