WO2019128075A1 - 一种终端的应用管理方法、应用服务器及终端 - Google Patents
一种终端的应用管理方法、应用服务器及终端 Download PDFInfo
- Publication number
- WO2019128075A1 WO2019128075A1 PCT/CN2018/088367 CN2018088367W WO2019128075A1 WO 2019128075 A1 WO2019128075 A1 WO 2019128075A1 CN 2018088367 W CN2018088367 W CN 2018088367W WO 2019128075 A1 WO2019128075 A1 WO 2019128075A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- verification message
- terminal
- message
- installation package
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/388—Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/202—Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
- G06Q20/3263—Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Definitions
- the embodiments of the present invention relate to the field of application management technologies, and in particular, to an application management method, an application server, and a terminal of a terminal.
- the point of sale (Point Of Sale, POS for short) is mostly based on Android system.
- Each manufacturer customizes the smart POS based on the Android system, including system security, operating system application management, application store, payment, and sweep. Code and other functions, so smart POS is a relatively closed system, the applications installed on it need to be strictly controlled.
- the application background needs to re-sign and package the application submitted by the application developer, and then send the application to the smart POS.
- the smart POS uses the certificate to verify the signature of the application. After the verification is passed, the application is installed. If the verification fails, the application package is not sent by the trusted background. The application is not installed.
- the method of verifying the application by using a certificate adds work for managing the certificate to the POS.
- all corresponding POSs also need to update the certificate, which is cumbersome and affects the performance of the POS.
- An embodiment of the present invention provides an application management method, an application server, and a terminal for a terminal, which are used to verify the security of an application by using a certificate verification method, resulting in an increase in POS work and a decrease in efficiency.
- an embodiment of the present invention provides an application management method for a terminal, including:
- the application server receives an application download request sent by the terminal
- the application server compares the first verification message with the saved second verification message, and the second verification message is generated by the application server according to the content of the application installation package that is approved for review;
- the verification message carries an application identifier corresponding to the application installation package
- the application server compares the first verification message with the saved second verification message, including:
- it also includes:
- the application server compares the verification message in the verification message list with the saved verification message
- the application server determines an abnormal application on the terminal according to the inconsistent verification message
- the application server sends a reminder message corresponding to the abnormal application to the terminal.
- an embodiment of the present invention provides an application management method for a terminal, including:
- the terminal sends an application download request to the application server
- the terminal receives the application installation package sent by the application server, and generates a first verification message according to the content of the received application installation package; the application installation package sent by the application server is approved by the application;
- the terminal Sending, by the terminal, the first verification message to the application service, so that the application server compares the first verification message with a saved second verification message, where the second verification message is used by the application
- the server generates the content according to the application installation package passed by the audit
- the terminal receives the permission to install the message sent by the application server, the application is installed according to the received application installation package, and the permission installation message is that the application server determines the first verification message and the first Second, the verification message is sent when it is consistent.
- the verification message carries an application identifier corresponding to the application installation package
- the terminal generates a verification message list according to the content of the installed application installation package
- the terminal When receiving the alert message corresponding to the abnormal application sent by the application server, the terminal determines an abnormal application according to the alert message, where the abnormal application is a verification message that is determined by the application server in determining the verification message list.
- the saved verification messages are inconsistent, they are determined according to the inconsistent verification message.
- an application server including:
- a first receiving module configured to receive an application download request sent by the terminal
- a first sending module configured to send an application installation package corresponding to the application download request to the terminal; the application installation package is approved by the application;
- a first processing module configured to compare the first verification message with the saved second verification message, where the second verification message is generated by the first processing module according to the content of the application installation package that is approved for review; And when the first verification message is consistent with the second verification message, sending an installation permission message to the terminal, so that the terminal installs an application according to the received application installation package.
- the verification message carries an application identifier corresponding to the application installation package
- the first processing module is specifically configured to: determine, according to the application identifier carried in the first verification message, a second verification message corresponding to the application identifier from the saved verification message; and the first verification message and the location The second verification message corresponding to the application identifier is compared.
- the first receiving module is further configured to: receive a verification message list sent by the terminal, where the verification message list is generated by the terminal according to content of the installed application installation package;
- the first processing module is further configured to: compare the verification message in the verification message list with the saved verification message; and determine that the verification message in the verification message list is inconsistent with the saved verification message, according to the inconsistency
- the verification message determines an abnormal application on the terminal
- the first sending module is further configured to: send a reminder message corresponding to the abnormal application to the terminal.
- an embodiment of the present invention provides a terminal, including:
- a second sending module configured to send an application download request to the application server
- a second receiving module configured to receive an application installation package sent by the application server, and generate a first verification message according to the content of the received application installation package; the application installation package sent by the application server is approved by the application;
- the second sending module is configured to send the first verification message to the application service, so that the application server compares the first verification message with the saved second verification message, where the second The verification message is generated by the application server according to the content of the application installation package that is approved for review;
- a second processing module configured to install an application according to the received application installation package when receiving the permission installation message sent by the application server, where the permission installation message is that the application server determines the first verification message Sent when the second verification message is consistent.
- the verification message carries an application identifier corresponding to the application installation package
- the second sending module is configured to send a first verification message that carries the application identifier corresponding to the application installation package to the application server, so that the application server carries the application identifier that is carried according to the first verification message. Determining, by the saved verification message, a second verification message corresponding to the application identifier.
- the second processing module is further configured to: generate a verification message list according to the content of the installed application installation package;
- the second sending module is further configured to: send the verification message list to the application server, so that the application server compares the verification message in the verification message list with the saved verification message;
- the second processing module is further configured to: when receiving the alert message corresponding to the abnormal application sent by the application server, determine an abnormal application according to the alert message, where the abnormal application is that the application server determines the verification When the verification message in the message list is inconsistent with the saved verification message, it is determined according to the inconsistent verification message.
- an embodiment of the present invention provides an apparatus for managing a function icon of a terminal application, including:
- At least one processor and,
- the memory stores instructions executable by the at least one processor, the instructions being executed by the at least one processor to enable the at least one processor to perform an application management method of the terminal in the first aspect above .
- an embodiment of the present invention provides an apparatus for managing a function icon of a terminal application, including:
- At least one processor and,
- the memory stores instructions executable by the at least one processor, the instructions being executed by the at least one processor to enable the at least one processor to perform an application management method of the terminal in the second aspect above .
- a memory for storing program instructions
- a processor configured to invoke a program instruction stored in the memory, and execute the method according to any one of the first aspect or the second aspect, according to the obtained program.
- an embodiment of the present invention provides a computer readable storage medium storing computer executable instructions for causing a computer to perform the first aspect or the foregoing The method of any of the two aspects.
- an embodiment of the present invention provides an application management method, an application server, and a terminal of a terminal, including: an application server receiving an application download request sent by a terminal; and the application server sending an application installation package corresponding to the application download request to The application installation package is approved by the terminal; the application server receives the first verification message sent by the terminal, and the first verification message is generated by the terminal according to the content of the received application installation package; The application server compares the first verification message with the saved second verification message, and the second verification message is generated by the application server according to the content of the application installation package that is approved for review; the application server determines the When the first verification message is consistent with the second verification message, the installation permission message is sent to the terminal, so that the terminal installs the application according to the received application installation package.
- a second verification message is generated according to the content of the application installation package.
- the terminal After receiving the application installation package, the terminal generates a first verification message according to the content of the received application installation package, and sends the first verification message to the application server, and then the application server determines, according to the first verification message and the second verification message, the terminal receives the The validity of the application package is verified, and the validity of the application installation package is verified by the terminal by verifying the signature, thereby reducing the work of the terminal management certificate and improving the efficiency of application installation.
- the application verification method needs to be upgraded, only the application server needs to be upgraded and replaced, and the terminal is not required to be upgraded and replaced, thereby improving the timeliness of the application verification upgrade.
- FIG. 1 is a schematic structural diagram of a system according to an embodiment of the present invention
- FIG. 2 is a schematic flowchart of a method for managing an application of a terminal according to an embodiment of the present invention
- FIG. 3 is a schematic flowchart of another application management method of a terminal according to an embodiment of the present invention.
- FIG. 4 is a schematic flowchart of a method for managing an installed application of a terminal according to an embodiment of the present invention
- FIG. 5 is a schematic structural diagram of an application server according to an embodiment of the present disclosure.
- FIG. 6 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure.
- FIG. 7 is a schematic structural diagram of an application server according to an embodiment of the present disclosure.
- FIG. 8 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
- FIG. 1 is a schematic diagram showing a system architecture applicable to an embodiment of the present invention.
- a system architecture applicable to an embodiment of the present invention includes a terminal 101, an application server 102, and an application development server 103, and a terminal 101 and an application.
- the server 102 is wirelessly connected, and the application server 102 is wirelessly connected to the application development server 103.
- the terminal 101 includes, but is not limited to, a POS, a mobile phone, a personal computer (PC), a portable computer, and a personal digital assistant (PDA).
- the application development server 103 develops an application that meets the security requirements of the application server 102, the application installation package is transmitted to the application server 102.
- the application server 102 performs a security audit on the received application installation package, and after determining that the application installation package is approved, generates a verification message according to the content of the application installation package and saves it. It should be noted that the application server can receive the application installation package sent by one or more application development services and review the security of the application installation package.
- an embodiment of the present invention provides a method for managing an application of a terminal, including the following steps:
- step S201 the terminal sends an application download request to the application server.
- Step S202 The application server sends an application installation package corresponding to the application download request to the terminal.
- Step S203 The terminal receives an application installation package sent by the application server, and generates a first verification message according to the content of the received application installation package.
- Step S204 The terminal sends the first verification message to the application server.
- Step S205 the application server compares the first verification message with the saved second verification message.
- Step S206 The application server sends an permission to install the message to the terminal when determining that the first verification message is consistent with the second verification message.
- Step S207 When receiving the permission installation message sent by the application server, the terminal installs the application according to the received application installation package.
- the application installation package sent by the application server to the terminal is an application installation package sent by the application development server to the application server and approved by the application server.
- the application server generates a corresponding verification message according to the content of the application installation package and saves the verification message.
- the verification message is uniquely determined according to the content of the application installation package. Different application installation packages correspond to different verification messages, and the verification message also changes when the content of the same application installation package is changed.
- the verification message may be a message digest (hash value), or may be a part of content randomly selected in the application installation package, or may be other parameters that uniquely represent the content of the application installation package.
- the first verification message may carry an application identifier corresponding to the application installation package.
- the application identifier is used to identify the application category, the name, and the like, so that the application server can determine the application corresponding to the first verification message after receiving the first verification message carrying the application identifier.
- the terminal when receiving the application installation package corresponding to the scan code application, the terminal generates a message digest according to the content of the installation package of the scan code application, and then sends the message digest and the application identifier of the scan code application to the application server. After receiving the message digest and the application identifier, the application server determines that the message digest is a message digest corresponding to the scan code application.
- the second verification message is generated by the application server according to the content of the application installation package passed for review.
- the first verification message corresponds to an application installation package received by the terminal
- the second verification corresponds to an application installation package sent by the application server.
- the first verification message and the second verification may or may not be consistent.
- the application installation package is sent from the application server to the terminal and the terminal does not tamper with the content of the application installation package before receiving the application installation package to the installation application
- the first verification message and the application generated by the terminal according to the content of the application installation package are used.
- the second verification message generated by the server according to the content of the application installation package is consistent.
- the terminal When the application installation package is sent from the application server to the terminal and the terminal tampering with the application installation package content before receiving the application installation package to the installation application, the terminal generates the first verification message and the application server according to the content of the application installation package.
- the second verification message generated by the content of the application installation package will be inconsistent.
- the application server can save the verification message according to the application identifier carried in the first verification message. Determining a second verification message corresponding to the application identifier, and then comparing the first verification message with a second verification message corresponding to the application identifier. When it is determined that the first verification message is consistent with the second verification message, the installation permission message is sent to the terminal, and when it is determined that the first verification message is inconsistent with the second verification message, the prohibition installation message is sent to the terminal.
- the application server cannot directly determine the second verification message corresponding to the first verification message from the saved verification message.
- the application server needs to compare the first verification message with all saved verification messages. When there is a verification message consistent with the first verification message in the saved verification message, then the verification message is a second verification message, and then the permission to install the message is sent to the terminal. When it is determined that the saved verification message is inconsistent with the first verification message, the prohibition installation message is sent to the terminal.
- step S207 when receiving the permission installation message sent by the application server, the terminal installs the application according to the received application installation package.
- the terminal receives the prohibition installation message sent by the application server, the terminal deletes the application installation package.
- a second verification message is generated according to the content of the application installation package.
- the terminal After receiving the application installation package, the terminal generates a first verification message according to the content of the received application installation package, and sends the first verification message to the application server, and then the application server determines, according to the first verification message and the second verification message, the terminal receives the The validity of the application package is verified, and the validity of the application installation package is verified by the terminal by verifying the signature, thereby reducing the work of the terminal management certificate and improving the efficiency of application installation.
- the application verification method needs to be upgraded, only the application server needs to be upgraded and replaced, and the terminal is not required to be upgraded and replaced, thereby improving the timeliness of the application verification upgrade.
- the terminal not only obtains the application installation package from the application server, but the terminal may also obtain the application installation package from a third-party server other than the application server, and the specific process is as shown in FIG. 3:
- Step S301 the terminal sends an application download request to a third-party server.
- Step S302 The third-party server sends the application installation package corresponding to the application download request to the terminal.
- Step S303 the terminal receives the application installation package sent by the third-party server, and generates a first verification message according to the content of the received application installation package.
- Step S304 the terminal sends the first verification message to the application server.
- Step S305 the application server compares the first verification message with the saved third verification message.
- Step S306 the application server sends an permission to install the message to the terminal when determining that the first verification message is consistent with the third verification message.
- Step S307 When receiving the permission installation message sent by the application server, the terminal installs the application according to the received application installation package.
- the third verification message is generated by the application server according to the content of the application installation package sent by the third-party server and approved.
- the third-party server sends the application installation package to the application server, and the application server performs security audit on the application installation package.
- a third verification message is generated according to the content of the application installation package, and the third verification message is saved. If the third-party server does not send the application installation package to the application server for security audit, the third verification message corresponding to the application installation package will not be saved in the application server.
- the terminal can implement the application download on the third-party server, which provides multiple ways for the terminal to download the application, which facilitates the terminal to download the application.
- the embodiment of the present invention provides a management method for the installed application of the terminal, as shown in FIG. 4, which specifically includes the following steps:
- Step S401 the terminal generates a verification message list according to the content of the installed application installation package.
- Step S402 the terminal sends the verification message list to the application server.
- Step S403 the application server compares the verification message in the verification message list with the saved verification message.
- Step S404 The application server determines an abnormal application on the terminal according to the inconsistent verification message when determining that the verification message in the verification message list is inconsistent with the saved verification message.
- Step S405 the application server sends a reminder message corresponding to the abnormal application to the terminal.
- the terminal may generate a list of verification messages, such as one week, one month, or one quarter, at every set time period.
- the verification message list includes verification messages corresponding to all applications currently installed by the terminal.
- Each verification message in the verification message list may carry a corresponding application identifier.
- the terminal has five applications installed.
- the application identifiers of the five applications are App1, App2, App3, App4, and App5.
- a verification message is generated according to the content of the application installation package of the application.
- the verification message is set to a hash value, and the verification information corresponding to the five applications is Hash1, Hash2, Hash3, Hash4, and Hash5.
- the list of verification messages of the terminal is determined as shown in Table 1:
- step S403 and step S404 the application server determines the verification message corresponding to the verification message list from the saved verification message according to the application identifier in the verification message list, and then verifies the verification message in the verification message list with the corresponding saved verification in the application server.
- the message is compared one by one.
- the abnormal application on the terminal is determined according to the inconsistent verification message.
- the message that the installed application is normal is sent to the terminal.
- the verification message corresponding to the verification message list determined by the application server from the saved verification message is as shown in Table 2:
- step S405 after determining the abnormal application on the terminal, the application server may send a reminder message corresponding to the abnormal application to the terminal, and the terminal further processes the abnormal application according to the reminder message. It is also possible to send an exception application uninstall command or stop the run command to the terminal, so that the terminal uninstalls the abnormal application or stops running the abnormal application.
- the terminal Since the terminal periodically generates a verification message list according to the content of the installed application installation package, and sends the verification message list to the application server, the application server compares the verification message in the verification message list with the saved verification message to determine an abnormality on the terminal.
- the application implements periodic auditing of installed applications on the terminal to ensure the security of the application on the terminal.
- FIG. 5 exemplarily shows the structure of an application server provided by an embodiment of the present invention, which can execute the flow of the application management method of the terminal.
- the first receiving module 501 is configured to receive an application download request sent by the terminal;
- the first sending module 502 is configured to send an application installation package corresponding to the application download request to the terminal; the application installation package is approved by the application;
- the first receiving module 501 is configured to receive a first verification message sent by the terminal, where the first verification message is generated by the terminal according to the content of the received application installation package;
- the first processing module 503 is configured to compare the first verification message with the saved second verification message, where the second verification message is generated by the first processing module 503 according to the content of the application installation package that is approved for review; When it is determined that the first verification message is consistent with the second verification message, an installation permission message is sent to the terminal, so that the terminal installs an application according to the received application installation package.
- the verification message carries an application identifier corresponding to the application installation package
- the first processing module 503 is specifically configured to: determine, according to the application identifier carried in the first verification message, a second verification message corresponding to the application identifier from the saved verification message; and the first verification message The second verification message corresponding to the application identifier is compared.
- the first receiving module 501 is further configured to: receive a verification message list sent by the terminal, where the verification message list is generated by the terminal according to content of the installed application installation package;
- the first processing module 503 is further configured to: compare the verification message in the verification message list with the saved verification message; and determine that the verification message in the verification message list is inconsistent with the saved verification message, according to the inconsistency The verification message determines an abnormal application on the terminal;
- the first sending module 502 is further configured to: send a reminder message corresponding to the abnormal application to the terminal.
- FIG. 6 exemplarily shows a structure of a terminal provided by an embodiment of the present invention, and the terminal can execute a flow of an application management method of the terminal.
- the second sending module 601 is configured to send an application download request to the application server.
- the second receiving module 602 is configured to receive an application installation package sent by the application server, and generate a first verification message according to the content of the received application installation package; the application installation package sent by the application server is approved by the application;
- the second sending module 601 is configured to send the first verification message to the application service, so that the application server compares the first verification message with the saved second verification message, where the The second verification message is generated by the application server according to the content of the application installation package that is approved for review;
- the second processing module 603 is configured to: when receiving the permission to install message sent by the application server, install an application according to the received application installation package, where the permission to install message is determined by the application server to determine the first verification Sent when the message and the second verification message are consistent.
- the verification message carries an application identifier corresponding to the application installation package
- the second sending module 601 is specifically configured to: send a first verification message that carries the application identifier corresponding to the application installation package to the application server, so that the application server carries the application according to the first verification message. And identifying, by using the saved verification message, a second verification message corresponding to the application identifier.
- the second processing module 603 is further configured to: generate a verification message list according to the content of the installed application installation package;
- the second sending module 601 is further configured to: send the verification message list to the application server, so that the application server compares the verification message in the verification message list with the saved verification message;
- the second processing module 603 is further configured to: when receiving the alert message corresponding to the abnormal application sent by the application server, determine an abnormal application according to the alert message, where the abnormal application is that the application server determines the When the verification message in the verification message list is inconsistent with the saved verification message, it is determined according to the inconsistent verification message.
- an embodiment of the present invention provides an application management method, an application server, and a terminal of a terminal, including: an application server receiving an application download request sent by a terminal; and the application server sending an application installation package corresponding to the application download request to The application installation package is approved by the terminal; the application server receives the first verification message sent by the terminal, and the first verification message is generated by the terminal according to the content of the received application installation package; The application server compares the first verification message with the saved second verification message, and the second verification message is generated by the application server according to the content of the application installation package that is approved for review; the application server determines the When the first verification message is consistent with the second verification message, the installation permission message is sent to the terminal, so that the terminal installs the application according to the received application installation package.
- a second verification message is generated according to the content of the application installation package.
- the terminal After receiving the application installation package, the terminal generates a first verification message according to the content of the received application installation package, and sends the first verification message to the application server, and then the application server determines, according to the first verification message and the second verification message, the terminal receives the The validity of the application package is verified, and the validity of the application installation package is verified by the terminal by verifying the signature, thereby reducing the work of the terminal management certificate and improving the efficiency of application installation.
- the application verification method needs to be upgraded, only the application server needs to be upgraded and replaced, and the terminal is not required to be upgraded and replaced, thereby improving the timeliness of the application verification upgrade.
- an embodiment of the present invention provides an application server. At least one processor; and a memory communicatively coupled to the at least one processor; the memory storing instructions executable by the at least one processor, the instructions being executed by the at least one processor such that The at least one processor is capable of executing the application management method of the terminal in the above embodiment.
- FIG. 7 is a structure of an application server according to an embodiment of the present invention, where the application server 700 includes: a transceiver 701, a processor 702, a memory 703, and a bus system 704;
- the memory 703 is used to store a program.
- the program can include program code, the program code including computer operating instructions.
- the memory 703 may be a random access memory (RAM) or a non-volatile memory such as at least one disk storage. Only one memory is shown in the figure, of course, the memory can also be set to a plurality as needed. Memory 703 can also be a memory in processor 702.
- the memory 703 stores the following elements, executable modules or data structures, or a subset thereof, or an extended set thereof:
- Operation instructions include various operation instructions for implementing various operations.
- Operating system Includes a variety of system programs for implementing various basic services and handling hardware-based tasks.
- the application management method of the terminal in the foregoing embodiment of the present invention may be applied to the processor 702 or implemented by the processor 702.
- Processor 702 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the application management method of the foregoing terminal may be completed by an integrated logic circuit of hardware in the processor 702 or an instruction in a form of software.
- the processor 702 described above may be a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or discrete hardware. Component.
- DSP digital signal processor
- ASIC application specific integrated circuit
- FPGA field programmable gate array
- the methods, steps, and logical block diagrams disclosed in the embodiments of the present application can be implemented or executed.
- the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
- the steps of the method disclosed in the embodiments of the present invention may be directly implemented by the hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor.
- the software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
- the storage medium is located in the memory 703, and the processor 702 reads the information in the memory 703 and performs the following steps in conjunction with its hardware:
- the transceiver 701 is configured to receive an application download request sent by the terminal, and send an application installation package corresponding to the application download request to the terminal; the application installation package is approved by the terminal; and receiving the first verification sent by the terminal a message, where the first verification message is generated by the terminal according to the content of the received application installation package;
- the processor 702 is configured to compare the first verification message with the saved second verification message, where the second verification message is generated according to the content of the application installation package that is approved for review; and determining the first verification message and When the second verification message is consistent, the installation permission message is sent to the terminal, so that the terminal installs the application according to the received application installation package.
- the verification message carries an application identifier corresponding to the application installation package
- the processor 702 Determining, by the processor 702, the second verification message corresponding to the application identifier from the saved verification message according to the application identifier carried in the first verification message; and corresponding to the application identifier by the first verification message The second verification message is compared.
- the transceiver 701 receives a list of verification messages sent by the terminal, where the verification message list is generated by the terminal according to content of the installed application installation package;
- the processor 702 compares the verification message in the verification message list with the saved verification message; when determining that the verification message in the verification message list is inconsistent with the saved verification message, determining, according to the inconsistent verification message, Anomalous application on the terminal;
- the transceiver 701 sends a reminder message corresponding to the abnormal application to the terminal.
- an embodiment of the present invention provides a terminal. At least one processor; and a memory communicatively coupled to the at least one processor; the memory storing instructions executable by the at least one processor, the instructions being executed by the at least one processor such that The at least one processor is capable of executing the application management method of the terminal in the above embodiment.
- the terminal 800 includes: a transceiver 801, a processor 802, a memory 803, and a bus system 804;
- the memory 803 is used to store a program.
- the program can include program code, the program code including computer operating instructions.
- the memory 803 may be a random access memory (RAM) or a non-volatile memory, such as at least one disk storage. Only one memory is shown in the figure, of course, the memory can also be set to a plurality as needed. Memory 803 can also be a memory in processor 802.
- the memory 803 stores the following elements, executable modules or data structures, or a subset thereof, or an extended set thereof:
- Operation instructions include various operation instructions for implementing various operations.
- Operating system Includes a variety of system programs for implementing various basic services and handling hardware-based tasks.
- the application management method of the terminal in the foregoing embodiment of the present invention may be applied to the processor 802 or implemented by the processor 802.
- Processor 802 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the application management method of the foregoing terminal may be completed by an integrated logic circuit of hardware in the processor 802 or an instruction in a form of software.
- the processor 802 described above may be a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or discrete hardware. Component.
- DSP digital signal processor
- ASIC application specific integrated circuit
- FPGA field programmable gate array
- the methods, steps, and logical block diagrams disclosed in the embodiments of the present application can be implemented or executed.
- the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
- the steps of the method disclosed in the embodiments of the present invention may be directly implemented by the hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor.
- the software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
- the storage medium is located in the memory 803, and the processor 802 reads the information in the memory 803 and performs the following steps in conjunction with its hardware:
- the transceiver 801 is configured to send an application download request to the application server, receive an application installation package sent by the application server, and generate a first verification message according to the content of the received application installation package;
- the application installation package sent by the application server is an audit Passing the first verification message to the application service, so that the application server compares the first verification message with the saved second verification message, the second verification message being used by the application
- the server generates the content according to the application installation package passed by the audit;
- the processor 802 is configured to: when receiving the permission to install message sent by the application server, install an application according to the received application installation package, where the permission to install message is determined by the application server to determine the first verification message and The second verification message is sent when it is consistent.
- the verification message carries an application identifier corresponding to the application installation package
- the transceiver 801 sends a first verification message carrying the application identifier corresponding to the application installation package to the application server, so that the application server saves the verification message according to the application identifier carried by the first verification message. Determining, in the second verification message corresponding to the application identifier.
- the processor 802 generates a verification message list according to the content of the installed application installation package
- the transceiver 801 sends the verification message list to the application server, so that the application server compares the verification message in the verification message list with the saved verification message;
- the processor 802 determines an abnormal application according to the alert message, where the abnormal application is the verification of the application server in determining the verification message list.
- the message is inconsistent with the saved verification message, it is determined according to the inconsistent verification message.
- the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .
- the embodiment of the present invention provides a computing device, which may be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (PDA), or the like.
- the computing device may include a central processing unit (CPU), a memory, an input/output device, etc.
- the input device may include a keyboard, a mouse, a touch screen, etc.
- the output device may include a display device such as a liquid crystal display (Liquid Crystal Display, LCD), cathode ray tube (CRT), etc.
- LCD liquid crystal display
- CRT cathode ray tube
- the memory may include read only memory (ROM) and random access memory (RAM) and provide program instructions and data stored in the memory to the processor.
- the memory may be used to store program instructions of the application management method of the terminal;
- a processor configured to invoke a program instruction stored in the memory, and execute an application management method of the terminal according to the obtained program.
- Embodiments of the present invention provide a computer readable storage medium storing computer executable instructions for causing the computer to execute an application management method of a terminal.
- embodiments of the present invention can be provided as a method, or a computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
- a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
- the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
- the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
- the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Computer Hardware Design (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Stored Programmes (AREA)
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
应用标识 | 验证信息 |
App1 | Hash1 |
App2 | Hash2 |
App3 | Hash3 |
App4 | Hash4 |
App5 | Hash5 |
应用标识 | 验证信息 |
App1 | Hash1 |
App2 | Hash6 |
App3 | Hash3 |
App4 | Hash4 |
App5 | Hash5 |
Claims (16)
- 一种终端的应用管理方法,其特征在于,包括:应用服务器接收终端发送的应用下载请求;所述应用服务器将所述应用下载请求对应的应用安装包发送至所述终端;所述应用安装包为审核通过的;所述应用服务器接收所述终端发送的第一验证消息,所述第一验证消息由所述终端根据接收的应用安装包的内容生成;所述应用服务器将所述第一验证消息与保存的第二验证消息进行比较,所述第二验证消息由所述应用服务器根据审核通过的应用安装包的内容生成;所述应用服务器在确定所述第一验证消息与所述第二验证消息一致时,发送允许安装消息至所述终端,以使所述终端根据接收的应用安装包安装应用。
- 如权利要求1所述的方法,其特征在于,所述验证消息中携带应用安装包对应的应用标识;所述应用服务器将所述第一验证消息与保存的第二验证消息进行比较,包括:所述应用服务器根据所述第一验证消息中携带的应用标识从保存的验证消息中确定出所述应用标识对应的第二验证消息;所述应用服务器将所述第一验证消息与所述应用标识对应的第二验证消息进行比较。
- 如权利要求1所述的方法,其特征在于,还包括:所述应用服务器接收所述终端发送的验证消息列表,所述验证消息列表由所述终端根据已安装的应用安装包的内容生成;所述应用服务器将所述验证消息列表中的验证消息与保存的验证消息进行比较;所述应用服务器在确定所述验证消息列表中的验证消息与保存的验证消息不一致时,根据不一致的验证消息确定所述终端上的异常应用;所述应用服务器发送所述异常应用对应的提醒消息至所述终端。
- 一种终端的应用管理方法,其特征在于,包括:终端发送应用下载请求至应用服务器;所述终端接收所述应用服务器发送的应用安装包并根据接收的应用安装包的内容生成第一验证消息;所述应用服务器发送的应用安装包为审核通过的;所述终端将所述第一验证消息发送至所述应用服务,以使所述应用服务器将所述第一验证消息与保存的第二验证消息进行比较,所述第二验证消息由所述应用服务器根据审核通过的应用安装包的内容生成;所述终端在接收到所述应用服务器发送的允许安装消息时,根据所述接收的应用安装包安装应用,所述允许安装消息为所述应用服务器在确定所述第一验证消息和所述第二验证消息一致时发送的。
- 如权利要求4所述的方法,其特征在于,所述验证消息携带了应用安装包对应的应用标识;所述终端将所述第一验证消息发送至所述应用服务,包括:所述终端将携带所述应用安装包对应的应用标识的第一验证消息发送至所述应用服务器,以使所述应用服务器根据所述第一验证消息携带的应用标识从保存的验证消息中确定所述应用标识对应的第二验证消息。
- 如权利要求4所述的方法,其特征在于,还包括:所述终端根据已安装的应用安装包的内容生成验证消息列表;所述终端将所述验证消息列表发送至所述应用服务器,以使所述应用服务器将所述验证消息列表中的验证消息与保存的验证消息进行比较;所述终端在接收到所述应用服务器发送的异常应用对应的提醒消息时,根据所述提醒消息确定异常应用,所述异常应用是所述应用服务器在确定所述验证消息列表中的验证消息与保存的验证消息不一致时,根据不一致的验 证消息确定的。
- 一种应用服务器,其特征在于,包括:第一接收模块,用于接收终端发送的应用下载请求;第一发送模块,用于将所述应用下载请求对应的应用安装包发送至所述终端;所述应用安装包为审核通过的;所述第一接收模块,用于接收所述终端发送的第一验证消息,所述第一验证消息由所述终端根据接收的应用安装包的内容生成;第一处理模块,用于将所述第一验证消息与保存的第二验证消息进行比较,所述第二验证消息由所述第一处理模块根据审核通过的应用安装包的内容生成;在确定所述第一验证消息与所述第二验证消息一致时,发送允许安装消息至所述终端,以使所述终端根据接收的应用安装包安装应用。
- 如权利要求7所述的应用服务器,其特征在于,所述验证消息中携带应用安装包对应的应用标识;所述第一处理模块具体用于:根据所述第一验证消息中携带的应用标识从保存的验证消息中确定出所述应用标识对应的第二验证消息;将所述第一验证消息与所述应用标识对应的第二验证消息进行比较。
- 如权利要求7所述的应用服务器,其特征在于,所述第一接收模块还用于:接收所述终端发送的验证消息列表,所述验证消息列表由所述终端根据已安装的应用安装包的内容生成;所述第一处理模块还用于:将所述验证消息列表中的验证消息与保存的验证消息进行比较;在确定所述验证消息列表中的验证消息与保存的验证消息不一致时,根据不一致的验证消息确定所述终端上的异常应用;所述第一发送模块还用于:发送所述异常应用对应的提醒消息至所述终端。
- 一种终端,其特征在于,包括:第二发送模块,用于发送应用下载请求至应用服务器;第二接收模块,用于接收所述应用服务器发送的应用安装包并根据接收 的应用安装包的内容生成第一验证消息;所述应用服务器发送的应用安装包为审核通过的;所述第二发送模块,用于将所述第一验证消息发送至所述应用服务,以使所述应用服务器将所述第一验证消息与保存的第二验证消息进行比较,所述第二验证消息由所述应用服务器根据审核通过的应用安装包的内容生成;第二处理模块,用于在接收到所述应用服务器发送的允许安装消息时,根据所述接收的应用安装包安装应用,所述允许安装消息为所述应用服务器在确定所述第一验证消息和所述第二验证消息一致时发送的。
- 如权利要求10所述的终端,其特征在于,所述验证消息携带了应用安装包对应的应用标识;所述第二发送模块具体用于:将携带所述应用安装包对应的应用标识的第一验证消息发送至所述应用服务器,以使所述应用服务器根据所述第一验证消息携带的应用标识从保存的验证消息中确定所述应用标识对应的第二验证消息。
- 如权利要求10所述的终端,其特征在于,所述第二处理模块还用于:根据已安装的应用安装包的内容生成验证消息列表;所述第二发送模块还用于:将所述验证消息列表发送至所述应用服务器,以使所述应用服务器将所述验证消息列表中的验证消息与保存的验证消息进行比较;所述第二处理模块还用于:在接收到所述应用服务器发送的异常应用对应的提醒消息时,根据所述提醒消息确定异常应用,所述异常应用是所述应用服务器在确定所述验证消息列表中的验证消息与保存的验证消息不一致时,根据不一致的验证消息确定的。
- 一种应用服务器,其特征在于,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所 述至少一个处理器执行,以使所述至少一个处理器能够执行权利要求1-3任一所述的方法。
- 一种终端,其特征在于,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使所述至少一个处理器能够执行权利要求4-6任一所述的方法。
- 一种计算设备,其特征在于,包括:存储器,用于存储程序指令;处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行如权利要求1至3或权利要求4至6任一项所述的方法。
- 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机可执行指令,所述计算机可执行指令用于使计算机执行如权利要求1至3或权利要求4至6任一项所述的方法。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA3056013A CA3056013C (en) | 2017-12-27 | 2018-05-25 | Application management method for terminal, application server and terminal |
EP18893709.8A EP3584732B1 (en) | 2017-12-27 | 2018-05-25 | Application management method for terminal, application server and terminal |
US16/618,312 US11449616B2 (en) | 2017-12-27 | 2018-05-25 | Application management method for terminal, application server, and terminal |
FIEP18893709.8T FI3584732T3 (fi) | 2017-12-27 | 2018-05-25 | Sovelluksen hallintamenetelmä päätelaitteelle, sovelluspalvelin ja päätelaite |
JP2020536079A JP7087085B2 (ja) | 2017-12-27 | 2018-05-25 | 端末のアプリケーション管理方法、アプリケーションサーバー及び端末 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711449381.1 | 2017-12-27 | ||
CN201711449381.1A CN108460273B (zh) | 2017-12-27 | 2017-12-27 | 一种终端的应用管理方法、应用服务器及终端 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019128075A1 true WO2019128075A1 (zh) | 2019-07-04 |
Family
ID=63220192
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/088367 WO2019128075A1 (zh) | 2017-12-27 | 2018-05-25 | 一种终端的应用管理方法、应用服务器及终端 |
Country Status (7)
Country | Link |
---|---|
US (1) | US11449616B2 (zh) |
EP (1) | EP3584732B1 (zh) |
JP (1) | JP7087085B2 (zh) |
CN (1) | CN108460273B (zh) |
CA (1) | CA3056013C (zh) |
FI (1) | FI3584732T3 (zh) |
WO (1) | WO2019128075A1 (zh) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109743176B (zh) * | 2018-12-28 | 2020-07-28 | 百富计算机技术(深圳)有限公司 | 一种pos终端的证书更新方法、服务器及pos终端 |
CN111722850B (zh) * | 2019-03-21 | 2023-04-25 | 成都鼎桥通信技术有限公司 | 多系统间应用的处理方法、装置及系统 |
CN112181448A (zh) * | 2020-10-26 | 2021-01-05 | 江苏特思达电子科技股份有限公司 | 一种应用程序远程安装方法、装置及计算机设备 |
US20230336794A1 (en) * | 2022-04-13 | 2023-10-19 | At&T Intellectual Property I, L.P. | Method and apparatus for active content distribution via a residential gateway |
CN115002730A (zh) * | 2022-06-01 | 2022-09-02 | 上海嘉车信息科技有限公司 | 应用安装方法、装置、电子设备及计算机可读存储介质 |
CN115495716B (zh) * | 2022-08-15 | 2023-10-10 | 荣耀终端有限公司 | 一种本地鉴权方法和电子设备 |
CN118260748A (zh) * | 2022-12-28 | 2024-06-28 | 华为技术有限公司 | 一种拦截方法、系统及相关装置 |
CN117335988B (zh) * | 2023-11-30 | 2024-03-12 | 中国信息通信研究院 | App的电子标识生成、标注、安全校验方法及设备 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102300065A (zh) * | 2011-08-31 | 2011-12-28 | 四川长虹电器股份有限公司 | 基于安卓平台的智能电视软件安全认证的方法 |
CN103577206A (zh) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | 一种应用软件的安装方法和装置 |
KR20150117336A (ko) * | 2014-04-09 | 2015-10-20 | 순천향대학교 산학협력단 | 안드로이드 환경에서의 애플리케이션 검증 및 설치 시스템 및 방법 |
CN105450714A (zh) * | 2014-09-19 | 2016-03-30 | 中兴通讯股份有限公司 | 一种对终端应用安装进行远程控制的方法及装置 |
Family Cites Families (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1536606A1 (fr) * | 2003-11-27 | 2005-06-01 | Nagracard S.A. | Méthode d'authentification d'applications |
WO2007033207A2 (en) | 2005-09-12 | 2007-03-22 | Bally Gaming, Inc. | Download and configuration system and method for gaming machines |
JP2009251977A (ja) | 2008-04-08 | 2009-10-29 | Nec Corp | ソフトウェアインストールシステム |
CN102024127B (zh) * | 2010-11-17 | 2012-09-19 | 中国联合网络通信集团有限公司 | 应用软件控制平台、使用者终端、分发系统及方法 |
US20130097660A1 (en) * | 2011-10-17 | 2013-04-18 | Mcafee, Inc. | System and method for whitelisting applications in a mobile network environment |
US20130232229A1 (en) * | 2012-03-02 | 2013-09-05 | Ilya Firman | Distribution of Application Files |
US8843739B2 (en) * | 2012-04-04 | 2014-09-23 | Lockheed Martin Corporation | Anti-tamper device, system, method, and computer-readable medium |
US9152784B2 (en) * | 2012-04-18 | 2015-10-06 | Mcafee, Inc. | Detection and prevention of installation of malicious mobile applications |
JP5126447B1 (ja) | 2012-08-31 | 2013-01-23 | 大日本印刷株式会社 | アプリケーションプログラムの実行方法 |
WO2013164401A1 (en) * | 2012-05-02 | 2013-11-07 | Nokia Siemens Networks Oy | Method and apparatus |
JP5955165B2 (ja) | 2012-08-31 | 2016-07-20 | 株式会社富士通エフサス | 管理装置、管理方法及び管理プログラム |
JP2014048889A (ja) | 2012-08-31 | 2014-03-17 | Toko Electric Corp | 農業効率化支援装置およびコンピュータプログラム |
KR101907529B1 (ko) * | 2012-09-25 | 2018-12-07 | 삼성전자 주식회사 | 사용자 디바이스에서 어플리케이션 관리 방법 및 장치 |
US20140096246A1 (en) * | 2012-10-01 | 2014-04-03 | Google Inc. | Protecting users from undesirable content |
CN102982258B (zh) * | 2012-11-09 | 2016-03-16 | 北京深思数盾科技有限公司 | 一种对移动应用程序进行原版校验的系统 |
KR101740256B1 (ko) * | 2012-11-26 | 2017-06-09 | 한국전자통신연구원 | 모바일 앱 무결성 보증 장치 및 방법 |
KR101523309B1 (ko) * | 2013-01-31 | 2015-06-02 | 한국인터넷진흥원 | 어플리케이션 배포 시스템 및 방법 |
US9569618B2 (en) * | 2013-08-28 | 2017-02-14 | Korea University Research And Business Foundation | Server and method for attesting application in smart device using random executable code |
JP5864510B2 (ja) | 2013-10-18 | 2016-02-17 | 富士通株式会社 | 修正プログラム確認方法、修正プログラム確認プログラム、及び情報処理装置 |
CN104683303B (zh) * | 2013-11-28 | 2018-03-30 | 天津三星电子有限公司 | App管理方法 |
CN103632089A (zh) * | 2013-12-16 | 2014-03-12 | 北京网秦天下科技有限公司 | 应用安装包的安全检测方法、装置和系统 |
KR102089513B1 (ko) * | 2014-03-19 | 2020-03-16 | 한국전자통신연구원 | 모바일 저장장치에 기반한 소프트웨어 검증 시스템 및 그 방법 |
KR20160006925A (ko) * | 2014-07-10 | 2016-01-20 | 한국전자통신연구원 | 앱 무결성 검증 장치 및 그 방법 |
US9313218B1 (en) * | 2014-07-23 | 2016-04-12 | Symantec Corporation | Systems and methods for providing information identifying the trustworthiness of applications on application distribution platforms |
CN104954353B (zh) * | 2015-02-10 | 2018-03-30 | 腾讯科技(深圳)有限公司 | Apk文件包的校验方法和装置 |
CN105354488B (zh) * | 2015-10-26 | 2018-06-15 | 宇龙计算机通信科技(深圳)有限公司 | 一种应用安装方法、相关装置及应用安装系统 |
CN105930177A (zh) * | 2015-10-30 | 2016-09-07 | 中国银联股份有限公司 | 一种应用安装方法及装置 |
CN107135672B (zh) * | 2015-11-09 | 2020-02-14 | 华为技术有限公司 | 应用安装包获取方法、信息广播方法、移动设备及基站 |
US10771478B2 (en) * | 2016-02-18 | 2020-09-08 | Comcast Cable Communications, Llc | Security monitoring at operating system kernel level |
WO2017206185A1 (zh) * | 2016-06-03 | 2017-12-07 | 华为技术有限公司 | 验证应用程序合法性的方法、装置及系统 |
US10248788B2 (en) * | 2016-06-28 | 2019-04-02 | International Business Machines Corporation | Detecting harmful applications prior to installation on a user device |
CN107169318A (zh) * | 2017-03-31 | 2017-09-15 | 咪咕数字传媒有限公司 | 一种应用程序安全保护的方法及装置 |
-
2017
- 2017-12-27 CN CN201711449381.1A patent/CN108460273B/zh active Active
-
2018
- 2018-05-25 WO PCT/CN2018/088367 patent/WO2019128075A1/zh unknown
- 2018-05-25 CA CA3056013A patent/CA3056013C/en active Active
- 2018-05-25 FI FIEP18893709.8T patent/FI3584732T3/fi active
- 2018-05-25 US US16/618,312 patent/US11449616B2/en active Active
- 2018-05-25 EP EP18893709.8A patent/EP3584732B1/en active Active
- 2018-05-25 JP JP2020536079A patent/JP7087085B2/ja active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102300065A (zh) * | 2011-08-31 | 2011-12-28 | 四川长虹电器股份有限公司 | 基于安卓平台的智能电视软件安全认证的方法 |
CN103577206A (zh) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | 一种应用软件的安装方法和装置 |
KR20150117336A (ko) * | 2014-04-09 | 2015-10-20 | 순천향대학교 산학협력단 | 안드로이드 환경에서의 애플리케이션 검증 및 설치 시스템 및 방법 |
CN105450714A (zh) * | 2014-09-19 | 2016-03-30 | 中兴通讯股份有限公司 | 一种对终端应用安装进行远程控制的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CA3056013C (en) | 2023-10-03 |
FI3584732T3 (fi) | 2023-09-15 |
CN108460273B (zh) | 2022-10-14 |
US20210157922A1 (en) | 2021-05-27 |
EP3584732B1 (en) | 2023-09-13 |
JP7087085B2 (ja) | 2022-06-20 |
JP2021508880A (ja) | 2021-03-11 |
EP3584732A4 (en) | 2020-04-29 |
CN108460273A (zh) | 2018-08-28 |
EP3584732A1 (en) | 2019-12-25 |
US11449616B2 (en) | 2022-09-20 |
CA3056013A1 (en) | 2019-07-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019128075A1 (zh) | 一种终端的应用管理方法、应用服务器及终端 | |
US20200272739A1 (en) | Performing an action based on a pre-boot measurement of a firmware image | |
EP2962241B1 (en) | Continuation of trust for platform boot firmware | |
US8938735B2 (en) | Bootstrapper and software download manager | |
US10789061B2 (en) | Processor based component firmware update method and apparatus | |
US9679130B2 (en) | Pervasive package identifiers | |
US10592661B2 (en) | Package processing | |
CN103329093A (zh) | 更新软件 | |
EP3163489B1 (en) | Token-based control of software installation and operation | |
US20140149730A1 (en) | Systems and methods for enforcing secure boot credential isolation among multiple operating systems | |
US20240220602A1 (en) | Virtual Environment Type Validation For Policy Enforcement | |
CN102298529A (zh) | 为系统提供硅集成代码 | |
US10956615B2 (en) | Securely defining operating system composition without multiple authoring | |
TW202044022A (zh) | 更新信號技術 | |
CN107077342B (zh) | 固件模块运行权限 | |
US20230078138A1 (en) | Computing systems employing measurement of boot components, such as prior to trusted platform module (tpm) availability, for enhanced boot security, and related methods | |
US10489137B1 (en) | Software verification system and methods | |
US9064118B1 (en) | Indicating whether a system has booted up from an untrusted image | |
WO2017220014A1 (zh) | 系统权限管理方法、装置及智能终端 | |
CN111158771B (zh) | 处理方法、装置及计算机设备 | |
US20210042167A1 (en) | Dynamic Package Dependency(ies) | |
CN111859403A (zh) | 依赖关系漏洞的确定方法、装置、电子设备及存储介质 | |
CN112527358B (zh) | 一种基于自我度量的可信应用可信度量方法、装置及系统 | |
JP7160202B2 (ja) | 情報処理装置、制御方法及び制御プログラム | |
US20220171852A1 (en) | Supervisor-based firmware hardening |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18893709 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 3056013 Country of ref document: CA |
|
ENP | Entry into the national phase |
Ref document number: 2018893709 Country of ref document: EP Effective date: 20190916 |
|
ENP | Entry into the national phase |
Ref document number: 2020536079 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |