Supercharge Your Innovation With Domain-Expert AI Agents!

Method and system for verifying code signing during startup of application in Android environment

An application and signature verification technology, applied in the field of information security, can solve problems such as implanting malware, and achieve the effect of protecting application security, personal privacy and business secrets

Inactive Publication Date: 2015-06-03
GODIN CYBER SPACE SECURITY TECH CO LTD
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. The attacker modifies the app in the app store / app download platform, implanting malware, or modifying the uplink of advertisements in the software to point to malicious websites, or other payloads (payloads) that gain control of the system. ) After the implantation is complete, re-sign yourself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for verifying code signing during startup of application in Android environment
  • Method and system for verifying code signing during startup of application in Android environment
  • Method and system for verifying code signing during startup of application in Android environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The principles and features of the present invention are described below in conjunction with the accompanying drawings, and the examples given are only used to explain the present invention, and are not intended to limit the scope of the present invention.

[0049] Such as figure 1 As shown, a method for code signature verification in application startup in an Android environment includes the following steps:

[0050] Step S1, creating a certificate issuing authority list in the Android smart terminal, the certificate issuing authority list stores one or more code signing certificate issuing institutions of trusted applications;

[0051] Only the certificate issued by the designated organization can be used for the application signature of the present invention. This setting is protected by the Trust Zone scheme, or stored in the system by means of multi-factor encryption to ensure the integrity of the set certificate list. In the process of program installation, verif...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method and system for verifying code signing during startup of an application in an Android environment. The method comprises the following steps: creating a code signing certificate issuing institute list of the application on an Android intelligent terminal, wherein one or more credible code signing certificate issuing institutes of the application are stored in the code signing certificate issuing institute list; verifying whether or not the code signing certificate issuing institutes of the application are in the code signing certificate issuing institute list during startup of the application, if not, judging that code signing verification is not passed, and stopping startup of the application or terminating running and exiting, if so, verifying the validity of the code signing certificate issuing institutes of the application, and judging that code signing verification is not passed, and stopping startup of the application or terminating running and exiting if the code signing certificate issuing institutes are invalid; if the code signing certificate issuing institutes are valid, verifying the validity of a code signing certificate sign of the application, normally starting and running the application if the code signing certificate sign is valid, otherwise, stopping startup of the application or terminating running and exiting. By adopting the method and system, attacks to the application in the Android environment can be prevented, and safe startup of the application is ensured.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method and system for verifying code signatures during application startup in an Android environment. Background technique [0002] According to the "Mobile Phone Security Status Report" in the second quarter of 2014, there were more than 840,000 new malicious program samples on the Android platform, of which about 625,000 new malicious program samples were added, a year-on-year increase of 381% and a quarter-on-quarter increase of 191%. The growth momentum is still rapid, and Internet mobile security is facing a severe test. According to the report, in the first half of 2014, 79.76 million Android users were infected with malicious programs, of which 41.85 million were infected in the second quarter, a year-on-year increase of 94.8% compared with the second quarter of 2013. The average number of malicious program infections per day reached 460,000. [0003] Studies have sh...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/51
Inventor 汪国平
Owner GODIN CYBER SPACE SECURITY TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com