CN103646215A - Application installation control method, related system and related device - Google Patents

Application installation control method, related system and related device Download PDF

Info

Publication number
CN103646215A
CN103646215A CN201310717660.7A CN201310717660A CN103646215A CN 103646215 A CN103646215 A CN 103646215A CN 201310717660 A CN201310717660 A CN 201310717660A CN 103646215 A CN103646215 A CN 103646215A
Authority
CN
China
Prior art keywords
application
application program
business
list
installation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310717660.7A
Other languages
Chinese (zh)
Inventor
王鹏程
苏云琳
窦文科
王力
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201310717660.7A priority Critical patent/CN103646215A/en
Publication of CN103646215A publication Critical patent/CN103646215A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses an application installation control method, a related system and a related device, which are used to achieve safety management of applications on a mobile terminal. The application installation control method includes the following steps: an enterprise management client on the mobile terminal receives an installation request for an application listed in a list of applications for free installation; in case the enterprise management client is for sure configured with an application blacklist, whether the application to be installed is in the application blacklist is judged, the installation of the application is prohibited if the application to be installed is in the application blacklist, and the installation of the application proceeds if the application to be installed is not in the application blacklist; in case the enterprise management client is for sure configured with an application whitelist, whether the application to be installed is in the application whitelist is judged, the installation of the application proceeds if the application to be installed is in the application whitelist, and the installation of the application is prohibited if the application to be installed is not in the application whitelist. The invention adopting the technical scheme can effectively protect the information security of enterprises.

Description

A kind of installation control method of application program, related system and device
Technical field
The present invention relates to information security field, relate in particular to a kind of installation control method, related system and device of application program.
Background technology
Along with the maturation of mobile terminal is with universal, the individual mobile terminal equipment that smart mobile phone, panel computer be representative of take progresses into enterprise field.According to the Gartner of internal authority consulting firm prediction, to the enterprises of 2014 90%, will support employee on individual mobile terminal equipment, to move enterprise's office application program, employee uses the office of individual mobile terminal equipment to become a kind of trend that cannot reverse.The phenomenon that this class is called as BYOD (Bring Your Own Device, from carrying device office) is that enterprise information security has brought new challenge:
1, enterprise network border thickens, and original border system of defense cannot effectively be protected enterprise information security
The mobile terminal of enterprise staff can access mobile Internet or the public/Wi-Fi of family network at any time and any place; business data in mobile terminal also can be exposed under the attack from internet; BYOD has broken original enterprise network border; the ambiguity on this border makes BYOD become the weak link of enterprise information security system just, needs new method protection enterprise information security.
2, the application of individual application and enterprise is mixed, for enterprise brings Information Security Risk
Existing individual application on same mobile terminal, the application of You You enterprise and data, individual application can arbitrarily be accessed, access business data, thus the risk that exists business data illegally to be uploaded, share and leak by individual application.As being stored in office mail in mobile phone, file, picture, communications records and note relevant with business tine etc., the leakage of these responsive company informations brings great Information Security Risk to enterprise.
3, loss or stolen mobile terminal, Hui Gei enterprise brings the hidden danger of divulging a secret
Mobile terminal is easily lost, and therefore the business data of preserving in mobile terminal also faces the risk of divulging a secret, and device losses not only means leakage and the loss of responsive company information, and the equipment of losing also may become the springboard of attacking enterprise network.
4, mobile phone viruses is Exponential growth, and mobile terminal becomes the springboard of infiltration corporate intranet
The today becoming more and more popular at mobile Internet, assailants have started sight line by PC(Personal Computer, personal computer) turned to mobile terminal.According to national internet emergency center statistics, within 2012, newfound rogue program surpasses 160,000, compared with 2011, increases by 25 times.According to the < < of CCTV news hookup on July 6th, 2013 > > report, 2013 the first half of the year Android mobile phone viruses rise suddenly and sharply 7.96 times.Meanwhile, due to Root(power user) privilege abuse and new assault technology, mobile terminal becomes the new hotbed that grows Information Security Risk, easily becomes the springboard of hacker attacks infiltration corporate intranet.
As can be seen here, the information security issue that BYOD brings to enterprise becomes technical matters urgently to be resolved hurrily in prior art.
Summary of the invention
The embodiment of the present invention provides a kind of installation control method, related system and device of application program, realizes safety management, thereby effectively protect enterprise information security in order to the application program on mobile terminal.
The installation control method of the application program that the embodiment of the present invention provides, comprising:
Business administration client on mobile terminal is freely installed the installation request of the application program initiation of listing in list for application, it is that service for business management device is pushed to described business administration client that list is freely installed in described application;
When described business administration client confirms to dispose application blacklist, judge that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed;
When described business administration client confirms to dispose application white list, judge that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
Wherein, the installation kit that each application program of listing in list is freely installed in described application is kept in described service for business management device; And described service for business management device also comprises before preserving the installation kit of application program:
The installation kit of application programs carries out virus and detects and consolidation process.
Further, described service for business management device pushes the method that list is freely installed in application, comprising:
Described service for business management device is according to the application management strategy of the application management list of self maintained and each user group, for each user organizes application corresponding to generation, list is freely installed, and each user is organized to corresponding application and list is freely installed is pushed in the business administration client of each user in this user's group, described application management list comprises that all installation kits have uploaded to title and the version number of the application program of described service for business management device, and described application is freely installed list and comprised title and the version number that organizes freely fitted application program for user.
Wherein, described described application program is installed, specifically comprises:
Described business administration client is used the power user Root authority of extracting, according to described installation request, from described service for business management device, download the installation kit of described application program and carry out Auto-mounting in individual district memory headroom, described individual district memory headroom refers to the memory headroom outside the memory headroom of workspace in the memory headroom of described mobile terminal, and described workspace memory headroom refers to the memory headroom of distributing to described business administration client.
Wherein, described in, forbid specifically comprising the installation of described application program:
Described business administration client is used the power user Root authority of extracting, and forbids downloading the installation kit of described application program from described service for business management device, and sends described application program and forbid the warning information of installing.
Wherein, described application blacklist or application white list are configured to described business administration client by service for business management device; And described method also comprises:
When business administration client arrives the application blacklist of described service for business management device configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in described application blacklist is installed in individual district memory headroom, and for the application program detecting, send described application program and forbid the warning information of installing;
Business administration client is during to the application white list of described service for business management device configuration, according to the title of the application program of listing in application white list and version number, detects whether unlisted application program in described application white list is installed in individual district memory headroom; And for the application program detecting, send described application program and forbid the warning information of installing.
The embodiment of the present invention also provides a kind of enterprise management system of mobile terminal, and comprise service for business management device and be arranged on the business administration client on mobile terminal, wherein:
Described service for business management device, for freely installing list to the application of business administration client push;
Described business administration client, for receiving the installation request that the application program initiation that list lists is freely installed for described application; While confirming to dispose application blacklist, judge that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed; While confirming to dispose application white list, judge that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
Further, described service for business management device, also for carrying out preserving after virus detection and consolidation process to uploading to the installation kit of the application program of this service for business management device.
Further, described service for business management device, also for according to the application management list of self maintained, and the application management strategy of each user's group, for each user organizes application corresponding to generation, list is freely installed, and each user is organized to corresponding application and list is freely installed is pushed in the business administration client of each user in this user's group, described application management list comprises that all installation kits have uploaded to title and the version number of the application program of described service for business management device, described application is freely installed list and is comprised title and the version number that organizes freely fitted application program for user.
Further, described business administration client, specifically for using the power user Root authority of extracting, according to described installation request, from described service for business management device, download the installation kit of described application program and carry out Auto-mounting in individual district memory headroom, described individual district memory headroom refers to the memory headroom outside the memory headroom of workspace in the memory headroom of described mobile terminal, and described workspace memory headroom refers to the memory headroom of distributing to described business administration client.
Further, described business administration client, specifically for using the power user Root authority of extracting, forbids downloading the installation kit of described application program from described service for business management device, and sends described application program and forbid the warning information of installing.
Further, described service for business management device, also for configuring described application blacklist or application white list to described business administration client;
Described business administration client, also when receiving the application blacklist of described service for business management device configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in described application blacklist is installed in individual district memory headroom, and for the application program detecting, send described application program and forbid the warning information of installing; While receiving the application white list of described service for business management device configuration, according to the title of the application program of listing in application white list and version number, detect whether unlisted application program in described application white list is installed in individual district memory headroom; And for the application program detecting, send described application program and forbid the warning information of installing.
The embodiment of the present invention also provides a kind of business administration client terminal device, and described business administration client terminal device is arranged on mobile terminal, comprising:
Receiver module, for receiving the installation request that the application program initiation that list lists is freely installed for application;
Confirm module, for being confirmed whether to dispose application blacklist or application white list;
The first control module, when confirming to dispose application blacklist when described confirmation module, judges that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed;
The second control module, when confirming to dispose application white list when described confirmation module, judges that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
The installation control method of the application program that the embodiment of the present invention provides, related system and device, by service for business management device be arranged on the enterprise management system that business administration client on mobile terminal has formed mobile terminal, the application program on mobile terminal is carried out to safety management.Service for business management device is freely installed list to the application of business administration client push, and user only can freely install the application program of listing in list for application and initiate to install, and has guaranteed the safe reliability in application program source; For application program to be installed, initiate after the request of installing; adopt application black and white lists mechanism to control; only allow the application program in application blacklist or the application program in application white list are not installed; and forbid the installation of other application programs; the risk of having avoided the business data on mobile terminal illegally to be uploaded, share and leak by malicious application, thus enterprise information security effectively protected.
The application's further feature and advantage will be set forth in the following description, and, partly from instructions, become apparent, or understand by implementing the application.The application's object and other advantages can be realized and be obtained by specifically noted structure in the instructions write, claims and accompanying drawing.
Accompanying drawing explanation
Accompanying drawing is used to provide a further understanding of the present invention, and forms a part for instructions, is used from explanation the present invention with the embodiment of the present invention one, is not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is the system architecture schematic diagram of the enterprise management system of mobile terminal in the embodiment of the present invention;
Fig. 2 is the installation control method process flow diagram of application program in the embodiment of the present invention;
Fig. 3 is the installation control method process flow diagram of application program while disposing application blacklist in the embodiment of the present invention in business administration client;
Fig. 4 is the installation control method process flow diagram of application program while disposing application white list in the embodiment of the present invention in business administration client;
Fig. 5 is the enterprise management system block diagram of mobile terminal in the embodiment of the present invention;
Fig. 6 is the structured flowchart of business administration client terminal device in the embodiment of the present invention.
Embodiment
The information security issue of bringing to enterprise in order to solve BYOD; the embodiment of the present invention provides a kind of enterprise management system of mobile terminal; enterprise management system based on this mobile terminal; the embodiment of the present invention also provides a kind of installation control method, related system and device of application program; in order to the application program on mobile terminal, realize safety management, thereby effectively protect enterprise information security.Below in conjunction with Figure of description, the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein, only for description and interpretation the present invention, is not intended to limit the present invention.And in the situation that not conflicting, embodiment and the feature in embodiment in the application can combine mutually.
The system architecture of the enterprise management system of the mobile terminal first, the embodiment of the present invention being provided describes.As shown in Figure 1, the enterprise management system of the mobile terminal that the embodiment of the present invention provides is enterprise-oriented mobile terminal administration platform, comprise and be deployed in the service end of corporate intranet and be arranged on the client on the mobile terminal that need to be managed, in the embodiment of the present invention, the service end that is deployed in corporate intranet is called to service for business management device, and the client being arranged on the mobile terminal that need to be managed is called business administration client.Wherein:
The major function of service for business management device comprises: manage, issue the application of corporate intranet, and manage, issue security strategy etc., service for business management device also provides abundant mobile terminal Commitment, Accounting and Management of Unit Supply instrument, enterprise administrator can check by service for business management device the details of the mobile terminal that each need to be managed, comprise: terminal models, system version, IMEI(International Mobile Equipment Identification Number, international mobile equipment identification number), sequence number, MSISDN(mobile station identity number, be commonly called as phone number), off-line whether, Root(power user whether), change the password time, whether fail-safe software is installed, power information, radio network information etc.The major function of business administration client comprises: data are anti-divulges a secret, and carries out security strategy etc., and anti-the divulging a secret of data comprises data encryption, data isolation etc., and the data of encryption can relate to the data in system file; Or the selected financial sffairs paper of user, produce the data in file, sale file, market file, human resources file etc.; Can also be the data of individual subscriber file, such as: photo, video, daily record etc.With in Android(Android) be embodied as example in system data encryption is carried out to brief description.Data encryption is by .so(dynamic link library) file realization, it is mainly injecting codes in application program, make apk(Android Package, Android installation kit) remove to call this .so file during initialization, the opportunity that guarantees .so running paper is more Zao than the time of the reading and writing of files of application program, if evening file will become " state of half encryption ", cause file corruption.By data encryption, the All Files operation that .so file can be tackled this application program, realizes and encrypting.
The enterprise management system of the mobile terminal that the embodiment of the present invention provides; the anti-mechanism of divulging a secret of data based on business administration client; do not affecting on the enterprise staff basis that use is experienced to individual application; a safety, workspace memory headroom independently on mobile terminal, have been set up; workspace memory headroom (abbreviation workspace) refers to the memory headroom of distributing to business administration client, and all enterprise's application and data are stored in shielded workspace.Accordingly, memory headroom in the memory headroom of mobile terminal outside the memory headroom of workspace is called individual district memory headroom (being called for short individual district), all individual applications and data are stored in individual district, individual application cannot be accessed business data, thereby avoids business data by individual application unauthorized access, access.The enterprise management system of the mobile terminal that the embodiment of the present invention provides; not only business data and personal data are isolated completely; protect better enterprise's application and data, also for enterprise staff provides indiscriminate individual application, experience, reached the effect of " dual-use ".
Service for business management device provides two kinds of application programs to issue mode: freely install and solar obligation.The application program issuing by free mounting means, freely selects to download and install for enterprise customer; The application program issuing by solar obligation mode, enterprise customer could normally use workspace after this application program need be installed.In concrete enforcement, the enterprise's application in workspace, generally adopts solar obligation mode; For the individual application in individual district, generally adopt free mounting means., can certainly adopt free mounting means to the enterprise's application in workspace.
For the application program on mobile terminal realizes safety management, thereby effectively protect enterprise information security, enterprise management system based on above-mentioned mobile terminal, the embodiment of the present invention is for the application program issuing by free mounting means, a kind of installation control method of application program is provided, because the enterprise in workspace applies the feature that generally possesses enterprise's solar obligation, therefore this scheme is mainly the security management mechanism providing for the individual application in individual district, certainly do not get rid of the application scenarios that enterprise's application of optional installation is provided to safety management yet.As shown in Figure 2, the installation control method of the application program that the embodiment of the present invention provides, comprises the steps:
Business administration client on S201, mobile terminal is freely installed the installation request of the application program initiation of listing in list for application, wherein, it is that service for business management device is pushed to business administration client that list is freely installed in application.
In concrete enforcement, it is that enterprise customer freely installs list according to the application of business administration client shows and selects to initiate after application program to be installed that this installations is asked.
In concrete enforcement, in service for business management device, set up a private space, for storing the installation kit of the application program that uploads to service for business management device, in the embodiment of the present invention, this private space has been called to enterprise's application library.On service for business management device, safeguard and have application management list, application management list comprises that all installation kits have uploaded to title and the version number of the application program of service for business management device, other information that can certainly comprise this application program, such as uplink time, installation kit size, installation etc.Enterprise administrator can check, editing application managing listings, checks the statistical informations such as installation of each application program.Generally, the installation kit Shi You enterprise of application program is uploaded to service for business management device, in order to guarantee the safe reliability of the application program of using on mobile terminal, service for business management device is before preserving the installation kit of application program, and the installation kit of application programs carries out virus and detects and consolidation process.The installation kit of application programs carries out consolidation process, thereby can prevent that application program from, by reverse key messages such as key code system that obtain easily, having increased the function of data encryption simultaneously to application program, increases safety coefficient.With in Android(Android) installation kit that is embodied as routine application programs in system carries out consolidation process and carries out brief description.It is exactly mainly the content that changes the class.dex file of application program that the installation kit of application programs carries out consolidation process, its content is carried out to some algorithm for encryption, at apk(Android Package, Android installation kit) go again deciphering, also raw content during operation dynamically; When revising class.dex file, to guarantee that it meets the intrinsic form of dex file.The installation kit of all application programs of uploading all detects and consolidation process through virus, thereby stops that malice is distorted, code injection, internal memory revise, steal the threats such as data, decompiling.
Service for business management device can also be divided into different user's groups according to department or function etc. by enterprise staff, and for organizing, each user formulates different application management strategies, for example, by the application program classified types in enterprise's application library, for user's group of different departments or different functions issues the application program of particular type.By the block functions of service for business management device, the application program that can send out different to different user's components.Service for business management device can be according to the application management strategy of the application management list of self maintained and each user group, for each user organizes application corresponding to generation, list is freely installed, and each user is organized to corresponding application and list is freely installed is pushed in the business administration client of each user in this user's group, application is freely installed list and is comprised that confession user organizes title and the version number of freely fitted application program.Business administration client is freely installed list by application and is illustrated in the enterprise application market of workspace, for enterprise customer, freely selects to download and install.
When S202, business administration client confirm to dispose application blacklist, judge that application program to be installed whether in application blacklist, if so, forbids the installation of this application program, otherwise, this application program is installed.
When S203, business administration client confirm to dispose application white list, judge that application program to be installed is whether in application white list, if so, application programs is installed, otherwise, forbid the installation of application software.
In concrete enforcement, application blacklist or application white list are generally configured to business administration client by service for business management device, can certainly be in advance by human configuration to business administration client.Title and the version number that in application blacklist, can list the application program of forbidding installation, can list title and the version number that only allows the application program of installation in application white list.Judge that application program to be installed whether in application blacklist, refers to and judge in the title of application program to be installed and the title and version number of the application program whether version number lists in applying blacklist; Judge that application program to be installed whether in application white list, refers to and judge in the title of application program to be installed and the title and version number of the application program whether version number lists in applying white list.
The setting of application blacklist or application white list is all that enterprise administrator can configure.Enterprise administrator comprises following scene to the setting of application blacklist or application white list:
Scene one, all mobile terminal devices of enterprise, only allow enterprise staff office to use, and therefore can limit and only allow the application program that office is used is installed, and can adopt the mode of application white list to limit the application program that only allows installment work relevant.
Scene two, forbid being exposed the installation of the application program of security breaches or malicious act.Some specific application programs for example, or fail-safe software is found the application program of malicious act, or the application program that has security breaches that goes out of vulnerability scanning functionality scan etc., can adopt the mode of application blacklist to forbid having the installation of the application program of security breaches or malicious act.
Scene three, forbid the installation of some sharing files class application program, installation such as application programs such as net dishes, because sharing files class application program can cause the resource of enterprises to be uploaded to high in the clouds, thereby destroyed the privacy of company information, can adopt the mode of application blacklist to forbid the installation of sharing files class application program.
Other concrete scenes will not enumerate, and in a word, enterprise can adopt the mode of application blacklist or application white list according to the actual demand of this enterprise, controls flexibly the installation of application program in each user's group.
Preferably, in the embodiment of the present invention, it is in individual district, to need the application program of installing to manage to individual application that business administration client is used application blacklist or application white list, by the management to application program in individual district, make only the application program of being trusted can be installed in individual district, further guarantee the security of business data in workspace.Accordingly, if judge application program to be installed not in application blacklist, or judge application program to be installed in application white list, this application program is installed, specifically comprise the steps:
Business administration client is used the Root authority of extracting, and according to installing, asks from the installation kit of service for business management device down load application program and carry out Auto-mounting in individual district memory headroom.
Accordingly, if judge application program to be installed in application blacklist, or judge application program to be installed not in application white list, forbid the installation of this application program, specifically comprise the steps:
Business administration client is used the Root authority of extracting, and forbids downloading from service for business management device the installation kit of this application program, and sends this application program and forbid the warning information of installing.
To realizing the know-why of application black and white lists, carry out brief description below, with in Android(Android) be embodied as example in system and describe.First business administration client extracts Root authority by one section of Root code, uses Root authority to start a Service(service with Root authority).After the Service with Root authority starts, reserved local Socket(socket) interface is for calling.This Socket interface of business administration client call, make the Service Hook with Root authority in a kernel process System Service(of Android system system service) on, thereby the Service with Root authority can monitor the mechanism to interprocess communication in Binder(Android system) relevant IOCTL(input and output control) function, if monitored and the service in Package Manager(Android system, installation kit being managed) relevant content, need to start Package Manager, the request of installing is transmitted to the Service(service of being responsible for application black and white lists decision logic in business administration client), by the Service that is responsible for application black and white lists decision logic, judged whether to allow to install, if allowed, this installation request is transmitted to Package Manager, if do not allowed, to the Service with Root authority, return to an error message.
In the embodiment of the present invention, according to application blacklist or application white list, business administration client not only can manage application program to be installed, can also manage mounted application program in individual district memory headroom, comprises following two kinds of situations:
The first situation, business administration client are during to the application blacklist of service for business management device configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in application blacklist is installed in individual district memory headroom, and for the application program detecting, send application program and forbid the warning information of installing;
The second situation, business administration client be during to the application white list of service for business management device configuration, according to the title of the application program of listing in application white list and version number, detects whether unlisted application program in application white list is installed in individual district memory headroom; And for the application program detecting, send application program and forbid the warning information of installing.
The installation control method of the application program that the embodiment of the present invention provides, by service for business management device be arranged on the enterprise management system that business administration client on mobile terminal has formed mobile terminal, carries out safety management to the application program on mobile terminal.Service for business management device is freely installed list to the application of business administration client push, and user only can freely install the application program of listing in list for application and initiate to install, and has guaranteed the safe reliability in application program source; For application program to be installed, initiate after the request of installing; adopt application black and white lists mechanism to control; only allow the application program in application blacklist or the application program in application white list are not installed; and forbid the installation of other application programs; the risk of having avoided the business data on mobile terminal illegally to be uploaded, share and leak by malicious application, thus enterprise information security effectively protected.It should be noted that, owing to having stipulated the application program that can not install in application blacklist, in application white list, stipulated the application program that can only install, both logically cannot coexist, so only can configure any one in white list of application blacklist or application in business administration client, and can not configure application blacklist and application white list simultaneously.For the scheme that disposes application blacklist or application white list in business administration client, describe respectively below.
First to disposing the scheme of application blacklist in business administration client, describe, as shown in Figure 3, while disposing application blacklist in business administration client, the installation control method of application program, comprises the steps:
S300, service for business management device are freely installed list to the application of business administration client push, issue application blacklist;
S301, business administration client show that application freely installs list on the table;
S302, enterprise customer freely install list according to the application of showing and select to initiate the request of installing after application program to be installed;
S303, business administration client confirm to dispose application blacklist;
S304, business administration client judge that application program to be installed whether in application blacklist, if so, carries out S305, if not, carry out S306;
S305, business administration client are forbidden the installation of this application program;
S306, business administration client are installed this application program.
Then to disposing the scheme of application white list in business administration client, describe, as shown in Figure 4, while disposing application white list in business administration client, the installation control method of application program, comprises the steps:
S400, service for business management device are freely installed list to the application of business administration client push, issue application white list;
S401, business administration client show that application freely installs list on the table;
S402, enterprise customer freely install list according to the application of showing and select to initiate the request of installing after application program to be installed;
S403, business administration client confirm to dispose application white list;
S404, business administration client judge that application program to be installed whether in application white list, if not, carries out S405, if so, carry out S406;
S405, business administration client are forbidden the installation of this application program;
S406, business administration client are installed this application program.
Based on same technical conceive; the embodiment of the present invention provides a kind of enterprise management system of mobile terminal; in order to the application program on mobile terminal, realize safety management; thereby effectively protect enterprise information security; as shown in Figure 5, comprise service for business management device 501 and be arranged on the business administration client 502 on mobile terminal, generally; business administration client 502 has a plurality of, is arranged on respectively on each mobile terminal that need to be managed.Wherein:
Service for business management device 501, freely installs list for pushing application to business administration client 502;
Business administration client 502, for receiving the installation request that the application program initiation that list lists is freely installed for application; While confirming to dispose application blacklist, judge that application program to be installed whether in described application blacklist, if so, forbids the installation of this application program, otherwise, this application program is installed; While confirming to dispose application white list, judge that application program to be installed whether in application white list, if so, installs this application program, otherwise, forbid the installation of this application software.
In concrete enforcement, service for business management device 501, also for carrying out preserving after virus detection and consolidation process to uploading to the installation kit of the application program of this service for business management device.
In concrete enforcement, service for business management device 501, also for according to the application management list of self maintained, and the application management strategy of each user's group, for each user organizes application corresponding to generation, list is freely installed, and each user is organized to corresponding application and list is freely installed is pushed in the business administration client 502 of each user in this user's group, wherein, application management list comprises that all installation kits have uploaded to title and the version number of the application program of service for business management device 501, described application is freely installed list and is comprised title and the version number that organizes freely fitted application program for user.
In concrete enforcement, if judged, application program to be installed is installed, business administration client 502, specifically for using the power user Root authority of extracting, according to the request of installing, from service for business management device 501, download the installation kit of this application program and carry out Auto-mounting in individual district memory headroom, wherein, individual's district memory headroom refers to the memory headroom outside the memory headroom of workspace in the memory headroom of mobile terminal, and workspace memory headroom refers to the memory headroom of distributing to described business administration client.
In concrete enforcement, if judge the installation of forbidding application program to be installed, business administration client 502, specifically for being used the Root authority of extracting, forbid downloading from service for business management device 501 installation kit of this application program, and send application program and forbid the warning information of installing.
In concrete enforcement, service for business management device 501, also configures to business administration client 502 for applying blacklist or apply white list;
In order to realize the management to mounted application program, business administration client 502, also when receiving the application blacklist of service for business management device 501 configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in application blacklist is installed in individual district memory headroom, and for the application program detecting, send application program and forbid the warning information of installing; While receiving the application white list of service for business management device 501 configuration, according to the title of the application program of listing in application white list and version number, detect whether unlisted application program in application white list is installed in individual district memory headroom; And for the application program detecting, send application program and forbid the warning information of installing.
Based on same technical conceive, the embodiment of the present invention also provides a kind of business administration client terminal device, and this business administration client terminal device is arranged on mobile terminal, and as shown in Figure 6, a kind of possibility structure of this business administration client terminal device, comprising:
Receiver module 601, for receiving the installation request that the application program initiation that list lists is freely installed for application;
Confirm module 602, for being confirmed whether to dispose application blacklist or application white list;
The first control module 603, for when confirming that module 602 confirms to dispose application blacklist, judges that application program to be installed whether in application blacklist, if so, forbids the installation of this application program, otherwise, this application program is installed;
The second control module 604, for when confirming that module 602 confirms to dispose application white list, judges that application program to be installed whether in application white list, if so, installs this application program, otherwise, forbid the installation of this application software.
The business administration client terminal device that the application's embodiment provides can be realized by computer program.Those skilled in the art should be understood that; above-mentioned Module Division mode is only a kind of in numerous Module Division modes; if be divided into other modules or do not divide module, as long as the through server of search has above-mentioned functions, all should be within the application's protection domain.
It will be understood by those skilled in the art that embodiments of the invention can be provided as method, system, equipment or computer program.Therefore, the present invention can adopt complete hardware implementation example, implement software example or in conjunction with the form of the embodiment of software and hardware aspect completely.And the present invention can adopt the form that wherein includes the upper computer program of implementing of computer-usable storage medium (including but not limited to magnetic disk memory, CD-ROM, optical memory etc.) of computer usable program code one or more.
The present invention is with reference to describing according to process flow diagram and/or the block scheme of the method for the embodiment of the present invention, equipment (system) and computer program.Should understand can be in computer program instructions realization flow figure and/or block scheme each flow process and/or the flow process in square frame and process flow diagram and/or block scheme and/or the combination of square frame.Can provide these computer program instructions to the processor of multi-purpose computer, special purpose computer, Embedded Processor or other programmable data processing device to produce a machine, the instruction of carrying out by the processor of computing machine or other programmable data processing device is produced for realizing the device in the function of flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, the instruction that makes to be stored in this computer-readable memory produces the manufacture that comprises command device, and this command device is realized the function of appointment in flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame.
These computer program instructions also can be loaded in computing machine or other programmable data processing device, make to carry out sequence of operations step to produce computer implemented processing on computing machine or other programmable devices, thereby the instruction of carrying out is provided for realizing the step of the function of appointment in flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame on computing machine or other programmable devices.
Although described the preferred embodiments of the present invention, once those skilled in the art obtain the basic creative concept of cicada, can make other change and modification to these embodiment.So claims are intended to all changes and the modification that are interpreted as comprising preferred embodiment and fall into the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the present invention the present invention.Like this, if within of the present invention these are revised and modification belongs to the scope of the claims in the present invention and equivalent technologies thereof, the present invention is also intended to comprise these changes and modification interior.

Claims (10)

1. an installation control method for application program, is characterized in that, comprising:
Business administration client on mobile terminal is freely installed the installation request of the application program initiation of listing in list for application, it is that service for business management device is pushed to described business administration client that list is freely installed in described application;
When described business administration client confirms to dispose application blacklist, judge that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed;
When described business administration client confirms to dispose application white list, judge that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
2. the method for claim 1, is characterized in that, the installation kit that each application program of listing in list is freely installed in described application is kept in described service for business management device; And described service for business management device also comprises before preserving the installation kit of application program:
The installation kit of application programs carries out virus and detects and consolidation process.
3. method as claimed in claim 2, is characterized in that, described service for business management device pushes the method that list is freely installed in application, comprising:
Described service for business management device, according to the application management strategy of the application management list of self maintained and each user group, is freely installed list for each user organizes application corresponding to generation; And
Each user is organized to corresponding application freely to install list and is pushed in the business administration client of each user in this user's group, described application management list comprises that all installation kits have uploaded to title and the version number of the application program of described service for business management device, and described application is freely installed list and comprised title and the version number that organizes freely fitted application program for user.
4. method as claimed in claim 2 or claim 3, is characterized in that, described described application program is installed, and specifically comprises:
Described business administration client is used the power user Root authority of extracting, according to described installation request, from described service for business management device, download the installation kit of described application program and carry out Auto-mounting in individual district memory headroom, described individual district memory headroom refers to the memory headroom outside the memory headroom of workspace in the memory headroom of described mobile terminal, and described workspace memory headroom refers to the memory headroom of distributing to described business administration client; And/or,
The described installation of forbidding described application program, specifically comprises:
Described business administration client is used the power user Root authority of extracting, and forbids downloading the installation kit of described application program from described service for business management device, and sends described application program and forbid the warning information of installing.
5. method as claimed in claim 4, is characterized in that, described application blacklist or application white list are configured to described business administration client by service for business management device; And,
Described method also comprises:
When business administration client arrives the application blacklist of described service for business management device configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in described application blacklist is installed in individual district memory headroom, and for the application program detecting, send described application program and forbid the warning information of installing;
Business administration client is during to the application white list of described service for business management device configuration, according to the title of the application program of listing in application white list and version number, detects whether unlisted application program in described application white list is installed in individual district memory headroom; And for the application program detecting, send described application program and forbid the warning information of installing.
6. an enterprise management system for mobile terminal, is characterized in that, comprise service for business management device and be arranged on the business administration client on mobile terminal, wherein:
Described service for business management device, for freely installing list to the application of business administration client push;
Described business administration client, for receiving the installation request that the application program initiation that list lists is freely installed for described application; While confirming to dispose application blacklist, judge that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed; While confirming to dispose application white list, judge that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
7. system as claimed in claim 6, is characterized in that,
Described service for business management device, also for carrying out preserving after virus detection and consolidation process to uploading to the installation kit of the application program of this service for business management device; And/or,
Described service for business management device, also for according to the application management list of self maintained, and the application management strategy of each user's group, for each user organizes application corresponding to generation, list is freely installed, and each user is organized to corresponding application and list is freely installed is pushed in the business administration client of each user in this user's group, described application management list comprises that all installation kits have uploaded to title and the version number of the application program of described service for business management device, described application is freely installed list and is comprised title and the version number that organizes freely fitted application program for user.
8. system as claimed in claim 7, is characterized in that,
Described business administration client, specifically for using the power user Root authority of extracting, according to described installation request, from described service for business management device, download the installation kit of described application program and carry out Auto-mounting in individual district memory headroom, described individual district memory headroom refers to the memory headroom outside the memory headroom of workspace in the memory headroom of described mobile terminal, and described workspace memory headroom refers to the memory headroom of distributing to described business administration client; And/or,
Described business administration client, specifically for using the power user Root authority of extracting, forbids downloading the installation kit of described application program from described service for business management device, and sends described application program and forbid the warning information of installing.
9. system as claimed in claim 8, is characterized in that,
Described service for business management device, also for configuring described application blacklist or application white list to described business administration client;
Described business administration client, also when receiving the application blacklist of described service for business management device configuration, the title of the application program of listing in blacklist according to application and version number detect whether the application program of listing in described application blacklist is installed in individual district memory headroom, and for the application program detecting, send described application program and forbid the warning information of installing; While receiving the application white list of described service for business management device configuration, according to the title of the application program of listing in application white list and version number, detect whether unlisted application program in described application white list is installed in individual district memory headroom; And for the application program detecting, send described application program and forbid the warning information of installing.
10. a business administration client terminal device, is characterized in that, described business administration client terminal device is arranged on mobile terminal, comprising:
Receiver module, for receiving the installation request that the application program initiation that list lists is freely installed for application;
Confirm module, for being confirmed whether to dispose application blacklist or application white list;
The first control module, when confirming to dispose application blacklist when described confirmation module, judges that application program to be installed whether in described application blacklist, if so, forbids the installation of described application program, otherwise, described application program is installed;
The second control module, when confirming to dispose application white list when described confirmation module, judges that application program to be installed whether in described application white list, if so, installs described application program, otherwise, forbid the installation of described application software.
CN201310717660.7A 2013-12-23 2013-12-23 Application installation control method, related system and related device Pending CN103646215A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310717660.7A CN103646215A (en) 2013-12-23 2013-12-23 Application installation control method, related system and related device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310717660.7A CN103646215A (en) 2013-12-23 2013-12-23 Application installation control method, related system and related device

Publications (1)

Publication Number Publication Date
CN103646215A true CN103646215A (en) 2014-03-19

Family

ID=50251428

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310717660.7A Pending CN103646215A (en) 2013-12-23 2013-12-23 Application installation control method, related system and related device

Country Status (1)

Country Link
CN (1) CN103646215A (en)

Cited By (42)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104202323A (en) * 2014-09-05 2014-12-10 绿网天下(福建)网络科技股份有限公司 Method for controlling application software based on mobile terminal
CN104346567A (en) * 2014-10-05 2015-02-11 叶春林 Personality structure of computer or mobile phone and wearable type equipment
CN104410639A (en) * 2014-12-02 2015-03-11 厦门雅迅网络股份有限公司 Control method for mobile phone software blacklist
CN104539467A (en) * 2015-01-22 2015-04-22 广州中国科学院软件应用技术研究所 Terminal equipment management system and method based on cloud server
CN104751049A (en) * 2015-03-09 2015-07-01 广东欧珀移动通信有限公司 Application program installing method and mobile terminal
CN104765629A (en) * 2015-03-24 2015-07-08 广东欧珀移动通信有限公司 System application installation method and device
CN105005735A (en) * 2015-08-25 2015-10-28 广东欧珀移动通信有限公司 Downloading management method and downloading management device
CN105183504A (en) * 2015-08-12 2015-12-23 北京威努特技术有限公司 Software server based process white-list updating method
CN105204884A (en) * 2014-06-27 2015-12-30 联想(北京)有限公司 Information processing method and electronic equipment
WO2016019893A1 (en) * 2014-08-07 2016-02-11 北京奇虎科技有限公司 Application installation method and apparatus
CN105468936A (en) * 2014-08-20 2016-04-06 中兴通讯股份有限公司 Application reinforcement method and apparatus
CN105610671A (en) * 2016-01-11 2016-05-25 北京奇虎科技有限公司 Terminal data protection method and device
CN105653964A (en) * 2015-12-24 2016-06-08 北京奇虎科技有限公司 Terminal device operation controlling method and apparatus
CN105791322A (en) * 2016-05-05 2016-07-20 绿网天下(福建)网络科技股份有限公司 Installation software authentication method through management and control APP
CN106126310A (en) * 2016-08-18 2016-11-16 北京奇虎科技有限公司 Method, device and the terminal that the installation of application program is optimized
CN106161837A (en) * 2015-05-11 2016-11-23 株式会社理光 Messaging device and information processing method
CN106355079A (en) * 2016-08-18 2017-01-25 北京奇虎科技有限公司 Method and device for optimizing installation of application program and terminal
CN106547581A (en) * 2015-09-22 2017-03-29 中国移动通信集团公司 Control method, device, terminal and platform that a kind of application is installed
CN106874038A (en) * 2017-01-13 2017-06-20 北京奇虎科技有限公司 Method, device and mobile terminal that a kind of application is installed
CN106909401A (en) * 2015-12-22 2017-06-30 北京奇虎科技有限公司 A kind of control method and device of application program
CN107239695A (en) * 2017-04-10 2017-10-10 青岛海信移动通信技术股份有限公司 The method and mobile terminal of application program are installed in a kind of mobile terminal
CN107273168A (en) * 2017-06-29 2017-10-20 广东欧珀移动通信有限公司 One kind application installation method, mobile terminal and computer-readable recording medium
CN107295410A (en) * 2017-08-15 2017-10-24 四川长虹电器股份有限公司 A kind of application method for managing security configured in intelligent television based on high in the clouds
CN107463837A (en) * 2016-06-06 2017-12-12 中国移动通信有限公司研究院 A kind of information processing method and mobile terminal
CN107463839A (en) * 2017-08-16 2017-12-12 郑州云海信息技术有限公司 A kind of system and method for managing application program
CN108668002A (en) * 2017-10-12 2018-10-16 湖南红手指信息技术有限公司 A kind of application method for down loading of cloud mobile phone
CN109033799A (en) * 2018-07-30 2018-12-18 深圳点猫科技有限公司 A kind of cloud account level application configuration method and system based on education cloud platform
CN109144546A (en) * 2018-08-20 2019-01-04 Oppo广东移动通信有限公司 A kind of risk control method and device, equipment, storage medium
CN110188535A (en) * 2019-06-10 2019-08-30 南京领创信息科技有限公司 A method of apparatus management/control is realized based on android system
CN110221961A (en) * 2019-04-26 2019-09-10 平安科技(深圳)有限公司 Global hook self-repairing method, device, equipment and storage medium
CN110264321A (en) * 2019-06-27 2019-09-20 中国石油集团东方地球物理勘探有限责任公司 A kind of order generation method, device, electronic equipment and storage medium
CN110443041A (en) * 2018-05-04 2019-11-12 360企业安全技术(珠海)有限公司 The management method and device of equipment permission, system, storage medium, electronic device
CN110516436A (en) * 2019-08-29 2019-11-29 蓝书房作业本科技(深圳)有限公司 Learning machine application program installation method, device, learning machine and storage medium
CN110750764A (en) * 2019-09-17 2020-02-04 平安银行股份有限公司 Terminal control management method and device, computer equipment and storage medium
CN111027029A (en) * 2019-10-21 2020-04-17 厦门天锐科技股份有限公司 Method for judging whether file is installation package or not and limiting opening
CN111143008A (en) * 2019-12-26 2020-05-12 福建新大陆支付技术有限公司 Desktop management method based on multiple terminals
CN111988314A (en) * 2020-08-19 2020-11-24 杭州铂钰信息科技有限公司 System architecture and method for dynamically deploying network security service
CN112270014A (en) * 2020-10-16 2021-01-26 维沃移动通信有限公司 Application program control method and device and electronic equipment
CN113553588A (en) * 2021-07-28 2021-10-26 中国南方电网有限责任公司 Terminal software management method
CN113793156A (en) * 2020-12-18 2021-12-14 京东科技控股股份有限公司 Method, device, equipment and storage medium for prompting fraud application program
CN114610402A (en) * 2021-01-06 2022-06-10 网神信息技术(北京)股份有限公司 Operation authority control method and operation authority configuration method
CN115114610A (en) * 2022-08-30 2022-09-27 神州智云(广东)科技有限公司 Android system-based module and method for calling service through Root

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102646173A (en) * 2012-02-29 2012-08-22 成都新云软件有限公司 Safety protection control method and system based on white and black lists
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN103324506A (en) * 2013-06-24 2013-09-25 上海天奕达电子科技有限公司 Method and mobile phone for controlling installation of Android applications
US20130254837A1 (en) * 2013-05-16 2013-09-26 Sky Socket, Llc Rights Management Services Integration with Mobile Device Management
US20130318612A1 (en) * 2010-08-30 2013-11-28 International Business Machines Corporation Rootkit monitoring agent built into an operating system kernel

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318612A1 (en) * 2010-08-30 2013-11-28 International Business Machines Corporation Rootkit monitoring agent built into an operating system kernel
CN102646173A (en) * 2012-02-29 2012-08-22 成都新云软件有限公司 Safety protection control method and system based on white and black lists
US20130254837A1 (en) * 2013-05-16 2013-09-26 Sky Socket, Llc Rights Management Services Integration with Mobile Device Management
CN103279706A (en) * 2013-06-07 2013-09-04 北京奇虎科技有限公司 Method and device for intercepting installation of Android application program in mobile terminal
CN103324506A (en) * 2013-06-24 2013-09-25 上海天奕达电子科技有限公司 Method and mobile phone for controlling installation of Android applications

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
无: "《大数据时代BYOD安全控制手段》", 《计算机与网络》 *
移动信息化: "《BYOD下企业APP的暗杀率最高的十大应用》", 《HTTP:https://CIO.YESKY.COM/33/35023533.SHTML》 *
胡杨 等: "《BYOD十大戒律 创造安全高效移动环境》", 《网络世界》 *
钱煜明 等: "《BYOD企业移动设备管理技术》", 《中兴通讯技术》 *

Cited By (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105204884A (en) * 2014-06-27 2015-12-30 联想(北京)有限公司 Information processing method and electronic equipment
WO2016019893A1 (en) * 2014-08-07 2016-02-11 北京奇虎科技有限公司 Application installation method and apparatus
CN105468936B (en) * 2014-08-20 2019-08-09 中兴通讯股份有限公司 The reinforcement means and device of application
CN105468936A (en) * 2014-08-20 2016-04-06 中兴通讯股份有限公司 Application reinforcement method and apparatus
CN104202323A (en) * 2014-09-05 2014-12-10 绿网天下(福建)网络科技股份有限公司 Method for controlling application software based on mobile terminal
CN104346567B (en) * 2014-10-05 2018-04-03 叶春林 The personalization means of computer or mobile phone and Wearable
CN104346567A (en) * 2014-10-05 2015-02-11 叶春林 Personality structure of computer or mobile phone and wearable type equipment
CN104410639A (en) * 2014-12-02 2015-03-11 厦门雅迅网络股份有限公司 Control method for mobile phone software blacklist
CN104539467A (en) * 2015-01-22 2015-04-22 广州中国科学院软件应用技术研究所 Terminal equipment management system and method based on cloud server
CN104539467B (en) * 2015-01-22 2019-01-08 广州中国科学院软件应用技术研究所 A kind of terminal unit management system and management method based on cloud server
CN104751049A (en) * 2015-03-09 2015-07-01 广东欧珀移动通信有限公司 Application program installing method and mobile terminal
CN104765629A (en) * 2015-03-24 2015-07-08 广东欧珀移动通信有限公司 System application installation method and device
CN106161837A (en) * 2015-05-11 2016-11-23 株式会社理光 Messaging device and information processing method
CN105183504A (en) * 2015-08-12 2015-12-23 北京威努特技术有限公司 Software server based process white-list updating method
CN105183504B (en) * 2015-08-12 2018-10-23 北京威努特技术有限公司 Process white list updating method based on software server
CN105005735A (en) * 2015-08-25 2015-10-28 广东欧珀移动通信有限公司 Downloading management method and downloading management device
CN105005735B (en) * 2015-08-25 2018-01-16 广东欧珀移动通信有限公司 Downloading management method and download management device
CN106547581B (en) * 2015-09-22 2020-07-28 中国移动通信集团公司 Application installation control method and device, terminal and platform
CN106547581A (en) * 2015-09-22 2017-03-29 中国移动通信集团公司 Control method, device, terminal and platform that a kind of application is installed
CN106909401B (en) * 2015-12-22 2021-05-25 北京奇虎科技有限公司 Application program control method and device
CN106909401A (en) * 2015-12-22 2017-06-30 北京奇虎科技有限公司 A kind of control method and device of application program
CN105653964A (en) * 2015-12-24 2016-06-08 北京奇虎科技有限公司 Terminal device operation controlling method and apparatus
CN105610671A (en) * 2016-01-11 2016-05-25 北京奇虎科技有限公司 Terminal data protection method and device
CN105791322A (en) * 2016-05-05 2016-07-20 绿网天下(福建)网络科技股份有限公司 Installation software authentication method through management and control APP
CN107463837A (en) * 2016-06-06 2017-12-12 中国移动通信有限公司研究院 A kind of information processing method and mobile terminal
CN106126310A (en) * 2016-08-18 2016-11-16 北京奇虎科技有限公司 Method, device and the terminal that the installation of application program is optimized
CN106126310B (en) * 2016-08-18 2019-08-20 北京奇虎科技有限公司 The method, apparatus and terminal that the installation of application program is optimized
CN106355079B (en) * 2016-08-18 2019-12-06 北京奇虎科技有限公司 Method and device for optimizing installation of application program and terminal
CN106355079A (en) * 2016-08-18 2017-01-25 北京奇虎科技有限公司 Method and device for optimizing installation of application program and terminal
CN106874038A (en) * 2017-01-13 2017-06-20 北京奇虎科技有限公司 Method, device and mobile terminal that a kind of application is installed
CN106874038B (en) * 2017-01-13 2020-05-01 北京安云世纪科技有限公司 Application installation method and device and mobile terminal
CN107239695A (en) * 2017-04-10 2017-10-10 青岛海信移动通信技术股份有限公司 The method and mobile terminal of application program are installed in a kind of mobile terminal
CN107273168A (en) * 2017-06-29 2017-10-20 广东欧珀移动通信有限公司 One kind application installation method, mobile terminal and computer-readable recording medium
CN107273168B (en) * 2017-06-29 2019-10-15 Oppo广东移动通信有限公司 A kind of application installation method, mobile terminal and computer readable storage medium
CN107295410A (en) * 2017-08-15 2017-10-24 四川长虹电器股份有限公司 A kind of application method for managing security configured in intelligent television based on high in the clouds
CN107463839A (en) * 2017-08-16 2017-12-12 郑州云海信息技术有限公司 A kind of system and method for managing application program
CN108668002A (en) * 2017-10-12 2018-10-16 湖南红手指信息技术有限公司 A kind of application method for down loading of cloud mobile phone
CN110443041A (en) * 2018-05-04 2019-11-12 360企业安全技术(珠海)有限公司 The management method and device of equipment permission, system, storage medium, electronic device
CN109033799A (en) * 2018-07-30 2018-12-18 深圳点猫科技有限公司 A kind of cloud account level application configuration method and system based on education cloud platform
CN109144546A (en) * 2018-08-20 2019-01-04 Oppo广东移动通信有限公司 A kind of risk control method and device, equipment, storage medium
CN110221961B (en) * 2019-04-26 2024-05-28 平安科技(深圳)有限公司 Global hook automatic repair method, device, equipment and storage medium
CN110221961A (en) * 2019-04-26 2019-09-10 平安科技(深圳)有限公司 Global hook self-repairing method, device, equipment and storage medium
CN110188535A (en) * 2019-06-10 2019-08-30 南京领创信息科技有限公司 A method of apparatus management/control is realized based on android system
CN110264321A (en) * 2019-06-27 2019-09-20 中国石油集团东方地球物理勘探有限责任公司 A kind of order generation method, device, electronic equipment and storage medium
CN110516436A (en) * 2019-08-29 2019-11-29 蓝书房作业本科技(深圳)有限公司 Learning machine application program installation method, device, learning machine and storage medium
CN110750764A (en) * 2019-09-17 2020-02-04 平安银行股份有限公司 Terminal control management method and device, computer equipment and storage medium
CN110750764B (en) * 2019-09-17 2024-06-04 平安银行股份有限公司 Terminal control management method, device, computer equipment and storage medium
CN111027029B (en) * 2019-10-21 2022-02-08 厦门天锐科技股份有限公司 Method for judging whether file is installation package or not and limiting opening
CN111027029A (en) * 2019-10-21 2020-04-17 厦门天锐科技股份有限公司 Method for judging whether file is installation package or not and limiting opening
CN111143008A (en) * 2019-12-26 2020-05-12 福建新大陆支付技术有限公司 Desktop management method based on multiple terminals
CN111988314A (en) * 2020-08-19 2020-11-24 杭州铂钰信息科技有限公司 System architecture and method for dynamically deploying network security service
CN112270014A (en) * 2020-10-16 2021-01-26 维沃移动通信有限公司 Application program control method and device and electronic equipment
CN112270014B (en) * 2020-10-16 2022-06-10 维沃移动通信有限公司 Application program control method and device and electronic equipment
CN113793156A (en) * 2020-12-18 2021-12-14 京东科技控股股份有限公司 Method, device, equipment and storage medium for prompting fraud application program
CN114610402B (en) * 2021-01-06 2023-05-23 奇安信网神信息技术(北京)股份有限公司 Operation authority control method and operation authority configuration method
CN114610402A (en) * 2021-01-06 2022-06-10 网神信息技术(北京)股份有限公司 Operation authority control method and operation authority configuration method
CN113553588A (en) * 2021-07-28 2021-10-26 中国南方电网有限责任公司 Terminal software management method
CN113553588B (en) * 2021-07-28 2024-05-24 中国南方电网有限责任公司 Terminal software management method
CN115114610B (en) * 2022-08-30 2022-12-09 神州智云(广东)科技有限公司 Android system-based module and method for calling service through Root
CN115114610A (en) * 2022-08-30 2022-09-27 神州智云(广东)科技有限公司 Android system-based module and method for calling service through Root

Similar Documents

Publication Publication Date Title
CN103646215A (en) Application installation control method, related system and related device
US11356431B2 (en) Operating system integrated domain management
CN109460660B (en) Mobile device safety management system
WO2015096695A1 (en) Installation control method, system and device for application program
Jeon et al. A practical analysis of smartphone security
CN104462997B (en) Method, device and system for protecting work data in mobile terminal
EP2901280A2 (en) Method and system for sharing vpn connections between applications
CN103647784A (en) Public and private isolation method and device
CN103647785A (en) Security control method, device and system for mobile terminal
CN104268479A (en) Text operation isolating method, device and mobile terminal
CN103679007A (en) Method and device for managing application program permission and mobile device
Ketel et al. Bring your own device: Security technologies
CN102572832A (en) Secure sharing method and mobile terminal
Bugiel et al. mytunes: Semantically linked and user-centric fine-grained privacy control on android
RU2573785C2 (en) System and method for applying file access rules during transfer thereof between computers
CN106453398B (en) A kind of data encryption system and method
US11113389B1 (en) Systems and methods for providing persistent visual warnings for application launchers
CN105631357A (en) System and method for protecting information security of mobile terminals
Wang et al. MobileGuardian: A security policy enforcement framework for mobile devices
Kanerva Integrating a mobile device management solution in Android
Lopes et al. Comparative analysis of mobile security threats and solution
CN107819787B (en) System and method for preventing illegal external connection of local area network computer
KR102443713B1 (en) Next-Generation Convergence Security System
KR102443714B1 (en) Internal Network External Access Security System
US12113633B2 (en) Integration of OEM endpoint management and unified endpoint management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20140319

RJ01 Rejection of invention patent application after publication