CN113360863A - Operation execution method and device, electronic equipment and medium - Google Patents
Operation execution method and device, electronic equipment and medium Download PDFInfo
- Publication number
- CN113360863A CN113360863A CN202110602452.7A CN202110602452A CN113360863A CN 113360863 A CN113360863 A CN 113360863A CN 202110602452 A CN202110602452 A CN 202110602452A CN 113360863 A CN113360863 A CN 113360863A
- Authority
- CN
- China
- Prior art keywords
- target
- application
- file
- input
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/10—Digital recording or reproducing
- G11B20/10527—Audio or video recording; Data buffering arrangements
Abstract
The application discloses an operation execution method, and belongs to the technical field of communication. The problem that the application program steals the privacy information of the user, so that the security of the privacy information of the user is low can be solved. The method comprises the following steps: determining whether a target application has a second authority for executing the target operation under the condition that the target application with the first authority executes the target operation, wherein the second authority is the access authority of an application to first data corresponding to the target operation; if the target application does not have the second authority, intercepting the interception of the target application to the first transmission path, and storing a target file corresponding to the target operation to a target storage space; receiving a first input of a user, and responding to the first input to execute a first operation; wherein the first operation includes any one of: and allowing the target application to read the target file and delete the target file in the target storage space. The embodiment of the application is applied to a scene of protecting the safety of the information of the user.
Description
Technical Field
The present application belongs to the field of communications technologies, and in particular, to an operation execution method, apparatus, electronic device, and medium.
Background
With the development of electronic technology, users have higher dependence on electronic devices, and the functions of the electronic devices are more and more. At present, applications installed in electronic devices need to have corresponding system permissions to ensure that users can normally use various functions provided by the applications.
In the related art, in a case that a user needs to use a related function of an application, an electronic device may provide a system permission authorization interface for the application, where the system permission authorization interface may include a control for granting an application system permission, and after a trigger operation of the user on the control is detected, a terminal may grant the system permission for the application. However, after having the system privilege, the application can use the system privilege to realize various functions at any time required in a silent mode. For example, after granting system permissions to record to an application, the application may record in the background monitoring the user's life conversation.
Therefore, the method provided by the related technology is very easy to cause the leakage risk of the personal sensitive information, and the safety of the user privacy information is low.
Disclosure of Invention
The embodiment of the application aims to provide an operation execution method and device and electronic equipment, and the method and device can solve the problem that the security of user privacy information is low because an application program in the electronic equipment steals the privacy information of a user by using an obtained system authority.
In order to solve the technical problem, the present application is implemented as follows:
in a first aspect, an embodiment of the present application provides an operation execution method, where the method includes: determining whether a target application has a second authority for executing the target operation under the condition that the target application with the first authority executes the target operation, wherein the second authority is the access authority of an application to first data corresponding to the target operation; if the target application does not have the second authority, intercepting the interception of the target application to the first transmission path, and storing a target file corresponding to the target operation to a target storage space; receiving a first input of a user, and responding to the first input to execute a first operation; wherein the first operation includes any one of: and allowing the target application to read the target file and delete the target file in the target storage space.
In a second aspect, an embodiment of the present application provides an operation execution apparatus, including: the device comprises a determining module, an executing module, a storing module and a receiving module, wherein: the determining module is configured to determine whether a target application has a second authority to execute a target operation when the target application with a first authority executes the target operation, where the second authority is an access authority of an application to first data corresponding to the target operation; the execution module is configured to intercept interception of the target application on the first transmission path if the determination module determines that the target application does not have the second permission; the storage module is used for storing the target file corresponding to the target operation into a target storage space; the receiving module is used for receiving a first input of a user; the execution module is further used for responding to a first input and executing a first operation; wherein the first operation includes any one of: allowing the target application to read the target file and delete the target file in the target storage space.
In a third aspect, an embodiment of the present application provides an electronic device, which includes a processor, a memory, and a program or instructions stored on the memory and executable on the processor, and when executed by the processor, the program or instructions implement the steps of the method according to the first aspect.
In a fourth aspect, embodiments of the present application provide a readable storage medium, on which a program or instructions are stored, which when executed by a processor implement the steps of the method according to the first aspect.
In a fifth aspect, an embodiment of the present application provides a chip, where the chip includes a processor and a communication interface, where the communication interface is coupled to the processor, and the processor is configured to execute a program or instructions to implement the method according to the first aspect.
In a sixth aspect, the present application provides a computer program product stored in a non-volatile storage medium, the program product being executed by at least one processor to implement the method according to the first aspect.
In the embodiment of the application, in the case that the target operation is executed by the target application, the operation execution device determines whether the target application has a target authority for executing the target operation, and intercepts interception of the data transmission path by the target application if the target application does not have the target authority. By the method, the system permission of the target application in the related technology is avoided, and the data (such as video or audio data of the user) corresponding to the target operation can be directly acquired after the target operation (such as recording) is executed in the background under the condition that the user does not know. Therefore, when the target application executes the target operation each time, whether the target application has the target permission or not can be judged, and the interception of the target application to the data transmission channel can be intercepted when the target application does not have the target permission, so that the data corresponding to the target operation cannot be acquired, the target application is prevented from acquiring the privacy information of the user silently by using the existing system permission under the condition that the user is not aware of the target application, and the safety of the privacy information of the user is improved.
Drawings
FIG. 1 is a flow chart of a method for performing operations provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of an interface applied by an operation execution method according to an embodiment of the present disclosure;
fig. 3 is a second schematic diagram of an interface applied by an operation execution method according to an embodiment of the present application;
fig. 4 is a third schematic diagram of an interface applied by an operation execution method according to an embodiment of the present application;
FIG. 5 is a schematic structural diagram of an operation execution device according to an embodiment of the present disclosure;
fig. 6 is a schematic hardware structure diagram of an electronic device according to an embodiment of the present disclosure;
fig. 7 is a second schematic diagram of a hardware structure of an electronic device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms first, second and the like in the description and in the claims of the present application are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that embodiments of the application may be practiced in sequences other than those illustrated or described herein, and that the terms "first," "second," and the like are generally used herein in a generic sense and do not limit the number of terms, e.g., the first term can be one or more than one. In addition, "and/or" in the specification and claims means at least one of connected objects, a character "/" generally means that a preceding and succeeding related objects are in an "or" relationship.
The following describes in detail an operation execution method provided by the embodiments of the present application through specific embodiments and application scenarios thereof with reference to the accompanying drawings.
The operation execution method provided by the embodiment of the application can be applied to a scene for controlling the process of exercising the authority of the application program.
In a scene where textual content in a picture is displayed.
Take the control application to exercise the recording right as an example. Assuming that an APP in the electronic device has obtained system authorization of a recording function, the APP may record in the background without the user's knowledge to obtain audio information of the user to monitor the user's living conversation. Further, for some malicious software, it is even possible to steal the relevant privacy information of the user through the life conversation of the user, such as the name, address, and bank account of the user, and thus it is easy to cause the privacy information of the user to be revealed, and thus the security of the privacy information of the user is low.
In this embodiment of the application, it is assumed that a certain APP in the electronic device obtains system authorization of the recording function, and when the user does not know the system and records the audio in the background, the operation executing apparatus may determine whether the APP has the second permission, and intercept interception of the APP on the media transmission path under the condition that the APP does not have the second permission, so as to prevent the APP from obtaining the audio information of the recorded user. Therefore, even if the APP records under the condition that the user does not know after the system is authorized, the APP can not directly acquire the audio information of the user, and therefore the safety of the privacy information of the user is improved.
The embodiment of the application provides a text operation execution method, the text display method can be applied to electronic equipment, and fig. 1 shows a flowchart of the operation execution method provided by the embodiment of the application. As shown in fig. 1, the operation execution method provided by the embodiment of the present application may include the following steps 101 to 104:
step 101: in the case where the target operation is performed by the target application having the first authority, it is determined whether the target application has a second authority to perform the target operation.
The first authority is a system authority of a target application for executing the target operation, and the second authority is an access authority of the application to first data corresponding to the target operation.
In the embodiment of the present application, the target application refers to an application program installed or not installed in the electronic device. For example, the target application may be a video playing application, an instant messaging application, a social contact application, a game application, and the like, and the specific type of the target application is not limited in the embodiments of the present application.
Optionally, in this embodiment of the present application, the target application may include one application or multiple applications.
In the embodiment of the present application, the target application may implement a certain function through the target operation. Illustratively, the target operation may include at least one of: the method comprises the steps of shooting by using a camera, recording by using a receiver, acquiring the geographic position of the electronic equipment, reading the call record of the electronic equipment, reading the short message content of the electronic equipment, reading the body sensor data and the like.
The target operation may be other operations not listed in the embodiment of the present application, and further, as long as the application can acquire the related information of the electronic device or the related information of the user after executing a certain operation, the operation may be regarded as the target operation.
In the embodiment of the present application, the second authority is used to characterize whether an application having a system authority has an authority to execute a target operation with the second authority, or is used to characterize an authority for acquiring (or accessing) first data corresponding to the target operation when the application executes the target operation. That is, the second authority may ensure controllability of the application exercising the system authority to execute the target operation on the basis of the system authority (i.e., the first authority).
In an example, the second authority may include a system authority for using a camera, a system authority for using a microphone, a system authority for reading a call record, a system authority for reading and sending a short message, and a system authority for reading body sensor data, and the content of the target system authority is not limited in the embodiments of the present application.
In another example, the second right may include at least one of:
the application uses the camera to collect the image or the video, and then accesses or acquires the authority of the image or the video, and uses the microphone or the receiver to record, and then accesses or acquires the authority of the recording file.
For example, in the case of the application a with system recording permission, when it records through the handset, the operation execution device may determine whether it has permission to execute the recording operation, or acquire permission of the recording data, so as to execute the relevant operation to control the whole process of exercising the recording permission.
It should be noted that the second right in the embodiment of the present application is different from the system right (i.e., the first right). In the related art, an application may actively initiate a pop-up application to request the electronic device to grant a system permission, and after a user agrees to grant the system permission related to the application, the application may provide a related function service. Namely, the system authority application in the related art can sense and apply. The second permission provided by the embodiment of the application is a process that a user or a system autonomously controls the application to exercise permission after the application is authorized by the system, and the application does not sense the existence of the permission, that is, under the condition that the corresponding second permission is closed, the application senses the permission of the application to the application as 'existing permission', does not require system authorization any more, and can provide related functional services.
Alternatively, in the embodiment of the present application, the operation execution means may determine the second authority of the target application in any one of the following cases. For example, the operation executing apparatus may be configured to execute the target operation when the target operation starts to be executed.
Optionally, in this embodiment of the application, the operation execution device may determine whether the target application has the second authority to execute the target operation based on a switch state of an authority control switch corresponding to the target application. Illustratively, the switching device may include: an on state, or an off state.
Exemplarily, when the authority control switch corresponding to the target application is in an off state, which indicates that the target application is not explicitly authorized by the user, it is determined that the target application does not have the second authority; and when the authority control switch corresponding to the target application is in an open state, the target application is determined to have the second authority if the target application is definitely authorized by the user.
For example, the second right is taken as the recording right. If the APP2 performs the recording operation in the background after the system recording permission is authorized, the operation executing device may detect the on-off state of the permission control switch of the corresponding recording permission to determine whether the recording operation is explicitly authorized by the user. If the authority control switch of the recording authority is in a closed state (that is, the recording operation is not clearly authorized by the user), the APP2 is considered not to have the authority to access the recording audio (that is, the recording file) corresponding to the recording operation.
Optionally, in this embodiment of the present application, before the process of step 101 described above, the operation execution method provided in this embodiment of the present application further includes the following step a1 and step a 2:
step A1: and receiving a second input of the target application identification by the user under the condition of displaying the authority control interface.
Step A2: and setting a second permission for the target application in response to the second input.
The target application identifier is an application identifier of the target application.
For example, the authority control interface may be referred to as an operation control interface, and the operation execution device may set a corresponding operation control interface for different operations, so as to set second authorities corresponding to the different operations. For example, for a recording operation, a background recording control interface may be set to set a recording right, and for a recording operation, a recording control interface may be set to set a recording right.
For example, the operation execution device may display, on the operation control interface, application identifiers of first applications having the system authority of the target operation, and display an authority control switch corresponding to each application identifier, so that a user may view or set, on the operation control interface, second authorities of one or more applications having the system authority of the operation.
Illustratively, the operation control interface is used for opening or closing a second permission of the application to execute the target operation. Further, the operation control interface may be a sound recording control interface or a video recording control interface.
Illustratively, the first application may include one or more applications.
For example, as shown in (a) of fig. 2, the operation control interface is taken as a recording control interface as an example. The recording control interface includes APP1, APP2, APP3, and APP4, and a control switch corresponding to each APP identifier, and in a default case, the control switch corresponding to the APP identifier is in an off state, as shown in (b) in fig. 2, when a user wants to turn on the second right of APP1, the user can click on the control switch corresponding to APP1 to turn on the second right.
It should be noted that, after the application is installed in the electronic device, the second authority defaults to the off state, and the user may open the second authority on the operation control interface when the user needs to open the second authority.
Step 102: and if the target application does not have the second permission, intercepting the interception of the application to the first transmission path, and storing a target file corresponding to the target operation into a target storage space.
In this embodiment, the target file is a file generated based on target data obtained by the target application executing the target operation. For example, after a target application executes a recording operation, recorded audio data may be obtained, where the target file is an audio file generated based on the audio data; after the target application executes the video recording operation, the recorded image data can be obtained, and the target file is a video file generated based on the image data;
in this embodiment of the application, the first transmission path is a path for transmitting first data corresponding to a target operation, and the first transmission path may be a media transmission channel. For example, in the case of transmitting a recording picked up by a headphone, the first transmission path may be a recording audio channel; in the case of transmitting an image captured by a camera, the first transmission path may be a camera channel.
Optionally, in this embodiment of the application, in a process of executing a target operation, when corresponding data is obtained, the operation execution device may transmit the data from the port for acquiring data to the port for application through the media channel, and in the process of transmitting the data, the application may listen to the media channel in real time to obtain data to be received.
Optionally, in this embodiment of the application, when the target application does not have the second right, in a case that the target application initiates the target operation, the system intercepts interception of the target application on the first transmission path, and stores data corresponding to the target operation in a protection space of the system.
Illustratively, when an authority control switch of a target application is in a closed state and the target application initiates a recording operation in a background, a system intercepts monitoring of a recording audio channel by the application and stores sound actually recorded by a microphone in a protection space of the system, thereby ensuring that the sound recorded by the microphone is stored in a safe area and is not stolen by the application under the condition that a user does not know.
Similarly, for the behavior that the camera is started to steal the video under the condition that the background user does not know, the system can intercept the interception of the application to the camera channel and store the shot video file in the protection control, so that the image collected by the camera is stored in a safe area and is not stolen by the application under the condition that the user does not know.
Optionally, in this embodiment of the application, if the target application does not have the second authority, the operation execution device may further execute the first operation.
Wherein the first operation comprises any one of:
and sending the target data to the target application, or not sending the data to the target application.
Optionally, in this embodiment of the application, the operation execution device may send the target data to the target application through the media channel. Illustratively, the target data may include any one of: a data packet preset by the system, and a null data packet.
For example, the operation execution device may detect the switch state of the authority control switch corresponding to the target application when the target operation is executed by the target application, and transmit the target data to the target application or not transmit the data to the target application when the switch state is in the off state.
Further, in the case that the operation execution device sends an empty data packet or a preset data packet to the target application, the target application cannot obtain real user data, and the target application senses that corresponding data is obtained, so that the target application cannot initiate target operation again due to the fact that data is not obtained. It should be noted that, the preset data packet is different from the first data corresponding to the target operation, and may be data set by default in the system, and is used for sending the target application so that the target application may misunderstand that the relevant data has been acquired.
Further, in a case where the operation execution device does not send data to the application, the target application cannot obtain related data (i.e., user information) corresponding to the target operation, and in this case, if the target application initiates the target operation again to obtain the related data, the operation execution device intercepts the obtaining of the data again, so that the target application cannot steal the user information.
Example 1, the target operation is taken as a recording. Suppose APP3 has system recording rights but does not have a second right to record. If APP3 opens the earphone and carries out the recording operation at the background under the condition that the user is not aware of, then the system can detect its authority control switch that corresponds for the off-state, sends empty data packet to it to intercept its interception to recording audio channel, thereby avoid recording under the condition that the user is not aware of, steal user's private information.
Example 2, the target operation is taken as a video recording. Suppose APP4 has system video recording rights but does not have the second right to record video. If APP4 starts the camera and carries out video recording operation at the background under the condition that the user is not aware of, the system can detect that its corresponding access control switch is the off-state, sends empty data packet to it to intercept its interception to the passageway of making a video recording, thereby avoid recording under the condition that the user is not aware of, steal user's private information.
Step 103: a first input is received from a user.
Optionally, in this embodiment of the present application, the first input is used to determine whether to allow the target application to read a target file corresponding to the target operation.
For example, the first input may include any one of: touch input, voice input, and other actionable inputs.
Step 104: in response to a first input, a first operation is performed.
Wherein the first operation includes any one of: allowing the target application to read the target file and delete the target file in the target storage space.
In the operation execution method provided by the embodiment of the application, when the target operation is executed by the target application, the operation execution device determines whether the target application has a second authority for executing the target operation, and if the target application does not have the second authority, the operation execution device sends the target data to the target application through the first transmission path or does not send the data to the target application. By the method, the system permission of the target application in the related technology is avoided, and the data (such as video or audio data of the user) corresponding to the target operation can be directly acquired after the target operation (such as recording) is executed in the background under the condition that the user does not know. Therefore, when the target application executes the target operation each time, whether the target application has the second authority can be judged, and the data corresponding to the target operation is not sent to the target application when the target application does not have the second authority, so that the target application is prevented from obtaining the privacy information of the user silently by using the existing system authority under the condition that the user does not know, and the safety of the privacy information of the user is improved.
Optionally, in this embodiment of the application, the process of saving the target file corresponding to the target operation in the step 102 to the target storage space may include the following steps a1 and a 2:
step A1: and generating a target file based on the first data corresponding to the target operation.
Step A2: and storing the target file to the target storage space.
Illustratively, when the target operation is a recording operation, the first data corresponding to the target operation is recorded audio data; when the target operation is a video recording operation, the first data corresponding to the target operation is recorded image data or video data.
For example, the operation executing device may obtain the first data and a total duration of the first data, encode the first data according to a preset duration step value, and write the encoded first data into a file. For example, taking the audio data of which the first data is a recording as an example, the operation execution device may obtain the audio data and the total duration of the audio data, encode the audio data according to a preset duration step value, and write the encoded first data into an audio file, so as to obtain an audio file corresponding to the recording.
Optionally, the target storage space may be a storage space dedicated to store a target file corresponding to the target operation in the electronic device. Illustratively, the target storage space is a private storage space of the system, and other applications do not have direct access rights to the target storage space. For ease of understanding, the target storage space may be referred to as a protected space.
Illustratively, the target storage space stores one or more target files corresponding to the target operations.
For example, the target operation is taken as the recording. Suppose APP4 has system recording rights but does not have the second rights. If the APP4 performs a recording operation in the background to try to monitor the living conversation of the user without the user's knowledge, the operation execution device may obtain audio data of a recording corresponding to the recording operation, and store the generated audio file in a protected space of the electronic device, so as to avoid the application from stealing the audio file corresponding to the recording operation. Therefore, when the application records in the background under the condition that the user does not know, the sound recorded by the microphone is stored in a safe area and is not stolen by the application, and the safety of user information is ensured.
In another example, the operation execution device may also directly store the first data corresponding to the target operation in the target storage space, so as to directly call the first data in the storage space.
Further optionally, in this embodiment, after the step a2, the operation execution method provided in this embodiment further includes the following steps B1 and B2:
step B1: and displaying the file identification of the target file and M application identifications of M applications.
In conjunction with the step B1, the process of the step 103 may include the following step B2:
step B2: a first input of a file identification of a target file by a user is received.
Wherein, the M applications include: and under the condition of executing target operation, intercepting the application of the first transmission path, wherein the M application identifications comprise target application identifications of the target application, each application identification respectively indicates one application, and M is a positive integer.
Optionally, the operation execution device may display the file identifier and the application identifier on a first interface, and the first interface may be, for example, default or variable.
In one example, the first interface may be a desktop of the electronic device.
In another example, the first interface is determined by a usage status of the electronic device, that is, the first interface may be an interface currently presented by the electronic device. For example, when the electronic device is in the screen locking state, the first interface may be a screen locking interface, that is, the operation execution device may display the file identifier and the application identifier on the screen locking interface, and when the electronic device is in the video playing state, the video playing interface is the first interface.
For example, the file identifier of the target file and the application identifiers of the M applications may include any one of the following: text, icons, pictures, shapes, etc.
Optionally, the M applications are applications having system authority to execute the target operation, or the M applications are other applications currently executing the target operation. For example, the target file corresponds to the M applications, that is, the target file is associated with the M applications.
Optionally, the operation execution device may display a first floating control on the first interface, where the first floating control includes file identifiers of one or more files in the target storage space, where the one or more files include a target file.
For example, after receiving an input of a file identifier of a target file in a first floating control of a user, the operation execution device displays a second floating control, and displays application identifiers of M applications corresponding to the target file on the second floating control, so that the user views the application attempting to acquire the target file through a target operation.
Optionally, the first input may include: touch input, voice input, or other feasible input.
Further optionally, in this embodiment of the application, the first input may be an input that a user drags a file identifier of the target file to the first area.
The first area comprises an area where the target application identifier is located.
For example, in a case where the first input is an input that a user drags a file identifier of a target file to the first area, the first operation may be to allow the target application to read the target file.
For example, in a case where the first hovering control and the second hovering control are displayed, the first area is a display area of the second hovering control, and the second area is a display area of the entire display area of the screen except for the display area of the second hovering control.
For example, the operation executing device may establish a transmission path between the target applications, and transmit the target file to the target applications through the transmission path, so that the target applications may read the file content of the target file and process the target file.
For example, the target operation is a recording operation. As shown in fig. 3 (a), a control 31 (i.e., a first floating control) is displayed on the desktop of the electronic device in a floating manner, the control 31 displays file identifiers of the sound recording files of "sound recording 1", "sound recording 2", "sound recording 3", and "sound recording 4" in a list form, and after the user clicks the file identifier of "sound recording 4", as shown in fig. 3 (b), the operation execution apparatus displays a control 32 (i.e., a second floating control) and displays application identifiers of APP1, APP2, and APP3 that attempt to listen to the sound recording audio during occurrence of the "sound recording 4" in a list form on the control 32. Next, as shown in (c) of fig. 3, the user may drag the file identifier of "record 4" onto the application identifier of APP2 to allow APP2 to read the record, and at this time, the operation execution apparatus sends the audio file of "record 4" to APP 2.
Further optionally, in this embodiment of the application, the first input may be an input that a user drags a file identifier of the target file to the second area.
Wherein the second region includes: the target application identifies areas other than the area in which it is located.
For example, in a case where the first input is an input that a user drags a file identifier of the target file to the second area, the first operation may be deleting the target file saved in the target storage space.
Further, under the condition that the first hovering control and the second hovering control are displayed, the second input may be an input that a user drags the file identifier to a target area, and the target input may be an area on the first interface except for an area where the second hovering control is located.
Further, in the case that only the first hover control is displayed, the second input may be an input that the user drags the file identifier out to the first hover control.
For example, in conjunction with (b) in fig. 3, as shown in fig. 4, the user may drag the file identifier of "record 4" to an area outside the control 32, at this time, the operation execution device deletes the audio file of "record 4" from the target storage space, and cancels the display of the file identifier of "record 4" on the control 31.
Optionally, in an embodiment of the present application, the operation execution method provided in the embodiment of the present application further includes the following step C1:
step C1: and if the target application has the second authority, sending first data corresponding to the target operation to the target application through the first transmission channel.
For example, when it is detected that the target application executes the target operation in the background, if the operation execution device determines that the target application has the second permission to execute the target operation, interception of the application on the first transmission path is not intercepted, and first data corresponding to the target operation is sent to the target application through the first transmission path, so that the target application can acquire the first data.
It should be noted that, when the target application has the second right, which indicates that the target application has been explicitly authorized by the user, the system allows the target application to initiate a target operation at any time, allows the target application to read and store a target file generated in the process of the target operation, and allows the application to perform any processing on the target file.
For example, the second right is taken as the recording right. If the APP2 performs the recording operation in the background after the system recording permission is authorized, the operation executing device may detect the on-off state of the permission control switch of the corresponding recording permission to determine whether the recording operation is explicitly authorized by the user. If the permission control switch of the recording permission is detected to be in an open state (namely, the recording operation is definitely authorized by the user), the APP2 is considered to have the permission of accessing the recording audio (namely, the recording file) corresponding to the recording operation, and the recorded audio data generated during recording is transmitted to the target application through the media path. Therefore, the application can acquire the recording of the user only under the condition that the user is definitely authorized, and the safety of the user information is improved.
In the operation execution method provided by the embodiment of the application, when the target operation is executed by the target application, the operation execution device determines whether the target application has a second authority for executing the target operation, and if the target application does not have the second authority, the operation execution device sends the target data to the target application through the first transmission path or does not send the data to the target application. By the method, the system permission of the target application in the related technology is avoided, and the data (such as video or audio data of the user) corresponding to the target operation can be directly acquired after the target operation (such as recording) is executed in the background under the condition that the user does not know. Therefore, when the target application executes the target operation each time, whether the target application has the second authority can be judged, and the data corresponding to the target operation is not sent to the target application when the target application does not have the second authority, so that the target application is prevented from obtaining the privacy information of the user silently by using the existing system authority under the condition that the user does not know, and the safety of the privacy information of the user is improved.
It should be noted that, in the operation execution method provided in the embodiment of the present application, the execution main body may be an operation execution device, or a control module in the operation execution device for executing the operation execution method. In the embodiment of the present application, an operation execution device executing an operation execution method is taken as an example to describe the operation execution device provided in the embodiment of the present application.
An embodiment of the present application provides an operation execution apparatus, as shown in fig. 5, the apparatus 600 includes: a determining module 601, an executing module 602, a storing module 603 and a receiving module 604, wherein:
the determining module 601 is configured to determine whether a target application has a second authority to execute a target operation when the target application with a first authority executes the target operation, where the second authority is an access authority of an application to first data corresponding to the target operation; the executing module 602 is configured to intercept interception of the target application on the first transmission path if the determining module 601 determines that the target application does not have the second permission, and the storing module 603 is configured to store a target file corresponding to a target operation in a target storage space; the receiving module 604 is configured to receive a first input from a user, and the executing module 602 is further configured to execute a first operation in response to the first input received by the receiving module 604, where the first operation includes any one of: allowing the target application to read the target file and delete the target file in the target storage space.
Optionally, in this embodiment of the present application, the apparatus 600 further includes: the processing module 605:
the processing module 605 is configured to generate a target file based on the first data corresponding to the target operation; the storage module 603 is specifically configured to store the target file generated by the processing module 605 in a target storage space.
Optionally, in this embodiment of the present application, the apparatus 600 further includes: a setting module 606, where the receiving module 604 is further configured to receive a second input of the target application identifier by the user under the condition that the permission control interface is displayed, where the target application identifier is an application identifier of the target application; the setting module 606 is configured to set a second permission for the target application in response to the second input received by the receiving module 604.
Optionally, in this embodiment of the present application, the apparatus 600 further includes: 607, the display module 607 is configured to display the file identifier of the target file generated by the processing module 605 and M application identifiers of M applications, where the M applications include: monitoring applications of a first transmission path under the condition of executing target operation, wherein the M application identifications comprise target application identifications of the target applications, each application identification respectively indicates one application, and M is a positive integer; the receiving module 604 is configured to receive a first input of the file identifier displayed by the displaying module 607 from a user.
Optionally, in this embodiment of the application, the first input is an input of dragging a file identifier of the target file to a first area, where the first area includes an area where the target application identifier is located, and the first operation includes: and allowing the target application to read the target file.
Optionally, in this embodiment of the application, the first input is an input of dragging a file identifier of a target file to a second area, where the second area includes: the first operation includes: and deleting the target file in the target storage space.
In the operation execution device provided in the embodiment of the present application, when a target operation is executed by a target application, the operation execution device determines whether the target application has a second authority to execute the target operation, and if the target application does not have the second authority, transmits target data to the target application through a first transmission path, or does not transmit data to the target application. By the method, the system permission of the target application in the related technology is avoided, and the data (such as video or audio data of the user) corresponding to the target operation can be directly acquired after the target operation (such as recording) is executed in the background under the condition that the user does not know. Therefore, when the target application executes the target operation each time, whether the target application has the second authority can be judged, and the data corresponding to the target operation is not sent to the target application when the target application does not have the second authority, so that the target application is prevented from obtaining the privacy information of the user silently by using the existing system authority under the condition that the user does not know, and the safety of the privacy information of the user is improved.
The operation execution device in the embodiment of the present application may be a device, and may also be a component, an integrated circuit, or a chip in a terminal. The device can be mobile electronic equipment or non-mobile electronic equipment. By way of example, the mobile electronic device may be a mobile phone, a tablet computer, a notebook computer, a palm top computer, a vehicle-mounted electronic device, a wearable device, an ultra-mobile personal computer (UMPC), a netbook or a Personal Digital Assistant (PDA), and the like, and the non-mobile electronic device may be a server, a Network Attached Storage (NAS), a Personal Computer (PC), a Television (TV), a teller machine or a self-service machine, and the like, and the embodiments of the present application are not particularly limited.
The operation execution device in the embodiment of the present application may be a device having an operating system. The operating system may be an Android (Android) operating system, an ios operating system, or other possible operating systems, and embodiments of the present application are not limited specifically.
The operation execution device provided in the embodiment of the present application can implement each process implemented by the method embodiments of fig. 1 to fig. 4, and is not described here again to avoid repetition.
Optionally, as shown in fig. 6, an electronic device 700 is further provided in this embodiment of the present application, and includes a processor 701, a memory 702, and a program or an instruction stored in the memory 702 and executable on the processor 701, where the program or the instruction is executed by the processor 701 to implement each process of the operation execution method embodiment, and can achieve the same technical effect, and no further description is provided here to avoid repetition.
It should be noted that the electronic device in the embodiment of the present application includes the mobile electronic device and the non-mobile electronic device described above.
Fig. 7 is a schematic diagram of a hardware structure of an electronic device implementing an embodiment of the present application.
The electronic device 100 includes, but is not limited to: a radio frequency unit 101, a network module 102, an audio output unit 103, an input unit 104, a sensor 105, a display unit 106, a user input unit 107, an interface unit 108, a memory 109, and a processor 110.
Those skilled in the art will appreciate that the electronic device 100 may further comprise a power source (e.g., a battery) for supplying power to various components, and the power source may be logically connected to the processor 110 through a power management system, so as to implement functions of managing charging, discharging, and power consumption through the power management system. The electronic device structure shown in fig. 7 does not constitute a limitation of the electronic device, and the electronic device may include more or less components than those shown, or combine some components, or arrange different components, and thus, the description is omitted here.
The processor 110 is configured to determine whether a target application has a second authority to perform a target operation when the target application performs the target operation, where the second authority is an access authority of an application to first data corresponding to the target operation; the processor 110 is further configured to intercept interception of the target application on the first transmission path if it is determined that the target application does not have the second permission, and the memory 109 is configured to store a target file corresponding to a target operation in a target storage space; the user input unit 107 is configured to receive a first input from a user, and the processor 110 is further configured to execute a first operation in response to the first input received by the user input unit 107, where the first operation includes any one of: allowing the target application to read the target file and delete the target file in the target storage space.
Optionally, in this embodiment of the application, the processor 110 is further configured to generate a target file based on the first data corresponding to the target operation; the memory 109 is configured to store the target file generated by the processor 110 in a target storage space.
Optionally, in this embodiment of the application, the user input unit 107 is further configured to receive, in a case that the authority control interface is displayed, a second input of a target application identifier by the user, where the target application identifier is an application identifier of the target application; the processor 110 is configured to set a second authority for the target application in response to a second input received by the user input unit 107.
Optionally, in this embodiment of the application, the display unit 106 is configured to display a file identifier of the target file generated by the processor 110 and M application identifiers of M applications, where the M applications include: monitoring applications of a first transmission path under the condition of executing target operation, wherein the M application identifications comprise target application identifications of the target applications, each application identification respectively indicates one application, and M is a positive integer; the user input unit 107 is configured to receive a first input of the file identifier displayed by the display unit 106 from a user.
Optionally, in this embodiment of the application, the first input is an input of dragging a file identifier of the target file to a first area, where the first area includes an area where the target application identifier is located, and the first operation includes: and allowing the target application to read the target file.
Optionally, in this embodiment of the application, the first input is an input of dragging a file identifier of a target file to a second area, where the second area includes: the first operation includes: and deleting the target file in the target storage space. .
In the electronic device provided in the embodiment of the present application, when a target operation is executed by a target application, the operation execution device determines whether the target application has a second authority to execute the target operation, and if the target application does not have the second authority, transmits target data to the target application through the first transmission path, or does not transmit data to the target application. By the method, the system permission of the target application in the related technology is avoided, and the data (such as video or audio data of the user) corresponding to the target operation can be directly acquired after the target operation (such as recording) is executed in the background under the condition that the user does not know. Therefore, when the target application executes the target operation each time, whether the target application has the second authority can be judged, and the data corresponding to the target operation is not sent to the target application when the target application does not have the second authority, so that the target application is prevented from obtaining the privacy information of the user silently by using the existing system authority under the condition that the user does not know, and the safety of the privacy information of the user is improved.
It should be understood that, in the embodiment of the present application, the input Unit 104 may include a Graphics Processing Unit (GPU) 1041 and a microphone 1042, and the Graphics Processing Unit 1041 processes image data of a still picture or a video obtained by an image capturing device (such as a camera) in a video capturing mode or an image capturing mode. The display unit 106 may include a display panel 1061, and the display panel 1061 may be configured in the form of a liquid crystal display, an organic light emitting diode, or the like. The user input unit 107 includes a touch panel 1071 and other input devices 1072. The touch panel 1071 is also referred to as a touch screen. The touch panel 1071 may include two parts of a touch detection device and a touch controller. Other input devices 1072 may include, but are not limited to, a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, a mouse, and a joystick, which are not described in detail herein. The memory 109 may be used to store software programs as well as various data including, but not limited to, application programs and an operating system. The processor 110 may integrate an application processor, which primarily handles operating systems, user interfaces, applications, etc., and a modem processor, which primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 110.
The embodiment of the present application further provides a readable storage medium, where a program or an instruction is stored on the readable storage medium, and when the program or the instruction is executed by a processor, the program or the instruction implements each process of the operation execution method embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here.
The processor is the processor in the electronic device described in the above embodiment. The readable storage medium includes a computer readable storage medium, such as a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and so on.
The embodiment of the present application further provides a chip, where the chip includes a processor and a communication interface, the communication interface is coupled to the processor, and the processor is configured to run a program or an instruction to implement each process of the above operation execution method embodiment, and can achieve the same technical effect, and the details are not repeated here to avoid repetition.
It should be understood that the chips mentioned in the embodiments of the present application may also be referred to as system-on-chip, system-on-chip or system-on-chip, etc.
The embodiment of the present application provides a computer program product, which is stored in a non-volatile storage medium and executed by at least one processor to implement the processes of the above-mentioned operation execution method embodiment, and can achieve the same technical effects.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. Further, it should be noted that the scope of the methods and apparatus of the embodiments of the present application is not limited to performing the functions in the order illustrated or discussed, but may include performing the functions in a substantially simultaneous manner or in a reverse order based on the functions involved, e.g., the methods described may be performed in an order different than that described, and various steps may be added, omitted, or combined. In addition, features described with reference to certain examples may be combined in other examples.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present application.
While the present embodiments have been described with reference to the accompanying drawings, it is to be understood that the invention is not limited to the precise embodiments described above, which are meant to be illustrative and not restrictive, and that various changes may be made therein by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (14)
1. An operation execution method, characterized in that the method comprises:
determining whether a target application has a second authority for executing a target operation under the condition that the target application with a first authority executes the target operation, wherein the second authority is an access authority of an application to first data corresponding to the target operation;
if the target application does not have the second permission, intercepting the interception of the target application to a first transmission path, and storing a target file corresponding to the target operation to a target storage space;
receiving a first input of a user;
in response to the first input, performing a first operation;
wherein the first operation comprises any one of: allowing the target application to read the target file and delete the target file in the target storage space.
2. The method according to claim 1, wherein saving the target file corresponding to the target operation to a target storage space comprises:
generating a target file based on first data corresponding to the target operation;
and storing the target file to a target storage space.
3. The method of claim 1, wherein prior to determining whether the target application has the second permission to perform the target operation, further comprising:
under the condition that an authority control interface is displayed, receiving second input of a target application identifier by a user, wherein the target application identifier is the application identifier of the target application;
and responding to the second input, and setting a second permission for the target application.
4. The method of claim 2, wherein after storing the target file in the target storage space, further comprising:
displaying a file identifier of the target file and M application identifiers of M applications, wherein the M applications comprise: monitoring the application of the first transmission path under the condition of executing the target operation, wherein the M application identifications comprise target application identifications of the target application, each application identification respectively indicates one application, and M is a positive integer;
the receiving a first input of a user comprises:
receiving a first input of a file identification of the target file by a user.
5. The method according to claim 4, wherein the first input is an input of dragging a file identifier of the target file to a first area, the first area includes an area where the target application identifier is located, and the first operation includes: allowing the target application to read the target file.
6. The method of claim 4, wherein the first input is an input dragging a file identification of the target file to a second area, and wherein the second area comprises: the target application identifies other areas except the area where the target application is located, and the first operation comprises: and deleting the target file in the target storage space.
7. An operation execution apparatus, characterized in that the apparatus comprises: the device comprises a determining module, an executing module, a storing module and a receiving module, wherein:
the determining module is used for determining whether a target application has a second authority for executing a target operation under the condition that the target application with a first authority executes the target operation, wherein the second authority is an access authority of an application to first data corresponding to the target operation;
the execution module is configured to intercept interception of the target application on a first transmission path if the determination module determines that the target application does not have the second permission;
the storage module is used for storing the target file corresponding to the target operation into a target storage space;
the receiving module is used for receiving a first input of a user;
the execution module is further used for responding to the first input and executing a first operation;
wherein the first operation comprises any one of: allowing the target application to read the target file and delete the target file in the target storage space.
8. The apparatus of claim 7, further comprising: a processing module;
the processing module is used for generating a target file based on first data corresponding to the target operation;
the storage module is specifically configured to store the target file generated by the processing module in a target storage space.
9. The apparatus of claim 7, further comprising: setting a module;
the receiving module is further configured to receive a second input of a target application identifier from a user under the condition that an authority control interface is displayed, where the target application identifier is an application identifier of the target application;
the setting module is used for responding to the second input received by the receiving module and setting a second permission for the target application.
10. The apparatus of claim 8, further comprising: a display module;
the display module is configured to display the file identifier of the target file generated by the processing module and M application identifiers of M applications, where the M applications include: monitoring the application of the first transmission path under the condition of executing the target operation, wherein the M application identifications comprise target application identifications of the target application, each application identification respectively indicates one application, and M is a positive integer;
the receiving module is specifically configured to receive a first input of the file identifier displayed by the display module by a user.
11. The apparatus according to claim 10, wherein the first input is an input of dragging a file identifier of the target file to a first area, the first area includes an area where the target application identifier is located, and the first operation includes: allowing the target application to read the target file.
12. The apparatus of claim 10, wherein the first input is an input dragging a file identification of the target file to a second area, and wherein the second area comprises: the target application identifies other areas except the area where the target application is located, and the first operation comprises: and deleting the target file in the target storage space.
13. An electronic device comprising a processor, a memory, and a program or instructions stored on the memory and executable on the processor, the program or instructions when executed by the processor implementing the steps of the operation execution method of any one of claims 1-6.
14. A computer-readable storage medium, on which a program or instructions are stored, which, when executed by a processor, implement the steps of the operation execution method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110602452.7A CN113360863A (en) | 2021-05-31 | 2021-05-31 | Operation execution method and device, electronic equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110602452.7A CN113360863A (en) | 2021-05-31 | 2021-05-31 | Operation execution method and device, electronic equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113360863A true CN113360863A (en) | 2021-09-07 |
Family
ID=77530452
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110602452.7A Pending CN113360863A (en) | 2021-05-31 | 2021-05-31 | Operation execution method and device, electronic equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113360863A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111625812A (en) * | 2019-02-27 | 2020-09-04 | 阿里巴巴集团控股有限公司 | Operation processing method and device |
-
2021
- 2021-05-31 CN CN202110602452.7A patent/CN113360863A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111625812A (en) * | 2019-02-27 | 2020-09-04 | 阿里巴巴集团控股有限公司 | Operation processing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107133498B (en) | Privacy application management method and device and mobile terminal | |
| EP2766846B1 (en) | System and method for profile based filtering of outgoing information in a mobile environment | |
| US20170180332A1 (en) | System and method to provide server control for access to mobile client data | |
| CN107038358B (en) | Self-starting processing method and device and mobile terminal | |
| WO2015074517A1 (en) | Information viewing method, device, system and storage medium | |
| EP3610404B1 (en) | Methods and apparatus to monitor permission-controlled hidden sensitive application behavior at run-time | |
| KR20100027505A (en) | Mobile terminal capable of protecing virus infection and operation control method thereof | |
| CN107145794B (en) | Data processing method and device and mobile terminal | |
| CN108475304B (en) | Method and device for associating application program and biological characteristics and mobile terminal | |
| CN108932428B (en) | Lesog software processing method, device, equipment and readable storage medium | |
| US11475123B2 (en) | Temporary removal of software programs to secure mobile device | |
| WO2018214748A1 (en) | Method and apparatus for displaying application interface, terminal and storage medium | |
| CN112784262A (en) | Data access method, device, terminal and storage medium | |
| CN111460397A (en) | Monitoring method for application permission calling and electronic equipment | |
| US20210397751A1 (en) | Software initiated camera and microphone indicator | |
| CN113360863A (en) | Operation execution method and device, electronic equipment and medium | |
| CN106529335B (en) | Method and device for limiting screenshot and portable mobile terminal | |
| CN112637195B (en) | Method and device for controlling electronic equipment and electronic equipment | |
| CN111651764B (en) | Process monitoring method and device, electronic equipment and storage medium | |
| CN110232275B (en) | Control method and terminal equipment | |
| CN112632518A (en) | Data access method, device, terminal and storage medium | |
| CN108681668A (en) | Equipment manager management method, device and mobile terminal | |
| WO2019095449A1 (en) | Method and apparatus for preventing personal information leakage | |
| Anwar et al. | Guess who is listening in to the board meeting: on the use of mobile device applications as roving spy bugs | |
| US10135868B1 (en) | Defeating wireless signal interference hacks by manipulating signal strength |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |