[go: up one dir, main page]

CN111639021A - Permission testing method and device of application program and terminal equipment - Google Patents

Permission testing method and device of application program and terminal equipment Download PDF

Info

Publication number
CN111639021A
CN111639021A CN202010406908.8A CN202010406908A CN111639021A CN 111639021 A CN111639021 A CN 111639021A CN 202010406908 A CN202010406908 A CN 202010406908A CN 111639021 A CN111639021 A CN 111639021A
Authority
CN
China
Prior art keywords
permission
authority
test
application program
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010406908.8A
Other languages
Chinese (zh)
Inventor
张美苑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010406908.8A priority Critical patent/CN111639021A/en
Publication of CN111639021A publication Critical patent/CN111639021A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Stored Programmes (AREA)

Abstract

The application is applicable to the technical field of permission test, and provides a permission test method, a permission test device and terminal equipment of an application program, wherein the method comprises the following steps: acquiring authority application information of application programs in systems of different versions, wherein the authority application information comprises function information and authority information of the application programs; classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the declaration files of different versions of systems; establishing an authority test matrix of the application program according to the mapping relation and systems of different versions; and performing permission test on the application program installed in the system through the permission test matrix. By the method and the device, the problems that the testing tool tests the application program incompletely and the quality of the installed application program cannot be guaranteed can be solved; providing a comprehensive test case for the application program test; the test efficiency is improved, and the completeness and accuracy of test coverage are improved comprehensively. In addition, the present application also relates to block chaining techniques.

Description

Permission testing method and device of application program and terminal equipment
Technical Field
The application belongs to the technical field of permission testing, and particularly relates to a permission testing method and device of an application program and terminal equipment.
Background
With the development of computer technology, the intelligent mobile terminal becomes a necessity in life of people, and the application of the android system in the intelligent mobile terminal is more and more extensive. Due to the openness of the android system, the android system can be customized by a mobile terminal manufacturer or an application developer according to needs, so that the android system is seriously fragmented, and the functional applications are various; in the complex and various applications of the android system, great convenience is brought to people, and meanwhile, a large number of malicious applications are mixed, so that certain hidden dangers are brought to data safety, privacy safety and property safety of users.
Currently, permission testing of an application program is a security detection mechanism of an android system. Due to the fact that the android system is seriously fragmented, different manufacturers assign specific authority rules to authorization pages of the application programs, the application program authority class test of the android system is complex and diversified, the test tool of the application programs of the existing android system terminal is incomplete in test, and the quality of the application programs of the system terminal cannot be guaranteed.
Disclosure of Invention
The embodiment of the application program permission testing method and device and terminal equipment can solve the problems that the existing testing tool for the application program of the android system terminal is not comprehensive in testing and the quality of the application program of the system terminal cannot be guaranteed due to the fact that the application program permission testing of the android system is complex and diversified.
In a first aspect, an embodiment of the present application provides a method for testing an authority of an application program, including:
acquiring authority application information of application programs in systems of different versions, wherein the authority application information comprises function information and authority information of the application programs;
classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the statement files of different version systems;
establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions;
and performing permission test on the application program installed in the system through the permission test matrix.
In a possible implementation manner of the first aspect, the acquiring the permission application information of the application program in the preset category system includes:
aiming at systems with different versions, acquiring a software development kit corresponding to the system versions;
and determining the authority application information of the application program installed or operated in different versions of systems according to the software development toolkit.
In a possible implementation manner, the classifying the permission information to obtain a permission category set, and determining a mapping relationship between the permission category set and the function information according to declaration files of systems of different versions includes:
determining a first mapping relation between a first service permission list and the function category set according to system statement files of different versions of systems;
and determining a second mapping relation between the second service permission list and the function category set according to the application program declaration files of the systems with different versions.
In a possible implementation manner, establishing an authority test matrix of the application program according to the mapping relationship includes:
and establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises the following steps:
setting different versions of systems and the function information as a plurality of test reference indexes according to statement files of the systems;
determining the corresponding relation between each test reference index and the permission type set according to the mapping relation between the function information and the permission type set;
determining the permission test items and the number of the permission test items in the permission type set corresponding to each test reference index according to the corresponding relation;
and establishing the permission test matrix according to the test reference index, the permission test items and the number of the permission test items.
In a possible implementation manner, performing permission test on the application installed in the system through the permission test matrix includes:
acquiring a software development toolkit corresponding to the system version and an installation package file of an application program;
determining the test reference index to which the system version belongs according to the software development kit;
determining the permission test item corresponding to the application program according to the installation package file;
and carrying out permission test on the application program installed in the system according to the permission test item.
In one possible implementation, the method further includes:
and managing the authority application information based on a block chain technology.
In a second aspect, an embodiment of the present application provides an apparatus for testing permission of an application program, including:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring authority application information of application programs in systems with different versions, and the authority application information comprises function information and authority information of the application programs;
the mapping module is used for classifying the authority information to obtain an authority category set and determining the mapping relation between the authority category set and the function information according to the statement files of different versions of systems;
the matrix module is used for establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions;
and the test module is used for carrying out permission test on the application program installed in the system through the permission test matrix.
In a possible implementation manner, the obtaining module is further configured to obtain, for different versions of the system, a software development kit corresponding to the system version; and determining the authority application information of the application program installed or operated in different versions of systems according to the software development toolkit.
In a possible implementation manner, the mapping module is further configured to determine a first mapping relationship between the first service permission list and the function category set according to system declaration files of systems of different versions; and determining a second mapping relation between the second service permission list and the function category set according to the application program declaration files of the systems with different versions.
In a third aspect, an embodiment of the present application provides a terminal device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the method when executing the computer program.
In a fourth aspect, the present application provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the method.
In a fifth aspect, an embodiment of the present application provides a computer program product, which, when running on a terminal device, causes the terminal device to execute the method for testing the permission of an application program according to any one of the above first aspects.
Compared with the prior art, the embodiment of the application has the advantages that: according to the embodiment, permission application information of the application program in systems of different versions is obtained, wherein the permission application information comprises function information and permission information of the application program; classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the statement files of different version systems; establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions; performing permission test on the application program installed in the system through the permission test matrix; the problems that the test tool of the application program of the system terminal is not comprehensively tested and the quality of the application program installed on the system terminal cannot be guaranteed are solved; a comprehensive test case is provided for the application program test; meanwhile, the application program is subjected to targeted test through the test matrix, the redundancy of the permission type test case is reduced, the test efficiency is improved, the integrity and the accuracy of test coverage are comprehensively improved, and the method has high usability and practicability.
It is understood that the beneficial effects of the second aspect to the fifth aspect can be referred to the related description of the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
FIG. 1 is a schematic diagram of a system provided by an embodiment of the present application;
fig. 2 is a schematic flowchart of a method for testing permission of an application according to an embodiment of the present application;
fig. 3 is a schematic diagram of establishing a mapping relationship between functions and permissions according to an embodiment of the present application;
FIG. 4 is a diagram illustrating an embodiment of a matrix for establishing permission tests;
FIG. 5 is a diagram illustrating a configuration of a vendor rights verification point according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an authority testing apparatus for an application according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
The permission testing method of the application program provided by the embodiment of the application program can be applied to terminal devices such as a mobile phone, a tablet computer, a notebook computer, an ultra-mobile personal computer (UMPC), a netbook, a Personal Digital Assistant (PDA) and the like, and the specific type of the terminal device is not limited in any way in the embodiment of the application.
The execution subject of the permission testing method for the application program provided by the embodiment of the present application includes, but is not limited to, at least one of electronic devices such as a server and a terminal that can be configured to execute the method provided by the embodiment of the present application. In other words, the example permission test method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a blockchain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.
The block chain underlying platform can comprise processing modules such as user management, basic service, intelligent contract and operation monitoring. The user management module is responsible for identity information management of all blockchain participants, and comprises public and private key generation maintenance (account management), key management, user real identity and blockchain address corresponding relation maintenance (authority management) and the like, and under the authorization condition, the user management module supervises and audits the transaction condition of certain real identities and provides rule configuration (wind control audit) of risk control; the basic service module is deployed on all block chain node equipment and used for verifying the validity of the service request, recording the service request to storage after consensus on the valid request is completed, for a new service request, the basic service firstly performs interface adaptation analysis and authentication processing (interface adaptation), then encrypts service information (consensus management) through a consensus algorithm, transmits the service information to a shared account (network communication) completely and consistently after encryption, and performs recording and storage; the intelligent contract module is responsible for registering and issuing contracts, triggering the contracts and executing the contracts, developers can define contract logics through a certain programming language, issue the contract logics to a block chain (contract registration), call keys or other event triggering and executing according to the logics of contract clauses, complete the contract logics and simultaneously provide the function of upgrading and canceling the contracts; the operation monitoring module is mainly responsible for deployment, configuration modification, contract setting, cloud adaptation in the product release process and visual output of real-time states in product operation, such as: alarm, monitoring network conditions, monitoring node equipment health status, and the like.
Referring to fig. 1, which is a schematic diagram of a system provided in an embodiment of the present application, the application program permission testing method provided in the present application may be applied to a test terminal that tests permission settings of an application program installed in a mobile device; as shown in the figure, the test terminal 20 determines the test case required in the permission test matrix according to the permission test matrix of the application program and according to the version of the mobile device 10 and the installation package of the application program, performs a comprehensive permission test on the application program, ensures the test quality of the application program, and improves the test efficiency. In addition, the mobile device 10 may be a mobile phone or a tablet computer of the android system, and the test terminal 20 may be a computer or a terminal device with a data processing function. The mobile device 10 and the test terminal may be connected and communicate in a wired or wireless manner, for example, through a USB data line or the like; the wireless communication method is, for example, via a mobile network (2G/3G/4G/5G, etc.), the internet, WiFi, or the like.
Fig. 2 shows a schematic flowchart of a method for testing the permission of an application program provided by the present application.
Step S201, acquiring authority application information of the application program in different version systems, wherein the authority application information comprises function information and authority information of the application program.
In one possible implementation, the android system is an operating system with separated permissions, and different applications and systems are separated; before any application program uses the android authority resources, an application is firstly made to the android system, and the application program can use the corresponding resources after the android system is approved.
Taking an android operating system as an example, because the version of the android system is forward compatible, a new version (also referred to as a target version) of the software development kit SDK of the system can be compatible with an old version, that is, the target SDK version determines the compatibility of the application program with the system. For android systems of different versions, the permission management mechanisms of the application programs are different corresponding to the android systems of different versions, namely different system versions, the permission obtaining modes of the application programs to the system are different, and permission application information of the application programs can be determined according to the system versions or target SDK versions of the system.
Optionally, the obtaining of the permission application information of the application program in the preset type system includes:
a1, aiming at different versions of systems, acquiring a software development kit corresponding to the system versions;
a2, determining the authority application information when the application program is installed or operated in different versions of systems according to the software development kit.
Specifically, in the software development kit SDK of the system, the permission application mode of the current version system is recorded, and the corresponding permission application modes are different for different versions of the system. And when the system version is greater than or equal to 6.0 and the target SDK version > is 23, acquiring authority application information of the application program for applying the authority to the system after the application program is successfully installed. In the installation process of the application program, the system is not applied for obtaining the authority; but directly applies for the authority to the system in running after the installation is successful.
After the application program is successfully installed, the application program is started and operated, whether the current application has the authority or not is judged aiming at a certain authority or a certain type of authority, such as a camera authority, and if the current application does not have the authority, an application for the authority is issued; judging whether the application of the corresponding authority needs to be explained (or judging whether the prompt of requesting the authority needs to be displayed); if desired, a dialog box may pop up that interprets the permission query, e.g., 'do you allow an application to take a picture and record a video', and includes displayed 'allow' and 'deny' operation controls.
In addition, for the dialog box for explaining the authority and inquiry, the corresponding response result can be obtained according to the authorization signal of the user or the difference of the mobile terminal manufacturer, and the response result can represent the authority application principle of a certain type of authority to a certain function, for example: after receiving the 'permission' message selected by the user, executing the action of requesting the corresponding permission, and calling back the corresponding permission; when the 'reject' selected by the user is received and the 'no more prompt' option is not selected, the popup inquiry is continuously executed for the use of the authority when the application program runs next time; when the 'refusal' selected by the user is received and the 'prompt no longer' selected by the user is received, the authority is not dynamically applied any more when the application program runs next time, and the authority setting instruction of the user can only be received through the setting interface; the other is that for some specific manufacturers, when accessing the authority, the returned error response information indicates that the application program cannot apply for the authority.
For example, after the application program is successfully installed in the system version, in the running process, whether the corresponding authority exists is judged, and if the corresponding authority exists, the corresponding authority interface is directly called. In the running process of the application program, when the application program does not have the authority and the corresponding authority application does not need to be explained, the corresponding authority is directly requested and the corresponding authority is called.
In addition, when the system version is greater than or equal to 6.0 and the target SDK version is less than 23, or the system version is less than 6.0 and the target SDK version is greater than or equal to 23, a manner for the application program to apply for the right to the system in the installation process is obtained.
Specifically, the authority is acquired in the installation process of the application program, the authority required to be applied for the normal operation of the application program in the file is read through an authority application interface, an authority list is generated and a dialog box is displayed, the selection authority input by a user is received, and a response of successful installation or quit of installation is made according to a selection instruction of the user.
And aiming at the system versions, various modes of the application authority of the application program are counted and used as the authority application information of the application program in the system of the corresponding version. By means of the method or principle for acquiring the permission application of the application program to the system in the installation process or the operation process according to the system versions customized by different versions and different manufacturers, the permission application information is used as permission application information of the application program in the preset type system, and preparation is made for acquiring the corresponding relation between the permission and the function through static scanning.
Step S202, the authority information is classified to obtain an authority category set, and the mapping relation between the authority category set and the function information is determined according to the declaration files of different versions of systems.
In a possible implementation mode, application modes corresponding to different service authorities of the system are recorded in declaration files of systems of different versions; the authority can be divided into non-main service authority and service authority according to the authority information; for example, the permissions of the bluetooth, networking module, vibration and the like of the system can be classified as non-main service permissions, or can be used as common permissions, and the access permission of the data of the SD card can be classified as service permissions or sensitive permissions. In the process of installing the application program, the operating systems customized by different versions or different manufacturers have different permission application modes and different corresponding permission application information, the declared permission contents in the operating systems of the corresponding versions are also different, and different permissions correspond to different function implementation or application scenes.
In this embodiment, by obtaining permission application modes set in operating systems of different versions or manufacturers, the corresponding relationship between the application program function and the system permission can be respectively determined for different application modes, so that different test case ranges can be set; for example, the system version is below 6.0, in the installation process of the application program, the authority declared by the application program can be directly authorized by the operating system, so that other authorities needing dynamic application do not need to be considered, and further, test cases of corresponding relations between the other authorities needing dynamic application and functions do not need to be set; for more than 6.0 versions, different corresponding relationships between the permissions and the functions need to be set according to the permission application mode, so as to establish corresponding test cases.
Specifically, according to the authority application information of the application program, the program file is scanned with function codes through static scanning in an analysis mode such as lexical analysis and syntactic analysis under the condition that the code is not operated, the disassembly code of the program is generated, and the function of the application program is analyzed and detected according to the disassembly code; the function of the application program can obtain the corresponding function description from the APK file of the application program installation package.
It should be noted that, in the permission application process corresponding to different permission application information, the function corresponding to the corresponding permission can also be obtained, and the corresponding relationship between the permission type set and the function information can be established according to the permission application information in the permission application process.
Optionally, the classifying the permission information to obtain a permission category set, and determining a mapping relationship between the permission category set and the function information according to the declaration files of different versions of the system includes:
b1, determining a first mapping relation between a first service authority list and the function category set according to system declaration files of different versions of systems;
and B2, determining a second mapping relation between the second service permission list and the function category set according to the application program declaration file of the different version system.
Specifically, the functions of the application programs are classified, the installation package files of the application programs are analyzed, the authority configuration files of the system where the application programs are located are obtained, and authority contents of the non-main service authority list, namely the first service authority list, are obtained. The permission content of the non-main permission service list is usually a common permission, and is generally stated in the configuration list by a developer of the application program, and the permission directly granted by an operating system in the installation process of the application program does not relate to the personal privacy permission, such as the permissions of network INTERNET, Bluetooth, vibration and the like.
Illustratively, the configuration file android manifest of the system is obtained through a configuration file static reading module android xml of an open source static analysis tool android. For versions below 6.0, the permissions in the permission list in the configuration table can be granted directly by the operating system during the installation process of the application, so that the permission list in the configuration table can be read directly.
In a possible implementation mode, analyzing an installation package file of an application program, and reading related information of the application program through an application program management statement; the related information may include the name of the application and the rights to be applied. Obtaining a service authority list corresponding to the application program according to the relevant information, namely a second service authority list; sensitive rights are also included, mainly aiming at the rights which need to apply authorization to the user, such as CAMERA CAMERA, CONTACTS, STORAGE device STORAGE and the like. For different operating systems with version higher than 6.0, the corresponding permission list needs to be acquired by means of dynamic application.
Specifically, according to the obtained non-service permission list and the service permission list, for different application scenarios, a test for realizing functions is performed on corresponding permissions in a mode of scanning based on codes, inquiring function codes or developing functions, functions of application programs in different application scenarios are determined, and further a corresponding relation between the functions and the permission list is determined. In addition, an interface API function sequence can be called according to the application program installation package, whether the interface function accords with a certain permission type or not is judged, if yes, the interface function is put into a set corresponding to the permission type, and therefore a key interface triggering permission is found out; wherein the corresponding relation of the functions and the authorities has one-to-many or many-to-one or many-to-many corresponding relation.
Exemplarily, as shown in fig. 3, an exemplary diagram of establishing a mapping relationship between functions and rights provided in an embodiment of the present application is provided. According to the authority application information, through static scanning, identifying and classifying functions of the application program, and acquiring a function category set; the function category set may also be a function set corresponding to different application scenes, such as a voice recognition function for calling a scene related to a microphone, a face recognition function and a text recognition function for calling a scene related to a camera album, and the like. According to the authority application information, aiming at systems of different versions, a service authority list of an application program is determined, and the service authority list corresponds to the photographing authority, the microphone authority, the storage authority and the network related authority of the system respectively, the authority list which is directly obtained or needs to be dynamically applied to the system is determined in a configuration table of a configuration file of an open source static analysis tool android, the authority is classified, and an authority category set is obtained, wherein the authority category set can comprise a set corresponding to the service authority list and a set corresponding to a non-service authority list, and can also comprise a sensitive authority set.
As shown in fig. 3, determining a corresponding relationship between the function type set and the permission type set, for example, functions corresponding to a camera permission, a microphone permission, a storage permission, and a network-related permission in a service permission list in the figure, in combination with the application installation package file; the functions of optical fiber detection, video recording and face recognition corresponding to the photographing authority; the microphone authority corresponds to the functions of noise detection, TTS (text to speech) broadcast from text and speech recognition; storing video recording, face recognition and voice recognition authorities corresponding to the authorities; network detection and video uploading functions corresponding to the network related authority, and the like.
In addition, when the mapping relationship is established, shielding of a certain authority can be considered, a related test case is established for a function corresponding to another authority, for example, the storage authority is shielded, the functions of optical fiber detection, video recording and face recognition corresponding to the camera authority are tested, and a test case with multidirectional application program functions is added, so that the functions and quality of the application program are ensured.
It should be noted that, the mapping relationship established in this embodiment may also be tested for the authorized list and the unauthorized list of different machine types, so that the test case coverage is more comprehensive.
In a possible implementation manner, in the process of testing the corresponding relationship between the function and the permission list, the permission may be classified to obtain permission types of the mobile terminal system based on different system versions or manufacturers, and the general permission types may include: camera authority, storage authority, address list authority, positioning authority, microphone authority, short message authority, telephone authority, sensor authority, calendar authority and the like; the functions of the application programs can also be classified, and the functions comprise maps, system tools, video and audio playing, chatting and social contact, book reading, shopping, office, photography, medical health, sports, financing, news and the like. Testing the function category attribute of the corresponding application program aiming at each authority; and acquiring a first mapping relation between the functions and the authority of the application program through test modes such as code scanning, function code query or function development. For example: the camera authority can correspond to the function types or service scenes of light detection, video recording and face recognition, the microphone authority corresponds to the function types or service scenes of noise detection, TTS (text to speech) broadcasting and voice recognition, and the storage authority corresponds to the function types or service scenes of video recording, face recognition and voice recognition.
When shielding a certain second right except a certain first right, testing a service scene or a function type corresponding to the first right, judging whether the corresponding function type can be normally started by the application program in the first right, and acquiring a corresponding second mapping relation through analysis and testing; for example, under the condition that the camera authority shields the storage authority, the functions of a light detection side, video recording and face recognition are correspondingly tested; and the application program is prevented from acquiring the authority of the corresponding function through other ways, and the test case of the corresponding relation between the authority and the function is increased. And performing comprehensive analysis and evaluation according to the first mapping relation, the second mapping relation and the permission lists of different machine types to obtain the corresponding relation between the permission of system versions of all machine types and functions.
Aiming at different types of mobile terminals, acquiring corresponding permission lists and permission-free lists, and reading the permission lists through permission configuration lists in the system; different machine types comprise different system versions or authorized lists and unauthorized lists corresponding to different manufacturers.
In addition, after the content of the non-main service permission list is obtained, the functions of the application program are classified, code scanning test is carried out on each permission in the non-main service permission list according to the function classification, and a test list of risk permission of the application program is obtained, so that the application program with higher risk can be determined.
Step S203, establishing an authority test matrix of the application program according to the mapping relation and the systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or the systems of different versions.
In a possible implementation mode, according to the established mapping relation between functions and authorities, generating authority test matrixes corresponding to authority categories according to customization characteristics of different manufacturers and different operation modes; and a comprehensive permission test case with strong applicability is provided.
Specifically, a common general scene is extracted from a verification scene, and then combined from the feature dimensions of the right type, the system feature, the manufacturer, the operation mode and the shielding mode to generate a general right test design matrix.
Optionally, establishing an authority test matrix of the application program according to the mapping relationship and systems of different versions includes:
c1, setting different versions of systems and the function information as a plurality of test reference indexes according to the statement file;
c2, determining the corresponding relation between each item of the test reference index and the permission type set according to the mapping relation between the function information and the permission type set;
c3, determining the permission test items and the number of the permission test items in the permission type set corresponding to each test reference index according to the corresponding relation;
and C4, establishing the authority test matrix according to the test reference index, the authority test items and the number of the authority test items.
In a possible implementation manner, as shown in fig. 4, a schematic diagram of establishing an authority test matrix is provided in an embodiment of the present application. Setting a plurality of test reference indexes, wherein the test reference indexes are the types of application programs or operation systems, and as shown in fig. 4, the test reference indexes can include authority types, system characteristics, manufacturer customization, operation modes, screen test management authorities (root-xposed management authorities) and the like; specifically, according to different versions of system declaration files, function information or application scenarios in authority application information of all versions and application programs corresponding to the system can be set as test reference indexes. The permission test items may be classified according to application scenarios, as shown in fig. 4, and may include corresponding test cases such as a camera or album related scenario, an address book reading related scenario, a positioning related scenario, a microphone related scenario, a short message related scenario, a calendar related scenario, and a sensor related scenario. And determining the number of the test items according to the established mapping relation between the functions and the authorities, thereby establishing the authority test matrix comprising the test reference index, the authority test items and the number of the authority test items, wherein some correspond to 1 time and some correspond to 10 times as shown in the figure.
Specifically, the verification scene includes a specific service scene such as face recognition and map positioning, for example, tests of light detection, video recording and face recognition performed for the camera authority, and tests of video recording, face recognition and voice recognition performed for the storage authority.
The extracted common scenes comprise a camera or photo album related scene calling, an address book related scene reading, a positioning related scene calling, a microphone related scene calling, a short message related scene calling, a calendar related scene calling, a sensor related scene calling and the like, and tests of the same service scene are carried out corresponding to different authorities, for example, video recording and face recognition service scenes are tested aiming at camera authorities and storage authorities.
The types of rights may include: camera authority, storage authority, address list authority, positioning authority, microphone authority, short message authority, telephone authority, sensor authority and calendar authority; and the system can also be divided into service authority and non-service authority or necessary authority and sensitive authority aiming at different machine types.
The system is characterized in that different permission application modes are different for systems of different versions, and corresponding test cases are set corresponding to the extracted common scenes through the established permission function corresponding relation.
According to the customization characteristics of different manufacturers, different authority management mechanisms or authority application modes to the system are provided, the corresponding relation between functions and authorities is combined, test cases corresponding to different manufacturers are established, and the corresponding number of tests is set. As shown in fig. 5, the manufacturer authority verification points are set according to the customized features of different manufacturers, the verification points set corresponding verification points according to different system versions, and the application mode of the authority is set to be a permission mode, a rejection mode, an inquiry mode or a default authority mode.
The operation mode refers to a mode of selecting inquiry authorization received in the process of starting and running the application program, and sets a test case corresponding to a common scene according to authorization when related scenes are called in different modes and the corresponding relation between functions and permissions.
The shielding mode comprises that aiming at one authority, when the other authority is shielded or the other authority is opened, a test case for testing a service scene is set by combining the corresponding relation between the function and the authority.
In addition, according to the characteristic dimensions, the verification point number of the corresponding test case is set, namely the number of the test cases required by the characteristic dimensions is set, and the corresponding test case number is set according to different characteristic dimensions so as to comprehensively cover the authority test aiming at a certain function, thereby determining a universal authority test matrix.
And step S204, carrying out authority test on the application program installed in the system through the authority test matrix.
In a possible implementation mode, when a certain function is started in the installation process of an application program or after the application program is installed, the generated permission test matrix carries out permission detection on the permission of a function corresponding request of the application program, and the permission of the application program is comprehensively detected through an established orthogonal matrix test case, so that the permission test quality of the application program is guaranteed; the redundancy of the test cases is reduced, and the test efficiency is greatly improved; and the integrity and accuracy of test coverage are comprehensively improved.
Optionally, the permission testing of the application installed in the system through the permission testing matrix includes:
d1, acquiring a software development kit corresponding to the system version and an installation package file of the application program;
d2, determining the test reference index to which the system version belongs according to the software development kit;
d3, determining the permission test item corresponding to the application program according to the installation package file;
and D4, performing permission test on the application program installed in the system according to the permission test item.
In one embodiment, the method provided herein further comprises the steps of: and managing the authority application information based on the block chain technology. And the permission application information is stored and read through the block chain link points, so that the safety and reliability in the permission application information storage process are improved. Similarly, the permission type set, the mapping relationship between the permission type set and the function information, the test result, and the like in the test process can also be stored in the block chain node, so that the safety and the operability of the whole scheme are improved.
According to the embodiment, permission application information of the application program in systems of different versions is obtained, wherein the permission application information comprises function information and permission information of the application program; classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the statement files of different version systems; establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions; performing permission test on the application program installed in the system through the permission test matrix; the problems that the test tool of the application program of the system terminal is not comprehensively tested and the quality of the application program installed on the system terminal cannot be guaranteed are solved; a comprehensive test case is provided for the application program test; meanwhile, the application program is subjected to targeted test through the test matrix, the redundancy of the permission type test cases is reduced, the test efficiency is improved, and the integrity and the accuracy of test coverage are comprehensively improved.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Fig. 5 shows a block diagram of a structure of an authority testing apparatus for an application program according to an embodiment of the present application, which corresponds to the authority testing method for an application program according to the above embodiment.
Referring to fig. 6, the apparatus includes: an acquisition module 61, a mapping module 62, a matrix module 63, and a test module 64.
The acquiring module 61 is configured to acquire permission application information of an application program in systems of different versions, where the permission application information includes function information and permission information of the application program;
the mapping module 62 is configured to classify the permission information to obtain a permission category set, and determine a mapping relationship between the permission category set and the function information according to the declaration files of systems of different versions;
a matrix module 63, configured to establish an authority test matrix of the application program according to the mapping relationship and different version systems, where the authority test matrix includes authority test items corresponding to the function information or corresponding to different version systems;
and the test module 64 is used for performing permission test on the application program installed in the system through the permission test matrix.
In a possible implementation manner, the obtaining module is further configured to obtain, for different versions of the system, a software development kit corresponding to the system version; and determining the authority application information of the application program installed or operated in different versions of systems according to the software development toolkit.
In a possible implementation manner, the mapping module is further configured to determine a first mapping relationship between the first service permission list and the function category set according to system declaration files of systems of different versions; and determining a second mapping relation between the second service permission list and the function category set according to the application program declaration files of the systems with different versions.
In a possible implementation manner, the matrix module is further configured to set systems of different versions and the function information as a plurality of test reference indexes according to the declaration document; determining the corresponding relation between each test reference index and the permission type set according to the mapping relation between the function information and the permission type set; determining the permission test items and the number of the permission test items in the permission type set corresponding to each test reference index according to the corresponding relation; and establishing the permission test matrix according to the test reference index, the permission test items and the number of the permission test items.
In a possible implementation manner, the test module is further configured to obtain a software development kit corresponding to the system version and an installation package file of the application program; determining the test reference index to which the system version belongs according to the software development kit; determining the permission test item corresponding to the application program according to the installation package file; and carrying out permission test on the application program installed in the system according to the permission test item.
According to the embodiment, permission application information of the application program in systems of different versions is obtained, wherein the permission application information comprises function information and permission information of the application program; classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the statement files of different version systems; establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions; performing permission test on the application program installed in the system through the permission test matrix; the problems that the test tool of the application program of the system terminal is not comprehensively tested and the quality of the application program installed on the system terminal cannot be guaranteed are solved; a comprehensive test case is provided for the application program test; meanwhile, the application program is subjected to targeted test through the test matrix, the redundancy of the permission type test cases is reduced, the test efficiency is improved, and the integrity and the accuracy of test coverage are comprehensively improved.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
Fig. 7 is a schematic structural diagram of a test terminal according to an embodiment of the present application. As shown in fig. 7, the test terminal 7 of this embodiment includes: at least one processor 70 (only one shown in fig. 7), a memory 71, and a computer program 72 stored in the memory 71 and executable on the at least one processor 70, wherein the processor 70 executes the computer program 72 to implement the steps in the method embodiments of the method for testing the permission of any of the various applications described above.
The test terminal 7 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The test terminal may include, but is not limited to, a processor 70, a memory 71. It will be understood by those skilled in the art that fig. 7 is only an example of the test terminal 7, and does not constitute a limitation to the test terminal 7, and may include more or less components than those shown, or some components in combination, or different components, such as input output devices, network access devices, etc.
The Processor 70 may be a Central Processing Unit (CPU), and the Processor 70 may be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 71 may in some embodiments be an internal storage unit of the test terminal 7, such as a hard disk or a memory of the test terminal 7. The memory 71 may also be an external storage device of the test terminal 7 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are equipped on the test terminal 7. Further, the memory 71 may also include both an internal storage unit and an external storage device of the test terminal 7. The memory 71 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of the computer program. The memory 71 may also be used to temporarily store data that has been output or is to be output.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned method embodiments.
The embodiments of the present application provide a computer program product, which when running on a mobile terminal, enables the mobile terminal to implement the steps in the above method embodiments when executed.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), random-access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other ways. For example, the above-described apparatus/network device embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implementing, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (10)

1. An authority test method for an application program is characterized by comprising the following steps:
acquiring authority application information of application programs in systems of different versions, wherein the authority application information comprises function information and authority information of the application programs;
classifying the authority information to obtain an authority category set, and determining a mapping relation between the authority category set and the function information according to the statement files of different version systems;
establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions;
and performing permission test on the application program installed in the system through the permission test matrix.
2. The method for testing the permission of the application program according to claim 1, wherein the acquiring the permission application information of the application program in the preset category system comprises:
aiming at systems with different versions, acquiring a software development kit corresponding to the system versions;
and determining the authority application information of the application program installed or operated in different versions of systems according to the software development toolkit.
3. The method for testing the permission of the application program according to claim 1, wherein the classifying the permission information to obtain a permission category set, and determining the mapping relationship between the permission category set and the function information according to the declaration files of different versions of systems comprises:
determining a first mapping relation between a first service permission list and the function category set according to system statement files of different versions of systems;
and determining a second mapping relation between the second service permission list and the function category set according to the application program declaration files of the systems with different versions.
4. The method for testing the permission of the application program according to claim 1, wherein the establishing the permission test matrix of the application program according to the mapping relationship and the systems of different versions comprises:
setting different versions of systems and the function information as a plurality of test reference indexes according to the statement file;
determining the corresponding relation between each test reference index and the permission type set according to the mapping relation between the function information and the permission type set;
determining the permission test items and the number of the permission test items in the permission type set corresponding to each test reference index according to the corresponding relation;
and establishing the permission test matrix according to the test reference index, the permission test items and the number of the permission test items.
5. The method for testing the permission of the application program according to claim 4, wherein the permission testing of the application program installed in the system through the permission testing matrix comprises:
acquiring a software development toolkit corresponding to the system version and an installation package file of an application program;
determining the test reference index to which the system version belongs according to the software development kit;
determining the permission test item corresponding to the application program according to the installation package file;
and carrying out permission test on the application program installed in the system according to the permission test item.
6. The method for testing the permission of an application program according to claim 1, wherein the method further comprises:
and managing the authority application information based on a block chain technology.
7. An apparatus for testing an authority of an application program, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring authority application information of application programs in systems with different versions, and the authority application information comprises function information and authority information of the application programs;
the mapping module is used for classifying the authority information to obtain an authority category set and determining the mapping relation between the authority category set and the function information according to the statement files of different versions of systems;
the matrix module is used for establishing an authority test matrix of the application program according to the mapping relation and systems of different versions, wherein the authority test matrix comprises authority test items corresponding to the function information or systems of different versions;
and the test module is used for carrying out permission test on the application program installed in the system through the permission test matrix.
8. The apparatus for testing permission of an application program according to claim 7, wherein the obtaining module is further configured to obtain a software development kit corresponding to a system version for different versions of the system; and determining the authority application information of the application program installed or operated in different versions of systems according to the software development toolkit.
9. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 6.
CN202010406908.8A 2020-05-14 2020-05-14 Permission testing method and device of application program and terminal equipment Pending CN111639021A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010406908.8A CN111639021A (en) 2020-05-14 2020-05-14 Permission testing method and device of application program and terminal equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010406908.8A CN111639021A (en) 2020-05-14 2020-05-14 Permission testing method and device of application program and terminal equipment

Publications (1)

Publication Number Publication Date
CN111639021A true CN111639021A (en) 2020-09-08

Family

ID=72330211

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010406908.8A Pending CN111639021A (en) 2020-05-14 2020-05-14 Permission testing method and device of application program and terminal equipment

Country Status (1)

Country Link
CN (1) CN111639021A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112560035A (en) * 2020-12-15 2021-03-26 深圳市和讯华谷信息技术有限公司 Application detection method, device, equipment and storage medium
CN112817868A (en) * 2021-02-22 2021-05-18 北京小米移动软件有限公司 Information processing method, apparatus and medium
CN113076258A (en) * 2021-04-21 2021-07-06 中国移动通信集团陕西有限公司 Permission application method, device, equipment and readable storage medium
CN113704195A (en) * 2021-08-26 2021-11-26 北京琥珀创想科技有限公司 Android system junk file cleaning method and device
CN117932589A (en) * 2023-12-14 2024-04-26 荣耀终端有限公司 Authority management method and related device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103678121A (en) * 2013-11-18 2014-03-26 杭州电子科技大学 Testing case priority ordering method for embedded binary system software
CN109582579A (en) * 2018-11-30 2019-04-05 腾讯音乐娱乐科技(深圳)有限公司 Applied program testing method, device, electronic equipment and storage medium
CN110096431A (en) * 2019-03-19 2019-08-06 深圳壹账通智能科技有限公司 Page permissions test method, device, computer equipment and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103678121A (en) * 2013-11-18 2014-03-26 杭州电子科技大学 Testing case priority ordering method for embedded binary system software
CN109582579A (en) * 2018-11-30 2019-04-05 腾讯音乐娱乐科技(深圳)有限公司 Applied program testing method, device, electronic equipment and storage medium
CN110096431A (en) * 2019-03-19 2019-08-06 深圳壹账通智能科技有限公司 Page permissions test method, device, computer equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
佚名: "简述iOS权限测试设计", pages 1 - 5, Retrieved from the Internet <URL:https://www.jianshu.com/p/f40e290996d2> *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112560035A (en) * 2020-12-15 2021-03-26 深圳市和讯华谷信息技术有限公司 Application detection method, device, equipment and storage medium
CN112560035B (en) * 2020-12-15 2024-04-02 深圳市和讯华谷信息技术有限公司 Application detection method, device, equipment and storage medium
CN112817868A (en) * 2021-02-22 2021-05-18 北京小米移动软件有限公司 Information processing method, apparatus and medium
CN113076258A (en) * 2021-04-21 2021-07-06 中国移动通信集团陕西有限公司 Permission application method, device, equipment and readable storage medium
CN113076258B (en) * 2021-04-21 2023-09-19 中国移动通信集团陕西有限公司 Method, device and equipment for applying permission and readable storage medium
CN113704195A (en) * 2021-08-26 2021-11-26 北京琥珀创想科技有限公司 Android system junk file cleaning method and device
CN117932589A (en) * 2023-12-14 2024-04-26 荣耀终端有限公司 Authority management method and related device

Similar Documents

Publication Publication Date Title
CN111639021A (en) Permission testing method and device of application program and terminal equipment
KR102514325B1 (en) Model training system and method, storage medium
JP2022000757A5 (en)
JP3546787B2 (en) Access control system, access control method, and storage medium
US9349015B1 (en) Programmatically detecting collusion-based security policy violations
CN110266764B (en) Gateway-based internal service calling method and device and terminal equipment
US9411962B2 (en) System and methods for secure utilization of attestation in policy-based decision making for mobile device management and security
DE60115072T2 (en) SYSTEM AND METHOD FOR SUBMITING A SOFTWARE CODE
JP2015508549A (en) Identify Trojanized applications for mobile environments
CN110232068B (en) Data sharing method and device
CN110602043A (en) API gateway implementation system and method for mobile application
CN112612461A (en) Method for uniformly managing and issuing security API (application program interface) in ERP (Enterprise resource planning) system
CN115408053A (en) Method and device for generating dynamic interface based on servlet
US20240152640A1 (en) Managing access to data stored on a terminal device
US11245701B1 (en) Authorization pre-processing for network-accessible service requests
CN111541743B (en) Method for integrating multiple APIs (application program interfaces)
CN118487796A (en) Multi-program user access authority management method based on framework
CN115242433B (en) Data processing method, system, electronic device and computer readable storage medium
CN116881896A (en) Method and device for generating device fingerprint library
CN113596600B (en) Security management method, device, equipment and storage medium for live broadcast embedded program
CN115801472A (en) Authority management method and system based on authentication gateway
CN114765552B (en) Data processing method, medium system, storage medium and electronic equipment
Gamba " Do Android Dream of Electric Sheep?" On Privacy in the Android Supply Chain
CN118862098B (en) A system and method for detecting security vulnerabilities of open source components
Rubio-Medrano et al. DyPolDroid: Protecting Users and Organizations from Permission-Abuse Attacks in Android

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination