CN109522683A - Software source tracing method, system, computer equipment and storage medium - Google Patents
Software source tracing method, system, computer equipment and storage medium Download PDFInfo
- Publication number
- CN109522683A CN109522683A CN201811126961.1A CN201811126961A CN109522683A CN 109522683 A CN109522683 A CN 109522683A CN 201811126961 A CN201811126961 A CN 201811126961A CN 109522683 A CN109522683 A CN 109522683A
- Authority
- CN
- China
- Prior art keywords
- software
- information
- block chain
- user
- stage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/16—Program or content traceability, e.g. by watermarking
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses software source tracing method, system, computer equipment and storage mediums, wherein method includes: each stage in software communication process, obtain the predetermined information of software, it will be in predetermined information storage to block chain, and when meeting safety certification condition, secure authenticated information is generated according to the information stored;When determining that user needs to install software, the secure authenticated information in software each stage is showed into user.Using scheme of the present invention, it can be ensured that the safety etc. of data.
Description
[technical field]
The present invention relates to Computer Applied Technology, in particular to software source tracing method, system, computer equipment and storage is situated between
Matter.
[background technique]
With the fast development of global IT application, informationization has penetrated into the every field of social life, correspondingly,
Information security issue is also increasingly significant.Malware is a key factor for influencing information security.
Software is developed and is issued by software company, is distributed by distribution channel, manufacturer terminal etc., under online
The modes such as load, CD, mail, USB flash disk are readily accessible by the user, and are finally installed in a user device.Software is in exploitation and distribution procedure
In be likely to be added malicious code, so as to remotely be controlled, malice consume, destroy equipment, destroy data, infect it
Its file and program obtain privacy of user etc..
Currently, generalling use following manner to solve the safety problem of software:
1) encryption is reinforced: software company carries out encryption reinforcing to software, prevents from being cracked, malicious modification, improve software from
The safety of body;
2) Hash (Hash) is verified: after user downloads software, being obtained the hash value of software, is issued with software company original
The hash value of software carries out consistency comparison, if it is inconsistent, determining that software is distorted;
3) networking verifying: software with software company or agency etc. carries out cloud communication after opening, and verifies the complete of software
Whole property, consistency.
But above-mentioned three kinds of modes can have certain problems in practical applications, such as:
For mode 1), due to there are the technological means such as shelling, anti-reinforcing, only improves and crack threshold, do not ensure that
Software is not cracked and malice is distorted;
For mode 2), be frequently necessary in software distribution process add or modify content, such as translate into different literals plus
Enter proxy information etc., the hash value that will lead to software hash value and priginal soft that user obtains in this way is inconsistent, but in fact
Software itself is still safe, to judge by accident;
For mode 3), due to cloud communication to be carried out, software company or agency need cloud program and
Bandwidth is supported, to increase cost of implementation etc..
[summary of the invention]
In view of this, the present invention provides software source tracing method, system, computer equipment and storage mediums.
Specific technical solution is as follows:
A kind of software source tracing method, comprising:
In each stage in software communication process, the predetermined information of software is obtained, by predetermined information storage to area
On block chain, and when meeting safety certification condition, secure authenticated information is generated according to the information stored;
When determining that user needs to install software, the secure authenticated information in software each stage is showed into the user.
According to one preferred embodiment of the present invention, when the stage is software launch phase, the acquisition software
Predetermined information, will predetermined information storage to including: on block chain
The software information and distributor information of issued software are obtained, is stored onto block chain;
It obtains security firm and carries out the testing result after safety detection to the software issued, store onto block chain.
According to one preferred embodiment of the present invention, when the stage is software distribution phase, the acquisition software
Predetermined information, will predetermined information storage to including: on block chain
The software information and distributor's information of distributed software are obtained, is stored onto block chain;
It obtains security firm and carries out the testing result after safety detection to the software distributed, store onto block chain.
According to one preferred embodiment of the present invention, described when meeting safety certification condition, it is generated according to the information stored
Secure authenticated information includes:
When the testing result is devoid of risk, secure authenticated information is generated according to the information stored.
According to one preferred embodiment of the present invention, the number of the security firm is N, and N is positive integer;
It is described when the testing result is devoid of risk, generating secure authenticated information according to the information that is stored includes:
When the testing result of N number of security firm is devoid of risk, secure authenticated information is generated according to the information stored.
According to one preferred embodiment of the present invention, this method further comprises: by the safety certification in the software each stage
While information shows the user, indicating risk information is shown for the user and for the processing mode letter of user's selection
Breath.
A kind of software traceability system, comprising: first processing units and the second processing unit;
The first processing units obtain the predetermined information of software for each stage in software communication process, will
In the predetermined information storage to block chain, and when meeting safety certification condition, safety is generated according to the information stored
Authentication information;
Described the second processing unit, for when determining that user needs to install software, by the safety certification in software each stage
Information shows the user.
According to one preferred embodiment of the present invention, when the stage is software launch phase, the first processing units are obtained
It takes the software information and distributor information of issued software, in storage to block chain, and obtains security firm to being issued
Software carry out the testing result after safety detection, storage is on block chain.
According to one preferred embodiment of the present invention, when the stage is software distribution phase, the first processing units are obtained
It takes the software information and distributor's information of distributed software, in storage to block chain, and obtains security firm to being distributed
Software carry out the testing result after safety detection, storage is on block chain.
According to one preferred embodiment of the present invention, when the testing result be devoid of risk when, the first processing units according to
The information stored generates secure authenticated information.
According to one preferred embodiment of the present invention, the number of the security firm is N, and N is positive integer;
The first processing units determine that the testing result of N number of security firm is devoid of risk, according to the information stored
Generate secure authenticated information.
According to one preferred embodiment of the present invention, described the second processing unit is further used for, by the software each stage
Secure authenticated information while show the user, show indicating risk information for the user and for user's selection
Processing mode information.
A kind of computer equipment, including memory, processor and be stored on the memory and can be in the processor
The computer program of upper operation, the processor realize method as described above when executing described program.
A kind of computer readable storage medium is stored thereon with computer program, real when described program is executed by processor
Now method as described above.
It can be seen that based on above-mentioned introduction using scheme of the present invention, block chain technology can be used to store software and pass
The relevant information in each stage during broadcasting, and peace can be generated according to the information stored when meeting safety certification condition
Full authentication information, and then user is showed when user needs to install software, based on block chain technology the features such as can not distorting,
It ensures the safety of data, and avoids situations such as judging by accident, and can realize that software is traced to the source, and allows user to software
Safe condition fully understanded, simultaneously because without carrying out cloud communication and reducing cost of implementation etc..
[Detailed description of the invention]
Fig. 1 is the flow chart of software source tracing method embodiment of the present invention.
Fig. 2 is that the whole of software source tracing method of the present invention realizes process schematic.
Fig. 3 is the composed structure schematic diagram of software traceability system embodiment of the present invention.
Fig. 4 shows the block diagram for being suitable for the exemplary computer system/server 12 for being used to realize embodiment of the present invention.
[specific embodiment]
In order to be clearer and more clear technical solution of the present invention, hereinafter, referring to the drawings and the embodiments, to institute of the present invention
The scheme of stating is further described.
Obviously, described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on the present invention
In embodiment, those skilled in the art's all other embodiment obtained without creative efforts, all
Belong to the scope of protection of the invention.
Fig. 1 is the flow chart of software source tracing method embodiment of the present invention.As shown in Figure 1, including realizing in detail below
Mode.
In 101, each stage in software communication process, the predetermined information of software is obtained, what be will acquire is predetermined
In information storage to block chain, and when meeting safety certification condition, secure authenticated information is generated according to the information stored.
In 102, when determining that user needs to install software, the secure authenticated information in software each stage is showed into use
Family.
Software communication process may include software launch phase and software distribution phase etc., individually below to the tool in each stage
Body realization is illustrated.
1) software launch phase
In software launch phase, the software information and distributor information of issued software can be obtained, block is arrived in storage
On chain, and security firm can be obtained, the testing result after safety detection (identification) is carried out to the software issued, block is arrived in storage
On chain.
For example, can obtain the software of software company's publication can obtain software information and publication based on the software issued
Person's information.Wherein, software information may include dbase, (MD5, the Message Digest of Message Digest 55
Algorithm) value, file size etc., distributor information may include software company's title etc..
Later, the safety detection program that can call security firm carries out safety detection to the software issued, that is, detects soft
With the presence or absence of malicious code and behavior etc. in part, and can will test in result storage to block chain.
Security firm can refer to antivirus software manufacturer.The number of security firm can be one, to ensure testing result
Accuracy, the number of security firm may be it is multiple, the safety detection program of multiple security firms can be called respectively, it is right
The software issued carries out safety detection.
Testing result can be divided into following several: devoid of risk, low-risk, risk and high risk.Only when all safe factories
When the testing result of quotient is devoid of risk, issued software devoid of risk can be just determined.
Software information acquired in software launch phase, distributor information and testing result etc. are storable in a block
On, pair when being determined for compliance with safety certification condition, secure authenticated information can be further generated according to the information stored in block, i.e.,
The software issued provides safety certification.
Wherein, meeting safety certification condition can refer to that testing result is that devoid of risk in this case can be according in block
The information of storage further generates secure authenticated information.May include in secure authenticated information software information, distributor information and
Testing result information etc..For example, may include following content in secure authenticated information: the * * software (software that * * software company submits
Title), file size is * *, and MD5 value is * *, is detected as devoid of risk, the address of block in block chain software is traced to the source
For * *, etc..
The form of expression of secure authenticated information with no restriction, for example can be digital certificates form, can also be PDF form etc..
Secure authenticated information is provided to software publisher, the approval etc. of the safety as the software issued to it.
2) software distribution phase
In software distribution phase, the software information and distributor's information of distributed software can be obtained, block is arrived in storage
On chain, and security firm can be obtained and carry out the testing result after safety detection to the software distributed, stored onto block chain.
Distributor can refer to distribution channel or manufacturer terminal etc..Distribution channel can refer to download website, agency or
Application market etc..
Software can be added or be modified to distribution channel in distribution software process, such as by software translation at different literals, addition
Proxy information etc..When getting software (i.e. addition or the modified software) that distribution channel is issued again, software can be obtained
Information and distributor's information.Wherein, software information may include dbase, MD5 value, file size etc., send out compared to software
MD5 value and file size in the software information that the cloth stage gets, the MD5 in software information that software distribution phase is got
Value and file size may change.Distributor's information refers to distribution channel information.
Later, the safety detection program that can call security firm carries out safety detection to the software issued again, that is, detects
With the presence or absence of malicious code and behavior etc. in software, and can will test in result storage to block chain.
The number of security firm can be multiple.Testing result can be divided into following several: devoid of risk, low-risk, risk and
High risk.Only when the testing result of all security firms is devoid of risk, the software devoid of risk issued again can be just determined.
Software information, distributor's information and the testing result that can will acquire etc. are stored on a block, work as determination
When meeting safety certification condition, secure authenticated information can be further generated according to the information stored in block, i.e., to issuing again
Software provide safety certification.Wherein, meeting safety certification condition can refer to that testing result is devoid of risk.
Similarly, manufacturer terminal can also add or modify software in distribution software process.When getting manufacturer terminal again
When the software of secondary publication, software information and distributor's information can be obtained.Wherein, software information may include dbase, MD5
Value, file size etc., MD5 value and file size in the software information got compared to software launch phase, software distribution
MD5 value and file size in the software information that stage gets may change.Distributor's information refers to manufacturer terminal
Information.
Later, the safety detection program that can call security firm carries out safety detection to the software issued again, and can incite somebody to action
In testing result storage to block chain.
The number of security firm can be multiple.Testing result can be divided into following several: devoid of risk, low-risk, risk and
High risk.Only when the testing result of all security firms is devoid of risk, the software devoid of risk issued again can be just determined.
Software information, distributor's information and the testing result that can will acquire etc. are stored on a block, work as determination
When meeting safety certification condition, secure authenticated information can be further generated according to the information stored in block, i.e., to issuing again
Software provide safety certification.Wherein, meeting safety certification condition can refer to that testing result is devoid of risk.
It, can be by the secure authenticated information exhibition in software each stage when determining that user needs to install software based on above-mentioned processing
Show to user, in addition, also may further be user shows indicating risk information and the processing mode information for user's selection.
The user may include personal user, government customer, enterprise customer etc., can trace back to software before user installation software
The secure authenticated information in each stage of the shown software in communication process is checked in source.How the safety in each stage to be recognized
Card information shows user with no restriction.
If secure authenticated information is not present at least one stage, indicating risk can be carried out to user, is such as prompted
User " for the software in the * * stage without safety certification, there are risks " etc., and can provide the processing mode information for user's selection,
Two buttons are such as provided, one of corresponding " abandoning installing ", another corresponds to " continuing to install ".If deposited in each stage
In secure authenticated information, then user's " risk is not present in the software " etc. can be prompted, and it can provide two buttons, one of them is right
" abandoning installing " is answered, another corresponds to " continuing to install ", and in this case, user would generally select " continuing to install ".
After user installation complete software, it can further call the safety detection program of security firm to the software installed
Carry out safety detection, it is ensured that software is finally safe.
In summary it introduces, Fig. 2 is that the whole of software source tracing method of the present invention realizes process schematic.Such as Fig. 2 institute
Show, software source tracing method of the present invention has combined each software company, security firm, distribution channel, manufacturer terminal, personal use
Family, government customer, enterprise customer etc. carry out whole process to software life-cycle and trace to the source.
It should be noted that for the aforementioned method embodiment, for simple description, being stated that a series of movement
Combination, but those skilled in the art should understand that, the present invention is not limited by the sequence of acts described, because according to this
Invention, certain steps can use other sequences or carry out simultaneously.Secondly, those skilled in the art should also know that, explanation
Embodiment described in book belongs to preferred embodiment, and related actions and modules not necessarily present invention institute is necessary
's.
In short, block chain technology can be used to store every single order in software communication process using scheme of the present invention
The relevant information of section, and secure authenticated information, Jin Er can be generated according to the information stored when meeting safety certification condition
User shows user when needing to install software, based on block chain technology the features such as can not distorting, it is ensured that the safety of data,
And situations such as judging by accident is avoided, and can realize that software is traced to the source, user is carried out to the safe condition of software comprehensive
Understand, simultaneously because being not necessarily to carry out cloud communication and reduce cost of implementation etc..
In addition, using scheme of the present invention, based on the autonomy feature of block chain technology, after constructing data cochain, by
The real-time prevention and treatment mechanism that member records jointly, identifies, broadcasting, tracing to the source forms whole process, the new state of rapid strike Malware
Gesture, based on block chain technology can not tamper and common recognition mechanism, data by member on chain unanimously and effective identification, individual nothing
Method secret distorts record, avoids error detection and attack to legitimate files, goes to center based on block chain technology
Change and open characteristics, the old model broken the seal, open data sharing are mostly principle to contribute obtain, by the tribute of member more
It offers and consumption is permanently written block chain, be used as tie using integral, dispersed nodes share account book, and it is raw to promote anti-malware
The participation etc. of all members in state.
The introduction about embodiment of the method above, below by way of system embodiment, to scheme of the present invention carry out into
One step explanation.
Fig. 3 is the composed structure schematic diagram of software traceability system embodiment of the present invention.As shown in Figure 3, comprising: first
Processing unit 301 and the second processing unit 302.
First processing units 301 obtain the predetermined information of software for each stage in software communication process, will
In predetermined information storage to block chain, and when meeting safety certification condition, safety certification is generated according to the information stored
Information.
The second processing unit 302, for when determining that user needs to install software, the safety certification in software each stage to be believed
Breath shows user.
It may include software launch phase and software distribution phase etc. in software communication process.
In software launch phase, first processing units 301 can obtain software information and the publisher of issued software
Information is stored onto block chain, and is obtained security firm and carried out the testing result after safety detection, storage to the software issued
Onto block chain.
For example, can obtain the software of software company's publication can obtain software information and publication based on the software issued
Person's information.Wherein, software information may include dbase, MD5 value, file size etc., and distributor information may include publication software
Software company's title etc..
Later, the safety detection program that can call security firm carries out safety detection to the software issued, that is, detects soft
With the presence or absence of malicious code and behavior etc. in part, and can will test in result storage to block chain.
The number of security firm be it is N number of, N is positive integer, it can be one, or it is multiple.Testing result can divide
It is following several: devoid of risk, low-risk, risk and high risk.
Acquired software information, distributor information and testing result etc. can be stored in one by first processing units 301
On a block, when being determined for compliance with safety certification condition, safety certification letter can be further generated according to the information stored in block
Breath, i.e., provide safety certification to the software issued.Wherein, meeting safety certification condition can refer to that testing result is calm
Danger.First processing units 301 only when determining that the testing result of N number of security firm is devoid of risk, can just generate safety and recognize
Demonstrate,prove information.
In software distribution phase, first processing units 301 can obtain software information and the distributor of distributed software
Information is stored onto block chain, and is obtained security firm and carried out the testing result after safety detection, storage to the software distributed
Onto block chain.
Distributor can refer to distribution channel or manufacturer terminal etc..Distribution channel can refer to download website, agency or
Application market etc..
Distributor can add or modify software etc. in distribution software process, such as by software translation at different literals, addition
Proxy information etc..When getting software (i.e. addition or the modified software) that distribution channel is issued again, the first processing is single
Member 301 can obtain software information and distributor's information.Wherein, software information may include dbase, MD5 value, file size
Deng distributor's information refers to distribution channel information or manufacturer terminal information etc..
Later, the safety detection program that can call security firm carries out safety detection to the software issued again, that is, detects
With the presence or absence of malicious code and behavior etc. in software, and can will test in result storage to block chain.
The number of security firm can be multiple.Testing result can be divided into following several: devoid of risk, low-risk, risk and
High risk.Only when the testing result of all security firms is devoid of risk, first processing units 301 can just determine to send out again
The software devoid of risk of cloth.
Software information, distributor's information and testing result that first processing units 301 can will acquire etc. are stored in one
On a block, when being determined for compliance with safety certification condition, safety certification letter can be further generated according to the information stored in block
Breath, i.e., provide safety certification to the software issued again.Wherein, meeting safety certification condition can refer to that testing result is calm
Danger.
After above-mentioned processing, when determining that user needs to install software, the second processing unit 302 can be by software each stage
Secure authenticated information show user, further, can also for user show indicating risk information and for user selection
Processing mode information.
The user may include personal user, government customer, enterprise customer etc., can trace back to software before user installation software
The secure authenticated information in each stage of the shown software in communication process is checked in source.
If secure authenticated information is not present at least one stage, indicating risk can be carried out to user, is such as prompted
User " for the software in the * * stage without safety certification, there are risks " etc., and can provide the processing mode information for user's selection,
Two buttons are such as provided, one of corresponding " abandoning installing ", another corresponds to " continuing to install ".If deposited in each stage
In secure authenticated information, then user's " risk is not present in the software " etc. can be prompted, and it can provide two buttons, one of them is right
" abandoning installing " is answered, another corresponds to " continuing to install ", and in this case, user would generally select " continuing to install ".
The specific workflow of system shown in Figure 3 embodiment please refers to the related description in preceding method embodiment, no longer
It repeats.
Fig. 4 shows the block diagram for being suitable for the exemplary computer system/server 12 for being used to realize embodiment of the present invention.
The computer system/server 12 that Fig. 4 is shown is only an example, should not function and use scope to the embodiment of the present invention
Bring any restrictions.
As shown in figure 4, computer system/server 12 is showed in the form of universal computing device.Computer system/service
The component of device 12 can include but is not limited to: one or more processor (processing unit) 16, memory 28, connect not homology
The bus 18 of system component (including memory 28 and processor 16).
Bus 18 indicates one of a few class bus structures or a variety of, including memory bus or Memory Controller,
Peripheral bus, graphics acceleration port, processor or the local bus using any bus structures in a variety of bus structures.It lifts
For example, these architectures include but is not limited to industry standard architecture (ISA) bus, microchannel architecture (MAC)
Bus, enhanced isa bus, Video Electronics Standards Association (VESA) local bus and peripheral component interconnection (PCI) bus.
Computer system/server 12 typically comprises a variety of computer system readable media.These media, which can be, appoints
What usable medium that can be accessed by computer system/server 12, including volatile and non-volatile media, it is moveable and
Immovable medium.
Memory 28 may include the computer system readable media of form of volatile memory, such as random access memory
Device (RAM) 30 and/or cache memory 32.Computer system/server 12 may further include it is other it is removable/no
Movably, volatile/non-volatile computer system storage medium.Only as an example, storage system 34 can be used for reading and writing
Immovable, non-volatile magnetic media (Fig. 4 do not show, commonly referred to as " hard disk drive ").Although not shown in fig 4, may be used
To provide the disc driver for reading and writing to removable non-volatile magnetic disk (such as " floppy disk "), and it is non-volatile to moving
Property CD (such as CD-ROM, DVD-ROM or other optical mediums) read and write CD drive.In these cases, each drive
Dynamic device can be connected by one or more data media interfaces with bus 18.Memory 28 may include at least one program
Product, the program product have one group of (for example, at least one) program module, these program modules are configured to perform the present invention
The function of each embodiment.
Program/utility 40 with one group of (at least one) program module 42 can store in such as memory 28
In, such program module 42 includes --- but being not limited to --- operating system, one or more application program, other programs
It may include the realization of network environment in module and program data, each of these examples or certain combination.Program mould
Block 42 usually executes function and/or method in embodiment described in the invention.
Computer system/server 12 can also be (such as keyboard, sensing equipment, aobvious with one or more external equipments 14
Show device 24 etc.) communication, it is logical that the equipment interacted with the computer system/server 12 can be also enabled a user to one or more
Letter, and/or with the computer system/server 12 any is set with what one or more of the other calculating equipment was communicated
Standby (such as network interface card, modem etc.) communicates.This communication can be carried out by input/output (I/O) interface 22.And
And computer system/server 12 can also pass through network adapter 20 and one or more network (such as local area network
(LAN), wide area network (WAN) and/or public network, such as internet) communication.As shown in figure 4, network adapter 20 passes through bus
18 communicate with other modules of computer system/server 12.It should be understood that although not shown in the drawings, computer can be combined
Systems/servers 12 use other hardware and/or software module, including but not limited to: microcode, device driver, at redundancy
Manage unit, external disk drive array, RAID system, tape drive and data backup storage system etc..
The program that processor 16 is stored in memory 28 by operation, at various function application and data
Reason, such as realize the method in embodiment illustrated in fig. 1.
The present invention discloses a kind of computer readable storage mediums, are stored thereon with computer program, the program quilt
Processor will realize the method in embodiment as shown in Figure 1 when executing.
It can be using any combination of one or more computer-readable media.Computer-readable medium can be calculating
Machine readable signal medium or computer readable storage medium.Computer readable storage medium for example can be --- but it is unlimited
In system, device or the device of --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor, or any above combination.It calculates
The more specific example (non exhaustive list) of machine readable storage medium storing program for executing includes: electrical connection with one or more conducting wires, just
Taking formula computer disk, hard disk, random access memory (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In this document, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.
Computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including --- but
It is not limited to --- electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be
Any computer-readable medium other than computer readable storage medium, which can send, propagate or
Transmission is for by the use of instruction execution system, device or device or program in connection.
The program code for including on computer-readable medium can transmit with any suitable medium, including --- but it is unlimited
In --- wireless, electric wire, optical cable, RF etc. or above-mentioned any appropriate combination.
The computer for executing operation of the present invention can be write with one or more programming languages or combinations thereof
Program code, described program design language include object oriented program language-such as Java, Smalltalk, C++,
Further include conventional procedural programming language-such as " C " language or similar programming language.Program code can be with
It fully executes, partly execute on the user computer on the user computer, being executed as an independent software package, portion
Divide and partially executes or executed on a remote computer or server completely on the remote computer on the user computer.?
Be related in the situation of remote computer, remote computer can pass through the network of any kind --- including local area network (LAN) or
Wide area network (WAN)-be connected to subscriber computer, or, it may be connected to outer computer (such as mentioned using Internet service
It is connected for quotient by internet).
In several embodiments provided by the present invention, it should be understood that disclosed device and method etc. can pass through
Other modes are realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit,
Only a kind of logical function partition, there may be another division manner in actual implementation.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds SFU software functional unit.
The above-mentioned integrated unit being realized in the form of SFU software functional unit can store and computer-readable deposit at one
In storage media.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the present invention
The part steps of embodiment the method.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. it is various
It can store the medium of program code.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the present invention.
Claims (14)
1. a kind of software source tracing method characterized by comprising
In each stage in software communication process, the predetermined information of software is obtained, by predetermined information storage to block chain
On, and when meeting safety certification condition, secure authenticated information is generated according to the information stored;
When determining that user needs to install software, the secure authenticated information in software each stage is showed into the user.
2. the method according to claim 1, wherein
When the stage is software launch phase, the predetermined information for obtaining software, by predetermined information storage to area
Include: on block chain
The software information and distributor information of issued software are obtained, is stored onto block chain;
It obtains security firm and carries out the testing result after safety detection to the software issued, store onto block chain.
3. the method according to claim 1, wherein
When the stage is software distribution phase, the predetermined information for obtaining software, by predetermined information storage to area
Include: on block chain
The software information and distributor's information of distributed software are obtained, is stored onto block chain;
It obtains security firm and carries out the testing result after safety detection to the software distributed, store onto block chain.
4. according to the method in claim 2 or 3, which is characterized in that
It is described when meeting safety certification condition, generating secure authenticated information according to the information that is stored includes:
When the testing result is devoid of risk, secure authenticated information is generated according to the information stored.
5. according to the method described in claim 4, it is characterized in that,
The number of the security firm is N, and N is positive integer;
It is described when the testing result is devoid of risk, generating secure authenticated information according to the information that is stored includes:
When the testing result of N number of security firm is devoid of risk, secure authenticated information is generated according to the information stored.
6. the method according to claim 1, wherein
This method further comprises: while the secure authenticated information in the software each stage is showed the user, being
The user shows indicating risk information and the processing mode information for user's selection.
7. a kind of software traceability system characterized by comprising first processing units and the second processing unit;
The first processing units obtain the predetermined information of software for each stage in software communication process, will be described
In predetermined information storage to block chain, and when meeting safety certification condition, safety certification is generated according to the information stored
Information;
Described the second processing unit, for when determining that user needs to install software, by the secure authenticated information in software each stage
Show the user.
8. system according to claim 7, which is characterized in that
When the stage is software launch phase, the first processing units obtain issued software software information and
Distributor information is stored onto block chain, and is obtained security firm and carried out the detection knot after safety detection to the software issued
Fruit stores onto block chain.
9. system according to claim 7, which is characterized in that
When the stage is software distribution phase, the first processing units obtain distributed software software information and
Distributor's information is stored onto block chain, and is obtained security firm and carried out the detection knot after safety detection to the software distributed
Fruit stores onto block chain.
10. system according to claim 8 or claim 9, which is characterized in that
When the testing result is devoid of risk, the first processing units generate safety certification according to the information stored and believe
Breath.
11. system according to claim 10, which is characterized in that
The number of the security firm is N, and N is positive integer;
The first processing units determine that the testing result of N number of security firm is devoid of risk, are generated according to the information stored
Secure authenticated information.
12. system according to claim 7, which is characterized in that
Described the second processing unit is further used for, and the secure authenticated information in the software each stage is being showed the user
While, for user displaying indicating risk information and for the processing mode information of user's selection.
13. a kind of computer equipment, including memory, processor and it is stored on the memory and can be on the processor
The computer program of operation, which is characterized in that the processor is realized when executing described program as any in claim 1~6
Method described in.
14. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that described program is processed
Such as method according to any one of claims 1 to 6 is realized when device executes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811126961.1A CN109522683B (en) | 2018-09-26 | 2018-09-26 | Software tracing method, system, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811126961.1A CN109522683B (en) | 2018-09-26 | 2018-09-26 | Software tracing method, system, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109522683A true CN109522683A (en) | 2019-03-26 |
| CN109522683B CN109522683B (en) | 2022-11-01 |
Family
ID=65770006
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811126961.1A Active CN109522683B (en) | 2018-09-26 | 2018-09-26 | Software tracing method, system, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109522683B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112526932A (en) * | 2020-12-16 | 2021-03-19 | 上海维宏电子科技股份有限公司 | Method, system, device, processor, storage medium and application for realizing three-level configuration setting management by numerical control processing software |
| CN113656762A (en) * | 2021-08-12 | 2021-11-16 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for managing third-party software |
| CN114884657A (en) * | 2022-05-07 | 2022-08-09 | 中国计量科学研究院 | Whole-course online automatic execution algorithm tracing method and system |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103473501A (en) * | 2013-08-22 | 2013-12-25 | 北京奇虎科技有限公司 | Malware tracking method based on cloud safety |
| CN105391714A (en) * | 2015-11-11 | 2016-03-09 | 工业和信息化部电信研究院 | Automatic signature and verification method and device for mobile application software |
| CN106250721A (en) * | 2016-07-28 | 2016-12-21 | 杭州云象网络技术有限公司 | A kind of electronic copyright protection method based on block chain |
| CN106897348A (en) * | 2016-08-19 | 2017-06-27 | 阿里巴巴集团控股有限公司 | A kind of data storage, data check, data source tracing method and equipment |
| CN107077557A (en) * | 2016-12-29 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | The method and device that software application is issued and verified |
| CN107122970A (en) * | 2017-04-27 | 2017-09-01 | 深圳怡化电脑股份有限公司 | Safety certifying method, device, system, equipment, ATM and storage medium |
| CN108038697A (en) * | 2017-12-04 | 2018-05-15 | 成都东哲科技有限公司 | Commodity based on block chain are traced to the source data service platform node data management system |
| CN108389059A (en) * | 2018-02-26 | 2018-08-10 | 成都大学 | Digital copyrighted work protection, transaction and distributing method based on ownership and system |
| CN108520293A (en) * | 2018-04-03 | 2018-09-11 | 中兴能源(天津)有限公司 | A kind of product false proof source tracing method, device, server and storage medium |
-
2018
- 2018-09-26 CN CN201811126961.1A patent/CN109522683B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103473501A (en) * | 2013-08-22 | 2013-12-25 | 北京奇虎科技有限公司 | Malware tracking method based on cloud safety |
| CN105391714A (en) * | 2015-11-11 | 2016-03-09 | 工业和信息化部电信研究院 | Automatic signature and verification method and device for mobile application software |
| CN106250721A (en) * | 2016-07-28 | 2016-12-21 | 杭州云象网络技术有限公司 | A kind of electronic copyright protection method based on block chain |
| CN106897348A (en) * | 2016-08-19 | 2017-06-27 | 阿里巴巴集团控股有限公司 | A kind of data storage, data check, data source tracing method and equipment |
| CN107077557A (en) * | 2016-12-29 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | The method and device that software application is issued and verified |
| CN107122970A (en) * | 2017-04-27 | 2017-09-01 | 深圳怡化电脑股份有限公司 | Safety certifying method, device, system, equipment, ATM and storage medium |
| CN108038697A (en) * | 2017-12-04 | 2018-05-15 | 成都东哲科技有限公司 | Commodity based on block chain are traced to the source data service platform node data management system |
| CN108389059A (en) * | 2018-02-26 | 2018-08-10 | 成都大学 | Digital copyrighted work protection, transaction and distributing method based on ownership and system |
| CN108520293A (en) * | 2018-04-03 | 2018-09-11 | 中兴能源(天津)有限公司 | A kind of product false proof source tracing method, device, server and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112526932A (en) * | 2020-12-16 | 2021-03-19 | 上海维宏电子科技股份有限公司 | Method, system, device, processor, storage medium and application for realizing three-level configuration setting management by numerical control processing software |
| CN113656762A (en) * | 2021-08-12 | 2021-11-16 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for managing third-party software |
| CN114884657A (en) * | 2022-05-07 | 2022-08-09 | 中国计量科学研究院 | Whole-course online automatic execution algorithm tracing method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109522683B (en) | 2022-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110414268B (en) | Access control method, device, equipment and storage medium | |
| US20240289448A1 (en) | System and Methods for Click-Jacking and Content Redressing Protection | |
| US9576147B1 (en) | Security policy application through data tagging | |
| US9811674B2 (en) | Data leakage prevention system, method, and computer program product for preventing a predefined type of operation on predetermined data | |
| JP6122555B2 (en) | System and method for identifying compromised private keys | |
| US9270467B1 (en) | Systems and methods for trust propagation of signed files across devices | |
| US10079835B1 (en) | Systems and methods for data loss prevention of unidentifiable and unsupported object types | |
| US8776196B1 (en) | Systems and methods for automatically detecting and preventing phishing attacks | |
| CN107704765A (en) | A kind of interface access method, server and computer-readable recording medium | |
| US11750652B2 (en) | Generating false data for suspicious users | |
| CN108537042A (en) | Self-defined plug-in unit generation method, device, equipment and storage medium | |
| CN109997143A (en) | The safety of sensitive data is shared | |
| US9338012B1 (en) | Systems and methods for identifying code signing certificate misuse | |
| US11671422B1 (en) | Systems and methods for securing authentication procedures | |
| CN109522683A (en) | Software source tracing method, system, computer equipment and storage medium | |
| CN111488580A (en) | Safety hazard detection method, device, electronic device and computer readable medium | |
| CN110659478A (en) | Method for detecting malicious files that prevent analysis in an isolated environment | |
| CN115329315A (en) | Service authentication method, device, storage medium and electronic device | |
| WO2024196618A1 (en) | Snapshot phishing detection and threat analysis | |
| US20220382862A1 (en) | System and method for detecting potentially malicious changes in applications | |
| CN118176698A (en) | Software situation for zero trust access | |
| CN114091046A (en) | System and method for identifying encryptor encoding files of computer system | |
| TW202145033A (en) | Computer program product and apparatus for encrypting and verifying sensitive parameters | |
| EP4095727A1 (en) | System and method for detecting potentially malicious changes in applications | |
| US20250240323A1 (en) | Snapshot for activity detection and threat analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |