KR20160087731A - Method for controlling contents and apparatus therof - Google Patents

Abstract

The present invention relates to a technology for a sensor network, machine to machine (M2M), machine type communication (MTC), and Internet of things (IoT). The present disclosure is applicable to intelligent services (a smart home, a smart building, a smart city, a smart car or a connected car, healthcare, digital education, retail sales, a security and safety related service, etc.). According to one embodiment of the present invention, an operating method of an electronic apparatus comprises the following steps: setting an access authority for at least one content; resetting the access authority for the content when at least one application requests access to the content; and controlling the access of the application according to the reset access authority for the content with respect to the application.

Description

[0001] METHOD FOR CONTROLLING CONTENTS AND APPARATUS THEROF [0002]

The present invention relates to content access authority control of an application.

The Internet is evolving into an Internet of Things (IoT) network that exchanges information between distributed components such as objects in a human-centered connection network where humans generate and consume information. IoE (Internet of Everything) technology, which combines IoT technology with big data processing technology through connection with cloud servers, is also emerging. In order to implement IoT, technology elements such as sensing technology, wired / wireless communication, network infrastructure, service interface technology and security technology are required. In recent years, sensor network, machine to machine , M2M), and MTC (Machine Type Communication).

In the IoT environment, an intelligent IT (Internet Technology) service can be provided that collects and analyzes data generated from connected objects to create new value in human life. IoT is a field of smart home, smart building, smart city, smart car or connected car, smart grid, health care, smart home appliance, and advanced medical service through fusion of existing information technology . ≪ / RTI >

In a mobile communication terminal, a user can install an application that performs a specific function from the outside in addition to an application built in the electronic device. When an application is installed from the outside, the application requests the user to access the content at the time of installation in order to access the contents of the user. When the application requests the access right to the content, there is a case where the purpose of requesting the access right of the application is unclear. In addition, there are cases where it is difficult for the user to know what function of the application the access authority required by the application is required for. In addition, there are cases where it is difficult for the user to recognize the unauthorized operation due to the authority. There is a problem with the above access authority, so if the user denies the access right request, the application can not be installed. Therefore, there is a need for a method that can control the access rights of the application while installing the application requiring the access right.

One embodiment of the present invention provides an apparatus and method for controlling content access rights of an application.

Another embodiment of the present invention provides an apparatus and method for controlling access authority of an application without direct access.

An electronic device according to an embodiment of the present invention sets an access right for one or more contents, re-establishes access right of the content when at least one application requests access to the content, A control unit for controlling the access of the application according to an access right of the application, and a display unit for displaying an access control result of the application.

An operation method of an electronic device according to an exemplary embodiment of the present invention includes: setting an access right for one or more contents; accessing an access right of the content when at least one application requests access to the content; And controlling the access of the application in accordance with the access right of the re-established application to the content.

According to the embodiment of the present invention, it is possible to reduce the battery consumption of the electronic device by protecting the personal information of the user through the control of the access right of the application with respect to the user content in the electronic device and blocking the undesired operation by the user . In addition, it is possible to prevent an application operation error due to the content access right control of the application.

Figure 1 shows an example of a content approach in an electronic device.
Figure 2 shows an example of how a particular application is accessed in an electronic device.
FIG. 3 illustrates a content access right management technique according to an embodiment of the present invention.
FIG. 4 shows an example of the access control target content designation according to the embodiment of the present invention.
5 shows a flow of a content access authorization operation according to an embodiment of the present invention.
FIG. 6 shows an example of access control in direct user input according to an embodiment of the present invention.
7A and 7B show examples of access control in the background input according to the embodiment of the present invention.
FIG. 8 shows a flow of a content access control operation according to user input and background input according to an embodiment of the present invention.
FIG. 9 shows an example of an application access right resetting to a content according to an embodiment of the present invention.
FIG. 10 shows an example of content-based access list management according to an embodiment of the present invention.
11 illustrates an example of background allow / block list management according to an embodiment of the present invention.
FIG. 12 shows an example of a case where the user directly accesses the content with the application set as the prohibition of access according to the embodiment of the present invention.
13 shows an example of application control when content is accessed through another application according to an embodiment of the present invention.
14 shows a flow of an access control operation according to access of contents according to an embodiment of the present invention.
15 shows a flow of operation for content control according to an embodiment of the present invention.
FIG. 16 shows an electronic device control screen for accessing contents of an application according to an embodiment of the present invention.
17 shows a flow chart for electronic device control in accessing content of an application according to an embodiment of the present invention.
FIG. 18 shows a flow of a control operation when a newly installed application according to an embodiment of the present invention has access rights to contents.
FIG. 19 shows a screen for access control management when a newly installed application according to an embodiment of the present invention has access rights to content.
FIG. 20 shows a display screen for content-based lock application control according to an embodiment of the present invention.
FIG. 21 shows a flow of control according to setting of a content to be locked according to an embodiment of the present invention.
22 shows an example of control for access restriction according to the content storage space according to the embodiment of the present invention.
23 shows a display screen for an information storage apparatus lock control according to an embodiment of the present invention.
24 shows a flow of operation for storage lock control according to an embodiment of the present invention.
25 shows a block diagram of an apparatus for content control according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

Hereinafter, the present invention will be described with respect to a technique for content control. In the following description, the electronic device may be a smartphone, a tablet personal computer, a mobile phone, a videophone, an e-book reader, a desktop personal computer, Such as a laptop personal computer (PC), a netbook computer, a personal digital assistant (PDA), a portable multimedia player (PMP), an MP3 player, a mobile medical device, a camera, or a wearable device Such as a head-mounted device (HMD) such as electronic glasses, an electronic garment, an electronic bracelet, an electronic necklace, an electronic app apparel, an electronic tattoo, or a smart watch.

Figure 1 shows an example of a content approach in an electronic device.

Referring to FIG. 1, each application 120, 130, and 140 may attempt to access a specific content 110. If each application 120, 130, 140 has access to the content 110, the respective application 120, 130, 140 can use the content 110.

If it is assumed that the specific application 150 does not have the access right to the specific content 110, the application 150 accesses the content 110 through another application 140 that is permitted to access the content 150 can do. When the above-described method is used, since the application 150, which does not have the access right, can access the specific content 110, information may be leaked without being recognized by the user. In order to solve such a problem, in one embodiment of the present invention, it is possible to perform control according to the access authority by checking the access right of the application attempting to access and another application requesting access to the application.

Figure 2 shows an example of how a particular application is accessed in an electronic device.

Referring to FIG. 2A, the second application 220 may exist in a sandbox form. The second application 220 operates in its own Linux process and can use only resources allocated to itself. The second application 220 may include a broadcast receiver 222, an activity 224, and a contents provider 226 component. The broadcast receiver 222 may provide a method for delivering messages between respective components. The activity 224 may process user input. The content provider 226 may make the database in the application available to other applications.

When a specific application 210 wants to access another application 220, access to another application 220 can use IPC (Inter-Process Communication). In this case, the application 210 attempting to access can perform a desired function or send an intent to an application having the desired data.

If the specific application 210 delivers a message to the application 220 that is to access the message, the message may be delivered to the content provider 226 via the broadcast receiver 222, The intent message may be delivered to the content provider 226 via the activity 224 if the content provider 210 provides the intent message. The content provider 226, which has requested access, can confirm the rights of the application 210 attempting access and allow the application 210 accessing the data when the application 210 has access.

Referring to FIG. 2B, the application 240 can access the application 230 through another application 250. The application 240 may attempt to access the application 230 through another application 250 having the access right if the application 230 does not have the access right. In the case of such a request, the content provider 232 of the application 230 may regard the access request by the application request that the connection is permitted to allow the access to allow access to the data 234. [ Therefore, it is necessary to check whether the application receives an access request from another application and attempts to access the application even if the application has the access right. If the application is an attempt to access by receiving an access request from another application, it is necessary to check the access right of the other application to block access.

FIG. 3 illustrates a content access right management technique according to an embodiment of the present invention.

3, the client application 310 may include various applications 312, 314, 316, and 318. The applications 312, 314, 316 and 318 of the client application 310 may attempt to access the respective contents 321, 323, 325, 327 and 329 of the user contents 320. [ According to the embodiment of the present invention, the application 312, 314, 316, 318 of the client application 310 attempts to access each content 321, 323, 325, 327, 329 of the user content 320 , The electronic device may manage (330) the access rights of the applications 312, 314, 316, and 318.

For example, the electronic device may add access privileges of a particular application to a single allow or allow list, add it to a block list, or add inaccessibility in the Background.

According to another embodiment of the present invention, the electronic device may add the access right of a specific application to the one-time allowance or allowance list, or to always add it to the allowance list. Alternatively, the electronic device may forcibly stop or delete the execution of a specific application when a specific application attempts to access the specific content.

FIG. 4 shows an example of the access control target content designation according to the embodiment of the present invention.

The content control method according to the embodiment of the present invention can designate the content to control the access. As a method of designating the content to be controlled by access, there may be a system automatic designation method or a user selection designation method. When the automatic system designation method is used, the electronic device automatically specifies a basic personal application list and notifies the user of the basic personal application list. When the user agrees with the automatically designated application list, the personal application list can be designated as the management subject content.

Alternatively, when the user selection designation method is used, the user can directly designate a basic personal application list, and can perform collective access prohibition designation or access inhibition designation for the designated contents, and can individually designate or cancel.

Referring to FIGS. 4A and 4B, the user can designate the content to be managed through the user selection designation method. 4 (a) shows an example of application list designation. The user can manage the management subject content list 410 by adding the content to be managed as a management target folder. According to one embodiment, a user can add an application to the management subject content list 410 through a drag method. Alternatively, the user can remove the application from the managed content list 410 through the drag method. FIG. 4B shows an example of the access setting in the management subject content list 410. FIG. The user can designate the prohibition of access 422 or the prohibition of access 424 in a batch designation or individual designation as shown in 420 of FIG. 4 (b).

5 shows a flow of a content access authorization operation according to an embodiment of the present invention.

In the case where a user installs an application on an electronic device and installs a plurality of applications except an application that does not require an access right to the content, the user can not install the application unless he / she agrees with the access right requested by the application, You must agree to the request for access. Accordingly, when installing a new application as in step 510, the installed application obtains access authority from a user to obtain access authority to a specific content.

In step 520, the electronic device confirms that the installed application has the access control content authority. The electronic device checks if the installed application has set the access right to the content included in the management target content list and if the access right is set, the access right to the authorized content is reset in step 530.

For example, if the SNS (Social Networking Service) application 312 shown in FIG. 3 is newly installed and the rights are requested by requesting the rights for the contents 321 and 323 in the installation operation, The access authority level for the contents 321 or 323 may be reset when the contents 312 or 323 accesses the contents 321 or 323.

In another example, when the installed application has set the access right 422 for the content included in the list of contents to be managed as shown in FIG. 4, the electronic device displays the list of contents to be managed in the installed application You can set the access permissions for.

FIG. 6 shows an example of access control in direct user input according to an embodiment of the present invention.

According to an embodiment of the present invention, the electronic device can perform access control according to whether or not a user inputs an application. The electronic device may allow the application to access the management subject content when the application requests access to the management subject content, when the application confirms that the management subject content is accessed through a user input.

6A shows an example in which an application accesses contents through a user's input. For example, the application 620 shown in FIG. 6A may be an SNS application, and the content 630 may be a photo content. According to an embodiment of the present invention, when the user 610 directly accesses the content 630 through the installed application 620, the electronic device detects (650) the application operating state.

Specifically, the electronic device confirms whether the application accessing the content 630 is an access through the external application to the content 630, and confirms the user's input if the access is performed through the external application. If the input of the user is confirmed, the electronic device may allow access of the application. 6A, when the application 620 accesses the content 630, the electronic device may allow access if the user's input is confirmed, After accessing the content 630, an operation 640 using the content may be performed. For example, in the embodiment of FIG. 6A, the application 620 may perform operations on the content 630. For example, the application 620 may upload photo content to a web.

According to the access right management 330 as shown in FIG. 3, even when the specific application is set as access blocking (or rejection), the electronic device can access the specific content of the application for which the access right is blocked Can be accepted. According to an embodiment of the present invention, the electronic device may be configured to allow access even if the access right is blocked even if the user accesses the content through an application for which the access right is blocked.

6B shows an embodiment of a control for preventing an operation error due to an authority reset. FIG. 6A illustrates an example in which a user accesses content directly through an application. FIG. 6B illustrates an example in which a user accesses contents directly through an application set to be blocked. It is.

For example, FIG. 6B may be an example when the SNS application 660 with access blocked accesses the photo content 670. According to an embodiment of the present invention, when the user 610 directly accesses the content 670 via the application 660 whose access is blocked, the electronic device detects (680) an application operating state. At this time, if the malfunction occurs due to the access blocking due to the operation state of the application, the electronic device can notify the user (690).

Specifically, the electronic device confirms whether the SNS application 660 accessing the content 670 accesses through the external application to the content 670, and confirms the input of the user when the application 660 accesses through the external application . If the input of the user is confirmed, the electronic device may allow access of the application. 6B, when the electronic device accesses the photo content 630 with the SNS application 620 for which the access is blocked, if the user's input is confirmed, access to the user is prohibited, as shown at 680 , And may request to reset the access setting of the SNS application for which the access is set to be blocked. According to an embodiment of the present invention, the access setting can be set again by selecting one of the following: always permitted, allowed only when a user is inputting, and always prohibited. If the user always selects allow, the application whose access is blocked is changed to allow the access right. If the user selects allow only at the time of user input, the application whose access is blocked is basically set to be blocked, and the setting is changed to allow access to the content only when the input of the user is confirmed. In addition, if the user always selects prohibition, the application in which the access is blocked is always set to block access to the content regardless of whether the user inputs or not.

7A to 7B show examples of access control in the background input according to the embodiment of the present invention.

In an electronic device, an application may attempt to access content even when there is no user input. In the present invention, a case where an application accesses content without inputting the user is referred to as a background input. Whether or not the background input is performed can be determined by detecting whether the user is activated through a screen off or a CPU background. Also, when the user accesses the content through the application, it can be determined whether the application is operating the function related to the content, and whether or not the background is input.

Referring to FIG. 7A, when a specific application accesses a specific content, the electronic device detects an operation state of the specific application, and when the specific application operates without a user's input, , And may request to set the authority for the specific application.

For example, in the example of FIG. 7A, the application 710 may be an SNS application, and the content 720 may be photo content. When the electronic device accesses the content 720, the electronic device detects (730) an application operation state to check whether the application 710 is through the user's input, If not, the electronic device may determine that access is via background input and display an access message 740 through the background input to the user. For example, the message 740 may be displayed as if the application is being accessed by its own function, and may also indicate the risk of the application and the rights of the application. In the example of FIG. 7A, when the application 710 accesses the content 720 as a background input, the application 710 can display that photographing and moving pictures can be taken, Authority (for example, outgoing). Accordingly, the user can set the access right of the application 710 by selecting one of 'always allow', 'allow only at the time of user input', or 'always prohibit'. If the user sets the access right to 'always allow', the access right of the application 710 to the content 720 is changed from access blocking to accessible. If the user changes the access right to 'allow only at the time of user input', the electronic device adds the application 710 to the background block list, and then the application 710 accesses the content through the background input Can be blocked. Also, if the user sets the access right to 'always prohibited', the application 710 is always set to block access irrespective of the presence or absence of the user's input or background input.

In the example of FIG. 7B, in the example of FIG. 7B, when the application 710 whose access is set to be blocked accesses the content 720, the electronic device detects (730) (710) is through the user's input, and if not, the electronic device determines that access is via the background input and displays the access message (760) via the background input to the user. For example, the message 760 may be displayed such that the application is being accessed by its own function, and the risk of the application and the rights of the application may be displayed. In the example of FIG. 7B, when the application 710 accesses the content 720 as a background input, the application 710 can display that photographing and moving pictures can be photographed, and the application 710 Authority (for example, outgoing). Accordingly, the electronic device may display the screen 760 so that the user can access the content 720 when the application 710 accesses the content 720. The screen may be a screen including options of always allow 762, allow only once 764, force abort 766, delete app 768.

If the user selects the Always allow 762 option, the electronic device may always allow access by the application 710 to inform the application 710 that it no longer advertises access to the content 720.

If the user selects the allow this time only 764 option, the electronic device may allow the application 710 to access once. If the allow only time 764 option is selected, the electronic device may display the screen for the control to the user again when the application 710 accesses the content 720 at a later time.

If the user selects the option Force Abort 766, the electronic device may suspend execution of the application 710. Also, if the user selects the option to delete the application (768), the electronic device may delete the application (710).

FIG. 8 shows a flow of a content access control operation according to user input and background input according to an embodiment of the present invention.

In step 810, the electronic device confirms whether the application accesses the content to be access-controlled (or managed). If the application accesses content that is not subject to access control, access control is not performed.

If the application accesses the access control target content, the electronic device checks in step 820 whether the access of the application is an access through the user's input. If the application is an access through a user's input, the electronic device allows the application in step 830. [

If the application accesses the access control target content, if the application is not accessing the content through the input of the user, for example, in the case of accessing the content through the background input, It is determined whether content access is permitted. If the content access through the background input is blocked, the electronic device proceeds to step 850 to block access to the application. If the content access is allowed through the background input, the electronic device proceeds to step 830, Lt; / RTI >

FIG. 9 shows an example of an application access right resetting to a content according to an embodiment of the present invention.

The electronic device can determine whether or not the privilege is re-established to the application when a specific application accesses the specific content, and can control the access of the content according to the re-establishment. The access right of the application can be reset immediately after installation of a new application having access rights or when an application access to a designated content occurs.

9, if the first application 910 and the second application 920 attempt to access the data 944 of the third application 940, the electronic device can not re- If the privileges of the applications are reset, it is checked whether or not the access right to the contents is authorized, and if the access right exists, the access of the data is permitted. 9, the electronic device performs control of privileges as shown at 930 to determine whether the privilege reset of the application is to be reset via the privilege reset application list, as shown at 932. In the example of FIG. 9, when the second application 920 assumes that the rights are not reset, the electronic device can control to reset the authority of the second application 920 that has attempted access. On the other hand, if the rights are reset as in the case of the first application 910 and the reset rights are allowed to access the content, the first application 910 can access the content provider 942 of the third application 940 Lt; RTI ID = 0.0 > 944 < / RTI >

FIG. 10 shows an example of content-based access list management according to an embodiment of the present invention.

When an application accesses a specific content, the electronic device can determine whether or not the application has access right to the specific content, and can control access of the content according to the access right. The access right of the application can be reset immediately after installation of a new application having access rights or when an application access to a designated content occurs.

10, if the first application 1010 and the second application 1020 attempt to access the data 1044 of the third application 1040, the electronic device can access the applications And permits data access of the application in which the authority exists if the access authority exists. For example, in FIG. 10, the electronic device performs rights control as shown at 1030 to determine whether access rights are granted by checking pre-stored access permission lists and block lists, as shown at 1032. In the example of FIG. 10, when it is assumed that the second application 1020 does not have the access right to the data of the third application 1040, the electronic device determines the right of the second application 1020 You can set it up and control it to add to the allow or block list. The first application 1010 can access the data 1044 via the content provider 1042 of the third application 1040 if the access right is allowed for the content as the first application 1010 have.

11 illustrates an example of background allow / block list management according to an embodiment of the present invention.

The electronic device can determine whether the application accesses the specific content through the background input when the specific application accesses the specific content, and can control the access of the content according to the background input. The electronic device can be set to enable content access through an external application only when a user inputs it, through control according to the background input.

11, if the first application 1110 and the second application 1120 attempt to access the data 1144 of the third application 1140, the electronic device can access the background input of the applications Permissions are granted, and if the access authority exists, the data of the application in which the authority exists is allowed to be accessed.

11, the electronic device performs the control of authority as shown at 1130 to determine whether the access right is authorized by checking the background access permission list stored in advance as shown at 1132. [ 11, when the second application 1120 does not have a background access right for the data of the third application 1140, the electronic device can not access the background of the second application 1120 You can set access permissions to be added to the Allow list or to be added to the Deny list. The first application 1110 accesses the data 1144 via the content provider 1142 of the third application 1140 if the background input access right is allowed for the content, such as the first application 1110. [ can do.

FIG. 12 shows an example of a case where the user directly accesses the content with the application set as the prohibition of access according to the embodiment of the present invention.

The electronic device can allow the application to access if a specific application set to access blocking accesses a specific content or if the application is directly accessed by a user.

12, if the first application 1210 whose access privilege level is set to be blocked attempts to access the data 1234 of the third application 1230, the electronic device determines whether the application It is possible to confirm whether or not the data has been input, and to allow access to the data of the application if it is input by the user.

12, the electronic device may perform the control of authority as shown at 1220 to determine whether the first application 1210 attempts to access via a pre-stored access permission and deny list, Check the permissions. If the first application 1210 is set to allow access to the access through the direct input of the user, the first application 1210 transmits the data (data) via the content provider 1232 of the third application 1230 1234). If the first application 1210 is not configured for access through the direct input of the user, the electronic device informs the user of the access right through the direct user input of the first application 1210, So that the setting can be made accordingly.

13 shows an example of application control when content is accessed through another application according to an embodiment of the present invention.

When an application accesses a specific content through a different application (hereinafter, referred to as a second application), if the second application has access rights to the specific content, the electronic device accesses the first application It is possible to check whether or not the right is granted.

13, the electronic device performs control of authority as shown at 1330, and determines whether or not the access right is authorized by checking a previously stored access permission list as shown at 1332. In the example of FIG. 13, it is assumed that the second application 1320 is allowed to access the data of the third application 1340. The electronic device checks whether the second application 1320 which has attempted to access has been accessed by a request of another application and if the second application 1320 receives a request from another application 1310 The access right of the first application 1310 is confirmed. If the first application 1310 also has access to the data or if the second application 1320 is accessed by a user's direct input, the electronic device can access the second application 1320, And the like.

14 shows a flow of an access control operation according to access of contents according to an embodiment of the present invention.

Referring to FIG. 14, when the application accesses the content, the electronic device checks in step 1410 whether the access right is set. Whether or not the access right has been set can be checked through the previously stored rights reset application list as shown in 932 of FIG. If the access right is not set by the application, the electronic device requests the user to grant the access right to the application in step 1415. [

If the access right is set in the application, the electronic device confirms the access right level in step 1420. The access right level can be checked through a previously stored allowance list or a save list as shown in 1032 of FIG.

If the access privilege level of the application is set to always allow or allow one time, the electronic device checks in step 1430 whether the application requested access through another application. If the application requests access through the request of another application, the electronic device checks the rights of another application in step 1435. If the application does not request access through another application, the electronic device proceeds to step 1450 to allow access of the application.

If the access right level of the application is set to block access, the electronic device checks in step 1460 whether the application is access through the user's input. If the application is not accessing through the user's input, the electronic device proceeds to step 1470 and refuses access to the application. If the application is access through the user's input, the electronic device proceeds to step 1465 The user is requested to notify the restriction and grant the user access to the application.

If the access right level of the application is set to allow access through user input, the electronic device checks in step 1440 whether the application accesses through a user input, and if the input is not an input through a user input The process proceeds to step 1470 where access to the application is denied. If the application is the application through the user's input, the process proceeds to step 1450 and the access to the application is permitted.

15 shows a flow of operation for content control according to an embodiment of the present invention.

Referring to FIG. 15, in step 1510, the electronic device confirms whether the application requesting the access right to the content to be accessed has been reset. The content to be accessed may be designated according to a preset content list, or may be directly specified by a user's selection. The re-establishment of the access right may be performed immediately after the application is installed or when the application accesses the designated content. If the authority of the application is not reset, the electronic device may request the user to reset the authority. The electronic device may also determine whether the access request of the application is through the user's input, and may allow access of the application if the access request is through the user's input.

In step 1520, the electronic device confirms the access authority level of the application. The electronic device can control the access authority level of the application to request the user to set the access authority level if the access authority level is not set. The access privilege level may include access allowance, access denial, access only at the time of user input, and the like.

In step 1530, the electronic device performs control according to an access authority level of the application. The electronic device may block the access of the application when the access privilege level of the application is set to deny access but allow the access if the application is access through the user's input even if the access level of the application is access denied . In addition, the electronic device may allow access of the application when the access right level of the application is allowed access. If the application accesses the content through a request of another application, the electronic device confirms the privilege of the another application and may allow access of the application if the access privilege level of the another application is allowable, If the privilege permission level of another application is access blocking, the access of the application can be blocked. If the privilege level of the other application is access blocking, but the input is via the user's input, the electronic device may allow the access of the application.

FIG. 16 shows an electronic device control screen for accessing contents of an application according to an embodiment of the present invention.

Referring to FIG. 16A, the electronic device can display a screen for displaying whether personal information is monitored. The screen for displaying the personal information monitoring status may include an environment setting unit 1610, an icon 1620 for personal information monitoring, a personal information monitoring display unit 1630, and a personal information monitoring activation indicator 1640. 16A is an example of a screen for setting the environment of the electronic device. The electronic device may include an option other than the options shown in FIG. 16A, The icon 1620 and the display portion 1630 may be displayed using another term or icon.

Referring to FIG. 16 (b), the user can select an option for personal information monitoring displayed on the electronic device. According to the embodiment of the present invention, when the user selects the option for monitoring the personal information, the icon indicating whether or not the option for monitoring the personal information is activated may be changed. If the user selects the option for monitoring the personal information, the icon indicating the activation or deactivation may be displayed as " on " or " off ".

Referring to FIG. 16 (c), according to the embodiment of the present invention, when the user selects the option for personal information monitoring, the screen of FIG. 16 (c) may be displayed. The electronic device can display the screen of FIG. 16 (c) so that the user can set a content to be monitored for personal information. 16C shows an example of the content 1650, 1660, and 1670, but the content is displayed for explanation, and other content besides the content may be displayed.

According to an embodiment of the present invention, if a user sets a monitoring object in advance, the monitoring object that is set in advance without being displayed in FIG. 16C may be set as an object for personal information monitoring. Also, if the option for monitoring the personal information is selected according to the setting, all the contents may be set as objects for personal information monitoring without displaying the FIG. 16 (c).

17 shows a flow chart for electronic device control in accessing content of an application according to an embodiment of the present invention.

In step 1710 of FIG. 17, the electronic device can start personal information monitoring. The personal information monitoring can be activated or deactivated by the user selecting the icon 1620 or the character 1630 as shown in FIG. The personal information monitoring can be started when the user activates the personal information monitoring.

In step 1720, the electronic device can set the monitored content according to the user's selection. The electronic device can set the user to select the monitoring target content by displaying a screen as shown in FIG. 16 (c).

According to an embodiment of the present invention, if a user sets a monitoring object in advance, the monitoring object that is set in advance without being displayed in FIG. 16C may be set as an object for personal information monitoring. Also, if the option for monitoring the personal information is selected according to the setting, all the contents may be set as objects for personal information monitoring without displaying the FIG. 16 (c).

In step 1730, the electronic device can display a notification to the user when the specific application accesses the content to be monitored. The electronic device may display a screen as shown in FIG. 7B to allow the user to always notify, allow only once, forcibly stop the application, or delete the application when the specific application accesses the content to be monitored The user can display a screen for selecting whether or not the user wants to know.

In step 1740, the electronic device performs control according to user selection. If the user selects the Always allow 762 option, the electronic device will always allow access to the application 710 to notify the application 710 that it will no longer be notified that it is accessing the content 720 have.

If the user selects the allow this time only 764 option, the electronic device may allow the application 710 to access once. If the allow only time 764 option is selected, the electronic device may display the screen for the control to the user again when the application 710 accesses the content 720 at a later time.

If the user selects the option Force Abort 766, the electronic device may suspend execution of the application 710. Also, if the user selects the option to delete the application (768), the electronic device may delete the application (710).

FIG. 18 shows a flow of a control operation when a newly installed application according to an embodiment of the present invention has access rights to contents.

FIG. 18 shows the control of the electronic device when a specific application is newly installed and the application has access rights to specific contents.

In step 1810, the electronic device can start monitoring personal information. The personal information monitoring can be activated or deactivated by the user selecting the icon 1620 or the character 1630 as shown in FIG. The personal information monitoring can be started when the user activates the personal information monitoring.

In step 1820, the electronic device can set the content to be monitored according to the user's selection. The electronic device can set the user to select the content to be monitored by displaying a screen such as FIG. 16 (c).

According to an embodiment of the present invention, if a user sets a monitoring object in advance, the monitoring object that is set in advance without being displayed in FIG. 16C may be set as an object for personal information monitoring. Also, if the option for monitoring the personal information is selected according to the setting, all the contents may be set as objects for personal information monitoring without displaying the FIG. 16 (c).

In step 1830, the electronic device can display a screen for access control to the user when the newly installed application has the access right to the content to be monitored. The screen may be a screen as shown in FIG. 7B.

In step 1830, the electronic device may display a notification to the user when the newly installed application accesses the monitored content. The electronic device may display a screen as shown in FIG. 7B to allow the user to always notify, allow only once, forcibly stop the application, or delete the application when the specific application accesses the content to be monitored The user can display a screen for selecting whether or not the user wants to know.

In step 1840, the electronic device performs control according to user selection. If the user selects the Always allow 762 option, the electronic device will always allow access to the application 710 to notify the application 710 that it will no longer be notified that it is accessing the content 720 have.

If the user selects the allow this time only 764 option, the electronic device may allow the application 710 to access once. If the allow only time 764 option is selected, the electronic device may display the screen for the control to the user again when the application 710 accesses the content 720 at a later time.

If the user selects the option Force Abort 766, the electronic device may suspend execution of the application 710. Also, if the user selects the option to delete the application (768), the electronic device may delete the application (710).

FIG. 19 shows a screen for access control management when a newly installed application according to an embodiment of the present invention has access rights to content.

Referring to FIG. 19, when the newly installed application accesses the content to be monitored, the electronic device can display a screen for access control to the contents of the newly installed application. In a portion 1910 of displaying a danger warning on the screen for access control to the contents, a screen for warning a danger according to an expected operation due to execution of the application may be displayed.

In the portion 1920 of displaying the designated personal content related authority list, a list of rights related to the monitored content can be displayed.

In a portion 1930 of selecting a user selection option, a selection option may be displayed to the user to control the application. In the example of FIG. 19, the electronic device includes an option 1932 for always allowing an access control screen to the user, an option 1934 for displaying only once, an option 1936 for forcibly stopping execution of the application, Option 1938 can be displayed.

FIG. 20 shows a display screen for content-based lock application control according to an embodiment of the present invention.

20 (a) shows an example of a screen for personal information lock. Referring to FIG. 20 (a), the electronic device can display a screen for displaying whether personal information is locked or not. The screen for displaying whether or not the personal information is locked may include an environment setting unit 2010, an icon 2020 for personal information locking, a personal information lock display unit 2030, and a personal information lock activation indicator 1640 . 20 (a) shows an example of a screen for setting the environment of the electronic device. The electronic device may include an option other than the option shown in FIG. 20 (a) Options may be displayed using other terms or icons. The user can select an option for locking personal information displayed on the electronic device. According to the embodiment of the present invention, when the user selects the option for locking the personal information, the icon indicating whether the option for locking the personal information is activated may be changed. If the user selects the option for locking the personal information, the icon indicating the activation or non-activation may be displayed as " on " or " off ".

FIG. 20 (b) shows an example of the list display of the content to be locked. Referring to FIG. 20 (b), according to an embodiment of the present invention, when the user selects the option for locking the personal information, the screen of FIG. 20 (b) may be displayed. The electronic device can display the screen of FIG. 20 (b) so that the user can set a content for personal information lock. 20B, only the contents of the picture 2050, the character 2052, the location 2054, the address book 2056, and the schedule 2058 are displayed. However, this is shown for the sake of understanding of the drawings, Other contents may be displayed.

According to an embodiment of the present invention, if a user sets a lock object in advance, the lock object that is set in advance without being displayed in FIG. 20B may be set as a target for personal information lock. In addition, if the option for locking the personal information is selected according to the setting, all the contents may be set as objects for personal information lock without displaying the FIG. 20 (b).

Referring to FIG. 20 (b), the electronic device can display contents to be locked. The user can select a specific content among the contents displayed on the electronic device. Further, the user can select an application to be selected as an exception of personal information lock among applications accessing the content by selecting a specific content among the contents displayed on the electronic device.

FIG. 20C shows an example of a screen when a specific content is selected from the contents displayed on the electronic device. Referring to (c) of FIG. 20, when the user selects a specific content among the contents shown in (b) of FIG. 20, the electronic device can display applications accessing the content. Accordingly, the user can select a specific application from among the applications and set the access to be possible regardless of whether the specific content is an object to be locked. If the user does not set a lock exception application for the specific content to be locked, access to all applications may be blocked. In FIG. 20C, only the applications of Cloud 1 2062, SNS 2064 and Cloud 2 2066 are shown for the sake of understanding of the drawings, and other applications can be displayed.

FIG. 21 shows a flow of control according to setting of a content to be locked according to an embodiment of the present invention.

In step 2110, the electronic device may start blocking personal information. The electronic device can start blocking personal information when the user selects the personal information lock option after displaying the screen as shown in FIG. 20 (a).

In step 2120, the electronic device can set the content to be blocked. The electronic device can control the user to select a specific content and set it as a blocking target after displaying the screen as shown in FIG. 20 (b).

In step 2130, the electronic device may set a block exception application for the personal content to be blocked. The electronic device can control the user to select a specific application and set it as a block exception object after displaying a screen as shown in FIG. 20 (c).

In step 2140, the electronic device may prohibit access to the content to be blocked in addition to the blocking exception application. The electronic device can prohibit access when an application other than the application set in step 2130 accesses the content to be locked.

22 shows an example of control for access restriction according to the content storage space according to the embodiment of the present invention.

Referring to FIG. 22 (a), the electronic device can divide and store the contents in a storage space. Referring to FIG. 22 (a), the storage device may use a separate storage 2220 from the basic storage 2210. The user may store contents to be controlled according to the storage space in the separate storage 2220 in order to control contents according to the storage space. 22 (a), the separate storage 2220 may include a common storage space 2222 and a content storage space 2230. The content storage space 2230 may include a photo 2232, An address book 2234, and an address book 2236 storage space. Although only the photograph 2232, the character 2234, and the address book 2236 storage space are shown for the description of the drawings, storage space for other contents other than the contents may be included.

Referring to FIG. 22 (b), the electronic device may hide contents stored in the separate storage 2220 when the user's use of the electronic device is not detected. The electronic device can control the application to access the hidden content by providing the application with information excluding the information about the hidden content when the specific application requests access to the hidden content.

Referring to FIG. 22C, the electronic device may access the storage of the contents stored in the separate storage 2220 when the user's use of the electronic device is not detected, Lt; / RTI > For example, the electronic device may be configured such that when a user configures the address book content 2236 to allow a particular application to perform storage when the user does not use the electronic device, To allow the application to access and perform storage of the address book 2236 content. At this time, since the application can not confirm information about contents other than the address book 2236 and can only check information about the contents of the address book 2236, it may be impossible to access contents other than the contents of the address book 2236 .

Referring to (d) of FIG. 22, the electronic device can set a storage space so that a specific application can check only information about a specific content even when the user is using the electronic device. For example, the electronic device may be configured to allow a particular application to view information about storage space for specific content and general storage 2222. [ Accordingly, even when the user is using the electronic device, the specific application can access the specific contents 2232 and the general storage space 2222, which are capable of acquiring information, so that the contents 2232 and the general storage And access the space to perform the function of the application.

23 shows a display screen for an information storage apparatus lock control according to an embodiment of the present invention.

Referring to FIG. 23, the electronic device may display a screen for indicating whether or not the personal information storage device is locked. The screen for displaying whether the personal information storage apparatus is locked includes an environment setting unit 2310, an icon 2320 for locking the personal information storage apparatus, a personal information storage apparatus lock display unit 2330, and a personal information storage apparatus lock activation indicator 2340 The electronic device may include an option other than the option shown in FIG. 23, and an option for indicating whether or not the personal information storage device is locked may be displayed using another term or icon. If the user activates the personal information storage device lock option, the electronic device can perform control over the set storage space.

24 shows a flow of operation for storage lock control according to an embodiment of the present invention.

In step 2410, the electronic device can establish a lock of the personal information storage device. The electronic device can display a screen indicating whether or not the personal information storage device is locked as shown in FIG. 23, and when the user performs an input for activating the locking of the personal information storage device, Thereby locking the information storage device.

In step 2420, the electronic device can set the content to be locked. The electronic device may display a list of contents to the user to control the user to set the content to be locked or may set the content to be locked using the pre-stored content to be locked.

In step 2430, the electronic device may select a lock exception application. The electronic device may set a specific application in the lock exception application so that access to the content may be exceptionally allowed even if the content is set as the lock target content in step 2420. [

In step 2440, the electronic device may detect a user's access. If the user's access is detected, the electronic device proceeds to step 2450 and may provide information about the content to the specific application so that the specific application being executed by the user can access predetermined preset contents. Accordingly, the specific application can acquire information on the content and perform an operation using the content.

If the access of the user is not detected, the electronic device checks in step 2460 whether the lock exception application accesses the specific content. If the application accessing the specific content is a lock exception application, the electronic device may proceed to step 2450 to provide information about the content to the specific application. Accordingly, the specific application can acquire information on the content and perform an operation using the content.

If an application other than the lock exception application accesses the specific content in step 2460, the electronic device may not provide the application with the information on the specific content in step 2470. [ Accordingly, the application, which is not the lock exception application, can not acquire information on the content, and thus can not perform the content usage operation.

25 shows a block diagram of an apparatus for content control according to an embodiment of the present invention.

25, the apparatus includes a communication unit 2510, a control unit 2520, a storage unit 2530, and a display unit 2540.

The communication unit 2510 performs a function for transmitting and receiving a signal through a wireless channel such as band conversion and amplification of a signal. For example, the communication unit 2510 may include a transmission filter, a reception filter, an amplifier, a mixer, an oscillator, a digital to analog converter (DAC), and an analog to digital converter (ADC). 25, only one antenna is shown, but the communication unit 2510 may include a plurality of antennas. The communication unit 2510 may be referred to as a transmission unit, a reception unit, a transmission / reception unit, or a communication unit.

The storage unit 2530 stores data such as a basic program, an application program, and setting information for the operation of the device for access control. In particular, the storage unit 2530 may store information related to an access right for access control. The storage unit 2530 provides the stored data at the request of the controller 2520.

The controller 2520 controls overall operations of the apparatus for managing access to the mobile station. The control unit 2520 includes an access control unit 2525. For example, the access control unit 2525 controls the access control unit 2525 such that the apparatus for access control is the same as the apparatus shown in FIG. 5, 6, 7A, 7B, 8, 9, 10, 11, 12, 13, 14, and 15 to perform the process shown in Figs. The operation of the controller 2520 according to an embodiment of the present invention is as follows.

The control unit 2520 determines whether the application requesting access to the content to be accessed has been reestablished. The content to be accessed may be designated according to a preset content list, or may be directly specified by a user's selection. The re-establishment of the access right may be performed immediately after the application is installed or when the application accesses the designated content. If the authority of the application is not reset, the controller 2520 may request the user to reset the authority. Also, the controller 2520 can check whether the access request of the application is through the user's input, and allow the access of the application if the access request is through the user's input.

The controller 2520 confirms the access authority level of the application. The controller 2520 can check the access authority level of the application and request the user to set the access authority level if the access authority level is not set. The access privilege level may include access allowance, access denial, access only at the time of user input, and the like.

The controller 2520 performs control according to the access authority level of the application. The control unit 2520 blocks the access of the application when the access right level of the application is set to the access blocking level. However, if the access level of the application is access blocking, Can be accepted. Also, the control unit 2520 may allow the access of the application when the access right level of the application is allowable. If the application accesses the content through a request of another application, the control unit 2520 may check the privilege of the other application and allow access of the application if the privilege level of the other application is allowable , The access of the application can be blocked if the privilege level of another application is access blocking. If the privilege level of the other application is access blocking, the control unit 2520 may allow access of the application.

The display unit 2540 receives information from the control unit and displays information on the electronic device. For example, the display unit 2540 may display the access right level of the application, the access right of the application, the risk due to the access right of the application, etc., based on the access right control result of the content from the controller 2520 Can be displayed.

Methods according to the claims or the embodiments described in the specification may be implemented in hardware, software, or a combination of hardware and software.

When implemented in software, a computer-readable storage medium storing one or more programs (software modules) may be provided. One or more programs stored on a computer-readable storage medium are configured for execution by one or more processors in an electronic device. The one or more programs include instructions that cause the electronic device to perform the methods in accordance with the embodiments of the invention or the claims of the present invention.

Such programs (software modules, software) may be stored in a computer readable medium such as a random access memory, a non-volatile memory including a flash memory, a ROM (Read Only Memory), an electrically erasable programmable ROM (EEPROM), a magnetic disc storage device, a compact disc-ROM (CD-ROM), a digital versatile disc (DVDs) An optical storage device, or a magnetic cassette. Or a combination of some or all of these. In addition, a plurality of constituent memories may be included.

In addition, the program may be transmitted through a communication network composed of a communication network such as the Internet, an Intranet, a LAN (Local Area Network), a WLAN (Wide LAN), or a SAN (Storage Area Network) And can be stored in an attachable storage device that can be accessed. Such a storage device may be connected to an apparatus performing an embodiment of the present invention via an external port. In addition, a separate storage device on the communication network may be connected to an apparatus that performs an embodiment of the present invention.

In the concrete embodiments of the present invention described above, the elements included in the invention are expressed singular or plural in accordance with the specific embodiment shown. It should be understood, however, that the singular or plural representations are selected appropriately according to the situations presented for the convenience of description, and the present invention is not limited to the singular or plural constituent elements, And may be composed of a plurality of elements even if they are expressed.

While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments, but is capable of various modifications within the scope of the invention. Therefore, the scope of the present invention should not be limited by the illustrated embodiments, but should be determined by the scope of the appended claims and equivalents thereof.

Claims (44)

In an electronic device,
The access authority to the contents is reset, and when at least one application requests access to the contents, the access right of the contents is reset, and the access right to the contents of the reset application A control unit for controlling access of the application,
And a display unit for displaying an access control result of the application.
The method according to claim 1,
Wherein the control unit designates the content as an access authority management target according to a preset content list or designates a content selected by the user as an access authority management target.
The method according to claim 1,
Wherein the control unit resets the access right immediately after installation of the application or when the application accesses the designated content.
The method according to claim 1,
Wherein the display unit displays a message for requesting permission resetting to the user when the authority of the application is not reset.
The method according to claim 1,
Wherein the display unit displays a message informing the user of the access restriction when the access right level of the application is set to be blocked and the application accesses through the user's input.
The method according to claim 1,
Wherein the control unit determines whether an access request of the application is based on a user's input.
The method according to claim 6,
Wherein the control unit permits access of the application when the access request of the application is through the input of the user.
The method according to claim 1,
Wherein the control unit determines whether access to the content by the application is an access based on a user's input when the application is set to block access to the content.
9. The method of claim 8,
Wherein the control unit requests the user to set the access right when the access right level of the application is set to be blocked and the application is accessing through the user's input.
9. The method of claim 8,
Wherein the control unit refuses access to the application when the access right level of the application is set to be blocked and access to the content of the application is not access through the input of the user.
The method according to claim 1,
Wherein the control unit permits access when the access right level of the application is set to allow access or allow access once.
12. The method of claim 11,
Wherein the control unit confirms the authority of the second application when it is determined that the first application permitted to access attempts to access the content through a request of the second application.
13. The method of claim 12,
Wherein the control unit permits access of the first application when the access right level of the second application is set to allow access.
13. The method of claim 12,
Wherein the control unit blocks the access of the first application when the authority of the second application is set to the access blocking.
13. The method of claim 12,
Wherein the control unit checks whether the second application is an access through a direct input of the user when the authority of the second application is set to the access blocking and if the direct input of the user is confirmed, A device that allows access.
The method according to claim 1,
Wherein the control unit controls to display a screen informing that the application accesses the content when the at least one application requests access to the content.
17. The method of claim 16,
The screen informing that the application accesses the content may include an option to notify each time the application accesses the content, an option to allow the application to access the content once, an option to stop execution of the application, A device comprising an option to perform the deletion of an application.
The method according to claim 1,
Wherein the control unit controls the display unit to display a screen informing that the application is accessing the content when the at least one application is first executed after being installed in the electronic device.
The method according to claim 1,
Wherein the control unit is configured to set an application that is exceptionally accessible to the content when the content is content for which access is prohibited.
The method according to claim 1,
And a storage unit for storing the content by setting a storage area according to a characteristic of the content.
21. The method of claim 20,
Wherein the control unit controls the at least one application to provide only information on the storage area of the storage unit.
21. The method of claim 20,
Wherein the control unit controls the at least one application to provide information on the content when the user senses the use of the at least one application.
A method of operating an electronic device,
Setting an access right to one or more contents,
Resetting an access right of the content when at least one application requests access to the content;
And controlling access of the application in accordance with an access right of the re-established application to the content.
24. The method of claim 23,
Wherein the act of setting access rights to the one or more contents comprises:
Designating the content as an access authority management target according to a preset content list or designating a content selected by the user as an access authority management target.
24. The method of claim 23,
The operation of resetting the access right of the content,
And immediately after installation of the application or when the application accesses the specified content.
24. The method of claim 23,
Further comprising: displaying a message requesting a user to reestablish the authority if the access right of the application is not reestablished.
24. The method of claim 23,
Further comprising the step of displaying a message informing the user of the access restriction when the access right level of the application is set to be blocked and the application is accessing through the user's input.
24. The method of claim 23,
Wherein the control of accessing the application according to the access right of the application comprises:
And determining whether an access request for the access management target content of the application is through a user's input.
29. The method of claim 28,
Wherein the control of accessing the application according to the access right of the application comprises:
And allowing access to the application if the application's access request is through the user's input.
24. The method of claim 23,
Wherein the control of accessing the application according to the access right of the application comprises:
And determining whether access to the content of the application is an access through a user's input if the application is set to block access to the content.
31. The method of claim 30,
Wherein the control of accessing the application according to the access right of the application comprises:
And requesting the user to set the access right when the access privilege level of the application is set to be blocked and the access of the application to the content is through the user's input.
31. The method of claim 30,
Wherein the control of accessing the application according to the access right of the application comprises:
And denying access to the application if the access privilege level of the application is set to block and the application is not access through the user's input.
24. The method of claim 23,
Wherein the control of accessing the application according to the access right of the application comprises:
And allowing access if the access privilege level of the application is set to allow access or allow access once.
34. The method of claim 33,
Further comprising checking the rights of the second application when it is determined that the first application permitted to access attempts to access the content through the request of the second application.
35. The method of claim 34,
Wherein the operation of verifying the authority of the second application comprises:
And allowing access of the first application if the access right level of the second application is set to allow access.
35. The method of claim 34,
Wherein the operation of verifying the authority of the second application comprises:
And allowing access of the first application if the access privilege level of the second application is set to access denial.
35. The method of claim 34,
If the authority of the second application is set to access blocking, whether the second application is an access through direct input of the user, and if the direct input of the user is confirmed, access to the first application is permitted ≪ / RTI >
24. The method of claim 23,
Further comprising displaying a screen informing that the application is accessing the content when the at least one application requests access to the content.
39. The method of claim 38,
The screen informing that the application accesses the content may include an option to notify each time the application accesses the content, an option to allow the application to access the content once, an option to stop execution of the application, A method that includes an option to perform the deletion of an application.
24. The method of claim 23,
Further comprising displaying a screen informing that the application is accessing the content when the at least one application is first executed after being installed in the electronic device.
24. The method of claim 23,
And controlling the application to set an application that is exceptionally accessible to the content when the content is prohibited from accessing the content.
24. The method of claim 23,
And setting the storage area according to the characteristic of the content to store the content.
43. The method of claim 42,
And controlling the at least one application to provide only information on the storage area set in advance.
43. The method of claim 42,
And controlling the at least one application to provide information about the content when the user detects the use of the at least one application.

Images