CN107862201A - Authority control method, electric terminal and computer-readable recording medium - Google Patents
Authority control method, electric terminal and computer-readable recording medium Download PDFInfo
- Publication number
- CN107862201A CN107862201A CN201711029285.1A CN201711029285A CN107862201A CN 107862201 A CN107862201 A CN 107862201A CN 201711029285 A CN201711029285 A CN 201711029285A CN 107862201 A CN107862201 A CN 107862201A
- Authority
- CN
- China
- Prior art keywords
- application program
- system privileges
- information
- control method
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a kind of authority control method, comprise the following steps:Obtain the System Privileges application information of application program;According to preset authorization condition and the System Privileges application information, it is determined whether carry out System Privileges mandate to the application program;When it is determined that carrying out System Privileges mandate to the application program, System Privileges mandate is carried out to the application program by System Privileges interface proxy.In authority control method in the present invention, application program is to System Privileges application without interacting with operating system, it is only necessary to is authorized by System Privileges interface proxy according to default authorising conditional or revocation.The present invention also provides a kind of electric terminal and computer-readable recording medium.
Description
Technical field
The present invention relates to electronic technology field, more particularly to a kind of authority control method, electric terminal and computer can
Read storage medium.
Background technology
With the development of electronic technology and the communication technology, installable application program is more and more in smart electronicses terminal.
Application program can apply for the access rights to be conducted interviews to multiple system resources according to the application function realized, such as to being
The access for the system resources such as daily record, storage content, mobile communications network access, microphone, system camera of uniting and calling authority.
The application program (APP, Application) of common smart electronicses terminal, for example, in apple mobile device operation
In system (iOS) and Android operation system (Android), for application program in application system authority, application program can call behaviour
The interface for making system offer completes authority and resource bid, and at this time operating system can prompt whether allow associated rights to user
Application.After user clicks on confirmation, application program can use new power continue executing with follow-up process;Otherwise, application program terminates this and is
Authority of uniting performs flow.For the System Privileges application process of above-mentioned application program, problems be present:
(1) generally in application installation or operation, many System Privileges be present is needed to apply, application program is directed to by user
Multiple system resource access authorities of application are selected one by one so that application program only has the system resource selected by user
Access rights, but this mode can bring cumbersome experience to user;
(2) if once user confirm allows a certain application program to use high authority, such as mobile communication flow (such as
GPRS network or system camera etc.) are accessed, then the application program accesses the height of network and system camera by GPRS is persistently possessed
Authority, when current environment changes, the super-ordinate right that application program has possessed can not be cancelled in time, for example detect current net
When network running environment is dangerous, active recycle program accesses the authority of network by GPRS;
(3) operating system simply can only be authorized and forbidden, it is impossible to be done more to the permission grant of application program
Careful control of authority, such as operating system allow certain application program to access GPS flows, can not accomplish to limit within certain section of period
System/permission application program uses GPS flows.
The content of the invention
It is a primary object of the present invention to provide a kind of authority control method, electric terminal and computer-readable storage medium
Matter, it is intended to improve existing application program to System Privileges application and control flow.
To achieve the above object, a kind of authority control method provided by the invention, comprises the following steps:
Obtain the System Privileges application information of application program;
According to preset authorization condition and the System Privileges application information, it is determined whether carry out system power to application program
Limit authorizes;
When it is determined that carrying out System Privileges mandate to the application program, by System Privileges interface proxy to the application
Program carries out System Privileges mandate.
Further, step is also included before the step of System Privileges application information of the acquisition application program:
Intercept the System Privileges application that application program is sent to operating system.
Further, the System Privileges interface proxy includes:Generation by hook system rights interface to System Privileges
Reason, or by the privately owned application programming interface of calling system authority at least one of agency of System Privileges.
Further, the authority control method also includes step:
By the way that the corresponding System Privileges interface proxy program module is packaged in into application program using encapsulation technology
In installation kit program.
Further, the information of the preset authorization condition including application program and with the delegatable system of the application program
System authority information;The authority control method also includes step:
Obtain the information of application program and the System Privileges list information of the application program;
The information of the application program and the System Privileges list information of the application program are provided by visualization interface;
The selection whether response user is authorized to the one or more System Privileges in the System Privileges list,
Generate the delegatable System Privileges information of the application program;
The application program is generated according to the application information and the delegatable System Privileges information of the application program
Corresponding preset authorization condition.
Further, the authority control method also includes step:
The change to the delegatable System Privileges information of the application program inputted according to user, renewal is described to apply journey
Preset authorization condition corresponding to sequence.
Further, the authority control method also includes step:
Obtain current environment parameter value and current preset authorising conditional;
According to the corresponding relation of preset ambient parameter value and the delegatable System Privileges information of application program, obtain current
The delegatable System Privileges information of application program corresponding to ambient parameter value;
The delegatable System Privileges information of application program is corresponding with current environment parameter value in current preset authorising conditional
The delegatable System Privileges information of application program it is inconsistent when, application program in the current preset authorising conditional can be authorized
System Privileges information be changed to the delegatable System Privileges information of application program corresponding to current environment parameter value;
According to the delegatable System Privileges information of application program after change, update to preset corresponding to the application program and award
Power condition.
Further, the authority control method also includes step:
According to the preset authorization condition of the renewal, the application program is weighed to system by System Privileges interface proxy
Limit authorize or revocation.
The present invention also provides a kind of electric terminal, including memory, processor and storage on a memory and can handled
The computer program run on device, the authority control described in any of the above-described is realized described in the computing device during computer program
The step of method processed.
The present invention also provides a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that should
The step of authority control method described in any of the above-described is realized when computer program is executed by processor.
In authority control method provided by the invention, electric terminal and computer-readable recording medium, application program pair
System Privileges application with operating system without interacting, it is only necessary to by System Privileges interface proxy according to default mandate bar
Part is authorized or revocation;During application program System Privileges, troublesome operation system will not be repeatedly ejected again
Allow to confirm frame.
Brief description of the drawings
Fig. 1 is the method flow of the authority control method for the electric terminal being used in first embodiment of the invention in Fig. 1
Figure;
Fig. 2 is the modular structure schematic diagram of the electric terminal in first embodiment of the invention;
Fig. 3 is the method flow of the authority control method for the electric terminal being used in second embodiment of the invention in Fig. 1
Figure;
Fig. 4 is the method flow of the authority control method for the electric terminal being used in third embodiment of the invention in Fig. 1
Figure;
Fig. 5 is the method flow of the authority control method for the electric terminal being used in four embodiment of the invention in Fig. 1
Figure.
Fig. 6 is the method flow of the authority control method for the electric terminal being used in fifth embodiment of the invention in Fig. 1
Figure.
Fig. 7 is the method flow of the authority control method for the electric terminal being used in another embodiment of the present invention in Fig. 1
Figure.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that specific embodiment described herein is not intended to limit the present invention only to explain the present invention.
In follow-up description, the suffix using such as " module ", " part " or " unit " for representing element is only
Be advantageous to the explanation of the present invention, itself there is no a specific meaning.Therefore, " module ", " part " or " unit " can mix
Ground uses.
Fig. 1~2 is refer to, Fig. 1 is the method flow diagram of the authority control method 100 in first embodiment of the invention,
Fig. 2 is the modular structure schematic diagram using the electric terminal 200 of authority control method in Fig. 1 100.
The electric terminal 200 can be implemented in a variety of manners.For example, the electric terminal described in the present invention can wrap
Include such as mobile phone, tablet personal computer, notebook computer, palm PC, personal digital assistant (Personal Digital
Assistant, PDA), portable media player (Portable Media Player, PMP), guider, wearable set
The mobile terminals such as standby, Intelligent bracelet, and digital TV, desktop computer etc. be portable or fixed terminal.
The electric terminal 200 includes display unit 11, input block 12, memory cell 13, processing unit 14, Yi Ji electricity
The grade part of source 15.It will be understood by those skilled in the art that the electric terminal 200 shown in Fig. 2 can also be including more more than illustrating
Or less part, either combine some parts or different parts arrangement.
The memory cell 13 of the electric terminal 200 is additionally operable to the application program that storage can be run on processing unit 14,
Processing unit 14 is used to perform the application program.For example, common apple mobile device operation system (iOS) and Android operation
Application program (APP, Application) that can be run in system (Android) etc..
It will be illustrated in subsequent descriptions by taking mobile terminal as an example, it will be appreciated by those skilled in the art that except special
Outside element for moving purpose, construction according to the embodiment of the present invention can also apply to the terminal of fixed type.
Wherein, the authority control method 100 comprises the following steps:
Step S10, obtain the System Privileges application information of application program.
The application program (APP, Application) of common smart electronicses terminal, for example, in apple mobile device operation
In system (iOS) and Android operation system (Android), application program by installation kit program when being installed, Huo Zheying
Needed to apply for that application program can be sent to operating system when conducting interviews to system resource or access rights in operation with program
System Privileges application.
Wherein, the System Privileges include but is not limited to be access to system files such as system journal, storage contents and/
Or access limit, to mobile communications network, microphone, the calling authority for imaging first-class system hardware resources, to system camera, record
The calling/unlatching/of the application of function software such as sound software, bitcom exits authority etc..
Specifically, in step slo, authority control method 100 is weighed by obtaining the system sent with parsing application program
Limit application, so as to obtain the System Privileges application information of the application program.
Step S20, according to preset authorization condition and the System Privileges application information, it is determined whether apply journey to described
Sequence carries out System Privileges mandate.
Specifically, in the present embodiment, being prefixed preset authorization condition in electric terminal 200 in advance, described preset is awarded
Whether weigh the System Privileges application of conditional decision application program can be authorized to.In step S20, according to the preset authorization
The System Privileges application information of condition and the application program got, it is determined whether to the System Privileges Shen of application program
Come in, and row authorizes.
It is understood that certain one or more that the preset authorization condition can include being directed to application program is
The condition whether system authority application authorizes.Wherein, whether a certain item system authority application for application program authorizes
Condition can be the condition whether authorized for a certain item system authority application of application program generated according to the setting of user,
Can also be the condition whether authorized for a certain item or the polynomial system authority application of application program of system default, herein
And it is not specifically limited.
Wherein, the application program to System Privileges can include but is not limited to be:SDCard access rights, system phase
Machine photograph album authority, short message authority is read and write, access system camera authority, network configuration authority, control of network flow quantity authority are set
Deng
Step S30, when it is determined that carrying out System Privileges mandate to the application program, pass through System Privileges interface proxy pair
The application program carries out System Privileges mandate.
In step s 30, the revocation that authorizes of System Privileges is acted on behalf of by System Privileges interface proxy,
Permission grant and revocation directly are carried out to application program so as to the control of authority of workaround system.For example, System Privileges
Interface proxy can include the agency to System Privileges by Hook (hook) System Privileges interfaces, or pass through calling system
The privately owned API of authority (ApplicationProgramming Interface, application programming interface) is to the generation of System Privileges
Reason etc..
Specifically, in step s 30, when it is determined that carrying out System Privileges mandate to the application program, weighed by system
Limit interface proxy and System Privileges mandate is carried out to the application program.
In the authority control method 100 of first embodiment of the invention, application program to System Privileges application without with
Operating system interacts, it is only necessary to is authorized or is cancelled according to default authorising conditional by System Privileges interface proxy
Mandate;During application program System Privileges, will not repeatedly eject troublesome operation system again allows to confirm frame.
Preferably, the System Privileges interface proxy includes in one embodiment:Pass through hook System Privileges interfaces pair
The agency of System Privileges, or by the privately owned application programming interface of calling system authority in the agency of System Privileges extremely
Few one kind.
Further, Fig. 3 is refer to, is the method flow of the authority control method 102 in second embodiment of the invention
Figure, wherein, the step S10 of the authority control method 102, step S20 and step S30 and first in this second embodiment
It is identical in embodiment, it will not be repeated here;Its difference is, includes before the step 10:
Step S00, intercept the System Privileges application that the application program is sent to operating system.
Application program by installation kit program when being installed, or application program needs application to system in operation
When resource or authority conduct interviews, application program can send System Privileges application to operating system.In step S00, institute is intercepted
The System Privileges application that application program is sent to operating system is stated, so as to travel further into step S10:According to the acquisition application
The System Privileges application information of program.
In second embodiment of the invention, the authority control method 102 intercepts application program and sent to operating system
System Privileges application, operating system will not receive application program transmission System Privileges application, application program is to System Privileges
Application will not interact with operating system, it is only necessary to be awarded by System Privileges interface proxy according to default authorising conditional
Power or revocation;During application program System Privileges, will not repeatedly eject troublesome operation system again allows to confirm
Frame;Meanwhile the resource of operating system is further saved, reduce unnecessary handling process, improve processing speed.
Further, Fig. 4 is refer to, is the method flow of the authority control method 103 in third embodiment of the invention
Figure, wherein, the step S10 of the authority control method 102, step S20 and step S30 and first in the third embodiment
It is identical in embodiment, it will not be repeated here;Its difference is that the authority control method 103 also includes:
Step S01, being packaged in the corresponding System Privileges interface proxy program module by application encapsulation technology should
With in the installation kit program of program.
Wherein, the application encapsulation technology is to specify to correspond to carry out secondary modification with program installation kit program, is added
Distinctive New function attribute, then the installation kit of modification is signed again.In the present embodiment, by using encapsulation technology
Control of authority program module component is added to original installation kit program, the control of authority program module component is used to provide system
Rights interface is acted on behalf of to be acted on behalf of to the revocation that authorizes of System Privileges, for example, passing through hook System Privileges interfaces pair
The agency of System Privileges or the agency by the privately owned application programming interface of calling system authority to System Privileges, so that around
The control of authority for crossing operating system directly carries out permission grant and revocation to application program.
It is understood that in other embodiments, the control of authority program module component can also use it
He is integrated into application program mode, for example with SDK manually integrate etc. mode, herein and be not especially limited.
Further, Fig. 5 is refer to, is the method flow of the authority control method 104 in four embodiment of the invention
Figure, wherein, the step S10 of authority control method 104, step S20 and step S30 and first described in the 4th embodiment
Identical in embodiment, will not be repeated here
Preferably, in authority control method 104, the information of the preset authorization condition including application program and with this
The delegatable System Privileges information of application program.
The authority control method 104 also includes:
Step S021, obtain the information of application program and the System Privileges list information of the application program.
Specifically, application program when being installed by installation kit program, obtains information and application of application program
List information of the program to System Privileges.
Step S022, the System Privileges of the information and the application program that provide the application program by visualization interface arrange
Table information.
Specifically, the list information of the information of the application program and the System Privileges of the application program is passed through into visualization
Interface is supplied to user, such as is supplied to user by the display unit 11 of electric terminal 200, so that user passes through input block
Whether 12 selections authorize for application program to the one or more System Privileges in the list of System Privileges.
It is understood that in one embodiment, the visualization interface can further provide for full choosing, Quan Buxuan with
And for any one selection or unselected button.
Whether step S023, response user award to the one or more System Privileges in the System Privileges list
The selection of power, generate the delegatable System Privileges information of the application program.
Specifically, whether all System Privileges in the list of the System Privileges of the application program are awarded in user
After the completion of power all selects, according to the selection result of user, the delegatable System Privileges information of the application program is generated.
Step S024, should according to the application information and the delegatable System Privileges information generation of the application program
Preset authorization condition corresponding to application program.
In the authority control method 104 of fourth embodiment, by being by the information of application program and the application program
The list information of system authority is supplied to user to select, and carrys out preset authorization condition corresponding to preset application program, in follow-up application
Program is in System Privileges application process, authority control method 104 is preset directly according to corresponding to the preset application program and awarded
Power condition is authorized or revocation, and will not repeatedly eject troublesome operation system again allows to confirm frame.
Further, Fig. 6 is refer to, in the 5th embodiment, the authority control method 104 can also include:
Step S51, the change to the delegatable System Privileges information of the application program inputted according to user, update institute
State preset authorization condition corresponding to application program.
Step S52, according to the preset authorization condition of the renewal, by System Privileges interface proxy to the application program
To System Privileges authorize or revocation.
In the present embodiment, after installation, user can be to applying journey described in preset authorization condition for application program
The delegatable System Privileges information of sequence is changed, and mandate of the application program to System Privileges or revocation are awarded to change with this
Power.
Further, Fig. 7 is refer to, in one embodiment, step S51 can be with the authority control method 104
Including:
Step S511, obtain current environment parameter value and current preset authorising conditional;
Step S512, closed according to preset ambient parameter value is corresponding with the delegatable System Privileges information of application program
System, obtain the delegatable System Privileges information of application program corresponding to current environment parameter value;
Step S513, judge the delegatable System Privileges information of application program and current environment in current preset authorising conditional
Whether the delegatable System Privileges information of application program corresponding to parameter value is consistent;
Step S514, the delegatable System Privileges information of application program is joined with current environment in current preset authorising conditional
When the delegatable System Privileges information of application program corresponding to numerical value is inconsistent, journey will be applied in the current preset authorising conditional
The delegatable System Privileges information of sequence is changed to the delegatable System Privileges information of application program corresponding to current environment parameter value;
Step S515, according to the delegatable System Privileges information of application program after change, update the application program pair
The preset authorization condition answered.
In the present embodiment, after installation, application program is delegatable in the preset authorization condition for application program
System Privileges information dynamically can be adjusted and change according to default ambient parameter value, be changed with this to application program
Mandate or revocation to System Privileges.
Please being additionally operable to storage further in conjunction with the memory cell 13 with reference to figure 1~7, the electric terminal 200 can be single in processing
The computer program run in member 14, it is characterised in that the processing unit 14 is realized above-mentioned when performing the computer program
The step of authority control method described in any embodiment.
Specifically, it is used to realize following steps when the processing unit 14 performs the computer program:
Step S10, obtain the System Privileges application information of application program;
Step S20, according to preset authorization condition and the System Privileges application information, it is determined whether apply journey to described
Sequence carries out System Privileges mandate.
Step S30, when it is determined that carrying out System Privileges mandate to the application program, pass through System Privileges interface proxy pair
The application program carries out System Privileges mandate.
In the electric terminal 200 of the present invention, application program need not interact to System Privileges application with operating system,
Only need to be authorized according to default authorising conditional by System Privileges interface proxy or revocation;Application program
During application system authority, will not repeatedly eject troublesome operation system again allows to confirm frame.
Preferably, the System Privileges interface proxy includes in one embodiment:Pass through hook System Privileges interfaces pair
The agency of System Privileges, or by the privately owned application programming interface of calling system authority in the agency of System Privileges extremely
Few one kind.
Further, when the processing unit 14 performs the computer program, include before the step 10:
Step S00, intercept the System Privileges application that the application program is sent to operating system.
In the electric terminal 200 of the present invention, electric terminal 200 can intercept application program and be to what operating system was sent
System authority application, operating system will not receive the System Privileges application of application program transmission, and application program is to System Privileges application
Without being interacted with operating system, it is only necessary to authorized by System Privileges interface proxy according to default authorising conditional or
Person's revocation;During application program System Privileges, will not repeatedly eject troublesome operation system again allows to confirm frame;Together
When, the resource of operating system is further saved, reduces unnecessary handling process, improves processing speed.
Further, when the processing unit 14 performs the computer program, it is additionally operable to realize following steps:
Step S01, being packaged in the corresponding System Privileges interface proxy program module by application encapsulation technology should
With in the installation kit program of program.
It is understood that in other embodiments, the System Privileges interface proxy program module can also be adopted
Be integrated into other ways in application program, for example with SDK manually integrate etc. mode, herein and be not especially limited.
In the electric terminal 200 of the present invention, control of authority is added to original installation kit program by application encapsulation technology
Program module component, the control of authority program module component are used to provide System Privileges interface proxy to award System Privileges
Power is acted on behalf of with revocation, for example, being to the agency of System Privileges or by calling by hook System Privileges interface
The privately owned application programming interface of authority of uniting directly corresponds to the agency of System Privileges so as to the control of authority of workaround system
Permission grant and revocation are carried out with program.
Further, the information of the preset authorization condition including application program and with the delegatable system of the application program
System authority information.When the processing unit 14 performs the computer program, it is additionally operable to realize following steps:
Step S021, obtain the information of application program and the System Privileges list information of the application program.
Specifically, application program when being installed by installation kit program, obtains information and application of application program
List information of the program to System Privileges.
Step S022, the System Privileges of the information and the application program that provide the application program by visualization interface arrange
Table information.
Specifically, the list information of the information of the application program and the System Privileges of the application program is passed through into visualization
Interface is supplied to user, such as is supplied to user by the display unit 11 of electric terminal 200, so that user passes through input block
Whether 12 selections authorize for application program to the one or more System Privileges in the list of System Privileges.
It is understood that in one embodiment, the visualization interface can further provide for full choosing, Quan Buxuan with
And for any one selection or unselected button.
Whether step S023, response user award to the one or more System Privileges in the System Privileges list
The selection of power, generate the delegatable System Privileges information of the application program.
Specifically, whether all System Privileges in the list of the System Privileges of the application program are awarded in user
After the completion of power all selects, according to the selection result of user, the delegatable System Privileges information of the application program is generated.
Step S024, should according to the application information and the delegatable System Privileges information generation of the application program
Preset authorization condition corresponding to application program.
In the electric terminal 200 of the present invention, by by the System Privileges of the information of application program and the application program
List information is supplied to user to select, and carrys out preset authorization condition corresponding to preset application program, in follow-up application program to being
Unite during authority application, the directly preset authorization condition according to corresponding to the preset application program of authority control method 104 is entered
Row authorizes or revocation, and will not repeatedly eject troublesome operation system again allows to confirm frame.
Further, when the processing unit 14 performs the computer program, it is additionally operable to realize following steps:
Step S51, the change to the delegatable System Privileges information of the application program inputted according to user, update institute
State preset authorization condition corresponding to application program.
Step S52, according to the preset authorization condition of the renewal, by System Privileges interface proxy to the application program
To System Privileges authorize or revocation.
In the electric terminal 200 of the present invention, after installation, user can be to institute in preset authorization condition for application program
The delegatable System Privileges information of application program is stated to be changed, with this changing to mandate of the application program to System Privileges or
Person's revocation.
Further, when the processing unit 14 performs the computer program, it is additionally operable to realize following steps:
Step S511, obtain current environment parameter value and current preset authorising conditional;
Step S512, closed according to preset ambient parameter value is corresponding with the delegatable System Privileges information of application program
System, obtain the delegatable System Privileges information of application program corresponding to current environment parameter value;
Step S513, judge the delegatable System Privileges information of application program and current environment in current preset authorising conditional
Whether the delegatable System Privileges information of application program corresponding to parameter value is consistent;
Step S514, the delegatable System Privileges information of application program is joined with current environment in current preset authorising conditional
When the delegatable System Privileges information of application program corresponding to numerical value is inconsistent, journey will be applied in the current preset authorising conditional
The delegatable System Privileges information of sequence is changed to the delegatable System Privileges information of application program corresponding to current environment parameter value;
Step S515, according to the delegatable System Privileges information of application program after change, update the application program pair
The preset authorization condition answered.
The present invention electric terminal 200 in, application program after installation, application program in the preset authorization condition
Delegatable System Privileges information dynamically can be adjusted and change according to default ambient parameter value, be changed pair with this
Mandate or revocation of the application program to System Privileges.
The present invention also provides a kind of computer-readable recording medium, is stored thereon with computer program, the computer program
The step of authority control method in above-mentioned any one embodiment is realized when being executed by processor.
In the description of this specification, reference term " embodiment ", " another embodiment ", " other embodiment " or "
The description of one embodiment~X embodiment " etc. mean to combine the specific features that the embodiment or example describe, structure, material or
Person's feature is contained at least one embodiment or example of the present invention.In this manual, to the schematic table of above-mentioned term
State and be not necessarily referring to identical embodiment or example.Moreover, specific features, structure, material, method and step or the spy of description
Point can combine in an appropriate manner in any one or more embodiments or example.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row
His property includes, so that process, method, article or device including a series of elements not only include those key elements, and
And also include the other element being not expressly set out, or also include for this process, method, article or device institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this
Other identical element also be present in the process of key element, method, article or device.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on such understanding, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal (can be mobile phone, computer, service
Device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.
Embodiments of the invention are described above in conjunction with accompanying drawing, but the invention is not limited in above-mentioned specific
Embodiment, above-mentioned embodiment is only schematical, rather than restricted, one of ordinary skill in the art
Under the enlightenment of the present invention, in the case of present inventive concept and scope of the claimed protection is not departed from, it can also make a lot
Form, these are belonged within the protection of the present invention.
Claims (10)
1. a kind of authority control method, it is characterised in that comprise the following steps:
Obtain the System Privileges application information of application program;
According to preset authorization condition and the System Privileges application information, it is determined whether carry out system power to the application program
Limit authorizes;
When it is determined that carrying out System Privileges mandate to the application program, by System Privileges interface proxy to the application program
Carry out System Privileges mandate.
2. authority control method as claimed in claim 1, it is characterised in that the System Privileges application for obtaining application program
Also include step before the step of information:
Intercept the System Privileges application that the application program is sent to operating system.
3. authority control method as claimed in claim 1, it is characterised in that the System Privileges interface proxy includes:Pass through
Hook system rights interface is to the agencies of System Privileges, or by the privately owned application programming interface of calling system authority to being
At least one of agency for authority of uniting.
4. authority control method as claimed in claim 3, it is characterised in that the authority control method also includes step:
The corresponding System Privileges interface proxy program module is packaged in the installation of application program by application encapsulation technology
In bag program.
5. such as the authority control method any one of claim 1-4, it is characterised in that the preset authorization condition includes
The information of application program and with the delegatable System Privileges information of the application program;The authority control method also includes step
Suddenly:
Obtain the information of application program and the System Privileges list information of the application program;
The information of the application program and the System Privileges list information of the application program are provided by visualization interface;
The selection whether response user is authorized to the one or more System Privileges in the System Privileges list, generation
The delegatable System Privileges information of application program;
It is corresponding that the application program is generated according to the application information and the delegatable System Privileges information of the application program
Preset authorization condition.
6. authority control method as claimed in claim 5, it is characterised in that the authority control method also includes step:
The change to the delegatable System Privileges information of the application program inputted according to user, updates the application program pair
The preset authorization condition answered.
7. authority control method as claimed in claim 5, it is characterised in that the authority control method also includes step:
Obtain current environment parameter value and current preset authorising conditional;
According to the corresponding relation of preset ambient parameter value and the delegatable System Privileges information of application program, current environment is obtained
The delegatable System Privileges information of application program corresponding to parameter value;
Judge that the delegatable System Privileges information of application program is corresponding with current environment parameter value in current preset authorising conditional
Whether the delegatable System Privileges information of application program is consistent;
The delegatable System Privileges information of application program is corresponding with current environment parameter value in current preset authorising conditional should
With the delegatable System Privileges information of program it is inconsistent when, by the delegatable system of application program in the current preset authorising conditional
System authority information is changed to the delegatable System Privileges information of application program corresponding to current environment parameter value;
According to the delegatable System Privileges information of application program after change, preset authorization bar corresponding to the application program is updated
Part.
8. authority control method as claimed in claims 6 or 7, it is characterised in that the authority control method also includes step:
According to the preset authorization condition of the renewal, by System Privileges interface proxy to the application program to System Privileges
Authorized or revocation.
9. a kind of electric terminal, including memory, processor and storage are on a memory and the calculating that can run on a processor
Machine program, it is characterised in that realized described in the computing device during computer program such as any one of claim 1 to 8 institute
The step of authority control method stated.
10. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that the computer program quilt
The step of authority control method as any one of claim 1 to 8 is realized during computing device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711029285.1A CN107862201A (en) | 2017-10-26 | 2017-10-26 | Authority control method, electric terminal and computer-readable recording medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711029285.1A CN107862201A (en) | 2017-10-26 | 2017-10-26 | Authority control method, electric terminal and computer-readable recording medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107862201A true CN107862201A (en) | 2018-03-30 |
Family
ID=61697467
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711029285.1A Pending CN107862201A (en) | 2017-10-26 | 2017-10-26 | Authority control method, electric terminal and computer-readable recording medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107862201A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108549798A (en) * | 2018-04-12 | 2018-09-18 | 珠海市魅族科技有限公司 | Terminal equipment control method and device, terminal device and computer readable storage medium |
| CN109325363A (en) * | 2018-09-26 | 2019-02-12 | 平安普惠企业管理有限公司 | Management method, device, computer equipment and the storage medium of authority information |
| CN109344634A (en) * | 2018-09-28 | 2019-02-15 | 东软集团股份有限公司 | Permission giving method, device, terminal and the computer readable storage medium of application |
| CN111143089A (en) * | 2019-12-23 | 2020-05-12 | 飞天诚信科技股份有限公司 | Method and device for calling third-party library dynamic lifting authority by application program |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105072255A (en) * | 2015-07-10 | 2015-11-18 | 北京奇虎科技有限公司 | Mobile equipment privacy authority control method, mobile equipment privacy authority control device and corresponding mobile phone equipment |
| CN106487791A (en) * | 2016-10-13 | 2017-03-08 | 深圳市深信服电子科技有限公司 | Based on the application auditing system of application encapsulation, method and audit component |
| CN106529274A (en) * | 2016-10-26 | 2017-03-22 | 努比亚技术有限公司 | Terminal and information security protection method thereof |
| CN106709292A (en) * | 2015-07-24 | 2017-05-24 | 中兴通讯股份有限公司 | Terminal permission control method and system |
| CN106897608A (en) * | 2017-01-19 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of authority processing method of application program, device and mobile terminal |
-
2017
- 2017-10-26 CN CN201711029285.1A patent/CN107862201A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105072255A (en) * | 2015-07-10 | 2015-11-18 | 北京奇虎科技有限公司 | Mobile equipment privacy authority control method, mobile equipment privacy authority control device and corresponding mobile phone equipment |
| CN106709292A (en) * | 2015-07-24 | 2017-05-24 | 中兴通讯股份有限公司 | Terminal permission control method and system |
| CN106487791A (en) * | 2016-10-13 | 2017-03-08 | 深圳市深信服电子科技有限公司 | Based on the application auditing system of application encapsulation, method and audit component |
| CN106529274A (en) * | 2016-10-26 | 2017-03-22 | 努比亚技术有限公司 | Terminal and information security protection method thereof |
| CN106897608A (en) * | 2017-01-19 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of authority processing method of application program, device and mobile terminal |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108549798A (en) * | 2018-04-12 | 2018-09-18 | 珠海市魅族科技有限公司 | Terminal equipment control method and device, terminal device and computer readable storage medium |
| CN108549798B (en) * | 2018-04-12 | 2023-11-07 | 珠海市魅族科技有限公司 | Terminal equipment control method and device, terminal equipment and computer readable storage medium |
| CN109325363A (en) * | 2018-09-26 | 2019-02-12 | 平安普惠企业管理有限公司 | Management method, device, computer equipment and the storage medium of authority information |
| CN109344634A (en) * | 2018-09-28 | 2019-02-15 | 东软集团股份有限公司 | Permission giving method, device, terminal and the computer readable storage medium of application |
| CN109344634B (en) * | 2018-09-28 | 2021-04-13 | 东软集团股份有限公司 | Permission granting method and device for application, terminal and computer readable storage medium |
| CN111143089A (en) * | 2019-12-23 | 2020-05-12 | 飞天诚信科技股份有限公司 | Method and device for calling third-party library dynamic lifting authority by application program |
| CN111143089B (en) * | 2019-12-23 | 2023-11-07 | 飞天诚信科技股份有限公司 | Method and device for dynamically improving authority of application program calling third party library |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11669578B2 (en) | Systems and methods for enterprise web application dashboard management | |
| CN107862201A (en) | Authority control method, electric terminal and computer-readable recording medium | |
| US10007914B2 (en) | Fraud detection employing personalized fraud detection rules | |
| US20210233120A1 (en) | Authorization and termination of the binding of social account interactions to a master agnostic identity | |
| US8671342B2 (en) | Desired font rendering | |
| CN110088757A (en) | It is act on behalf of distributed ledger architecture more | |
| CN106469414A (en) | Mobile stock open platform device and method | |
| US20150113134A1 (en) | Monitoring entitlement usage in an on-demand system | |
| US9032547B1 (en) | Provisioning vehicle based digital rights management for media delivered via phone | |
| CN103744659A (en) | Method and device for card type management of application entries | |
| CN103733202A (en) | Apparatus and method of in-application licensing | |
| CN101799901B (en) | Method for rapidly registering account, recharging and landing | |
| US20220374538A1 (en) | Permission control method and device and electronic equipment | |
| US10846779B2 (en) | Custom product categorization of digital media content | |
| US20110047041A1 (en) | Licensed Content Purchasing and Delivering | |
| US20130060694A1 (en) | Unified account handling system | |
| CN108737371A (en) | Hive data access control methods, server and computer storage media | |
| CN106598750A (en) | Method, apparatus and computer program product for a cookie used for an internet of things device | |
| CN107220040A (en) | A kind of terminal applies split screen classification display devices and methods therefor | |
| CN112348632A (en) | Method, device and equipment for online transaction of RPA robot based on AI | |
| KR102379618B1 (en) | A shopping mall service providing apparatus for supporting purchase decision, a goods comparison service providing system and method including the same and computer readable medium having computer program recorded thereon | |
| EP2087452B1 (en) | Device and method for adjusting the behavior of an application based on the drm status of the application | |
| JP6823706B1 (en) | Information processing device | |
| KR102186643B1 (en) | Method for Providing Integration Shopping Mall Information by Using Social Login | |
| CN113626701A (en) | Page-based data management method, system, electronic device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180330 |
|
| RJ01 | Rejection of invention patent application after publication |