技术领域technical field
本发明涉及移动通信技术领域,特别涉及一种云服务器,以及一种应用程序的审核认证及管理系统和方法。The present invention relates to the technical field of mobile communication, in particular to a cloud server, and an application verification and authentication and management system and method.
背景技术Background technique
随着软件及移动通信技术的发展,移动通信设备(例如手机)的系统也在不断地更新。目前,大部分移动通信设备的系统对于应用程序的安装和使用都需要严格的签名认证。具体地,其中一些系统(例如,Symbian系统)引入了严格的签名认证体系,使用到受限访问的系统能力的应用程序,需要经过开发者签名和发布者签名才能不受限制的在其它的任何指定版本的系统上安装。经过开发者签名的应用安装包,再经过发布者签名后,应用安装包发生变化,只有经过发布者签名的应用程序才可在系统上安装和运行。此系统应用的开发者签名,证明了应用程序的开发者身份,发布者签名证明了发布该应用的发布者身份,同时也表明发布者对应用程序的合法性、安全性、有效性进行认可,也就是说,该系统的签名只能表明自己认可该应用采用自己的身份来发布,不签名就是不认可。另一些系统的应用程序(例如Android系统)只需进行签名即可安装和使用,可以认为,此系统应用程序的签名只能表明开发者的身份,甚至有时开发者身份都不能表明,例如使用SDK(SoftwareDevelopment Kit,软件开发包)自带的debug证书或者其它不能表明开发者身份的证书时。With the development of software and mobile communication technologies, the systems of mobile communication devices (such as mobile phones) are also constantly updated. At present, the systems of most mobile communication devices require strict signature authentication for the installation and use of application programs. Specifically, some of these systems (for example, the Symbian system) introduce a strict signature authentication system, and applications that use system capabilities with limited access need to be signed by the developer and the publisher to be unrestricted in any other Install on the specified version of the system. After the application installation package is signed by the developer, and then signed by the publisher, the application installation package changes, and only the application signed by the publisher can be installed and run on the system. The developer's signature of this system application proves the identity of the developer of the application, and the publisher's signature proves the identity of the publisher who released the application, and also indicates that the publisher recognizes the legitimacy, security, and effectiveness of the application. That is to say, the system's signature can only indicate that it approves that the application is released with its own identity, and if it is not signed, it means that it does not approve. Other system applications (such as Android system) can be installed and used only by signing. It can be considered that the signature of this system application can only indicate the identity of the developer, and sometimes the identity of the developer cannot be indicated, such as using the SDK (Software Development Kit, software development kit) comes with a debug certificate or other certificates that cannot indicate the identity of the developer.
现有技术存在的缺点是:(1)认证结果单一,只有认可、不认可两种结果,而且是对所有应用程序普遍适用的信息的认可,没有针对应用程序特性的认可。(2)手机端对应用程序的处理策略单一,无多策略管理机制,更没有针对当前的应用程序审核状态有针对性实施多策略管理的方案。(3)兼容性差,认证的结果不独立,认证的结果和签名数据需保存在认证前的应用程序安装包中,认证应用程序后会修改认证对象所在的文件,生成了新的安装包文件。认证前和认证后的应用程序的格式实质上已经发生了变化,已经形成了两种应用程序类型,易产生兼容性问题。The disadvantages of the existing technology are: (1) The certification result is single, only two results of approval and non-approval, and it is the approval of the information generally applicable to all applications, and there is no approval for the characteristics of the application. (2) The mobile terminal has a single processing strategy for the application, and there is no multi-policy management mechanism, and there is no targeted implementation of multi-policy management for the current application review status. (3) Poor compatibility, the authentication result is not independent, the authentication result and signature data need to be stored in the application installation package before authentication, and after the application is authenticated, the file where the authentication object is located will be modified to generate a new installation package file. The format of the pre-authentication and post-authentication applications has substantially changed, and two types of application programs have been formed, which are prone to compatibility problems.
发明内容Contents of the invention
本发明的目的旨在至少解决上述技术缺陷之一。The purpose of the present invention is to solve at least one of the above-mentioned technical drawbacks.
为此,本发明的第一个目的提出了一种应用程序的审核认证及管理系统,该系统具有合理的多策略管理机制,不仅能够带来更好的实时安全防护效果,而且兼容性好。本发明的第二目的提出了一种云服务器,具有很好的采集和判定能力。本发明的第三个目的还提出了一种应用程序的审核认证及管理方法,该方法采用多策略管理机制,有利于带来更好的客户体验。Therefore, the first object of the present invention proposes an application verification and management system, which has a reasonable multi-strategy management mechanism, can not only bring better real-time security protection effects, but also has good compatibility. The second object of the present invention proposes a cloud server with good collection and judgment capabilities. The third object of the present invention also proposes an application verification and management method, which adopts a multi-policy management mechanism, which is beneficial to bring better customer experience.
为达到上述目的,本发明第一方面的实施例提出了一种应用程序的审核认证及管理系统,包括:云服务器,用于审核应用程序并在审核过程中采集所述应用程序的可疑行为数据,对所述可疑行为数据进行记录以得到所述应用程序对应的审核结果,以及根据所述审核结果生成审核描述文件,其中,所述审核描述文件包括所述应用程序的认证数据和审核结果;以及移动终端,用于从所述云服务器下载指定应用程序的所述审核描述文件,并根据所述审核描述文件对所述指定应用程序采用对应的管理策略进行安全控制。In order to achieve the above purpose, the embodiment of the first aspect of the present invention proposes an application program audit certification and management system, including: a cloud server, used to audit the application program and collect suspicious behavior data of the application program during the audit process , recording the suspicious behavior data to obtain an audit result corresponding to the application program, and generating an audit description file according to the audit result, wherein the audit description file includes authentication data and audit results of the application program; and a mobile terminal, configured to download the audit description file of the designated application program from the cloud server, and perform security control on the designated application program using a corresponding management policy according to the audit description file.
根据本发明实施例的应用程序的审核认证及管理系统,使得移动终端可以对有不同行为特征和不同可信程度的应用程序采用不同的有针对性的处理策略,不仅能够带来更好的实时安全防护效果,还能够带来更好的用户体验。同时,该方统还可兼容现有的应用安装包格式,可以在不改变现在应用程序或者其安装包格式的基础上,无缝的将应用程序审核认证应用到现有应用程序规范中,不影响应用程序的生命周期管理机制。According to the application verification and management system of the embodiment of the present invention, the mobile terminal can adopt different targeted processing strategies for application programs with different behavior characteristics and different degrees of credibility, which can not only bring better real-time The security protection effect can also bring a better user experience. At the same time, the system is also compatible with the existing application installation package format, and can seamlessly apply application audit certification to existing application specifications without changing the current application or its installation package format. Affects the application's lifecycle management mechanism.
本发明第二方面的实施例提出了一种云服务器,包括:采集模块,用于采集应用程序的可疑行为数据;审核模块,用于验证所述应用程序的签名以确认所述应用程序的合法性,并验证所述应用程序的基本信息以确认所述应用程序的软件兼容性,生成所述应用程序的合法及兼容规范性信息,以及对所述可疑行为数据进行分析以对所述应用程序进行分类并评价,并生成所述应用程序的分类信息和评价信息,将所述合法及兼容规范性信息、所述分类信息和所述评价信息进行合并以得到所述审核结果,并根据所述审核结果生成审核描述文件;认证模块,用于利用证书对所述审核描述文件进行数字签名认证以生成认证数据,其中,所述认证数据用于标识所述审核描述文件和应用程序描述文件的来源,其中,所述应用程序描述文件用于标识所述应用程序或所述应用程序的安装包;推送模块,用于根据所述审核结果和所述认证数据生成所述审核描述文件,并在接收到移动终端的数据请求时,将所述审核描述文件推送至所述移动终端。The embodiment of the second aspect of the present invention proposes a cloud server, including: a collection module, used to collect suspicious behavior data of the application program; an audit module, used to verify the signature of the application program to confirm the legality of the application program , and verify the basic information of the application to confirm the software compatibility of the application, generate legal and compatible normative information of the application, and analyze the suspicious behavior data to analyze the application Classify and evaluate, and generate the classification information and evaluation information of the application program, combine the legal and compatible normative information, the classification information and the evaluation information to obtain the review result, and according to the The audit result generates an audit description file; the authentication module is used to use a certificate to perform digital signature authentication on the audit description file to generate authentication data, wherein the authentication data is used to identify the source of the audit description file and the application program description file , wherein, the application description file is used to identify the application or the installation package of the application; the push module is used to generate the audit description file according to the audit result and the authentication data, and receive When a data request is received from the mobile terminal, the audit description file is pushed to the mobile terminal.
根据本发明实施例的云服务器,不仅能够较好地采集相应的数据,还具有很强的判定能力,能够对采集的数据进行审核、认证,并根据实际情况及时处理。The cloud server according to the embodiment of the present invention can not only better collect corresponding data, but also has a strong judgment ability, can review and authenticate the collected data, and process it in time according to the actual situation.
本发明第三方面的实施例提出了一种应用程序的审核认证及管理方法,包括如下步骤:The embodiment of the third aspect of the present invention proposes an application verification and management method, including the following steps:
云服务器审核应用程序并在审核过程中采集所述应用程序的可疑行为数据,并对所述可疑行为数据进行记录以生成的审核结果,以及根据所述审核结果生成审核描述文件,其中,所述审核描述文件包括所述应用程序的认证数据和审核结果;The cloud server audits the application program and collects suspicious behavior data of the application program during the audit process, records the suspicious behavior data to generate an audit result, and generates an audit description file according to the audit result, wherein the The audit profile includes the certification data and audit results for the application in question;
移动终端向所述云服务器发送指定应用程序的数据请求信号,以及从所述云服务器下载所述指定应用程序的审核描述文件,并根据所述审核描述文件对所述指定应用程序采用对应的管理策略进行安全控制。The mobile terminal sends a data request signal of a specified application program to the cloud server, and downloads an audit description file of the specified application program from the cloud server, and adopts corresponding management for the specified application program according to the audit description file. policies for security control.
根据本发明实施例提出的应用程序的审核认证及管理方法,认证的不只是应用程序的来源合法性,而且还认证了应用程序的安全审核结果的合法性。同时,采用合理的多策略管理机制,能够带来更好的实时安全防护,并且兼容性好。此外,应用程序的安全审核结果包含了应用程序的行为特征,使得很多应用程序到达移动终端的时候已经有了一些应用程序行为等安全相关的信息,便于移动终端做出更有效地安全控制。According to the verification, certification and management method of the application program proposed by the embodiment of the present invention, not only the source legality of the application program is certified, but also the legality of the security audit result of the application program is certified. At the same time, adopting a reasonable multi-policy management mechanism can bring better real-time security protection and good compatibility. In addition, the security audit results of the application program include the behavior characteristics of the application program, so that when many applications arrive at the mobile terminal, they already have some security-related information such as application program behavior, which is convenient for the mobile terminal to make more effective security control.
本发明附加的方面和优点将在下面的描述中部分给出,部分将从下面的描述中变得明显,或通过本发明的实践了解到。Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
附图说明Description of drawings
本发明上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解,其中:The above and/or additional aspects and advantages of the present invention will become apparent and easy to understand from the following description of the embodiments in conjunction with the accompanying drawings, wherein:
图1为根据本发明实施例的应用程序的审核认证及管理系统的示意图;FIG. 1 is a schematic diagram of an audit certification and management system of an application program according to an embodiment of the present invention;
图2为根据本发明实施例的云服务器的示意图;2 is a schematic diagram of a cloud server according to an embodiment of the present invention;
图3为根据本发明一个实施例的应用程序的审核认证及管理方法的流程图;FIG. 3 is a flow chart of an application verification and management method according to an embodiment of the present invention;
图4为根据本发明另一个实施例的应用程序的审核认证及管理方法的具体流程图;和FIG. 4 is a specific flow chart of an application verification and management method according to another embodiment of the present invention; and
图5为根据本发明实施例的应用程序的审核认证及管理方法的审核前后应用程序行为归类变化的示意图。FIG. 5 is a schematic diagram of changes in the classification of application program behaviors before and after the review of the application program review certification and management method according to an embodiment of the present invention.
具体实施方式detailed description
下面详细描述本发明的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,仅用于解释本发明,而不能解释为对本发明的限制。Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.
在本发明的描述中,需要说明的是,除非另有规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是机械连接或电连接,也可以是两个元件内部的连通,可以是直接相连,也可以通过中间媒介间接相连,对于本领域的普通技术人员而言,可以根据具体情况理解上述术语的具体含义。In the description of the present invention, it should be noted that unless otherwise specified and limited, the terms "installation", "connection" and "connection" should be understood in a broad sense, for example, it can be a mechanical connection or an electrical connection, or it can be two The internal communication of each element may be directly connected or indirectly connected through an intermediary. Those skilled in the art can understand the specific meanings of the above terms according to specific situations.
参照下面的描述和附图,将清楚本发明的实施例的这些和其他方面。在这些描述和附图中,具体公开了本发明的实施例中的一些特定实施方式,来表示实施本发明的实施例的原理的一些方式,但是应当理解,本发明的实施例的范围不受此限制。相反,本发明的实施例包括落入所附加权利要求书的精神和内涵范围内的所有变化、修改和等同物。These and other aspects of embodiments of the invention will become apparent with reference to the following description and drawings. In these descriptions and drawings, some specific implementations of the embodiments of the present invention are specifically disclosed to represent some ways of implementing the principles of the embodiments of the present invention, but it should be understood that the scope of the embodiments of the present invention is not limited by This restriction. On the contrary, the embodiments of the present invention include all changes, modifications and equivalents coming within the spirit and scope of the appended claims.
参照图1,本发明第一方面实施例提出的一种应用程序的审核认证及管理系统,包括云服务器101和移动终端102。云服务器101用于审核应用程序并在审核过程中采集所述应用程序的可疑行为数据,对所述可疑行为数据进行记录以得到所述应用程序对应的审核结果,以及根据所述审核结果生成审核描述文件,其中,所述审核描述文件包括所述应用程序的认证数据和审核结果,其中,审核描述文件包括应用程序的认证数据和审核结果。移动终端102用于从云服务器101下载指定应用程序的审核描述文件,并根据审核描述文件对指定应用程序采用对应的管理策略进行安全控制。其中,指定应用程序可以为用户首次下载的应用程序或移动终端的操作系统内置的应用程序。由于用户之前未使用过该指定应用程序,对其安全性没有了解,因此需要从云服务器获取该指定应用程序的相关信息。Referring to FIG. 1 , an application verification and management system proposed by the embodiment of the first aspect of the present invention includes a cloud server 101 and a mobile terminal 102 . The cloud server 101 is used to review the application program and collect suspicious behavior data of the application program during the review process, record the suspicious behavior data to obtain the corresponding review result of the application program, and generate a review result according to the review result. A description file, wherein the audit description file includes the authentication data and audit results of the application program, wherein the audit description file includes the application program authentication data and audit results. The mobile terminal 102 is configured to download an audit description file of a specified application program from the cloud server 101, and perform security control on the specified application program using a corresponding management policy according to the audit description file. Wherein, the specified application program may be an application program downloaded by the user for the first time or an application program built in the operating system of the mobile terminal. Since the user has not used the specified application program before and has no knowledge of its security, it is necessary to obtain relevant information of the specified application program from the cloud server.
在本发明的一个实施例中,云服务器101通过以下方式中的至少一种采集可疑行为数据:In an embodiment of the present invention, the cloud server 101 collects suspicious behavior data in at least one of the following ways:
(1)利用模拟终端设备运行应用程序,云服务器101采集应用程序运行过程中的可疑行为数据。在本发明的一个示例中,模拟终端设备可以为模拟器或真实终端(例如手机)。模拟终端设备可以集成可疑行为监测方案的终端系统平台,从而可以自动对应用程序进行采集,并且进行统计分析。对特殊的案例还可进行更进一步的人工分析,最终得到较为准确的可疑行为数据。上述可疑行为信息可以为新进入市场的应用程序的潜在威胁信息提供判断依据。(1) Using the simulated terminal device to run the application program, the cloud server 101 collects suspicious behavior data during the running process of the application program. In an example of the present invention, the simulated terminal device may be an emulator or a real terminal (such as a mobile phone). The analog terminal device can be integrated with the terminal system platform of the suspicious behavior monitoring solution, so that the application program can be automatically collected and statistically analyzed. For special cases, further manual analysis can be carried out, and more accurate suspicious behavior data can be obtained in the end. The above-mentioned suspicious behavior information can provide a basis for judging the potential threat information of new application programs entering the market.
(2)云服务器101采集用户终端(例如手机)使用应用程序中的可疑行为数据。具体地,用户终端对应用程序中的可疑行为数据进行采集、统计和分析,并适时地同步到云服务器101。对于集成可疑行为监测方案的终端系统,还可以在用户使用手机的过程中,不断地采集和分析可疑行为数据。(2) The cloud server 101 collects suspicious behavior data in the application program used by the user terminal (such as a mobile phone). Specifically, the user terminal collects, counts and analyzes suspicious behavior data in the application program, and synchronizes to the cloud server 101 in a timely manner. For a terminal system integrated with a suspicious behavior monitoring solution, it can also continuously collect and analyze suspicious behavior data while the user is using the mobile phone.
同时,云服务器101还用于采集用户对可疑行为数据的初始分类信息。其中,初始分类信息可以包括用户对可疑行为的判定结果,例如可疑行为是否为恶意行为或者可信行为。用户上传的判断结果对于云服务器101的数据统计具有非常重要的作用。随着用户群的增加,用户终端对应用程序各类行为的采集和判定能力,将超过云服务器101的采集能力。At the same time, the cloud server 101 is also used to collect the user's initial classification information on suspicious behavior data. Wherein, the initial classification information may include the user's determination result of the suspicious behavior, for example, whether the suspicious behavior is a malicious behavior or a credible behavior. The judgment result uploaded by the user plays a very important role in the data statistics of the cloud server 101 . With the increase of the user group, the ability of the user terminal to collect and determine various behaviors of the application program will exceed the collection ability of the cloud server 101 .
在本发明的一个实施例中,云服务器101对应用程序的签名和基本信息进行验证以生成应用程序的合法及兼容规范性信息,并根据可疑行为数据对应用程序进行分类并评价以生成应用程序的分类信息和评价信息,以及根据将合法及兼容规范性信息、分类信息和评价信息进行合并以得到审核结果。In one embodiment of the present invention, the cloud server 101 verifies the signature and basic information of the application program to generate legal and compatible normative information of the application program, and classifies and evaluates the application program according to the suspicious behavior data to generate the application program The classification information and evaluation information, and the combination of legal and compatible normative information, classification information and evaluation information to obtain the audit results.
下面对云服务器101对应用程序的审核过程进行具体描述。The review process of the application program by the cloud server 101 will be described in detail below.
首先,云服务器101验证应用程序AppName.apk的签名,对应用程序的签名进行验证以确认应用程序的合法性。然后,查询该应用程序是否有不良记录,验证AppName.apk的基本信息,检查软件兼容性。也就是说,对应用程序的基本信息进行验证以确认应用程序的软件兼容性,生成应用程序的合法及兼容规范性信息。检查完成兼容性后,云服务器101进行文件型病毒扫描,特别是对lib库。反编译java代码,进行API(Application ProgrammingInterface,应用程序编程接口)调用检查,例如调用隐藏的API。随后,测试应用程序的安全和启动运行是否成功以及对应用程序的软件功能自动化测试。人工进行软件功能审核,并对内容合法性审查。然后,对应用程序行为检测、分析和判定。在本步骤中,可以采用自动化检测和人工审核相结合的方式。也就是说,对可疑行为数据进行分析以对应用程序进行分类并评价,并生成应用程序的分类信息和评价信息。其后,云服务器101记录统计分析和判定结果,如未发现恶意行为,生成AppName.apk的审核扫描文件。也就是说,将合法及兼容规范性信息、分类信息和评价信息进行合并以得到审核结果,并将审核结果存储于审核描述文件中;利用证书对审核描述文件进行数字签名认证以生成认证数据,而认证数据用于标识审核描述文件的来源。First, the cloud server 101 verifies the signature of the application program AppName.apk, and verifies the signature of the application program to confirm the legitimacy of the application program. Then, check whether the application has bad records, verify the basic information of AppName.apk, and check the software compatibility. That is to say, verify the basic information of the application program to confirm the software compatibility of the application program, and generate legal and compatible normative information of the application program. After checking the compatibility, the cloud server 101 scans for file viruses, especially for the lib library. Decompile the java code, and perform an API (Application Programming Interface, application programming interface) call check, such as calling a hidden API. Then, test whether the security and startup operation of the application program is successful, and automate the testing of the software function of the application program. Manual software function review and content legality review. Then, detect, analyze and judge the application behavior. In this step, a combination of automated detection and manual review can be used. That is, the suspicious behavior data is analyzed to classify and evaluate the application program, and generate classification information and evaluation information of the application program. Thereafter, the cloud server 101 records the statistical analysis and judgment results, and generates an audit scan file of AppName.apk if no malicious behavior is found. That is to say, the legal and compatible normative information, classification information and evaluation information are combined to obtain the audit results, and the audit results are stored in the audit description file; the certificate is used to digitally sign the audit description file to generate authentication data, Authentication data is used to identify the source of the audit profile.
在完成上述审核过程后,云服务器101生成应用程序的分类信息和评价信息。After completing the above review process, the cloud server 101 generates classification information and evaluation information of the application.
具体地说,应用程序可以分为以下几类:Specifically, applications can be divided into the following categories:
可疑行为:应用程序的可疑行为是指应用程序所进行的有可能但不一定会给用户利益造成损害的行为。由于每个用户所关心的切身利益不一样,一个应用程序行为是否确实会损害用户利益,还需用户根据自己的需求自行判定或者在用户许可的情况下由系统帮助用户判定,经过判定后,该行为可转变为恶意行为或者可信行为。Suspicious behavior: Suspicious behavior of the application refers to the behavior of the application that may but not necessarily cause damage to the user's interests. Since the vital interests of each user are different, whether an application behavior will indeed harm the interests of the user needs to be judged by the user according to his own needs or the system will help the user to judge with the user's permission. After the judgment, the Behavior can be transformed into malicious behavior or trusted behavior.
恶意行为:应用程序的恶意行为是指应用程序所进行的损害用户利益的行为。应用程序行为是否为恶意行为,需要经过用户主动判定或者由系统帮助用户判定而得来的。Malicious behavior: The malicious behavior of the application refers to the behavior of the application that damages the interests of the user. Whether the application behavior is malicious or not needs to be determined by the user or by the system helping the user to determine.
可信行为:应用程序的可信行为是指应用程序可疑行为能力集中不会对用户利益造成损害的行为。应用程序行为是否为可信行为,需要经过用户主动判定或者由系统帮助用户判定而得来的。Trusted behavior: The trusted behavior of the application refers to the behavior that the concentration of suspicious behavior capabilities of the application will not cause damage to the interests of users. Whether the behavior of the application program is credible or not needs to be determined by the user or by the system helping the user to determine.
潜在可疑行为:应用程序的潜在可疑行为是指虽未发生过但应用程序有能力去执行的可疑行为。应用程序的一个潜在可疑行为一旦被证实会被执行,该行为将变成可疑行为;反之,应用程序的一个潜在可疑行为一旦被证实永远不会被执行,该行为也将不再是潜在可疑行为。一个应用程序所有的潜在可疑行为并不是一个确定不变的集合,随着应用程序的真实能力的不断明确,该集合会变得越来越准确。Potentially Suspicious Behavior: Potentially suspicious behavior of an application refers to suspicious behavior that has not occurred but that the application is capable of performing. Once a potentially suspicious behavior of the application is confirmed to be executed, the behavior will become suspicious; conversely, once a potentially suspicious behavior of the application is confirmed to never be executed, the behavior will no longer be a potentially suspicious behavior . All potentially suspicious behaviors of an application are not an invariable set. As the true capabilities of the application are continuously clarified, the set will become more and more accurate.
可疑行为能力集:应用程序的可疑行为能力集是指根据应用程序所具有的对系统资源的访问能力,推断出应用程序有能力去执行的所有可疑行为的集合。可疑行为能力集是可疑行为和潜在可疑行为的并集。应用程序的可疑行为能力集并不是一个确定不变的集合,随着应用程序的真实能力的不断明确,该集合也会变得越来越准确。Suspicious behavior capability set: The suspicious behavior capability set of the application program refers to the set of all suspicious behaviors that the application program has the ability to perform according to the access capability of the application program to system resources. The Suspicious Behavior capability set is the union of Suspicious Behavior and Potentially Suspicious Behavior. The set of suspicious behavior capabilities of an application is not a fixed set. As the real capabilities of the application are continuously clarified, the set will become more and more accurate.
上述各种类型的应用程序行为都有准确的模型或规则定义。Each of the above types of application behavior has a precise model or rule definition.
云服务器101根据可疑行为数据对应用程序进行分类以得到的分类信息。其中,分类信息用于记录应用程序的分类以及每类对应的行为信息。由上可知,应用程序的分类信息可以为以下类型的一种或多种:可信行为、潜在可疑行为、可疑行为和恶意行为。The cloud server 101 classifies the application program according to the suspicious behavior data to obtain classification information. Wherein, the classification information is used to record the classification of the application program and the behavior information corresponding to each class. It can be seen from the above that the classification information of the application program may be one or more of the following types: trusted behavior, potentially suspicious behavior, suspicious behavior and malicious behavior.
云服务器101根据上述分类信息对应用程序进行评价,得到应用程序的评价信息。其中,评价信息包括受信任、已审核、未审核和不信任。The cloud server 101 evaluates the application program according to the classification information, and obtains the evaluation information of the application program. Wherein, the evaluation information includes trusted, reviewed, unreviewed and untrusted.
在本发明的一个实施例中,云服务器101利用证书对审核描述文件进行数字签名认证以生成认证数据,其中,认证数据用于标识审核描述文件和应用程序描述文件的来源。通过对审核描述文件和应用程序描述文件进行数字签名,可以证明应用程序的来源合法性,并且还可以认证应用程序的安全审核结果的合法性,进而证明应用程序具有的行为特性和内容合法性、安全性、规范性等。In one embodiment of the present invention, the cloud server 101 uses a certificate to perform digital signature authentication on the audit description file to generate authentication data, wherein the authentication data is used to identify the source of the audit description file and the application program description file. By digitally signing the audit description file and the application description file, the source legality of the application can be proved, and the legality of the security audit result of the application can be certified, thereby proving the behavioral characteristics and content legality of the application, safety, standardization, etc.
其中,认证数据包括摘要信息、认证签名的证书信息以及认证签名的签名值。Wherein, the authentication data includes summary information, certificate information of the authentication signature, and a signature value of the authentication signature.
审核描述文件包括以下两种形式:Audit description files include the following two forms:
(1)嵌入式:审核描述文件和认证数据嵌入在应用程序或者应用程序的安装包中,类似于Symbian系统的应用程序发布者签名,对只经过开发者签名的应用程序进行签名认证后,生成带有新的签名的应用程序安装包。在本发明的一个示例中,对于Yi平台,该重新生成的安装包可以为“*.bpk”类型的文件。(1) Embedded: The audit description file and authentication data are embedded in the application or the installation package of the application, which is similar to the signature of the application publisher in the Symbian system. After the application is signed and certified only by the developer, a Application installation package with new signature. In an example of the present invention, for the Yi platform, the regenerated installation package may be a "*.bpk" type file.
(2)独立式:审核描述文件和认证数据分别独立存储,不改变被审核认证的应用程序或者其安装包。其中,独立式的审核描述文件被保存于认证描述文件中,认证描述文件是对审核描述文件进行签名认证的产物。(2) Independent: the audit description file and the certification data are stored independently, without changing the audited and certified application or its installation package. Wherein, the independent audit description file is stored in the authentication description file, and the authentication description file is a product of signature authentication on the audit description file.
在本发明的一个实施例中,认证描述文件可以为一个压缩包。认证描述文件的压缩包中包括审核描述文件和签名认证数据,以及包含应用程序描述文件(app_des.txt)。其中,在应用程序描述文件中存储了用以标识被审核认证的应用程序的数据。In an embodiment of the present invention, the authentication description file may be a compressed package. The compressed package of the authentication description file includes the audit description file and signature authentication data, as well as the application description file (app_des.txt). Wherein, the application program description file stores data used to identify the application program to be audited and certified.
在本发明的一个示例中,认证描述文件(*.ver)格式如下:In an example of the present invention, the authentication description file (*.ver) format is as follows:
认证描述文件App_verified.Ver,压缩包中文件目录结构为:The authentication description file App_verified.Ver, the file directory structure in the compressed package is:
|--app_des.txt 应用程序描述文件|--app_des.txt application description file
|--app_verified_info.sec 审核描述文件|--app_verified_info.sec audit description file
`--META-INF`--META-INF
|--CERT.RSA 签名文件(包含证书信息、签名值)|--CERT.RSA signature file (including certificate information, signature value)
`--CERT.SF 摘要信息存储文件(保存压缩包中所有文件的摘要值,保证完整性)。`--CERT.SF summary information storage file (save the summary value of all files in the compressed package to ensure integrity).
进一步地,认证描述文件包括以下三个部分:Further, the authentication description file includes the following three parts:
第一部分:应用程序描述文件(app_des.txt)。应用程序描述文件是被审核认证的应用程序的标识信息。其中,应用程序描述文件包含应用程序包格式、包名、应用程序版本号、原有签名信息。其中,原有签名信息包括:摘要信息、证书信息、签名值。这些数据可以唯一标示一个应用程序或应用程序的安装包,用户于判定某个应用程序或应用程序的安装包是否是所审核的对象,证明审核描述文件中的内容就是对指定的那个应用程序的审核结果。The first part: application description file (app_des.txt). The application description file is the identification information of the application program to be audited and certified. Wherein, the application description file includes application package format, package name, application version number, and original signature information. Wherein, the original signature information includes: summary information, certificate information, and signature value. These data can uniquely identify an application or an application’s installation package. Users can determine whether an application or an application’s installation package is the object of audit, and prove that the content in the audit description file is for the specified application. Audit results.
第二部分:审核描述文件(app_verified_info.sec)。审核描述文件包含应用程序各类行为的信息以及内容合法性、程序兼容性、规范性信息,以及对该应用程序的整体评价信息。The second part: audit description file (app_verified_info.sec). The audit description file contains information on various behaviors of the application, content legality, program compatibility, normative information, and overall evaluation information on the application.
其中,应用程序各类行为的信息包括:可疑行为、恶意行为、可信行为、潜在可疑行为信息,信息内容可以是行为模型或者规则的ID号。Among them, the information of various behaviors of the application includes: suspicious behavior, malicious behavior, credible behavior, and potentially suspicious behavior information, and the content of the information may be an ID number of a behavior model or a rule.
评价信息包括受信任、已审核、未审核、不信任。Evaluation information includes Trusted, Approved, Unapproved, and Untrusted.
第三部分:签名文件。签名文件是使用证书对应用程序的鉴定结果进行签名。用于鉴别认证描述文件的完整性和来源的合法性,保证认证描述文件的内容无法被篡改,认证者无法被假冒。The third part: Signature file. The signature file is to use a certificate to sign the authentication result of the application. It is used to verify the integrity of the authentication description file and the legitimacy of the source, to ensure that the content of the authentication description file cannot be tampered with, and the authenticator cannot be impersonated.
独立存储认证数据的认证方式具有较好的兼容性好,不会改变现有的应用程序及其安装包,不破坏现有应用程序和安装包的格式,保持认证前和认证后应用程序的兼容性。不管是应用程序自身发生变化,或者云服务器的结果发生变化,审核描述文件和认证数据的变化都是相互独立的,同时可以无缝平滑融合。The authentication method of independently storing authentication data has good compatibility, will not change the existing application program and its installation package, will not destroy the format of the existing application program and installation package, and maintain the compatibility of the application program before and after authentication sex. Regardless of the changes in the application itself or the results of the cloud server, the changes in the audit description file and certification data are independent of each other and can be seamlessly and smoothly integrated.
移动终端102从云服务器101下载指定应用程序的审核描述文件。由于审核描述文件包括应用程序的安全审核结果,在审查结果中包含了应用程序的行为特征,使得很多应用程序到达移动终端102的时候,已经具有应用程序行为等安全相关的信息,便于移动终端102做出有效的安全控制。The mobile terminal 102 downloads the audit description file of the specified application program from the cloud server 101 . Because the audit description file includes the security audit result of the application program, the behavior characteristics of the application program are included in the audit result, so that when many application programs arrive at the mobile terminal 102, they already have security-related information such as application program behavior, which is convenient for the mobile terminal 102 Make effective security controls.
在本发明的一个实施例中,用户利用移动终端102可以通过以下两种方式从云服务器101获取审核结果。In an embodiment of the present invention, the user can obtain the audit result from the cloud server 101 in the following two ways by using the mobile terminal 102 .
(1)用户从应用商城(app store)下载安装认证应用程序时,系统可选择使用嵌入式或者独立式的审核描述文件。如果是嵌入式审核描述文件,将下载签名后的“*.bpk”文件;如果是独立式的审核描述文件,则在下载应用时随apk文件一起下载包含审核描述文件的认证描述文件。(1) When the user downloads and installs the authentication application program from the app store, the system can choose to use an embedded or independent audit description file. If it is an embedded audit description file, the signed "*.bpk" file will be downloaded; if it is an independent audit description file, the authentication description file containing the audit description file will be downloaded along with the apk file when downloading the application.
(2)用户通过移动终端的系统平台内置软件,主动请求获知指定应用程序的潜在威胁或者恶意行为信息,进而触发指定应用程序的认证描述文件的下载和处理。(2) The user actively requests to know the potential threat or malicious behavior information of the specified application program through the built-in software of the system platform of the mobile terminal, and then triggers the download and processing of the authentication description file of the specified application program.
在本发明的一个实施例中,移动终端102可以根据审核描述文件获得指定应用程序对应的一个或多个分类,并根据一个或多个分类设置对指定应用程序的管理策略。In an embodiment of the present invention, the mobile terminal 102 can obtain one or more categories corresponding to the specified application program according to the audit description file, and set a management policy for the specified application program according to one or more categories.
基于审核认证结果,移动终端102可以实施多策略管理机制,针对当前的应用程序审核状态有针对性实施多策略管理的方案,即采用合理的多策略管理机制以减少终端系统的运行时负担,并且利于给用户带来更好的体验。Based on the audit and authentication results, the mobile terminal 102 can implement a multi-policy management mechanism, and implement a multi-policy management solution for the current application program audit status, that is, adopt a reasonable multi-policy management mechanism to reduce the runtime burden of the terminal system, and Conducive to bringing a better experience to users.
在本发明的一个实施例中,管理策略包括权限访问控制策略、实时行为监测策略、行为采集策略、隔离控制策略以及信息反馈策略。In an embodiment of the present invention, the management strategy includes a permission access control strategy, a real-time behavior monitoring strategy, a behavior collection strategy, an isolation control strategy, and an information feedback strategy.
具体地说,应用程序分类管理和有针对性的管理策略如下表1所示。Specifically, application classification management and targeted management strategies are shown in Table 1 below.
表1Table 1
用户安装的应用程序一般会属于上述四种类型之一,然而应用程序不一定会固定属于哪个类型,随着审核的持续进行,例如已安装到Yi平台上的应用所属类型可能会发生变化,这个变化也是向更准确的方向发展的。此外,用户操作也会影响应用程序类型,例如用户自行安装其它未认可来源的应用程序,刚开始属于“未认证的未审核应用程序”,当用户主动发起请求向云服务器101获取应用程序认证描述文件之后,该应用程序可能会变成其它任何一种类型。The applications installed by users generally fall into one of the above four types. However, the application does not necessarily belong to which type. As the review continues, for example, the type of the application installed on the Yi platform may change. This The change is also in a more accurate direction. In addition, user actions will also affect the type of application. For example, the user installs other applications from unapproved sources. At the beginning, they belong to "uncertified and unreviewed applications". When the user initiates a request to obtain the application certification description from the cloud server After the file, the application may become any other type.
在本发明的一个实施例中,云服务器101可以在检测到应用程序的可疑行为数据更新后,生成对应的更新后的审核描述文件,以及获取使用应用程序的用户列表,并主动向用户列表对应的移动终端主动推送审核描述文件。In one embodiment of the present invention, the cloud server 101 can generate a corresponding updated audit description file after detecting that the suspicious behavior data of the application is updated, obtain a list of users using the application, and actively report to the user list. Mobile terminals actively push audit description files.
根据本发明实施例的应用程序的审核认证及管理系统,使得移动终端可以对有不同行为特征和不同可信程度的应用程序采用不同的有针对性的处理策略,不仅能够带来更好的实时安全防护效果,还能够带来更好的用户体验。同时,该方统还可兼容现有的应用安装包格式,可以在不改变现在应用程序或者其安装包格式的基础上,无缝的将应用程序审核认证应用到现有应用程序规范中,不影响应用程序的生命周期管理机制。According to the application verification and management system of the embodiment of the present invention, the mobile terminal can adopt different targeted processing strategies for application programs with different behavior characteristics and different degrees of credibility, which can not only bring better real-time The security protection effect can also bring a better user experience. At the same time, the system is also compatible with the existing application installation package format, and can seamlessly apply application audit certification to existing application specifications without changing the current application or its installation package format. Affects the application's lifecycle management mechanism.
下面结合图2描述根据本发明第二方面实施例提出的云服务器101。The cloud server 101 proposed according to the embodiment of the second aspect of the present invention is described below with reference to FIG. 2 .
如图2所示,云服务器101包括采集模块201、审核模块202、认证模块203和推送模块204。其中,采集模块201用于采集应用程序的可疑行为数据。审核模块202用于验证应用程序的签名以确认应用程序的合法性,并验证应用程序的基本信息以确认应用程序的软件兼容性,生成应用程序的合法及兼容规范性信息,以及通过对可疑行为数据进行分析以对应用程序进行分类和评价,并生成应用程序的分类信息和评价信息,再将合法及兼容规范性信息、分类信息和评价信息进行合并,从而得到审核结果。认证模块203利用证书对审核描述文件和应用程序描述文件进行数字签名认证以生成认证数据,其中认证数据用于标识审核描述文件的来源。推送模块204根据审核结果和认证数据生成审核描述文件,并在接收到移动终端102的数据请求时,将审核描述文件推送至移动终端102。应用程序描述文件用于标识应用程序或应用程序的安装包。As shown in FIG. 2 , the cloud server 101 includes a collection module 201 , an audit module 202 , an authentication module 203 and a push module 204 . Wherein, the collecting module 201 is used for collecting suspicious behavior data of the application program. The audit module 202 is used to verify the signature of the application program to confirm the legitimacy of the application program, and verify the basic information of the application program to confirm the software compatibility of the application program, to generate legal and compatible normative information of the application program, and to check suspicious behavior The data is analyzed to classify and evaluate the application program, and generate the classification information and evaluation information of the application program, and then combine the legal and compatible normative information, classification information and evaluation information to obtain the audit result. The authentication module 203 uses the certificate to perform digital signature authentication on the audit description file and the application program description file to generate authentication data, wherein the authentication data is used to identify the source of the audit description file. The push module 204 generates an audit description file according to the audit result and authentication data, and pushes the audit description file to the mobile terminal 102 when receiving the data request from the mobile terminal 102 . The application description file is used to identify the application or the installation package of the application.
在本发明的一个实施例中,采集模块201通过至少一种以下方式采集可疑行为数据:In an embodiment of the present invention, the collection module 201 collects suspicious behavior data in at least one of the following ways:
(1)利用模拟终端设备运行应用程序,云服务器101的采集模块201采集应用程序运行过程中的可疑行为数据。(1) Using the simulated terminal device to run the application program, the collection module 201 of the cloud server 101 collects suspicious behavior data during the running process of the application program.
在本发明的一个示例中,模拟终端设备可以为模拟器或真实终端(例如手机)。模拟终端设备可以集成可疑行为监测方案的终端系统平台,从而可以自动对应用程序进行采集,并且进行统计分析。对特殊的案例还可进行更进一步的人工分析,最终得到较为准确的可疑行为数据。上述可疑行为信息可以为新进入市场的应用程序的潜在威胁信息提供判断依据。In an example of the present invention, the simulated terminal device may be an emulator or a real terminal (such as a mobile phone). The analog terminal device can be integrated with the terminal system platform of the suspicious behavior monitoring solution, so that the application program can be automatically collected and statistically analyzed. For special cases, further manual analysis can be carried out, and more accurate suspicious behavior data can be obtained in the end. The above-mentioned suspicious behavior information can provide a basis for judging the potential threat information of new application programs entering the market.
(2)云服务器101的采集模块201采集用户终端(例如手机)使用应用程序中的可疑行为数据。(2) The collection module 201 of the cloud server 101 collects suspicious behavior data in the application program used by the user terminal (such as a mobile phone).
具体地,用户终端对应用程序中的可疑行为数据进行采集、统计和分析,并适时地同步到云服务器101。对于集成可疑行为监测方案的终端系统,还可以在用户使用手机的过程中,不断地采集和分析可疑行为数据。用户上传的判断结果对于云服务器101的数据统计具有非常重要的作用。随着用户群的增加,用户终端对应用程序各类行为的采集和判定能力,将超过云服务器101的采集能力。Specifically, the user terminal collects, counts and analyzes suspicious behavior data in the application program, and synchronizes to the cloud server 101 in a timely manner. For a terminal system integrated with a suspicious behavior monitoring solution, it can also continuously collect and analyze suspicious behavior data while the user is using the mobile phone. The judgment result uploaded by the user plays a very important role in the data statistics of the cloud server 101 . With the increase of the user group, the ability of the user terminal to collect and determine various behaviors of the application program will exceed the collection ability of the cloud server 101 .
在本发明的一个实施例中,采集模块201还用于采集用户对可疑行为数据的初始分类信息。而分类信息用于记录应用程序的分类以及每类对应的行为信息,其中,应用程序可以为应用程序的可信行为、应用程序的潜在可疑行为、应用程序的可疑行为和应用程序的恶意行为等类型中的一种或多种。In an embodiment of the present invention, the collection module 201 is also used to collect the user's initial classification information on suspicious behavior data. The classification information is used to record the classification of the application and the corresponding behavior information of each category, where the application can be the trusted behavior of the application, the potential suspicious behavior of the application, the suspicious behavior of the application and the malicious behavior of the application, etc. one or more of the types.
在本发明的一个实施例中,云服务器101还包括检测模块205,用于检测应用程序的可疑行为数据是否发生更新,并在检测到应用程序的可疑行为发生更新后生成对应的更新后的审核描述文件,并检测使用发生更新的应用程序的用户列表,而推送模块204向用户列表对应的移动终端主动推送更新后的审核描述文件。In one embodiment of the present invention, the cloud server 101 further includes a detection module 205, which is used to detect whether the suspicious behavior data of the application program is updated, and generate a corresponding updated review after detecting that the suspicious behavior data of the application program has been updated. description file, and detect the user list using the updated application program, and the push module 204 actively pushes the updated audit description file to the mobile terminal corresponding to the user list.
根据本发明实施例的云服务器101,通过采集模块201不仅能够较好地采集相应的数据,还具有很强的判定能力,能够对采集的数据进行审核、认证,并根据实际情况及时处理。According to the cloud server 101 of the embodiment of the present invention, the collection module 201 can not only collect the corresponding data better, but also has a strong judgment ability, can review and authenticate the collected data, and process it in time according to the actual situation.
如图3所示,本发明第三方面的实施例提出了一种应用程序的审核认证及管理方法,包括如下步骤:As shown in Fig. 3, the embodiment of the third aspect of the present invention proposes an application verification and management method, including the following steps:
S301,云服务器核应用程序并在审核过程中采集应用程序的可疑行为数据,并对所述可疑行为数据进行记录以生成所述应用程序对应的审核结果,以及根据审核结果生成审核描述文件,其中,所述审核描述文件包括所述应用程序的认证数据和审核结果。S301. The cloud server cores the application program and collects suspicious behavior data of the application program during the audit process, and records the suspicious behavior data to generate an audit result corresponding to the application program, and generates an audit description file according to the audit result, wherein , the audit description file includes the authentication data and audit results of the application program.
在本发明的一个实施例中,云服务器通过至少一种以下方式采集可疑行为数据:In one embodiment of the present invention, the cloud server collects suspicious behavior data in at least one of the following ways:
(1)利用模拟终端设备运行应用程序,云服务器采集应用程序运行过程中的可疑行为数据。在本发明的一个示例中,模拟终端设备可以为模拟器或真实终端(例如手机)。模拟终端设备可以集成可疑行为监测方案的终端系统平台,从而可以自动对应用程序进行采集,并且进行统计分析。对特殊的案例还可进行更进一步的人工分析,最终得到较为准确的可疑行为数据。上述可疑行为信息可以为新进入市场的应用程序的潜在威胁信息提供判断依据。(1) Use the simulated terminal device to run the application program, and the cloud server collects suspicious behavior data during the operation of the application program. In an example of the present invention, the simulated terminal device may be an emulator or a real terminal (such as a mobile phone). The analog terminal device can be integrated with the terminal system platform of the suspicious behavior monitoring solution, so that the application program can be automatically collected and statistically analyzed. For special cases, further manual analysis can be carried out, and more accurate suspicious behavior data can be obtained in the end. The above-mentioned suspicious behavior information can provide a basis for judging the potential threat information of new application programs entering the market.
(2)云服务器采集用户终端使用应用程序中的可疑行为数据。也就是说,用户终端进行采集、统计和分析,并适时地把数据同步到云服务器。在用户使用移动终端例如手机的过程中,不断地采集和分析可疑行为信息,同时用户把可疑行为判定为恶意行为或者可信行为,这些用户自己判定的信息,对于云服务器来说,也是很宝贵的资源。尤其是用户群壮大起来之后,用户终端对应用程序各类行为的采集和判定能力,将是云服务器无法比拟的。(2) The cloud server collects suspicious behavior data in the application program used by the user terminal. That is to say, the user terminal performs collection, statistics and analysis, and timely synchronizes the data to the cloud server. In the process of users using mobile terminals such as mobile phones, suspicious behavior information is continuously collected and analyzed. At the same time, users judge suspicious behaviors as malicious or credible behaviors. The information judged by users themselves is also very valuable for cloud servers. H. Especially after the user base grows, the ability of user terminals to collect and judge various behaviors of applications will be unmatched by cloud servers.
S302,移动终端向云服务器发送指定应用程序的数据请求信号,以及从云服务器下载指定应用程序的审核描述文件。S302. The mobile terminal sends a data request signal of a specified application program to the cloud server, and downloads an audit description file of the specified application program from the cloud server.
具体地,在本发明的一个示例中,如图4所示,对应用程序的审核方法包括以下步骤:Specifically, in an example of the present invention, as shown in Figure 4, the auditing method for the application program includes the following steps:
S401,验证AppName.apk的签名,对应用程序的签名进行验证以确认应用程序的合法性。S401, verifying the signature of AppName.apk, and verifying the signature of the application program to confirm the legitimacy of the application program.
S402,查询该应用程序是否有不良记录。S402. Query whether the application program has bad records.
S403,验证AppName.apk的基本信息,检查软件兼容性,也就是说,对应用程序的基本信息进行验证以确认应用程序的软件兼容性,生成应用程序的合法及兼容规范性信息。S403, verify the basic information of the AppName.apk, and check the software compatibility, that is, verify the basic information of the application program to confirm the software compatibility of the application program, and generate legal and compatible normative information of the application program.
S404,文件型病毒扫描,特别是对lib库。S404, scanning for file type viruses, especially for the lib library.
S405,反编译java代码,进行API(Application Programming Interface,应用程序编程接口)调用检查,例如调用隐藏的API。S405 , decompile the java code, and perform an API (Application Programming Interface, application programming interface) calling check, for example calling a hidden API.
S406,测试安全和启动运行是否成功。S406, testing whether the safety and startup operation are successful.
S407,软件功能自动化测试。S407, automated testing of software functions.
S408,人工进行软件功能审核。S408. Manually perform software function review.
S409,内容合法性审查。S409, content legality review.
S410,应用程序行为检测、分析和判定,采用自动化检测和人工审核相结合;也就是说,对可疑行为数据进行分析以对应用程序进行分类并评价,并生成应用程序的分类信息和评价信息。S410, application program behavior detection, analysis and judgment, adopting a combination of automatic detection and manual review; that is, analyzing suspicious behavior data to classify and evaluate application programs, and generating classification information and evaluation information of application programs.
S411,记录统计分析和判定结果。S411, recording statistical analysis and determination results.
S412,如未发现恶意行为,生成AppName.apk的审核扫描文件。也就是说,将合法及兼容规范性信息、分类信息和评价信息进行合并以得到审核结果,并将审核结果存储于审核描述文件中;利用证书对审核描述文件进行数字签名认证以生成认证数据,而认证数据用于标识审核描述文件的来源。S412, if no malicious behavior is found, generate an audit scan file of AppName.apk. That is to say, the legal and compatible normative information, classification information and evaluation information are combined to obtain the audit results, and the audit results are stored in the audit description file; the certificate is used to digitally sign the audit description file to generate authentication data, Authentication data is used to identify the source of the audit profile.
在本发明的一个实施例中,分类信息用于记录应用程序的分类以及每类对应的行为信息,其中,应用程序可以为以下类型的一种或多种:可信行为、潜在可疑行为、可疑行为和恶意行为。In one embodiment of the present invention, the classification information is used to record the classification of the application program and the corresponding behavior information of each type, wherein the application program can be one or more of the following types: trusted behavior, potentially suspicious behavior, suspicious behavior and malicious behavior.
具体地说,应用程序可以分为以下几类:Specifically, applications can be divided into the following categories:
可疑行为:应用程序的可疑行为是指应用程序所进行的有可能但不一定会给用户利益造成损害的行为。由于每个用户所关心的切身利益不一样,一个应用程序行为是否确实会损害用户利益,还需用户根据自己的需求自行判定或者在用户许可的情况下由系统帮助用户判定,经过判定后,该行为可转变为恶意行为或者可信行为。Suspicious behavior: Suspicious behavior of the application refers to the behavior of the application that may but not necessarily cause damage to the user's interests. Since the vital interests of each user are different, whether an application behavior will indeed harm the interests of the user needs to be judged by the user according to his own needs or the system will help the user to judge with the user's permission. After the judgment, the Behavior can be transformed into malicious behavior or trusted behavior.
恶意行为:应用程序的恶意行为是指应用程序所进行的损害用户利益的行为。应用程序行为是否为恶意行为,需要经过用户主动判定或者由系统帮助用户判定而得来的。Malicious behavior: The malicious behavior of the application refers to the behavior of the application that damages the interests of the user. Whether the application behavior is malicious or not needs to be determined by the user or by the system helping the user to determine.
可信行为:应用程序的可信行为是指应用程序可疑行为能力集中不会对用户利益造成损害的行为。应用程序行为是否为可信行为,需要经过用户主动判定或者由系统帮助用户判定而得来的。Trusted behavior: The trusted behavior of the application refers to the behavior that the concentration of suspicious behavior capabilities of the application will not cause damage to the interests of users. Whether the behavior of the application program is credible or not needs to be determined by the user or by the system helping the user to determine.
潜在可疑行为:应用程序的潜在可疑行为是指虽未发生过但应用程序有能力去执行的可疑行为。应用程序的一个潜在可疑行为一旦被证实会被执行,该行为将变成可疑行为;反之,应用程序的一个潜在可疑行为一旦被证实永远不会被执行,该行为也将不再是潜在可疑行为。一个应用程序所有的潜在可疑行为并不是一个确定不变的集合,随着应用程序的真实能力的不断明确,该集合会变得越来越准确。Potentially Suspicious Behavior: Potentially suspicious behavior of an application refers to suspicious behavior that has not occurred but that the application is capable of performing. Once a potentially suspicious behavior of the application is confirmed to be executed, the behavior will become suspicious; conversely, once a potentially suspicious behavior of the application is confirmed to never be executed, the behavior will no longer be a potentially suspicious behavior . All potentially suspicious behaviors of an application are not an invariable set. As the true capabilities of the application are continuously clarified, the set will become more and more accurate.
可疑行为能力集:应用程序的可疑行为能力集是指根据应用程序所具有的对系统资源的访问能力,推断出应用程序有能力去执行的所有可疑行为的集合。可疑行为能力集是可疑行为和潜在可疑行为的并集。应用程序的可疑行为能力集并不是一个确定不变的集合,随着应用程序的真实能力的不断明确,该集合也会变得越来越准确。Suspicious behavior capability set: The suspicious behavior capability set of the application program refers to the set of all suspicious behaviors that the application program has the ability to perform according to the access capability of the application program to system resources. The Suspicious Behavior capability set is the union of Suspicious Behavior and Potentially Suspicious Behavior. The set of suspicious behavior capabilities of an application is not a fixed set. As the real capabilities of the application are continuously clarified, the set will become more and more accurate.
上述各种类型的应用程序行为都有准确的模型或规则定义。Each of the above types of application behavior has a precise model or rule definition.
进一步地,如图5所示,应用程序审核是一个明确应用程序行为特征,辨别各个行为所属类别的过程。审核前,没有应用程序行为信息。在审核过程中逐渐积累了应用程序的可疑行为和潜在可疑行为信息,并且经过不断深入地监测、分析,做出合理地判定,最终得到较精确的应用程序行为信息,作为审核结果。审核后,即可对应用程序做出认证。可进行认证的应用程序,其可疑行为、潜在可疑行为、恶意行为集合都可能为空集,但可信行为集合通常不为空。Further, as shown in FIG. 5 , application review is a process of clarifying application behavior characteristics and identifying the category to which each behavior belongs. Before review, there is no application behavior information. During the review process, suspicious behavior and potential suspicious behavior information of the application is gradually accumulated, and after continuous in-depth monitoring and analysis, reasonable judgments are made, and more accurate application behavior information is finally obtained as the review result. After the review, the application can be certified. For applications that can be authenticated, the set of suspicious behaviors, potentially suspicious behaviors, and malicious behaviors may be an empty set, but the set of trusted behaviors is usually not empty.
更进一步地,对应用程序审核完成之后,会生成一个审核描述文件,用于存储审核结果,并用数字签名来证明该审核结果的来源。审核描述文件(app_verified_info.sec)包含应用程序各类行为的信息(包括可疑行为、恶意行为、可信行为、潜在可疑行为信息,信息内容可以是行为模型或者规则的ID号)以及内容合法性、程序兼容性规范性信息,以及对该应用的整体评价信息(受信任、已审核、未审核、不信任)。审核描述文件的内容可以是经过加密的,防止审核结果被别人窃取。其中,认证数据包括摘要信息、认证签名的证书信息以及认证签名的签名值。Furthermore, after the application program is audited, an audit description file will be generated to store the audit result, and a digital signature will be used to prove the source of the audit result. The audit description file (app_verified_info.sec) contains information on various behaviors of the application (including suspicious behaviors, malicious behaviors, credible behaviors, and potentially suspicious behavior information, and the content of the information can be the ID number of a behavior model or a rule), as well as content legality, Program compatibility normative information, and overall evaluation information of the application (trusted, reviewed, not reviewed, not trusted). The content of the audit description file can be encrypted to prevent the audit results from being stolen by others. Wherein, the authentication data includes summary information, certificate information of the authentication signature, and a signature value of the authentication signature.
审核描述文件包括以下两种形式:Audit description files include the following two forms:
(1)嵌入式:审核描述文件和认证数据嵌入在应用程序或者应用程序的安装包中,类似于Symbian系统的应用程序发布者签名,对只经过开发者签名的应用程序进行签名认证后,生成带有新的签名的应用程序安装包。在本发明的一个示例中,对于Yi平台,该重新生成的安装包可以为“*.bpk”类型的文件。(1) Embedded: The audit description file and authentication data are embedded in the application or the installation package of the application, which is similar to the signature of the application publisher in the Symbian system. After the application is signed and certified only by the developer, a Application installation package with new signature. In an example of the present invention, for the Yi platform, the regenerated installation package may be a "*.bpk" type file.
(2)独立式:审核描述文件和认证数据分别独立存储,不改变被审核认证的应用程序或者其安装包。其中,独立式的审核描述文件被保存于认证描述文件中,认证描述文件是对审核描述文件进行签名认证的产物。(2) Independent: the audit description file and the certification data are stored independently, without changing the audited and certified application or its installation package. Wherein, the independent audit description file is stored in the authentication description file, and the authentication description file is a product of signature authentication on the audit description file.
在本发明的一个实施例中,认证描述文件可以为一个压缩包。认证描述文件的压缩包中包括审核描述文件和签名认证数据,以及包含应用程序描述文件(app_des.txt)。其中,在应用程序描述文件中存储了用以标识被审核认证的应用程序的数据。In an embodiment of the present invention, the authentication description file may be a compressed package. The compressed package of the authentication description file includes the audit description file and signature authentication data, as well as the application description file (app_des.txt). Wherein, the application program description file stores data used to identify the application program to be audited and certified.
在本发明的一个示例中,认证描述文件(*.ver)格式如下:In an example of the present invention, the authentication description file (*.ver) format is as follows:
认证描述文件App_verified.Ver,压缩包中文件目录结构为:The authentication description file App_verified.Ver, the file directory structure in the compressed package is:
|--.app_des.txt 应用程序描述文件|--.app_des.txt application description file
|--app_verified_info.sec 审核描述文件|--app_verified_info.sec audit description file
`--META-INF`--META-INF
|--CERT.RSA 签名文件(包含证书信息、签名值)|--CERT.RSA signature file (including certificate information, signature value)
`--CERT.SF 摘要信息存储文件(保存压缩包中所有文件的摘要值,保证完整性)。`--CERT.SF summary information storage file (save the summary value of all files in the compressed package to ensure integrity).
进一步地,认证描述文件包括以下三个部分:Further, the authentication description file includes the following three parts:
第一部分:应用程序描述文件(app_des.txt)。应用程序描述文件是被审核认证的应用程序的标识信息。其中,应用程序描述文件包含应用程序包格式、包名、应用程序版本号、原有签名信息。其中,原有签名信息包括:摘要信息、证书信息、签名值。这些数据可以唯一标示一个应用程序或应用程序的安装包,用户于判定某个应用程序或应用程序的安装包是否是所审核的对象,证明审核描述文件中的内容就是对指定的那个应用程序的审核结果。The first part: application description file (app_des.txt). The application description file is the identification information of the application program to be audited and certified. Wherein, the application description file includes application package format, package name, application version number, and original signature information. Wherein, the original signature information includes: summary information, certificate information, and signature value. These data can uniquely identify an application or an application’s installation package. Users can determine whether an application or an application’s installation package is the object of audit, and prove that the content in the audit description file is for the specified application. Audit results.
第二部分:审核描述文件(app_verified_info.sec)。审核描述文件包含应用程序各类行为的信息以及内容合法性、程序兼容性、规范性信息,以及对该应用程序的整体评价信息。The second part: audit description file (app_verified_info.sec). The audit description file contains information on various behaviors of the application, content legality, program compatibility, normative information, and overall evaluation information on the application.
其中,应用程序各类行为的信息包括:可疑行为、恶意行为、可信行为、潜在可疑行为信息,信息内容可以是行为模型或者规则的ID号。Among them, the information of various behaviors of the application includes: suspicious behavior, malicious behavior, credible behavior, and potentially suspicious behavior information, and the content of the information may be an ID number of a behavior model or a rule.
评价信息包括受信任、已审核、未审核、不信任。Evaluation information includes Trusted, Approved, Unapproved, and Untrusted.
第三部分:签名文件。签名文件是使用证书对应用程序的鉴定结果进行签名。用于鉴别认证描述文件的完整性和来源的合法性,保证认证描述文件的内容无法被篡改,认证者无法被假冒。The third part: Signature file. The signature file is to use a certificate to sign the authentication result of the application. It is used to verify the integrity of the authentication description file and the legitimacy of the source, to ensure that the content of the authentication description file cannot be tampered with, and the authenticator cannot be impersonated.
独立存储认证数据的认证方式具有较好的兼容性好,不会改变现有的应用程序及其安装包,不破坏现有应用程序和安装包的格式,保持认证前和认证后应用程序的兼容性。不管是应用程序自身发生变化,或者云服务器的结果发生变化,审核描述文件和认证数据的变化都是相互独立的,同时可以无缝平滑融合。The authentication method of independently storing authentication data has good compatibility, will not change the existing application program and its installation package, will not destroy the format of the existing application program and installation package, and maintain the compatibility of the application program before and after authentication sex. Regardless of the changes in the application itself or the results of the cloud server, the changes in the audit description file and certification data are independent of each other and can be seamlessly and smoothly integrated.
S303,根据审核描述文件对指定应用程序采用对应的管理策略进行安全控制。S303. According to the audit description file, a corresponding management policy is adopted to perform security control on the designated application program.
在本发明的一个示例中,审核描述文件是由百度Yi平台云服务器生成,到达Yi平台用户终端的方式有以下三种:In an example of the present invention, the audit description file is generated by the Baidu Yi platform cloud server, and there are the following three ways to reach the Yi platform user terminal:
(1)用户从百度app store下载安装一个百度认证应用程序时,系统可选择使用嵌入式或者独立式的审核描述文件。如果是嵌入式审核描述文件,将下载百度签名后的”*.bpk”文件;如果是独立式的审核描述文件,会在下载应用时随apk文件一起下载包含审核描述文件的认证描述文件。(1) When a user downloads and installs a Baidu authentication application from the Baidu app store, the system can choose to use an embedded or independent audit description file. If it is an embedded audit description file, it will download the "*.bpk" file signed by Baidu; if it is an independent audit description file, it will download the authentication description file containing the audit description file along with the apk file when downloading the application.
(2)用户通过Yi平台内置软件(比如:用户终端安全中心),主动请求获知指定应用程序的潜在威胁或者恶意行为信息,于是触发了指定应用程序的认证描述文件的下载和处理。(2) The user actively requests to know the potential threats or malicious behavior information of the specified application program through the built-in software of the Yi platform (such as the user terminal security center), which triggers the download and processing of the authentication description file of the specified application program.
(3)百度云服务器主动推送最新发现的可疑行为信息和恶意行为信息,这些信息通过认证描述文件的形式推送到Yi平台终端系统上进行处理。百度云服务器只会针对用户终端上已安装的应用进行选择性推送。也就是说,云服务器检测应用程序的可疑行为数据是否发生更新,且当检测到应用程序的可疑行为发生更新后,生成对应的更新后的审核描述文件,并检测使用发生更新的应用程序的用户列表,云服务器向用户列表对应的移动终端主动推送更新后的审核描述文件。(3) The Baidu cloud server actively pushes the newly discovered suspicious behavior information and malicious behavior information, and these information is pushed to the Yi platform terminal system for processing in the form of authentication description files. Baidu cloud server will only selectively push the applications installed on the user terminal. That is to say, the cloud server detects whether the suspicious behavior data of the application has been updated, and when it detects that the suspicious behavior of the application has been updated, it generates a corresponding updated audit description file, and detects the user who uses the updated application list, the cloud server actively pushes the updated audit description file to the mobile terminal corresponding to the user list.
在本发明的一个实施例中,根据审核描述文件对指定应用程序采用对应的管理策略进行安全控制,即根据审核描述文件获得指定应用程序对应的一个或多个分类,然后根据一个或多个分类对指定应用程序设置对应的管理策略。其中,如表1所示,管理策略包括权限访问控制策略、实时行为监测策略、行为采集策略、隔离控制策略以及信息反馈策略。In one embodiment of the present invention, according to the audit description file, a corresponding management policy is used to perform security control on the specified application program, that is, one or more classifications corresponding to the designated application program are obtained according to the audit description file, and then according to one or more classifications Set the corresponding management policy for the specified application. Among them, as shown in Table 1, the management strategy includes authority access control strategy, real-time behavior monitoring strategy, behavior collection strategy, isolation control strategy and information feedback strategy.
根据本发明实施例的应用程序的审核认证及管理方法,认证的不只是应用程序的来源合法性,而且还认证了应用程序的安全审核结果的合法性,并可证明应用程序具有的行为特性和内容合法性、安全性、规范性等。同时,还采用合理的多策略管理机制。基于审核认证结果,可在终端系统实施多策略管理机制,针对当前的应用程序审核状态有针对性实施多策略管理的方法,以减少终端系统的运行时负担,并且利于给用户带来更好的体验。此外,兼容性还好,独立存储认证数据的认证方式(如上述“独立式”的审核描述文件),并不改变现有的应用程序及其安装包,不破坏现有应用程序和安装包的格式,保持认证前和认证后应用程序的兼容性。不管是应用程序自身发生变化,还是云服务器什么结果发生变化,它的变化都是相互独立的,同时可以无缝平滑融合。最后,应用程序的安全审核结果包含了应用程序的行为特征,使得很多应用程序到达用户终端系统的时候已经有了一些应用程序行为等安全相关的信息,便于终端系统做出有效地安全控制。并且在用户在对应用程序后续的使用过程中可以不断地补充这些数据,既可以完善用户终端本地的安全控制策略,又可以将这些信息同步到云服务器,完善云服务器的应用程序信息,并可生成新的安全审核结果和认证描述文件,形成一套可自完善的应用安全体系。According to the auditing, certification and management method of the application program in the embodiment of the present invention, not only the source legality of the application program is certified, but also the legality of the security audit result of the application program is certified, and the behavior characteristics and characteristics of the application program can be proved. Content legality, security, standardization, etc. At the same time, a reasonable multi-strategy management mechanism is also adopted. Based on the audit and certification results, a multi-policy management mechanism can be implemented in the terminal system, and the multi-policy management method can be implemented in a targeted manner for the current application program audit status, so as to reduce the runtime burden of the terminal system and bring better benefits to users. experience. In addition, the compatibility is good. The authentication method of independently storing authentication data (such as the above-mentioned "independent" audit description file) does not change the existing application and its installation package, and does not destroy the existing application and installation package. format, maintaining compatibility for pre-certification and post-certification applications. Regardless of whether the application itself changes or the cloud server changes, its changes are independent of each other and can be seamlessly and smoothly integrated. Finally, the security audit results of the application program include the behavior characteristics of the application program, so that when many applications arrive at the user terminal system, they already have some security-related information such as application program behavior, which is convenient for the terminal system to make effective security control. In addition, the user can continuously supplement these data during the subsequent use of the application program, which can not only improve the local security control strategy of the user terminal, but also synchronize this information to the cloud server, improve the application information of the cloud server, and can Generate new security audit results and certification description files to form a self-improving application security system.
流程图中或在此以其他方式描述的任何过程或方法描述可以被理解为,表示包括一个或更多个用于实现特定逻辑功能或过程的步骤的可执行指令的代码的模块、片段或部分,并且本发明的优选实施方式的范围包括另外的实现,其中可以不按所示出或讨论的顺序,包括根据所涉及的功能按基本同时的方式或按相反的顺序,来执行功能,这应被本发明的实施例所属技术领域的技术人员所理解。Any process or method descriptions in flowcharts or otherwise described herein may be understood to represent modules, segments or portions of code comprising one or more executable instructions for implementing specific logical functions or steps of the process , and the scope of preferred embodiments of the invention includes alternative implementations in which functions may be performed out of the order shown or discussed, including substantially concurrently or in reverse order depending on the functions involved, which shall It is understood by those skilled in the art to which the embodiments of the present invention pertain.
在流程图中表示或在此以其他方式描述的逻辑和/或步骤,例如,可以被认为是用于实现逻辑功能的可执行指令的定序列表,可以具体实现在任何计算机可读介质中,以供指令执行系统、装置或设备(如基于计算机的系统、包括处理器的系统或其他可以从指令执行系统、装置或设备取指令并执行指令的系统)使用,或结合这些指令执行系统、装置或设备而使用。就本说明书而言,″计算机可读介质″可以是任何可以包含、存储、通信、传播或传输程序以供指令执行系统、装置或设备或结合这些指令执行系统、装置或设备而使用的装置。计算机可读介质的更具体的示例(非穷尽性列表)包括以下:具有一个或多个布线的电连接部(电子装置),便携式计算机盘盒(磁装置),随机存取存储器(RAM),只读存储器(ROM),可擦除可编辑只读存储器(EPROM或闪速存储器),光纤装置,以及便携式光盘只读存储器(CDROM)。另外,计算机可读介质甚至可以是可在其上打印所述程序的纸或其他合适的介质,因为可以例如通过对纸或其他介质进行光学扫描,接着进行编辑、解译或必要时以其他合适方式进行处理来以电子方式获得所述程序,然后将其存储在计算机存储器中。The logic and/or steps represented in the flowcharts or otherwise described herein, for example, can be considered as a sequenced listing of executable instructions for implementing logical functions, can be embodied in any computer-readable medium, For use with instruction execution systems, devices, or devices (such as computer-based systems, systems including processors, or other systems that can fetch instructions from instruction execution systems, devices, or devices and execute instructions), or in conjunction with these instruction execution systems, devices or equipment for use. For purposes of this specification, a "computer-readable medium" may be any device that can contain, store, communicate, propagate, or transmit a program for use in or in conjunction with an instruction execution system, device, or device. More specific examples (non-exhaustive list) of computer-readable media include the following: electrical connection with one or more wires (electronic device), portable computer disk case (magnetic device), random access memory (RAM), Read Only Memory (ROM), Erasable and Editable Read Only Memory (EPROM or Flash Memory), Fiber Optic Devices, and Portable Compact Disc Read Only Memory (CDROM). In addition, the computer-readable medium may even be paper or other suitable medium on which the program can be printed, since the program can be read, for example, by optically scanning the paper or other medium, followed by editing, interpretation or other suitable processing if necessary. The program is processed electronically and stored in computer memory.
应当理解,本发明的各部分可以用硬件、软件、固件或它们的组合来实现。在上述实施方式中,多个步骤或方法可以用存储在存储器中且由合适的指令执行系统执行的软件或固件来实现。例如,如果用硬件来实现,和在另一实施方式中一样,可用本领域公知的下列技术中的任一项或他们的组合来实现:具有用于对数据信号实现逻辑功能的逻辑门电路的离散逻辑电路,具有合适的组合逻辑门电路的专用集成电路,可编程门阵列(PGA),现场可编程门阵列(FPGA)等。It should be understood that various parts of the present invention can be realized by hardware, software, firmware or their combination. In the above described embodiments, various steps or methods may be implemented by software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, it can be implemented by any one or combination of the following techniques known in the art: Discrete logic circuits, ASICs with suitable combinational logic gates, programmable gate arrays (PGAs), field programmable gate arrays (FPGAs), etc.
本技术领域的普通技术人员可以理解实现上述实施例方法携带的全部或部分步骤是可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,该程序在执行时,包括方法实施例的步骤之一或其组合。Those of ordinary skill in the art can understand that all or part of the steps carried by the methods of the above embodiments can be completed by instructing related hardware through a program, and the program can be stored in a computer-readable storage medium. During execution, one or a combination of the steps of the method embodiments is included.
此外,在本发明各个实施例中的各功能单元可以集成在一个处理模块中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing module, each unit may exist separately physically, or two or more units may be integrated into one module. The above-mentioned integrated modules can be implemented in the form of hardware or in the form of software function modules. If the integrated modules are realized in the form of software function modules and sold or used as independent products, they can also be stored in a computer-readable storage medium.
上述提到的存储介质可以是只读存储器,磁盘或光盘等。The storage medium mentioned above may be a read-only memory, a magnetic disk or an optical disk, and the like.
在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本发明的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或示例。而且,描述的具体特征、结构、材料或者特点可以在任何的一个或多个实施例或示例中以合适的方式结合。In the description of this specification, descriptions with reference to the terms "one embodiment", "some embodiments", "example", "specific examples", or "some examples" mean that specific features described in connection with the embodiment or example , structure, material or feature is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
尽管已经示出和描述了本发明的实施例,对于本领域的普通技术人员而言,可以理解在不脱离本发明的原理和精神的情况下可以对这些实施例进行多种变化、修改、替换和变型,本发明的范围由所附权利要求及其等同限定。Although the embodiments of the present invention have been shown and described, those skilled in the art can understand that various changes, modifications and substitutions can be made to these embodiments without departing from the principle and spirit of the present invention. and modifications, the scope of the invention is defined by the appended claims and their equivalents.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210084896.7ACN103368987B (en) | 2012-03-27 | 2012-03-27 | Cloud server, application program verification, certification and management system and application program verification, certification and management method |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210084896.7ACN103368987B (en) | 2012-03-27 | 2012-03-27 | Cloud server, application program verification, certification and management system and application program verification, certification and management method |
| Publication Number | Publication Date |
|---|---|
| CN103368987A CN103368987A (en) | 2013-10-23 |
| CN103368987Btrue CN103368987B (en) | 2017-02-08 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210084896.7AExpired - Fee RelatedCN103368987B (en) | 2012-03-27 | 2012-03-27 | Cloud server, application program verification, certification and management system and application program verification, certification and management method |
| Country | Link |
|---|---|
| CN (1) | CN103368987B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104753893A (en)* | 2013-12-31 | 2015-07-01 | 北龙中网(北京)科技有限责任公司 | Reliable verifying method and device for mobile application |
| CN105447377B (en)* | 2014-08-22 | 2018-07-27 | 中国移动通信集团公司 | A kind of method and device of dynamic adjustment terminal enterprise domain application program |
| CN104462295A (en)* | 2014-11-28 | 2015-03-25 | 步步高教育电子有限公司 | Method and device for adding labels to education applications |
| CN104955043B (en)* | 2015-06-01 | 2018-02-16 | 成都中科创达软件有限公司 | A kind of intelligent terminal security protection system |
| CN105049447A (en)* | 2015-08-21 | 2015-11-11 | 北京洋浦伟业科技发展有限公司 | Security policy configuration system based on big data analysis |
| CN106815518B (en)* | 2015-11-30 | 2020-08-25 | 华为技术有限公司 | Application installation method and electronic equipment |
| CN105912926A (en)* | 2016-04-28 | 2016-08-31 | 北京小米移动软件有限公司 | Legal installation package acquisition method, device and system |
| CN106775886A (en)* | 2016-12-26 | 2017-05-31 | 努比亚技术有限公司 | A kind of application management method and electronic equipment |
| CN108280346B (en)* | 2017-01-05 | 2022-05-31 | 腾讯科技(深圳)有限公司 | Application protection monitoring method, device and system |
| CN107147646B (en)* | 2017-05-11 | 2019-09-13 | 郑州信大捷安信息技术股份有限公司 | A kind of automobile function interface security authorization access system and security certificate access method |
| CN107566177A (en)* | 2017-09-06 | 2018-01-09 | 合肥庆响网络科技有限公司 | Network acceleration system |
| CN111046376B (en)* | 2018-10-11 | 2022-05-17 | 中国人民解放军战略支援部队航天工程大学 | Distribution auditing method and device based on installation package |
| CN109918055B (en)* | 2019-01-28 | 2023-10-31 | 平安科技(深圳)有限公司 | Application program generation method and device |
| CN110071924B (en)* | 2019-04-24 | 2020-07-31 | 武汉武房网信息服务有限公司 | Terminal-based big data analysis method and system |
| CN110084064B (en)* | 2019-04-24 | 2020-05-19 | 德萱(天津)科技发展有限公司 | Big data analysis processing method and system based on terminal |
| CN110046494B (en)* | 2019-04-24 | 2019-11-19 | 天聚地合(苏州)数据股份有限公司 | Big data processing method and system based on terminal |
| CN110727945B (en)* | 2019-09-20 | 2021-10-22 | 上海连尚网络科技有限公司 | Virus scanning method, device and computer readable medium |
| CN111597947A (en)* | 2020-05-11 | 2020-08-28 | 浙江大学 | Application program inference method for correcting noise based on power supply power factor |
| CN113920615B (en)* | 2020-06-24 | 2023-02-03 | 广州汽车集团股份有限公司 | Method for connecting bluetooth key to vehicle, vehicle bluetooth system, bluetooth key |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1618198A (en)* | 2003-05-17 | 2005-05-18 | 微软公司 | Mechanism for evaluating safety and risk |
| CN102160048A (en)* | 2008-09-22 | 2011-08-17 | 微软公司 | Collect and analyze malware data |
| US8056136B1 (en)* | 2010-11-01 | 2011-11-08 | Kaspersky Lab Zao | System and method for detection of malware and management of malware-related information |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9137664B2 (en)* | 2007-05-01 | 2015-09-15 | Qualcomm Incorporated | Application logging interface for a mobile device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1618198A (en)* | 2003-05-17 | 2005-05-18 | 微软公司 | Mechanism for evaluating safety and risk |
| CN102160048A (en)* | 2008-09-22 | 2011-08-17 | 微软公司 | Collect and analyze malware data |
| US8056136B1 (en)* | 2010-11-01 | 2011-11-08 | Kaspersky Lab Zao | System and method for detection of malware and management of malware-related information |
| CN102332072A (en)* | 2010-11-01 | 2012-01-25 | 卡巴斯基实验室封闭式股份公司 | Systems and methods for detecting malware and managing malware-related information |
| Publication number | Publication date |
|---|---|
| CN103368987A (en) | 2013-10-23 |
| Publication | Publication Date | Title |
|---|---|---|
| CN103368987B (en) | Cloud server, application program verification, certification and management system and application program verification, certification and management method | |
| US11336458B2 (en) | Evaluating authenticity of applications based on assessing user device context for increased security | |
| US12316656B2 (en) | Detecting repackaged applications based on file format fingerprints | |
| CN103368904B (en) | The detection of mobile terminal, questionable conduct and decision-making system and method | |
| US12139169B2 (en) | System and method for detecting exploitation of a component connected to an in-vehicle network | |
| KR101558715B1 (en) | System and Method for Server-Coupled Malware Prevention | |
| Song et al. | An integrated static detection and analysis framework for android | |
| US9411962B2 (en) | System and methods for secure utilization of attestation in policy-based decision making for mobile device management and security | |
| CN103544430B (en) | Operation environment safety method and electronic operation system | |
| US20170339178A1 (en) | Response generation after distributed monitoring and evaluation of multiple devices | |
| US20140150096A1 (en) | Method for assuring integrity of mobile applications and apparatus using the method | |
| US20120297456A1 (en) | Granular assessment of device state | |
| WO2015085244A1 (en) | Distributed monitoring, evaluation, and response for multiple devices | |
| CN106355081A (en) | Android program start verification method and device | |
| EP2807598A1 (en) | Identifying trojanized applications for mobile environments | |
| CN105631361A (en) | Application program channel source identification method and device | |
| CN103366116B (en) | The anticipation system of the application program potential threat of mobile terminal, method and device | |
| Wang et al. | Credit karma: Understanding security implications of exposed cloud services through automated capability inference | |
| CN103369520B (en) | The intention anticipation system and method for the application program questionable conduct of mobile terminal | |
| EP2873023B1 (en) | Technique for determining a malign or non-malign behavior of an executable file | |
| CN116170156B (en) | A trust computing system and computing method capable of defining behavior | |
| CN111008395B (en) | Method and device for protecting U disk | |
| CN111953637A (en) | Application service method and device | |
| Vikström | Implementing in-toto SBOM Attestations in an Enterprise Context | |
| Amin et al. | Secure Onboarding of Devices and Applications to a Smart Decentralized Ecosystem |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20170208 | |
| CF01 | Termination of patent right due to non-payment of annual fee |