CN114036068A

CN114036068A - Update detection method, device, equipment and storage medium based on privacy security

Info

Publication number: CN114036068A
Application number: CN202111519271.4A
Authority: CN
Inventors: 韦国处
Original assignee: Ping An Property and Casualty Insurance Company of China Ltd
Current assignee: Ping An Property and Casualty Insurance Company of China Ltd
Priority date: 2021-12-13
Filing date: 2021-12-13
Publication date: 2022-02-11

Abstract

The invention relates to a security detection technology, and discloses an update detection method based on privacy security, which comprises the following steps: acquiring an execution case of the target microservice from an execution case database, and operating the execution case; acquiring request data generated by the execution case, and redirecting the request data to an original program and an updated program corresponding to the target micro service respectively; acquiring a first request response data record generated by the original program and a second request response data record generated by the updating program; according to the first request response data record, obtaining a privacy exemption list corresponding to the original program; and judging whether the updating program reveals privacy or not by utilizing a pre-constructed privacy verification service according to the privacy exemption list and the second request response data record. The invention also provides an update detection device based on privacy security, an electronic device and a storage medium. The invention can reduce the resource consumption of software application in privacy security detection.

Description

Update detection method, device, equipment and storage medium based on privacy security

Technical Field

The present invention relates to the field of security detection technologies, and in particular, to an update detection method and apparatus based on privacy security, an electronic device, and a computer-readable storage medium.

Background

In order to meet the increasingly rich requirements of people, the updating of each application program is gradually accelerated, when a product is updated, it is very important to detect whether a privacy protocol between the updated program and an original program is changed, and when the privacy is changed too much, the risk that newly developed functions cannot be on line due to the security privacy problem often occurs.

At present, the main method in the industry is to perform overall self-check on an updated application product to obtain a detection problem, and then judge the range of the detection problem through the technical experience of related technical personnel to perform rectification and repair, so that a large amount of manpower and computing resources are consumed for discovering each problem. Therefore, a privacy security testing method which consumes few resources and can find privacy problems in the development process is urgently needed.

Disclosure of Invention

The invention provides an update detection method and device based on privacy security and a computer readable storage medium, and mainly aims to solve the problem that too much resources and time are consumed in a privacy test process.

In order to achieve the above object, the present invention provides an update detection method based on privacy security, including:

acquiring an execution case corresponding to the target micro service from a pre-constructed execution case database, and running the execution case;

acquiring request data generated in the running process of the execution case, and sending the request data to an original program and an updated program corresponding to the target micro service in parallel through gateway redirection operation;

acquiring a first request response data record generated by the original program according to the request data, and acquiring a second request response data record generated by the updating program according to the request data;

according to the first request response data record, obtaining a privacy exemption list corresponding to the original program;

and judging whether the updating program reveals privacy or not by utilizing a pre-constructed privacy verification service according to the privacy exemption list and the second request response data record.

Optionally, the sending, through the gateway redirection operation, the request data to the original program and the updated program corresponding to the target microservice in parallel includes:

importing the request data into the original program by utilizing a pre-constructed gateway according to a destination field parameter in the request data;

acquiring a program interface address corresponding to the updating program;

and modifying the destination field parameter in the request data into the program interface address by using a redirection function in a standard input/output header file packet to obtain redirection request data, and importing the redirection request data into the update program by using the gateway according to the program interface address in the redirection request data.

Optionally, the obtaining a first request response data record generated by the original program according to the request data includes:

when the request data is monitored to be imported into the original program, acquiring and analyzing the request data to obtain a request resource identifier set;

when the original program is monitored to generate response data, acquiring and analyzing the response data to obtain a response resource identifier set;

and taking each request resource identifier in the request resource identifier set as a key field, taking each response resource identifier in the response resource identifier set as a value field, and correspondingly establishing a key value pair by each key field and each value field to obtain a first request response data record.

Optionally, the obtaining a privacy exemption list corresponding to the original program according to the first request response data record includes:

inquiring a protocol field of a key field in the first request response data record to obtain a user-defined privacy configuration set;

inquiring a protocol field of a median field in the first request response data record to obtain a default privacy configuration set of the system;

and combining the user-defined privacy configuration set and the system default privacy configuration set by using an intersection set method to obtain a privacy exemption list.

Optionally, the determining, according to the privacy exemption list and the second request response data record, whether the update program reveals privacy by using a pre-established privacy verification service includes:

converting each key-value pair in the second request response data record into a regular expression;

identifying the information category of the regular expression, and acquiring a verification method corresponding to the information category;

verifying the regular expression by using the verification method and the privacy exemption list;

when the verification is passed, judging that the updated program does not reveal privacy;

and when the verification is not passed, judging that the privacy is leaked from the updating program.

Optionally, after determining whether the privacy is revealed by the update program using the pre-built privacy verification service, the method further includes:

when the update program is judged to have leaked privacy, sending out preset warning information, and outputting the content corresponding to the regular expression which is not verified;

when it is determined that the updated program does not reveal privacy, the original program may be replaced with the updated program.

Optionally, the running the execution case includes:

and carrying out initialization operation on the execution case.

And running the execution case by utilizing a test tool.

In order to solve the above problem, the present invention further provides an update detection apparatus based on privacy security, the apparatus including:

the case execution module is used for acquiring an execution case corresponding to the target micro service from a pre-constructed execution case database and running the execution case;

the redirection module is used for acquiring request data generated in the running process of the execution case, and sending the request data to an original program and an updated program corresponding to the target microservice in parallel through gateway redirection operation;

the operation record acquisition module is used for acquiring a first request response data record generated by the original program according to the request data, acquiring a second request response data record generated by the updating program according to the request data, and acquiring a privacy exemption list corresponding to the original program according to the first request response data record;

and the privacy verification module is used for judging whether the updating program reveals privacy or not by utilizing a pre-constructed privacy verification service according to the privacy exemption list and the second request response data record.

In order to solve the above problem, the present invention also provides an electronic device, including:

at least one processor; and the number of the first and second groups,

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the privacy security based update detection method described above.

In order to solve the above problem, the present invention further provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the update detection method based on privacy security described above.

In the embodiment of the invention, the original program and the updated program are simultaneously operated through a redirection technology, so that the original program and the updated program can be executed in the same execution case environment, and the test bugs are reduced; obtaining a privacy exemption list in the original program according to the first request response data record of the original program, wherein the privacy exemption list contains user-defined privacy configuration and system default privacy configuration, and the range of privacy security detection is enlarged; then, the embodiment of the invention can verify a single function without verifying the privacy security after the whole application is generated, thereby increasing the accuracy of the privacy security positioning and reducing the consumption of resources during detection. Therefore, the update detection method and device based on privacy security, the electronic device and the computer readable storage medium provided by the invention can solve the problem that too much resources and time are consumed in the privacy test process of software application.

Drawings

Fig. 1 is a schematic flowchart of an update detection method based on privacy security according to an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a step in an update detection method based on privacy security according to an embodiment of the present invention;

FIG. 3 is a flowchart illustrating a step in an update detection method based on privacy security according to an embodiment of the present invention;

FIG. 4 is a functional block diagram of an update detection apparatus based on privacy security according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of an electronic device implementing the update detection method based on privacy security according to an embodiment of the present invention.

The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

The embodiment of the application provides an update detection method based on privacy security. The execution subject of the update detection method based on privacy security includes, but is not limited to, at least one of electronic devices such as a server and a terminal that can be configured to execute the method provided by the embodiments of the present application. In other words, the update detection method based on privacy security may be performed by software or hardware installed in the terminal device or the server device, and the software may be a blockchain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.

Fig. 1 is a schematic flowchart of an update detection method based on privacy security according to an embodiment of the present invention. In this embodiment, the update detection method based on privacy security includes:

and S1, acquiring an execution case corresponding to the target micro-service from the pre-constructed execution case database, and running the execution case.

In the embodiment of the present invention, the execution case database is a database that is constructed by an enterprise of the software application for storing a pre-constructed execution case, where the execution case is a set of test input and execution conditions compiled for a specific target and is used to execute a specific function point.

In detail, in the embodiment of the present invention, the running the execution use case includes:

initializing the execution case;

and running the execution case by utilizing a test tool.

In the embodiment of the present invention, because the influence of the execution results of other execution use cases on the execution environment is not determined, the related data related to the execution use cases needs to be initialized, for example, when a file is created, all existing files need to be deleted, then a corresponding number of files are created through the execution use cases, and if the initialization operation is not performed, and it is possible that a file generated by a previous execution use case still exists, it is impossible to determine whether the execution use case is successfully executed.

According to the method and the device, the initialized execution case is utilized, data related to the case execution process can be limited in the field responsible for the target micro service, and the privacy detection accuracy rate is increased.

The initialized execution case can be executed through a test tool, for example, an open source PingCode test management tool.

And S2, acquiring request data generated in the running process of the execution case, redirecting the request data through a gateway, and sending the request data to the original program and the updated program corresponding to the target microservice in parallel.

The original program is a micro service program in the software application which is on-line, and the updating program is a micro service program which is generated by updating on the basis of the original program and is not on-line;

the gateway redirection operation is a method of changing a data transmission destination through a gateway.

Further, the embodiment of the present invention observes the execution process of the execution use case through the Chrome browser, for example, sequentially passes through a developer tool, a Network, an XHR service program, and the like in the Chrome browser, and obtains request data between a client where the execution use case is located and a background server of the application.

In detail, referring to fig. 2, in the embodiment of the present invention, the sending, in parallel, the request data to the original program and the update program corresponding to the target microservice through the gateway redirection operation includes:

s21, importing the request data into the original program according to the destination field parameter in the request data by using a pre-constructed gateway;

s22, acquiring a program interface address corresponding to the updating program;

s23, modifying the destination field parameter in the request data into the program interface address by using a redirection function in a standard input/output header file packet to obtain redirection request data, and importing the redirection request data into the update program by using the gateway according to the program interface address in the redirection request data.

It should be noted that there is a file stream in the data during transmission through the gateway, and in the embodiment of the present invention, the redirection request data is obtained by modifying the stdout field of the file stream in the request data to the program interface address according to the program interface address corresponding to the update program through the redirection function (freeopen ()) in the standard input/output header file packet (< stdio.h >).

According to the embodiment of the invention, through parallel operation, the request data is simultaneously imported into the original program, and the redirection request data is imported into the updating program, so that the original program and the updating program can run under the environment of the same execution case.

And S3, acquiring a first request response data record generated by the original program according to the request data, and acquiring a second request response data record generated by the updating program according to the request data.

In detail, in this embodiment of the present invention, the acquiring a first request response data record generated by the original program according to the request data includes:

The embodiment of the invention can utilize the preset embedded point to monitor whether the original program generates response data. According to the embodiment of the invention, each request data is used as a key, the response data corresponding to each request data is used as a value, key value pair construction is carried out, and sequential storage is carried out to obtain a first request response data record.

Further, in the embodiment of the present invention, a second request response data record generated by the update program according to the request data is obtained in the same manner as the above-mentioned first request response data record generated by the original program according to the request data.

And S4, acquiring the privacy exemption list corresponding to the original program according to the first request response data record.

In the embodiment of the present invention, the privacy exemption list is privacy data kept secret by default according to a policy and privacy data required by a user, for example: according to the contents specified in documents such as "network data security management regulations" and the like, and if a user does not authorize some contents, privacy protection needs to be performed on the some contents.

In detail, referring to fig. 3, in the embodiment of the present invention, the obtaining a privacy exemption list corresponding to the original program according to the first request response data record includes:

s41, inquiring the protocol field of the key field in the first request response data record to obtain a user-defined privacy configuration set;

s42, inquiring a protocol field of a median field in the first request response data record to obtain a default privacy configuration set of the system;

and S43, combining the user-defined privacy configuration set and the system default privacy configuration set by using an intersection set method to obtain a privacy exemption list.

In the embodiment of the invention, the user-defined privacy configuration set needs to be obtained from request data, and the system default privacy configuration set needs to be obtained from response data fed back by the background server.

When the privacy protocol of the request data and the response data is analyzed, privacy configurations of all categories (the user-defined privacy configuration set and the system default privacy configuration set) are obtained, repeated elements are removed through an intersection set method, and a privacy exemption list of a single element is obtained.

And S5, judging whether the updating program reveals privacy or not by utilizing a pre-constructed privacy verification service according to the privacy exemption list and the second request response data record.

In detail, in an embodiment of the present invention, the S5 includes:

The embodiment of the invention has different verification modes aiming at different information types, such as interface privacy verification, privacy verification during storage, privacy verification during operation and the like.

In the embodiment of the present invention, the entry and exit of the update procedure are saved in the second request response data record, which may include personal basic data required by policy, device access information, customized personal health physiological information, and the like.

Specifically, when the privacy exemption list relates to a user-defined protection request, such as a personal health physiological information privacy request, the data relating to the personal health physiological information in the second request response data is checked to obtain personal basic data, including data of a personal identification card, a birthday, a gender, a nationality, a family relationship, an address, a mobile phone number, an email address and the like, and through a regular expression, the identification card expression ^ d {15} | \ d {18}, the mobile phone number expression ^ (13[0-9] |14[5|7] |15[0|1|2|3|5|6|7|8|9] |18[0|1|2|3|5|6|7|8|9]) d {8}, a mailbox | @ \ w + ([ + ] \ W + ]), the embodiment of the invention can detect whether the corresponding sensitive text is contained at the interface or not through a pre-constructed regular detection method, and if so, the leaked privacy exists at the interface.

And querying data related to the device access information in the second request response data according to a privacy requirement for protecting the device access information, which is contained in the privacy exemption list by default, to obtain device information such as a hardware serial number, a device MA address, a software list, a unique device identification code (for example, IMEI/Android ID/IDFA/OpenUDID/GUID/SIM card IMSI information), and the like, in the embodiment of the present invention, the device MA address may be regularly expressed to obtain ^ ([0-9a-fA-F ] {2}) {5}) $, and then checking may be performed in a fuzzy matching manner, and if matching is performed, it is stated that the update program is related to the existence of privacy leakage.

Both the regular detection and the fuzzy matching method can be completed by a conventional detection tool, which is not described herein.

Further, in another embodiment of the present invention, after the determining, by using the pre-built privacy verification service, whether the privacy is leaked by the update program, the method further includes:

The embodiment of the invention can access the updating program to the on-line application through the API interface, thereby realizing the simultaneous existence of the original program and the updating program. When the update program has leaked privacy, the update program can directly alarm relevant departments and output the content of 'leaked privacy at the interface' indicated in the above. When the updated program does not reveal privacy, the original program is directly deleted, the updated program is reserved, and the application can be quickly updated.

In the embodiment of the invention, the original program and the updated program are simultaneously operated through a redirection technology, so that the original program and the updated program can be executed in the same execution case environment, and the test bugs are reduced; obtaining a privacy exemption list in the original program according to the first request response data record of the original program, wherein the privacy exemption list contains user-defined privacy configuration and system default privacy configuration, and the range of privacy security detection is enlarged; then, the embodiment of the invention can verify a single function without verifying the privacy security after the whole application is generated, thereby increasing the accuracy of the privacy security positioning and reducing the consumption of resources during detection. Therefore, the update detection method based on privacy security provided by the invention can solve the problem that too much resources and time are consumed in the privacy test process of software application.

Fig. 4 is a functional block diagram of an update detection apparatus based on privacy security according to an embodiment of the present invention.

The privacy security-based update detection apparatus 100 according to the present invention may be installed in an electronic device. According to the implemented functions, the update detection apparatus 100 based on privacy security may include a use case execution module 101, a redirection module 102, a run record acquisition module 103, and a privacy verification module 104. The module of the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.

In the present embodiment, the functions regarding the respective modules/units are as follows:

the use case execution module 101 is configured to obtain an execution use case corresponding to the target micro service from a pre-constructed execution use case database, and run the execution use case;

the redirection module 102 is configured to obtain request data generated in the execution case operation process, and send the request data to the original program and the updated program corresponding to the target microservice in parallel through a gateway redirection operation;

the running record obtaining module 103 is configured to obtain a first request response data record generated by the original program according to the request data, obtain a second request response data record generated by the update program according to the request data, and obtain a privacy exemption list corresponding to the original program according to the first request response data record;

the privacy verification module 104 is configured to determine whether the update program reveals privacy by using a pre-established privacy verification service according to the privacy exemption list and the second request response data record.

In detail, when the modules in the update detection apparatus 100 based on privacy security according to the embodiment of the present invention are used, the same technical means as the update detection method based on privacy security described in fig. 1 to fig. 3 are adopted, and the same technical effects can be produced, which is not described herein again.

Fig. 5 is a schematic structural diagram of an electronic device implementing an update detection method based on privacy security according to an embodiment of the present invention.

The electronic device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as an update detection program based on privacy security, stored in the memory 11 and executable on the processor 10.

In some embodiments, the processor 10 may be composed of an integrated circuit, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same function or different functions, and includes one or more Central Processing Units (CPUs), a microprocessor, a digital Processing chip, a graphics processor, a combination of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device by running or executing programs or modules (for example, executing an update detection program based on privacy security, and the like) stored in the memory 11 and calling data stored in the memory 11.

The memory 11 includes at least one type of readable storage medium including flash memory, removable hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device, for example a removable hard disk of the electronic device. The memory 11 may also be an external storage device of the electronic device in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device. The memory 11 may be used not only to store application software installed in the electronic device and various types of data, such as codes of an update detection program based on privacy security, but also to temporarily store data that has been output or is to be output.

The communication bus 12 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.

The communication interface 13 is used for communication between the electronic device and other devices, and includes a network interface and a user interface. Optionally, the network interface may include a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), which are typically used to establish a communication connection between the electronic device and other electronic devices. The user interface may be a Display (Display), an input unit such as a Keyboard (Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable, among other things, for displaying information processed in the electronic device and for displaying a visualized user interface.

Fig. 5 only shows an electronic device with components, and it will be understood by a person skilled in the art that the structure shown in fig. 5 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or a combination of certain components, or a different arrangement of components.

For example, although not shown, the electronic device may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so that functions of charge management, discharge management, power consumption management and the like are realized through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.

It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.

The privacy security based update detection program stored in the memory 11 of the electronic device 1 is a combination of instructions that, when executed in the processor 10, may implement:

Specifically, the specific implementation method of the instruction by the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to the drawings, which is not described herein again.

Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. The computer readable storage medium may be volatile or non-volatile. For example, the computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).

The present invention also provides a computer-readable storage medium, storing a computer program which, when executed by a processor of an electronic device, may implement:

In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.

The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.

In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.

The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.

The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.

The embodiment of the application can acquire and process related data based on an artificial intelligence technology. Among them, Artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.

Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.

Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims

1. An update detection method based on privacy security, characterized in that the method comprises:

2. The privacy-security-based update detection method of claim 1, wherein the sending the request data to the original program and the updated program corresponding to the target microservice in parallel through a gateway redirection operation comprises:

acquiring a program interface address corresponding to the updating program;

3. The privacy security-based update detection method of claim 1, wherein the obtaining of the first request response data record generated by the original program according to the request data comprises:

4. The privacy-security-based update detection method according to claim 1, wherein the obtaining a privacy-exemption list corresponding to the original program according to the first request response data record includes:

5. The privacy security-based update detection method of claim 1, wherein the determining whether the update program reveals privacy using a pre-built privacy verification service based on the privacy-exempt list and the second request response data record comprises:

6. The privacy security-based update detection method of any one of claims 1 to 5, wherein after determining whether the update program leaks privacy using a pre-built privacy verification service, the method further comprises:

7. The privacy security-based update detection method of claim 1, wherein the running the execution case comprises:

initializing the execution case;

and running the execution case by utilizing a test tool.

8. An update detection apparatus based on privacy security, the apparatus comprising:

9. An electronic device, characterized in that the electronic device comprises:

at least one processor; and the number of the first and second groups,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the privacy security based update detection method of any one of claims 1 to 7.

10. A computer-readable storage medium, storing a computer program, wherein the computer program, when executed by a processor, implements the privacy security-based update detection method of any one of claims 1 to 7.