WO2020248768A1 - Method and apparatus for managing application program service - Google Patents
Method and apparatus for managing application program service Download PDFInfo
- Publication number
- WO2020248768A1 WO2020248768A1 PCT/CN2020/090687 CN2020090687W WO2020248768A1 WO 2020248768 A1 WO2020248768 A1 WO 2020248768A1 CN 2020090687 W CN2020090687 W CN 2020090687W WO 2020248768 A1 WO2020248768 A1 WO 2020248768A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- token
- sub
- service
- message
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/52—Program synchronisation; Mutual exclusion, e.g. by means of semaphores
- G06F9/526—Mutual exclusion algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Definitions
- the present invention relates to the field of process control of financial technology (Fintech), in particular to a method and device for managing application program services.
- each sub-application is equal, and each sub-application can request services from the application, which may cause some sub-applications to cross their own business scope, and the request does not belong to the sub-application service department Services, which in turn affect other sub-applications.
- sub-application A belongs to department A
- sub-application A needs to modify a certain value
- the modification of the value belongs to another department B, which needs to notify department B to provide services, but department A, for convenience
- the embodiments of the present application provide a method and device for managing application services, which are used to solve the problem of great security risks and conflicts that are difficult to avoid when applications perform services in the prior art.
- an embodiment of the present application provides an application service management method, including: receiving a first message from a first sub-application of an application, the first message being used to request to obtain a service from the application Determining the first sub-permission required to invoke the service indicated by the first message according to the service indicated by the first message; the first sub-permission is a preset sub-permission in the service permission for invoking the application; If the first sub-application meets a preset condition, a first token is obtained according to the first sub-authority; the first token is a command to invoke the service authority within the first sub-authority The first sub-authority uniquely corresponds to the first token; according to the first token, within the first sub-authority, the service indicated by the first message is invoked by the application, And set the first token to a locked state.
- the first message is used to request to obtain the service from the application, and according to the service indicated by the first message, the first sub-authority required to invoke the service indicated by the first message is determined, and the first sub-right
- the permission is a sub-permission preset in the service permission for calling the application. If the first sub-application satisfies a preset condition, a first token is obtained according to the first sub-permission.
- the token is a token for invoking the service authority within the first sub-authority.
- the first message indication can be performed through the application
- the service of the application program cannot be invoked through the first token outside the first sub-authority; in addition, because the first sub-authority uniquely corresponds to the first token, and the second
- the service indicated by a message the first token has been set to the locked state, then when the service indicated by the first message is performed, other sub-applications of the application cannot simultaneously obtain the first order by sending the message Therefore, the above method greatly improves the security of the application when performing services and avoids conflicts.
- the preset condition is that the first sub-application is a sub-application in the white list of the application, and the white list of the application is used to indicate that it is authorized to be able to call all The sub-application of the service of the application.
- the preset white list indicates the sub-applications authorized to call the service of the application, and the first sub-application is the sub-application in the white list of the application.
- the first token can be obtained, thereby improving the security of application services.
- the first token is valid for a first preset time period after acquisition, if the first token is used during the process of invoking the service indicated by the first message through the application If a token fails, the service indicated by the first message is interrupted; the first token is updated, and the updated token of the first token is used as the second token; according to the second token , Re-invoke the service indicated by the first message through the application.
- the first token is valid for a preset period of time after acquisition, and if the first token becomes invalid during the process of invoking the service indicated by the first message through the application, then
- the service indicated by the first message is interrupted, the first sub-authority is controlled by means of preset duration and timely interruption, and the first token is updated, and the updated token of the first token is used as the first token.
- the second token according to the second token, re-invoke the service indicated by the first message through the application, and update the token in time, thereby improving the security of the application service.
- the first message is discarded, and alarm information is sent.
- the verification is performed through the preset condition, and if the first sub-application does not meet the preset condition, that is, the verification fails, the first message is discarded, and warning information feedback is sent in time, Thereby improving the security of application services.
- the method further includes: if it is determined that the application program has completed invoking the service indicated by the first message, unlocking the first token through the application program status.
- the application program is used to unlock the first token, so that other sub-applications can also obtain The first token, thereby enhancing the flexibility of application services.
- an embodiment of the present application provides an application service management apparatus, including: a receiving module, configured to receive a first message from a first sub-application of the application, and the first message is used to request a slave
- the application program obtains a service; a processing module, configured to determine, according to the service indicated by the first message, a first sub-authority required to call the service indicated by the first message; the first sub-authority is to call the application If the first sub-application meets a preset condition, obtain a first token according to the first sub-authority; the first token is in the first The token that calls the service permission within the sub-authority; the first sub-authority uniquely corresponds to the first token; according to the first token, within the first sub-authority, through the application Invoke the service indicated by the first message, and set the first token to a locked state.
- the preset condition is that the first sub-application is a sub-application in the white list of the application, and the white list of the application is used to indicate that it is authorized to be able to call all The sub-application of the service of the application.
- the first token is valid for a preset period of time after acquisition, and the processing module is further configured to: if the service indicated by the first message is invoked through the application If the first token becomes invalid during the process, the service indicated by the first message is interrupted; the first token is updated, and the updated token of the first token is used as the second token; The second token re-invokes the service indicated by the first message through the application.
- the processing module is further configured to: if the first sub-application does not meet the preset condition, discard the first message and send alarm information.
- the processing module is further configured to: if it is determined that the application program has completed invoking the service indicated by the first message, release the first token through the application program The locked state.
- an embodiment of the present application provides a computer device including a program or instruction, and when the program or instruction is executed, it is used to execute the methods of the first aspect and the embodiments of the first aspect.
- an embodiment of the present application provides a storage medium including a program or instruction, and when the program or instruction is executed, it is used to execute the methods of the first aspect and the embodiments of the first aspect.
- FIG. 1 is a schematic diagram of a system architecture applicable to an application service management method in an embodiment of this application;
- FIG. 2 is a schematic diagram of the process flow of an application service management method in an embodiment of this application
- FIG. 3 is a schematic diagram of the architecture of token management in an application service management method in an embodiment of the application
- FIG. 4 is a schematic diagram of a process flow diagram of authorizing sub-applications in an application service management method in an embodiment of the application;
- FIG. 5 is a schematic diagram of an authorization page in an application service management method in an embodiment of the application
- Fig. 6 is a schematic structural diagram of an application service management apparatus in an embodiment of the application.
- appId the identity (Identification, ID) of the sub-application in the application
- token the token is the credential for invoking the application program interface, and an application interface must be obtained
- AppKey also called the secret key, the credential that the application provides to the sub-application to obtain the token.
- an embodiment of the present application provides a system architecture for the management of application services.
- the application service management method provided by the embodiment of this application is applied.
- the system architecture shown in Figure 1 includes the following parts:
- the user layer includes the sub-application system and the business system of the application.
- the sub-application system includes multiple sub-applications. Each sub-application can request services by sending messages to the application, and communicate with the application through the proxy layer, so as to perform the required services through the application, and the business system of the application is required The system implemented in service.
- Proxy layer The proxy layer is responsible for forwarding communication messages between the user layer and the service layer.
- the specific forwarding tool is not limited.
- proxy servers such as nginx and squid are used to implement forwarding.
- the service layer includes sub-application program interface, service access layer, message forwarding module, interface agent, configuration management module, permission management module, token management module, service application layer, logging module, and permission control module.
- the sub-application program interface, the service access layer, the message forwarding module, and the interface agent are used to transmit the messages sent by the sub-application program to the application program.
- the message of the sub-application is first forwarded to the service access layer through the sub-application interface, and then sent to the message forwarding module through the service access layer, and then communicates with the application in the service application layer.
- the interface proxy is used to send messages that the application needs to send to the corresponding sub-application interface.
- the basic configuration information of each sub-application is stored in the configuration management, for example, the ID of the sub-application.
- Each sub-permission is separated from the service permissions of the application encapsulated in the permission management module.
- the token management module encapsulates the tokens corresponding to each sub-authority in the authorization management module.
- the authority control module is used to control authority and allow or prohibit corresponding execution actions.
- the logging module is used to record the processing of messages.
- each application does not need additional configuration, and the configuration in the configuration management module in the service layer is directly used as the configuration of each application.
- the service access layer is responsible for receiving messages and events, forwarding the messages and events to the service application layer for processing, and passing the message that needs to be returned or forwarded after the service application layer processing is completed through the interface proxy, after passing through the proxy layer Forward to sub-application or business system.
- the addition of the service access layer allows multiple message events to be processed indiscriminately by the business logic of the service application layer after processing, and the service application layer classifies and processes the forwarded messages and events.
- the service access layer can support simultaneous access of multiple sub-applications and smooth switching between sub-applications.
- Database Store information records of services performed by applications.
- the specific types of databases are not limited.
- the databases are redis and kafka.
- Operating environment used to provide the operating foundation for the user layer, agent layer, service layer and database.
- the operating environment is composed of the following components: Linux, springboot1.4 and tomcat8.
- each application can be independent into a separate system or service, and at the same time, the token management module and configuration management of the service layer can be separated, and the modules communicate through the message bus.
- This architecture can also apply the application service management method proposed in the embodiments of the present application, so that each application program is relatively independent and does not affect each other, and the overall modularity of the small system coupled between modules is higher.
- this service architecture can conveniently provide the relevant service capabilities of existing sub-applications to external business operators outside of the application through application access. When external business operators need to host their own sub-applications to the services of atomic applications, they can select the service permissions that need to be managed on the authorization page to complete the authorization operation and use the related services.
- Step 201 Receive a first message from a first sub-application of the application.
- the first message is a communication message for the first sub-application to request service from the application.
- Step 202 According to the service indicated by the first message, determine the first sub-right required to invoke the service indicated by the first message.
- the first sub-permission is a sub-permission preset in the service permission for calling the application program.
- Step 203 If the first sub-application meets a preset condition, obtain a first token according to the first sub-authority; the first token is to call the service within the first sub-authority The permission token.
- the first sub-authority uniquely corresponds to the first token.
- Step 204 According to the first token, within the first sub-authority, call the service indicated by the first message through the application program, and set the first token to a locked state.
- step 202 for example, the message management is authorized to the sub-application A, and the user information query management is authorized to the sub-application B.
- the business system that obtains the token of the sub-application A only allows the message management operation, and Cannot query user information.
- the first token is stored in a first storage space of the processing device, the first storage space also stores a third token, and the third token is pre-converted in the same storage format as the first token Token, the third token is uniquely mapped to the second sub-authority preset in the service authority; the calling method of the token stored in the first storage space is the same.
- the processing device here can be any device that can run an application program, for example, a computer device, a terminal device, etc., without limitation.
- the first storage space is also not limited, such as the memory in a computer device.
- the first message is used to request to obtain the service from the application, and according to the service indicated by the first message, the first sub-authority required to invoke the service indicated by the first message is determined, and the first sub-right
- the permission is a sub-permission preset in the service permission for calling the application. If the first sub-application satisfies a preset condition, a first token is obtained according to the first sub-permission.
- the token is a token for invoking the service authority within the first sub-authority.
- the first message indication can be performed through the application
- the service of the application program cannot be invoked through the first token outside the first sub-authority; in addition, because the first sub-authority uniquely corresponds to the first token, and the second
- the service indicated by a message the first token has been set to the locked state, then when the service indicated by the first message is performed, other sub-applications of the application cannot simultaneously obtain the first order by sending the message Therefore, the above method greatly improves the security of the application when performing services and avoids conflicts.
- Fig. 3 is a schematic diagram of the architecture of token management in an application service management method in an embodiment of the application.
- multiple sub-applications are managed through the token management service at the same time, and the token management service can also include update services, query services, and monitoring services.
- the application service management method may also include:
- the first token is valid for a first preset time period after being acquired, and if the first token becomes invalid during the process of invoking the service indicated by the first message through the application program, all services are interrupted.
- the service indicated by the first message update the first token, and use the updated token of the first token as the second token; according to the second token, recall through the application The service indicated by the first message.
- the first token is valid for a preset period of time after acquisition, and if the first token becomes invalid during the process of invoking the service indicated by the first message through the application, then
- the service indicated by the first message is interrupted, the first sub-authority is controlled by means of preset duration and timely interruption, and the first token is updated, and the updated token of the first token is used as the first token.
- the second token according to the second token, re-invoke the service indicated by the first message through the application, and update the token in time, thereby improving the security of the application service.
- each token corresponds to a validity period, for example, 2 hours; and after acquiring a new token, the old token will expire within a certain period of time, such as 10 minutes.
- the update service uses the program interface provided by the application to the sub-application to obtain the token. After the update service obtains the token, the token is stored locally and a valid time of no more than 2 hours is set. When the local token fails, the token is updated immediately To keep the local token always valid.
- the query service provides an interface for real-time querying of the latest tokens. At any time, the tokens queried through the token management service are always the same and valid.
- the monitoring service regularly checks whether the token is valid by actively calling the WeChat API, and immediately updates the token when it is found to be invalid, so as to avoid the token failure due to short-term WeChat failure or network reasons.
- the token hybrid management also converts the token obtained from the second sub-application into a token in the same format as the first token and saves it in the token management service, and uses the same update, query and detection strategy for it.
- the type field information is added while recording the token, and the token type is returned when querying the token.
- the token management service is allowed to save and maintain multiple tokens at the same time, which can be obtained on demand during query.
- the preset condition is that the first sub-application is a sub-application in the white list of the application, and the white list of the application is used to indicate the sub-applications that are authorized to call the service of the application program.
- the preset white list indicates the sub-applications authorized to call the service of the application
- the first sub-application is the sub-application in the white list of the application.
- the first token can be obtained, thereby improving the security of application services.
- Fig. 4 is a schematic diagram of the steps of authorization for the sub-application in an application service management method in an embodiment of the application
- Fig. 5 This is a schematic diagram of an authorization page in an application service management method in an embodiment of this application.
- Step 401 The user enters the website.
- the user of the sub-application can enter the component side website of the application by clicking on the website.
- Step 402 Obtain a pre-authorization code.
- the component side website obtains the pre-authorization code through the application program interface provided by the application program to enter the pre-authorization.
- Step 403 Guide the user to enter the application component authorization page.
- Step 404 Authorize the user.
- Step 405 Return the verification code.
- Step 404 After the authorization is successful, the application program authorizes the website to send a verification code to the component side website.
- Step 406 Use the authorization code to obtain user information.
- the component website uses the authorization code to obtain user information through the application interface.
- the process of obtaining the first token according to the first message in step 201 may be:
- the first sub-authority required to perform the service indicated by the first message, and determine that the first message comes from the first sub-application; determine the first The sub-application is a sub-application verified by the preset whitelist, and obtains the first token uniquely mapped to the first sub-authority.
- the verification is performed through the preset condition, and if the first sub-application does not meet the preset condition, that is, the verification fails, the first message is discarded, and warning information feedback is sent in time, Thereby improving the security of application services.
- the application program is used to release the locked state of the first token.
- the application program is used to unlock the first token, so that other sub-applications can also obtain The first token, thereby enhancing the flexibility of application services.
- FIG. 6 it is a schematic structural diagram of an application service management apparatus in an embodiment of this application.
- An embodiment of the present application provides an application service management apparatus, including: a receiving module 601, configured to receive a first message from a first sub-application of an application, and the first message is used to request a request from the application Obtain service; processing module 602, configured to determine, according to the service indicated by the first message, the first sub-authority required to invoke the service indicated by the first message; the first sub-authority is the service for invoking the application The preset sub-permission in the permission; if the first sub-application meets the preset condition, a first token is obtained according to the first sub-permission; the first token is in the first sub-permission The token that calls the service authority within; the first sub-authority uniquely corresponds to the first token; according to the first token, within the first sub-authority, the application is called The service indicated by the first message, and set the first token to a locked state.
- the preset condition is that the first sub-application is a sub-application in the white list of the application, and the white list of the application is used to indicate that it is authorized to be able to call all The sub-application of the service of the application.
- the first token is valid for a preset period of time after being acquired, and the processing module 602 is further configured to: if the first message indicated by the application is called When the first token becomes invalid during the service process, the service indicated by the first message is interrupted; the first token is updated, and the updated token of the first token is used as the second token; According to the second token, the service indicated by the first message is re-invoked through the application.
- the processing module 602 is further configured to: if the first sub-application does not meet the preset condition, discard the first message and send alarm information.
- the processing module 602 is further configured to: if it is determined that the application program has completed the invocation of the service indicated by the first message, release the first order through the application program The locked state of the card.
- An embodiment of the application provides a computer device, including a program or instruction, when the program or instruction is executed, it is used to execute the application service management method and any optional method provided by the embodiment of the application.
- the embodiment of the present application provides a storage medium including a program or instruction, and when the program or instruction is executed, it is used to execute the application service management method and any optional method provided by the embodiment of the present application.
- the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, optical storage, etc.) containing computer-usable program codes.
- a computer-usable storage media including but not limited to disk storage, optical storage, etc.
- These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
- the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
Abstract
Description
Claims (10)
- 一种应用程序服务的管理方法,其特征在于,包括:An application service management method, characterized in that it includes:接收来自应用程序的第一子应用程序的第一消息,所述第一消息用于请求从所述应用程序获取服务;Receiving a first message from a first sub-application of the application, where the first message is used to request to obtain a service from the application;根据所述第一消息指示的服务,确定调用所述第一消息指示的服务需要的第一子权限;所述第一子权限为调用所述应用程序的服务权限中预设的子权限;Determine, according to the service indicated by the first message, the first sub-authority required for invoking the service indicated by the first message; the first sub-authority is a preset sub-authority in the service permission for invoking the application;若所述第一子应用程序满足预设条件,则根据所述第一子权限,获取第一令牌;所述第一令牌为在所述第一子权限内调用所述服务权限的令牌;所述第一子权限与所述第一令牌唯一对应;If the first sub-application meets a preset condition, a first token is obtained according to the first sub-authority; the first token is a command to invoke the service authority within the first sub-authority Card; the first sub-authority uniquely corresponds to the first token;根据所述第一令牌,在所述第一子权限内,通过所述应用程序调用所述第一消息指示的服务,并将所述第一令牌设置为锁定状态。According to the first token, within the first sub-authority, call the service indicated by the first message through the application program, and set the first token to a locked state.
- 如权利要求1所述的方法,其特征在于,所述预设条件为所述第一子应用程序为所述应用程序的白名单中的子应用程序,所述应用程序的白名单用于指示已授权能够调用所述应用程序的服务的子应用程序。The method of claim 1, wherein the preset condition is that the first sub-application is a sub-application in a white list of the application, and the white list of the application is used to indicate A sub-application that is authorized to be able to call the service of the application.
- 如权利要求1或2所述的方法,其特征在于,所述第一令牌在获取后的预设时长内有效,所述方法还包括:The method according to claim 1 or 2, wherein the first token is valid for a preset period of time after acquisition, and the method further comprises:若在所述通过所述应用程序调用所述第一消息指示的服务的过程中所述第一令牌失效,则中断所述第一消息指示的服务;If the first token becomes invalid during the process of invoking the service indicated by the first message through the application program, interrupt the service indicated by the first message;更新所述第一令牌,并将所述第一令牌更新后的令牌作为第二令牌;Updating the first token, and using the updated token of the first token as the second token;根据所述第二令牌,通过所述应用程序重新调用所述第一消息指示的服务。According to the second token, the service indicated by the first message is re-invoked through the application.
- 如权利要求1或2所述的方法,其特征在于,所述方法还包括:The method according to claim 1 or 2, wherein the method further comprises:若所述第一子应用程序不满足所述预设条件,则丢弃所述第一消息,并发送告警信息。If the first sub-application does not meet the preset condition, discard the first message and send alarm information.
- 如权利要求1或2所述的方法,其特征在于,所述将所述第一令牌设 置为锁定状态之后,还包括:The method according to claim 1 or 2, wherein after setting the first token to the locked state, the method further comprises:若确定所述应用程序完成了对所述第一消息指示的服务的调用,则通过所述应用程序,解除所述第一令牌的锁定状态。If it is determined that the application program has completed invoking the service indicated by the first message, the application program is used to release the locked state of the first token.
- 一种应用程序服务的管理装置,其特征在于,包括:An application service management device, characterized in that it comprises:接收模块,用于接收来自应用程序的第一子应用程序的第一消息,所述第一消息用于请求从所述应用程序获取服务;A receiving module, configured to receive a first message from a first sub-application of the application, the first message being used to request to obtain a service from the application;处理模块,用于根据所述第一消息指示的服务,确定调用所述第一消息指示的服务需要的第一子权限;所述第一子权限为调用所述应用程序的服务权限中预设的子权限;若所述第一子应用程序满足预设条件,则根据所述第一子权限,获取第一令牌;所述第一令牌为在所述第一子权限内调用所述服务权限的令牌;所述第一子权限与所述第一令牌唯一对应;根据所述第一令牌,在所述第一子权限内,通过所述应用程序调用所述第一消息指示的服务,并将所述第一令牌设置为锁定状态。The processing module is configured to determine, according to the service indicated by the first message, the first sub-authority required to invoke the service indicated by the first message; the first sub-authority is preset in the service authority for invoking the application If the first sub-application meets a preset condition, obtain a first token according to the first sub-authority; the first token is to call the first sub-authority within the The token of the service authority; the first sub-authority uniquely corresponds to the first token; according to the first token, within the first sub-authority, the first message is called by the application Indicates the service and sets the first token to the locked state.
- 如权利要求6所述的装置,其特征在于,所述预设条件为所述第一子应用程序为所述应用程序的白名单中的子应用程序,所述应用程序的白名单用于指示已授权能够调用所述应用程序的服务的子应用程序。The device according to claim 6, wherein the preset condition is that the first sub-application is a sub-application in a white list of the application, and the white list of the application is used to indicate A sub-application that is authorized to be able to call the service of the application.
- 如权利要求6或7所述的装置,其特征在于,所述第一令牌在获取后的预设时长内有效,所述处理模块还用于:The device according to claim 6 or 7, wherein the first token is valid for a preset period of time after acquisition, and the processing module is further configured to:若在所述通过所述应用程序调用所述第一消息指示的服务的过程中所述第一令牌失效,则中断所述第一消息指示的服务;If the first token becomes invalid during the process of invoking the service indicated by the first message through the application program, interrupt the service indicated by the first message;更新所述第一令牌,并将所述第一令牌更新后的令牌作为第二令牌;Updating the first token, and using the updated token of the first token as the second token;根据所述第二令牌,通过所述应用程序重新调用所述第一消息指示的服务。According to the second token, the service indicated by the first message is re-invoked through the application.
- 一种计算机设备,其特征在于,包括程序或指令,当所述程序或指令被执行时,如权利要求1至5中任意一项所述的方法被执行。A computer device characterized by comprising a program or an instruction, and when the program or an instruction is executed, the method according to any one of claims 1 to 5 is executed.
- 一种存储介质,其特征在于,包括程序或指令,当所述程序或指令被执行时,如权利要求1至5中任意一项所述的方法被执行。A storage medium, characterized by comprising a program or instruction, and when the program or instruction is executed, the method according to any one of claims 1 to 5 is executed.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910499812.8 | 2019-06-11 | ||
CN201910499812.8A CN110289965B (en) | 2019-06-11 | 2019-06-11 | Application program service management method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020248768A1 true WO2020248768A1 (en) | 2020-12-17 |
Family
ID=68003707
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/090687 WO2020248768A1 (en) | 2019-06-11 | 2020-05-15 | Method and apparatus for managing application program service |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN110289965B (en) |
WO (1) | WO2020248768A1 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110289965B (en) * | 2019-06-11 | 2023-06-09 | 深圳前海微众银行股份有限公司 | Application program service management method and device |
CN111859418A (en) * | 2020-06-24 | 2020-10-30 | 华为技术有限公司 | Atomic capability calling method and terminal equipment |
CN112698929A (en) * | 2020-12-14 | 2021-04-23 | 联想(北京)有限公司 | Information acquisition method and device |
TWI803836B (en) * | 2021-03-05 | 2023-06-01 | 玉山商業銀行股份有限公司 | Mobile device monitoring system and method |
CN113468605B (en) * | 2021-09-02 | 2021-11-30 | 江苏荣泽信息科技股份有限公司 | File offline storage system based on block chain |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105488208A (en) * | 2015-12-11 | 2016-04-13 | 北京奇虎科技有限公司 | Data search method and device |
CN106534356A (en) * | 2016-12-12 | 2017-03-22 | 腾讯科技(深圳)有限公司 | Method and apparatus for processing template data, requesting template data and displaying template data |
CN107277082A (en) * | 2016-04-06 | 2017-10-20 | 泰康之家(北京)投资有限公司 | A kind of method and device for obtaining application service |
CN107450991A (en) * | 2017-07-24 | 2017-12-08 | 无锡江南计算技术研究所 | A kind of efficiently distributed global lock coordination approach |
US20180052718A1 (en) * | 2016-08-22 | 2018-02-22 | Amplidata N.V. | Non-Process Identifier Based Service Manager |
CN110289965A (en) * | 2019-06-11 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of management method and device of application program service |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5634122A (en) * | 1994-12-30 | 1997-05-27 | International Business Machines Corporation | System and method for multi-level token management for distributed file systems |
US8639940B2 (en) * | 2007-02-28 | 2014-01-28 | Red Hat, Inc. | Methods and systems for assigning roles on a token |
CN106331575A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | Realization method, device and system for mixing double flow in video conference |
US20180083971A1 (en) * | 2016-09-21 | 2018-03-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Authorization with container application issued token |
-
2019
- 2019-06-11 CN CN201910499812.8A patent/CN110289965B/en active Active
-
2020
- 2020-05-15 WO PCT/CN2020/090687 patent/WO2020248768A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105488208A (en) * | 2015-12-11 | 2016-04-13 | 北京奇虎科技有限公司 | Data search method and device |
CN107277082A (en) * | 2016-04-06 | 2017-10-20 | 泰康之家(北京)投资有限公司 | A kind of method and device for obtaining application service |
US20180052718A1 (en) * | 2016-08-22 | 2018-02-22 | Amplidata N.V. | Non-Process Identifier Based Service Manager |
CN106534356A (en) * | 2016-12-12 | 2017-03-22 | 腾讯科技(深圳)有限公司 | Method and apparatus for processing template data, requesting template data and displaying template data |
CN107450991A (en) * | 2017-07-24 | 2017-12-08 | 无锡江南计算技术研究所 | A kind of efficiently distributed global lock coordination approach |
CN110289965A (en) * | 2019-06-11 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of management method and device of application program service |
Also Published As
Publication number | Publication date |
---|---|
CN110289965A (en) | 2019-09-27 |
CN110289965B (en) | 2023-06-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020248768A1 (en) | Method and apparatus for managing application program service | |
US9864868B2 (en) | Method and apparatus for process enforced configuration management | |
CA3026781C (en) | A method for tee access control and a mobile terminal for implementing the method | |
CN111552936B (en) | Cross-system access right control method and system based on scheduling mechanism level | |
US20060294103A1 (en) | Security and authorization in management agents | |
CN105187372A (en) | Method for data processing based on mobile application entrance, device and system | |
CN111061685B (en) | Log query method and device, node equipment and storage medium | |
US8365261B2 (en) | Implementing organization-specific policy during establishment of an autonomous connection between computer resources | |
CN111526111B (en) | Control method, device and equipment for logging in light application and computer storage medium | |
CN104135378A (en) | Method of management control of Internet of Things gateways and management control entity for Internet of Things gateways | |
CN104639650A (en) | Fine granularity distributive interface access control method and device | |
CN110430180A (en) | A kind of platform of internet of things and implementation method based on hot plug | |
CN105376198A (en) | Access control method and device | |
CN113765701A (en) | Gateway control method based on permanent memory cache | |
CN109614822A (en) | A kind of Information Resource Access method, apparatus and system based on block chain | |
US10333939B2 (en) | System and method for authentication | |
CN111147496B (en) | Data processing method and device | |
CN117149884A (en) | Data processing transaction method | |
CN111475802B (en) | Authority control method and device | |
CN113691539A (en) | Enterprise internal unified function authority management method and system | |
CN116305218B (en) | Data link tracking and data updating method, device and data management system | |
CN112016115B (en) | Event subscription system based on block chain | |
WO2023173796A1 (en) | Communication management method, apparatus and system | |
CN117353975B (en) | Multi-terminal security unified login authorization system and method based on enterprise WeChat | |
CN117932633A (en) | Sensitive data encryption method based on ODPS offline data bins |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20823389 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20823389 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 16.03.2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20823389 Country of ref document: EP Kind code of ref document: A1 |