CN101753545A - Box cleaning technology - Google Patents
Box cleaning technology Download PDFInfo
- Publication number
- CN101753545A CN101753545A CN200810239181A CN200810239181A CN101753545A CN 101753545 A CN101753545 A CN 101753545A CN 200810239181 A CN200810239181 A CN 200810239181A CN 200810239181 A CN200810239181 A CN 200810239181A CN 101753545 A CN101753545 A CN 101753545A
- Authority
- CN
- China
- Prior art keywords
- pending object
- module
- behavior
- relevant
- security context
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to an information safety technology, in particular to a box cleaning technology. The box cleaning technology creates a safe executing environment for an object to be executed of a user, and implements a strategy of admission and exclusion in the safe executing environment, so as to thoroughly eliminate the possibility of obtaining any information of the user by any virus, malicious software, Trojan horse or number stealing programs and the like without extra cost in hardware. The box cleaning technology is just like setting up a dustless laboratory for experiments. A clean box provides a safe environment for the user to carry out information interaction or financial payment and the like in a reassured manner.
Description
Technical field
The present invention relates to information security field.
Background technology
Along with the extensive use of Internet technology, and ecommerce (B2B, B2C, C2C), E-Payment, Web bank etc. become one of important application pattern of the Internet day by day.This makes the information interaction between client and businessman, client and client, businessman and the businessman, and for example the safety problem of financial payment etc. becomes a great problem.
Comprise at the main attack means that relates to e-commerce operations at present:
1, fishing is meant that the assailant passes through to forge or simulate an interface and attacked similar website, website, inveigles the user to import key messages such as account number cipher, thereby reaches the purpose of steal information.
2, browser plug-in/injection attacks, the assailant passes through to insert browser plug-in or inject browser process to browser, thereby intercepts and captures the account number that browser sends to server, information such as password.
3, Key Logger can be intercepted and captured the sensitive information of user with the keyboard input, and the cryptosecurity control is because technical limitation only can provide more simply protection, and rogue program can be walked around the protection of safe control easily by hook program or driver.
Accordingly, mainly there are some following ways in the solution of the secure payment that is provided in the prior art:
1, detects steal-number and keyboard record wooden horse and spyware such as (keylogger) with anti-virus software;
The cryptosecurity control of 2, on virus proof tech, deriving out;
3, third-party authentication is such as short-message verification sign indicating number, one-time pad etc.;
4, digital certificate checking or USB digital certificate etc.
Yet these solutions all exist protection poor effect or the too high problem of cost.Such as being in China's application of CN101206779A at publication number, adopted the numeric keypad module, display device, secure payment technology such as usb interface module.When though it has avoided using Web bank to the dependence of computer keyboard, and with instrument compatibility such as USB_KEY, improved the fail safe of financial operation, but still had tripartite planar defect:
One, when the user logined, Malware still can adopt specific means as a series of illegal means such as wooden horse, remote monitoring, viruses, as monitoring Kernel Driver, screenshotss etc., obtained private data such as user cipher from computer.Although this is because numeric keypad etc. can be avoided the dependence to the intrinsic keyboard of computer, but it still needs to use such as essential parts of computer run or programs such as display device, kernel drivings inevitably, and this just provides chance for the invasion of Malware.
Its two, the identity check/checking that the solution of existing various secure payment mainly lays particular emphasis on the user when logining, i.e. inlet checking.After the user utilized numeric keypad, USB_KEY, digital certificate etc. to enter transaction system, prior art can't be guaranteed that the information of user in process of exchange is not stolen or illegally utilize.Such as, the funds transfer system of utilizing certain bank at user A is in the process of user B account transfer, and superb Malware can slip into the payment process and before user A clicks definite the transmission, the account number of user B be changed.
Its three because means such as USB_KEY all need extra hardware supports, thereby it can cause the increase of use cost inevitably.
In addition; for the mode of third-party authentication; it is except the protection poor effect; the risk that still can exist the third party whether can be sure of; and because need intercom mutually with the third party outside the transaction, checking etc.; the formality of its transaction and process are also too loaded down with trivial details, thereby have increased risk cost and transaction cost.
Through investigation statistics, among the existing crowd, only have less than 10% people and often adopt Web bank etc. to carry out financial transaction, in contrast, nearly 90% people is for the worry of e-commerce security or complexity is reluctant to carry out any financial transaction operation by network.
Summary of the invention
In view of this; needing badly provides a kind of superior information Security Protection Technology that does not need the extra cost expenditure of effect of protecting; think that the user provides the protection of comprehensive, relieved information interaction or secure payment; and then the promotion internet, applications, such as the rapid and healthy of information interaction, financial payment, ecommerce, Web bank etc.
For achieving the above object, the present invention proposes a kind of clean box (Clean-Box) technology, and it is by hewing out the inventive concept of a safe operation environment for pending object, makes user's sensitive information avoid the invasion and attack of Malware, wooden horse, remote monitoring, virus etc.Its inventive concept is ingenious, and is simple, and its protection effect is much better than existing solution.
A first aspect of the present invention is to provide a kind of method that information security is provided, and it comprises:
Start pending object;
Corresponding to the startup of pending object, open clean box, described clean box is the security context that execution provided for pending object;
Described pending object is called in described security context, and carry out pending object.
A second aspect of the present invention is to provide a kind of system that information security is provided based on the first aspect method.
A third aspect of the present invention is to provide a kind of clean box device, it is characterized in that comprising:
The module of security context is provided for pending object; Described pending object is called in described security context, and carry out the module of described pending object; And, before described pending object is called in described security context and carry out in the process of described pending object let pass necessary module or the behavior relevant, the module that all in addition modules or behavior are shielded without exception or forbid with pending object.
A fourth aspect of the present invention is to provide a kind of method that information security is provided, and it is characterized in that comprising: the step that security context is provided for pending object; Described pending object is called in described security context, and carry out the step of described pending object; And, before described pending object is called in described security context and carry out in the process of described pending object let pass necessary module or the behavior relevant, the step that all in addition modules or behavior are shielded without exception or forbid with pending object.
Compared with prior art, the present invention has stopped the possibility that any virus, Malware, wooden horse or steal-number program etc. are obtained any information of user up hill and dale by clean box (Clean-Box) technology.Similarly be to set up that an aseptic operating room undergos surgery or dustless laboratory experimentizes, clean box for the user provide one can the relieved security context that carries out such as ecommerce, E-Payment, Web bank etc.
Description of drawings
Below with reference to accompanying drawings specific embodiments of the present invention is described in detail, wherein:
Fig. 1 is the topology example figure that comprises the computer system of box cleaning technology of the present invention;
Fig. 2 is the schematic flow sheet of box cleaning technology first embodiment of the present invention;
Fig. 3 is the schematic flow sheet of box cleaning technology second embodiment of the present invention.
Fig. 4 is the module architectures schematic diagram of box cleaning technology of the present invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, the preferred version of box cleaning technology of the present invention is elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that embodiment described herein only is the inventive concept that is used for explaining box cleaning technology of the present invention, and be not used in qualification the present invention.
Fig. 1 is the topology example figure that comprises the computer system of box cleaning technology of the present invention.As shown in Figure 1, computer system 100 links to each other with Web bank or paying website server 130 by the Internet 120, and operation has a plurality of process 1-n, drives 1-k.As signal, hiding in this computer system 100 has a trojan horse program, and the attack that this trojan horse program may be taked can be that phishing attack, BHO filter attack, Key Logger and other any possible attack meanses.
When the user by financial payment software or other information interaction instruments with extraneous (as, the Internet 120, Web bank or paying website server 130 etc.) when carrying out information interaction, computer system 100 is created a clean box environment 110 for financial payment software or the operation of other information interaction instruments.In this clean box environment 110, the process m relevant with financial payment software or other information interaction instruments, driving j etc. can enter and move, in addition, Malware such as wooden horse and other uncorrelated process 1-n, drive module such as 1-k or behavior all is shielded from outside the clean box environment 110, thus for the user provide one can the relieved security context that carries out such as ecommerce, E-Payment etc., and can guarantee the safety of user's private information.
Fig. 2 is the schematic flow sheet of box cleaning technology first embodiment of the present invention.As shown in Figure 2, when the user wants to pay when paying by the Internet 200 and Web bank 300, step s200, the user starts transaction program in computer system 100.
In step s210,, in computer system 100, create clean box, i.e. a security context based on clean box of the present invention (Clean-Box) theory.
Among the step s220, in the security context of above-mentioned establishment, carry out access and do not enter strategy.
Among the step s230, in security context, call the transaction related tool and implement transaction.
Among the step s240, withdraw from clean box after finishing.
By above-mentioned to elaboration of the present invention as can be known, compare with the solution of the secure payment that is provided in the prior art, box cleaning technology of the present invention has been abandoned traditional prevention and cure of viruses theory, no longer be all kinds of Malwares that passive reply emerges in an endless stream, and then constantly labor intensive, material resources are studied the attack means or the virus characteristic of Malware one by one, and corresponding continuous release prevents and treats certain viral software or upgrade patch.But change from passive to active, before respective transaction or software execution, create a new security context, and only allow in this security context and carry out object, take place as the module or the behavior of the relevant necessity of transaction or software, all modules in addition or behavior are shielded without exception or are forbidden.Because what can enter into security context only is the module or the behavior of necessity relevant with transaction or software; this has just stopped the possibility that any virus, Malware, wooden horse or steal-number program etc. are obtained any information of user, realize simple, do not need can the adequately protect purpose of user information safety of extra cost.
Among the present invention, create a clean box (Clean-Box), the means or the scheme that are new security context can be accomplished in several ways, for example at specific a application software (as the e-Bank payment software of certain business bank) or transaction, when transaction or when application software initiated, open a brand-new process as security context.
Preferably, at the particularly serious computer system of potential safety hazard, the mode that the present invention proposes to create security context is, duplicates in system or a newly-built safety, clean system.For example: utilize virtual technology such as VMWare in computer systems such as Windows, Linux 100, rerun a brand-new Windows or Linux subsystem, again this environment is inserted in corresponding transaction and move.Can thoroughly completely cut off operating to the transaction of subsystem in the mother system like this such as wooden horse, virus or malware attacks.
In addition, the present invention also can further freeze any operation of outside mother system behind the subsystem that establishment makes new advances.Promptly; brand-new subsystem is being carried out the operating period of concluding the business; keep the quiet relatively of subsystem external environment condition; make all or hide or be active in the wooden horse, virus of mother system or the possibility that the Malware forfeiture activated and made any action, the finance operation for the user provides better safeguard protection thus.
The performed access of the present invention with do not enter strategy and be: only allow the module or the behavior generation of necessity relevant with carrying out object, all modules in addition or behavior are shielded without exception or are forbidden.
Under normal conditions, the transaction software that most financial transaction operation is based on particular transaction service provider to be provided is carried out, as the Net silver system of certain bank.Therefore, as example,, can carry out based on the mode of white list for the module of necessity or the identification of behavior.The information that transactional services merchant provided that described white list is based on specific a application software produces.Comprised indispensable module of this application software or the behavior of moving in this information.For example, certain bank releases a e-Bank payment software, and permits following modules or behavior to support the operation of this e-Bank payment software:
The program that transaction is relevant;
With the corresponding particular network data flow of transaction;
Finish application program that exchange needs such as browser etc.
Thus, produce the white list that is used for access of the present invention and does not enter strategy based on the License Info that above-mentioned transactional services merchant provided.In the security context of being created, carry out trading time period, only allow to be documented in module in the white list or behavior and enter security context or in security context, take place, and, then shield without exception or do not enter not being documented in other all situations in the white list.Here it is legal authoritative and credible to it is pointed out that transactional services merchant (as certain bank) has, and the module carried out of the permission of the relevant transaction software that it provided or the information of behavior are that all Malwares can't be attacked or distort.Access of the present invention and do not enter ingenious this situation of utilizing of strategy makes up the perfect barrier of security context, when ensureing that transaction is normally carried out, for the user provides the most perfect information protection.
With the online transaction based on browser is example, access of the present invention and do not enter strategy and can be:
Only allow:
A, program such as payment program or Net silver program that transaction is relevant;
B, transaction protection module such as cryptoguard control;
C, other necessary security defence programs, are used to prevent uncommitted routine call, as prevent that SetWindowsHookEx from being called by malice from specific fail-safe softwares such as arts such as black person's immunity leather;
D, with the corresponding legal network data flow of transaction;
E, for finishing the necessary system program of transaction such as browser can normally move to guarantee transaction program;
F, finish transaction program and system process between necessary communicating by letter.
And with lower module or behavior with conductively-closed with forbid:
A, application layer hook program;
B, incoherent system driver;
C, unnecessary interprocess communication;
D, be different from the network data flow of transaction.
As seen, based on access of the present invention with do not enter strategy, because clean box prevents the loading of the driver of message hook and malice by mechanism of authorization control based (access and do not enter strategy), therefore can effectively exempt the possibility of attacking user sensitive information based on computer hardware such as Key Logger etc.
In addition, for other information interaction situation, as the transmission of the file between the user, information interaction etc., access of the present invention and do not enter strategy and make up based on same principle, promptly, only allow the module or the behavior of necessity relevant with carrying out object to take place, all modules in addition or behavior are shielded without exception or are forbidden.Module of described necessity or behavior can based on the information interaction both sides or one of trust, and the permission content determine, also can based on interactive tool itself or interactive tool publisher specific License Info determine.
Preferably, as to access of the present invention with do not enter the auxiliary of strategy and replenish, the present invention utilizes blacklist to carry out when carrying out the access audit and does not enter restriction, this blacklist can be accumulated, at the common virus attack means of certain a specific interactive software (comprising transaction software) or the characteristic information of itself, also can be the specific protection requirements (as the demand of safe class) of corresponding a certain interactive software and the specific strick precaution object enumerated.Thus can be when the situation that meets the blacklist record take place, the object that preferentially will clearly not enter is got rid of outside security context.Thereby save the time of determination flow, and further ensure the safety of user profile.
Preferably, the present invention also can provide at special object or user's tracking new tool more, with this promptness, accuracy that keeps access and do not enter strategy.For particular transaction service provider, when carrying out situations such as system upgrade or transaction software renewal when it, the present invention follows the tracks of the possible change of its License Info, and when change occurs, upgrade access synchronously and do not enter strategy, as white list, prevent that with this some superb Malware from utilizing the chance of transactional services merchant information-change illegally to obtain user profile.
Fig. 3 is the schematic flow sheet of box cleaning technology second embodiment of the present invention.Different with first embodiment is, in the second embodiment of the present invention, starts before back, security context create the module or the behavior of necessity that checking is relevant with transaction or software in transaction.That is, between the step 200 and step 210 of Fig. 2, for the clean box of those accesses, move indispensable module of this transaction software or behavior and verify.The advantage of this checking is can further guarantee the clean box uninfection of creating or avoid clean box infected.
As shown in Figure 3, the user starts transaction in step s300.
The checking of in step s310, being correlated with, concrete checking content comprises:
1, the consistency of checking related application is not modified as browser, transaction program etc. guaranteeing.
The means of checking can be digital signature authentication or MD5 checking etc.
Filtering attack with present BHO is example, because filtering to attack, BHO need in browser, insert the malice module, but box cleaning technology of the present invention has the module authentication technology, it is by the consistency of checking related application, only allow with the module of browser self and with the loading of the relevant module of concluding the business, in addition, the module of any malice all can't load, and can effectively exempt the attack such as Malwares such as BHO thus.
2, checking transaction provider.
The means of checking can be digital certificate checkings etc.
As everyone knows, digital certificate is one of particular community of transaction provider network operation, any fishing website all can not obtain to be attacked the certificate of website, and box cleaning technology of the present invention can effectively be exempted any phishing attack based on the means of forgery by digital signature and certification authentication mechanism.
3, the consistency and the correctness of checking transaction program.
The means of checking can be signature verifications, also can be other script verification modes.Based on the consistency and the accuracy verification of transaction script, can further prevent to conclude the business script itself by Malware utilize possible.
If the relevant checking existing problems among the above-mentioned steps s310, as the script of concluding the business is inconsistent or transaction provider certificate is forgery etc., the program of then shutting the book provides the information of text notification or voice suggestion authentication failed alternatively, and changes step s350 process ends over to the user.
If the relevant checking among the above-mentioned steps s310 is passed through, then in step s320, open new process as security context.
Among the step s330, carry out access and do not enter strategy, comprising: load transaction program and module; Shield all browser plug-ins, the application layer hook; The monitoring of unlatching network data; Open interprocess communication monitoring etc.
Among the step s340, the load transaction script, and implement transaction.
Among the step s350, transaction is finished or relevant authentication failed, withdraws from clean box.
So far, second embodiment of the invention has further been guaranteed user information safety by relevant checking.When comparatively serious potential safety hazard appears in computer system 100, or the user is when carrying out information interaction, the financial payment of outbalance, and the box cleaning technology that comprises relevant checking means can be the user provides best security assurance information.
Fig. 4 is the module architectures schematic diagram of box cleaning technology of the present invention.As shown in Figure 4, include the various security set that relate to computer information safe and security strategy etc. in security set/policy library 400.Access with do not enter control module 410 and obtain the access relevant and do not enter strategy (not shown) with the transaction program that starts based on security set/policy library 400.Before clean box/security context 440 is created, relevant authentication module 420 at access with do not enter access that control module 410 obtained and do not enter strategy in the module or the behavior of necessity relevant of approving with transaction or software carry out safety verification.As example, this safety verification based on static authentication module 421, and dynamic authentication module 422 realize.Wherein, static authentication module 421 is carried out object and related resource thereof by the static technique checking, including, but not limited to module verification according to security strategy; Dynamic authentication module 422 is carried out object and related resource thereof according to security strategy by the dynamic technique checking, including, but not limited to carrying out the consistency and the verification of correctness of object, carries out objects services merchant's verification of correctness, carries out the checking of object behavior etc.
In conjunction with Fig. 3,4, when relevant checking not by or during existing problems, the execution of shutting the book and to information such as the relevant authentication faileds of user prompt.So far closing the transaction is replaced or is repaired verifying unsanctioned module or behavior by user or transactional services merchant, wait to replace or repair improve after, restart transaction.
In addition, alternatively, when relevant checking was not passed through or had problems, the continuation of the program of suspending trading was carried out, and indicating risk information is provided and selects to determine whether to continue the execution transaction program according to the user to the user.Described indicating risk information can be according to the security set/strategy that comprises in security set/policy library 400 to the risk class of the current system of user prompt and feasible proposal etc.For example; in browser, inserted the malice module and caused the inconsistent of related application owing to BHO filter to attack; promptly; browser is modified; but box cleaning technology can be by static authentication module 421, dynamic authentication module 422 or other safety protection program; this malice module shielding and the safety that do not influence transaction program are carried out from art etc. as black person immunity leather, can to user prompt risk class be low based on security set/policy library 400 this moment, and the suggestion user continues to carry out transaction program.Thus, whether the user can continue to carry out transaction according to the indicating risk Information Selection, thereby has avoided in the scope that information security allows, and occurs being badly in need of the finance account transfer such as the user and but can't start the predicament of carrying out transaction program.
When relevant checking by or user when selecting continuous business, create clean box by clean box creation module (not shown), for pending object provides security context.Visit isolation module 430 safety curtains as clean box, based on access with do not enter control module 410 accesses relevant that obtain and do not enter strategy with this transaction or software, the module or the behavior of necessity that clearance is relevant with transaction or software, and shielding or forbid all in addition modules or behavior, with isolated transaction or software and related resource thereof unnecessary communication, as unnecessary interprocess communication, be different from the network data flow of transaction etc. with the external world.After this, the secure interactive of transaction program or software operation and the information of realization in clean box/security context 440 of creating.
It should be understood that each related handling process can be constructed as corresponding device thereof or module in above-mentioned each specific embodiment of the present invention.And the interrelational form between each module also can be any one mode of specific embodiment of the invention part.
In addition, the present invention described here can have many variations, and this variation can not be thought and departs from the spirit and scope of the present invention.Therefore, the change that all it will be apparent to those skilled in the art all is included within the covering scope of these claims.
Claims (14)
1. method that information security is provided is characterized in that comprising:
Start pending object;
Corresponding to the startup of pending object, open clean box, described clean box is the security context that execution provided for pending object;
Described pending object is called in described security context, and carry out pending object.
2. according to the method for claim 1, it is characterized in that:
Providing by newly-built process or based on virtual or reproduction technology of described security context realizes.
3. according to the method for claim 1, it is characterized in that:
Also comprise: let pass necessary module or the behavior relevant, the step that all in addition modules or behavior are shielded without exception or forbid with pending object.
4. according to the method for claim 3, it is characterized in that:
The necessary module that described and pending object is relevant or the identification of behavior are based on the white list realization.
5. according to the method for claim 4, it is characterized in that:
Also comprise and follow the tracks of the step of upgrading described white list.
6. according to the method for one of claim 1-5, it is characterized in that:
Also comprise and open the preceding checking of the clean box necessary module relevant or the relevant verification step of behavior with pending object.
7. according to the method for claim 5, it is characterized in that:
The checking content of described relevant checking includes but not limited to: the consistency of related application, the consistency of pending object and correctness and pending objects services merchant's correctness.
8. the method according to one of claim 1-7 provides the system of information security.
9. clean box device is characterized in that comprising:
The module of security context is provided for pending object;
Described pending object is called in described security context, and carry out the module of described pending object; And,
Before described pending object is called in described security context and carry out in the process of described pending object let pass necessary module or the behavior relevant, the module that all in addition modules or behavior are shielded without exception or forbid with pending object.
10. according to the clean box device of claim 9, it is characterized in that:
Described security context provides by newly-built process or based on virtual or reproduction technology.
11. the clean box device according to claim 9 is characterized in that:
The necessary module that described and pending object is relevant or the identification of behavior are based on the white list realization.
12. the clean box device according to claim 11 is characterized in that:
Also comprise and follow the tracks of the module of upgrading described white list.
13. the clean box device according to one of claim 9-12 is characterized in that:
Also comprise and open the preceding checking of the clean box necessary module relevant or the relevant authentication module of behavior with pending object.
14. one kind provides the method for information security based on the clean box device of one of claim 9-13, it is characterized in that comprising:
The step of security context is provided for pending object;
Described pending object is called in described security context, and carry out the step of described pending object; And,
Before described pending object is called in described security context and carry out in the process of described pending object let pass necessary module or the behavior relevant, the step that all in addition modules or behavior are shielded without exception or forbid with pending object.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810239181A CN101753545A (en) | 2008-12-11 | 2008-12-11 | Box cleaning technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810239181A CN101753545A (en) | 2008-12-11 | 2008-12-11 | Box cleaning technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101753545A true CN101753545A (en) | 2010-06-23 |
Family
ID=42479954
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810239181A Pending CN101753545A (en) | 2008-12-11 | 2008-12-11 | Box cleaning technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101753545A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763686A (en) * | 2013-12-23 | 2014-04-30 | 北京奇虎科技有限公司 | Processing method and device for short messages |
| WO2015101133A1 (en) * | 2013-12-30 | 2015-07-09 | Tencent Technology (Shenzhen) Company Limited | Interface displaying method, device, and system |
| CN105141623A (en) * | 2015-09-16 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Control method of electronic account, control system and mobile terminal |
| CN105740700A (en) * | 2015-08-13 | 2016-07-06 | 哈尔滨安天科技股份有限公司 | Method and system for identifying internet banking payment type Trojan |
| CN106302309A (en) * | 2015-05-12 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of method and device for business processing |
| WO2018082189A1 (en) * | 2016-11-03 | 2018-05-11 | 华为技术有限公司 | Isolation method and device for payment application, and terminal |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588407A (en) * | 2004-08-26 | 2005-03-02 | 陈卫国 | Network-bank road and its construction door method |
| CN1848727A (en) * | 2005-04-05 | 2006-10-18 | 联想(北京)有限公司 | Method for establishing safety data communication link |
-
2008
- 2008-12-11 CN CN200810239181A patent/CN101753545A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588407A (en) * | 2004-08-26 | 2005-03-02 | 陈卫国 | Network-bank road and its construction door method |
| CN1848727A (en) * | 2005-04-05 | 2006-10-18 | 联想(北京)有限公司 | Method for establishing safety data communication link |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763686A (en) * | 2013-12-23 | 2014-04-30 | 北京奇虎科技有限公司 | Processing method and device for short messages |
| WO2015101133A1 (en) * | 2013-12-30 | 2015-07-09 | Tencent Technology (Shenzhen) Company Limited | Interface displaying method, device, and system |
| CN106302309A (en) * | 2015-05-12 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of method and device for business processing |
| CN105740700A (en) * | 2015-08-13 | 2016-07-06 | 哈尔滨安天科技股份有限公司 | Method and system for identifying internet banking payment type Trojan |
| CN105141623A (en) * | 2015-09-16 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Control method of electronic account, control system and mobile terminal |
| WO2017045253A1 (en) * | 2015-09-16 | 2017-03-23 | 宇龙计算机通信科技(深圳)有限公司 | Electronic account control method, system, and mobile terminal |
| CN105141623B (en) * | 2015-09-16 | 2018-10-26 | 宇龙计算机通信科技(深圳)有限公司 | Control method, system and the mobile terminal of electronic account |
| WO2018082189A1 (en) * | 2016-11-03 | 2018-05-11 | 华为技术有限公司 | Isolation method and device for payment application, and terminal |
| US11762983B2 (en) | 2016-11-03 | 2023-09-19 | Huawei Technologies Co., Ltd. | Payment application isolation method and apparatus, and terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bhat et al. | A survey on various threats and current state of security in android platform | |
| US9798879B2 (en) | Apparatus, system, and method for protecting against keylogging malware | |
| US8316445B2 (en) | System and method for protecting against malware utilizing key loggers | |
| Lu et al. | Blade: an attack-agnostic approach for preventing drive-by malware infections | |
| US8601580B2 (en) | Secure operating system/web server systems and methods | |
| Yoo et al. | Case study of the vulnerability of OTP implemented in internet banking systems of South Korea | |
| Bhardwaj | Ransomware: A rising threat of new age digital extortion | |
| Khan et al. | Towards vulnerability prevention model for web browser using interceptor approach | |
| CN101753545A (en) | Box cleaning technology | |
| Vijayalakshmi et al. | Study on emerging trends in malware variants | |
| Xing et al. | Unauthorized cross-app resource access on mac os x and ios | |
| Budianto et al. | You can’t be me: Enabling trusted paths and user sub-origins in web browsers | |
| Bidgoli | Integrating Real Life Cases Into A Security System: Seven Checklists For Managers. | |
| CA2691129A1 (en) | Activex object method and computer program system for protecting against crimeware key stroke loggers | |
| Gottipati | A proposed cybersecurity model for cryptocurrency exchanges | |
| Mishra et al. | Behavioral Study of Malware Affecting Financial Institutions and Clients | |
| Yuan et al. | Survey of Recent Hacking Events | |
| Hossain et al. | The pros and cons of modern web application security flaws and possible solutions | |
| Wang et al. | Coprocessor-based hierarchical trust management for software integrity and digital identity protection | |
| Behzadi et al. | Blockchain security considerations | |
| Scheau et al. | Cyberattack-risk factor for financial transactions | |
| Rijah et al. | Security Issues and Challenges in Windows OS Level | |
| Alsaiary et al. | Application of blockchain technology in securing mobile applications | |
| Patel12 et al. | Chapter-9 A Study of Cyber Security Threats in the Era of Covid-19 Pandemic | |
| Ayyagari | Man in the Browser Attacks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20100623 |
|
| RJ01 | Rejection of invention patent application after publication |