Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security-enhanced authorizing and authenticating method of mobile application

A mobile application and authentication method technology, applied in user identity/authority verification, computer security devices, subscription services, etc., to solve traffic and network speed problems, prevent illegal application intrusion, and protect access security.

Active Publication Date: 2015-04-22
北京成众志科技有限公司
View PDF7 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005]1. The attribute information of the mobile application is relatively fixed, such as: package name or signature file. Once the mobile application is developed by the developer, the information will be long It will not be changed within a certain period of time, causing the attribute information of the mobile application to be easily leaked or stolen;
[0006]2. During the transmission of attribute information of mobile applications on the network, due to the lack of data access control strategies, there are many hidden dangers of insecurity. Attacks using attribute information or personnel identity information for verification are commonly used to eavesdrop on network data streams, information interception, etc.;
[0007]3. The traditional method of directly using the attribute information and personal identity information of mobile applications for authentication will not only produce the above-mentioned unsafe factors such as data stream eavesdropping and information interception In addition, the transmission of a large amount of unprocessed raw information on the network will also bring huge pressure to the network traffic, resulting in unsmooth communication, which may seriously cause network interruption;
[0008]4. Due to the lack of security policy control over mobile applications and the fact that applications developed based on Android are easily cracked, traditional process-based authorization and authentication methods Some of them are administrative audits that are independent of the mobile application, and do not go deep into the authorization level of the mobile application itself. Therefore, there are security risks in the authorization link of the mobile application itself, which leads to the traditional legality verification and verification of the mobile application. The strength of authorization can no longer meet the existing requirements in mobile office, especially for government mobile applications and enterprise mobile applications with confidentiality level;
[0009]5. After the mobile application is successfully released, it may also be tampered with, such as being embedded with malicious code. There are no restrictions and safety protection measures on the startup, which may easily cause safety hazards and be used by lawbreakers;

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security-enhanced authorizing and authenticating method of mobile application
  • Security-enhanced authorizing and authenticating method of mobile application
  • Security-enhanced authorizing and authenticating method of mobile application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0044] figure 1 It is a flow chart of mobile application registration and pre-authorization in the present invention, and the specific steps include:

[0045] Step 101, the mobile application registers basic information on the server side

[0046] The system administrator registers the basic information of the mobile application on the server, and selects the application developer, contact person, contact number, organization name, organization code, mobile ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a security-enhanced authorizing and authenticating method of mobile application. The security-enhanced authorizing and authenticating method of the mobile application, disclosed by the invention, comprises the following steps: registering, and acquiring basic information of the mobile application by a publishing system; pre-authorizing, generating a pre-authorizing code of the mobile application by utilizing the basic information, and embedding the pre-authorizing code in a mobile application program; performing enhanced publishing and authorizing, automatically detecting whether the pre-authorizing code and the basic information of the mobile application are correct or not by the publishing system, if so, automatically publishing, collecting practical feature information and a publishing code of the mobile application, and generating a security-enhanced authenticating code with the pre-authorizing code; reliably installing, acquiring the practical feature information, the pre-authorizing code and the publishing code of the mobile application while installing the mobile application so as to generate the security-enhanced authenticating code, and authenticating reliable installation; and reliably starting, in the event of starting the mobile application every time, detecting whether the pre-authorizing code is correct, and starting if the pre-authorizing code is correct. The invention provides a method for detecting the security reliability of the mobile application; and therefore, the problem that user information is stolen as the mobile application is maliciously tampered is effectively avoided.

Description

Technical field: [0001] The invention relates to the field of mobile application security, in particular to a method for enhancing authorization and authentication of mobile application security. Background technique: [0002] In real life, personal identity is mainly confirmed through various documents, such as: ID card, household registration book, etc. Various system resources of the computer, such as files, databases and application systems, also have password protection mechanisms. Terminal applications also need the protection of authorization and authentication mechanisms to ensure that these resources can be accessed into legitimate networks. [0003] For terminal applications developed based on the Android system, the signature file under the digital certificate file identifies the relationship between the terminal application and the terminal application owner, and cannot determine which applications can be connected to the work network, which applications can b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L9/32
CPCH04W4/60G06F21/51G06F21/554G06F2221/033G06F21/1077
Inventor 丁爱民
Owner 北京成众志科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products