CN103685138A - Method and system for authenticating application software of Android platform on mobile internet - Google Patents
Method and system for authenticating application software of Android platform on mobile internetDownload PDFInfo
- Publication number
- CN103685138A CN103685138ACN201210315275.5ACN201210315275ACN103685138ACN 103685138 ACN103685138 ACN 103685138ACN 201210315275 ACN201210315275 ACN 201210315275ACN 103685138 ACN103685138 ACN 103685138A
- Authority
- CN
- China
- Prior art keywords
- application software
- signature
- identifier
- application
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034methodMethods0.000titleclaimsabstractdescription58
- 230000008569processEffects0.000claimsabstractdescription35
- 238000012545processingMethods0.000claimsabstractdescription19
- 238000009434installationMethods0.000claimsabstractdescription16
- 238000012795verificationMethods0.000claimsdescription23
- 238000013475authorizationMethods0.000description2
- 238000010586diagramMethods0.000description2
- 238000012986modificationMethods0.000description2
- 230000004048modificationEffects0.000description2
- 230000007547defectEffects0.000description1
- 238000011161developmentMethods0.000description1
- 230000006872improvementEffects0.000description1
- 230000007246mechanismEffects0.000description1
- 238000012797qualificationMethods0.000description1
Images
Landscapes
- Stored Programmes (AREA)
- Telephone Function (AREA)
Abstract
Description
Technical Field
The invention relates to the field of information security of mobile internet, in particular to an authentication method and system for Android platform application software on the mobile internet.
Background
With the increasing popularization of mobile terminals based on the Android system, the number of application software based on the Android system is rapidly increased, and business functions of various aspects such as games, entertainment, social contact, business, travel and the like can be provided for users. However, it can be seen that the Android system is open, only self-signature is required for authentication of application software, and authentication of authenticity and legality of a source of the application software is not provided, so that a multiplier is provided for distribution of various malicious software, and benefits of users are lost. Therefore, in order to ensure the security of the terminal application and the service, it is necessary to authenticate the authenticity and the validity of the application software, and ensure that only authorized legal software can perform service access.
Currently, the authentication of application software by using an application ID is generally as follows: the service platform allocates a unique string ID representing the identity of the application software to the application software, and the application software developer writes the application ID into the application software package. When a user uses the application software to access the service platform, the application software carries the application ID to initiate a service request to the service platform, the service platform verifies whether the application ID is valid, if so, the application software is considered to be real, and the subsequent service requests are all associated with the application ID. However, the method for performing application software authentication by assigning an application ID has a great potential safety hazard: in one case, the developer reveals the application ID to other developers, and the other developers can use the application ID to develop another fake application, and the service platform has no way to recognize that the application ID has been transferred for use; in another case, because the application ID is built into the application package, there is a possibility that an attacker may hack the package without being aware to the application developer holding the application ID.
Disclosure of Invention
The technical problem to be solved by the invention is to provide an authentication method of application software, aiming at the defect that the authentication method of application software in the prior art has larger potential safety hazard, so that the source authenticity, integrity and anti-counterfeiting property of the application software can be ensured.
The technical scheme adopted by the invention for solving the technical problems is as follows: the authentication method for constructing the Android platform application software on the mobile Internet comprises the following steps:
A. a signature step; and
B. a step of checking labels; wherein,
the step A comprises the following steps:
A1. the method comprises the steps that a signature request of application software is received by an authentication server, and the signature request comprises an application identifier distributed to the application software by the authentication server before the application software is developed;
A2. the authentication server generates a key pair, wherein the key pair comprises a public key and a private key, and sends the public key and the application identifier to a certificate authority to apply for making a signature certificate;
A3. the authentication server receives a signature certificate made by a certificate authority center, wherein the signature certificate comprises the public key and the application identifier, and uses the private key to digitally sign the application software so as to generate an encrypted digest file;
the step B comprises the following steps:
B1. the terminal downloads signed application software, wherein the signed application software comprises the application software, an encrypted abstract file and a signature certificate;
B2. when a terminal receives a service request, the service request comprises an application identifier and a process identifier of the application software, the terminal inquires installation information of the application software according to the process identifier and acquires a user identifier of the application software from the installation information;
B3. the terminal judges whether the corresponding relation of the application identifier, the process identifier and the user identifier of the application software is stored, if so, the step B5 is executed; if not, go to step B4;
B4. the terminal verifies the signature certificate by using a public key of a certificate authority center, acquires the public key from the signature certificate, verifies the signed application software by using the public key to generate a decrypted abstract file, if the verification passes, establishes and stores a corresponding relation among an application identifier, a process identifier and a user identifier of the application software, and executes the step B5; if the verification fails, returning identification error information of the application software;
B5. and the terminal processes the service request and returns a service processing result.
In the authentication method of the Android platform application software on the mobile internet,
in step a3, the application software is digitally signed using the RSA algorithm;
in step B4, the signed application software is signed using the RSA algorithm.
The invention also constructs an authentication system of the Android platform application software on the mobile internet, which is characterized by comprising a terminal and an authentication server, wherein the authentication server comprises:
the signature request receiving unit is used for receiving a signature request of the application software, and the signature request comprises an application identifier distributed to the application software by the authentication server before the application software is developed;
the signature certificate application unit is used for generating a key pair, wherein the key pair comprises a public key and a private key, and sending the public key and the application identifier to a certificate authority so as to apply for making a signature certificate;
the signature unit is used for receiving a signature certificate made by a certificate authority center, wherein the signature certificate comprises the public key and the application identifier, and digitally signing the application software by using the private key to generate an encrypted digest file;
the terminal includes:
the downloading unit is used for downloading signed application software, and the signed application software comprises the application software, an encrypted digest file and a signature certificate;
a service request receiving unit, configured to receive a service request, where the service request includes an application identifier and a process identifier of the application software, and the terminal queries installation information of the application software according to the process identifier and obtains a user identifier of the application software from the installation information;
the judging unit is used for judging whether the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is stored or not;
the signature verification unit is used for verifying the signature certificate by using a public key of a certificate authority center when the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is not stored, acquiring the public key from the signature certificate, verifying the signature of the signed application software by using the public key to generate a decrypted digest file, and if the signature passes, establishing and storing the corresponding relation among the application identifier, the process identifier and the user identifier of the application software; if the verification fails, returning identification error information of the application software;
and the processing unit is used for processing the service request and returning a service processing result when the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is stored.
In the authentication system of application software according to the present invention,
the signature unit uses an RSA algorithm to digitally sign the application software;
the signature verification unit verifies the application software by using an RSA algorithm.
By implementing the technical scheme of the invention, the real identity of the application software is identified by issuing the signature certificate to the application software and signing the application software before the application software is issued and by checking the signature when the application software accesses the service platform, so that the source authenticity, integrity and anti-counterfeiting property of the application software are ensured. In addition, the scheme is based on a PKI key and a cryptographic algorithm of signature verification and signature verification, and is combined with a safety mechanism of an operating system for distribution management of the process identification and the user identification, so that the scheme not only has high safety, but also has high processing performance because the subsequent authentication only queries whether the relationship among the application identification, the process identification and the user identification exists or not except the time consumed for verifying the application software by the first authentication. Furthermore, the scheme can provide safety guarantee for business operation based on the mobile internet, thereby providing powerful support for various mobile electronic commerce and various value-added services.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flowchart of a first embodiment of an authentication method for Android platform application software on the mobile internet according to the present invention;
FIG. 2 is a flowchart of a first signature step in the authentication method of Android platform application software on the mobile internet according to the present invention;
FIG. 3 is a flowchart of a first embodiment of a signature verification step during first authentication in the authentication method for Android platform application software on the mobile internet according to the present invention;
FIG. 4 is a flowchart of a first embodiment of a signature verification step in the subsequent authentication in the authentication method for Android platform application software on the mobile internet according to the present invention;
fig. 5 is a logic diagram of a first embodiment of the authentication system for Android platform application software on the mobile internet according to the present invention.
Detailed Description
As shown in fig. 1, a flowchart of a first embodiment of an authentication method for Android platform application software on the mobile internet according to the present invention includes
A. A signature step; and
B. a step of checking labels; wherein,
the signature step comprises the following steps:
A1. the authentication server receives a signature request of the application software, wherein the signature request comprises an APPID (application identification), and it should be noted that the APPID is a unique identification allocated to the application software by the authentication server before the application software is developed, and the APPID is embedded into a package of the application software during program development;
A2. the authentication server generates a key pair, the key pair comprises a public key and a private key, and sends the public key and the APPID to a CA (Certificate Authority) center to apply for making a signature Certificate. With respect to the CA center, it should be noted that the CA center is a third-party authority that can issue a signed certificate to a user to confirm the identity of the user. To prevent counterfeiting of the digital certificate, the public key of the CA center must be authentic, and the CA center must either publish its public key or provide an electronic certificate from a higher level certificate authority to prove the validity of its public key. When the CA center issues the signature certificate, the APPID and the public key are packaged into the signature certificate, and the tail part of the signature certificate must be provided with the digital signature of the CA center. Since the digital signature of the CA center is not forgeable, the signature certificate of the application software is not forgeable. After the CA center passes the identity qualification examination of the application software, issuing a signature certificate to an applicant, and corresponding the identity of the application software with the signature certificate;
A3. the authentication server receives a signature certificate which is made by a certificate authority center and comprises a public key and an APPID, and digitally signs the application software by using a private key to generate an encrypted digest file. With respect to digital signatures, it should be noted that a 128-bit hash value (i.e., digest) is first generated from the application software. This digest is then encrypted with the private key of the key pair to form a digital signature. Then, the digital signature is used as an attachment of the application software and is sent to the developer of the application software together with the application software;
the label checking step comprises:
B1. the terminal downloads signed application software, wherein the signed application software comprises the application software, an encrypted abstract file and a signature certificate;
B2. when the terminal receives a service request, the service request includes an APPID (Process Identifier) and a PID (Process Identifier) of the application software, the terminal inquires the installation information of the application software according to the PID, and acquires a UID (user Identifier) of the application software from the installation information;
B3. the terminal judges whether the corresponding relation among the APPID, the PID and the UID of the application software is stored, if so, the step B5 is executed; if not, go to step B4;
B4. the terminal verifies the signature certificate by using the public key of the CA center, acquires the public key from the signature certificate, verifies the signature of the signed application software by using the public key to generate a decrypted abstract file, establishes and stores the corresponding relation among the APPID, the PID and the UID of the application software if the signature passes, and executes the step B5; and if the verification fails, returning the identification error information of the application software. Whether the signature passes or not is to be described in that the terminal first calculates a 128-bit hash value (i.e., digest) from the received application software, and then decrypts the encrypted digest file using the public key. If the two hash values are the same, then the digital signature can be confirmed to be that of the authentication server; conversely, if the two hash values are not the same, then it can be confirmed that the digital signature is not for the authentication server;
B5. and the terminal processes the service request and returns a service processing result.
In a preferred embodiment of the method for authenticating application software according to the present invention, in step a3, the application software may be digitally signed using RSA algorithm; in step B4, the signed application software is signed using the RSA algorithm.
FIG. 2 is a flowchart of a first signing step in the authentication method of Android platform application software on the mobile internet according to the present invention, in the application software development link, an application software developer uploads application software to an authentication server and requests to sign the application software, and an APPID pre-assigned by the authentication server is implanted in a package of the application software; the certification server generates a PKI key pair and submits information such as an APPID, an application software package name and a public key to the CA center so as to apply for a signature certificate to the CA center. After the certification server successfully applies the signature certificate to the CA center, the application software is digitally signed by using a private key, the original Debug certificate for development is replaced according to the Android package signature certificate format, the application program signature is completed, an application software developer is informed that the signature is completed, the developer downloads the signed application software from the platform, and the signed application software can be issued to a user terminal for use.
Fig. 3 is a flowchart of a first embodiment of a signature verification step in the authentication method of the Android platform application software on the mobile internet according to the present invention, and it is first described that the authentication agent is software installed and running on the user mobile terminal to identify and access control the application software on the terminal device. In the first authentication step, the terminal should first download the signed application software into the terminal. Then, the application software in the terminal initiates a service request to an authentication Agent (Agent), and carries the PID and APPID of the application software itself. And then, the authentication agent inquires the process information and the installation information of the operating system according to the PID to obtain the program package information of the application software corresponding to the PID, wherein the information comprises a program package file path and UID information of the application software. And then, the authentication agent verifies the signature certificate by using a built-in public key of a platform CA center, ensures the authenticity of the certificate and the correctness of the APPID contained in the certificate, signs and verifies the application software, if the signature passes, the application program package is not tampered and is true, otherwise, the identity identification error is directly returned. In addition, if the verification is passed, the authentication agent also establishes and stores the triple information of PID, UID and APPID. And finally, when the verification passes, the authentication agent processes the service request according to the authorization of the application software and returns a service processing result.
Fig. 4 is a flowchart of a first embodiment of a signature verification step in the subsequent authentication in the authentication method for Android platform application software on the mobile internet, in the subsequent authentication link, the application software initiates a service request to an authentication agent, carrying PID and APPID of the application itself. Then, the authentication agent inquires the process information and the application installation information of the operating system according to the PID, obtains the APPID and the UID of the application software corresponding to the PID, judges whether the triple information of the PID, the UID and the APPID exists, if the triple does not exist, the application software is not authenticated, and then the authentication agent transfers to the signature verification processing flow in the first authentication link, and re-authenticates the application software; if the triple exists, the triple indicates that the application software passes the application authentication and is real, the service processing is continued, and the authentication agent processes the service request according to the authorization of the application software and returns a service processing result.
Fig. 5 is a logic diagram of a first embodiment of an authentication system for Android platform application software on the mobile internet according to the present invention, where the authentication system for application software includes an authentication server 10 and a terminal 20. Further, the authentication server 10 includes a signature request receiving unit 11, a signature certificate applying unit 12, and a signature unit 13; the terminal 20 includes a downloading unit 21, a service request receiving unit 22, a judging unit 23, an authenticating unit 24, and a processing unit 25. In a software development link, the signature request receiving unit 11 is configured to receive a signature request of application software, where the signature request includes an APPID allocated to the application software by the authentication server 10 before the application software is developed; the signature certificate application unit 12 is configured to generate a key pair, where the key pair includes a public key and a private key, and send the public key and the APPID to a CA center to apply for making a signature certificate; the signature unit 13 is configured to receive a signature certificate made by a CA center, where the signature certificate includes a public key and an APPID, and digitally sign the application software using a private key to generate an encrypted digest file. In the authentication step, the downloading unit 21 is configured to download signed application software, where the signed application software includes application software, an encrypted digest file, and a signature certificate; the service request receiving unit 22 is configured to receive a service request, where the service request includes an APPID and a PID of the application software, and the terminal queries installation information of the application software according to the PID and obtains a UID of the application software from the installation information; the judging unit 23 is configured to judge whether a corresponding relationship between an APPID, a PID, and a UID of the application software is stored; the signature verification unit 24 is configured to verify the signature certificate by using a public key of the CA center when the corresponding relationship between the APPID, the PID, and the UID of the application software is not stored, acquire a public key from the signature certificate, verify the signature of the signed application software by using the public key to generate a decrypted digest file, and establish and store the corresponding relationship between the APPID, the PID, and the UID of the application software if the signature passes; if the verification fails, returning identification error information of the application software; the processing unit 25 is configured to process the service request and return a service processing result when the corresponding relationship among the APPID, the PID, and the UID of the application software is stored.
In a preferred embodiment of the authentication system of application software of the present invention, the signature unit 13 may digitally sign the application software using RSA algorithm; the signature verification unit 24 may verify the application software using the RSA algorithm.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.
Claims (4)
1. An authentication method for Android platform application software on a mobile internet is characterized by comprising the following steps:
A. a signature step; and
B. a step of checking labels; wherein,
the step A comprises the following steps:
A1. the method comprises the steps that a signature request of application software is received by an authentication server, and the signature request comprises an application identifier distributed to the application software by the authentication server before the application software is developed;
A2. the authentication server generates a key pair, wherein the key pair comprises a public key and a private key, and sends the public key and the application identifier to a certificate authority to apply for making a signature certificate;
A3. the authentication server receives a signature certificate made by a certificate authority center, wherein the signature certificate comprises the public key and the application identifier, and uses the private key to digitally sign the application software so as to generate an encrypted digest file;
the step B comprises the following steps:
B1. the terminal downloads signed application software, wherein the signed application software comprises the application software, an encrypted abstract file and a signature certificate;
B2. when a terminal receives a service request, the service request comprises an application identifier and a process identifier of the application software, the terminal inquires installation information of the application software according to the process identifier and acquires a user identifier of the application software from the installation information;
B3. the terminal judges whether the corresponding relation of the application identifier, the process identifier and the user identifier of the application software is stored, if so, the step B5 is executed; if not, go to step B4;
B4. the terminal verifies the signature certificate by using a public key of a certificate authority center, acquires the public key from the signature certificate, verifies the signed application software by using the public key to generate a decrypted abstract file, if the verification passes, establishes and stores a corresponding relation among an application identifier, a process identifier and a user identifier of the application software, and executes the step B5; if the verification fails, returning identification error information of the application software;
B5. and the terminal processes the service request and returns a service processing result.
2. The authentication method of the Android platform application software on the mobile internet according to claim 1,
in step a3, the application software is digitally signed using the RSA algorithm;
in step B4, the signed application software is signed using the RSA algorithm.
3. The authentication system for the Android platform application software on the mobile Internet is characterized by comprising a terminal and an authentication server, wherein the authentication server comprises:
the signature request receiving unit is used for receiving a signature request of the application software, and the signature request comprises an application identifier distributed to the application software by the authentication server before the application software is developed;
the signature certificate application unit is used for generating a key pair, wherein the key pair comprises a public key and a private key, and sending the public key and the application identifier to a certificate authority so as to apply for making a signature certificate;
the signature unit is used for receiving a signature certificate made by a certificate authority center, wherein the signature certificate comprises the public key and the application identifier, and digitally signing the application software by using the private key to generate an encrypted digest file;
the terminal includes:
the downloading unit is used for downloading signed application software, and the signed application software comprises the application software, an encrypted digest file and a signature certificate;
a service request receiving unit, configured to receive a service request, where the service request includes an application identifier and a process identifier of the application software, and the terminal queries installation information of the application software according to the process identifier and obtains a user identifier of the application software from the installation information;
the judging unit is used for judging whether the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is stored or not;
the signature verification unit is used for verifying the signature certificate by using a public key of a certificate authority center when the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is not stored, acquiring the public key from the signature certificate, verifying the signature of the signed application software by using the public key to generate a decrypted digest file, and if the signature passes, establishing and storing the corresponding relation among the application identifier, the process identifier and the user identifier of the application software; if the verification fails, returning identification error information of the application software;
and the processing unit is used for processing the service request and returning a service processing result when the corresponding relation among the application identifier, the process identifier and the user identifier of the application software is stored.
4. The system for authenticating Android platform application software on mobile internet according to claim 3,
the signature unit uses an RSA algorithm to digitally sign the application software;
the signature verification unit verifies the application software by using an RSA algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210315275.5ACN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210315275.5ACN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685138Atrue CN103685138A (en) | 2014-03-26 |
| CN103685138B CN103685138B (en) | 2016-12-21 |
Family
ID=50321479
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210315275.5AActiveCN103685138B (en) | 2012-08-30 | 2012-08-30 | The authentication method of the Android platform application software that mobile interchange is online and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685138B (en) |
Cited By (49)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103944903A (en)* | 2014-04-23 | 2014-07-23 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN104063656A (en)* | 2014-07-07 | 2014-09-24 | 浪潮软件集团有限公司 | Method for realizing application program management and control under Android platform |
| CN104811312A (en)* | 2015-05-25 | 2015-07-29 | 王旭东 | Terminal course identity authentication method based on center authorization |
| CN105095696A (en)* | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| CN105357012A (en)* | 2015-10-26 | 2016-02-24 | 上海易码信息科技有限公司 | Authentication method for mobile application not depending on local private key |
| CN105631249A (en)* | 2014-10-30 | 2016-06-01 | 江苏威盾网络科技有限公司 | Distributed software controllable authorization system and method |
| CN105701375A (en)* | 2016-01-04 | 2016-06-22 | 上海斐讯数据通信技术有限公司 | Password input processing method and system and electronic device |
| CN105786551A (en)* | 2014-12-26 | 2016-07-20 | 北京元心科技有限公司 | Application program operation access control method and system |
| CN106155663A (en)* | 2015-04-15 | 2016-11-23 | 中兴通讯股份有限公司 | The method and apparatus of application program loading code signature |
| CN106446612A (en)* | 2016-09-12 | 2017-02-22 | 珠海市魅族科技有限公司 | Subject trial method and device |
| CN106921496A (en)* | 2015-12-25 | 2017-07-04 | 卓望数码技术(深圳)有限公司 | A kind of digital signature method and system |
| CN107135074A (en)* | 2016-02-29 | 2017-09-05 | 中兴通讯股份有限公司 | A kind of advanced security method and apparatus |
| CN107231367A (en)* | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
| CN107241298A (en)* | 2016-03-29 | 2017-10-10 | 阿里巴巴集团控股有限公司 | One kind application management-control method, terminal and system |
| WO2017185889A1 (en)* | 2016-04-29 | 2017-11-02 | 腾讯科技(深圳)有限公司 | Application installation package detection method and detection device, and computer readable storage medium |
| CN107392589A (en)* | 2017-07-01 | 2017-11-24 | 武汉天喻信息产业股份有限公司 | Android system intelligence POS system, safe verification method, storage medium |
| CN107426149A (en)* | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN107506207A (en)* | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN107592202A (en)* | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
| CN107612697A (en)* | 2017-10-20 | 2018-01-19 | 阿里巴巴集团控股有限公司 | Applying digital certificate method and apparatus |
| CN107608678A (en)* | 2017-08-22 | 2018-01-19 | 深圳传音控股有限公司 | The determination methods and mobile terminal of relevance between process |
| CN107733636A (en)* | 2016-08-11 | 2018-02-23 | 中国电信股份有限公司 | Authentication method and Verification System |
| CN107743115A (en)* | 2016-12-22 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of identity identifying method of terminal applies, device and system |
| CN108121640A (en)* | 2017-12-29 | 2018-06-05 | 北京奇虎科技有限公司 | A kind of method and system for the operation data of acquisition application automatically |
| CN108141367A (en)* | 2015-09-30 | 2018-06-08 | 微软技术许可有限责任公司 | Code signing service |
| CN108282332A (en)* | 2018-01-23 | 2018-07-13 | 北京深思数盾科技股份有限公司 | A kind of data signature method and device |
| CN108322466A (en)* | 2018-02-02 | 2018-07-24 | 深圳市欧乐在线技术发展有限公司 | Verification method, server and the readable storage medium storing program for executing of APK based on Android |
| CN104298522B (en)* | 2014-09-22 | 2018-08-31 | 联想(北京)有限公司 | A kind of information processing method and the first electronic equipment |
| CN108595956A (en)* | 2018-04-26 | 2018-09-28 | 腾讯科技(深圳)有限公司 | The stolen recognition methods of digital signature and device, electronic equipment, storage medium |
| CN109450643A (en)* | 2018-11-05 | 2019-03-08 | 四川长虹电器股份有限公司 | The signature sign test method realized in Android platform based on native service |
| CN109522202A (en)* | 2017-09-18 | 2019-03-26 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of software test |
| CN110209416A (en)* | 2019-05-31 | 2019-09-06 | 彩讯科技股份有限公司 | Application software update method, device, terminal and storage medium |
| WO2019178828A1 (en)* | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
| CN110460588A (en)* | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
| CN110532796A (en)* | 2019-07-23 | 2019-12-03 | 深圳壹账通智能科技有限公司 | File encryption management method, system and computer readable storage medium |
| CN110599128A (en)* | 2019-09-12 | 2019-12-20 | 凡普数字技术有限公司 | Method, device and storage medium for checking attendance of staff |
| CN110674491A (en)* | 2019-09-29 | 2020-01-10 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN112131597A (en)* | 2019-10-22 | 2020-12-25 | 刘高峰 | Method and device for generating encrypted information and intelligent equipment |
| CN112805702A (en)* | 2019-03-07 | 2021-05-14 | 华为技术有限公司 | Counterfeit APP identification method and device |
| CN112956156A (en)* | 2021-03-08 | 2021-06-11 | 华为技术有限公司 | Certificate application method and device |
| CN114329358A (en)* | 2021-12-28 | 2022-04-12 | 深圳市兆珑科技有限公司 | Application signature method and system, transaction terminal and service platform |
| CN114547593A (en)* | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
| CN115022091A (en)* | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
| CN115665740A (en)* | 2022-10-20 | 2023-01-31 | 天翼数字生活科技有限公司 | Information Security System |
| WO2023103316A1 (en)* | 2021-12-07 | 2023-06-15 | 西安广和通无线通信有限公司 | Application management method and related product |
| US11909807B2 (en) | 2022-05-18 | 2024-02-20 | Demostack, Inc. | Local recording for demonstration of web-based software applications |
| US12019699B2 (en) | 2021-10-07 | 2024-06-25 | Demostack, Inc. | Visual recorder for demonstrations of web-based software applications |
| WO2024182012A1 (en)* | 2023-03-01 | 2024-09-06 | Demostack Inc. | Mobile application cloning |
| US12332963B2 (en) | 2021-10-07 | 2025-06-17 | Demostack, Inc. | Dynamic recorder for demonstrations of web-based software applications |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102215488A (en)* | 2011-05-27 | 2011-10-12 | 中国联合网络通信集团有限公司 | Smart phone digital certificate application method and system |
| JP2012063960A (en)* | 2010-09-15 | 2012-03-29 | Ricoh Co Ltd | Application development equipment and information processing equipment |
| CN102469092A (en)* | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Method and system for realizing security protection mechanism of mobile phone application |
- 2012
- 2012-08-30CNCN201210315275.5Apatent/CN103685138B/enactiveActive
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012063960A (en)* | 2010-09-15 | 2012-03-29 | Ricoh Co Ltd | Application development equipment and information processing equipment |
| CN102469092A (en)* | 2010-11-18 | 2012-05-23 | 卓望数码技术(深圳)有限公司 | Method and system for realizing security protection mechanism of mobile phone application |
| CN102215488A (en)* | 2011-05-27 | 2011-10-12 | 中国联合网络通信集团有限公司 | Smart phone digital certificate application method and system |
Cited By (69)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015161682A1 (en)* | 2014-04-23 | 2015-10-29 | 福建联迪商用设备有限公司 | Multi-party authorized apk signing method and system |
| CN103944903A (en)* | 2014-04-23 | 2014-07-23 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN103944903B (en)* | 2014-04-23 | 2017-02-15 | 福建联迪商用设备有限公司 | Multi-party authorized APK signature method and system |
| CN104063656A (en)* | 2014-07-07 | 2014-09-24 | 浪潮软件集团有限公司 | Method for realizing application program management and control under Android platform |
| CN104298522B (en)* | 2014-09-22 | 2018-08-31 | 联想(北京)有限公司 | A kind of information processing method and the first electronic equipment |
| CN105631249A (en)* | 2014-10-30 | 2016-06-01 | 江苏威盾网络科技有限公司 | Distributed software controllable authorization system and method |
| CN105786551A (en)* | 2014-12-26 | 2016-07-20 | 北京元心科技有限公司 | Application program operation access control method and system |
| CN106155663A (en)* | 2015-04-15 | 2016-11-23 | 中兴通讯股份有限公司 | The method and apparatus of application program loading code signature |
| CN104811312A (en)* | 2015-05-25 | 2015-07-29 | 王旭东 | Terminal course identity authentication method based on center authorization |
| CN105095696A (en)* | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| CN105095696B (en)* | 2015-06-25 | 2018-10-16 | 三星电子(中国)研发中心 | Method, system and the equipment of safety certification are carried out to application program |
| CN108141367A (en)* | 2015-09-30 | 2018-06-08 | 微软技术许可有限责任公司 | Code signing service |
| CN105357012A (en)* | 2015-10-26 | 2016-02-24 | 上海易码信息科技有限公司 | Authentication method for mobile application not depending on local private key |
| CN106921496A (en)* | 2015-12-25 | 2017-07-04 | 卓望数码技术(深圳)有限公司 | A kind of digital signature method and system |
| CN105701375A (en)* | 2016-01-04 | 2016-06-22 | 上海斐讯数据通信技术有限公司 | Password input processing method and system and electronic device |
| CN107135074A (en)* | 2016-02-29 | 2017-09-05 | 中兴通讯股份有限公司 | A kind of advanced security method and apparatus |
| CN107241298A (en)* | 2016-03-29 | 2017-10-10 | 阿里巴巴集团控股有限公司 | One kind application management-control method, terminal and system |
| CN107241298B (en)* | 2016-03-29 | 2020-06-23 | 阿里巴巴集团控股有限公司 | Application control method, terminal and system |
| WO2017185889A1 (en)* | 2016-04-29 | 2017-11-02 | 腾讯科技(深圳)有限公司 | Application installation package detection method and detection device, and computer readable storage medium |
| US10868804B2 (en) | 2016-04-29 | 2020-12-15 | Tencent Technology (Shenzhen) Company Limited | Application package inspection method, inspection device and computer-readable storage medium |
| CN107733636A (en)* | 2016-08-11 | 2018-02-23 | 中国电信股份有限公司 | Authentication method and Verification System |
| CN107733636B (en)* | 2016-08-11 | 2021-03-02 | 中国电信股份有限公司 | Authentication method and authentication system |
| CN106446612A (en)* | 2016-09-12 | 2017-02-22 | 珠海市魅族科技有限公司 | Subject trial method and device |
| CN107743115A (en)* | 2016-12-22 | 2018-02-27 | 腾讯科技(深圳)有限公司 | A kind of identity identifying method of terminal applies, device and system |
| CN107743115B (en)* | 2016-12-22 | 2021-02-02 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system for terminal application |
| CN107426149A (en)* | 2017-03-30 | 2017-12-01 | 深圳市元征科技股份有限公司 | Software kit generation method and system |
| CN107231367A (en)* | 2017-06-21 | 2017-10-03 | 北京奇虎科技有限公司 | Method for automatically notifying, device and the server of signature information |
| CN107392589A (en)* | 2017-07-01 | 2017-11-24 | 武汉天喻信息产业股份有限公司 | Android system intelligence POS system, safe verification method, storage medium |
| CN107392589B (en)* | 2017-07-01 | 2023-08-01 | 武汉天喻信息产业股份有限公司 | Android system intelligent POS system, security verification method and storage medium |
| CN107506207B (en)* | 2017-07-07 | 2021-04-20 | 上海汇尔通信息技术有限公司 | Security verification method of POS machine and terminal |
| CN107506207A (en)* | 2017-07-07 | 2017-12-22 | 上海汇尔通信息技术有限公司 | The safe verification method and terminal of a kind of POS |
| CN107608678A (en)* | 2017-08-22 | 2018-01-19 | 深圳传音控股有限公司 | The determination methods and mobile terminal of relevance between process |
| CN109522202A (en)* | 2017-09-18 | 2019-03-26 | 北京京东尚科信息技术有限公司 | A kind of method and apparatus of software test |
| CN107592202B (en)* | 2017-09-20 | 2021-08-13 | 阿里巴巴(中国)有限公司 | Application signature method, device, system, computing equipment and storage medium |
| CN107592202A (en)* | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
| US11106775B2 (en) | 2017-10-20 | 2021-08-31 | Advanced New Technologies Co., Ltd. | Digital certificate application |
| CN107612697A (en)* | 2017-10-20 | 2018-01-19 | 阿里巴巴集团控股有限公司 | Applying digital certificate method and apparatus |
| US11106776B2 (en) | 2017-10-20 | 2021-08-31 | Advanced New Technologies Co., Ltd. | Digital certificate application |
| CN107612697B (en)* | 2017-10-20 | 2020-04-14 | 阿里巴巴集团控股有限公司 | Digital certificate application method and device |
| CN108121640A (en)* | 2017-12-29 | 2018-06-05 | 北京奇虎科技有限公司 | A kind of method and system for the operation data of acquisition application automatically |
| CN108282332A (en)* | 2018-01-23 | 2018-07-13 | 北京深思数盾科技股份有限公司 | A kind of data signature method and device |
| CN108322466A (en)* | 2018-02-02 | 2018-07-24 | 深圳市欧乐在线技术发展有限公司 | Verification method, server and the readable storage medium storing program for executing of APK based on Android |
| WO2019178828A1 (en)* | 2018-03-23 | 2019-09-26 | 深圳市大疆创新科技有限公司 | Control method, apparatus, and system |
| CN108595956B (en)* | 2018-04-26 | 2023-02-17 | 腾讯科技(深圳)有限公司 | Method and device for identifying embezzlement of digital signature, electronic equipment and storage medium |
| CN108595956A (en)* | 2018-04-26 | 2018-09-28 | 腾讯科技(深圳)有限公司 | The stolen recognition methods of digital signature and device, electronic equipment, storage medium |
| CN110460588B (en)* | 2018-05-31 | 2022-11-22 | 腾讯科技(深圳)有限公司 | Method, device, computer system and storage medium for realizing information verification |
| CN110460588A (en)* | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
| CN109450643A (en)* | 2018-11-05 | 2019-03-08 | 四川长虹电器股份有限公司 | The signature sign test method realized in Android platform based on native service |
| CN112805702B (en)* | 2019-03-07 | 2024-11-22 | 华为技术有限公司 | Counterfeit APP identification method and device |
| CN112805702A (en)* | 2019-03-07 | 2021-05-14 | 华为技术有限公司 | Counterfeit APP identification method and device |
| CN110209416A (en)* | 2019-05-31 | 2019-09-06 | 彩讯科技股份有限公司 | Application software update method, device, terminal and storage medium |
| CN110532796A (en)* | 2019-07-23 | 2019-12-03 | 深圳壹账通智能科技有限公司 | File encryption management method, system and computer readable storage medium |
| WO2021012563A1 (en)* | 2019-07-23 | 2021-01-28 | 深圳壹账通智能科技有限公司 | File encryption management method and system, and computer readable storage medium |
| CN110599128A (en)* | 2019-09-12 | 2019-12-20 | 凡普数字技术有限公司 | Method, device and storage medium for checking attendance of staff |
| CN110674491B (en)* | 2019-09-29 | 2022-02-01 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN110674491A (en)* | 2019-09-29 | 2020-01-10 | 上海淇玥信息技术有限公司 | Method and device for real-time evidence obtaining of android application and electronic equipment |
| CN112131597B (en)* | 2019-10-22 | 2025-06-03 | 刘高峰 | A method, device and intelligent device for generating encrypted information |
| CN112131597A (en)* | 2019-10-22 | 2020-12-25 | 刘高峰 | Method and device for generating encrypted information and intelligent equipment |
| CN114547593A (en)* | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
| CN112956156A (en)* | 2021-03-08 | 2021-06-11 | 华为技术有限公司 | Certificate application method and device |
| US12019699B2 (en) | 2021-10-07 | 2024-06-25 | Demostack, Inc. | Visual recorder for demonstrations of web-based software applications |
| US12332963B2 (en) | 2021-10-07 | 2025-06-17 | Demostack, Inc. | Dynamic recorder for demonstrations of web-based software applications |
| WO2023103316A1 (en)* | 2021-12-07 | 2023-06-15 | 西安广和通无线通信有限公司 | Application management method and related product |
| CN114329358A (en)* | 2021-12-28 | 2022-04-12 | 深圳市兆珑科技有限公司 | Application signature method and system, transaction terminal and service platform |
| US11909807B2 (en) | 2022-05-18 | 2024-02-20 | Demostack, Inc. | Local recording for demonstration of web-based software applications |
| CN115022091B (en)* | 2022-08-04 | 2022-12-16 | 亿次网联(杭州)科技有限公司 | A self-authorization method and system based on digital certificate |
| CN115022091A (en)* | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
| CN115665740A (en)* | 2022-10-20 | 2023-01-31 | 天翼数字生活科技有限公司 | Information Security System |
| WO2024182012A1 (en)* | 2023-03-01 | 2024-09-06 | Demostack Inc. | Mobile application cloning |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685138B (en) | 2016-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
| CN113312664B (en) | User data authorization method and user data authorization system | |
| CN102378170B (en) | Method, device and system of authentication and service calling | |
| CN105787357B (en) | One kind being based on Android system APK method for down loading and its system | |
| CN102035653B (en) | Controllable distributing method and system used in software examining and verifying stage | |
| CN103888252A (en) | UID, PID, and APPID-based control application access permission method | |
| CN102024127A (en) | Control platform, user terminal, distribution system and method of application software | |
| US12008145B2 (en) | Method and server for certifying an electronic document | |
| CN104753674B (en) | A kind of verification method and equipment of application identity | |
| CN110943844B (en) | Electronic document security signing method and system based on local service of webpage client | |
| CN103560887A (en) | Intelligent terminal remote attestation method and system | |
| CN113609213B (en) | Method, system, device and storage medium for synchronizing device keys | |
| CN111311258B (en) | Block chain-based trusted transaction method, device, system, equipment and medium | |
| CN107994993B (en) | Application detection method and device | |
| CN114374516B (en) | Certificate revocation list distribution method and device, storage medium, server and vehicle networking device | |
| EP2262165B1 (en) | User generated content registering method, apparatus and system | |
| US10616262B2 (en) | Automated and personalized protection system for mobile applications | |
| CN109670289B (en) | Method and system for identifying legality of background server | |
| JP2022543891A (en) | SOFTWARE PACKAGE TRANSMISSION METHOD, SOFTWARE PACKAGE TRANSMISSION VERIFICATION METHOD, NETWORK DEVICE AND STORAGE MEDIUM | |
| CN101789973A (en) | Method and system for constructing Mashup application | |
| WO2019178762A1 (en) | Method, server, and system for verifying validity of terminal | |
| CN109977662A (en) | Processing method, device, terminal and the storage medium of application program | |
| CN110581833B (en) | Service security protection method and device | |
| CN107241341B (en) | Access control method and device | |
| CN114726539A (en) | Trusted Cryptography Module (TCM) -based offline upgrading method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |