CN106874746B

CN106874746B - Application program calling method and device and mobile terminal

Info

Publication number: CN106874746B
Application number: CN201710028206.9A
Authority: CN
Inventors: 李翔
Original assignee: Beijing Anyun Century Technology Co Ltd
Current assignee: Beijing Anyun Century Technology Co Ltd
Priority date: 2017-01-13
Filing date: 2017-01-13
Publication date: 2020-01-17
Anticipated expiration: 2037-01-13
Also published as: CN106874746A

Abstract

The invention provides an application program calling method and device, which receive a calling instruction for calling a second application by a first application; judging whether a second application is installed in a system common mode logged in by the identity of the administrator account currently, if so, running the second application in the system common mode according to the calling instruction, and if not, continuously judging whether the second application is installed in a system protection mode logged in by the identity of the common user account; if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode; running the second application in the system protection mode according to the calling instruction; and the system protection mode is configured with a security space for providing running resources for running of the predetermined application, and the security space is inaccessible in the system normal mode. The method and the device enable the application to be applied in multiple modes without repeated installation, save system space and improve user experience. A mobile terminal is also provided.

Description

Application program calling method and device and mobile terminal

Technical Field

The invention relates to the technical field of mobile terminal safety, in particular to an application program calling method and device and a mobile terminal.

Background

Some mobile terminals set a corresponding security mode for security, so as to protect the security of the user in the occasions of online transaction, online payment, bank inquiry, etc. For example, the property isolation system of 360 mobile phones, on one hand, prevents trojan horse stealing and application counterfeiting invasion by means of a built-in security application store, and ensures source security of applications from the source; on the other hand, a special network channel is constructed to carry out encryption transmission on data such as account passwords and the like, so that the safety of the data in the transmission process is ensured. Meanwhile, data such as financial management and the like are isolated systematically, malicious application is prohibited from being read illegally, and safety of the user payment environment is guaranteed fundamentally. However, if APP1 (for example, american group APP) is installed in the normal mode and APP2 (for example, pay bank APP) is not installed, but APP2 is installed in the secure mode, if APP1 needs to call APP2, the call cannot be successful because the secure mode and the normal mode are isolated from each other, the user is forced to install APP1 in the secure mode or forced to install APP2 in the normal mode, the APP is repeatedly installed, a large amount of space is occupied in the system, and the user experience is poor.

On the other hand, these security modes are typically based on "sandbox" isolation techniques, but since many applications require access to rights outside of the sandbox, when a user downloads and installs an application, the application may be required to be given access to break the sandbox. Since the user wants to use all functions of the application, the user is guided to give the application related authority, so that the security isolation of the sandbox is not guaranteed, and the security is to be improved.

Disclosure of Invention

The object of the present invention is to solve at least one of the above-mentioned drawbacks, in particular the fact that the APP is installed repeatedly, taking up a lot of space in the system.

The invention provides an application program calling method, which comprises the following steps:

receiving a calling instruction for calling a second application by a first application;

judging whether a second application is installed in a system common mode logged in by the identity of an administrator account currently, if so, running the second application in the system common mode according to the calling instruction, and if not, continuously judging whether the second application is installed in a system protection mode logged in by the identity of a common user account;

if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode;

running the second application in the system protection mode according to the calling instruction;

and the system protection mode is configured with a security space for providing running resources for running of a preset application, and the security space is inaccessible in the system normal mode.

In one embodiment, the determining whether the second application is installed in the system normal mode currently logged in with the administrator account identity includes:

acquiring identity information of the first application;

acquiring an installed application set;

determining whether the first application exists in the set of installed applications.

In one embodiment, the identity information includes a package name or a digital signature.

In one embodiment, the system is an android system, and the installed application set is obtained by a getPackageManager () method.

In one embodiment, the process of switching the system from the current system normal mode to the system protection mode includes:

and judging whether the first application has the authority of calling the application installed in the system protection mode, and if so, switching the system from the current system common mode to the system protection mode.

In one embodiment, whether the first application has the authority to invoke the application installed in the system protection mode is determined through a preset database, and the preset database stores relationship information of the first application and the application capable of being invoked by the first application.

sending inquiry information to a user whether the first application is allowed to call the application installed in the system protection mode;

and receiving a confirmation instruction input by a user, and switching the system from the current system common mode to the system protection mode.

In one embodiment, the system is an android system, and a switchUser () method in an ActivityManager class is called to switch from an administrator account to a common user account, so that the system is switched from a current system common mode to a system protection mode.

In one embodiment, the predetermined application includes at least one of a payment-related application, a financing-related application, and a banking-related application.

In one embodiment, the operating resource includes at least one of the application itself, the application configuration data, and the application user data, and the secure space includes a memory space.

In one embodiment, the operating resource includes an operating protection policy, and the secure space includes a storage space and its corresponding operating protection policy configuration environment.

In one embodiment, after the call to the second application is finished, the system is switched from the system protection mode to the system normal mode, and then the first application is caused to acquire the focus again.

In one embodiment, the system is an android system, and a switchUser () method in an ActivityManager class is called to switch from a normal user account to an administrator account, so that the system is switched from a system protection mode to a system normal mode.

The present invention also provides an application calling device, which includes: the device comprises a receiving module, a first judging module, a second judging module, a switching module, a first operating module and a second operating module;

the receiving module is used for receiving a calling instruction of a first application calling a second application;

the first judging module is used for judging whether a second application is installed in a system common mode logged in by using the identity of an administrator account currently, if so, the first running module is used for running the second application in the system common mode according to the calling instruction, and if not, the second judging module is used for judging whether the second application is installed in a system protection mode logged in by using the identity of a common user account;

if the second application is installed in the system protection mode, the switching module switches the system from the current system common mode to the system protection mode;

the second running module is used for running the second application in the system protection mode according to the calling instruction;

In one embodiment, the first determining module includes: the device comprises a first acquisition unit, a second acquisition unit and a judgment unit;

the first obtaining unit is used for obtaining identity information of the first application;

the second acquisition unit is used for acquiring an installed application set;

the judging unit is used for judging whether the first application exists in the installed application set.

In one embodiment, the system is an android system, and the second obtaining unit obtains the set of installed applications by a getPackageManager () method.

In one embodiment, the switching module is configured to:

In one embodiment, the switching module determines whether the first application has a right to invoke an application installed in the system protection mode through a preset database, where the preset database stores relationship information between the first application and applications that can be invoked by the first application.

In one embodiment, the switching module is configured to:

In one embodiment, the system is an android system, and the switching module calls a switchUser () method in an activinymanager class to switch from an administrator account to a common user account, so that the system is switched from a current system common mode to a system protection mode.

In one embodiment, after the call to the second application is finished, the switching module switches the system from the system protection mode to the system normal mode, and then causes the first application to acquire the focus again.

In one embodiment, the system is an android system, and the switching module calls a switchUser () method in an activinymanager class to switch from a common user account to an administrator account, so that the system is switched from a system protection mode to a system common mode.

The present invention also provides a mobile terminal, comprising:

a touch-sensitive display;

one or more processors;

a memory;

one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform the application call method of any of the embodiments described above.

The application program calling method, the application program calling device and the mobile terminal receive a calling instruction for calling the second application by the first application; judging whether a second application is installed in a system common mode logged in by the identity of an administrator account currently, if so, running the second application in the system common mode according to the calling instruction, and if not, continuously judging whether the second application is installed in a system protection mode logged in by the identity of a common user account; if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode; running the second application in the system protection mode according to the calling instruction; and the system protection mode is configured with a security space for providing running resources for running of a preset application, and the security space is inaccessible in the system normal mode. When a first application in the system common mode needs to call a second application in the system protection mode, the first application can be successfully called by switching from the system common mode to the system protection mode, so that the applications do not need to be installed repeatedly, the system space is saved, and the user experience is improved.

In the invention, the system enters the system protection mode from the system common mode, and is realized through the multi-user mode of the system. Namely, the system is in a system common mode when the system is in the login of the administrator account, the system is in a system protection mode when the system is in the login of the common user account, and the system enters the system protection mode from the system common mode, namely, the system is switched from the administrator mode to the common user mode. Due to the fact that the multi-user mode can achieve certain data isolation among users, operation safety of the users in the system protection mode can be achieved, and safety isolation is achieved.

Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.

Drawings

The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

FIG. 1 is a flow diagram of an application invocation method of an embodiment;

FIG. 2 is a diagram of an application invocation device, according to an embodiment;

FIG. 3 is a diagram of a second acquisition module, according to an embodiment;

fig. 4 is a block diagram illustrating a partial structure of a mobile phone related to a terminal provided in an embodiment of the present invention.

Detailed Description

Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.

It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.

As will be appreciated by those skilled in the art, "terminal" as used herein includes both devices that are wireless signal receivers, devices that have only wireless signal receivers without transmit capability, and devices that include receive and transmit hardware, devices that have receive and transmit hardware capable of performing two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.

As will be appreciated by those skilled in the art, a remote network device, as used herein, includes, but is not limited to, a computer, a network host, a single network server, a collection of multiple network servers, or a cloud of multiple servers. Here, the Cloud is composed of a large number of computers or network servers based on Cloud Computing (Cloud Computing), which is a kind of distributed Computing, a super virtual computer composed of a group of loosely coupled computer sets. In the embodiment of the present invention, the remote network device, the terminal device and the WNS server may communicate with each other through any communication method, including but not limited to mobile communication based on 3GPP, LTE and WIMAX, computer network communication based on TCP/IP and UDP protocols, and short-range wireless transmission based on bluetooth and infrared transmission standards.

In the following description, the system is an operating system of a mobile terminal, such as an android system, an iOS mobile operating system, and so on. In the following description, the android system is taken as an exemplary illustration.

FIG. 1 is a flow diagram of an application invocation method of an embodiment.

step S100: and receiving a calling instruction for calling the second application by the first application. Some applications will call some related applications as required, for example, e-commerce applications such as american group APP generally need to call payment applications such as pay bank APP, or call bank applications.

Step S200: and judging whether a second application is installed in the system normal mode logged in by the identity of the administrator account currently, if so, running the second application in the system normal mode according to the calling instruction, and if not, continuously judging whether the second application is installed in the system protection mode logged in by the identity of the ordinary user account. The system protection mode is configured with a secure space for providing operating resources for the running of a predetermined application, the secure space being inaccessible in the system normal mode.

In the system protection mode, the predetermined application carries out strict security detection through running a protection strategy, all fund-related transaction operations and payment operations are strictly monitored, and personal information of the user is strictly protected, so that user information such as chat records, short message verification codes and the like is prevented from being leaked. The predetermined application includes at least one of payment-related applications (e.g., WeChat APP, Payment APP), finance-related applications (e.g., land deposit APP), and bank-related applications (e.g., Industrial Bank APP) to protect the fund security and information security of the user, and of course, the predetermined application may also include all applications installed in the secure space in the system protection mode.

The operating resource may be understood as the application itself, the application configuration data (configuration data of the application), the application user data (personal data of the user), and in these cases, the secure space may be understood as a storage space. Of course, the operation resource may also be understood as an operation protection policy, and the security space may be understood as a storage space and a corresponding operation protection policy configuration environment, where the operation protection policy configuration environment is: and starting a configuration environment of safety protection measures such as virus killing, Trojan horse searching and killing and the like when the application is operated.

In conventional techniques, the system protection mode may be implemented in a conventional "sandbox" isolation technique. But in this embodiment is implemented in a multi-user mode. The android system supports a multi-user mode, which is similar to the multi-user mode of the WINDOWS system, and user data in the system under the login of different users are independent and not influenced. Therefore, the system is in a system common mode when the administrator account logs in, the system is in a system protection mode when the system is in a common user account logging in, and the system enters the system protection mode from the system common mode, namely the system is switched from the administrator mode to the common user mode. Due to the fact that the multi-user mode can achieve certain data isolation among users, system safety (application installation safety, transaction safety and user information safety) of the users in the protection mode can be achieved, safety isolation is achieved, and the method is safer than a sandbox isolation technology under certain conditions.

Usually, the american group APP, the payment application, and the bank application may be installed in the same system mode, for example, in a system normal mode. However, since the security level of the applications such as the american group APP is not as high as that of the payment-type application or the bank-type application, and the user needs to use the applications frequently, the applications are usually installed in a system normal mode, and the payment-type application or the bank-type application is usually installed in a system protection mode. Thus, there may be a case where the first application installed in the system normal mode calls the first application installed in the system protection mode. Therefore, in the multi-system mode, when a call occurs, it is necessary to determine whether the call is a call in the same mode or a call across modes.

The process of the system determining whether the second application is installed in the system normal mode currently logged in with the administrator account identity may include: firstly, identity information of the second application is acquired, an installed application set (in a system common mode) is acquired, and then whether the second application exists in the installed application set is judged. The identity information may include a Package Name (Package Name) or a Digital Signature (Digital Signature). The package name is a unique identifier of the application, one package name represents one application and is mainly used for system identification application, and two applications with the same package name are not allowed to be installed in the android system. However, since the package name is easily counterfeited, the digital signature of the application is generally used as a basis for identifying the application, or the package name and the digital signature are used together as a basis for identifying the application.

In the android system, the installed application set can be obtained by a getPackageManager () method, for example, the ApplicationInfo objects of all packages installed by the system are obtained by a getpackagemanagemanagement (). getlnstalleadappplications () method, so that information such as package names and names of the packages can be further obtained; or the PackageInfo objects of all the packages installed by the system are obtained by the getPackageManager (). getlnstalledpackages (), so that the information such as package names, names and the like of the packages can be further obtained.

After obtaining the identity information of the second application and obtaining the installed application set, judging whether the second application exists in the installed application set, if the second application exists in the installed application set, proving that the second application is installed in a system common mode, directly operating the second application in the system common mode according to the call instruction; otherwise, if the second application does not exist in the installed application set, which proves that the second application is not installed in the system normal mode, it is continuously determined whether the second application is installed in the system protection mode logged in with the normal user account identity, and if so, step S300 is executed.

Step S300: and if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode. The process of switching the system from the normal mode to the protected mode is equivalent to switching the system from the administrator account to the normal user account. In the android system, a switchUser () method in the ActivityManager class is invoked to switch from an administrator account to a normal user account.

However, since the security level of the system protection mode is higher than that of the system normal mode, a certain authority or user authorization is required to switch from the system normal mode to the system protection mode. Thus, in some embodiments, the process of the system switching from the current system normal mode to the system protection mode may include: and judging whether the first application has the authority of calling the application installed in the system protection mode, and if so, switching the system from the current system common mode to the system protection mode.

The system may be pre-provisioned with a database in which a list of applications that can access the system protection mode is recorded. Or more specifically, a list of applications is recorded in the database, and the applications in the list can call the applications installed in the system protection mode. Even more in detail, the relationship information of the application in the system normal mode and the application in the system protection mode that can be called by the application is recorded in the database. For example, the mei qun APP is installed in the system common mode, and the precious APP of payment is installed in the system protection mode, then can save the calling relation of mei qun APP and precious APP of payment in presetting the database, then this moment is equivalent to having given the authority that the precious APP of payment was called to the mei qun APP. Therefore, in some embodiments, whether the first application has the authority to invoke the application installed in the system protection mode may be determined through a preset database that stores relationship information of the first application and applications (including the second application) that can be invoked by the first application.

In other embodiments, it may be determined by the user whether the first application is allowed to have the right to invoke the application installed in the system protected mode, i.e., the user temporarily gives the first application the right to invoke. Therefore, the process of switching the system from the current system normal mode to the system protection mode may also include: sending inquiry information to a user whether the first application is allowed to call the application installed in the system protection mode; and receiving a confirmation instruction input by a user, and switching the system from the current system common mode to the system protection mode. Continuing with the above example, when the mei team APP needs to invoke the pay treasure APP, the system will issue something like "do you allow the mei team to invoke the pay treasure in system protected mode? "and then switches the system from the current system normal mode to the system protection mode when the user selects the" ok "option. If a denial instruction of the user is received, the system is refused to be switched from the system normal mode to the system protection mode, and failure prompt information such as 'failure of calling the payment treasures' can be sent to the user.

After the system switches from the normal mode of the current system to the system protection mode, step S400 is executed.

Step S400: and running the second application in the system protection mode according to the calling instruction. By the step, the second application can be successfully called, so that the application does not need to be installed repeatedly, and the user experience is improved. In the android system, the system may start the related process of the second application through ACTIVITY MANAGER SERVICE (AMS).

And after the calling of the second application is finished, switching the system from the system protection mode to the system common mode, and then enabling the first application to acquire the focus again. After the second application is called, the first application is returned again, and the user experience can be improved. For example, the user participates in group purchase on the American group APP, and returns to the first application after calling the Paibao APP to pay, so that the user can check related group purchase order information. At this time, the system needs to be switched from the system protection mode to the system normal mode, and similarly, the system can be switched from the system protection mode to the system normal mode by calling the switchUser () method in the activtymanager class to switch from the normal user account to the administrator account.

FIG. 2 is a diagram of an application invocation device according to an embodiment.

Corresponding to the above application program calling method, the present invention further provides an application program calling device, which includes: the device comprises a receiving module 100, a first judging module 200, a second judging module 300, a switching module 400, a first operating module 500 and a second operating module 600.

The receiving module 100 is configured to receive a call instruction that the first application APP1 calls the second application APP 2. The first determining module 200 is configured to determine whether a second application APP2 is installed in a system normal mode logged in with an administrator account identity currently, if so, enable the first operating module 500 to operate the second application APP2 in the system normal mode according to the call instruction, and if not, enable the second determining module 300 to determine whether the second application APP2 is installed in a system protection mode logged in with an ordinary user account identity. And the system protection mode is configured with a security space for providing running resources for running of the predetermined application, and the security space is inaccessible in the system normal mode. If the second application APP2 is installed in the system protection mode, the switching module 400 switches the system from the current system normal mode to the system protection mode. The second running module 600 is configured to run the second application APP2 in the system protection mode according to the call instruction.

The receiving module 100 receives a call instruction for the first application APP1 to call the second application APP 2. Some applications will call some related applications as required, for example, e-commerce applications such as american group APP generally need to call payment applications such as pay bank APP, or call bank applications.

The first determining module 200 determines whether the second application APP2 is installed in the system normal mode logged in with the administrator account identity currently, if so, the first running module 500 runs the second application APP2 in the system normal mode according to the call instruction, and if not, the second determining module 300 continues to determine whether the second application APP2 is installed in the system protection mode logged in with the ordinary user account identity. The system protection mode is configured with a secure space for providing operating resources for the running of a predetermined application, the secure space being inaccessible in the system normal mode.

Usually, the american group APP, the payment application, and the bank application may be installed in the same system mode, for example, in a system normal mode. However, since the security level of the applications such as the american group APP is not as high as that of the payment-type application or the bank-type application, and the user needs to use the applications frequently, the applications are usually installed in a system normal mode, and the payment-type application or the bank-type application is usually installed in a system protection mode. Thus, there is a case where the first application APP1 installed in the system normal mode calls the first application APP1 installed in the system protection mode. Therefore, in the multi-system mode, when a call occurs, it is necessary to determine whether the call is a call in the same mode or a call across modes.

FIG. 3 is a diagram of a second acquisition module, according to an embodiment. In some embodiments, the first determining module 200 includes a first obtaining unit 210, a second obtaining unit 220, and a determining unit 230; the process of the first judging module 200 judging whether the second application APP2 is installed in the system normal mode currently logged in with the administrator account identity may include: first, the first obtaining unit 210 obtains the identity information of the second application APP2 and the second obtaining unit 220 obtains an installed application set (in the system normal mode), and then the determining unit 230 determines whether the second application APP2 exists in the installed application set. The identity information may include a Package Name (Package Name) or a Digital Signature (Digital Signature). The package name is a unique identifier of the application, one package name represents one application and is mainly used for system identification application, and two applications with the same package name are not allowed to be installed in the android system. However, since the package name is easily counterfeited, the digital signature of the application is generally used as a basis for identifying the application, or the package name and the digital signature are used together as a basis for identifying the application.

The second obtaining unit 220 may obtain the installed application set through a getheadmanager () method, for example, obtain ApplicationInfo objects of all packages installed by the system through a getheadapplication () method, so that the second obtaining unit 220 may further obtain information such as package names, etc. of the packages; or the second obtaining unit 220 obtains the PackageInfo objects of all the packages installed by the system by the getPackageManager (). getlnstalledpackages () method, so that the package names, and other information of the packages can be further obtained.

After the first obtaining unit 210 obtains the identity information of the second application APP2 and the second obtaining unit 220 obtains the installed application set, the determining unit 230 determines whether the second application APP2 exists in the installed application set, and if the second application APP2 exists in the installed application set, which proves that the second application APP2 is installed in the system normal mode, the first running module 500 directly runs the second application APP2 in the system normal mode according to the call instruction; on the contrary, if the second application APP2 does not exist in the installed application set, which proves that the second application APP2 is not installed in the system normal mode, the second determining module 300 continues to determine whether the second application APP2 is installed in the system protection mode logged in with the identity of the general user account, and if so, the system is switched from the current system normal mode to the system protection mode by the switching module 400. The process of switching the system from the normal mode to the protected mode is equivalent to switching the system from the administrator account to the normal user account. In the android system, the switching module 400 may switch from an administrator account to a generic user account by invoking the switchUser () method in the ActivityManager class.

However, since the security level of the system protection mode is higher than that of the system normal mode, a certain authority or user authorization is required to switch from the system normal mode to the system protection mode. Therefore, in some embodiments, the process of the switching module 400 to switch from the current system normal mode to the system protection mode may include: and judging whether the first application APP1 has the authority of calling the application installed in the system protection mode, and if so, switching the system from the current system common mode to the system protection mode.

The system may be pre-provisioned with a database in which a list of applications that can access the system protection mode is recorded. Or more specifically, a list of applications is recorded in the database, and the applications in the list can call the applications installed in the system protection mode. Even more in detail, the relationship information of the application in the system normal mode and the application in the system protection mode that can be called by the application is recorded in the database. For example, the mei qun APP is installed in the system common mode, and the precious APP of payment is installed in the system protection mode, then can save the calling relation of mei qun APP and precious APP of payment in presetting the database, then this moment is equivalent to having given the authority that the precious APP of payment was called to the mei qun APP. Therefore, in some embodiments, the switching module 400 may determine whether the first application APP1 has the right to call the application installed in the system protection mode through a preset database, where the preset database stores relationship information between the first application APP1 and the applications (including the second application APP2) that can be called by the first application APP 1.

In other embodiments, the switching module 400 may determine whether the first application APP1 is allowed to have the application installed in the system protection mode by the user, i.e., the user temporarily gives the first application APP1 the right to invoke. Therefore, the process of the switching module 400 to switch the system from the current system normal mode to the system protection mode may also include: sending out inquiry information to the user whether the first application APP1 is allowed to call the application installed in the system protection mode; and receiving a confirmation instruction input by a user, and switching the system from the current system common mode to the system protection mode. Continuing with the above example, when the mei team APP needs to invoke the pay treasure APP, the system will issue something like "do you allow the mei team to invoke the pay treasure in system protected mode? "and then when the user selects the" ok "option, the switching module 400 switches the system from the current system normal mode to the system protected mode. If a denial instruction of the user is received, the switching module 400 rejects the system to switch from the system normal mode to the system protection mode, and may issue a failure prompt message such as "call payment is failed" to the user.

After the switching module 400 switches the current system normal mode to the system protection mode, the second running module 600 runs the second application APP2 in the system protection mode according to the call instruction. At this step, the system can successfully call the second application APP2, so that the application does not need to be installed repeatedly, and the user experience is improved. In the android system, the second execution module 600 may start a related process of the second application through ACTIVITY MANAGER SERVICE (AMS).

After the system finishes calling the second application APP2, the switching module 400 switches the system from the system protection mode to the system normal mode, and then causes the first application APP1 to obtain the focus again. After invoking the second application APP2, the system returns to the first application APP1 again, which may improve the user experience. For example, the user can check related group purchase order information by participating in group purchase on the American group APP and returning to the first application APP1 after calling the Payment APP to pay. At this time, the first application APP1 needs to be returned, the switching module 400 needs to switch the system from the system protection mode to the system normal mode, and similarly, the switching module 400 can switch the system from the normal user account to the administrator account by calling the switchUser () method in the ActivityManager class, so that the system is switched from the system protection mode to the system normal mode.

As shown in fig. 4, for convenience of description, only the parts related to the embodiment of the present invention are shown, and details of the specific technology are not disclosed, please refer to the method part of the embodiment of the present invention. The terminal may be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of sales), a vehicle-mounted computer, etc., taking the terminal as the mobile phone as an example:

fig. 4 is a block diagram illustrating a partial structure of a mobile phone related to a terminal provided in an embodiment of the present invention. Referring to fig. 4, the handset includes: radio Frequency (RF) circuitry 1510, memory 1520, input unit 1530, display unit 1540, sensor 1550, audio circuitry 1560, wireless fidelity (Wi-Fi) module 1570, processor 1580, and power supply 1590. Those skilled in the art will appreciate that the handset configuration shown in fig. 4 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.

The following describes each component of the mobile phone in detail with reference to fig. 4:

the RF circuit 1510 may be configured to receive and transmit signals during information transmission and reception or during a call, and in particular, receive downlink information of a base station and then process the received downlink information to the processor 1580; in addition, the data for designing uplink is transmitted to the base station. In general, RF circuit 1510 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, RF circuit 1510 may also communicate with networks and other devices via wireless communication. The wireless communication may use any communication standard or protocol, including but not limited to global system for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), email, Short Messaging Service (SMS), and the like.

The memory 1520 may be used to store software programs and modules, and the processor 1580 performs various functional applications and data processing of the cellular phone by operating the software programs and modules stored in the memory 1520. The memory 1520 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 1520 may include high-speed random access memory and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device.

The input unit 1530 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the cellular phone. Specifically, the input unit 1530 may include a touch panel 1531 and other input devices 1532. The touch panel 1531, also referred to as a touch screen, can collect touch operations of a user (e.g., operations of the user on or near the touch panel 1531 using any suitable object or accessory such as a finger or a stylus) and drive corresponding connection devices according to a preset program. Alternatively, the touch panel 1531 may include two parts, a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, and sends the touch point coordinates to the processor 1580, and can receive and execute commands sent by the processor 1580. In addition, the touch panel 1531 may be implemented by various types such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. The input unit 1530 may include other input devices 1532 in addition to the touch panel 1531. In particular, other input devices 1532 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.

The display unit 1540 may be used to display information input by the user or information provided to the user and various menus of the mobile phone. The Display unit 1540 may include a Display panel 1541, and optionally, the Display panel 1541 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel 1531 may cover the display panel 1541, and when the touch panel 1531 detects a touch operation on or near the touch panel 1531, the touch operation is transmitted to the processor 1580 to determine the type of the touch event, and then the processor 1580 provides a corresponding visual output on the display panel 1541 according to the type of the touch event. Although in fig. 4, the touch panel 1531 and the display panel 1541 are two separate components to implement the input and output functions of the mobile phone, in some embodiments, the touch panel 1531 and the display panel 1541 may be integrated to implement the input and output functions of the mobile phone.

The handset can also include at least one sensor 1550, such as light sensors, motion sensors, and other sensors. Specifically, the light sensor may include an ambient light sensor that adjusts the brightness of the display panel 1541 according to the brightness of ambient light and a proximity sensor that turns off the display panel 1541 and/or the backlight when the mobile phone is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing the posture of a mobile phone (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer and tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.

Audio circuitry 1560, speaker 1561, and microphone 1562 may provide an audio interface between a user and a cell phone. The audio circuit 1560 may transmit the electrical signal converted from the received audio data to the speaker 1561, and convert the electrical signal into an audio signal by the speaker 1561 and output the audio signal; on the other hand, the microphone 1562 converts collected sound signals into electrical signals, which are received by the audio circuit 1560 and converted into audio data, which are processed by the audio data output processor 1580 and then passed through the RF circuit 1510 for transmission to, for example, another cellular phone, or for output to the memory 1520 for further processing.

Wi-Fi belongs to short-distance wireless transmission technology, and a mobile phone can help a user to receive and send e-mails, browse webpages, access streaming media and the like through a Wi-Fi module 1570, and provides wireless broadband internet access for the user. Although fig. 4 shows a Wi-Fi module 1570, it is understood that it does not belong to the essential constitution of the handset and can be omitted entirely as needed within the scope not changing the essence of the invention.

The processor 1580 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 1520 and calling data stored in the memory 1520, thereby integrally monitoring the mobile phone. Optionally, the processor 1580 may include one or more processing units; preferably, the processor 1580 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, and the like, and a modem processor, which mainly handles wireless communications. It is to be appreciated that the modem processor may not be integrated into the processor 1580.

The handset also includes a power supply 1590 (e.g., a battery) for powering the various components, which may preferably be logically coupled to the processor 1580 via a power management system to manage charging, discharging, and power consumption management functions via the power management system.

Although not shown, the mobile phone may further include a camera, a bluetooth module, etc., which are not described herein.

In this embodiment of the present invention, the processor 1580 included in the terminal further has the following functions: receiving a calling instruction for calling a second application by a first application;

judging whether a second application is installed in a system common mode logged in by the identity of an administrator account currently, if so, running the second application in the system common mode according to the calling instruction, and if not, continuously judging whether the second application is installed in a system protection mode logged in by the identity of a common user account; if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode; running the second application in the system protection mode according to the calling instruction; and the system protection mode is configured with a security space for providing running resources for running of a preset application, and the security space is inaccessible in the system normal mode. That is, the processor 1580 is provided with a method for executing the application program calling method, which is not described herein again.

The application program calling method, the application program calling device and the mobile terminal receive a calling instruction for calling the second application by the first application; judging whether a second application is installed in a system common mode logged in by the identity of the administrator account currently, if so, running the second application in the system common mode according to the calling instruction, and if not, continuously judging whether the second application is installed in a system protection mode logged in by the identity of the common user account; if the second application is installed in the system protection mode, switching the system from the current system common mode to the system protection mode; running the second application in the system protection mode according to the calling instruction; and the system protection mode is configured with a security space for providing running resources for running of the predetermined application, and the security space is inaccessible in the system normal mode. When a first application in the system common mode needs to call a second application in the system protection mode, the first application can be successfully called by switching from the system common mode to the system protection mode, so that the applications do not need to be installed repeatedly, the system space is saved, and the user experience is improved.

The invention discloses the following scheme:

a1, an application program calling method, comprising the following steps:

A2, according to the application program calling method in A1, the process of judging whether a second application is installed in the system normal mode of logging in the administrator account at present comprises the following steps:

acquiring identity information of the second application;

acquiring an installed application set;

determining whether the second application is present in the set of installed applications.

A3, calling method according to the application program of A2, the identity information including package name or digital signature.

A4, according to the application program calling method of A2, the system is an android system, and the installed application set is obtained through a getPackageManager () method.

A5, the method for calling the application program according to A1, wherein the process for switching the system from the current system normal mode to the system protection mode comprises the following steps:

A6, according to the application program calling method of A5, judging whether the first application has the authority of calling the application installed in the system protection mode through a preset database, wherein the preset database stores the relationship information of the first application and the application capable of being called by the first application.

A7, the method for calling the application program according to A1, wherein the process for switching the system from the current system normal mode to the system protection mode comprises the following steps:

A8, according to the application program calling method of A1, the system is an android system, and a switchUser () method in an ActivinyManager class is called to switch from an administrator account to a common user account, so that the system is switched from a current system common mode to a system protection mode.

A9, calling the method according to the application program of A1, wherein the predetermined application comprises at least one of payment related application, finance related application and bank related application.

A10, calling the method according to the application program in A1, wherein the running resource comprises at least one of the application program, the application configuration data and the application user data, and the security space comprises a storage space.

A11, calling the method according to the application program in A1, wherein the operation resource comprises an operation protection policy, and the security space comprises a storage space and a corresponding operation protection policy configuration environment.

A12, according to the application program calling method of A1, after the calling of the second application is finished, the system is switched from a system protection mode to a system common mode, and then the first application is enabled to acquire the focus again.

A13, according to the application program calling method of A12, the system is an android system, and a switchUser () method in an ActivinyManager class is called to switch from a common user account to an administrator account, so that the system is switched from a system protection mode to a system common mode.

B14, an application calling device, comprising: the device comprises a receiving module, a first judging module, a second judging module, a switching module, a first operating module and a second operating module;

B15, the device for calling the application program according to B14, wherein the first judging module comprises: the device comprises a first acquisition unit, a second acquisition unit and a judgment unit;

the second acquisition unit is used for acquiring an installed application set;

B16, calling a device according to the application program of B15, the identity information including a package name or a digital signature.

B17, calling the device according to the application program described in B15, where the system is an android system, and the second obtaining unit obtains the installed application set by a getPackageManager () method.

B18, the application calling device according to B14, the switching module is used for:

B19, the application program calling device according to B18, wherein the switching module determines whether the first application has the authority to call the application installed in the system protection mode through a preset database, and the preset database stores relationship information between the first application and the application that can be called by the first application.

B20, the application calling device according to B14, the switching module is used for:

B21, the system is an android system according to the application program calling device of B14, the switching module calls a switchUser () method in an ActivityManager class to switch from an administrator account to a common user account, and therefore the system is switched from a current system common mode to a system protection mode.

B22, calling the device according to the application program of B14, wherein the predetermined application comprises at least one of payment related application, finance related application and bank related application.

B23, the application calling device according to B14, wherein the running resource includes at least one of the application itself, the application configuration data and the application user data, and the secure space includes a storage space.

B24, calling the device according to the application program of B14, wherein the operation resources comprise operation protection strategies, and the security space comprises a storage space and a corresponding operation protection strategy configuration environment.

B25, according to the application program calling device of B14, after the calling of the second application is finished, the switching module switches the system from the system protection mode to the system normal mode, and then the first application acquires the focus again.

B26, according to the application calling device of B25, the system is an android system, and the switching module calls a switchUser () method in an ActivityManager class to switch from a common user account to an administrator account, so that the system is switched from a system protection mode to a system common mode.

C27, a mobile terminal, comprising:

a touch-sensitive display;

one or more processors;

a memory;

one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform the application calling method of any of A1-A13.

It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.

The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims

1. An application calling method is characterized by comprising the following steps:

2. The method for calling an application program according to claim 1, wherein the step of determining whether the second application is currently installed in the system normal mode registered in the administrator account status includes:

acquiring identity information of the second application;

acquiring an installed application set;

3. The application calling method of claim 2, wherein the identity information comprises a package name or a digital signature.

4. The application calling method of claim 2, wherein the system is an android system, and the set of installed applications is obtained by a getPackageManager () method.

5. The application calling method according to claim 1, wherein the process of switching the system from the current system normal mode to the system protection mode comprises:

6. The application calling method according to claim 5, wherein it is determined whether the first application has an authority to call an application installed in the system protected mode through a preset database storing relationship information of the first application and applications that can be called by the first application.

7. The application calling method according to claim 1, wherein the process of switching the system from the current system normal mode to the system protection mode comprises:

8. The application calling method according to claim 1, wherein the system is an android system, and a switchUser () method in an ActivityManager class is called to switch from an administrator account to a general user account, so that the system is switched from a current system general mode to a system protection mode.

9. The application calling method according to claim 1, wherein the predetermined application includes at least one of a payment-related application, a financing-related application, and a banking-related application.

10. The application calling method of claim 1, wherein the operating resource comprises at least one of the application itself, application configuration data, and application user data, and wherein the secure space comprises a memory space.

11. The application calling method of claim 1, wherein the operating resource comprises an operating protection policy, and the security space comprises a storage space and its corresponding operating protection policy configuration environment.

12. The application calling method according to claim 1, wherein after the call to the second application is completed, the system is switched from a system protection mode to a system normal mode, and then the first application is caused to acquire a focus again.

13. The application calling method according to claim 12, wherein the system is an android system, and a switchUser () method in an ActivityManager class is called to switch from a normal user account to an administrator account, so that the system switches from a system protection mode to a system normal mode.

14. An application calling apparatus, comprising: the device comprises a receiving module, a first judging module, a second judging module, a switching module, a first operating module and a second operating module;

15. The application calling device according to claim 14, wherein the first determining module comprises: the device comprises a first acquisition unit, a second acquisition unit and a judgment unit;

the second acquisition unit is used for acquiring an installed application set;

16. The application invocation device of claim 15, wherein the identity information comprises a package name or a digital signature.

17. The apparatus according to claim 15, wherein the system is an android system, and the second obtaining unit obtains the set of installed applications by a getPackageManager () method.

18. The application invocation device of claim 14, wherein the switching module is configured to:

19. The apparatus according to claim 18, wherein the switching module determines whether the first application has an authority to invoke the application installed in the system protected mode through a preset database, and the preset database stores relationship information between the first application and applications that can be invoked by the first application.

20. The application invocation device of claim 14, wherein the switching module is configured to:

21. The apparatus according to claim 14, wherein the system is an android system, and the switching module calls a switchUser () method in an ActivityManager class to switch from an administrator account to a general user account, so that the system switches from a current system general mode to a system protection mode.

22. The application invocation device of claim 14, wherein the predetermined application comprises at least one of a payment-related application, a financing-related application, and a banking-related application.

23. The application invocation device of claim 14, wherein the execution resource comprises at least one of the application itself, application configuration data, and application user data, and wherein the secure space comprises a memory space.

24. The application invocation device according to claim 14, wherein the execution resource comprises an execution protection policy, and the secure space comprises a storage space and its corresponding execution protection policy configuration environment.

25. The application calling device according to claim 14, wherein the switching module switches the system from the system protection mode to the system normal mode after the call of the second application is completed, and then causes the first application to regain focus.

26. The apparatus according to claim 25, wherein the system is an android system, and the switching module calls a switchUser () method in an ActivityManager class to switch from a normal user account to an administrator account, so that the system switches from a system protection mode to a system normal mode.

27. A mobile terminal, characterized in that it comprises:

a touch-sensitive display;

one or more processors;

a memory;

one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to perform the application calling method of any of claims 1-13.