Nothing Special   »   [go: up one dir, main page]

CN106557669A - A kind of authority control method and device of application program installation process - Google Patents

A kind of authority control method and device of application program installation process Download PDF

Info

Publication number
CN106557669A
CN106557669A CN201510640948.8A CN201510640948A CN106557669A CN 106557669 A CN106557669 A CN 106557669A CN 201510640948 A CN201510640948 A CN 201510640948A CN 106557669 A CN106557669 A CN 106557669A
Authority
CN
China
Prior art keywords
application program
authority
permissions
application
installation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510640948.8A
Other languages
Chinese (zh)
Inventor
王务志
王军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510640948.8A priority Critical patent/CN106557669A/en
Publication of CN106557669A publication Critical patent/CN106557669A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1015Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

This application discloses the authority control method and device of a kind of program installation process.When having detected application program and installing, represent the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;After receiving the installation instruction of user's triggering, all permissions of letting pass are installed to the application program, and show installation progress in the controlling interface;When the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user.Application is by carrying out authority monitoring to application program to be installed, intercept before the mounting and the authority information for obtaining that application program is asked is installed, and the access rights to application program are controlled, the information data safety of user is on the one hand ensure that, on the other hand ensure that program runs well.

Description

A kind of authority control method and device of application program installation process
Technical field
The application belongs to mobile terminal safety field, specifically, is related to a kind of authority control method of application program installation process.
Background technology
Android is the operating system of a kind of freedom based on Linux and open source code, is mainly used for mobile device, such as smart mobile phone and panel computer, by Google companies and open mobile phone alliance leader and exploitation.Due to the opening of Android, it allows any mobile terminal manufacturer to be added to Android alliances.Significant opening can make which possess more developers, with becoming increasingly abundant for user and application, dragons and fishes jumbled together for substantial amounts of application program, has some application programs unavoidably and is embedded into some illegal acts, so as to the safety for causing user is subject to a certain degree of threat.
Application program generally requires to obtain some authorities of system on backstage when installing, and some authorities are related to the privacy of individual really, also serious critical information safety, the personal information of such as user.Generally system optimization, map, input method, browser, data syn-chronization management etc. is used using needs, it can be in the case of without permission, directly invoke data and your calendar activity of contact person in mobile phone, even the historical record of browser and collection bookmark will not also be let slip, moreover it is possible to send automatically Email.For some need the service of user charges, application program to call, send short message on backstage in the case where user has no to discover.
Some application programs need to obtain the position of user, obtain the position that mobile phone is located by GPS location chip or architecture.But also it is no lack of some spying programs, coordinates network service authority, in real time geographical position can be sent, realize mobile phone tracking.Above-mentioned network service authority allows to apply in running from network downloading data, stealthily consumed flow.
In reality, many application programs can touch many authorities simultaneously, and this is unsafe for cell phone system and user data, then for the authority of application program will be controlled.When control opportunity is selected, on the one hand to ensure safety, on the other hand will ensure that application program runs well.
The authority that some are related to is limited if before program is installed, may result in this program and cannot complete completely to install, such Consumer's Experience will be very poor;And if after the installation is complete, just access rights are limited, that a period of time program when installation backstage access right done it is very multidata steal, cause the dangerous of user data.
Therefore, in order to solve drawbacks described above, this application provides the authority control method and device of a kind of application program installation process.
The content of the invention
There is mirror in view of this, technical problems to be solved in this application there is provided a kind of authority control method and device of application program installation process.
A kind of authority control method of application program installation process of the application, comprises the steps:
When having detected application program and installing, represent the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;
After receiving the installation instruction of user's triggering, all permissions of letting pass are installed to the application program, and show installation progress in the controlling interface;
When the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user.
When having detected application program and installing, before representing controlling interface and replacing the installation interface of the application program, further include,
The application programming interface of the application program is monitored using interrupt mechanism, so as to interrupt the erection schedule of the application program.
The application programming interfaces are monitored using interrupt mechanism, further included:
Behavior to the application program is monitored, by invocation framenort layer in the application programming interface, obtain the APK file comprising authority information;The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained.
The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained, is further included:
Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
Target authority in all permissions is turned on or off by the selection of the control option receive user, is further included:
Operating result of the monitoring users to the control option of institute's authority information, configures to the authority of the application program according to the operating result.
It is turned on or off in all permissions after target authority by controlling the selection of option receive user, is further included:
When the target authority in the selection unlatching all permissions by controlling option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
A kind of permission control device of application program installation process of the application, including such as lower module:
Authority monitoring modular, for when having detected application program and installing, representing the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;
Management module is installed, and after the installation for receiving user's triggering is indicated, all permissions of letting pass are installed to the application program, and installation progress shown in the controlling interface;
Permission configuration module, for when the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user;
Display module, for being combined with other modules, is shown.
Further, the authority monitoring modular, further includes to monitor module, the monitoring module, for monitoring the application programming interface using interrupt mechanism, so as to interrupt the erection schedule of the application program.
Further, the monitoring module, is further additionally operable to monitor the behavior of the application program, by invocation framenort layer in the application programming interface, obtain the APK file comprising authority information;The information of all permissions is obtained by parsing APK file.
Further, the authority monitoring modular also includes authority parsing module, and the authority parsing module, for decompressing the APK file and carrying out decompiling, obtains AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
Further, the display module is additionally operable to, and all permissions information of the application requests to extracting is entered row-column list and is shown to user by the control option of the authority information.
Further, the permission configuration module, is additionally operable to, when the target authority in all permissions is opened by the selection of the control option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
Compared with prior art, the application is by carrying out authority monitoring to application program to be installed, intercept before the mounting and the authority information for obtaining that application program is asked is installed, and the access rights to application program are controlled, on the one hand the information data safety of user is ensure that, on the other hand ensures that program runs well.
Description of the drawings
Accompanying drawing described herein is used for providing further understanding of the present application, constitutes the part of the application, and the schematic description and description of the application is used to explain the application, does not constitute the improper restriction to the application.In the accompanying drawings:
Accompanying drawing described herein is used for providing further understanding of the present application, constitutes the part of the application, and the schematic description and description of the application is used to explain the application, does not constitute the improper restriction to the application.In the accompanying drawings:
Fig. 1 is the techniqueflow chart of the embodiment of the present application one;
Fig. 2 is a kind of user operation flow chart of the authority control method of application program installation process of the application;
Fig. 3 is the techniqueflow chart that the embodiment of the present application three extracts all permissions that application requests are accessed;
Fig. 4 is a kind of another techniqueflow chart of the authority control method of application program installation process of the application;
Fig. 5 is a kind of visualization interface redirect procedure figure of the authority control method of application program installation process of the application;
Fig. 6 is the apparatus structure schematic diagram of the embodiment of the present application five;
Fig. 7 is the apparatus structure and functional schematic of the embodiment of the present application six.
Specific embodiment
Describe presently filed embodiment below in conjunction with drawings and Examples in detail, thereby to the application how application technology means come solve technical problem and reach technology effect realize that process can fully understand and implement according to this.
In the embodiment of the present invention, the installation of the application program is mainly in each Terminal Type based on android system, including but not limited to Android phone, panel computer, notebook computer, car-mounted terminal etc..
Embodiment one
Fig. 1 is the techniqueflow chart of the embodiment of the present invention one, and with reference to Fig. 1, a kind of authority control method of application program installation process of the embodiment of the present invention mainly includes the steps in the realization of mobile terminal:
Step 101:The erection schedule of the application program when having detected application program and installing, is intercepted, all permissions that the application requests are obtained is monitored, and all permissions for being monitored is showed into user;
Authority is a kind of restriction applied to the access of code in Android device or data, brings different degrees of infringement to user to prevent critical data and code to be abused.One Android application program may need authority just call the function of android system;One Android application is likely to be called by other application, therefore it is also required to state the authority called required for itself.
When party in request of the application program as authority; if an application program needs API (application programming interface) and other services for using system to provide; and limit protection is authorized in these API and service, need needed for defined in AndroidManifest.xml files, to access the authority of API and service;From for another angle, when application program is authorized party, if the inner function of needing to access there is provided other application of application, for safety, the application program unauthorized access for not possessing access consideration is prevented, needs to specify the access rights accessed required for these functions in code.Either party in request or authorized party are required for being configured the authority of application program.
Android provides the built-in authority of kind about more than 130, is all the static member of android.Manifest.permission classes.Android authorities are sometimes referred to as Manifest authorities, they control various system operatios, such as call (CALL_PHONE), photograph (CAMERA), network (INTERNET), input through keyboard (READ_INPUT_STATE), write note (WRITE_SMS) etc..In addition to built-in authority, any one application program can be with self-defined appropriate authority, so that other application programs are accessed.Android authorities mainly have 4 kinds of ranks:Normal, Dangerous, Signature and SignatureOrSystem.
The dangerous seriousness that the authority of Normal ranks is produced is less, is adapted to pay attention to one warning of user;The authority of Dangerous ranks means that user can be potentially encountered some unexpected danger, and Android can prompt the user whether to need these authorities when mounted;The authority particularity of Signature circles is once an application program states that authority, for Signature ranks, is only limitted to other application programs for having same signature with the application program and can access it;The rank highest of SignatureOrSystem authorities, belongs to a kind of special Signature authorities, and third-party application program is to access the application program for holding this authority.The protection level of this authority needs the application program that system has same signature as application program or with system image just access.This authority contributes to integration system compiling, is generally used for third party application integration, is generally unsuitable for developer.
The realization of Android authority mechanisms runs through application layer, ccf layer, system layer.Application layer is by arranging in Android-Manifest.xml<uses-permission>Specified corresponding authority, re-maps user and the group authority of bottom;Ccf layer is by arranging in platform.xml<permission>Its corresponding authority, platform.xml files is specified to be located at frameworks/base/data/etc/;The authority definition of system layer is in system/core/include/private/android_filesystem_config.h files.
In the embodiment of the present application, application program as authority party in request when, ask some authorities to mounted Android platform.By taking android system mobile phone set up applications as an example, hypothesis installs a social software in Android phone, this social software can be matched or be bound with the address list of user, check in telex network record and bound the user of the social software, mutual communication or mutual plusing good friend therewith under network state;The social software can be linked with being invited to the good friend in address list by short message sending;The social software can be to be mutually positioned the geographical position of other side with good friend, can also be by camera and good friend's share photos etc..Such social software is not strange for Android user, function description more than, so a conventional social software be arranged in Android platform need to obtain network state information authority, WI-FI network status information authority, the authority for reading user contact, send the authority of note, the authority using photographing unit, using GPS location authority etc..
Generally, the species of the more than the example above of authority that a application program need to be installed, and user does not generally know that application program needs to conduct interviews which authority when installing, certain also not all of authority is all under the silent approvement of user, or even some Malwares try to some information for being related to privacy of user and are used for back door.Therefore, when application program is installed, monitor all permissions that the application requests are obtained, the erection schedule of the application program is intercepted simultaneously, and all permissions for being monitored are showed into user, doing so avoids before application program is installed to being controlled so as to cause application program install using the authority of routine access, after on the other hand it also avoid application program installation, carry out the stealing of data using authority on backstage.
Step 102:The operating process of monitoring users, when user's triggering installation function is detected, then responds the triggering clearance erection schedule and all permissions;
In the embodiment of the present invention, after backstage monitors the authority that application requests are obtained, permissions list can be generated prompting is made by display interface to user.It can be a drop-down menu to point out described in the embodiment of the present invention, and user clicks on the drop-down menu and can check all permissions for needing to obtain in the application program installation process.Certainly it can also be a pop-up to point out described in the embodiment of the present invention, or the push of an informing etc., the present invention is not limited to this.
After the permissions list is shown to user, user can know all permissions information that the application requests are accessed, and user selects to install or abandon to install according to wish.The operation of user is monitored on backstage, and after user's triggering installation function is detected, backstage responds the triggering, the clearance intercepted erection schedule and all of authority.The all permissions of now letting pass can ensure that the correct installation of the application program.
Step 104:When detecting that the erection schedule is completed, the control option of all permissions is shown;
In the embodiment of the present invention, the installation progress of real-time monitoring application program is simultaneously shown by controlling interface, display mode can be traditional straight-line progress bar display mode, it can be circular or gear type rotation progress display mode, can also be the loading patterns for being furnished with animation, or can also be the combining form of above-mentioned any-mode.In installation process provide entertaining progress display mode, can alleviate user etc. it is to be installed when boring and anxiety, simultaneously effective allow user clearly to know current installment state, and the time to installation have one to be intuitively expected.Certainly, progress prompt method of the invention includes but is not limited to this.
When backstage monitors that installation progress reaches 100%, controlling interface prompting user installation is completed and shows control of authority option.Wherein, the control of authority option can be a list, show all permissions that application program mount request is accessed in list, each authority all corresponds to a closing and the options for user of a unlatching is selected, user can select to close or opening section target authority according to wish.In the embodiment of the present invention, all permissions are all that acquiescence is opened, and certain present invention includes but is not limited to this.
Step 105:Operating result of the user to the control option of the System Privileges is obtained, and according to the operating result, open target authority allowed to user in the application program is configured.
In the embodiment of the present invention, operation of the real-time monitoring user to the control of authority option, records the target authority that User support is opened or disabled, at the same time, prompting is carried out by controlling interface to user and preserves priority assignation, and allow the open target authority to carry out authority configuration according to user.After the completion for the treatment of authority configuration, user can pass through the Interface Options that exit of controlling interface and terminate this time to install or directly open by opening the option of application program the application program of installation, it should be noted that, when the target authority in all permissions is opened by the selection of the control option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
Embodiment two
Fig. 2 is the user operation flow chart of the authority control method of two application program installation process of the embodiment of the present invention, and with reference to Fig. 2, the application program installation steps under embodiment of the present invention Android platform are as follows:
Step 201:Start and install, into installation interface;
Application program installation kit APK is the abbreviation of AndroidPackage, i.e. Android installation kits.Install by by APK file to be passed directly to perform in Android device.
Generally user in Android device set up applications by following several ways:
First, can from resource downloading area download application program installation kit, be stored in the SD card of equipment, be also not necessarily limited to certainly be equipment internal storage space in;Then this installation kit is found by file manager, activation by being triggered to which is installed, and the installation of application program thus can be directly carried out in Android device.
Second, computer can be connected with USB data line, software is installed by mobile device assistant PC ends etc. on computers Android device is installed.
Third, being the most frequently used mounting means of user, i.e., directly installed by the assistant and application market of various kinds in equipment, this mounting means simple and fast the most.
The embodiment of the present invention is applied to above-mentioned all of mounting means, is also not limited to certainly above-mentioned several.Either any mounting means, backstage once detect the installation of application program, authority will be monitored and subsequent step operation.
Step 202:When installation interface is replaced by controlling interface, all permissions of the application requests access are checked according to controlling interface prompting and chooses whether to continue to install;
In the embodiment of the present invention, replacement of the controlling interface to installation interface can be pop-up mulching method, can be blade-rotating alternative forms, it is also possible to which tray form represents, and the present invention is not limited to this.
The prompting of controlling interface in the embodiment of the present invention can be a drop-down menu, and user clicks on the drop-down menu and can check all permissions for needing to obtain in the application program installation process.Certainly it can also be a pop-up to point out described in the embodiment of the present invention, or the push of an informing etc., the present invention is not limited to this.
After the permissions list is shown to user, user can know all permissions information that the application requests are accessed, and user can select to install or abandon to install according to wish after clear and definite installation risk.
Step 203:After installation, check that application program needs the authority menu for accessing, the authority menu is operated, select to open or disable partial target control option.
In installation process, user can check installation progress by controlling interface, when progress to be installed reaches 100%, check the authority menu that controlling interface shows, select to open the authority of support according to wish or closing wants to the authority of disabling.
Step 204:Preserve priority assignation and can select to open the application program or exit interface.
In the embodiment of the present invention, if user determines being turned on and off and being preserved to authority, then backstage can record automatically user to the selection of authority and carry out authority configuration for the application program.Now user can select to exit current interface and terminate to install, it is also possible to directly activate the startup application program by the unlatching application program option of current interface.When now application program runs, the authority closed is selected to disable user according to the setting of user, user just can be safe to use.
In the installation procedure of the embodiment of the present application, on the one hand ensure that being normally carried out for installation process, on the other hand show user very clear the authority asked by application program independently to select to support or disable some authorities by user, while user information safety is ensured, the experience of user is greatly improved.
Embodiment three
Fig. 3 is the techniqueflow chart of the embodiment of the present invention three, and with reference to Fig. 3, the embodiment of the present invention monitors all permissions that the application requests are obtained, while the erection schedule for intercepting the application program further includes following steps:
Step 301:Behavior to the application program is monitored, and by the application programming interface in invocation framenort layer, obtains the APK file comprising authority information;
Android point is four layers, it is application layer, application framework layer, system operation storehouse layer and linux core layers respectively from high level to low layer, in the embodiment of the present invention, it is API by the application programming interface in invocation framenort layer, behavior is installed to the application program in ccf layer and is monitored.
API (Application Programming Interface, application programming interface) it is a calling interface that operating system leaves application program for, application program makes operating system go to perform the order (action) of application program by the API of call operation system.
Step 302:Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
It is typically with APK as suffix based on the installation file of the application program of Android, APK file is zip forms in fact, but suffix name is modified to apk, after UnZip is decompressed, it can be seen that bytecode Dex files (classes.dex), resource file (res), configuration file (AndroidManifest.xml) and signing messages file (META-INF).Wherein, Dex is the abbreviation of DalvikVM executes, i.e. Android Dalvik configuration processors.Using analytical tool (including but not limited to:Decompiling instrument dexdump.exe that the Android SDK that apktool, apkmanager, dex 2java, XJad and Google are issued are provided etc.) decompiling is carried out to Dex files, it is translated into the oss message that readable Java files can obtain the application program.
AndroidManifest.xml is the file that each APK application program must be included, and it describes the name of application program, version, authority, quotes the information such as library.Therefore, to read the authority information that the application requests are accessed, AndroidManifest.xml configuration files must just be obtained.
Step 303:The configuration file is progressively scanned, all permissions of the application requests are extracted.
In the inventory of AndroidManifest.xml configuration files, comprising many elements, including authority element.
If application program needs to access a function by protection of usage right, then it must be used in inventory file<uses-permission>Unit usually states its authority for requiring.Every kind of authority can all have a unique label to identify.Generally, label specifies operation to be constrained.For example:
android.permission.WRITE_SMS<Permission program writes note>
android.permission.READ_SMS<Permission program short message reading ceases>
android.permission.READ_OWNER_DATA<Permission program reads owner's data>
android.permission.SEND_SMS<Permission program sends SMS messaging>
android.permission.WRITE_CALENDAR<A program is allowed to write user's calendar data>
android.permission.WRITE_CONTACTS<Permission program writes contact data>
Therefore, by all permissions information that can obtain application program institute acquisition request is progressively scanned to the configuration file AndroidManifest.xml.
Example IV
Fig. 4 is the techniqueflow chart of the embodiment of the present invention four, and with reference to Fig. 4, a kind of authority control method of application program installation process of the embodiment of the present invention mainly comprises the steps:
Step 401:When having detected application program and installing, for being monitored to the application programming interface using interrupt mechanism, so as to interrupt the erection schedule of the application program.
In the embodiment of the present invention, the interface (API) for realizing set up applications in can adopting hook (hook or hook) mechanism realization to framework layers is monitored.Hook mechanism is a kind of a kind of technology of the message of certain application program or all processes in intercepting and capturing windows systems, the message of hook mechanism permission application program intercepting and capturing process operating system or particular event.The program segment of actually one process message of hook, is called by system, it is linked into system.Whenever specific message sends, before purpose window is not reached, hook program just first captures the message, that is, Hook Function first obtains control.At this moment Hook Function both can be with processed (change) message, it is also possible to does not deal with and continues to transmit the message, can also force the transmission of end.In embodiments of the present invention, interrupting the process of set up applications using hook mechanism, realizing relevant information being obtained before application program is installed, certain present invention includes but is not limited to a kind of this Interrupted interception method.
Realize that a hook typically there are three steps, create hook first, have special API;After creating success, message will pass to the process function specified.Then the message for receiving is analyzed in message processing function, corresponding process is done.Finally, after hook is finished, is disappeared with corresponding API and ruin hook.Hook process has many types, and every kind of hook can be intercepted and process the message of corresponding species, needs for idHook (hook procedural type) to be set to corresponding value in the embodiment of the present invention.
Step 402:Behavior to the application program is monitored, and by the application programming interface (API) in invocation framenort layer, obtains the APK file comprising authority information;
API (Application Programming Interface, application programming interface) it is a calling interface that operating system leaves application program for, application program makes operating system go to perform the order (action) of application program by the API of call operation system.
Step 403:Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
AndroidManifest.xml is the file that each APK application program must be included, and it describes the name of application program, version, authority, quotes the information such as library.Therefore, to read the authority information that the application requests are accessed, AndroidManifest.xml configuration files must just be obtained.
Step 404:The configuration file is progressively scanned, all permissions of the application requests are extracted;
In the inventory of AndroidManifest.xml configuration files, comprising many elements, including authority element.
If application program needs to access a function by protection of usage right, then it must be used in inventory file<uses-permission>Unit usually states its authority for requiring.Every kind of authority can all have a unique label to identify.Generally, label specifies operation to be constrained.For example:
android.permission.WRITE_SMS<Permission program writes note>
android.permission.READ_SMS<Permission program short message reading ceases>
android.permission.READ_OWNER_DATA<Permission program reads owner's data>
android.permission.SEND_SMS<Permission program sends SMS messaging>
android.permission.WRITE_CALENDAR<A program is allowed to write user's calendar data>
android.permission.WRITE_CONTACTS<Permission program writes contact data>
Therefore, by all permissions information that can obtain application program institute acquisition request is progressively scanned to the configuration file AndroidManifest.xml.
Step 405:The all permissions extracted are showed into user.
In the embodiment of the present invention, replacement of the controlling interface to installation interface can be pop-up mulching method, can be blade-rotating alternative forms, it is also possible to which tray form represents, and the present invention is not limited to this.
The prompting of controlling interface in the embodiment of the present invention can be a drop-down menu, and user clicks on the drop-down menu and can check all permissions for needing to obtain in the application program installation process.Certainly it can also be a pop-up to point out described in the embodiment of the present invention, or the push of an informing etc., the present invention is not limited to this.
After the permissions list is shown to user, user can know all permissions information that the application requests are accessed, and user can select to install or abandon to install according to wish after clear and definite installation risk.
Step 406:The operating process of monitoring users, when user's triggering installation function is detected, then responds the triggering clearance erection schedule and all permissions;
In step 401, the application programming interface is monitored using interrupt mechanism, is realized to the interception using program installation process, so as to further operation obtains all permissions that application program mount request is accessed after interception.After all permissions are informed user, user chooses whether to install after obtaining the risk information installed, if user selects to install, responds the selection of user, and end interrupt continues to install and let pass all permissions to ensure the smooth of installation process.
Step 407:Detect whether the erection schedule completes;
In the embodiment of the present invention, after application program installation, whether operating system successfully returns correlative code (code) to the bag being currently installed on, and passes through reflex mechanism, obtain the relevant information that the code is represented after obtaining code.Such as install successfully, install failure, signature be different, insufficient space etc..Certainly, the method that whether present invention detection erection schedule completes is not limited in said method.
Step 408:Show the control option of all permissions;
In the embodiment of the present invention, the installation progress of real-time monitoring application program is simultaneously shown by controlling interface, display mode can be traditional straight-line progress bar display mode, it can be circular or gear type rotation progress display mode, can also be the loading patterns for being furnished with animation, or can also be the combining form of above-mentioned any-mode.In installation process provide entertaining progress display mode, can alleviate user etc. it is to be installed when boring and anxiety, simultaneously effective allow user clearly to know current installment state, and the time to installation have one to be intuitively expected.Certainly, progress prompt method of the invention includes but is not limited to this.
When backstage monitors that installation progress reaches 100%, controlling interface prompting user installation is completed and shows control of authority option.Wherein, the control of authority option can be a list, show all permissions that application program mount request is accessed in list, each authority all corresponds to a closing and the options for user of a unlatching is selected, user can select to close or opening section target authority according to wish.In the embodiment of the present invention, all permissions are all that acquiescence is opened, and certain present invention includes but is not limited to this.
Step 409:Operating result of the user to the control option of the System Privileges is obtained, and according to the operating result, open target authority allowed to user in the application program is configured.
In the embodiment of the present invention, operation of the real-time monitoring user to the control of authority option, records the target authority that User support is opened or disabled, at the same time, prompting is carried out by controlling interface to user and preserves priority assignation, and allow the open target authority to carry out authority configuration according to user.After the completion for the treatment of authority configuration, user can pass through the Interface Options that exit of controlling interface and terminate this time to install or directly open by opening the option of application program the application program of installation, it should be noted that, when the target authority in all permissions is opened by the selection of the control option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
Embodiment five
Fig. 5 is the techniqueflow chart of the embodiment of the present invention one, and with reference to Fig. 5, a kind of authority control method of application program installation process of the embodiment of the present invention mainly includes the steps from visualization angle in the realization of mobile terminal:
Step 501:When having detected application program and installing, represent the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;
In the embodiment of the present invention, it will be assumed that user installs a map software on the mobile phone of android system.Assume that mounting means is that user is directly then installed from application market download.When user starts to install, mobile phone will represent controlling interface and replace the installation interface of the application program first.Simultaneously, can be a list in controlling interface, all permissions of the asked access of the map software be shown in the list, such as:(network) rough position or accurately (GPS) position are obtaining the geographical position of user;Network communication, completely internet access authority, change Wi-Fi states etc., to be positioned by network or be inquired about;The current application program for running of retrieval, reading contact data, short message reading etc., to share or register the map software;Mobile phone communication, number etc. is directly called, to realize service of calling a taxi etc..
Step 502:After receiving the installation instruction of user's triggering, all permissions of letting pass are installed to the application program, and show installation progress in the controlling interface;
The example of previous step is accepted, after user knows all permissions that the map software request is accessed, the risk after installing is judged, is voluntarily selected whether to install.Now can choose whether to continue to install and installation progress can be checked in controlling interface according to interface prompt.
Step 503:When the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user.
Accept the example of previous step, after the map software shows installation, controlling interface the map software can ask all permissions for accessing again, now user can be configured to the control of authority option, select to open or disable some target authorities, such as, user is not intended to the mobile phone contact information leakage of oneself, then the authority can be closed in associated person information one is read.
Embodiment six
Fig. 6 is the apparatus structure schematic diagram of the embodiment of the present invention five, as shown in fig. 6, a kind of permission control device of application program installation process of the embodiment of the present invention five is mainly included with lower module:Authority monitoring modular 601, installation management module 602, display module 603, permission configuration module 604.
The authority monitoring modular 601, for when having detected application program and installing, intercepting the erection schedule of the application program, monitors all permissions that the application requests are obtained;Foreground shows as:Represent the installation interface that controlling interface replaces the application program, all permissions of the application program installation process request are shown in the controlling interface;
The installation management module 602, for the operating process of monitoring users, when user's triggering installation function is detected, then responds the triggering clearance erection schedule and all permissions;Foreground shows as:The display module 603 is called, and installation progress is shown in the controlling interface;
The display module 603, for all permissions that the authority monitoring modular 601 is monitored are showed user;For when detecting that the erection schedule is completed, showing the control option of all permissions;
The permission configuration module 604, for obtaining operating result of the user to the control option of the System Privileges, and according to the operating result, open target authority allowed to user in the application program is configured.Foreground shows as:For when the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions.
Further, the authority monitoring modular 601, further includes to monitor module 601a, monitoring module 601a, for monitoring the application programming interface using interrupt mechanism, so as to interrupt the erection schedule of the application program.
Further, monitoring module 601a, is further additionally operable to monitor the behavior of the application program, by the application programming interface in invocation framenort layer, obtains the APK file comprising authority information;The information of all permissions is obtained by parsing APK file.
Further, the authority monitoring modular 601 also includes authority parsing module 601b, the authority parsing module 601b, for decompressing the APK file and carrying out decompiling, obtains AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
Further, the display module 603 is additionally operable to, and all permissions information of the application requests to extracting is entered row-column list and is shown to user by the control option of the authority information.
Further, the permission configuration module 604, is additionally operable to, when the target authority in all permissions is opened by the selection of the control option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
Embodiment six
Fig. 7 is a kind of apparatus structure schematic diagram of the another embodiment of the permission control device of application program installation process of the invention, and with reference to Fig. 7, a kind of operation process of the permission control device of application program installation process of the invention is as follows:
First, the erection schedule of the application program when authority monitoring modular 601 has detected application program and installs, is intercepted, all permissions that the application requests are obtained are monitored;
Monitor all permissions that the application requests obtain mainly by authority monitoring modular in monitoring module 601a complete.It is described monitoring module 601a for being monitored to the application programming interface using interrupt mechanism, so as to interrupt the erection schedule of the application program.
Wherein, monitoring module 601a is also monitored to the behavior of application program, by the application programming interface in invocation framenort layer, obtains the APK file comprising authority information;The information of all permissions is obtained by parsing APK file.
The authority monitoring modular also includes authority parsing module 601b, and the function of the authority parsing module is:
Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
After all permissions for obtaining the application requests, need to call the display module 504, the display module 603 now to enter row-column list and be shown to user all permissions information of the application requests to extracting.
After all permissions information is showed user, the operating process for installing 602 monitoring users of management module when user's triggering installation function is detected, then responds the triggering clearance erection schedule and all permissions;
Display module 603 shows installation progress, when detecting that the erection schedule is completed, calls all permissions information of the application requests that display module 603 pairs extracts to enter row-column list and be shown to user by the control option of the authority information again.
After treating that user is operated to the control of authority option, the permission configuration module 604 obtains operating result of the user to the control option of the System Privileges, and according to the operating result, open target authority allowed to user in the application program is configured.
When the target authority in all permissions is opened by the selection of the control option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;
When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
A kind of permission control device of the application program installation process described in the present embodiment is by carrying out authority monitoring to application program to be installed, intercept before the mounting and the authority information for obtaining that application program is asked is installed, and the access rights to application program are controlled, on the one hand the information data safety of user is ensure that, on the other hand ensures that program runs well.
A1, a kind of authority control method of program installation process, it is characterised in that
When having detected application program and installing, represent the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;
After receiving the installation instruction of user's triggering, all permissions of letting pass are installed to the application program, and show installation progress in the controlling interface;
When the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user.
A2, the method as described in a1, it is characterised in that when having detected application program and installing, before representing controlling interface and replacing the installation interface of the application program, further include,
The application programming interface of the application program is monitored using interrupt mechanism, so as to interrupt the erection schedule of the application program.
A3, the method as described in a2, it is characterised in that the application programming interface of the application program is monitored using interrupt mechanism, further included,
Behavior to the application program is monitored, by invocation framenort layer in the application programming interface, obtain the APK file comprising authority information;
The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained.
A4, the method as described in a3, it is characterised in that carry out parsing the information for obtaining all permissions that the application requests are obtained to the APK, further include,
Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
A5, the method as described in a1, it is characterised in that the target authority in all permissions is turned on or off by the selection of the control option receive user, is further included,
Operating result of the monitoring users to the control option of institute's authority information, configures to the authority of the application program according to the operating result.
A6, the method as described in a1, it is characterised in that be turned on or off in all permissions after target authority by controlling the selection of option receive user, further included,
When the target authority in the selection unlatching all permissions by controlling option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
B7, a kind of permission control device of program installation process, it is characterised in that include such as lower module:
Authority monitoring modular, for when having detected application program and installing, representing the installation interface that controlling interface replaces the application program, shows all permissions that the application program installation process is asked in the controlling interface;
Management module is installed, and after the installation for receiving user's triggering is indicated, all permissions of letting pass are installed to the application program, and installation progress shown in the controlling interface;
Permission configuration module, for when the installation progress is completed, the controlling interface is pointed out installation and shows the control option of all permissions, so as to be turned on or off the target authority in all permissions by the selection of the control option receive user;
Display module, for being combined with other modules, is shown.
B8, the device as described in b7, it is characterised in that the authority monitoring modular, further include to monitor module,
The monitoring module, for being monitored to the application programming interface of the application program using interrupt mechanism, so as to interrupt the erection schedule of the application program.
B9, the device as described in b8, it is characterised in that the monitoring module, are further used for,
Behavior to the application program is monitored, by invocation framenort layer in the application programming interface, obtain the APK file comprising authority information;
The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained.
B10, the device as described in b9, it is characterised in that the authority monitoring modular, further include authority parsing module:
The authority parsing module, decompresses the APK file and carries out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
B11, the device as described in b7, it is characterised in that the permission configuration module is further used for,
Operating result of the monitoring users to the control option of institute's authority information, configures to the authority of the application program according to the operating result.
B12, the device as described in b7, it is characterised in that the permission configuration module, are further used for,
When the target authority in the selection unlatching all permissions by controlling option receive user, if the operation application program, intercepts other authorities beyond the application requests target authority;When the target authority in the selection closing all permissions by controlling option receive user, when running the application program, the target authority in all permissions of the application requests is intercepted.
Described above illustrates and describes some preferred embodiments of the present invention, but as previously mentioned, it should be understood that the present invention is not limited to form disclosed herein, it is not to be taken as the exclusion to other embodiment, and can be used for various other combinations, modification and environment, and can be modified by the technology or knowledge of above-mentioned teaching or association area in invention contemplated scope described herein.And change that those skilled in the art are carried out and change be without departing from the spirit and scope of the present invention, then all should be in the protection domain of claims of the present invention.

Claims (10)

1. a kind of authority control method of program installation process, it is characterised in that
When having detected application program and installing, represent installation circle that controlling interface replaces the application program Face, shows all permissions of the application program installation process request in the controlling interface;
After receiving the installation instruction of user's triggering, all permissions of letting pass are entered to the application program Row is installed, and shows installation progress in the controlling interface;
When the installation progress is completed, the controlling interface prompting installation simultaneously shows all permissions Control option, it is described all so as to be turned on or off by the selection of the control option receive user Target authority in authority.
2. the method for claim 1, it is characterised in that install when application program has been detected When, before the installation interface of the controlling interface replacement application program is represented, further include,
The application programming interface of the application program is monitored using interrupt mechanism, so as to interrupt The erection schedule of the application program;
The application programming interface in by invocation framenort layer, obtains the APK comprising authority information File;
The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained.
3. method as claimed in claim 2, it is characterised in that parsing acquisition is carried out to the APK The information of all permissions that the application requests are obtained, further includes,
Decompress the APK file and carry out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
4. the method for claim 1, it is characterised in that received by the control option and used The selection at family is turned on or off the target authority in all permissions, further includes,
Operating result of the monitoring users to the control option of institute's authority information, according to the operating result to institute The authority for stating application program is configured.
5. the method for claim 1, it is characterised in that by controlling option receive user Selection is turned on or off in all permissions after target authority, is further included,
When the target authority in the selection unlatching all permissions by controlling option receive user, if The application program is run, then intercepts other authorities beyond the application requests target authority;When By controlling when selecting the target authority closed in all permissions of option receive user, operation is described During application program, the target authority in all permissions of the application requests is intercepted.
6. a kind of permission control device of program installation process, it is characterised in that include such as lower module:
Authority monitoring modular, replaces institute for when having detected application program and installing, representing controlling interface The installation interface of application program is stated, and the application program installation process request is shown in the controlling interface All permissions;
Management module is installed, after the installation for receiving user's triggering is indicated, all permissions of letting pass, The application program is installed, and installation progress is shown in the controlling interface;
Permission configuration module, for when the installation progress is completed, the controlling interface prompting is installed Into and show the control option of all permissions, so as to the selection by the control option receive user The target authority being turned on or off in all permissions;
Display module, for being combined with other modules, is shown.
7. device as claimed in claim 6, it is characterised in that the authority monitoring modular, enters one Step includes monitoring module,
The monitoring module, for the application programming interface using interrupt mechanism to the application program Monitored, so as to interrupt the erection schedule of the application program;
The application programming interface in by invocation framenort layer, obtains the APK comprising authority information File;
The APK is carried out parsing the information for obtaining all permissions that the application requests are obtained.
8. device as claimed in claim 7, it is characterised in that the authority monitoring modular, enters one Step includes authority parsing module:
The authority parsing module, decompresses the APK file and carries out decompiling, obtain AndroidManifest.xml configuration files;
The configuration file is progressively scanned, all permissions of the application requests are extracted.
9. device as claimed in claim 6, it is characterised in that the permission configuration module is further For,
Operating result of the monitoring users to the control option of institute's authority information, according to the operating result to institute The authority for stating application program is configured.
10. device as claimed in claim 6, it is characterised in that the permission configuration module, enters one Walking is used for,
When the target authority in the selection unlatching all permissions by controlling option receive user, if The application program is run, then intercepts other authorities beyond the application requests target authority;When By controlling when selecting the target authority closed in all permissions of option receive user, operation is described During application program, the target authority in all permissions of the application requests is intercepted.
CN201510640948.8A 2015-09-30 2015-09-30 A kind of authority control method and device of application program installation process Pending CN106557669A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510640948.8A CN106557669A (en) 2015-09-30 2015-09-30 A kind of authority control method and device of application program installation process

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510640948.8A CN106557669A (en) 2015-09-30 2015-09-30 A kind of authority control method and device of application program installation process

Publications (1)

Publication Number Publication Date
CN106557669A true CN106557669A (en) 2017-04-05

Family

ID=58417917

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510640948.8A Pending CN106557669A (en) 2015-09-30 2015-09-30 A kind of authority control method and device of application program installation process

Country Status (1)

Country Link
CN (1) CN106557669A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107341406A (en) * 2017-07-05 2017-11-10 北京奇安信科技有限公司 A kind of method and terminal for protecting privacy of user data
CN107493288A (en) * 2017-08-28 2017-12-19 深圳市新国都支付技术有限公司 Application network method of controlling security and device based on Android versions POS
CN108173846A (en) * 2017-12-27 2018-06-15 北京小米移动软件有限公司 login method and device
CN108600817A (en) * 2018-03-15 2018-09-28 聚好看科技股份有限公司 Smart television and convenient in browse displays equipment apply installation progress method
CN108763014A (en) * 2018-04-18 2018-11-06 Oppo广东移动通信有限公司 Information prompting method, device, mobile terminal and computer-readable medium
CN109120612A (en) * 2018-08-06 2019-01-01 浙江衣拿智能科技有限公司 A kind of packet filtering method, system and application program
CN109522741A (en) * 2018-10-24 2019-03-26 维沃移动通信有限公司 A kind of application program permission reminding method and its terminal device
CN110275835A (en) * 2019-06-25 2019-09-24 努比亚技术有限公司 Permission prompting interface adding method, device and computer readable storage medium
CN110851150A (en) * 2019-11-12 2020-02-28 连尚(新昌)网络科技有限公司 Method and apparatus for installing applications
CN112306513A (en) * 2020-12-24 2021-02-02 智道网联科技(北京)有限公司 Installation method and device of third-party application, computing equipment and storage medium
CN114528058A (en) * 2022-01-21 2022-05-24 京东方科技集团股份有限公司 Application grouping display method and device and display equipment
WO2022142756A1 (en) * 2020-12-31 2022-07-07 中兴通讯股份有限公司 High-level permission granting method and system, device, and medium
CN115017473A (en) * 2021-09-06 2022-09-06 荣耀终端有限公司 Authorization method and electronic equipment

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102200922A (en) * 2011-04-06 2011-09-28 宇龙计算机通信科技(深圳)有限公司 Application program installation method and terminal
CN102289633A (en) * 2011-09-02 2011-12-21 广东欧珀移动通信有限公司 Method for managing dynamic permission of application program under Android platform
CN102426639A (en) * 2011-09-26 2012-04-25 宇龙计算机通信科技(深圳)有限公司 Information security monitoring method and device
CN103136472A (en) * 2011-11-29 2013-06-05 腾讯科技(深圳)有限公司 Method and mobile device of stopping application program to steal privacy
CN103268451A (en) * 2013-06-08 2013-08-28 上海斐讯数据通信技术有限公司 Dynamic permission management system based on mobile terminal
CN103617380A (en) * 2013-11-28 2014-03-05 北京邮电大学 Application program authority dynamic control method and system
CN103761471A (en) * 2014-02-21 2014-04-30 北京奇虎科技有限公司 Application program installation method and device based on intelligent terminal
CN103839000A (en) * 2014-02-21 2014-06-04 北京奇虎科技有限公司 Application program installation method and device based on intelligent terminal equipment
CN103870306A (en) * 2014-02-21 2014-06-18 北京奇虎科技有限公司 Method and device for installing application program on basis of intelligent terminal equipment
CN103914312A (en) * 2012-12-31 2014-07-09 联想(北京)有限公司 Application processing method, application processing device and electronic device
CN104199703A (en) * 2014-09-05 2014-12-10 北京奇虎科技有限公司 Unattended setup management method and device
CN104462970A (en) * 2014-12-17 2015-03-25 中国科学院软件研究所 Android application program permission abuse detecting method based on process communication

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102200922A (en) * 2011-04-06 2011-09-28 宇龙计算机通信科技(深圳)有限公司 Application program installation method and terminal
CN102289633A (en) * 2011-09-02 2011-12-21 广东欧珀移动通信有限公司 Method for managing dynamic permission of application program under Android platform
CN102426639A (en) * 2011-09-26 2012-04-25 宇龙计算机通信科技(深圳)有限公司 Information security monitoring method and device
CN103136472A (en) * 2011-11-29 2013-06-05 腾讯科技(深圳)有限公司 Method and mobile device of stopping application program to steal privacy
CN103914312A (en) * 2012-12-31 2014-07-09 联想(北京)有限公司 Application processing method, application processing device and electronic device
CN103268451A (en) * 2013-06-08 2013-08-28 上海斐讯数据通信技术有限公司 Dynamic permission management system based on mobile terminal
CN103617380A (en) * 2013-11-28 2014-03-05 北京邮电大学 Application program authority dynamic control method and system
CN103761471A (en) * 2014-02-21 2014-04-30 北京奇虎科技有限公司 Application program installation method and device based on intelligent terminal
CN103839000A (en) * 2014-02-21 2014-06-04 北京奇虎科技有限公司 Application program installation method and device based on intelligent terminal equipment
CN103870306A (en) * 2014-02-21 2014-06-18 北京奇虎科技有限公司 Method and device for installing application program on basis of intelligent terminal equipment
CN104199703A (en) * 2014-09-05 2014-12-10 北京奇虎科技有限公司 Unattended setup management method and device
CN104462970A (en) * 2014-12-17 2015-03-25 中国科学院软件研究所 Android application program permission abuse detecting method based on process communication

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107341406A (en) * 2017-07-05 2017-11-10 北京奇安信科技有限公司 A kind of method and terminal for protecting privacy of user data
CN107493288A (en) * 2017-08-28 2017-12-19 深圳市新国都支付技术有限公司 Application network method of controlling security and device based on Android versions POS
CN108173846A (en) * 2017-12-27 2018-06-15 北京小米移动软件有限公司 login method and device
CN108173846B (en) * 2017-12-27 2021-05-04 北京小米移动软件有限公司 Login method and device
CN108600817A (en) * 2018-03-15 2018-09-28 聚好看科技股份有限公司 Smart television and convenient in browse displays equipment apply installation progress method
CN108600817B (en) * 2018-03-15 2021-03-16 聚好看科技股份有限公司 Smart television and method for facilitating browsing of application installation progress in display device
CN108763014A (en) * 2018-04-18 2018-11-06 Oppo广东移动通信有限公司 Information prompting method, device, mobile terminal and computer-readable medium
CN108763014B (en) * 2018-04-18 2022-04-19 Oppo广东移动通信有限公司 Information reminding method and device, mobile terminal and computer readable medium
CN109120612B (en) * 2018-08-06 2021-04-30 浙江衣拿智能科技股份有限公司 Data packet filtering method, system and application program
CN109120612A (en) * 2018-08-06 2019-01-01 浙江衣拿智能科技有限公司 A kind of packet filtering method, system and application program
CN109522741B (en) * 2018-10-24 2020-06-16 维沃移动通信有限公司 Application program permission prompting method and terminal equipment thereof
CN109522741A (en) * 2018-10-24 2019-03-26 维沃移动通信有限公司 A kind of application program permission reminding method and its terminal device
CN110275835A (en) * 2019-06-25 2019-09-24 努比亚技术有限公司 Permission prompting interface adding method, device and computer readable storage medium
CN110275835B (en) * 2019-06-25 2024-06-21 努比亚技术有限公司 Permission prompt interface adding method and device and computer readable storage medium
CN110851150A (en) * 2019-11-12 2020-02-28 连尚(新昌)网络科技有限公司 Method and apparatus for installing applications
CN110851150B (en) * 2019-11-12 2022-09-06 连尚(新昌)网络科技有限公司 Method and apparatus for installing applications
CN112306513A (en) * 2020-12-24 2021-02-02 智道网联科技(北京)有限公司 Installation method and device of third-party application, computing equipment and storage medium
WO2022142756A1 (en) * 2020-12-31 2022-07-07 中兴通讯股份有限公司 High-level permission granting method and system, device, and medium
CN115017473A (en) * 2021-09-06 2022-09-06 荣耀终端有限公司 Authorization method and electronic equipment
CN115017473B (en) * 2021-09-06 2023-10-20 荣耀终端有限公司 Authorization method and electronic equipment
CN114528058B (en) * 2022-01-21 2024-05-28 京东方科技集团股份有限公司 Application grouping display method and device and display equipment
CN114528058A (en) * 2022-01-21 2022-05-24 京东方科技集团股份有限公司 Application grouping display method and device and display equipment

Similar Documents

Publication Publication Date Title
CN106557669A (en) A kind of authority control method and device of application program installation process
US9165139B2 (en) System and method for creating secure applications
JP5891414B2 (en) Information processing apparatus and method for preventing unauthorized application cooperation
US7743336B2 (en) Widget security
US8893222B2 (en) Security system and method for the android operating system
Stevens et al. Asking for (and about) permissions used by android apps
CN101960446B (en) Secure browser-based applications
US9537869B2 (en) Geographical restrictions for application usage on a mobile device
CN106557687A (en) A kind of authority control method and device of application program installation process
Zdziarski Hacking and securing iOS applications
JP2007316637A (en) Screensaver for individual application program
CN103403669A (en) Securing and managing APPs on a device
CN107077565A (en) The collocation method and equipment of a kind of safe configured information
CN102246144A (en) Method and apparatus for installing programs on a computer platform
Kern et al. Permission tracking in Android
CN114650154B (en) Webpage authority behavior control method and device, computer equipment and storage medium
CN111709054B (en) Privacy space information access control method and device and computer equipment
KR20140068940A (en) Content handling for applications
CN111222122A (en) Application authority management method and device and embedded equipment
WO2012079612A1 (en) Method for changing an operating mode of a mobile device
Chuang et al. Digital right management and software protection on Android phones
CN111443907A (en) Method and device for calling SDK function
US10089261B2 (en) Discriminating dynamic connection of disconnectable peripherals
Rubio-Medrano et al. DyPolDroid: Protecting Users and Organizations from Permission-Abuse Attacks in Android
CN110580179A (en) information processing method and device, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170405