Method and device for authorizing application program based on Android system and computer readable storage medium

文档序号：153376 发布日期：2021-10-26 浏览：34次中文

阅读说明：本技术 基于Android系统应用程序授权的方法、装置和计算机可读存储介质 (Method and device for authorizing application program based on Android system and computer readable storage medium ) 是由王安兴胡锐生林修平于 2021-07-16 设计创作，主要内容包括：本发明公开了一种基于Android系统应用程序授权的方法、装置和计算机可读存储介质,其中装置实施例中,Android系统默认配置安全密码状态为未设置,包括：安全密码设置模块,用于为系统设置一个安全密码；注册安全应用程序模块,用于判断当前安全密码和系统内已存的安全密码一致时,则应用程序开始注册为安全应用,UID存储到安全应用列表中；查验是否为安全应用程序模块,用于注册成功后,系统通过查询应用列表中是否具有此UID来判断应用程序是否为安全应用,确认是安全应用才可以被授权；应用程序授权模块,若为安全应用,系统对安全应用直接授予Android系统所有应用程序权限,程序正常执行；注销模块,用于应用程序主动从安全应用列表中注销自己。(The invention discloses a method, a device and a computer readable storage medium for authorizing an application program based on an Android system, wherein in the embodiment of the device, the default configuration security password state of the Android system is not set, and the method comprises the following steps: the security password setting module is used for setting a security password for the system; the registered security application program module is used for starting to register the application program as the security application when judging that the current security password is consistent with the security password stored in the system, and storing the UID into a security application list; checking whether the application program module is a safe application program module or not, and after the registration is successful, judging whether the application program is a safe application or not by inquiring whether the UID exists in the application list or not by the system, and confirming that the safe application can be authorized; if the application program authorization module is safe application, the system directly grants all application program authorities of the Android system to the safe application, and the program is normally executed; and the log-out module is used for the application program to actively log out the application program from the safety application list.)

1. The method for authorizing the application program based on the Android system is characterized by comprising the following steps of:

setting a safety password for the system;

registering a security application program, and when the current security password is consistent with the security password stored in the system, starting to register the application program as the security application, namely storing the UID of the application program into a security application list;

checking whether the application program is a safe application program, after the registration is successful, judging whether the application program is the safe application program by inquiring whether the UID exists in the application list by the system, and determining that the safe application program can be authorized;

authorizing the application program, wherein when the application program starts to run, the system queries whether the application program is safe application or not by acquiring the UID of the application program, and if the application program is safe application, the system directly grants all application program authorities of the Android system to the safe application, and the program is normally executed;

and (4) logout, the application program actively logs out the application program from the security application list or directly deletes the UID from the security application list storage file after the system learns that the system has the event of application program uninstallation by monitoring android.

2. The Android-system-application-based authorization method of claim 1, wherein the resetting of the security password is performed if the security password state needs to be set to an uninitialized state.

3. The Android system-based application program authorization method of claim 1, wherein setting a security password for the system specifically includes: and (3) introducing an old password and a new password, judging whether the format of the new password is correct, whether the current security password state is not initialized, and whether the format of the old password is correct and is the same as the current security password, and if the format of the old password is correct and the format of the old password is the same as the current security password, setting the new password as the security password.

4. The Android system application authorization-based method of claim 1, wherein registering the security application specifically includes: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file.

5. The utility model provides a device based on Android system application program is authorized, the Android system defaults to dispose safe password state and is unset, its characterized in that includes:

the security password setting module is used for setting a security password for the system;

the registered security application program module is used for judging that the current security password is consistent with the security password stored in the system, and then the application program starts to be registered as the security application, namely the UID of the application program is stored in a security application list;

checking whether the application program module is a safe application program module or not, and after the registration is successful, judging whether the application program has the required authority or not by inquiring whether the UID exists in the application list or not by the system, wherein the program with the required authority can be authorized;

the system comprises an application program authorization module, a security application module and a security application module, wherein the application program authorization module is used for inquiring whether an application program is a security application or not by acquiring the UID of the application program when the application program starts to run, and if the application program is the security application, the system directly grants all application program authorities of the Android system to the security application and normally executes the application program;

and the logout module is used for deleting the UID from the storage file of the safe application list directly after the application program actively logs out the application program or the system learns that the system has the event of application program uninstallation by monitoring android.

6. The Android system application authorization-based device of claim 5, further comprising a secure password resetting module configured to perform resetting of the secure password if the secure password state needs to be set to the uninitialized state.

7. The Android system application authorization-based device of claim 5, wherein setting a security password for the system specifically includes: and (3) introducing an old password and a new password, judging whether the format of the new password is correct, whether the current security password state is not initialized, and whether the format of the old password is correct and is the same as the current security password, and if the format of the old password is correct and the format of the old password is the same as the current security password, setting the new password as the security password.

8. The Android system application program authorization-based device of claim 5, wherein the specific working process of registering the security application program module is as follows: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file.

9. A computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements the method for Android system application based authorization of any of claims 1-4.

Technical Field

The invention belongs to the technical field of Android application, and particularly relates to an Android system-based application program authorization method and device and a computer-readable storage medium.

Background

With the version iteration of Google, the Android system has stricter and stricter management on the application program permission. The method is more and more friendly to the user of the mobile terminal equipment carrying the Android system, and the privacy and safety of the user of the mobile terminal equipment are guaranteed. The method is similar to application program runtime permission application after the android6.0 version, most application permission interfaces are hidden for third-party application programs, and the like.

However, for industrial equipment carrying an Android system, the feasibility of industrial application development is greatly reduced by too-strict application management, so that the industrial application development cannot leave a huge Android source code.

Disclosure of Invention

In view of the technical problems, the invention is used for providing a method, a device and a computer-readable storage medium for authorizing based on an Android system application program, which are used for solving the problem that the application program in the industry is difficult to develop due to too severe authorization of the Android system application program.

In order to solve the technical problems, the invention adopts the following technical scheme:

in a first aspect, the present invention provides an Android system application program authorization method, where the default configuration security password state of the Android system is not set, including the following steps:

setting a safety password for the system;

Preferably, the resetting of the security password is performed if the security password state needs to be set to the uninitialized state.

Preferably, the setting of a security password for the system specifically includes: and (3) introducing an old password and a new password, judging whether the format of the new password is correct, whether the current security password state is not initialized, and whether the format of the old password is correct and is the same as the current security password, and if the format of the old password is correct and the format of the old password is the same as the current security password, setting the new password as the security password.

Preferably, registering the security application specifically includes: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file.

In a second aspect, the present invention provides an apparatus for application program authorization based on an Android system, where a security password default configuration state of the Android system is not set, including:

the security password setting module is used for setting a security password for the system;

checking whether the application program module is a safe application program module or not, and after the registration is successful, judging whether the application program is a safe application or not by inquiring whether the UID exists in the application list or not by the system, and confirming that the safe application can be authorized;

and the logout module is used for deleting the UID from the storage file of the safe application list directly after the application program actively logs out the application program from the safe application list or the system learns that the system has the event of application program uninstallation by monitoring android.

Preferably, the system further comprises a security password resetting module, configured to execute resetting of the security password if the security password state needs to be set to the uninitialized state.

Preferably, the specific working process of registering the security application module is as follows: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file.

In a third aspect, the present invention provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the method for enabling an Android system application program authorization is implemented.

The invention has the following beneficial effects: the application program with the security password can be registered as the security application, and the user is reminded of manually granting the application program permission without flicking a frame to directly acquire all application program permissions. The applications in the secure application list need not apply for the required application permissions in android manifest. Meanwhile, an application program without a security password cannot be registered as a security application, so that the security of the system is protected.

Drawings

Fig. 1 is a flowchart illustrating a security password setting process in an Android system application authorization method according to an embodiment of the present invention;

FIG. 2 is a flow chart of a security password status determination;

fig. 3 is a flowchart illustrating resetting of a security password in an Android system application authorization-based method according to an embodiment of the present invention;

fig. 4 is a flowchart illustrating a process of registering a security application as a security application in an Android system application authorization-based method according to an embodiment of the present invention;

fig. 5 is a flowchart illustrating a process of determining whether an application is a safe application in the Android system application authorization method according to the embodiment of the present invention;

FIG. 6 is a flowchart of Android original system application program authority control;

fig. 7 is a flow of an Android system application program-based authorization method in the Android system application program-based authorization method according to the embodiment of the present invention;

fig. 8 is a flowchart illustrating that an application is actively logged out of a secure application list in the Android system application authorization-based method according to the embodiment of the present invention;

FIG. 9 is a flowchart illustrating steps taken by a system to automatically logout an application from a secure application list after the application is uninstalled in a method for Android system application authorization according to an embodiment of the present invention;

fig. 10 is a schematic structural diagram of an apparatus for Android system application program authorization according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Method example 1

The embodiment of the invention provides an Android system application program authorization method, wherein the Android system defaults to configure a safe password state as unset, and the method comprises the following steps:

setting a safety password for the system;

checking whether the application program is a safe application program, after the registration is successful, judging whether the application program is the safe application program by inquiring whether the UID is in the application list by the system, and confirming that the safe application program can be authorized;

Through the technical scheme, the application program acquires all application program authorities in a mode of registering as safe application. The registration of the security application requires the security password, so that the malicious application program can be prevented from registering to acquire all application program authorities for the security application to perform malicious operation on the system. By re-building the Android application authorization framework, the application program can acquire all application program authorities of the Android system without an application program authority application method provided by the Android original system, and an interface method for applying the Android application program authorities is provided for the application program.

Method example 2

On the basis of the method embodiment 1, further, the method for authorizing based on the Android system application program provided by the embodiment of the invention is executed by resetting the security password if the security password state needs to be set to the uninitialized state.

According to some application embodiments of the present invention, the step of setting the security password comprises: and (3) introducing an old password and a new password, judging whether the format of the new password is correct, whether the current security password state is not initialized, and whether the format of the old password is correct and is the same as the current security password, and if the format of the old password is correct and the format of the old password is the same as the current security password, setting the new password as the security password. In a specific application example, referring to fig. 1, an old password and a new password are introduced, whether the format of the new password is correct or not is judged, and if the format of the new password is incorrect, the setting is failed; if so, continuously judging whether the current security password state is an uninitialized state, and if not, directly setting the security password as a new password; if the security password state is the existing state, whether the format of the old password is correct and whether the old password is the same as the security password existing at present is judged, if the old password is not the same as the security password existing at present, the setting of the security password is failed, and if the old password and the security password are both the same, the new password is set as the security password.

Further, referring to fig. 2, the step of determining the security password state includes: inquiring whether a file storing the security password exists or not, judging whether an encrypted security password character string exists in the security password file or not, if so, judging that the security password exists, and if not, judging that the security password is not initialized.

Referring to fig. 3, according to some application embodiments of the present invention, the resetting step of the security password includes: an old password is introduced. And judging whether the security password state is an uninitialized state. If it is in the uninitialized state, the reset fails. If the password is in the set state, whether the format of the old password is correct and whether the old password is consistent with the current security password is judged. Resetting the security code fails if any of the conditions is not met. And if the two are in accordance, directly deleting the safe password storage file, and setting the safe password state to be uninitialized.

Referring to fig. 4, according to some embodiments of the present patent, registering a security application as a security application specifically includes: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file. Through the above steps, the application program is registered as a secure application.

Referring to fig. 5, according to some embodiments of the present patent, the determining whether the application is a secure application comprises: transmitting UID of an application program to be inquired; searching whether the UID is contained in a secure application list; if so, the application program is a secure application, otherwise the application program is not a secure application.

According to some embodiments of the present invention, the step of directly granting all application program rights to the secure application by the system comprises: and adding a judgment application program whether being a safe application or not at the beginning of the method for judging whether the application program has a certain application program permission or not in the Android, and directly giving a result that the application program has a certain application program permission if the application program is the safe application. Referring to fig. 6, which is a flowchart of controlling the permission of an application program of an original Android system, an application program starts to run, the application program executes a code requiring the permission of the application program, obtains a UID of the application program, and determines whether the UID has the required permission of the application program, if so, the program runs normally; if not, the program generates an exception and cannot run normally. On the basis of fig. 6, after the UID of the program is obtained, the embodiment of the present invention queries whether the application program is a secure application, and if so, directly grants the application program authority, and the program normally runs; if the application program is not a secure application, continuously judging whether the UID has the required application program authority, if the UID has the required application program authority, normally running the program, and if the UID does not have the required application program authority, generating an exception and being incapable of continuously executing the program, as shown in fig. 7 specifically.

Referring to fig. 8, according to some embodiments of the present patent, the step of an application actively logging out of a secure application list comprises: and acquiring the UID of the current application, judging whether the UID is in the safe application list, if so, deleting the UID from the safe application list storage file, and successfully logging the application program from the safe application list. If the current UID is not within the secure application list, the application logs the failure from the secure application list.

Referring to fig. 9, according to some embodiments of the present patent, the step of the system automatically logging out the application from the secure application list after the application is uninstalled comprises: the system monitors the android, intent, action, PACKAGE, REMOVED broadcast to know that the system has an event of application program uninstallation, acquires the UID of the uninstalled application program from the broadcast information, judges whether the UID is in the safe application list, and deletes the UID from the safe application list storage file if the UID is in the safe application list storage file, so that the uninstalled application program is REMOVED from the safe application list.

Apparatus example 1

Corresponding to the embodiment of the method of the present invention, referring to fig. 10, a schematic structural diagram of an apparatus for application program authorization based on an Android system according to the embodiment of the present invention is shown, where a security password default configuration state of the Android system is not set, and the method includes: the security password setting module is used for setting a security password for the system; the registered security application program module is used for judging that the current security password is consistent with the security password stored in the system, and then the application program starts to be registered as the security application, namely the UID of the application program is stored in a security application list; checking whether the application program is a safe application program or not, and after the registration is successful, judging whether the application program is the safe application or not by inquiring whether the UID is in the application list or not by the system, and confirming that the safe application can be authorized; the system comprises an application program authorization module, a security application module and a security application module, wherein the application program authorization module is used for inquiring whether an application program is a security application or not by acquiring the UID of the application program when the application program starts to run, and if the application program is the security application, the system directly grants all application program authorities of the Android system to the security application and normally executes the application program; and the logout module is used for deleting the UID from the storage file of the safe application list directly after the application program actively logs out the application program from the safe application list or the system learns that the system has the event of application program uninstallation by monitoring android.

Apparatus example 2

On the basis of the device embodiment 1, the device based on the Android system application program authorization further includes a secure password resetting module, which is used for resetting the secure password to execute if the secure password state needs to be set to the uninitialized state.

Referring to fig. 1, according to some application embodiments of the present invention, a specific working process of the security password setting module includes: an old password and a new password are transmitted, whether the format of the new password is correct or not is judged, and if the format of the new password is incorrect, the setting is failed; if so, continuously judging whether the current security password state is an uninitialized state, and if not, directly setting the security password as a new password; if the security password state is the existing state, whether the format of the old password is correct and whether the old password is the same as the security password existing at present is judged, if the old password is not the same as the security password existing at present, the setting of the security password is failed, and if the old password and the security password are both the same, the new password is set as the security password.

Referring to fig. 3, according to some application embodiments of the present invention, the specific working process of the secure password resetting module includes: an old password is introduced. And judging whether the security password state is an uninitialized state. If it is in the uninitialized state, the reset fails. If the password is in the set state, whether the format of the old password is correct and whether the old password is consistent with the current security password is judged. Resetting the security code fails if any of the conditions is not met. And if the two are in accordance, directly deleting the safe password storage file, and setting the safe password state to be uninitialized.

Referring to fig. 4, according to some embodiments of the present invention, the specific working process of registering the security application module includes: an old password is transmitted, whether the current security password state is an uninitialized state or not is judged, and if the current security password state is the uninitialized state, the security application is not registered; if the password is in the initialized state, further judging whether the format of the old password is correct or not, whether the old password is consistent with the current security password or not, if any condition is not met, failing to register the security application, and if the condition is met, storing the UID of the current application into a security application list and storing the list into a local file. Through the above steps, the application program is registered as a secure application.

Embodiments of the present invention also provide a computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations comprising:

setting a safety password for the system;

checking whether the application program is a safe application program, after the registration is successful, judging whether the application program is the safe application program by inquiring whether the UID is in the application list by the system, and confirming that the safe application program can be authorized;

The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.

For details of the above technical solution, reference is made to the method embodiment, and details are not described herein again.

It is to be understood that the exemplary embodiments described herein are illustrative and not restrictive. Although one or more embodiments of the present invention have been described with reference to the accompanying drawings, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the following claims.

20页详细技术资料下载

上一篇：一种医用注射器针头装配设备

下一篇：基于超球面变分自动编码器的未知用户恶意行为检测方法及系统

Method and device for authorizing application program based on Android system and computer readable storage medium

相关技术

网友询问留言