CN113779546A - Recording permission management method, computing device and storage medium - Google Patents
Recording permission management method, computing device and storage medium Download PDFInfo
- Publication number
- CN113779546A CN113779546A CN202111025728.6A CN202111025728A CN113779546A CN 113779546 A CN113779546 A CN 113779546A CN 202111025728 A CN202111025728 A CN 202111025728A CN 113779546 A CN113779546 A CN 113779546A
- Authority
- CN
- China
- Prior art keywords
- recording
- audio stream
- application program
- audio
- application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims abstract description 33
- 238000000034 method Methods 0.000 claims abstract description 108
- 230000008569 process Effects 0.000 claims abstract description 74
- 238000012544 monitoring process Methods 0.000 claims abstract description 25
- 230000008859 change Effects 0.000 claims description 9
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 2
- 238000004891 communication Methods 0.000 description 18
- 238000010586 diagram Methods 0.000 description 8
- 238000013475 authorization Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 230000002093 peripheral effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000007723 transport mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/302—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44594—Unloading
Abstract
The invention discloses a recording authority management method which is suitable for being executed in computing equipment and comprises the following steps: creating a listening process suitable for listening to the audio server in the kernel; if the audio stream is newly created in the audio server according to the monitoring process, identifying an application program for recording according to the audio stream; judging whether the application program obtains the over-recording authority or not; if the application program does not acquire the recording authority, forbidding the audio stream to carry out recording operation in the audio server; prompting a user whether the identified application program is authorized to perform the recording operation; and if receiving the recording permission granted by the user to the application program for recording operation, recovering the audio stream so that the audio stream calls the hardware abstraction layer to perform the recording operation. The invention also discloses a computing device and a computer readable storage medium.
Description
The application is a divisional application of an invention patent application filed on 6/1/2021, and the application number of the original application is as follows: 20211106067490, title of the invention: a recording right management method, a computing device and a storage medium are provided.
Technical Field
The present invention relates to the field of operating systems, and in particular, to a recording right management method, a computing device, and a storage medium.
Background
With the abundance of functionality of modern computer systems, audio is almost always a necessary function. However, it often happens that the application software steals the recording under the condition that the user is completely unaware of the recording, so that the privacy of the user is revealed. Therefore, in order to protect the privacy of the user and avoid the theft of confidential data, the software needs to intercept the confidential data and pop up an authorization prompt when attempting to record the confidential data from the microphone.
In the prior art, a mode of monitoring an audio device directory is generally adopted, and when an unauthorized process operates a file of this type, the process is killed, so that recording interception can be realized. However, in the implementation process, as PulseAudio is commonly used as an audio management service in Linux, an application program does not operate an audio device by itself, but records through PulseAudio. In this case, the process of actually operating the audio device directory is PulseAudio regardless of which application performs recording. As long as the PulseAudio is allowed to read the audio device, all applications can record; and as long as the PulseAudio is prohibited from reading the audio equipment, all the application programs cannot record. The recording process cannot be accurately identified, and authorization management is performed according to the identity of the process.
For this reason, a new recording right management method is required.
Disclosure of Invention
To this end, the present invention provides a recording right management method in an attempt to solve or at least alleviate the above-existing problems.
According to an aspect of the present invention, there is provided a recording right management method, adapted to be executed in a computing device, where an operating system runs in the computing device, the operating system includes a kernel, an audio server and a hardware abstraction layer, and one or more application programs run on the operating system, the method includes the steps of: creating a listening process suitable for listening to the audio server in the kernel; if the audio stream is newly created in the audio server according to the monitoring process, identifying an application program for recording according to the audio stream; judging whether the application program obtains the recording authority or not; if the application program does not acquire the recording authority, forbidding the audio stream to carry out recording operation in the audio server; prompting a user whether the identified application program is authorized to perform the recording operation; and if receiving the recording permission granted by the user to the application program for recording operation, recovering the audio stream so that the audio stream calls the hardware abstraction layer to perform the recording operation.
Optionally, in the method according to the present invention, the step of creating, by the application program, the audio stream at the audio server comprises the steps of: an application program generates a recording process file; the application program creates a recording process in the kernel according to the recording process file; the application creates an audio stream in the audio server according to the recording process.
Optionally, in the method according to the present invention, the audio stream includes a process number of a recording process, and the identifying the application performing the recording operation according to the audio stream includes: determining a process number of a recording process for creating the audio stream according to the audio stream; calculating to obtain a file descriptor of the recording process file according to the process number; and identifying the application program for carrying out the recording operation through the file descriptor of the recording process file.
Optionally, in the method according to the present invention, an audio stream management event is created in the audio server, and the creating, by the kernel, a listening process adapted to perform listening to the audio server includes the steps of: creating a monitoring process in the kernel, and monitoring an audio stream management event by the monitoring process; and if the audio stream management event is monitored to receive the audio stream creation operation, newly creating the audio stream by the audio server.
Optionally, in the method according to the present invention, further comprising the step of: and if the fact that the recording of the application program is forbidden by the user is received, closing the audio stream so as to forbid the recording operation of the application program.
Optionally, in the method according to the present invention, prompting the user whether to authorize the identified application program to perform the recording operation includes: monitoring a change in a state of the audio stream; when monitoring that the application program indicates the audio stream to change the state so as to recover the audio stream to carry out recording operation, judging whether the application program acquires the recording permission or not; and if the application program does not acquire the recording authority, prohibiting the audio stream from carrying out state change.
Optionally, in the method according to the present invention, further comprising the step of: monitoring whether other recording processes exist or not, and calling recording acquisition equipment to record through a hardware abstraction layer; and if the application program is monitored not to pass through the audio server, other recording processes are created for recording operation, and the recording process is closed.
Optionally, in the method according to the present invention, further comprising the step of: storing the application program and the recording authority thereof in a memory; and when judging whether the application program obtains the recording authority, searching the recording authority of the application program in the memory.
According to another aspect of the present invention, there is provided a computing device comprising: one or more processors; a memory; an image display system; and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs including instructions for performing any of the methods of a recording rights management method according to the present invention.
According to still another aspect of the present invention, there is provided a computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform any of a recording rights management method according to the present invention.
In the recording authority management method, the monitoring process is established in the kernel, the audio server is monitored, whether the audio server is newly established with the audio stream is monitored, so that the recording behavior of the application program can be found, and the application program for recording operation can be identified through the established audio stream. And then, judging whether the application program acquires the recording authority, if the application program does not acquire the recording authority, prohibiting the audio stream from carrying out recording operation in an audio server, inquiring whether the application program is authorized to carry out recording to the user, and finally recovering or closing the audio stream according to the selection of the user so as to manage whether the application program is allowed to carry out recording.
Drawings
To the accomplishment of the foregoing and related ends, certain illustrative aspects are described herein in connection with the following description and the annexed drawings, which are indicative of various ways in which the principles disclosed herein may be practiced, and all aspects and equivalents thereof are intended to be within the scope of the claimed subject matter. The above and other objects, features and advantages of the present disclosure will become more apparent from the following detailed description read in conjunction with the accompanying drawings. Throughout this disclosure, like reference numerals generally refer to like parts or elements.
FIG. 1 is a schematic diagram illustrating an operating system running in a computing device in accordance with the present invention;
FIG. 2 illustrates a block diagram of a computing device 200, according to an exemplary embodiment of the invention;
FIG. 3 illustrates a flowchart of a recording rights management method 300 according to an exemplary embodiment of the invention;
FIG. 4 illustrates a schematic diagram of monitoring an audio stream according to an exemplary embodiment of the present invention; and
fig. 5 shows a schematic diagram of a directory of monitoring audio devices according to an exemplary embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. Like reference numerals generally refer to like parts or elements.
FIG. 1 shows a schematic diagram of an operating system running in a computing device according to an exemplary embodiment of the invention. As shown in FIG. 1, the operating system includes a system layer 120 and a hardware abstraction layer 130, on which an application layer 110 also runs. The computing device is also connected to audio capture devices 141 and 142 through the hardware abstraction layer 130. The invention does not limit the number of audio capture devices connected to the computing device.
The application layer 110 corresponds to a user mode or a user space in the operating system, and includes a plurality of application programs 111 to 113 running in the user mode. The applications 111-113 may invoke the hardware abstraction layer 130 and the audio capture device 141 or 142 connected to the hardware abstraction layer to complete the recording operation by creating an audio stream in the audio server 121 of the operating system.
The system layer 120 corresponds to kernel state or kernel space in an operating system. The sound server 121 is a sound server between a hardware device driver and an application in an application layer, and may be specifically implemented as a plusiaudio sound server. The server module 121 monitors and configures the local device to manage audio streams and transmit audio streams of the application to the local or remote device.
The sound subsystem module 122 may be implemented as an ALSA or OSS library, providing an audio function library to the operating system. The corresponding kernel 123 may be implemented as an ALSA or OSS kernel that provides drivers needed to perform audio capture to the audio capture device 141 or 142 connected to the system 100. The sound subsystem module 122, in conjunction with the kernel 1230, provides an audio capture server in the system 100.
The hardware abstraction layer 130 is a core 123 and hardware devices: an interface layer between the audio capture devices 141 or 142 abstracts the audio capture devices 141 or 142, provides a communication interface to the audio capture devices 141 or 142, and also facilitates access to the audio capture devices 141 or 142 by an operating system. The audio capture device 141 or 142 may be implemented as any device capable of playing an audio stream, such as a microphone or the like. The present invention is not limited to a specific type of audio capture device 141 or 142.
The operating system is adapted to run in the computing device. FIG. 2 illustrates a block diagram of a computing device 200, according to an exemplary embodiment of the invention. As shown in FIG. 2, in a basic configuration 202, a computing device 200 typically includes a system memory 206 and one or more processors 204. A memory bus 208 may be used for communication between the processor 204 and the system memory 206.
Depending on the desired configuration, the processor 204 may be any type of processing, including but not limited to: a microprocessor (μ P), a microcontroller (μ C), a Digital Signal Processor (DSP), or any combination thereof. The processor 204 may include one or more levels of cache, such as a level one cache 210 and a level two cache 212, a processor core 214, and registers 216. Example processor cores 214 may include Arithmetic Logic Units (ALUs), Floating Point Units (FPUs), digital signal processing cores (DSP cores), or any combination thereof. The example memory controller 218 may be used with the processor 204, or in some implementations the memory controller 218 may be an internal part of the processor 204.
Depending on the desired configuration, system memory 206 may be any type of memory, including but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. System memory 206 may include an operating system 220, one or more programs 222, and program data 228. In some embodiments, the program 222 may be arranged to execute the instructions 223 of the method 300 according to the invention on an operating system by one or more processors 204 using the program data 228.
Computing device 200 may also include a storage interface bus 234. The storage interface bus 234 enables communication from the storage devices 232 (e.g., removable storage 236 and non-removable storage 238) to the basic configuration 202 via the bus/interface controller 230. At least a portion of the operating system 220, applications 222, and data 224 may be stored on removable storage 236 and/or non-removable storage 238, and loaded into system memory 206 via storage interface bus 234 and executed by the one or more processors 204 when the computing device 200 is powered on or the applications 222 are to be executed.
Computing device 200 may also include an interface bus 240 that facilitates communication from various interface devices (e.g., output devices 242, peripheral interfaces 244, and communication devices 246) to the basic configuration 202 via the bus/interface controller 230. The example output device 242 includes a graphics processing unit 248 and an audio processing unit 250. They may be configured to facilitate communication with various external devices, such as a display or speakers, via one or more a/V ports 252. Example peripheral interfaces 244 can include a serial interface controller 254 and a parallel interface controller 256, which can be configured to facilitate communications with external devices such as input devices (e.g., keyboard, mouse, pen, voice input device, touch input device) or other peripherals (e.g., printer, scanner, etc.) via one or more I/O ports 258. An example communication device 246 may include a network controller 260, which may be arranged to communicate with one or more other computing devices 262 over a network communication link via one or more communication ports 264.
A network communication link may be one example of a communication medium. Communication media may typically be embodied by computer readable instructions, data structures, program modules, and may include any information delivery media, such as carrier waves or other transport mechanisms, in a modulated data signal. A "modulated data signal" may be a signal that has one or more of its data set or its changes made in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired network or private-wired network, and various wireless media such as acoustic, Radio Frequency (RF), microwave, Infrared (IR), or other wireless media. The term computer readable media as used herein may include both storage media and communication media.
In a computing device 200 according to the present invention, the application 222 includes program instructions of the recording rights management method 300 that may instruct the processor 204 to perform some of the steps of the recording rights management method 300 operating in the computing device 200 of the present invention so that various portions of the computing device 200 implement management of the recording rights of the application program by performing the recording rights management method 300 of the present invention.
Computing device 200 may be implemented as a server, e.g., file server 240, database 250, a server, an application server, etc., which may be a device such as a Personal Digital Assistant (PDA), a wireless web-browsing device, an application-specific device, or a hybrid device that include any of the above functions. May be implemented as a personal computer including both desktop and notebook computer configurations, and in some embodiments, the computing device 200 is configured to perform the recording rights management method 300.
Since the applications 111-113 need to record through the audio server 121, the audio server 121 can be used to manage the recording rights of the applications 111-113 through monitoring the audio server 121. Fig. 3 shows a flowchart of a recording rights management method 300 according to an exemplary embodiment of the invention. The method 300 is suitable for execution in the computing device 200. The method 300 is described below using the application 111 and the audio capture device 141 as examples. As shown in fig. 3, the recording right management method 300 starts with step S310, where the kernel creates a listening process adapted to perform listening to the audio server 121.
When the application 111 needs to record, an audio stream needs to be created on the audio server 121, and the audio stream is called Source Output in the audio server 121. The audio server 121 includes an audio stream management EVENT (PA _ SUBSCRIPTION _ EVENT _ SOURCE _ OUTPUT), and manages an audio stream, including creating, deleting, and the like. A listening process created in kernel 123 listens for audio stream management events. When the application 111 is to record, it instructs the audio stream management event to create an audio stream. If the listening process listens that the audio stream management event receives the audio stream creation operation from the application 111, it is considered that the audio server 121 newly creates an audio stream. The audio stream creation operation may be embodied as a PA _ SUBSCRIPTION _ EVENT _ NEW EVENT. Through the above steps, the recording behavior of the application 111 can be found.
Subsequently, step S320 is executed, and if an audio stream is newly created in the audio server 121 according to the monitoring process, the application 111 performing the recording operation is identified according to the audio stream. When the audio server 121 creates an audio stream, the application 111 first generates a recording process file, then creates a recording process in the kernel 123 according to the recording process file, and finally creates an audio stream in the audio server 121 according to the recording process. When the application 111 generates the recording process file, the kernel 123 returns a file descriptor of the recording process file. The file descriptor is a non-negative integer that serves as an index value to point to a table of records in the kernel 123 that the application process creates and uses the sound recording process file. When the recording process created in the kernel 123 creates an audio stream in the audio server 121, a process number of the recording process is recorded in an attribute of the audio stream.
When the application 111 performing the recording operation is identified from the audio stream, first, the process number of the recording process for creating the audio stream is determined from the audio stream. And then calculating the file descriptor of the recording progress file according to the progress number symbolic link/proc/$ { pid }/exe. And finally, identifying the application process for creating the recording process file through the file descriptor of the recording process file, so that which application program needs to be recorded can be identified. The computing device identifies the application 111 performing the recording operation by executing the following code:
func processIdentify(pid PID)string{
return hash("/proc/${pid}/exe")
}
subsequently, step S330 is executed to determine whether the application 111 acquires the recording right. Because the application 111 may establish an audio stream for recording for multiple times, whether the application 111 acquires the recording right for recording may be stored in the memory, and when the application 111 requests recording next time, the recording right of the application 111 is directly searched in the memory, and whether the application 111 acquires the recording right is determined according to the stored recording of the application 111 right.
Subsequently, step S340 is executed, and if the application 111 does not obtain the recording right, the audio stream is prohibited from performing the recording operation in the audio server 121. Disabling the audio stream for recording may call a pa _ context _ set _ source _ output _ mute (true) interface, so that the audio stream cannot read data on the audio acquisition device 141.
The case that the application 111 does not acquire the recording right includes two cases, one is that the recording right is acquired, but the user prohibits the application 111 from recording, at this time, the audio stream in the audio server 121 is directly closed, and it is not necessary to request the user whether to authorize the application 111 to record again.
The other is that the application never acquires the recording right, and creates an audio stream in the audio server 121 for the first time to record, at this time, step S350 is executed to prompt the user whether to authorize the identified application 111 to perform the recording operation. When the user is prompted whether the identified application 111 is authorized to perform the recording operation, an authorization verification window is popped up for the user, and the authorization verification window comprises options of prohibiting recording and allowing recording. When the user selects to prohibit the recording, the pa _ context _ kill _ source _ output interface is called to close the audio stream created by the application 111, so as to prohibit the application 111 from performing the recording operation.
The computing device executes the following code to perform steps S340 and S350:
func sourceOutputAddedCallback(s SourceOutput){
if! S. Process. allowed {// determine whether the application 111 to which the sound recording stream belongs is authorized
If not authorized
Mute/disable the recording stream
Showdialog ()// pop-up authorization verification window
}
}
When the user selects the option of allowing recording and grants the recording right to the application 111, step S360 is executed, and if the recording right granted by the user to the application 111 for recording is received, the audio stream is recovered, so that the audio stream calls the hardware abstraction layer 130 for recording. If the user selects to allow the recording, the recording stream may be allowed to read the data on the audio acquisition device 141 by calling the pa _ context _ set _ source _ output _ mute (false) interface; and has recording rights to the application 111 recorded in the memory. The computing device executes the following code to perform step S360:
func authCallback(s SourceOutput,allow bool){
if allow{
s. mute// resume the recorded stream
}else{
Kill ()// close the recording stream
}
Save (s.Process, allow)// record user's permission status
}
According to an embodiment of the present invention, while waiting for the user to select, the recording stream needs to be monitored for status, so as to avoid the recording process from actively calling the pa _ context _ set _ source _ output _ mute (false) interface to recover the recording during the process. Fig. 4 shows a schematic diagram of monitoring an audio stream according to an exemplary embodiment of the present invention. Therefore, the step of prompting the user whether the identified application 111 is authorized to perform the recording operation includes: the status change of the audio stream is monitored. When it is monitored that the application 111 indicates that the audio stream is subjected to state change so as to recover the audio stream to perform recording operation, whether the application 111 acquires the recording right is determined, if the application 111 does not acquire the recording right, the audio stream is prohibited from being subjected to state change, and a pa _ context _ set _ source _ output _ mute (true) interface is called again to pause recording. Thereby preventing the application 111 from restoring the recording itself after the recording of the application 111 is prohibited. The computing device implements preventing the application 111 from self-resuming recording by executing the following code:
func sourceOutputModifiedCallback(s SourceOutput){
if! Process, allowed {// determine whether the process to which the flow belongs is authorized
If not authorized
Mute/disable the recording stream
Showdialog ()// pop-up authorization verification window
}
}
According to another embodiment of the present invention, the application 111 is also prevented from bypassing the interception by the audio server 121 and recording directly through the sound subsystem module 122. Fig. 5 shows a schematic diagram of a directory of monitoring audio devices according to an exemplary embodiment of the present invention. Monitoring an audio equipment directory (/ dev/snd) by using a monitoring process, and monitoring whether other recording processes exist or not, calling a recording acquisition device to record through the hardware abstraction layer 130; if it is monitored that the application program 111 does not create another recording process for recording through the audio server 121, the recording process is closed, and recording through a recording process other than PulseAudio is prohibited. Further, the monitoring process for monitoring the audio device directory should run with the identity of the root user to avoid being killed by non-privileged processes. The computing device inhibits recording by executing code other than audio server 121:
func inotifyCallback(p Process){
if! isPulseAudio {// determine if the process is PulseAudio {/is
// if not PulseAudio
Kill ()// kill the Process
}
}
In the recording authority management method, the monitoring process is established in the kernel, the audio server is monitored, whether the audio server is newly established with the audio stream is monitored, so that the recording behavior of the application program can be found, and the application program for recording operation can be identified through the established audio stream. And then, judging whether the application program acquires the recording authority, if the application program does not acquire the recording authority, prohibiting the audio stream from carrying out recording operation in an audio server, inquiring whether the application program is authorized to carry out recording to the user, and finally recovering or closing the audio stream according to the selection of the user so as to manage whether the application program is allowed to carry out recording.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules or units or groups of devices in the examples disclosed herein may be arranged in a device as described in this embodiment, or alternatively may be located in one or more devices different from the devices in this example. The modules in the foregoing examples may be combined into one module or may be further divided into multiple sub-modules.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. Modules or units or groups in embodiments may be combined into one module or unit or group and may furthermore be divided into sub-modules or sub-units or sub-groups. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
Furthermore, some of the described embodiments are described herein as a method or combination of method elements that can be performed by a processor of a computer system or by other means of performing the described functions. A processor having the necessary instructions for carrying out the method or method elements thus forms a means for carrying out the method or method elements. Further, the elements of the apparatus embodiments described herein are examples of the following apparatus: the apparatus is used to implement the functions performed by the elements for the purpose of carrying out the invention.
The various techniques described herein may be implemented in connection with hardware or software or, alternatively, with a combination of both. Thus, the methods and apparatus of the present invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein the memory is configured to store program code; the processor is configured to execute the method for determining the apparatus shutdown state of the present invention according to instructions in the program code stored in the memory.
By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer-readable media includes both computer storage media and communication media. Computer storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of computer readable media.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
While the invention has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this description, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as described herein. Furthermore, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter. Accordingly, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The present invention has been disclosed in an illustrative rather than a restrictive sense, and the scope of the present invention is defined by the appended claims.
Claims (9)
1. A recording rights management method adapted to be executed in a computing device, the computing device having an operating system running therein, the operating system including a kernel, an audio server and a hardware abstraction layer, the operating system also having one or more application programs running thereon, the method comprising the steps of:
creating a listening process at the kernel adapted to perform listening to the audio server;
if the audio stream is newly created in the audio server according to the monitoring process, identifying an application program for recording according to the audio stream;
judging whether the application program obtains the recording authority or not;
if the application program does not acquire the recording authority, forbidding the audio stream to carry out recording operation in the audio server;
prompting a user whether the identified application program is authorized to perform the recording operation;
if receiving a recording authority granted by a user to the application program for recording operation, recovering the audio stream so that the audio stream calls the hardware abstraction layer to perform the recording operation;
and if the fact that the recording of the application program is forbidden by the user is received, closing the audio stream so as to forbid the recording operation of the application program.
2. The method of claim 1, wherein the application creating an audio stream at the audio server comprises the steps of:
the application program generates a recording process file;
the application program creates a recording process in the kernel according to the recording process file;
and the application program creates an audio stream in the audio server according to the recording process.
3. The method of claim 2, wherein the audio stream includes a process number of a recording process, and the identifying the application performing the recording operation based on the audio stream comprises:
determining a process number of a recording process for creating the audio stream according to the audio stream;
calculating to obtain a file descriptor of the recording progress file according to the progress number;
and identifying the application program for carrying out the recording operation through the file descriptor of the recording process file.
4. The method of claim 3, wherein audio stream management events are created in the audio server, creating a listening process at the kernel adapted to perform listening to the audio server comprising the steps of:
creating a listening process in the kernel, the listening process listening for audio stream management events;
and if the audio stream management event is monitored to receive the audio stream creation operation, newly creating an audio stream by the audio server.
5. The method of any of claims 1-4, wherein the prompting of the user whether to authorize the identified application for recording comprises:
monitoring a change in status of the audio stream;
when the condition that the application program indicates the audio stream to change the state so as to recover the audio stream to carry out recording operation is monitored, judging whether the application program acquires the recording permission or not;
and if the application program does not acquire the recording authority, prohibiting the audio stream from carrying out state change.
6. The method of claim 5, further comprising the steps of:
monitoring whether other recording processes exist or not, and calling recording acquisition equipment to record through the hardware abstraction layer;
and if the fact that the application program does not pass through the audio server is monitored, other recording processes are created to carry out recording operation, and the recording process is closed.
7. The method of claim 6, further comprising the steps of:
storing the application program and the recording authority thereof in a memory;
and when judging whether the application program obtains the recording authority, searching the recording authority of the application program in the memory.
8. A computing device, comprising:
one or more processors;
a memory; and
one or more apparatuses comprising instructions for performing any of the methods of claims 1-7.
9. A computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform any of the methods of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111025728.6A CN113779546B (en) | 2021-06-01 | 2021-06-01 | Recording authority management method, computing device and storage medium |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111025728.6A CN113779546B (en) | 2021-06-01 | 2021-06-01 | Recording authority management method, computing device and storage medium |
| CN202110606749.0A CN113254917B (en) | 2021-06-01 | 2021-06-01 | Recording permission management method, computing device and storage medium |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110606749.0A Division CN113254917B (en) | 2021-06-01 | 2021-06-01 | Recording permission management method, computing device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113779546A true CN113779546A (en) | 2021-12-10 |
| CN113779546B CN113779546B (en) | 2024-03-26 |
Family
ID=77185657
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110606749.0A Active CN113254917B (en) | 2021-06-01 | 2021-06-01 | Recording permission management method, computing device and storage medium |
| CN202111025728.6A Active CN113779546B (en) | 2021-06-01 | 2021-06-01 | Recording authority management method, computing device and storage medium |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110606749.0A Active CN113254917B (en) | 2021-06-01 | 2021-06-01 | Recording permission management method, computing device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN113254917B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117857686A (en) * | 2024-02-07 | 2024-04-09 | 荣耀终端有限公司 | Communication method, communication system and related device |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015070633A1 (en) * | 2013-11-15 | 2015-05-21 | 北京奇虎科技有限公司 | Privacy authority management method and apparatus |
| CN106657552A (en) * | 2016-11-30 | 2017-05-10 | 广东欧珀移动通信有限公司 | Method and device for preventing monitoring and terminal |
| US9652625B1 (en) * | 2016-04-25 | 2017-05-16 | AO Kaspersky Lab | System and method of counteracting unauthorized access to microphone data |
| CN106909834A (en) * | 2015-12-23 | 2017-06-30 | 北京奇虎科技有限公司 | A kind of data processing method and device |
| CN106951786A (en) * | 2017-03-30 | 2017-07-14 | 国网江苏省电力公司电力科学研究院 | Towards the Mobile solution legal power safety analysis method of Android platform |
| WO2017161724A1 (en) * | 2016-03-25 | 2017-09-28 | 宇龙计算机通信科技(深圳)有限公司 | Voice processing method and device, and terminal |
| CN107305613A (en) * | 2016-04-25 | 2017-10-31 | 卡巴斯基实验室股份制公司 | Protect the system and method for the voice data transmission from microphone to application process |
| CN109981257A (en) * | 2019-04-11 | 2019-07-05 | 鸿秦(北京)科技有限公司 | A kind of data security protection method and device based on ssh |
| CN110097897A (en) * | 2019-04-02 | 2019-08-06 | 烽火通信科技股份有限公司 | A kind of Android device recording multiplexing method and system |
| CN110347862A (en) * | 2019-06-24 | 2019-10-18 | 歌尔股份有限公司 | Recording processing method, device, equipment, system and audio frequency apparatus |
| CN110955402A (en) * | 2019-10-12 | 2020-04-03 | 平安银行股份有限公司 | Recording method, device and equipment based on webpage and storage medium |
| CN111462785A (en) * | 2020-04-03 | 2020-07-28 | 惠州Tcl移动通信有限公司 | Recording control method, recording control device, storage medium and mobile terminal |
| WO2021022433A1 (en) * | 2019-08-05 | 2021-02-11 | 宇龙计算机通信科技(深圳)有限公司 | Application monitoring method and apparatus, and storage medium and electronic device |
| CN112558912A (en) * | 2020-12-11 | 2021-03-26 | 北京百家科技集团有限公司 | Application program and recording method thereof, terminal device and storage medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8463612B1 (en) * | 2005-11-08 | 2013-06-11 | Raytheon Company | Monitoring and collection of audio events |
| CN101667235B (en) * | 2008-09-02 | 2013-10-23 | 北京瑞星信息技术有限公司 | Method and device for protecting user privacy |
| CN106210285A (en) * | 2016-06-29 | 2016-12-07 | 北京奇虎科技有限公司 | A kind of recording method of controlling security, device and equipment |
| CN111639339B (en) * | 2020-05-26 | 2023-06-23 | 珠海豹趣科技有限公司 | Process monitoring method and device, electronic equipment and storage medium |
| CN111651764B (en) * | 2020-05-26 | 2023-12-26 | 珠海豹趣科技有限公司 | Process monitoring method and device, electronic equipment and storage medium |
| CN112803907B (en) * | 2021-03-17 | 2021-07-16 | 统信软件技术有限公司 | System and method for providing audio playing service |
-
2021
- 2021-06-01 CN CN202110606749.0A patent/CN113254917B/en active Active
- 2021-06-01 CN CN202111025728.6A patent/CN113779546B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015070633A1 (en) * | 2013-11-15 | 2015-05-21 | 北京奇虎科技有限公司 | Privacy authority management method and apparatus |
| CN106909834A (en) * | 2015-12-23 | 2017-06-30 | 北京奇虎科技有限公司 | A kind of data processing method and device |
| WO2017161724A1 (en) * | 2016-03-25 | 2017-09-28 | 宇龙计算机通信科技(深圳)有限公司 | Voice processing method and device, and terminal |
| CN107305613A (en) * | 2016-04-25 | 2017-10-31 | 卡巴斯基实验室股份制公司 | Protect the system and method for the voice data transmission from microphone to application process |
| US9652625B1 (en) * | 2016-04-25 | 2017-05-16 | AO Kaspersky Lab | System and method of counteracting unauthorized access to microphone data |
| CN106657552A (en) * | 2016-11-30 | 2017-05-10 | 广东欧珀移动通信有限公司 | Method and device for preventing monitoring and terminal |
| CN106951786A (en) * | 2017-03-30 | 2017-07-14 | 国网江苏省电力公司电力科学研究院 | Towards the Mobile solution legal power safety analysis method of Android platform |
| CN110097897A (en) * | 2019-04-02 | 2019-08-06 | 烽火通信科技股份有限公司 | A kind of Android device recording multiplexing method and system |
| CN109981257A (en) * | 2019-04-11 | 2019-07-05 | 鸿秦(北京)科技有限公司 | A kind of data security protection method and device based on ssh |
| CN110347862A (en) * | 2019-06-24 | 2019-10-18 | 歌尔股份有限公司 | Recording processing method, device, equipment, system and audio frequency apparatus |
| WO2021022433A1 (en) * | 2019-08-05 | 2021-02-11 | 宇龙计算机通信科技(深圳)有限公司 | Application monitoring method and apparatus, and storage medium and electronic device |
| CN110955402A (en) * | 2019-10-12 | 2020-04-03 | 平安银行股份有限公司 | Recording method, device and equipment based on webpage and storage medium |
| CN111462785A (en) * | 2020-04-03 | 2020-07-28 | 惠州Tcl移动通信有限公司 | Recording control method, recording control device, storage medium and mobile terminal |
| CN112558912A (en) * | 2020-12-11 | 2021-03-26 | 北京百家科技集团有限公司 | Application program and recording method thereof, terminal device and storage medium |
Non-Patent Citations (3)
| Title |
|---|
| 秦中元;张峻瑞;张群芳;宋志勇;: "基于Inject和Hook的安卓终端管控技术", 信息网络安全, no. 09 * |
| 秦中元;张峻瑞;张群芳;宋志勇;: "基于Inject和Hook的安卓终端管控技术", 信息网络安全, no. 09, 10 September 2018 (2018-09-10) * |
| 腾讯云: "以受限用户身份运行monit,并使其监视需要root权限的进程", Retrieved from the Internet <URL:https://cloud.tencent.com/developer/ask/sof/103411170> * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117857686A (en) * | 2024-02-07 | 2024-04-09 | 荣耀终端有限公司 | Communication method, communication system and related device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113254917A (en) | 2021-08-13 |
| CN113779546B (en) | 2024-03-26 |
| CN113254917B (en) | 2021-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102938039B (en) | For the selectivity file access of application | |
| US10528735B2 (en) | Malicious code protection for computer systems based on process modification | |
| US9787718B2 (en) | Policy-based runtime control of a software application | |
| US11443034B2 (en) | Trust zone-based operating system and method | |
| US7693838B2 (en) | Method and apparatus for securely accessing data | |
| US8752201B2 (en) | Apparatus and method for managing digital rights through hooking a kernel native API | |
| KR100997802B1 (en) | Apparatus and method for security managing of information terminal | |
| US10402563B2 (en) | Automated classification of exploits based on runtime environmental features | |
| MX2007011377A (en) | Secure boot. | |
| US9589131B2 (en) | Method and computer device to control software file downloads | |
| CN109086620B (en) | Physical isolation dual-system construction method based on mobile storage medium | |
| CN104680084A (en) | Method and system for protecting user privacy in computer | |
| US7890756B2 (en) | Verification system and method for accessing resources in a computing environment | |
| US9219728B1 (en) | Systems and methods for protecting services | |
| CN113254917B (en) | Recording permission management method, computing device and storage medium | |
| US10929536B2 (en) | Detecting malware based on address ranges | |
| CN111447178A (en) | Access control method, system and computing device | |
| CN112231761B (en) | Device mounting method, computing device and readable storage medium | |
| CN114510706A (en) | Permission control method and device based on physical interface and computing equipment | |
| US11921874B2 (en) | Method and system for protecting file using class distribution and sequential memory loading | |
| CN114153801A (en) | File opening method, computing device and storage medium | |
| CN113849246A (en) | Plug-in identification method, plug-in loading method, computing device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |