WO2020228564A1 - Procédé et dispositif de service d'application - Google Patents
Procédé et dispositif de service d'application Download PDFInfo
- Publication number
- WO2020228564A1 WO2020228564A1 PCT/CN2020/088644 CN2020088644W WO2020228564A1 WO 2020228564 A1 WO2020228564 A1 WO 2020228564A1 CN 2020088644 W CN2020088644 W CN 2020088644W WO 2020228564 A1 WO2020228564 A1 WO 2020228564A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- target application
- service
- identification information
- application
- code segment
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 131
- 238000012545 processing Methods 0.000 claims abstract description 48
- 238000012549 training Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 35
- 101150053844 APP1 gene Proteins 0.000 description 13
- 101100189105 Homo sapiens PABPC4 gene Proteins 0.000 description 13
- 102100039424 Polyadenylate-binding protein 4 Human genes 0.000 description 13
- 230000005540 biological transmission Effects 0.000 description 10
- 101100055496 Arabidopsis thaliana APP2 gene Proteins 0.000 description 6
- 101100016250 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) GYL1 gene Proteins 0.000 description 6
- 102100038359 Xaa-Pro aminopeptidase 3 Human genes 0.000 description 6
- 101710081949 Xaa-Pro aminopeptidase 3 Proteins 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 3
- 238000001914 filtration Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/40—Support for services or applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Definitions
- This application provides an application service method to solve the problems of insecurity and high transmission cost in the existing application data transmission process.
- This application also relates to an application service device.
- a service decision result for the feedback data of the target application is obtained according to the feedback data of the target application and the decision model.
- the service processing unit is used for processing according to the service request of the target application if the judgment result is yes.
- Fig. 6 is a schematic diagram of an application service device according to a sixth embodiment of the application.
- the application service method of this application includes the service registration process of the target application, the feedback data processing process, and the online decision process.
- three embodiments are used to illustrate the three processes one by one.
- the initial signature information is used to ensure that the service of the target application is registered and the subsequent data processing after registration and the data security during the logout process, and also to ensure the privacy of the user when using the target application. Therefore, during the registration process Need to obtain the initial signature information of the target application.
- the initial signature information further ensures the security of the service of the target application using the system of this application.
- a service identification that requires a registered service is generated in a trusted execution environment based on the initial signature information and initial identification information.
- Passing the initial signature information and initial identification information of the target application into the trusted execution environment may be performed by first storing the initial signature information and initial identification information of the target application in a database in the trusted execution environment;
- the service ID that needs to be registered is generated, that is, the service ID that needs to be registered is generated according to the initial signature information and initial identification information in the database. For example, if the target application is APP1, register the service APP1FUNC1 in it, first obtain its initial identification information as A1, initial signature information as B1, and the service ID generated from A1 and B1 as D1, then D1 is the service ID of APP1FUNC1.
- the first step is to obtain the feedback data sample of the target application in the rich execution environment, and the feedback data sample is used to train the model to facilitate the feedback of the user using the target application data processing.
- the filtering conditions for the feedback data are obtained, the objects that meet the filtering conditions are screened in the object collection, and the objects that meet the filtering conditions are used as candidates.
- the target application may be to obtain all the services of the target application first, and then sequentially determine whether all the services of the target application have service identifiers. If it exists, it enters the second level of judgment, that is, it is judged whether the current identification information of the target application is consistent with the initial identification information when the target application is registered.
- the second level of judgment is to judge whether the current identification information of the target application is consistent with the initial identification information when the target application is registered. When it is judged that the target application meets the conditions at the first level, it enters the second level of judgment.
- the target application to be registered needs to be confirmed, that is, the target application is determined according to the current identification information.
- the target application is determined according to the current identification information.
- at least one code segment is selected from the code of the target application as the code segment of the target application.
- acquiring the code segment of the target application may be a program of randomly acquiring the target application. While obtaining a section of the target application program, you can also obtain the location of the code section. Since the technology of randomly obtaining application code segments is relatively mature, I won't go into details here.
- the initial signature information obtaining unit is specifically configured to:
- the service judgment unit is specifically configured to:
- At least one code segment is selected from the codes of the target application as the code segment of the target application.
- the service decision result for the feedback data of the target application is obtained.
- the service processing unit is specifically configured to:
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
L'invention concerne un procédé et un dispositif de service d'application. Le procédé comprend les étapes consistant à : dans un environnement d'exécution riche, déterminer si un service enregistré existe dans une application cible, si oui, obtenir une demande de service de l'application cible, obtenir les informations d'identification actuelles de l'application cible selon la demande de service, et obtenir les informations de signature actuelles de l'application cible au moyen des informations d'identification actuelles ; déterminer si les informations d'identification actuelles de l'application cible sont cohérentes avec des informations d'identification initiales de l'application cible lorsqu'elles sont enregistrées ; si les informations d'identification actuelles de l'application cible sont cohérentes avec les informations d'identification initiales de l'application cible lorsqu'elles sont enregistrées, déterminer, dans un environnement d'exécution de confiance, si les informations de signature actuelles de l'application cible sont cohérentes avec les informations de signature initiales de l'application cible lorsqu'elles sont enregistrées, et si oui, effectuer un traitement selon la demande de service de l'application cible. Par adoption du procédé de service d'application de la présente invention, la cohérence ou la non-cohérence des informations actuelles de l'application cible avec les informations initiales au moment de l'enregistrement est comparée, et la demande de service est traitée lorsque les informations actuelles et les informations initiales sont cohérentes, garantissant ainsi la sécurité d'utilisation d'un service d'application cible par un utilisateur.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910411135.XA CN111953637B (zh) | 2019-05-16 | 2019-05-16 | 一种应用服务方法与装置 |
CN201910411135.X | 2019-05-16 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020228564A1 true WO2020228564A1 (fr) | 2020-11-19 |
Family
ID=73288833
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/088644 WO2020228564A1 (fr) | 2019-05-16 | 2020-05-06 | Procédé et dispositif de service d'application |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN111953637B (fr) |
WO (1) | WO2020228564A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113296831A (zh) * | 2021-06-11 | 2021-08-24 | 恒安嘉新(北京)科技股份公司 | 应用标识的提取方法、装置、计算机设备及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104023032A (zh) * | 2014-06-23 | 2014-09-03 | 北京握奇智能科技有限公司 | 基于可信执行环境技术的应用受限卸载方法、服务器和终端 |
CN105447387A (zh) * | 2015-11-05 | 2016-03-30 | 工业和信息化部电信研究院 | 基于硬件隔离环境的可信应用检测的方法及装置 |
US20170264607A1 (en) * | 2015-03-30 | 2017-09-14 | Oleksii Surdu | Embedded trusted network security perimeter in computing systems based on ARM processors |
US20170302701A1 (en) * | 2016-04-14 | 2017-10-19 | Airwatch Llc | Integrated application scanning and mobile enterprise computing management system |
CN108664772A (zh) * | 2018-04-27 | 2018-10-16 | 北京可信华泰信息技术有限公司 | 一种保证系统安全性的方法 |
CN109150548A (zh) * | 2015-12-01 | 2019-01-04 | 神州融安科技(北京)有限公司 | 一种数字证书签名、验签方法及系统、数字证书系统 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105446713B (zh) * | 2014-08-13 | 2019-04-26 | 阿里巴巴集团控股有限公司 | 安全存储方法及设备 |
CN107544981B (zh) * | 2016-06-25 | 2021-06-01 | 华为技术有限公司 | 内容推荐方法及装置 |
EP3293656A1 (fr) * | 2016-09-13 | 2018-03-14 | Gemalto Sa | Procede de controle d'acces a une application de confiance dans un terminal |
CN108156175B (zh) * | 2018-01-22 | 2021-05-14 | 中证鹏元资信评估股份有限公司 | 云计算平台下对共享存储信息的访问方法 |
CN108399329B (zh) * | 2018-01-23 | 2022-01-21 | 晶晨半导体(上海)股份有限公司 | 一种提高可信应用程序安全的方法 |
-
2019
- 2019-05-16 CN CN201910411135.XA patent/CN111953637B/zh active Active
-
2020
- 2020-05-06 WO PCT/CN2020/088644 patent/WO2020228564A1/fr active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104023032A (zh) * | 2014-06-23 | 2014-09-03 | 北京握奇智能科技有限公司 | 基于可信执行环境技术的应用受限卸载方法、服务器和终端 |
US20170264607A1 (en) * | 2015-03-30 | 2017-09-14 | Oleksii Surdu | Embedded trusted network security perimeter in computing systems based on ARM processors |
CN105447387A (zh) * | 2015-11-05 | 2016-03-30 | 工业和信息化部电信研究院 | 基于硬件隔离环境的可信应用检测的方法及装置 |
CN109150548A (zh) * | 2015-12-01 | 2019-01-04 | 神州融安科技(北京)有限公司 | 一种数字证书签名、验签方法及系统、数字证书系统 |
US20170302701A1 (en) * | 2016-04-14 | 2017-10-19 | Airwatch Llc | Integrated application scanning and mobile enterprise computing management system |
CN108664772A (zh) * | 2018-04-27 | 2018-10-16 | 北京可信华泰信息技术有限公司 | 一种保证系统安全性的方法 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113296831A (zh) * | 2021-06-11 | 2021-08-24 | 恒安嘉新(北京)科技股份公司 | 应用标识的提取方法、装置、计算机设备及存储介质 |
CN113296831B (zh) * | 2021-06-11 | 2023-08-25 | 恒安嘉新(北京)科技股份公司 | 应用标识的提取方法、装置、计算机设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN111953637A (zh) | 2020-11-17 |
CN111953637B (zh) | 2022-08-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110414268B (zh) | 访问控制方法、装置、设备及存储介质 | |
EP3100171B1 (fr) | Authentification de client à l'aide de données de relations sociales | |
CN113574838A (zh) | 通过客户端指纹过滤互联网流量的系统和方法 | |
US10032037B1 (en) | Establishing application trust levels using taint propagation as a service | |
US10833859B2 (en) | Automating verification using secure encrypted phone verification | |
US11303642B2 (en) | Dynamic management of consent and permissioning between executed applications and programmatic interfaces | |
WO2020060644A1 (fr) | Système d'apprentissage supervisé pour calculer un risque de compromission d'identité | |
US11810129B2 (en) | Systems and methods for provisioning embedded Internet of Things Universal IDs (IoT UIDs) in Brownfield devices | |
US11429565B2 (en) | Terms of service platform using blockchain | |
CN104506487B (zh) | 云环境下隐私策略的可信执行方法 | |
WO2021098274A1 (fr) | Procédé et appareil d'évaluation du risque de fuite de données privées | |
RU2691228C2 (ru) | Отменяемая защита возможных конфиденциальных элементов данных | |
US10540637B2 (en) | Intelligent, context-based delivery of sensitive email content to mobile devices | |
US20160337133A1 (en) | Probabilistic Classifiers for Certificates | |
US20150067772A1 (en) | Apparatus, method and computer-readable storage medium for providing notification of login from new device | |
US20180218364A1 (en) | Managing distributed content using layered permissions | |
US20230205849A1 (en) | Digital and physical asset tracking and authentication via non-fungible tokens on a distributed ledger | |
Barati et al. | Privacy‐aware cloud ecosystems: Architecture and performance | |
WO2020228564A1 (fr) | Procédé et dispositif de service d'application | |
CN114567678B (zh) | 一种云安全服务的资源调用方法、装置及电子设备 | |
CN107612763B (zh) | 元数据管理方法、应用服务器、业务系统、介质及控制器 | |
CN110971606A (zh) | 一种Web应用开发中的HACCP安全体系的构建方法以及应用方法 | |
CN117195297B (zh) | 基于erp的数据安全与隐私保护系统及方法 | |
US11463481B2 (en) | System and method for certificate-less security management of interconnected hybrid resources | |
US20230101198A1 (en) | Computer-implemented systems and methods for application identification and authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20804914 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20804914 Country of ref document: EP Kind code of ref document: A1 |