WO2017024633A1 - Identity authentication-based space switching method and device and terminal - Google Patents

Identity authentication-based space switching method and device and terminal Download PDF

Info

Publication number
WO2017024633A1
WO2017024633A1 PCT/CN2015/088506 CN2015088506W WO2017024633A1 WO 2017024633 A1 WO2017024633 A1 WO 2017024633A1 CN 2015088506 W CN2015088506 W CN 2015088506W WO 2017024633 A1 WO2017024633 A1 WO 2017024633A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
space
user
preset key
user space
Prior art date
Application number
PCT/CN2015/088506
Other languages
French (fr)
Chinese (zh)
Inventor
李小辉
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017024633A1 publication Critical patent/WO2017024633A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt

Definitions

  • the present invention relates to the field of terminal technologies, and in particular, to an identity-based space switching method, an identity-based space switching device, and a terminal.
  • system terminals of multiple operating systems have entered daily life, but multiple operating systems occupy resources of mobile terminals, such as CPU (Central Processing Unit) or large memory.
  • mobile terminals such as CPU (Central Processing Unit) or large memory.
  • CPU Central Processing Unit
  • multi-domain operation on mobile terminals is a good solution, which provides a lightweight system virtualization solution. Allow multiple users to run on one operating system, so each user can have their own user space, and the resources of each user space are isolated from each other.
  • the above switching mode needs to sequentially light up the screen, unlock the screen, and click the switch to switch to the specified user space after the identity authentication succeeds, so that User space switching operations are cumbersome and inconvenient for users.
  • the invention is based on the above problems, and proposes a new technical solution, which can simplify the user.
  • the operation of switching the space improves the security of each user space.
  • an aspect of the present invention provides an identity-based space switching method for a terminal having multiple user spaces, including: receiving an identity verification key in a current user space; and verifying a key according to the identity Retrieving, in the preset key database, whether there is a preset key consistent with the identity verification key; determining, according to the retrieval result, whether to perform space switching according to the identity verification key.
  • multiple user spaces in the terminal share an operating system, which can reduce the requirements on the performance of the terminal.
  • Resources sharing can be performed between multiple user spaces, and resource isolation can also be performed by using Namespace (namespace) technology.
  • namespace Namespace
  • the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal.
  • the key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example,
  • the dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
  • determining, according to the retrieval result, whether to perform spatial switching according to the identity verification key specifically: when determining that the preset key database has the identity verification key
  • the preset key is used, the current user space is switched to the target user space corresponding to the preset key. Otherwise, space switching is prohibited.
  • the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database.
  • the user can switch to the user space corresponding to the preset key.
  • the method before the receiving the identity verification key in the current user space, the method further includes: setting, according to the received setting command, at least one pre-preparation for each user space in the multiple user spaces. Set the key.
  • a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security.
  • the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
  • the method before the receiving the identity verification key in the current user space, the method further includes: saving the at least one preset key corresponding to each of the set user spaces to the pre And setting a key database for retrieving whether the preset key database has the preset key that is consistent with the identity verification key received in the current user space.
  • each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof.
  • the implementation of the identity authentication keystore can be various, and can be a database or a file.
  • the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed.
  • the space may be associated with at least one of its corresponding preset keys.
  • the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information .
  • the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information.
  • fingerprint information iris image information
  • face image information text information
  • audio information reference objects Information
  • color information color information.
  • a plurality of preset keys may be used separately or in combination.
  • the user may set a password type preset key for the user space used for work.
  • the user space for storing private contacts sets two preset keys, iris and password.
  • Another aspect of the present invention provides an identity-based space switching apparatus for a terminal having a plurality of user spaces, including: a receiving unit that receives an identity verification key in a current user space; and a retrieval unit according to the identity Verifying the key, retrieving in the preset key database whether there is a preset key consistent with the identity verification key; determining unit, according to the retrieval result, Whether to perform space switching according to the authentication key.
  • multiple user spaces in the terminal share an operating system, which can reduce the performance requirements of the terminal.
  • Resources can be shared between multiple user spaces, and resource isolation can be performed through Namespace technology to ensure each user. Space privacy and security.
  • the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal.
  • the key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example,
  • the dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
  • the determining unit is specifically configured to: when determining, in the preset key database, the preset key that is consistent with the identity verification key, from the current user The space is switched to the target user space corresponding to the preset key. Otherwise, space switching is prohibited.
  • the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database.
  • the user can switch to the user space corresponding to the preset key.
  • the method further includes: setting, before the receiving the identity verification key in the current user space, setting, for each user space in the multiple user spaces, according to the received setting command At least one default key.
  • a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security.
  • the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
  • the method further includes: a storage unit, in the current user Before receiving the authentication key, the at least one preset key corresponding to each user space is saved in the preset key database for searching whether the preset key database is used Having the preset key that is consistent with the identity verification key received in the current user space.
  • each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof.
  • the implementation of the identity authentication keystore can be various, and can be a database or a file.
  • the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed.
  • the space may be associated with at least one of its corresponding preset keys.
  • the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information .
  • the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information.
  • fingerprint information iris image information
  • face image information text information
  • audio information reference objects Information
  • color information color information.
  • a plurality of preset keys may be used separately or in combination.
  • the user may set a password type preset key for the user space used for work.
  • the user space for storing private contacts sets two preset keys, iris and password.
  • a terminal includes a plurality of user spaces and the identity verification based space switching device according to any one of the foregoing technical solutions, and therefore, the terminal has any one of the foregoing technical solutions.
  • the same technical effects of the identity-based space switching device described in the section are not described herein.
  • the interface especially for the terminal in the lock screen state, can directly perform the dual functions of identity authentication and user space switching in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the security. user experience.
  • FIG. 1 shows a flow chart of an identity-based spatial switching method in accordance with one embodiment of the present invention
  • FIG. 2 shows a block diagram of an identity-based spatial switching device in accordance with one embodiment of the present invention
  • Figure 3 shows a block diagram of a terminal in accordance with one embodiment of the present invention
  • FIG. 4 is a schematic diagram showing correspondence between a user space and a keystore in a lock screen state according to an embodiment of the present invention
  • FIG. 5 is a schematic diagram showing correspondence between a user space and a keystore in a screen unlock state according to an embodiment of the present invention
  • FIG. 6 shows a schematic diagram of a terminal in accordance with another embodiment of the present invention.
  • FIG. 1 shows a flow chart of an identity-based spatial switching method in accordance with one embodiment of the present invention
  • an identity-based space switching method is used for a terminal having multiple user spaces, including:
  • Step 102 Receive an authentication key in the current user space.
  • Step 104 retrieve, in the preset key database, whether there is a preset key that is consistent with the identity verification key according to the identity verification key.
  • Step 106 Determine, according to the retrieval result, whether to perform space switching according to the identity verification key.
  • the technical solution can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal.
  • the key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example,
  • the dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
  • the step 106 specifically includes: when determining that the preset key database has a preset key that is consistent with the identity verification key, switching from the current user space to the target user corresponding to the preset key Space, otherwise, space switching is prohibited.
  • the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database.
  • the user can switch to the user space corresponding to the preset key.
  • the method further includes: setting, according to the received setting command, at least one preset key for each user space in the plurality of user spaces.
  • a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security.
  • the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
  • the method further includes: saving at least one preset key corresponding to each user space that is set to a preset key database for searching in a preset key database. Whether there is a preset key that is consistent with the authentication key received in the current user space.
  • each user space and at least one preset secret set for it are required.
  • the key associations are stored in a preset key database to facilitate authentication and space switching based on their associations.
  • the implementation of the identity authentication keystore can be various, and can be a database or a file.
  • the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed.
  • the space may be associated with at least one of its corresponding preset keys.
  • the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, and color information.
  • the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information.
  • fingerprint information iris image information
  • face image information text information
  • audio information reference objects Information
  • color information color information.
  • a plurality of preset keys may be used separately or in combination.
  • the user may set a password type preset key for the user space used for work.
  • the user space for storing private contacts sets two preset keys, iris and password.
  • FIG. 2 shows a block diagram of an identity-based spatial switching device in accordance with one embodiment of the present invention.
  • an authentication-based spatial switching apparatus 200 is used for a terminal having a plurality of user spaces, including: a receiving unit 202, which receives an identity verification key in a current user space; The unit 204 retrieves, according to the identity verification key, whether the preset key is consistent with the identity verification key in the preset key database. The determining unit 206 determines whether to perform space switching according to the identity verification key according to the retrieval result.
  • multiple user spaces in the terminal share an operating system, which can reduce the performance requirements of the terminal.
  • Resources can be shared between multiple user spaces, and resource isolation can be performed through Namespace technology to ensure each user. Space privacy and security.
  • the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal.
  • the key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example, Terminal In the lock screen state, the dual functions of identity authentication and user space switching are directly completed, which not only simplifies user operations, but also improves the security of each user space and improves the user experience.
  • the determining unit 206 is specifically configured to: when determining that the preset key database has a preset key that is consistent with the identity verification key, switch from the current user space to the preset key corresponding to the preset key Target user space, otherwise, space switching is prohibited.
  • the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database.
  • the user can switch to the user space corresponding to the preset key.
  • the method further includes: a setting unit 208, configured to set at least one preset for each user space in the plurality of user spaces according to the received setting command before receiving the identity verification key in the current user space. Key.
  • a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security.
  • the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
  • the storage unit 210 further saves the set at least one preset key corresponding to each user space to the preset key database before the current user space receives the identity verification key. For retrieving whether the preset key database has a preset key that is consistent with the authentication key received in the current user space.
  • each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof.
  • the implementation of the identity authentication keystore can be various, and can be a database or a file.
  • the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed.
  • the space may be associated with at least one of its corresponding preset keys.
  • the at least one preset key includes at least one of the following or The combination: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information.
  • the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information.
  • fingerprint information iris image information
  • face image information text information
  • audio information reference objects Information
  • color information color information.
  • a plurality of preset keys may be used separately or in combination.
  • the user may set a password type preset key for the user space used for work.
  • the user space for storing private contacts sets two preset keys, iris and password.
  • Figure 3 shows a block diagram of a terminal in accordance with one embodiment of the present invention.
  • a terminal 300 includes a plurality of user spaces 302 and an identity-based space switching device 200 shown in FIG. 2 according to an embodiment of the present invention. Therefore, the terminal 300 has FIG. 2 The same technical effects of the illustrated identity-based spatial switching device 200 are not described herein.
  • FIG. 4 and 5 illustrate corresponding diagrams of user space and keystores in accordance with one embodiment of the present invention.
  • n spaces share an Android OS (Android Operating System), each space corresponds to one user, and the n user spaces can use the isolation technology to implement data.
  • the isolation of each other allows each user to run in their own space. If the terminal resource is not isolated by using isolation technology, the resource is shared resources will be shared by all users. For example, the camera is a shared resource, and users in n spaces can call the camera to take photos.
  • the Namespace (namespace) is used to isolate the global resources of the system, so that each user space is isolated from each other.
  • the Namespace is a kind of isolation provided by the kernel of Linux (a free operating system on a personal computer) for isolation.
  • the system global resource mechanism is mainly used in the operating system-level virtualization solution based on container technology, which can isolate different containers that use global system resources.
  • the terminal includes: an identity authentication module, a user space switching module, and an identity authentication keystore, wherein the identity authentication keystore is used for identity authentication.
  • the identity authentication module, the user space switching module, and the identity authentication keystore are n.
  • User space is shared, that is, in any user space, the user can call the identity authentication module and the user space switching module to enter the identity authentication key pool.
  • the identity authentication module mainly performs the following functions: setting the user's identity authentication mode and binding with the corresponding user space; completing the user identity authentication when the screen is unlocked, specifically including:
  • User-set authentication methods are various, such as fingerprint recognition, pattern unlocking, and numeric passwords.
  • the unlocking key can be set for each user space.
  • the fingerprint authentication mode unlocking mode is set for the user space
  • the unlocking fingerprint of the user space 1 is set as the right thumb
  • the unlocking fingerprint of the user space 2 is set as the right index finger.
  • the unlocked fingerprint, pattern or password is collectively referred to as the identity authentication key K, and the K of each user space is different.
  • each user space corresponds to an identity authentication key.
  • K, user space i and K i are bound one by one (as shown in Figure 4).
  • any identity authentication key K K 1 , K 2 , . . . , K n
  • the user space i corresponds to n keys K(K 1 , K 2 , . . . , K n ).
  • the user space switching module is used to complete the function of user space switching, including switching of the user space in the screen unlocking state and switching of the user space in the screen lock screen state.
  • the user space switching in the unlock state of the screen means that the user has completed the screen unlocking, and is normally in the space i, and then switches to the space j; the user space switching in the screen lock screen state means that the current screen is in the locked state.
  • the identity authentication key K i provided by the user, the identity authentication is completed and the screen is unlocked, and directly enters the space i.
  • the identity authentication keystore is used to store the user identity authentication data.
  • the identity authentication key K for screen unlocking not only the identity authentication key K for screen unlocking but also the user space i corresponding to the identity authentication key K i is stored.
  • the implementation of the identity authentication key pool may be various, and may be a database or a file.
  • FIG. 6 shows a schematic diagram of a terminal in accordance with another embodiment of the present invention.
  • a terminal includes an Android OS (Android Operating System), apps (multiple applications), and data (data of user space).
  • Android OS Android Operating System
  • apps multiple applications
  • data data of user space
  • the Namespace technology is used to isolate the global resources of the system, and the permissions of the user processes in each user space are reasonably planned.
  • an app application
  • a function module that can be called are set, each of which The data of the user space is isolated from each other, and the shared resources of the system can be called by related applications in each user space.
  • the specific implementation manner of the inter-user handover in the multi-user space terminal may be as follows:
  • step 1 the user provides an identification key (verification fingerprint/pattern/password, etc.), and the user identity authentication module is invoked by the identity identification key.
  • identification key verification fingerprint/pattern/password, etc.
  • Step 2 retrieve the identity authentication keystore K(K 1 , K 2 , . . . , K n ) from the identity authentication keystore.
  • Step 1-3 If the identity key matches the K i in the identity authentication keystore K(K 1 , K 2 , . . . , K n ), the identity authentication succeeds, and the user space switching module is started, and step 4 is performed. And if the identification key does not match any of the authentication keystores K(K 1 , K 2 , . . . , K n ), step 5 is performed.
  • step 4 the screen is unlocked, and the user space switching module controls to enter the space i.
  • Step 5 The identity authentication fails and the screen is not unlocked.
  • step 1 the user switches the entry through the space provided by the system, and selects to switch to the space j to enable the identity authentication module.
  • step 2 the identity authentication keystore K(K 1 , K 2 , . . . , K n ) is retrieved.
  • Step 3 If the identity authentication key provided by the user matches one of the keys K j of the identity authentication keystore K(K 1 , K 2 , . . . , K n ), the identity authentication succeeds and the user space is enabled.
  • the switching module performs step 4; if the identification key does not match any of the authentication keystores K(K 1 , K 2 , . . . , K n ), step 5 is performed.
  • step 4 the user space switching module controls to enter the user space j.
  • step 5 the identity authentication fails, the space switch fails, and the user is still in the user space i.
  • the term "plurality” means two or more.
  • the specific meanings of the above terms in the present invention can be understood on a case-by-case basis.
  • the description of the terms “one embodiment”, “another embodiment” or the like means that a specific feature, structure, material or characteristic described in connection with the embodiment or example is included in at least one implementation of the present invention. In the example or example. In the present specification, the schematic representation of the above terms does not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in a suitable manner in any one or more embodiments or examples.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)
  • Collating Specific Patterns (AREA)

Abstract

An identity authentication-based space switching method, identity authentication-based space switching device and terminal. The identity authentication-based space switching method comprises: receiving an identity authentication key in a current user space (102); searching, according to the identity authentication key, a predetermined key database for a predetermined key consistent with the identity authentication key (104); and determining, according to the search result, whether to perform a space switch according to the identity authentication key (106). Via the method, whether a space switch is allowed is directly determined by a received identity authentication key, such that identity authentication is performed for the space switch, and in addition, a user does not have to activate a specific space switching interface or a space switching authentication interface each time the user performs a space switch. In particular, the present invention realizes, for a terminal having a screen locked, direct identity authentication and user space switching while the terminal is in the locked screen state.

Description

基于身份验证的空间切换方法、装置及终端Identity-based space switching method, device and terminal 技术领域Technical field
本发明涉及终端技术领域,具体而言,涉及一种基于身份验证的空间切换方法、一种基于身份验证的空间切换装置及一种终端。The present invention relates to the field of terminal technologies, and in particular, to an identity-based space switching method, an identity-based space switching device, and a terminal.
背景技术Background technique
目前,多操作系统的系统终端已进入到日常的生活中,但是多操作系统占用移动终端的资源,如占用CPU(Central Processing Unit,中央处理机)或内存较大。针对这一问题,由于用户对移动终端的性能及安全性的要求越来越高,在移动终端上进行多域操作是一个不错的解决方案,这提供了轻量级的系统虚拟化的解决方案,允许多个用户运行在一个操作系统上,这样每个用户就可以有自己的用户空间,并且每个用户空间的资源都会相互隔离。At present, system terminals of multiple operating systems have entered daily life, but multiple operating systems occupy resources of mobile terminals, such as CPU (Central Processing Unit) or large memory. In response to this problem, because users have higher and higher requirements on the performance and security of mobile terminals, multi-domain operation on mobile terminals is a good solution, which provides a lightweight system virtualization solution. Allow multiple users to run on one operating system, so each user can have their own user space, and the resources of each user space are isolated from each other.
然而,用户往往需要在不同的情况下切换到不同的用户空间中,比如在进行购物、支付等操作时,需要进入到安全空间操作,在将移动终端给儿童玩耍时,需要进入到儿童空间操作中去,这样就需要利用空间切换方式进行用户空间切换,相关技术中大多是通过下拉托盘提供的切换入口进行用户空间的切换。However, users often need to switch to different user spaces under different circumstances. For example, when performing shopping, payment, etc., they need to enter a safe space operation. When the mobile terminal is played to children, it is necessary to enter the child space operation. In the middle, it is necessary to use the space switching method for user space switching. In the related art, most of the related art is to switch the user space through the switching entrance provided by the pull-down tray.
但是,终端在待机、屏幕没有点亮或者屏幕被锁住的情况下,上述切换方式需要依次点亮屏幕、解锁屏幕、点击切换开关,才能在身份认证成功后切换到指定的用户空间中,使得用户空间的切换操作比较繁琐,不方便用户的使用。However, if the terminal is in standby, the screen is not lit, or the screen is locked, the above switching mode needs to sequentially light up the screen, unlock the screen, and click the switch to switch to the specified user space after the identity authentication succeeds, so that User space switching operations are cumbersome and inconvenient for users.
因此,需要一种新的技术方案,能够简化用户空间的切换的操作,提升各用户空间的安全性。Therefore, a new technical solution is needed, which can simplify the operation of switching user space and improve the security of each user space.
发明内容Summary of the invention
本发明正是基于上述问题,提出了一种新的技术方案,能够简化用户 空间的切换的操作,提升各用户空间的安全性。The invention is based on the above problems, and proposes a new technical solution, which can simplify the user. The operation of switching the space improves the security of each user space.
有鉴于此,本发明的一方面提出了一种基于身份验证的空间切换方法,用于具有多个用户空间的终端,包括:在当前用户空间接收身份验证密钥;根据所述身份验证密钥,在预设密钥数据库中检索是否具有与所述身份验证密钥一致的预设密钥;根据检索结果,确定是否根据所述身份验证密钥进行空间切换。In view of this, an aspect of the present invention provides an identity-based space switching method for a terminal having multiple user spaces, including: receiving an identity verification key in a current user space; and verifying a key according to the identity Retrieving, in the preset key database, whether there is a preset key consistent with the identity verification key; determining, according to the retrieval result, whether to perform space switching according to the identity verification key.
在该技术方案中,终端中的多个用户空间共用一个操作系统,可以降低对终端性能的要求,多个用户空间之间可以进行资源共享,也可以通过Namespace(命名空间)技术进行资源隔离,以保证各个用户空间的隐私及安全性。在此基础上,应用本发明的技术方案,可以在终端的解锁状态下直接根据接收到的身份验证密钥验证是否可以进行空间切换,或者在终端的锁屏状态下通过接收到的身份验证密钥同时完成身份认证和用户空间切换的双重功能,这样,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,比如,可以实现在终端的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。In this technical solution, multiple user spaces in the terminal share an operating system, which can reduce the requirements on the performance of the terminal. Resources sharing can be performed between multiple user spaces, and resource isolation can also be performed by using Namespace (namespace) technology. To ensure the privacy and security of each user space. On the basis of this, the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal. The key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example, The dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
在上述技术方案中,优选地,所述根据检索结果,确定是否根据所述身份验证密钥进行空间切换,具体包括:当确定所述预设密钥数据库中具有与所述身份验证密钥一致的所述预设密钥时,从所述当前用户空间切换至所述预设密钥对应的目标用户空间,否则,禁止进行空间切换。In the above technical solution, preferably, determining, according to the retrieval result, whether to perform spatial switching according to the identity verification key, specifically: when determining that the preset key database has the identity verification key When the preset key is used, the current user space is switched to the target user space corresponding to the preset key. Otherwise, space switching is prohibited.
在该技术方案中,终端的预设密钥数据库中具有每个用户空间对应的预设密钥,只有接收到的身份验证密钥与预设密钥数据库中存储的某个预设密钥一致时,说明可以通过身份认证,切换至该预设密钥对应的用户空间。通过该技术方案,实现了身份认证和用户空间切换的双重功能,简化了用户操作,并提升了各用户空间的安全性。In the technical solution, the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database. In the case of the authentication, the user can switch to the user space corresponding to the preset key. Through the technical solution, the dual functions of identity authentication and user space switching are realized, which simplifies user operations and improves the security of each user space.
在上述技术方案中,优选地,在所述在当前用户空间接收身份验证密钥之前,还包括:根据接收到的设置命令,为所述多个用户空间中的每个用户空间设置至少一个预设密钥。 In the foregoing technical solution, preferably, before the receiving the identity verification key in the current user space, the method further includes: setting, according to the received setting command, at least one pre-preparation for each user space in the multiple user spaces. Set the key.
在该技术方案中,可以预先为每个用户空间设置对应的预设密钥,每个用户空间设置对应的预设密钥可以为一个或多个,具有多个预设密钥的用户空间具有更高的安全性。比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security. For example, the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
在上述技术方案中,优选地,在所述在当前用户空间接收身份验证密钥之前,还包括:将设置的所述每个用户空间对应的所述至少一个预设密钥保存至所述预设密钥数据库中,以供检索所述预设密钥数据库中是否具有与在所述当前用户空间接收到的所述身份验证密钥一致的所述预设密钥。In the above technical solution, preferably, before the receiving the identity verification key in the current user space, the method further includes: saving the at least one preset key corresponding to each of the set user spaces to the pre And setting a key database for retrieving whether the preset key database has the preset key that is consistent with the identity verification key received in the current user space.
在该技术方案中,需要将每个用户空间及为其设置的至少一个预设密钥关联存储到预设密钥数据库中,从而便于根据其关联关系进行身份验证和空间切换。其中,身份认证密钥库的实现方式可以多种多样,其可以是一个数据库,也可以是一个文件,另外,身份认证密钥库的数据组织方式也可以多种多样,只要能保证每个用户空间与其对应的至少一个预设密钥相关联即可。In this technical solution, each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof. The implementation of the identity authentication keystore can be various, and can be a database or a file. In addition, the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed. The space may be associated with at least one of its corresponding preset keys.
在上述技术方案中,优选地,所述至少一个预设密钥包括以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。In the above technical solution, preferably, the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information .
在该技术方案中,每个用户空间对应的至少一个预设密钥包括但不限于以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。其中,不同类型的预设密钥安全性不同,多种预设密钥可以单独使用,也可以组合使用,比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information. The security of different types of preset keys is different. A plurality of preset keys may be used separately or in combination. For example, the user may set a password type preset key for the user space used for work. The user space for storing private contacts sets two preset keys, iris and password.
本发明的另一方面提出了一种基于身份验证的空间切换装置,用于具有多个用户空间的终端,包括:接收单元,在当前用户空间接收身份验证密钥;检索单元,根据所述身份验证密钥,在预设密钥数据库中检索是否具有与所述身份验证密钥一致的预设密钥;确定单元,根据检索结果,确 定是否根据所述身份验证密钥进行空间切换。Another aspect of the present invention provides an identity-based space switching apparatus for a terminal having a plurality of user spaces, including: a receiving unit that receives an identity verification key in a current user space; and a retrieval unit according to the identity Verifying the key, retrieving in the preset key database whether there is a preset key consistent with the identity verification key; determining unit, according to the retrieval result, Whether to perform space switching according to the authentication key.
在该技术方案中,终端中的多个用户空间共用一个操作系统,可以降低对终端性能的要求,多个用户空间之间可以进行资源共享,也可以通过Namespace技术进行资源隔离,以保证各个用户空间的隐私及安全性。在此基础上,应用本发明的技术方案,可以在终端的解锁状态下直接根据接收到的身份验证密钥验证是否可以进行空间切换,或者在终端的锁屏状态下通过接收到的身份验证密钥同时完成身份认证和用户空间切换的双重功能,这样,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,比如,可以实现在终端的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。In the technical solution, multiple user spaces in the terminal share an operating system, which can reduce the performance requirements of the terminal. Resources can be shared between multiple user spaces, and resource isolation can be performed through Namespace technology to ensure each user. Space privacy and security. On the basis of this, the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal. The key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example, The dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
在上述技术方案中,优选地,所述确定单元具体用于:当确定所述预设密钥数据库中具有与所述身份验证密钥一致的所述预设密钥时,从所述当前用户空间切换至所述预设密钥对应的目标用户空间,否则,禁止进行空间切换。In the above technical solution, preferably, the determining unit is specifically configured to: when determining, in the preset key database, the preset key that is consistent with the identity verification key, from the current user The space is switched to the target user space corresponding to the preset key. Otherwise, space switching is prohibited.
在该技术方案中,终端的预设密钥数据库中具有每个用户空间对应的预设密钥,只有接收到的身份验证密钥与预设密钥数据库中存储的某个预设密钥一致时,说明可以通过身份认证,切换至该预设密钥对应的用户空间。通过该技术方案,实现了身份认证和用户空间切换的双重功能,简化了用户操作,并提升了各用户空间的安全性。In the technical solution, the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database. In the case of the authentication, the user can switch to the user space corresponding to the preset key. Through the technical solution, the dual functions of identity authentication and user space switching are realized, which simplifies user operations and improves the security of each user space.
在上述技术方案中,优选地,还包括:设置单元,在所述在当前用户空间接收身份验证密钥之前,根据接收到的设置命令,为所述多个用户空间中的每个用户空间设置至少一个预设密钥。In the above technical solution, preferably, the method further includes: setting, before the receiving the identity verification key in the current user space, setting, for each user space in the multiple user spaces, according to the received setting command At least one default key.
在该技术方案中,可以预先为每个用户空间设置对应的预设密钥,每个用户空间设置对应的预设密钥可以为一个或多个,具有多个预设密钥的用户空间具有更高的安全性。比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security. For example, the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
在上述技术方案中,优选地,还包括:存储单元,在所述在当前用户 空间接收身份验证密钥之前,将设置的所述每个用户空间对应的所述至少一个预设密钥保存至所述预设密钥数据库中,以供检索所述预设密钥数据库中是否具有与在所述当前用户空间接收到的所述身份验证密钥一致的所述预设密钥。In the above technical solution, preferably, the method further includes: a storage unit, in the current user Before receiving the authentication key, the at least one preset key corresponding to each user space is saved in the preset key database for searching whether the preset key database is used Having the preset key that is consistent with the identity verification key received in the current user space.
在该技术方案中,需要将每个用户空间及为其设置的至少一个预设密钥关联存储到预设密钥数据库中,从而便于根据其关联关系进行身份验证和空间切换。其中,身份认证密钥库的实现方式可以多种多样,其可以是一个数据库,也可以是一个文件,另外,身份认证密钥库的数据组织方式也可以多种多样,只要能保证每个用户空间与其对应的至少一个预设密钥相关联即可。In this technical solution, each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof. The implementation of the identity authentication keystore can be various, and can be a database or a file. In addition, the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed. The space may be associated with at least one of its corresponding preset keys.
在上述技术方案中,优选地,所述至少一个预设密钥包括以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。In the above technical solution, preferably, the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information .
在该技术方案中,每个用户空间对应的至少一个预设密钥包括但不限于以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。其中,不同类型的预设密钥安全性不同,多种预设密钥可以单独使用,也可以组合使用,比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information. The security of different types of preset keys is different. A plurality of preset keys may be used separately or in combination. For example, the user may set a password type preset key for the user space used for work. The user space for storing private contacts sets two preset keys, iris and password.
本发明的再一方面提出了一种终端,该终端包括多个用户空间以及上述技术方案中任一项所述的基于身份验证的空间切换装置,因此,该终端具有与上述技术方案中任一项所述的基于身份验证的空间切换装置相同的技术效果,在此不再赘述。According to still another aspect of the present invention, a terminal includes a plurality of user spaces and the identity verification based space switching device according to any one of the foregoing technical solutions, and therefore, the terminal has any one of the foregoing technical solutions. The same technical effects of the identity-based space switching device described in the section are not described herein.
通过以上技术方案,可以直接根据接收到的身份验证密钥验证是否可以进行空间切换,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,尤其对于锁屏状态下的终端,可以实现在终端的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。 Through the above technical solution, it is possible to directly verify whether space switching can be performed according to the received identity verification key, which provides identity verification for space switching, and does not require the user to open a specific space switching interface or space switching verification every time space switching is performed. The interface, especially for the terminal in the lock screen state, can directly perform the dual functions of identity authentication and user space switching in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the security. user experience.
附图说明DRAWINGS
图1示出了根据本发明的一个实施例的基于身份验证的空间切换方法的流程图;1 shows a flow chart of an identity-based spatial switching method in accordance with one embodiment of the present invention;
图2示出了根据本发明的一个实施例的基于身份验证的空间切换装置的框图;2 shows a block diagram of an identity-based spatial switching device in accordance with one embodiment of the present invention;
图3示出了根据本发明的一个实施例的终端的框图;Figure 3 shows a block diagram of a terminal in accordance with one embodiment of the present invention;
图4示出了根据本发明的一个实施例的锁屏状态时用户空间与密钥库的对应示意图;4 is a schematic diagram showing correspondence between a user space and a keystore in a lock screen state according to an embodiment of the present invention;
图5示出了根据本发明的一个实施例的屏幕解锁状态时用户空间与密钥库的对应示意图;FIG. 5 is a schematic diagram showing correspondence between a user space and a keystore in a screen unlock state according to an embodiment of the present invention; FIG.
图6示出了根据本发明的另一个实施例的终端的示意图。FIG. 6 shows a schematic diagram of a terminal in accordance with another embodiment of the present invention.
具体实施方式detailed description
为了能够更清楚地理解本发明的上述目的、特征和优点,下面结合附图和具体实施方式对本发明进行进一步的详细描述。需要说明的是,在不冲突的情况下,本申请的实施例及实施例中的特征可以相互组合。The present invention will be further described in detail below with reference to the drawings and specific embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
在下面的描述中阐述了很多具体细节以便于充分理解本发明,但是,本发明还可以采用其他不同于在此描述的其他方式来实施,因此,本发明的保护范围并不受下面公开的具体实施例的限制。In the following description, numerous specific details are set forth in order to provide a full understanding of the invention, but the invention may be practiced otherwise than as described herein. Limitations of the embodiments.
图1示出了根据本发明的一个实施例的基于身份验证的空间切换方法的流程图;1 shows a flow chart of an identity-based spatial switching method in accordance with one embodiment of the present invention;
如图1所示,根据本发明的一个实施例的基于身份验证的空间切换方法,用于具有多个用户空间的终端,包括:As shown in FIG. 1, an identity-based space switching method according to an embodiment of the present invention is used for a terminal having multiple user spaces, including:
步骤102,在当前用户空间接收身份验证密钥。Step 102: Receive an authentication key in the current user space.
步骤104,根据身份验证密钥,在预设密钥数据库中检索是否具有与身份验证密钥一致的预设密钥。Step 104: Retrieve, in the preset key database, whether there is a preset key that is consistent with the identity verification key according to the identity verification key.
步骤106,根据检索结果,确定是否根据身份验证密钥进行空间切换。Step 106: Determine, according to the retrieval result, whether to perform space switching according to the identity verification key.
在该技术方案中,终端中的多个用户空间共用一个操作系统,可以降 低对终端性能的要求,多个用户空间之间可以进行资源共享,也可以通过Namespace技术进行资源隔离,以保证各个用户空间的隐私及安全性。在此基础上,应用本发明的技术方案,可以在终端的解锁状态下直接根据接收到的身份验证密钥验证是否可以进行空间切换,或者在终端的锁屏状态下通过接收到的身份验证密钥同时完成身份认证和用户空间切换的双重功能,这样,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,比如,可以实现在终端的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。In the technical solution, multiple user spaces in the terminal share an operating system, which can be lowered. Low requirements on terminal performance, resource sharing between multiple user spaces, and resource isolation through Namespace technology to ensure the privacy and security of each user space. On the basis of this, the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal. The key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example, The dual function of identity authentication and user space switching is directly completed in the lock screen state of the terminal, which not only simplifies the user operation, but also improves the security of each user space and improves the user experience.
在上述技术方案中,优选地,步骤106具体包括:当确定预设密钥数据库中具有与身份验证密钥一致的预设密钥时,从当前用户空间切换至预设密钥对应的目标用户空间,否则,禁止进行空间切换。In the above technical solution, preferably, the step 106 specifically includes: when determining that the preset key database has a preset key that is consistent with the identity verification key, switching from the current user space to the target user corresponding to the preset key Space, otherwise, space switching is prohibited.
在该技术方案中,终端的预设密钥数据库中具有每个用户空间对应的预设密钥,只有接收到的身份验证密钥与预设密钥数据库中存储的某个预设密钥一致时,说明可以通过身份认证,切换至该预设密钥对应的用户空间。通过该技术方案,实现了身份认证和用户空间切换的双重功能,简化了用户操作,并提升了各用户空间的安全性。In the technical solution, the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database. In the case of the authentication, the user can switch to the user space corresponding to the preset key. Through the technical solution, the dual functions of identity authentication and user space switching are realized, which simplifies user operations and improves the security of each user space.
在上述技术方案中,优选地,在步骤102之前,还包括:根据接收到的设置命令,为多个用户空间中的每个用户空间设置至少一个预设密钥。In the above technical solution, preferably, before step 102, the method further includes: setting, according to the received setting command, at least one preset key for each user space in the plurality of user spaces.
在该技术方案中,可以预先为每个用户空间设置对应的预设密钥,每个用户空间设置对应的预设密钥可以为一个或多个,具有多个预设密钥的用户空间具有更高的安全性。比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security. For example, the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
在上述技术方案中,优选地,在步骤102之前,还包括:将设置的每个用户空间对应的至少一个预设密钥保存至预设密钥数据库中,以供检索预设密钥数据库中是否具有与在当前用户空间接收到的身份验证密钥一致的预设密钥。In the foregoing technical solution, preferably, before step 102, the method further includes: saving at least one preset key corresponding to each user space that is set to a preset key database for searching in a preset key database. Whether there is a preset key that is consistent with the authentication key received in the current user space.
在该技术方案中,需要将每个用户空间及为其设置的至少一个预设密 钥关联存储到预设密钥数据库中,从而便于根据其关联关系进行身份验证和空间切换。其中,身份认证密钥库的实现方式可以多种多样,其可以是一个数据库,也可以是一个文件,另外,身份认证密钥库的数据组织方式也可以多种多样,只要能保证每个用户空间与其对应的至少一个预设密钥相关联即可。In this technical solution, each user space and at least one preset secret set for it are required. The key associations are stored in a preset key database to facilitate authentication and space switching based on their associations. The implementation of the identity authentication keystore can be various, and can be a database or a file. In addition, the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed. The space may be associated with at least one of its corresponding preset keys.
在上述技术方案中,优选地,至少一个预设密钥包括以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。In the above technical solution, preferably, the at least one preset key comprises at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference object information, and color information.
在该技术方案中,每个用户空间对应的至少一个预设密钥包括但不限于以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。其中,不同类型的预设密钥安全性不同,多种预设密钥可以单独使用,也可以组合使用,比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information. The security of different types of preset keys is different. A plurality of preset keys may be used separately or in combination. For example, the user may set a password type preset key for the user space used for work. The user space for storing private contacts sets two preset keys, iris and password.
图2示出了根据本发明的一个实施例的基于身份验证的空间切换装置的框图。2 shows a block diagram of an identity-based spatial switching device in accordance with one embodiment of the present invention.
如图2所示,根据本发明的一个实施例的基于身份验证的空间切换装置200,用于具有多个用户空间的终端,包括:接收单元202,在当前用户空间接收身份验证密钥;检索单元204,根据身份验证密钥,在预设密钥数据库中检索是否具有与身份验证密钥一致的预设密钥;确定单元206,根据检索结果,确定是否根据身份验证密钥进行空间切换。As shown in FIG. 2, an authentication-based spatial switching apparatus 200 according to an embodiment of the present invention is used for a terminal having a plurality of user spaces, including: a receiving unit 202, which receives an identity verification key in a current user space; The unit 204 retrieves, according to the identity verification key, whether the preset key is consistent with the identity verification key in the preset key database. The determining unit 206 determines whether to perform space switching according to the identity verification key according to the retrieval result.
在该技术方案中,终端中的多个用户空间共用一个操作系统,可以降低对终端性能的要求,多个用户空间之间可以进行资源共享,也可以通过Namespace技术进行资源隔离,以保证各个用户空间的隐私及安全性。在此基础上,应用本发明的技术方案,可以在终端的解锁状态下直接根据接收到的身份验证密钥验证是否可以进行空间切换,或者在终端的锁屏状态下通过接收到的身份验证密钥同时完成身份认证和用户空间切换的双重功能,这样,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,比如,可以实现在终端 的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。In the technical solution, multiple user spaces in the terminal share an operating system, which can reduce the performance requirements of the terminal. Resources can be shared between multiple user spaces, and resource isolation can be performed through Namespace technology to ensure each user. Space privacy and security. On the basis of this, the technical solution of the present invention can be used to verify whether space switching can be performed directly according to the received identity verification key in the unlocked state of the terminal, or by receiving the identity authentication secret in the lock screen state of the terminal. The key performs the dual functions of identity authentication and user space switching at the same time, so that the authentication is provided for the space switching, and the user does not need to open the specific space switching interface or the space switching verification interface every time the space switch is performed, for example, Terminal In the lock screen state, the dual functions of identity authentication and user space switching are directly completed, which not only simplifies user operations, but also improves the security of each user space and improves the user experience.
在上述技术方案中,优选地,确定单元206具体用于:当确定预设密钥数据库中具有与身份验证密钥一致的预设密钥时,从当前用户空间切换至预设密钥对应的目标用户空间,否则,禁止进行空间切换。In the above technical solution, preferably, the determining unit 206 is specifically configured to: when determining that the preset key database has a preset key that is consistent with the identity verification key, switch from the current user space to the preset key corresponding to the preset key Target user space, otherwise, space switching is prohibited.
在该技术方案中,终端的预设密钥数据库中具有每个用户空间对应的预设密钥,只有接收到的身份验证密钥与预设密钥数据库中存储的某个预设密钥一致时,说明可以通过身份认证,切换至该预设密钥对应的用户空间。通过该技术方案,实现了身份认证和用户空间切换的双重功能,简化了用户操作,并提升了各用户空间的安全性。In the technical solution, the preset key database of the terminal has a preset key corresponding to each user space, and only the received identity verification key is consistent with a preset key stored in the preset key database. In the case of the authentication, the user can switch to the user space corresponding to the preset key. Through the technical solution, the dual functions of identity authentication and user space switching are realized, which simplifies user operations and improves the security of each user space.
在上述技术方案中,优选地,还包括:设置单元208,在当前用户空间接收身份验证密钥之前,根据接收到的设置命令,为多个用户空间中的每个用户空间设置至少一个预设密钥。In the above technical solution, preferably, the method further includes: a setting unit 208, configured to set at least one preset for each user space in the plurality of user spaces according to the received setting command before receiving the identity verification key in the current user space. Key.
在该技术方案中,可以预先为每个用户空间设置对应的预设密钥,每个用户空间设置对应的预设密钥可以为一个或多个,具有多个预设密钥的用户空间具有更高的安全性。比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, a preset preset key may be set for each user space in advance, and the preset key corresponding to each user space setting may be one or more, and the user space with multiple preset keys has Higher security. For example, the user can set a password type preset key for the user space for work, and set the iris and password preset keys for the user space for storing the private contact.
在上述技术方案中,优选地,还包括:存储单元210,在当前用户空间接收身份验证密钥之前,将设置的每个用户空间对应的至少一个预设密钥保存至预设密钥数据库中,以供检索预设密钥数据库中是否具有与在当前用户空间接收到的身份验证密钥一致的预设密钥。In the above technical solution, preferably, the storage unit 210 further saves the set at least one preset key corresponding to each user space to the preset key database before the current user space receives the identity verification key. For retrieving whether the preset key database has a preset key that is consistent with the authentication key received in the current user space.
在该技术方案中,需要将每个用户空间及为其设置的至少一个预设密钥关联存储到预设密钥数据库中,从而便于根据其关联关系进行身份验证和空间切换。其中,身份认证密钥库的实现方式可以多种多样,其可以是一个数据库,也可以是一个文件,另外,身份认证密钥库的数据组织方式也可以多种多样,只要能保证每个用户空间与其对应的至少一个预设密钥相关联即可。In this technical solution, each user space and at least one preset key set for it are required to be stored in a preset key database, thereby facilitating identity verification and space switching according to the association relationship thereof. The implementation of the identity authentication keystore can be various, and can be a database or a file. In addition, the data organization mode of the identity authentication keystore can also be various, as long as each user can be guaranteed. The space may be associated with at least one of its corresponding preset keys.
在上述技术方案中,优选地,至少一个预设密钥包括以下至少之一或 其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。In the above technical solution, preferably, the at least one preset key includes at least one of the following or The combination: fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information.
在该技术方案中,每个用户空间对应的至少一个预设密钥包括但不限于以下至少之一或其组合:指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。其中,不同类型的预设密钥安全性不同,多种预设密钥可以单独使用,也可以组合使用,比如,用户可以为用于工作的用户空间设置一个密码类型的预设密钥,为用于存储私密联系人的用户空间设置虹膜和密码两种预设密钥。In this technical solution, the at least one preset key corresponding to each user space includes but is not limited to at least one of the following or a combination thereof: fingerprint information, iris image information, face image information, text information, audio information, reference objects Information, color information. The security of different types of preset keys is different. A plurality of preset keys may be used separately or in combination. For example, the user may set a password type preset key for the user space used for work. The user space for storing private contacts sets two preset keys, iris and password.
图3示出了根据本发明的一个实施例的终端的框图。Figure 3 shows a block diagram of a terminal in accordance with one embodiment of the present invention.
如图3所示,根据本发明的一个实施例的终端300,该终端300包括多个用户空间302以及图2示出的基于身份验证的空间切换装置200,因此,该终端300具有与图2示出的的基于身份验证的空间切换装置200相同的技术效果,在此不再赘述。As shown in FIG. 3, a terminal 300 includes a plurality of user spaces 302 and an identity-based space switching device 200 shown in FIG. 2 according to an embodiment of the present invention. Therefore, the terminal 300 has FIG. 2 The same technical effects of the illustrated identity-based spatial switching device 200 are not described herein.
图4和图5示出了根据本发明的一个实施例的用户空间与密钥库的对应示意图。4 and 5 illustrate corresponding diagrams of user space and keystores in accordance with one embodiment of the present invention.
如图4所示,在移动终端中,n个Space(空间)共享一个Android OS(Android Operating System,安卓操作系统),每一个Space对应一个用户,并且这n个用户空间可以利用隔离技术实现数据的相互隔离,使每个用户能够单独运行在各自的空间中。其中,终端资源如果没有利用隔离技术进行隔离,该资源就是共享资源将会被所有的用户共享,例如,相机是共享资源,n个空间中的用户都可以调用相机进行拍照。As shown in FIG. 4, in the mobile terminal, n spaces share an Android OS (Android Operating System), each space corresponds to one user, and the n user spaces can use the isolation technology to implement data. The isolation of each other allows each user to run in their own space. If the terminal resource is not isolated by using isolation technology, the resource is shared resources will be shared by all users. For example, the camera is a shared resource, and users in n spaces can call the camera to take photos.
本实施例中,运用Namespace(命名空间)进行系统全局资源的隔离,从而让每个用户空间相互隔离起来,Namespace是Linux(个人电脑上免费的一种操作系统)内核提供的一种用于隔离系统全局资源的机制,主要用于基于容器技术的操作系统级的虚拟化解决方案中,能够实现将使用全局系统资源的不同容器间进行隔离。In this embodiment, the Namespace (namespace) is used to isolate the global resources of the system, so that each user space is isolated from each other. The Namespace is a kind of isolation provided by the kernel of Linux (a free operating system on a personal computer) for isolation. The system global resource mechanism is mainly used in the operating system-level virtualization solution based on container technology, which can isolate different containers that use global system resources.
本实施例中,终端包括:身份认证模块、用户空间切换模块、身份认证密钥库,其中,身份认证密钥库用于身份认证。In this embodiment, the terminal includes: an identity authentication module, a user space switching module, and an identity authentication keystore, wherein the identity authentication keystore is used for identity authentication.
具体地,身份认证模块、用户空间切换模块以及身份认证密钥库是n 个用户空间共享的,即在任意一个用户空间中,用户都可以调用身份认证模块和用户空间切换模块,来进入的身份认证密钥库。Specifically, the identity authentication module, the user space switching module, and the identity authentication keystore are n. User space is shared, that is, in any user space, the user can call the identity authentication module and the user space switching module to enter the identity authentication key pool.
1.身份认证模块主要完成以下的功能:设置用户的身份认证方式并与相应的用户空间绑定;在屏幕解锁时完成用户的身份认证,具体包括:The identity authentication module mainly performs the following functions: setting the user's identity authentication mode and binding with the corresponding user space; completing the user identity authentication when the screen is unlocked, specifically including:
(1)用户设置的身份认证方式是多种多样的,比如指纹识别、图案解锁以及数字密码等。当用户选定一种认证方式之后,就可以为每个用户空间设置的解锁密钥。例如,为用户空间设置指纹认证方式解锁方式,用户空间1的解锁指纹设为右手拇指,用户空间2的解锁指纹设为右手食指。(1) User-set authentication methods are various, such as fingerprint recognition, pattern unlocking, and numeric passwords. After the user selects an authentication method, the unlocking key can be set for each user space. For example, the fingerprint authentication mode unlocking mode is set for the user space, the unlocking fingerprint of the user space 1 is set as the right thumb, and the unlocking fingerprint of the user space 2 is set as the right index finger.
另外,在本实施例中将解锁的指纹、图案或密码统称为身份认证密钥K,每个用户空间的K都不一样,在锁屏状态时,每一个用户空间都对应一个身份认证密钥K,用户空间i与Ki一一绑定(如图4所示)。In addition, in this embodiment, the unlocked fingerprint, pattern or password is collectively referred to as the identity authentication key K, and the K of each user space is different. In the lock screen state, each user space corresponds to an identity authentication key. K, user space i and K i are bound one by one (as shown in Figure 4).
如图5所示,在屏幕解锁状态时,可默认此时用户处于某个用户空间中,需要切换到另一个用户空间中,如果要进行用户空间的切换,则任何一个身份认证密钥K(K1,K2,…,Kn)均可以认证成功,即此时的用户空间i对应n个密钥K(K1,K2,…,Kn)。As shown in FIG. 5, when the screen is unlocked, the user can be in a certain user space by default, and needs to switch to another user space. If the user space is to be switched, any identity authentication key K ( K 1 , K 2 , . . . , K n ) can be successfully authenticated, that is, the user space i at this time corresponds to n keys K(K 1 , K 2 , . . . , K n ).
(2)在进行身份认证时,此时屏幕处于锁定状态,如果用户提供身份认证密钥Ki进行身份认证成功后,屏幕解锁成功,并启动用户空间切换模块,进入到用户空间i中;否则,屏幕解锁失败。(2) When the identity authentication is performed, the screen is in the locked state. If the user provides the identity authentication key Ki for identity authentication, the screen is unlocked successfully, and the user space switching module is started to enter the user space i; otherwise, Screen unlock failed.
(3)在进行身份认证时,如果此时屏已经处于解锁状态,则用户任意提供的正确的身份认证密钥Ki(i=1、2、…、n)均可以身份认证成功,并完成用户空间的切换。(3) In the identity authentication, if the screen is already in the unlocked state, the correct identity authentication key K i (i=1, 2, ..., n) provided by the user can be successfully authenticated and completed. User space switching.
2.用户空间切换模块用于完成用户空间切换的功能,包括屏幕解锁状态的用户空间的切换和屏幕锁屏状态的用户空间的切换。2. The user space switching module is used to complete the function of user space switching, including switching of the user space in the screen unlocking state and switching of the user space in the screen lock screen state.
其中,屏幕解锁状态的用户空间切换,是指用户已完成了屏幕解锁,正常处于空间i中,这时要切换到空间j中;屏幕锁屏状态的用户空间切换,是指当前屏幕处于锁定状态,根据用户提供的身份认证密钥Ki,完成身份认证而屏幕解锁,并且直接进入到空间i中。The user space switching in the unlock state of the screen means that the user has completed the screen unlocking, and is normally in the space i, and then switches to the space j; the user space switching in the screen lock screen state means that the current screen is in the locked state. According to the identity authentication key K i provided by the user, the identity authentication is completed and the screen is unlocked, and directly enters the space i.
3.身份认证密钥库用于存储用户身份认证资料,在实施例中,不仅要 存储用于屏幕解锁的身份认证密钥K,还要存储与身份认证密钥Ki对应的用户空间i。其中,为了保证空间i与Ki相关联,身份认证密钥库的实现方式可以是多种多样,可以是一个数据库,也可以是一个文件。3. The identity authentication keystore is used to store the user identity authentication data. In the embodiment, not only the identity authentication key K for screen unlocking but also the user space i corresponding to the identity authentication key K i is stored. In order to ensure that the space i is associated with the K i , the implementation of the identity authentication key pool may be various, and may be a database or a file.
图6示出了根据本发明的另一个实施例的终端的示意图。FIG. 6 shows a schematic diagram of a terminal in accordance with another embodiment of the present invention.
如图6所示,根据本发明的另一个实施例的终端包括Android OS(Android Operating System,安卓操作系统)、apps(多个应用程序)、data(用户空间的数据)。As shown in FIG. 6, a terminal according to another embodiment of the present invention includes an Android OS (Android Operating System), apps (multiple applications), and data (data of user space).
本实施例运用Namespace技术对系统全局资源进行隔离,合理规划每个用户空间中用户进程的权限,例如,设置每个用户空间中可以运行的app(应用程序)以及能够调用的功能模块等,各用户空间的data相互隔离,可以通过各用户空间的相关的应用程序调用系统的共享资源。In this embodiment, the Namespace technology is used to isolate the global resources of the system, and the permissions of the user processes in each user space are reasonably planned. For example, an app (application) that can be run in each user space and a function module that can be called are set, each of which The data of the user space is isolated from each other, and the shared resources of the system can be called by related applications in each user space.
另外,多用户空间终端中用户间切换的具体实现的方式可以如下:In addition, the specific implementation manner of the inter-user handover in the multi-user space terminal may be as follows:
其一,在屏幕处于锁定状态时,用户想要进入到n个用户空间的用户空间i中,步骤如下:First, when the screen is in the locked state, the user wants to enter the user space i of the n user spaces, the steps are as follows:
步骤1,用户提供身份识别密钥(验证指纹/图案/密码等),通过该身份识别密钥调用用户身份认证模块。In step 1, the user provides an identification key (verification fingerprint/pattern/password, etc.), and the user identity authentication module is invoked by the identity identification key.
步骤2,从身份认证密钥库中检索身份认证密钥库K(K1,K2,…,Kn)。Step 2: Retrieve the identity authentication keystore K(K 1 , K 2 , . . . , K n ) from the identity authentication keystore.
步骤1-3,如果身份识别密钥与身份认证密钥库K(K1,K2,…,Kn)中的Ki匹配,则身份认证成功,并启动用户空间切换模块,执行步骤4,而如果身份识别密钥与身份认证密钥库K(K1,K2,…,Kn)中的任何一个密钥都不匹配,则执行步骤5。Step 1-3: If the identity key matches the K i in the identity authentication keystore K(K 1 , K 2 , . . . , K n ), the identity authentication succeeds, and the user space switching module is started, and step 4 is performed. And if the identification key does not match any of the authentication keystores K(K 1 , K 2 , . . . , K n ), step 5 is performed.
步骤4,屏幕解锁,用户空间切换模块控制进入到空间i中。In step 4, the screen is unlocked, and the user space switching module controls to enter the space i.
步骤5,身份认证失败,屏幕未解锁。Step 5. The identity authentication fails and the screen is not unlocked.
其二,在屏幕处于解锁状态时,用户此时处于用户空间i中,想要进入到n个用户空间中的用户空间j中,步骤如下:Second, when the screen is in the unlocked state, the user is now in the user space i, and wants to enter the user space j in the n user spaces, the steps are as follows:
步骤1,用户通过系统提供的空间切换入口,选择切换到空间j,启用身份认证模块。In step 1, the user switches the entry through the space provided by the system, and selects to switch to the space j to enable the identity authentication module.
步骤2,检索身份认证密钥库K(K1,K2,…,Kn)。 In step 2, the identity authentication keystore K(K 1 , K 2 , . . . , K n ) is retrieved.
步骤3,如果用户提供的身份认证密钥与身份认证密钥库K(K1,K2,…,Kn)中的某个密钥Kj相匹配,则身份认证成功,并启用用户空间切换模块,执行步骤4;如果身份识别密钥与身份认证密钥库K(K1,K2,…,Kn)中的任何一个密钥都不匹配,则执行步骤5。Step 3: If the identity authentication key provided by the user matches one of the keys K j of the identity authentication keystore K(K 1 , K 2 , . . . , K n ), the identity authentication succeeds and the user space is enabled. The switching module performs step 4; if the identification key does not match any of the authentication keystores K(K 1 , K 2 , . . . , K n ), step 5 is performed.
步骤4,用户空间切换模块控制进入用户空间j。In step 4, the user space switching module controls to enter the user space j.
步骤5,身份认证失败,空间切换失败,用户仍处于用户空间i中。In step 5, the identity authentication fails, the space switch fails, and the user is still in the user space i.
以上结合附图详细说明了本发明的技术方案,通过以上技术方案,可以直接根据接收到的身份验证密钥验证是否可以进行空间切换,既为空间切换提供了身份验证,也无需用户在每次进行空间切换时打开特定空间切换界面或空间切换验证界面,尤其对于锁屏状态下的终端,可以实现在终端的锁屏状态下直接完成身份认证和用户空间切换的双重功能,不但简化了用户操作,也提升了各用户空间的安全性,提升了用户体验。The technical solution of the present invention is described in detail above with reference to the accompanying drawings. With the above technical solution, it is possible to directly verify whether space switching can be performed according to the received identity verification key, providing identity verification for space switching, and no need for the user each time. When a space switch is performed, a specific space switching interface or a space switching verification interface is opened, especially for a terminal in a lock screen state, which can directly perform the dual functions of identity authentication and user space switching in the lock screen state of the terminal, which not only simplifies user operations. It also enhances the security of each user space and enhances the user experience.
在本发明中,术语“多个”表示两个或两个以上。对于本领域的普通技术人员而言,可以根据具体情况理解上述术语在本发明中的具体含义。In the present invention, the term "plurality" means two or more. For those skilled in the art, the specific meanings of the above terms in the present invention can be understood on a case-by-case basis.
在本说明书的描述中,术语“一个实施例”、“另一个实施例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或特点包含于本实用新型的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不一定指的是相同的实施例或实例。而且,描述的具体特征、结构、材料或特点可以在任何的一个或多个实施例或示例中以合适的方式结合。In the description of the present specification, the description of the terms "one embodiment", "another embodiment" or the like means that a specific feature, structure, material or characteristic described in connection with the embodiment or example is included in at least one implementation of the present invention. In the example or example. In the present specification, the schematic representation of the above terms does not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in a suitable manner in any one or more embodiments or examples.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims (11)

  1. 一种基于身份验证的空间切换方法,用于具有多个用户空间的终端,其特征在于,包括:An authentication-based space switching method for a terminal having multiple user spaces, comprising:
    在当前用户空间接收身份验证密钥;Receiving an authentication key in the current user space;
    根据所述身份验证密钥,在预设密钥数据库中检索是否具有与所述身份验证密钥一致的预设密钥;Determining, according to the identity verification key, whether a preset key that is consistent with the identity verification key is retrieved in a preset key database;
    根据检索结果,确定是否根据所述身份验证密钥进行空间切换。Based on the retrieval result, it is determined whether or not to perform spatial switching according to the authentication key.
  2. 根据权利要求1所述的基于身份验证的空间切换方法,其特征在于,所述根据检索结果,确定是否根据所述身份验证密钥进行空间切换,具体包括:The method according to claim 1, wherein the determining whether to perform the space switching according to the identity verification key according to the retrieval result includes:
    当确定所述预设密钥数据库中具有与所述身份验证密钥一致的所述预设密钥时,从所述当前用户空间切换至所述预设密钥对应的目标用户空间,否则,禁止进行空间切换。When it is determined that the preset key database has the preset key that is consistent with the identity verification key, switching from the current user space to a target user space corresponding to the preset key, otherwise, Space switching is prohibited.
  3. 根据权利要求2所述的基于身份验证的空间切换方法,其特征在于,在所述在当前用户空间接收身份验证密钥之前,还包括:The method of claim 2, wherein before the receiving the identity verification key in the current user space, the method further includes:
    根据接收到的设置命令,为所述多个用户空间中的每个用户空间设置至少一个预设密钥。At least one preset key is set for each of the plurality of user spaces according to the received setting command.
  4. 根据权利要求3所述的基于身份验证的空间切换方法,其特征在于,在所述在当前用户空间接收身份验证密钥之前,还包括:The method of claim 3, wherein before the receiving the identity verification key in the current user space, the method further includes:
    将设置的所述每个用户空间对应的所述至少一个预设密钥保存至所述预设密钥数据库中,以供检索所述预设密钥数据库中是否具有与在所述当前用户空间接收到的所述身份验证密钥一致的所述预设密钥。And saving the set at least one preset key corresponding to each user space to the preset key database, so as to retrieve whether the preset key database has a space in the current user Receiving the preset key that is consistent with the authentication key.
  5. 根据权利要求3或4所述的基于身份验证的空间切换方法,其特征在于,所述至少一个预设密钥包括以下至少之一或其组合:The identity verification based space switching method according to claim 3 or 4, wherein the at least one preset key comprises at least one of the following or a combination thereof:
    指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。Fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information.
  6. 一种基于身份验证的空间切换装置,用于具有多个用户空间的终端,其特征在于,包括: An authentication-based space switching device for a terminal having multiple user spaces, comprising:
    接收单元,在当前用户空间接收身份验证密钥;Receiving unit, receiving an authentication key in the current user space;
    检索单元,根据所述身份验证密钥,在预设密钥数据库中检索是否具有与所述身份验证密钥一致的预设密钥;Retrieving unit, according to the identity verification key, retrieving in the preset key database whether there is a preset key consistent with the identity verification key;
    确定单元,根据检索结果,确定是否根据所述身份验证密钥进行空间切换。The determining unit determines, according to the retrieval result, whether to perform space switching according to the identity verification key.
  7. 根据权利要求6所述的基于身份验证的空间切换装置,其特征在于,所述确定单元具体用于:The identity-based spatial switching device according to claim 6, wherein the determining unit is specifically configured to:
    当确定所述预设密钥数据库中具有与所述身份验证密钥一致的所述预设密钥时,从所述当前用户空间切换至所述预设密钥对应的目标用户空间,否则,禁止进行空间切换。When it is determined that the preset key database has the preset key that is consistent with the identity verification key, switching from the current user space to a target user space corresponding to the preset key, otherwise, Space switching is prohibited.
  8. 根据权利要求7所述的基于身份验证的空间切换装置,其特征在于,还包括:The authentication-based spatial switching device of claim 7, further comprising:
    设置单元,在所述在当前用户空间接收身份验证密钥之前,根据接收到的设置命令,为所述多个用户空间中的每个用户空间设置至少一个预设密钥。And a setting unit, configured to set at least one preset key for each of the plurality of user spaces according to the received setting command before receiving the authentication key in the current user space.
  9. 根据权利要求8所述的基于身份验证的空间切换装置,其特征在于,还包括:The authentication-based spatial switching device according to claim 8, further comprising:
    存储单元,在所述在当前用户空间接收身份验证密钥之前,将设置的所述每个用户空间对应的所述至少一个预设密钥保存至所述预设密钥数据库中,以供检索所述预设密钥数据库中是否具有与在所述当前用户空间接收到的所述身份验证密钥一致的所述预设密钥。a storage unit, configured to save the set at least one preset key corresponding to each user space to the preset key database for retrieval after receiving the authentication key in the current user space Whether the preset key database has the preset key that is consistent with the identity verification key received in the current user space.
  10. 根据权利要求8或9所述的基于身份验证的空间切换装置,其特征在于,所述至少一个预设密钥包括以下至少之一或其组合:The identity verification based space switching device according to claim 8 or 9, wherein the at least one preset key comprises at least one of the following or a combination thereof:
    指纹信息、虹膜图像信息、人脸图像信息、文本信息、音频信息、参照物信息、颜色信息。Fingerprint information, iris image information, face image information, text information, audio information, reference object information, color information.
  11. 一种终端,具有多个用户空间,其特征在于,包括如权利要求6至10中任一项所述的基于身份验证的空间切换装置。 A terminal having a plurality of user spaces, characterized by comprising the identity verification based space switching device according to any one of claims 6 to 10.
PCT/CN2015/088506 2015-08-12 2015-08-30 Identity authentication-based space switching method and device and terminal WO2017024633A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510494129.7 2015-08-12
CN201510494129.7A CN105630592A (en) 2015-08-12 2015-08-12 Identity verification based space switching method and apparatus as well as terminal

Publications (1)

Publication Number Publication Date
WO2017024633A1 true WO2017024633A1 (en) 2017-02-16

Family

ID=56045570

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/088506 WO2017024633A1 (en) 2015-08-12 2015-08-30 Identity authentication-based space switching method and device and terminal

Country Status (2)

Country Link
CN (1) CN105630592A (en)
WO (1) WO2017024633A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106778181A (en) * 2017-01-13 2017-05-31 北京奇虎科技有限公司 Mobile terminal is switched to method, device and the mobile terminal of system protection pattern
CN106874751A (en) * 2017-01-13 2017-06-20 北京奇虎科技有限公司 Input method, device and mobile terminal under system protection pattern
CN108304740B (en) * 2017-06-02 2021-01-08 深圳三诺信息科技有限公司 Method for burning digital product key
CN109815668A (en) * 2019-01-10 2019-05-28 北京珠穆朗玛移动通信有限公司 Dual system method for controlling mobile terminal, mobile terminal and storage medium
CN110276177B (en) * 2019-05-24 2022-04-12 华为技术有限公司 Login method of intelligent terminal and electronic equipment
CN112051944B (en) * 2019-06-06 2022-05-24 成都鼎桥通信技术有限公司 Method and device for mutually switching personal space and working space on android device
CN115242472A (en) * 2022-07-08 2022-10-25 北京新唐思创教育科技有限公司 Identity verification method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102880820A (en) * 2012-08-14 2013-01-16 东莞宇龙通信科技有限公司 Method for accessing application program of mobile terminal and mobile terminal
CN104350723A (en) * 2014-05-22 2015-02-11 华为技术有限公司 Login method and device
WO2015021548A1 (en) * 2013-08-12 2015-02-19 Graphite Software Corporation Secure authentication and switching to encrypted domains
CN104516777A (en) * 2013-10-04 2015-04-15 三星电子株式会社 User interface management method and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102968343A (en) * 2012-11-14 2013-03-13 广东欧珀移动通信有限公司 Method and system for switching users
CN104156644B (en) * 2014-07-30 2017-04-19 宇龙计算机通信科技(深圳)有限公司 Multisystem entering method and device and terminal
CN104468986A (en) * 2014-11-20 2015-03-25 深圳市世纪安软信息技术有限公司 Multi-user operation mode managing method and system for mobile phone
CN104809378A (en) * 2015-04-30 2015-07-29 山东超越数控电子有限公司 User authentication design method of KVM (Kernel-based Virtual Machine) local management system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102880820A (en) * 2012-08-14 2013-01-16 东莞宇龙通信科技有限公司 Method for accessing application program of mobile terminal and mobile terminal
WO2015021548A1 (en) * 2013-08-12 2015-02-19 Graphite Software Corporation Secure authentication and switching to encrypted domains
CN104516777A (en) * 2013-10-04 2015-04-15 三星电子株式会社 User interface management method and system
CN104350723A (en) * 2014-05-22 2015-02-11 华为技术有限公司 Login method and device

Also Published As

Publication number Publication date
CN105630592A (en) 2016-06-01

Similar Documents

Publication Publication Date Title
WO2017024633A1 (en) Identity authentication-based space switching method and device and terminal
US11914695B2 (en) Secure element as a digital pocket
US9275212B2 (en) Secure element biometric authentication system
US11003755B2 (en) Authentication using emoji-based passwords
US9245131B2 (en) Multi-user universal serial bus (USB) key with customizable file sharing permissions
JP2016535902A (en) System for accessing data from multiple devices
US10629012B1 (en) Multi-factor authentication for vehicles
JP2009528582A (en) Wireless authentication
US9455985B2 (en) Method for secure key injection with biometric sensors
US10762225B2 (en) Note and file sharing with a locked device
CN110322599B (en) Door lock management method and device, electronic equipment and storage medium
US20160285911A1 (en) Context sensitive multi-mode authentication
US20180137268A1 (en) Authentication screen
CN117378173A (en) Transfer of ownership of computing device via secure processor
KR20230064623A (en) Mobile devices with secure personal memory
CN105404802A (en) Authority configuration method and apparatus
CN109977039A (en) HD encryption method for storing cipher key, device, equipment and readable storage medium storing program for executing
WO2015184894A2 (en) Method and device for implementing multi-user login mode
KR20190128868A (en) Authentication system and method of blochchain distributed ledger and cryptocurrency offline storage
US20130198836A1 (en) Facial Recognition Streamlined Login
KR20130082979A (en) User personalized recommendation system based on fingerprint identification
CN107154999B (en) Terminal and unlocking method and storage device based on environmental information
US10678895B2 (en) Data input method, and electronic device and system for implementing the data input method
JP2010267198A (en) Authentication device, method, and program
US10430571B2 (en) Trusted UI authenticated by biometric sensor

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15900830

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15900830

Country of ref document: EP

Kind code of ref document: A1