CN103646207A

CN103646207A - Method and device for managing security attribute of application program

Info

Publication number: CN103646207A
Application number: CN201310637246.5A
Authority: CN
Inventors: 温铭
Original assignee: Beijing Qihoo Technology Co Ltd; Qizhi Software Beijing Co Ltd
Current assignee: Beijing Qianxin Technology Co Ltd
Priority date: 2013-12-02
Filing date: 2013-12-02
Publication date: 2014-03-19

Abstract

The invention discloses a method and device for managing security attributes of application programs. The method includes: generating one or more anti-false positive information on the server side, the anti-false positive information is used to modify the security attributes identified by the terminal's security management application program for the target application program, and the anti-false positive information carries information that distinguishes each anti-false positive The information identification of the generation time of the information; the acquisition request for at least one anti-false positive information sent by the receiving terminal, the acquisition request is generated according to the existing anti-false positive information of the terminal; according to the acquisition request, return the anti-false positive information to the terminal, and The security management application program modifies the security attributes of the target application program, and the returned anti-false positive information is the anti-false positive information whose generation time is later than the generation time of the existing anti-false positive information of the terminal. The present invention can prevent the terminal from downloading the same file for removing false positives multiple times, will not cause repeated downloading of data, and avoid waste of bandwidth of the upgrading server.

Description

A kind of management method of application security attribute and device

Technical field

The present invention relates to Internet technology, be specifically related to a kind of management method of application security attribute, and and a kind of management devices of application security attribute.

Background technology

Virus is one section of program, different types of virus, their code varies, all antivirus softwares have the scope of application of himself, therefore certainly exist certain rate of false alarm and rate of failing to report, when the security attribute of application programs is identified within per a period of time, may by the wrong report of text of an annotated book part (executable application program), be black file (not executable application program), or be text of an annotated book part by black file wrong report.

The qualification result of antivirus software application programs generally can be buffered in user terminal, needs to remove in time wrong report information wherein, and generally antivirus software manufacturer makes to spend wrong report information, that is to say the qualification result of application program after correcting, and wrong report information is revised.

Particularly, in time by up-to-date application program go report information updating by mistake at upgrade server, in order to wrong report information is revised, each wrong report information of going of upgrading removes to report by mistake file as one, a corresponding new version information, what user terminal went every several hours that upgrade server downloads latest edition removes to report by mistake file, then compares with the qualification result of local cache, if local, exist and go to report by mistake the application program in file, according to going to report by mistake file correction.

Above problems of the prior art are:

Removing to report by mistake file generally all needs to upgrade once about 6 hours, and the time of removing wrong report is too of a specified duration, affects the access of user terminal application programs; If shorten the time interval of removing wrong report, if there is the request of the wrong report of repeatedly going in these hours, user terminal will repeatedly be downloaded the same file that goes to report by mistake, the repeated downloads that not only causes data, also cause the waste of upgrade server bandwidth, and, remove to report by mistake file and generally can comprise several hours with the data of interior renewal, repeatedly the larger problem of downloading data amount, causes very large pressure to the bandwidth of upgrade server.

Summary of the invention

In view of the above problems, the present invention has been proposed to provide a kind of management method of the application security attribute that overcomes the problems referred to above or address the above problem at least in part and the management devices of corresponding application security attribute.

According to one aspect of the present invention, a kind of management method of application security attribute is provided, comprising:

Server end generates one or more wrong report information of going, the described security attribute that goes wrong report information for the security management application program of revising terminal, destination application to be assert, described in go wrong report information to carry the message identification that the rise time of the information of reporting by mistake is respectively gone in differentiation;

What receiving terminal sent goes the request of obtaining of the information of reporting by mistake at least one, described in the request of obtaining according to described terminal is already present, remove to report by mistake Information generation;

According to the described request of obtaining, to described terminal, return to wrong report information, the security attribute of described destination application is revised by described security management application program, the wrong report information of going of returning is to be after the already present rise time of going the information of reporting by mistake, to go wrong report information in described terminal the rise time.

Alternatively, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

The described step that returns to wrong report information to terminal according to the request of obtaining comprises:

Extract and to go wrong report information after the rise time that temporal information that the rise time carries in the described request of obtaining indicates, return to described terminal.

Alternatively, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

The rise time that the temporal information that described in extracting the rise time and being, the request of obtaining is carried indicates, and the rise time temporal information of carrying in the described request of obtaining goes wrong report information after rise time of indicating, returns to described terminal.

Alternatively, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, and by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

The rise time that the temporal information that described in extracting the rise time and being, the request of obtaining is carried indicates go wrong report information, return to described terminal.

Alternatively, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, after the rise time that the described extraction rise time temporal information of carrying in the request of obtaining indicates, go wrong report information, the step that returns to terminal comprises:

That searches whether server end exist numbering that the numbering request of obtaining described in being greater than carries goes wrong report information;

If exist, the wrong report information of going of at least one being searched returns to described terminal.

Alternatively, described message identification goes wrong report information in the rise time of described server end described in being, described temporal information goes wrong report information in the rise time of described server end described in being, or other information of the described nearest rise time generation of going the information of reporting by mistake of foundation;

At least one after the rise time that the described extraction rise time temporal information of carrying in the request of obtaining indicates gone wrong report information, and the step that returns to terminal comprises:

Search whether to exist and go wrong report information after the rise time that rise time that described message identification indicates indicates in described temporal information;

Alternatively, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, the described step of going wrong report information to return to terminal that at least one is searched comprises:

Going in wrong report information of finding, extract at least one of the number of going the information of reporting by mistake that number is less than or equal to acquisition request and go wrong report information, return to described terminal.

Alternatively, at least one after the rise time that the described extraction rise time temporal information of carrying in the request of obtaining indicates gone wrong report information, and the step that returns to terminal also comprises:

If do not exist, to described terminal, return to preset value.

Alternatively, the described wrong report information of going is that described server end detects described security management application program and generates after to the security attribute identification error of described destination application, described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application.

According to another aspect of the present invention, provide a kind of management method of applications security, having comprised:

Terminal to server end sends at least one is gone to the request of obtaining of the information of reporting by mistake, described in the request of the obtaining wrong report information of going of asking according to the already present wrong report information of going of described terminal, determine;

What receive that described server end returns according to the described request of obtaining goes wrong report information, return to go wrong report information be the rise time in described terminal after the already present rise time of going the information of reporting by mistake goes wrong report information;

The security management application program of described terminal is revised the security attribute of the destination application of described terminal according to the wrong report information of going of returning.

Alternatively, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

The step of going the information of reporting by mistake that described reception server end returns according to the request of obtaining comprises:

Reception server end returns, and the rise time is gone wrong report information after obtaining the rise time that the request temporal information of carrying indicates.

Alternatively, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

Reception server end returns, the rise time that the temporal information that the rise time request of obtaining described in being is carried indicates, and the rise time temporal information of carrying in the described request of obtaining is gone wrong report information after rise time of indicating.

Alternatively, temporal information is carried in the described request of obtaining, the rise time of going report information of described temporal information for indicating that described terminal does not exist and described server end exists, by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

Reception server end returns, the rise time that the temporal information that the rise time request of obtaining described in being is carried indicates go wrong report information.

Alternatively, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, described reception server end returns, and rise time going after obtaining the rise time that the request temporal information of carrying indicates reported information step by mistake and comprised:

Receive described server end numbering be greater than described at least one of the request of the obtaining numbering of carrying go wrong report information.

Alternatively, described message identification goes wrong report information in the rise time of described server end described in being, described reception server end returns, and going after the rise time that the rise time temporal information of carrying in the request of obtaining indicates reported information step by mistake and comprised:

At least one reception after the rise time that rise time that described message identification indicates indicates in described temporal information gone wrong report information.

Alternatively, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, described server end returns goes to report by mistake the number of going the information of reporting by mistake that information number is less than or equal to acquisition request.

Alternatively, described reception server end returns, and rise time going after obtaining the rise time that the request temporal information of carrying indicates reported information step by mistake and also comprised:

Receive described server end determine after the rise time that the temporal information do not exist the request of obtaining to carry indicates go to report information by mistake time, the preset value returning.

Alternatively, described method also comprises:

A plurality of the going in wrong report information receiving in described terminal, extracts the message identification that nearest going report information by mistake and preserves.

Alternatively, described terminal to server end sends and goes the step of the request of obtaining of the information of reporting by mistake to be at least one, and described terminal sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency.

Alternatively, described in, going wrong report information is that described server end detects described security management application program and generates after to the security attribute identification error of described destination application;

In the preset file of described security management application program, preserve signature identification and the security attribute corresponding to described destination application of destination application, described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application;

When returning to the wrong report information of going of described terminal, comprise that when a plurality of, the described step of going wrong report information to revise the security attribute of the destination application of terminal according to returning comprises:

For each, go wrong report information, according to the described signature identification that comprises in wrong report information of going, in described preset file, search corresponding destination application respectively;

According to the described revised security attribute of described destination application that comprises in wrong report information of going, security attribute corresponding to destination application described in described preset file upgraded.

According to another aspect of the present invention, provide a kind of management devices of application security attribute, having comprised:

Information generating module, for server end, generate one or more wrong report information of going, the described security attribute that goes wrong report information for the security management application program of revising terminal, destination application to be assert, described in go wrong report information to carry the message identification that the rise time of the information of reporting by mistake is respectively gone in differentiation;

Information request module, what for receiving terminal, send goes the request of obtaining of the information of reporting by mistake at least one, described in the request of obtaining according to described terminal is already present, remove to report by mistake Information generation;

Go wrong report information to return to module, for returning to wrong report information according to the described request of obtaining to described terminal, the security attribute of described destination application is revised by described security management application program, the wrong report information of going of returning is to be after the already present rise time of going the information of reporting by mistake, to go wrong report information in described terminal the rise time.

The described wrong report information of going is returned to module, also for extracting the rise time, described, goes wrong report information after obtaining the rise time that the request temporal information of carrying indicates, returns to described terminal.

The described wrong report information of going is returned to module, the rise time also indicating for extracting temporal information that the rise time request of obtaining described in being carries, and the rise time described, go wrong report information after obtaining the rise time that the request temporal information of carrying indicates, return to described terminal.

The described wrong report information of going is returned to module, also for what extract rise time that temporal information that the rise time request of obtaining described in being carries indicates, goes wrong report information, returns to described terminal.

Alternatively, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information extracts submodule and comprises:

First searches subelement, for what search whether server end exist numbering that the numbering request of obtaining described in being greater than carries, goes wrong report information, if exist, carries out first and returns to submodule;

First returns to subelement, for the wrong report information of going that at least one is searched, returns to described terminal.

Described first information extraction module comprises:

Second searches subelement, for searching whether to exist, goes wrong report information after the rise time that rise time that described message identification indicates indicates in described temporal information, if exist, carries out second and returns to submodule;

Second returns to subelement, for the wrong report information of going that at least one is searched, returns to described terminal.

Alternatively, the number of going the information of reporting by mistake of acquisition request is also carried in the described request of obtaining, described first returns to submodule or second returns to submodule, specifically for going in wrong report information of finding, extract at least one a plurality of wrong report information of going that number is less than or equal to the number of going the information of reporting by mistake of acquisition request, return to described terminal.

Alternatively, described information is returned to module and is also comprised:

Preset value returns to submodule, if for not existing, to described terminal, returns to preset value.

According to another aspect of the present invention, provide a kind of management devices of applications security, having comprised:

Request sending module, sends at least one is gone to the request of obtaining of the information of reporting by mistake for terminal to server end, described in the request of the obtaining wrong report information of going of asking according to the already present wrong report information of going of described terminal, determine;

Information receiving module, goes wrong report information for what receive that described server end returns according to the described request of obtaining, return to go wrong report information be the rise time in described terminal after the already present rise time of going the information of reporting by mistake goes wrong report information;

Correcting module, revises the security attribute of the destination application of described terminal according to the wrong report information of going of returning for the security management application program of described terminal.

Described information receiving module comprises:

The first information receives submodule, for reception server end, returns, and after the rise time that the rise time temporal information of carrying in the request of obtaining indicates, goes wrong report information.

Alternatively, temporal information is carried in the described request of obtaining, described in described temporal information sign, terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

Described information receiving module comprises:

The second information receives submodule, for reception server end, return, the rise time that the temporal information that the rise time request of obtaining described in being is carried indicates, and the rise time temporal information of carrying in the described request of obtaining is gone wrong report information after rise time of indicating.

Described information receiving module comprises:

The 3rd information receives submodule, for reception server end, return, the rise time be described in rise time of indicating of the request of the obtaining temporal information of carrying go wrong report information.

Alternatively, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information receives submodule, specifically for receive described server end numbering be greater than described at least one of the request of the obtaining numbering of carrying go wrong report information.

Alternatively, described message identification goes wrong report information in the rise time of described server end described in being, the described first information receives submodule, specifically at least one reception after the rise time that rise time that described message identification indicates indicates in described temporal information, goes wrong report information.

Alternatively, described first information reception submodule also comprises:

Preset value returns to subelement, for receive described server end determine after the rise time that the temporal information do not exist the request of obtaining to carry indicates go to report information by mistake time, the preset value returning.

Alternatively, described device also comprises:

Sign is preserved module, for a plurality of wrong report information of going that receive in described terminal, extracts the message identification that nearest going report information by mistake and preserves.

Alternatively, described request sending module, sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency specifically for described terminal.

Described correcting module comprises:

Program is searched submodule, for comprising when a plurality of when returning to the wrong report information of going of described terminal, for each, goes wrong report information, according to the described signature identification that comprises in wrong report information of going, in described preset file, searches corresponding destination application respectively;

Upgrade submodule, for according to the described revised security attribute of described destination application that goes wrong report information to comprise, security attribute corresponding to destination application described in described preset file upgraded.

According to the embodiment of the present invention, terminal to server end sends the request of obtaining of going the information of reporting by mistake, it is after the already present rise time of going the information of reporting by mistake, to go wrong report information in terminal that server returns to the rise time to terminal, than the All Files upgrading in request server end a period of time in prior art, the embodiment of the present invention returns to wrong report data in the mode of increment, can avoid terminal can repeatedly download the same file that goes to report by mistake, can not cause the repeated downloads of data, avoid causing the waste of upgrade server bandwidth.

And, in the embodiment of the present invention, can also in the request of obtaining, carry the number of going the information of reporting by mistake of request, because each file of downloading only comprises the file of needs and there is no repeated downloads, avoid the problem that downloading data amount is larger, the bandwidth of upgrade server is caused to the problem of very large pressure.

Adopt the embodiment of the present invention to improve frequency from wrong report to server request that go according to concrete demand, avoid obtaining that to remove interval time of wrong report information too of a specified duration, affect the access of user terminal application programs.

Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of instructions, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.

Accompanying drawing explanation

By reading below detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the object of preferred implementation is shown, and do not think limitation of the present invention.And in whole accompanying drawing, by identical reference symbol, represent identical parts.In the accompanying drawings:

Fig. 1 shows the management method process flow diagram of application security attribute according to an embodiment of the invention;

Fig. 2 shows the management method process flow diagram of application security attribute in accordance with another embodiment of the present invention;

Fig. 3 shows the management devices structured flowchart of application security attribute according to an embodiment of the invention;

Fig. 4 shows the management devices structured flowchart of application security attribute in accordance with another embodiment of the present invention.

Embodiment

Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, yet should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order more thoroughly to understand the disclosure that these embodiment are provided, and can by the scope of the present disclosure complete convey to those skilled in the art.

The embodiment of the present invention can be applied to computer system/server, and it can operation together with numerous other universal or special computingasystem environment or configuration.The example of well-known computing system, environment and/or the configuration that is suitable for using together with computer system/server includes but not limited to: personal computer system, server computer system, thin client, thick client computer, hand-held or laptop devices, the system based on microprocessor, Set Top Box, programmable consumer electronics, NetPC Network PC, little type Ji calculate machine Xi Tong ﹑ large computer system and comprise the distributed cloud computing technology environment of above-mentioned any system, etc.

Computer system/server can be described under the general linguistic context of the computer system executable instruction (such as program module) of being carried out by computer system.Conventionally, program module can comprise routine, program, target program, assembly, logic, data structure etc., and they are carried out specific task or realize specific abstract data type.Computer system/server can be implemented in distributed cloud computing environment, and in distributed cloud computing environment, task is to be carried out by the teleprocessing equipment linking by communication network.In distributed cloud computing environment, program module can be positioned on the Local or Remote computing system storage medium that comprises memory device.

With reference to figure 1, show the management method process flow diagram of application security attribute according to an embodiment of the invention, specifically can comprise:

Step 101, server end generate one or more wrong report information of going, the described security attribute that goes wrong report information for the security management application program of revising terminal, destination application to be assert, described in go wrong report information to carry the message identification that the rise time of the information of reporting by mistake is respectively gone in differentiation.

Going wrong report information described security management application program to be detected at server end generates after to the security attribute identification error of described destination application, for the security attribute of the application program of identification error is revised, described security management application program is arranged on terminal, for described terminal is carried out to security monitoring, the antivirus software of installing such as terminal etc.

Go wrong report information can carry corresponding information sign, the priority of going to report by mistake the Information generation time to distinguish each.In concrete realization, described message identification can be for going the time of the information of reporting by mistake described in described server end generation, for example message identification is 2013-11-12-11:12, and to go wrong report information be 2013-11-12-11:14 than message identification that to go to report by mistake time of Information generation Zao, described message identification also can for described server end according to the rise time sequencing that respectively goes the information of reporting by mistake, determine described in go the numbering of the information of reporting by mistake, for example, server end has existed 95 to go wrong report information, the newly-generated numbering of going the information of reporting by mistake is 96, next generate go the information of reporting by mistake be numbered 97.The described security attribute that goes wrong report information for revising the security management application program of terminal, destination application to be assert, signature identification and the revised security attribute of described destination application that can comprise described destination application, the signature identification of described destination application is for distinguishing this destination application and other application programs, and signature identification can be converted to according to preset algorithm by the application file to described application program.

Preferably, identification information can be the cryptographic hash of the executable file of described application program, each application program has corresponding executable file file (PE file), can pass through unique HASH(Hash that MD5 algorithm (Message Digest Algorithm MD5, message digest algorithm the 5th edition) calculates executable file) value.

For example, by MD5 algorithm, 32 unique HASH values of calculating executable file WINWORD.EXE are 54525786F76E6CD2BA29E2B7B1B28939.

Certainly, the cryptographic hash that those skilled in the art adopt other algorithms to calculate executable files according to actual conditions is all feasible, for example, adopts sha-1, RIPEMD and Haval scheduling algorithm, the application to this without being limited.

What step 102, receiving terminal sent goes the request of obtaining of the information of reporting by mistake at least one, described in the request of obtaining according to described terminal is already present, remove to report by mistake Information generation.

Terminal can be obtained wrong report information to server request, in the embodiment of the present invention, and the request of obtaining that meets http agreement sending to terminal, the request of obtaining removes to report by mistake Information generation according to terminal is already present.

Step 103, according to described obtain request to described terminal, return to wrong report information, the security attribute of described destination application is revised by described security management application program, the wrong report information of going of returning is to be after the already present rise time of going the information of reporting by mistake, to go wrong report information in described terminal the rise time.

Server end receives after the request of obtaining, according to the request of obtaining, return to wrong report information, according to obtaining the wrong report information of going of asking represented terminal to exist, return to terminal, the wrong report information of going of returning is to be after the already present rise time of going the information of reporting by mistake, to go wrong report information in described terminal the rise time, be upgrade the rise time go wrong report information, what in other words, terminal received is the local non-existent wrong report information of going.

In a preferred embodiment of the present invention, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information.

Described step 103 can comprise:

Sub-step S11, extract and to go wrong report information after the rise time that temporal information that the rise time carries in the described request of obtaining indicates, return to described terminal.

In the present embodiment, going of having existed according to terminal reported by mistake in the process that Information generation obtains request, the described request of obtaining is added to temporal information, temporal information is reported the rise time of information by mistake for indicating nearest going, nearest described in the embodiment of the present invention goes wrong report information to be that described terminal is already present to go in wrong report information, rise time apart from current time nearest go wrong report information, for example, existing 95 of terminal is gone wrong report information, can be according to removing the entrained message identification of wrong report information, search the rise time and be the nearest wrong report information of going, according to this, go the rise time of the information of reporting by mistake to obtain a temporal information and send to server end.

In the present embodiment, described temporal information can for described server end according to the rise time sequencing that respectively goes the information of reporting by mistake, determine described in go the numbering of the information of reporting by mistake, also can be for the described wrong report information of going be in the rise time of described server end, or other information that generate according to the described nearest rise time of going the information of reporting by mistake.

In the present embodiment, preferably, when message identification goes the numbering of the information of reporting by mistake described in to be described server end determine according to the rise time sequencing that respectively goes the information of reporting by mistake, can be using message identification directly as temporal information; When described message identification goes wrong report information in the rise time of described server end described in being, can be using message identification directly as temporal information, or using other information that generate according to the described nearest rise time of going the information of reporting by mistake as temporal information.

For example, message identification is when going the numbering of the information of reporting by mistake described in determining according to the rise time sequencing that respectively goes the information of reporting by mistake, as 1,2,3 ... 95, nearest go wrong report information be message identification be 95 go wrong report information, message identification 95 can be sent to server end as temporal information, for server end, according to nearest message identification, return to wrong report information; When message identification is while going the time of the information of reporting by mistake described in described server end generates, the message identification 2013-11-12-11:14 that can extraction time report information by mistake apart from nearest going is now as temporal information, also can be using other information that generate according to the described nearest rise time of going the information of reporting by mistake as temporal information, for example extract the rise time combination of numbers of 12 201311121114, send to server end.

In a kind of preferred exemplary of the present embodiment, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, described sub-step S11 can comprise:

Sub-step S11-1, search whether server end exist numbering that the numbering request of obtaining described in being greater than carries go wrong report information, if exist, carry out sub-step S11-2;

Sub-step S11-2, the wrong report information of going that at least one is searched return to described terminal.

When message identification and temporal information are numbering, can compare according to numbering size, number larger going, to report Information generation time interval current time by mistake nearer, otherwise, to number less going and report Information generation morning by mistake, the rise time is far away apart from current time.

In the present embodiment, search the rise time and go wrong report information after the time of obtaining the temporal information sign that carries of request, therefore, can search numbering be greater than obtain ask the numbering of carrying go wrong report information, when existing, the one or more wrong report information of going that find are returned to terminal.

For example, when message identification and temporal information are numbering, the message identification that information is reported in nearest going by mistake is 95, can extract a plurality of wrong report information of going that are numbered after 95 at server end and return to terminal,

In the another kind of preferred exemplary of the embodiment of the present invention, described message identification goes wrong report information in the rise time of described server end described in being, described temporal information goes wrong report information in the rise time of described server end described in being, or other information of the described nearest rise time generation of going the information of reporting by mistake of foundation;

Described sub-step S11 comprises:

Sub-step S11-3, search whether to exist and go wrong report information after the rise time that rise time that described message identification indicates indicates in described temporal information, if exist, carry out sub-step S11-4;

Sub-step S11-4, the wrong report information of going that at least one is searched return to described terminal.

When message identification is the rise time, when temporal information is rise time or other information, can compare according to the priority of rise time, according to temporal information, determine the corresponding rise time, then go the message identification of the information of reporting by mistake to compare rise time corresponding to temporal information and each, going after the rise time that the rise time that message identification is indicated indicates in temporal information reported information extraction by mistake and gone out, and extracts one or more terminals that return to.

For example, the message identification that information is reported in nearest going by mistake is 2013-11-12-11:13, can extract a plurality of the go wrong report information of rise time after 2013-11-12-11:13 and return to terminal.

In concrete realization, may be when terminal request, there is not the new wrong report information of going in server end, does not exist the rise time to go wrong report information after the message identification of information is reported in nearest going by mistake, and therefore, described sub-step S11 can also also comprise:

If do not exist, to described terminal, return to preset value.

If do not exist other to go wrong report information after the message identification that the request of obtaining is carried, can return to a preset value, for example return to null value.

In another kind of preferred embodiment of the present invention, going of having existed according to terminal reported by mistake in the process that Information generation obtains request, the described request of obtaining is added to temporal information, described temporal information for indicate described terminal non-existent certain go the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

Described step 103 can comprise:

Sub-step S21, extract the rise time be described in rise time of indicating of the request of the obtaining temporal information of carrying, and the rise time temporal information of carrying in the described request of obtaining goes wrong report information after rise time of indicating, returns to described terminal.

Be different from last embodiment, in the present embodiment, terminal is before wrong report information is gone in request, can also first going of existing to its existing and described server end of server request report information inventory by mistake, go to report by mistake whole the going wrong report information or the whole rise times of going the information of reporting by mistake after the fixed time that can comprise server existence in information inventory.According to removing to report by mistake each that exist on information inventory, go to report by mistake that Information generation time and terminal exist that each goes the rise time of the information of reporting by mistake to contrast, can know which the non-existent wrong report information of going of terminal has.According to the result of contrast, according to the non-existent rise time rise time information of going the information of reporting by mistake of terminal.Wherein, the fixed time can be the time that terminal was obtained the information of wrong report by mistake last time, can set according to concrete application demand.

For example, when message identification is numbering, terminal exists 95 and goes wrong report information, server end exists 100 and goes wrong report information, go to report by mistake and on inventory, comprise that 100 are gone the whole rise times of going the information of reporting by mistake after the rise time of the information of reporting by mistake or time that terminal was obtained the information of wrong report by mistake last time, terminal will go to report by mistake after rise time of going the information of reporting by mistake that inventory and terminal exist contrasts, non-existent go wrong report information be message identification be 96～100 these five go wrong report information, temporal information can identify these five and go that in wrong report information, certain goes the rise time of the information of reporting by mistake.

Server receive sign terminal non-existent certain go after the temporal information of rise time of the information of reporting by mistake, can be to obtain the rise time that the request temporal information of carrying indicates by the rise time, and the rise time after obtaining the rise time that the request temporal information of carrying indicates, go wrong report information, return to described terminal, in other words, be about to the non-existent wrong report information of going of this terminal, and other after this goes wrong report information of rise time go wrong report information to return to terminal, the number of returning can arrange in advance, the present invention does not limit this.

In another kind of preferred embodiment of the present invention, going of having existed according to terminal reported by mistake in the process that Information generation obtains request, the described request of obtaining is added to temporal information, the rise time of going report information of described temporal information for indicating that described terminal does not exist and described server end exists, by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

Described step 103 can comprise:

Sub-step S31, extract the rise time be described in rise time of indicating of the request of the obtaining temporal information of carrying go wrong report information, return to described terminal.

Be different from last embodiment, in the present embodiment, described in temporal information sign terminal non-existent at least one go the rise time of the information of reporting by mistake.For example, when message identification is numbering, terminal exists 95 and goes wrong report information, server end exists 100 and goes wrong report information, terminal non-existent go wrong report information be message identification be 96～100 these five go wrong report information, temporal information can identify these five and go one or more rise times of going the information of reporting by mistake in wrong report information.

Server receive sign terminal non-existent at least one go after the temporal information of rise time of the information of reporting by mistake, can be by the rise time obtain rise time that the request temporal information of carrying indicates go wrong report information, return to described terminal, in other words, the non-existent wrong report information of going of terminal that is about to indicate in temporal information returns to terminal.

In concrete realization, described in the request of obtaining can also carry the number of going the information of reporting by mistake of acquisition request, described sub-step S11 can comprise:

When obtain request carry acquisition request go the number of the information of reporting by mistake time, can return to wrong report information according to the number of request, because each file of downloading only comprises the file of needs and there is no repeated downloads, avoid the problem that downloading data amount is larger, the bandwidth of upgrade server is caused to the problem of very large pressure.

For example, when message identification is numbering, the message identification that information is reported in nearest going by mistake is 95, and the number of request is 5, can extract 5 of being numbered after 95 at server end and go wrong report information to return to terminal, be about to number 96,97,98,99,100 the wrong report information of going and return to terminal; When message identification is while reporting the rise time of information by mistake, nearest message identification is 2013-11-12-11:13, and the number of request is 5, can extract after 2013-11-12-11:13 5 of rise time and go wrong report information to return to terminal.

With reference to figure 2, show the management method process flow diagram of application security attribute in accordance with another embodiment of the present invention, specifically can comprise:

Step 201, terminal to server end send at least one are gone to the request of obtaining of the information of reporting by mistake, described in the request of the obtaining wrong report information of going of asking according to the already present wrong report information of going of described terminal, determine.In the embodiment of the present invention, described terminal to server end sends and goes the step of the request of obtaining of the information of reporting by mistake to be at least one:

Described terminal sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency.

Step 202, receive that described server end returns according to the described request of obtaining go wrong report information, return to go wrong report information be the rise time in described terminal after the already present rise time of going the information of reporting by mistake goes wrong report information.

In a kind of preferably embodiment of the present invention, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

Described step 202 can comprise:

Sub-step S41, reception server end return, and the rise time is gone wrong report information after obtaining the rise time that the request temporal information of carrying indicates.In a kind of preferred exemplary of the present embodiment, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, described sub-step S41 comprises:

Sub-step S41-1, receive described server end numbering be greater than described at least one of the request of the obtaining numbering of carrying go wrong report information.

In the another kind of preferred exemplary of the present embodiment, described message identification goes wrong report information in the rise time of described server end described in being, described sub-step S41 comprises:

Sub-step S41-2, receive after the rise time that rise time that described message identification indicates indicates in described temporal information at least one go wrong report information.

Described sub-step S41 also comprises:

Sub-step S41-3, receive described server end determine after the rise time that the temporal information do not exist the request of obtaining to carry indicates go to report information by mistake time, the preset value returning.

At another kind of the present invention preferably in embodiment, temporal information is carried in the described request of obtaining, described temporal information for indicate described terminal non-existent certain go the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

Described step 202 can comprise:

Sub-step S51, reception server end return, the rise time that the temporal information that the rise time request of obtaining described in being is carried indicates, and the rise time temporal information of carrying in the described request of obtaining is gone wrong report information after rise time of indicating.

At another kind of the present invention preferably in embodiment, temporal information is carried in the described request of obtaining, the rise time of going report information of described temporal information for indicating that described terminal does not exist and described server end exists, by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

Described step 202 can comprise:

Sub-step S61, reception server end return, the rise time that the temporal information that the rise time request of obtaining described in being is carried indicates go wrong report information.

In the embodiment of the present invention, described in the request of obtaining can also carry the number of going the information of reporting by mistake of acquisition request, described server end returns goes to report by mistake the number of going the information of reporting by mistake that information number is less than or equal to acquisition request.

The security management application program of step 203, described terminal is revised the security attribute of the destination application of described terminal according to the wrong report information of going of returning.

In the embodiment of the present invention, in the preset file of described security management application program, preserve signature identification and the security attribute corresponding to described destination application of destination application, described in to go wrong report information be that described server end detects described security management application program and generates after to the security attribute identification error of described destination application.Described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, wherein, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application.

Security management application program can be revised security attribute after receiving wrong report information, concrete, when returning to the wrong report information of going of described terminal, comprises that when a plurality of, described step 203 comprises:

In the time need to revising the security attribute of a plurality of destination applications, according to going application program corresponding to wrong report information, revise one by one, for certain destination application, in preset file, search destination application and search characteristic of correspondence sign, after finding, security attribute corresponding in preset file is updated to the security attribute in wrong report information.

In the embodiment of the present invention, described method can also comprise:

Terminal receives new going after wrong report information, can be that the message identification that information is reported in nearest going by mistake upgrades by the rise time, thus next time please look for novelty go to report information by mistake time, can directly extract the nearest message identification of preservation, be added in the request of obtaining.

In order to make those skilled in the art understand better the present invention, below by concrete step, method of the present invention is described.

Step 1, terminal sent and once go wrong report request to service end every two seconds, in request, comprise two key parameter begin_id and step, during begin_id, call for the last time the value that while reporting interface by mistake, service end is returned, step is that number is recorded in the wrong report of going that this request is obtained at most.

Step 2, service end analysis request, return in wrong report system and record number from begin_id, at most step bar record.If record does not just return to null value.

Step 3, terminal are received after request, if not null value, just will record and local data base comparison cleaning buffer memory, and the id of the last item that service end is returned record, the value of begin_id before covering.

It should be noted that, for aforesaid embodiment of the method, for simple description, therefore it is all expressed as to a series of combination of actions, but those skilled in the art should know, the present invention is not subject to the restriction of described sequence of movement, because according to the present invention, some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in instructions all belongs to preferred embodiment, and related action might not be essential to the invention.

With reference to figure 3, show the management devices structured flowchart of application security attribute according to an embodiment of the invention, specifically can comprise:

Information generating module 301, for server end, generate one or more wrong report information of going, the described security attribute that goes wrong report information for the security management application program of revising terminal, destination application to be assert, described in go wrong report information to carry the message identification that the rise time of the information of reporting by mistake is respectively gone in differentiation;

Information request module 302, what for receiving terminal, send goes the request of obtaining of the information of reporting by mistake at least one, described in the request of obtaining according to described terminal is already present, remove to report by mistake Information generation;

Go wrong report information to return to module 303, for returning to wrong report information according to the described request of obtaining to described terminal, the security attribute of described destination application is revised by described security management application program, the wrong report information of going of returning is to be after the already present rise time of going the information of reporting by mistake, to go wrong report information in described terminal the rise time.

In a preferred embodiment of the present invention, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

In another kind of preferred embodiment of the present invention, temporal information is carried in the described request of obtaining, described temporal information for indicate described terminal non-existent certain go the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

In another kind of preferred embodiment of the present invention, temporal information is carried in the described request of obtaining, the rise time of going report information of described temporal information for indicating that described terminal does not exist and described server end exists, by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

In a kind of preferred exemplary of the embodiment of the present invention, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information extracts submodule and comprises:

Described first information extraction module comprises:

In the embodiment of the present invention, preferably, the number of going the information of reporting by mistake of acquisition request is also carried in the described request of obtaining, described first returns to submodule or second returns to submodule, specifically for going in wrong report information of finding, extract at least one a plurality of wrong report information of going that number is less than or equal to the number of going the information of reporting by mistake of acquisition request, return to described terminal.

In the embodiment of the present invention, preferably, described information is returned to module and can also be comprised:

In the embodiment of the present invention, preferably, the described wrong report information of going can generate after to the security attribute identification error of described destination application for described server end detects described security management application program, described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application.

With reference to figure 4, show the management devices structured flowchart of application security attribute according to an embodiment of the invention, specifically can comprise:

Request sending module 401, sends at least one is gone to the request of obtaining of the information of reporting by mistake for terminal to server end, described in the request of the obtaining wrong report information of going of asking according to the already present wrong report information of going of described terminal, determine;

Information receiving module 402, goes wrong report information for what receive that described server end returns according to the described request of obtaining, return to go wrong report information be the rise time in described terminal after the already present rise time of going the information of reporting by mistake goes wrong report information;

Correcting module 403, revises the security attribute of the destination application of described terminal according to the wrong report information of going of returning for the security management application program of described terminal.

Described information receiving module comprises:

In a kind of preferred exemplary of the embodiment of the present invention, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information receives submodule, specifically for receive described server end numbering be greater than described at least one of the request of the obtaining numbering of carrying go wrong report information.

In the another kind of preferred exemplary of the embodiment of the present invention, described message identification goes wrong report information in the rise time of described server end described in being, the described first information receives submodule, specifically at least one reception after the rise time that rise time that described message identification indicates indicates in described temporal information, goes wrong report information.

In the embodiment of the present invention, preferably, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, described server end returns goes to report by mistake the number of going the information of reporting by mistake that information number is less than or equal to acquisition request.

In the embodiment of the present invention, preferably, the described first information receives submodule and also comprises:

In the embodiment of the present invention, preferably, described device also comprises:

In the embodiment of the present invention, preferably, described request sending module, sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency specifically for described terminal.

In the embodiment of the present invention, preferably, described in to go wrong report information be that described server end detects described security management application program and generates after to the security attribute identification error of described destination application;

Described correcting module comprises:

For the management devices embodiment of above-mentioned application security attribute, because it is substantially similar to embodiment of the method, so description is fairly simple, relevant part is referring to the part explanation of embodiment of the method shown in Fig. 1 and Fig. 2.

Each embodiment in this instructions all adopts the mode of going forward one by one to describe, and each embodiment stresses is the difference with other embodiment, between each embodiment identical similar part mutually referring to.

Those skilled in the art are easy to expect: the combination in any application of above-mentioned each embodiment is all feasible, therefore the combination in any between above-mentioned each embodiment is all embodiment of the present invention, but this instructions has not just described in detail one by one at this as space is limited.

The algorithm providing at this is intrinsic not relevant to any certain computer, virtual system or miscellaneous equipment with demonstration.Various general-purpose systems also can with based on using together with this teaching.According to description above, it is apparent constructing the desired structure of this type systematic.In addition, the present invention is not also for any certain programmed language.It should be understood that and can utilize various programming languages to realize content of the present invention described here, and the description of above language-specific being done is in order to disclose preferred forms of the present invention.

In the instructions that provided herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can not put into practice in the situation that there is no these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.

Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the above in the description of exemplary embodiment of the present invention, each feature of the present invention is grouped together into single embodiment, figure or sometimes in its description.Yet, the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires than the more feature of feature of clearly recording in each claim.Or rather, as reflected in claims below, inventive aspect is to be less than all features of disclosed single embodiment above.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.

Those skilled in the art are appreciated that and can the module in the equipment in embodiment are adaptively changed and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and can put them into a plurality of submodules or subelement or sub-component in addition.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to combine all processes or the unit of disclosed all features in this instructions (comprising claim, summary and the accompanying drawing followed) and disclosed any method like this or equipment.Unless clearly statement in addition, in this instructions (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or the alternative features of similar object replaces.

In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in the following claims, the one of any of embodiment required for protection can be used with array mode arbitrarily.

All parts embodiment of the present invention can realize with hardware, or realizes with the software module moved on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that and can use in practice microprocessor or digital signal processor (DSP) to realize according to the some or all functions of the some or all parts in the management equipment of the application security attribute of the embodiment of the present invention.The present invention for example can also be embodied as, for carrying out part or all equipment or device program (, computer program and computer program) of method as described herein.Realizing program of the present invention and can be stored on computer-readable medium like this, or can there is the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.

It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation that do not depart from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed as element or step in the claims.Being positioned at word " " before element or " one " does not get rid of and has a plurality of such elements.The present invention can be by means of including the hardware of some different elements and realizing by means of the computing machine of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title by these word explanations.

The management method that the invention discloses A1, a kind of application security attribute, comprising:

A2, the method as described in A1, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

A3, the method as described in A1, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

A4, the method as described in A1, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, and by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

A5, the method as described in A2, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, after the rise time that the described extraction rise time temporal information of carrying in the request of obtaining indicates, go wrong report information, the step that returns to terminal comprises:

A6, the method as described in A2, described message identification goes wrong report information in the rise time of described server end described in being, described temporal information goes wrong report information in the rise time of described server end described in being, or other information of the described nearest rise time generation of going the information of reporting by mistake of foundation;

A7, the method as described in A5 or A6, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, the described step of going wrong report information to return to terminal that at least one is searched comprises:

A8, the method as described in A5 or A6, at least one after obtaining the rise time that the request temporal information of carrying indicates of described extraction rise time gone wrong report information, and the step that returns to terminal also comprises:

If do not exist, to described terminal, return to preset value.

A9, the method as described in A1, the described wrong report information of going is that described server end detects described security management application program and generates after to the security attribute identification error of described destination application, described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application.

The management method that the invention also discloses B10, a kind of applications security, comprising:

B11, the method as described in B10, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

B12, the method as described in B10, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

B13, the method as described in B10, temporal information is carried in the described request of obtaining, the rise time of going report information of described temporal information for indicating that described terminal does not exist and described server end exists, by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

B14, the method as described in B11, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, described reception server end returns, and rise time going after obtaining the rise time that the request temporal information of carrying indicates reported information step by mistake and comprised:

B15, the method as described in B11, described message identification goes wrong report information in the rise time of described server end described in being, described reception server end returns, and rise time going after obtaining the rise time that the request temporal information of carrying indicates reported information step by mistake and comprised:

B16, the method as described in B14 or B15, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, described server end returns goes to report by mistake the number of going the information of reporting by mistake that information number is less than or equal to acquisition request.

B17, the method as described in B14 or B15, described reception server end returns, and rise time going after obtaining the rise time that the request temporal information of carrying indicates reported information step by mistake and also comprised:

B18, the method as described in B11, also comprise:

B19, the method as described in B10, described terminal to server end sends and goes the step of the request of obtaining of the information of reporting by mistake to be at least one, and described terminal sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency.

B20, the method as described in B10, described in to go wrong report information be that described server end detects described security management application program and generates after to the security attribute identification error of described destination application;

The management devices that the invention also discloses C21, a kind of application security attribute, comprising:

C22, the device as described in C21, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

C23, the device as described in C21, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

C24, the device as described in C21, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, and by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

C25, the device as described in C22, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information extracts submodule and comprises:

C26, the device as described in C22, described message identification goes wrong report information in the rise time of described server end described in being, described temporal information goes wrong report information in the rise time of described server end described in being, or other information of the described nearest rise time generation of going the information of reporting by mistake of foundation;

Described first information extraction module comprises:

C27, the device as described in C25 or C26, the number of going the information of reporting by mistake of acquisition request is also carried in the described request of obtaining, described first returns to submodule or second returns to submodule, specifically for going in wrong report information of finding, extract at least one a plurality of wrong report information of going that number is less than or equal to the number of going the information of reporting by mistake of acquisition request, return to described terminal.

C28, the device as described in C25 or C26, described information is returned to module and is also comprised:

C29, the device as described in C21, the described wrong report information of going is that described server end detects described security management application program and generates after to the security attribute identification error of described destination application, described signature identification and the revised security attribute of described destination application that goes wrong report information to comprise described destination application, the signature identification of described destination application is converted to according to preset algorithm by the application file to described destination application.

The management devices that the invention also discloses D30, a kind of applications security, comprising:

D31, the device as described in D30, temporal information is carried in the described request of obtaining, described temporal information is for indicating that nearest going report the rise time of information by mistake, described nearest go wrong report information be described terminal already present go rise time in wrong report information apart from current time nearest go wrong report information;

Described information receiving module comprises:

D32, the device as described in D30, temporal information is carried in the described request of obtaining, described in described temporal information sign, terminal does not exist and described server end exists that certain goes the rise time of the information of reporting by mistake, described temporal information by server end request go report by mistake information inventory and described terminal this locality go wrong report information to contrast to obtain;

Described information receiving module comprises:

D33, the device as described in D30, temporal information is carried in the described request of obtaining, described temporal information is for indicating that described terminal does not exist and described server end exists that at least one goes the rise time of the information of reporting by mistake, and by contrast, the wrong report information of going of reporting information inventory and described terminal this locality by mistake of going to server end request obtains described temporal information;

Described information receiving module comprises:

D34, the device as described in D31, described message identification and described temporal information be that described server end determines according to the rise time sequencing that respectively goes the information of reporting by mistake described in go the numbering of the information of reporting by mistake, the described first information receives submodule, specifically for receive described server end numbering be greater than described at least one of the request of the obtaining numbering of carrying go wrong report information.

D35, the device as described in D31, described message identification goes wrong report information in the rise time of described server end described in being, the described first information receives submodule, specifically at least one reception after the rise time that rise time that described message identification indicates indicates in described temporal information, goes wrong report information.

D36, the device as described in D34 or D35, described in the request of obtaining also carry the number of going the information of reporting by mistake of acquisition request, described server end returns goes to report by mistake the number of going the information of reporting by mistake that information number is less than or equal to acquisition request.

D37, the device as described in D34 or D35, the described first information receives submodule and also comprises:

D38, the device as described in D31, also comprise:

D39, the device as described in D30, described request sending module, sends at least one is gone to the request of obtaining of the information of reporting by mistake to server end according to predeterminated frequency specifically for described terminal.

D40, the device as described in D30, described in to go wrong report information be that described server end detects described security management application program and generates after to the security attribute identification error of described destination application;

Described correcting module comprises:

Claims

1. A method for managing application security attributes, comprising:

The server side generates one or more anti-false positive information, the anti-false positive information is used to modify the security attributes identified by the terminal’s security management application program for the target application program, and the anti-false positive information carries information that distinguishes the various anti-false positive information The information identification of the generation time of ;

receiving an acquisition request for at least one piece of false positive removal information sent by the terminal, where the acquisition request is generated based on the existing false positive removal information of the terminal;

Return anti-false positive information to the terminal according to the acquisition request, so that the security management application program can modify the security attributes of the target application program, and the returned anti-false positive information is generated at the terminal The anti-false positive information after the generation time of the existing anti-false positive information.

2. The method according to claim 1, wherein the acquisition request carries time information, and the time information is used to mark the generation time of the latest anti-false alarm information, and the latest anti-false alarm information is that the terminal already exists In the de-false positive information, the generated time is the closest to the current time, and the de-false positive information is generated;

The step of returning false positive information to the terminal according to the acquisition request includes:

Extracting the anti-false positive information whose generation time is later than the generation time indicated by the time information carried in the acquisition request, and returning it to the terminal.

3. The method according to claim 1, wherein the acquisition request carries time information, and the time information is used to mark the generation time of certain anti-false positive information that does not exist in the terminal and exists in the server, the The time information is obtained by comparing the false positive removal information list requested from the server with the local false positive removal information of the terminal;

Extracting the generation time marked by the time information carried in the acquisition request, and the anti-false positive information whose generation time is later than the generation time marked by the time information carried in the acquisition request, and returning it to the terminal.

4. The method according to claim 1, wherein the acquisition request carries time information, and the time information is used to mark the generation time of at least one anti-false positive information that does not exist at the terminal and exists at the server end, the The time information is obtained by comparing the anti-false positive information list requested from the server with the local anti-false positive information of the terminal;

Extracting the anti-false positive information whose generation time is the generation time marked by the time information carried in the acquisition request, and returning it to the terminal.

5. The method according to claim 2, the information identifier and the time information are the numbering of the false positive information removed by the server according to the order of generation time of each false positive information, and the The step of extracting false positive information whose generation time is after the generation time marked by the time information carried in the acquisition request and returning it to the terminal includes:

Finding whether there is any anti-false positive information on the server side whose number is greater than the number carried by the acquisition request;

If it exists, return at least one searched false positive information to the terminal.

6. The method according to claim 2, wherein the information identifier is the generation time of the false positive information removal at the server end, and the time information is the generation time of the false positive information removal at the server end, or Other information generated based on the generation time of the most recent anti-false positive information;

The step of extracting at least one anti-false positive information whose generation time is after the generation time marked by the time information carried in the request, and returning it to the terminal includes:

Finding whether there is any anti-false positive information whose generation time marked by the information identifier is after the generation time marked by the time information;

7. The method according to claim 5 or 6, wherein the obtaining request also carries the number of false positive information that is requested to be acquired, and the step of returning at least one false positive information that is searched to the terminal includes:

From the found anti-false positive information, extract at least one anti-false positive information whose number is less than or equal to the number of requested anti-false positive information, and return it to the terminal.

8. A method for managing application security, comprising:

The terminal sends an acquisition request for at least one false positive removal information to the server, where the false positive removal information requested by the acquisition request is determined according to the existing false positive removal information of the terminal;

Receiving the anti-false positive information returned by the server according to the acquisition request, the returned anti-false positive information is the anti-false positive information whose generation time is after the generation time of the anti-false positive information existing in the terminal;

The security management application program of the terminal modifies the security attributes of the target application program of the terminal according to the returned false positive removal information.

9. A device for managing application security attributes, comprising:

The information generation module is used to generate one or more false positive removal information on the server side, and the false positive removal information is used to modify the security attributes identified by the security management application program of the terminal to the target application program, and the false positive removal information carries Distinguish the information identification of the generation time of each misreported information;

An information request module, configured to receive an acquisition request for at least one false alarm removal information sent by the terminal, where the acquisition request is generated based on the existing false alarm removal information of the terminal;

The anti-false positive information returning module is used to return the anti-false positive information to the terminal according to the acquisition request, so that the security management application can modify the security attributes of the target application program, and the returned false positive The information is the anti-false positive information whose generation time is after the generation time of the anti-false positive information that already exists in the terminal.

10. A management device for application security, comprising:

The request sending module is used for the terminal to send an acquisition request for at least one false alarm removal information to the server, where the false alarm removal information requested by the acquisition request is determined according to the existing false alarm removal information of the terminal;

An information receiving module, configured to receive the anti-false positive information returned by the server according to the acquisition request, the returned anti-false positive information is the anti-false positive information whose generation time is after the generation time of the existing anti-false positive information of the terminal misinformation;

The modification module is used for the security management application program of the terminal to modify the security attributes of the target application program of the terminal according to the returned false positive removal information.