WO2019095449A1 - Method and apparatus for preventing personal information leakage - Google Patents

Method and apparatus for preventing personal information leakage Download PDF

Info

Publication number
WO2019095449A1
WO2019095449A1 PCT/CN2017/114406 CN2017114406W WO2019095449A1 WO 2019095449 A1 WO2019095449 A1 WO 2019095449A1 CN 2017114406 W CN2017114406 W CN 2017114406W WO 2019095449 A1 WO2019095449 A1 WO 2019095449A1
Authority
WO
WIPO (PCT)
Prior art keywords
event
interface
core
camouflage
information
Prior art date
Application number
PCT/CN2017/114406
Other languages
French (fr)
Chinese (zh)
Inventor
卢启伟
杨宁
刘佳
Original Assignee
深圳市鹰硕技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市鹰硕技术有限公司 filed Critical 深圳市鹰硕技术有限公司
Publication of WO2019095449A1 publication Critical patent/WO2019095449A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors

Definitions

  • the present invention relates to the field of online education technology, and in particular, to a method and apparatus for preventing personal information leakage during an online education process of the Internet.
  • the manufacturing costs of intelligent computing devices such as smart phones, tablets, laptops, etc. have generally been reduced, and have become an indispensable part of the daily lives of most ordinary people. component.
  • the use of mobile devices for online learning and further education is becoming more and more popular. It has the characteristics of flexible learning places, personalized learning content, and personalized learning modes.
  • online learning programs are also It also has instant online calls, communication and other functions, and the social itself is private and should be classified as personal sensitive information. Therefore, the function of the online learning program is divided into two parts, one is the course category, this part of the function is not private, and the other is the personal information category, such as academic scores, social learning friends, virtual currency information, and so on.
  • a typical online learning mode in the commuting process in the city allows students to learn online through mobile devices.
  • mobile devices may be loaned to peers who share the same learning hobby.
  • the course is The function of the class is to allow peers to watch, but personal information is not intended to be leaked. We will conduct unauthorized access or acquisition of personally sensitive information of device owners as personal information disclosure. How to prevent online devices from protecting personal information during lending or sharing is a variety of A technical problem faced by intelligent computing devices.
  • malware malicious programs
  • Malware programs that, when executed by a computer, adversely affect the performance and/or hazard of the computer. Unauthorized instructions for the integrity of the data.
  • a malicious program can gain access to an application; disrupt computer operations; erase files stored on the computer; collect sensitive information (such as passwords or other personal information); track the behavior of the user of the computer; use the computer for non- Expected operations and so on.
  • One prior art is to provide a mobile computing device having multiple access modes, the mobile device A lock screen page for accessing the device in the primary access mode or the secondary access mode is displayed on the touch screen display of the device.
  • the primary access mode provides access to several applications of the device, and the secondary access mode provides access to a limited set of applications.
  • the mobile device receives a touch input on the lock screen page to access the device in the secondary access mode.
  • the mobile device unlocks the device to the secondary access mode by allowing access to the set of applications and restricting access to the remaining applications of the plurality of applications.
  • this kind of device relies on the device owner's advanced setting of the device, and actively switches the device between the first-level access mode and the second-level access mode, but in real life, many information leaks occur when the device owner is not prepared. If there is no defense, if the primary access mode is not switched to the secondary access mode, sensitive information is leaked from device sharing or borrowing.
  • this technology can only classify programs at different levels of privacy, but does not distinguish between different levels of privacy within the program. That is to say, the protection function of such devices for personal information is still defective.
  • the method includes: detecting whether an event is triggered; if the detected event is triggered, comparing the detected event with each behavior in the behavior list, and determining whether the detected event conforms to the behavior in the behavior list; The event is detected to be consistent with the behavior in the behavior list, and the behavior is matched with the malicious behavior pre-stored in the behavior library; if the behavior matches the malicious behavior pre-stored in the behavior library, the behavior is determined to be malicious behavior, and the detected behavior is detected.
  • the event is a malicious event; the malicious event in the malicious behavior is intercepted.
  • the invention can automatically and effectively identify malicious behaviors and intercept them in real time during the malicious behavior monitoring process.
  • this kind of matching behavior is difficult to adapt to rapid changes in malicious behavior.
  • a monitoring device cannot include all kinds of malicious behaviors, and the technology is only theoretically feasible.
  • Still another prior art provides an application protection method and apparatus for improving application security and improving user experience.
  • the protection method of the application includes receiving first information input by a user, the first information is used to start a first application, and determining whether the first application belongs to a preset application to be spoofed; When the first application belongs to a preset application to be disguised, a preset camouflage interface is displayed to the user, and the camouflage interface is used to indicate that the application is abnormal.
  • This approach improves application security and improves the user experience.
  • the first information is not limited to click information, for example. For example, it can also be double-click, select, etc.
  • Still another prior art provides an implicit identity authentication method based on natural interaction, the steps comprising: 1) implicitly triggering and enabling an implicit identity authentication process; 2) enabling multiple collection devices to implicitly collect the user's a plurality of biometric information; 3) determining whether biometric information is available for use, and if no biometric information is available, prompting implicit guiding information within the preset number of acquisitions and opening the information related to the guiding information
  • the collecting device collects the biometric information of the user, and continues to determine whether the biometric information that is available is collected; if the biometric information that is available is collected, the collected biometric information is used as the user to be authenticated
  • the feature information is verified and matched with the corresponding pre-stored biometric information; 4) if the matching is consistent, the user is allowed to perform a specific operation; if the matching is inconsistent, the user is prompted not to pass the identity authentication and display the identity authentication.
  • This method can perform natural and high security authentication on the user identity through the implicit identity authentication method in the natural interaction process. Compared with the existing dynamic identity authentication mode, the authentication process is naturally not rigid, without disturbing the user.
  • This technology has greatly improved compared to the existing verification methods, but there are still major flaws, that is, the implicit authentication method is not enough "implicit" because when a series of biological information is collected, if Explicit verification can be started without verification. Explicit verification is essentially a reminder to the operator. This is what the device owner does not want to see. It is more desirable that the entire process be completed under implicit conditions.
  • the system collects user history operation information and operation information and uploads the operation information to the cloud platform, and the cloud platform analyzes and learns the user history operation information to find a user operation habit set. Stored as flag information; the historical operating habit set is iteratively updated as the number of uses of the user increases; when used, the system pairs the user The identity information is verified. If the verification fails, the user access is denied. If the verification is passed, the user operation information is compared with the stored flag information, and if the comparison is successful, the user access is run, otherwise the user access is denied. Suitable for identification.
  • the online payment function of the mobile phone is used to open a payment APP, and the user draws a circle on the touch screen of the mobile phone before the payment operation, and then performs a payment operation.
  • the system records this operating habit as a contrast operation in the future, but the accuracy of this gesture is very low, and it is very easy to be observed and imitated.
  • the gesture itself has no practical significance, it is only now There are technical gesture verifications. For the timing of activation verification, it is also a kind of implicit authentication before the program is started, and it is also indistinguishable. It will be verified every time, which will bring inconvenience to the normal use of the user.
  • the object of the present invention is to provide a method and a device for protecting personal information and having sufficient protection against personal information leakage, and the method or device does not significantly increase the burden on the user or the device owner, and throughout the verification process. In, all are implicit verification.
  • a method of preventing the disclosure of personal information including:
  • the step S6 includes:
  • S601 Generate a first camouflage interface according to the core event, and provide camouflage information
  • S602 Determine whether a second predetermined operation event occurs on the first masquerading interface, if yes, execute S5; if not, execute S603:
  • S603 Generate a second camouflage interface.
  • the step S6 includes:
  • S601' generating a first camouflage interface according to the core event, and providing camouflage information
  • S602' determining whether a second predetermined operation event occurs on the first masquerading interface, and if so, executing 604'; if not, executing S603':
  • performing the core event enables obtaining information requiring protection, and the pre-stored first predetermined operational event is an operation of an actual function possessed by the program.
  • performing the core event enables obtaining information requiring protection, and the pre-stored first predetermined operational event is a combination of operations of actual functions possessed by the program.
  • a first receiving module configured to receive a user startup program instruction
  • a second receiving module configured to receive a user trigger core event instruction, a first determining module, configured to determine whether a core event is triggered, and a second determining module, configured to determine an operation and a pre-stored in the behavior library before the triggering of the core event Whether the first predetermined operational event matches;
  • Storage medium for storing behavior libraries for storing behavior libraries.
  • the method further includes: a third determining module, configured to determine whether a second predetermined operation event occurs on the first camouflage interface.
  • the method for preventing personal information leakage of the present application does not perform identity verification when the program is started, but chooses to judge whether to execute the core event after the core event is triggered, and cancels the verification of the identity every time the startup program is performed.
  • the user's experience, on the other hand, the successful authentication of the program does not mean that the personal information is not leaked when the device is shared and used during the use of the device. Therefore, a series of judgments when triggering the core event can be effective. Monitor and block personal information disclosure.
  • the "predetermined operation” in this application is essentially that the owner of the device habitually records and saves other functions before triggering the core event.
  • the owner of the device wishes to execute the core event, due to the operational habits Perform the scheduled operation first. If the device is judged to have such a predetermined operation before triggering the core event, it is considered that the owner of the device is performing the corresponding operation to perform the core event normally, otherwise it is considered to be a personal information leak.
  • “Scheduled operation” is a function with substantial functions. It is not a simple gesture operation. The gesture operation is easy to be imitated, but the combination of the function of the essential function, especially the continuous functional operation, is not easily found by others because others cannot The artificially set connection between operations is seen in the use of seemingly normal programs.
  • the application also proposes a scientific method for generating a camouflage interface. Because the implicit identity verification is combined with the first camouflage interface, the device owner himself/herself generates a first camouflage interface due to a misoperation during normal use. Can not be effectively identified, therefore, in order to avoid misleading the normal use of the device owner, here in the environment of the first camouflage interface, a second predetermined operational event is also preset, the second predetermined operational event and device possession The operation of the core event is completely consistent, and the device owner's operating habits are still used for identity verification, and no explicit authentication is performed, and the entire verification process is embodied as implicit verification.
  • the first camouflage interface is placed between two predetermined operational event judgments, which greatly avoids the probability of the device owner's misoperation, and effectively protects the device owner's personal privacy.
  • Figure 1 is a flow chart showing the core operation of the conventional technology
  • FIG. 2 is a flow chart of a first embodiment for preventing leakage of personal information in the present invention
  • FIG. 3 is a flow chart of a second embodiment of preventing personal information leakage in the present invention.
  • FIG. 4 is a flow chart of a third embodiment of preventing personal information leakage in the present invention.
  • FIG. 6 is a second tab menu interface of an example online learning program in the present invention.
  • Figure 7 is a third tab menu interface of an exemplary online learning program in the present invention.
  • a program represents an application that includes personally sensitive information
  • the application includes a variety of functions, the execution of which is called an event
  • the core event represents a function in the execution of the application to obtain personally sensitive information.
  • the user generally needs to unlock the device when the device is started or when the screen saver is released.
  • the unlocking operation generally includes verification of the identity.
  • FIG. 1 is a typical operation flow of the prior art. After starting the device, a series of startup programs are executed to execute core events. When the device is shared and the device is borrowed during use, the leakage of personal sensitive information occurs after the identity verification. In this embodiment, the authentication is not performed in the startup program, but the core event is triggered. It is judged whether to execute the core event.
  • a logic for forward verification is proposed for the judgment after the core event is triggered.
  • the general verification is to see whether the behavior matches the data in the personal information disclosure behavior database, and if so, it is recognized as personal information. Leakage behavior, so the device can only judge according to the data of the existing database. If it can neither be judged to be legal nor judged to be malicious, it can only be released. But this judgment is very inefficient, and devices often need to update the database frequently to cope with a growing variety of malicious behavior.
  • a method for preventing leakage of personal information includes:
  • S1 Start; this method of preventing personal information leakage is generally initiated when the device is started or when the device owner releases the lock screen. Because there are many programs in the device that involve sensitive personal information, such as various online learning programs, as long as these programs are launched, it is necessary to prevent personal information from being leaked.
  • S3 judging whether a core event is triggered, and if so, entering S4; for the above program, many functions do not involve personal information, and the information may be a function of a large number of repeated use by the operator, such as Figure 5-7. It is a typical online learning program in the 1-3 label menu interface, wherein the third tab menu interface involves personal information and is a core event.
  • the "General Function 1", "General Function 2", and "Common Function 3" in the first tab menu interface do not involve personal sensitive information.
  • the common functions can be online search, course search, push news, etc.
  • the function of the information if the system performs judgment or authentication every time the user uses the first tab menu interface, it will greatly affect the user experience.
  • the operating habits may include, but are not limited to, an application used by the user,
  • the collection of operating habits in these prior art methods cannot solve the problem of personal information leakage.
  • the core event is also a parallel application, but as mentioned earlier, it is complicated to verify each shipment, and information leakage occurs in a program.
  • Specific functions, rather than the entire program, involve the disclosure of personal information, increasing the level of security or expanding the protection of information can cause a decline in user experience. Entering passwords is explicit; gestures are easy to imitate; fingerprint verification is not an operating habit and is still part of biological information.
  • Step S4 is intended to be judged in a manner that does not interrupt the user's operation.
  • a predetermined operational event refers to the execution of other functions in an open program or a collection of such functions performed, such as general functions, such as course information.
  • the device can determine that the operator is the owner of the device, so that it can enter the next S5, otherwise, the behavior of triggering the core event is considered It is a personal information leak.
  • the pre-determined operation in this application corresponds to the function of the actual application. When the user performs this operation, the actual function is completed by the program, which is different from using other programs as pre-operations or using gesture fingerprints, etc. No practical operation.
  • the "predetermined operation" is essentially that the owner of the device habitually records and saves other functions before triggering the core event. These functions have their own substantive meanings, but there is no mutual relationship between them. Any logical connection, therefore, the combination of these functions or functions as a predetermined operation enables both the operator to perform substantial operations and good implicit authentication, when the owner of the device wishes to perform core events. At the time, the predetermined operation is performed first due to the habit of operation.
  • the device If the device is judged to have such a predetermined operation before triggering the core event, it is considered that the owner of the device is performing the corresponding operation to enter S5, otherwise it is considered to be a personal information leak. For habitual pre-operations, this does not increase the burden on the user, because it is not used as a determination condition, and the user also uses the function of operating the program in this way.
  • a user is accustomed to trigger a general function in the first tab menu interface, for example, to learn about the latest course introduction, and then trigger the general function 1 to understand the examination time of the corresponding subject, and then enter the third tab menu interface.
  • Trigger personal information 2 such as checking the account balance to decide whether to recharge. Then execute the general function 2 and then execute the general function 1 to enter the "predetermined operation" of the core event of the third tab menu interface.
  • the "predetermined operation” setting it can be flexible and variable, which is closely related to the habits of the device owner.
  • the owner of the device can artificially develop a unique operating habit based on the needs of information security, and then trigger a qualification for the core event for a new type of authentication.
  • This new authentication is different from existing password or fingerprint authentication.
  • the latter is purely authentication, but uses a predetermined operation to verify identity. It is itself a service that can provide the operator with the functions of the program. In addition, it There is no obvious discontinuity in the procedure.
  • S6 Generate a camouflage interface to provide camouflage information.
  • the significance of generating a camouflage interface is that it will be the whole The operations are performed in an implicit manner, and no prompts or information about the pass or fail of authentication are provided to the person in use.
  • the provision of camouflage interface or camouflage information is prior art, which has been mentioned in the prior art, but in the prior art, the startup or triggering of the camouflage interface is very unscientific, and the first is as long as it is started. A program directly generates a camouflage interface that needs to be decrypted and then used, which will cause great inconvenience to the user. Second, artificially trigger the camouflage interface, but this design can not effectively protect personal information.
  • the generation of the camouflage interface in S6 has a premise. It is not a blind startup program to generate a camouflage interface, nor is it a manual switch. Instead, in the process of using the program, the identity verification is performed without traces, and then the camouflage interface is generated. It is difficult for others to find that they are not the owner of the device when they use the program normally. In the case of implicit authentication, the camouflage interface is also generated after the verification, which is confused by the camouflage interface.
  • executing the core event can obtain information that needs to be protected, and the predetermined operation event is any other function in the program except the core event.
  • executing the core event can obtain information that needs to be protected, and the predetermined operation event is a combination of any other function in the program except the core event.
  • the step S6 includes:
  • S601 Generate a first camouflage interface according to the core event, and provide camouflage information
  • S602 determining whether a second predetermined operation event occurs on the first masquerading interface, if yes, executing S5; if not, executing S603;
  • S603 Generate a second camouflage interface.
  • the second predetermined operational event corresponds to a functional operation of the core event.
  • the implicit authentication can be further performed according to the operation of the operator on the first camouflage interface.
  • the prior art there is no technology for using implicit authentication and camouflage interfaces.
  • the inventor found in actual operation that such implicit authentication is too confusing, sometimes even the real device owner is mishandling. In the case, it will be confused by the generated first camouflage interface. To sum up, it is because there is no interaction between the implicit authentication and the user, which is a one-way process of information transmission.
  • the party The method further includes comparing whether the operation in the environment of the first camouflage interface matches the second predetermined operational event, and if so, the operation before the core operation can be considered as not consistent with the first predetermined operational event, but It's just a misuse. Therefore, S5 can be executed to execute the core event. However, if it fails again in the second implicit authentication, the system will generate a second masquerading interface to provide false information.
  • the step S6 includes:
  • S601' generating a first camouflage interface according to the core event, and providing camouflage information
  • S602' determining whether a second predetermined operation event occurs on the first masquerading interface, and if so, executing 604'; if not, executing S603':
  • the inventive concept of the present application is mainly embodied by a combination of a first predetermined operational event, a first masquerading interface, and a second predetermined operational event, such that the completely implicit authentication allows all verification actions to be unknown to the user. In the case of love.
  • a device that prevents disclosure of personal information including:
  • a first receiving module configured to receive a user startup program instruction
  • a second receiving module configured to receive a user trigger core event instruction, a first determining module, configured to determine whether a core event is triggered, and a second determining module, configured to determine an operation and a pre-stored in the behavior library before the triggering of the core event Whether the first predetermined operational event matches;
  • Storage medium for storing behavior libraries for storing behavior libraries.
  • the method further includes: a third determining module, configured to determine whether a second predetermined operation event occurs on the first camouflage interface.
  • the method further includes: displaying, by the display module, the first fake interface to the operator when the second determining module is authenticated.
  • the first fake interface is generated according to the core event interface.
  • the user erroneously operates to generate the first masquerading interface, it is only necessary to perform the "my" corresponding function on the first masquerading interface, that is, the second predetermined event, and then can switch back to the core event or The verification of the first predetermined event is resumed.
  • the user of the device performs a touch gesture to select the determination.
  • the user can trigger the core event by a touch gesture or an action-based gesture to direct the device.
  • a touch gesture or an action-based gesture For example, a user taps and presses a function button of an application icon, and those skilled in the art will understand that these are merely exemplary gestures. Other gestures can be used to perform the same function.
  • Different touch gestures eg, single tap, two taps, single tap, tap and press (ie, press), drag, pinch, stretch press, rotate, etc.
  • touch gestures eg, single tap, two taps, single tap, tap and press (ie, press), drag, pinch, stretch press, rotate, etc.
  • the device can be placed face down or face up on a surface, the device can be flipped, or any other motion-based gesture can be passed through one or more orientation/motion detection components of the computing device, such as a gyroscope And accelerometer detected.
  • the application described above is implemented as a program that specifies a set of instructions recorded on a computer readable storage medium (also referred to as a computer readable medium).
  • a computer readable storage medium also referred to as a computer readable medium.
  • the instructions When the instructions are executed by one or more computing or processing units (eg, one or more processors, a processor's core, or other processing unit), the instructions enable one or more processing units to perform the action.
  • Examples of computer readable media include, but are not limited to, CD-ROMs, flash drives, random access memory (RAM) chips, hard disk drives, erasable programmable read only memory (EPROM), electrically erasable programmable read only memory (EEPROM) )Wait.
  • the computer readable medium does not include carrier and electrical signals that are transmitted wirelessly or through a wired connection.
  • program is intended to include firmware residing in a read-only memory or an application stored in a magnetic storage device, which can be read into a memory for processing by Processing.
  • program inventions can be implemented as sub-portions of larger programs while preserving different program inventions.
  • multiple program inventions may also be implemented as separate programs.
  • the devices in this specification include, by way of example, a smart phone, a tablet, a laptop, and the like.
  • the mobile computing device includes one or more processing units, a memory interface, and a peripheral device interface.
  • the peripheral device interface is coupled to various sensors and subsystems including a camera subsystem, one or more wireless communication subsystems, an audio subsystem, an input/output (I/O) subsystem, and the like.
  • the peripheral device interface enables communication between the processing unit and various peripheral devices.
  • orientation sensing A device eg, a gyroscope
  • an acceleration sensor eg, an accelerometer
  • the camera subsystem is coupled to one or more optical sensors (eg, charge coupled device (CCD) optical sensors, complementary metal oxide semiconductor (CMOS) optical sensors, etc.).
  • a camera subsystem coupled to the optical sensor facilitates camera functions, such as image and/or video data capture.
  • the wireless communication subsystem is used to facilitate communication functions.
  • the wireless communication subsystem includes a radio frequency receiver and transmitter, and an optical receiver and transmitter. These receivers and transmitters of some embodiments are implemented to operate on one or more communication networks, such as a GSM network, a Wi-Fi network, a Bluetooth network, and the like.
  • the audio subsystem is coupled to the speaker to output audio. Additionally, the audio subsystem is coupled to a microphone to facilitate voice-enabled functions such as voice recognition, digital recording, and the like.
  • the I/O subsystem involves the transfer of input/output peripherals (such as displays, touch screens, etc.) and the processing unit's data bus through a peripheral interface.
  • the input/output subsystem includes a touch screen controller and other input controllers to facilitate transfer between the input/output peripherals and the data bus of the processing unit.
  • the touch screen controller is coupled to the touch screen.
  • the touch-screen controller uses any multi-touch technology to detect contact and movement on the touch screen.
  • Other input controllers are coupled to other input/control devices, such as one or more buttons.
  • Some embodiments include a proximity touch screen and a corresponding controller that can detect an alternate touch interaction or a proximity touch interaction other than a touch interaction.
  • the memory interface is coupled to the memory.
  • the memory includes a combination of volatile memory (eg, high-speed random access memory), non-volatile memory (eg, flash memory), volatile memory, and non-volatile memory and/or Or any other type of memory.
  • volatile memory eg, high-speed random access memory
  • non-volatile memory eg, flash memory
  • volatile memory e.g., volatile RAM
  • non-volatile memory eg, flash memory
  • the memory also includes: communication instructions to facilitate communication with one or more additional devices; graphical user interface instructions to facilitate graphical user interface processing; image processing instructions to facilitate image related processing and functions; facilitate input related (eg, touch input) Process and function input processing instructions; audio processing instructions that facilitate audio-related processes and functions; and camera instructions that facilitate camera-related processes and functions.
  • the above instructions are merely exemplary, and in some embodiments, the memory includes additional and/or other instructions.
  • a memory for a smart phone can include phone instructions that facilitate phone related processes and functions.
  • the above identified instructions do not need to be used as separate programs or modules. Implementation.
  • the various functions of the mobile computing device can be implemented in hardware and/or a program, including in one or more signal processing and/or application specific integrated circuits.
  • Some embodiments embodying the present invention utilize an electronic system that can be a computer (eg, a desktop computer, a personal computer, a tablet, etc.), a telephone, a PDA, or any other kind of electronic or computing device.
  • a computer eg, a desktop computer, a personal computer, a tablet, etc.
  • Such electronic systems include various types of computer readable media and interfaces for various other types of computer readable media.
  • Electronic systems include buses, processing units, graphics processing units (GPUs), system memories, networks, read-only memories, persistent storage devices, input devices, and output devices.
  • the bus generally represents all of the systems, peripherals, and chipset buses that are communicatively coupled to many of the internal devices of electronic system 6800.
  • the bus can communicatively connect one or more processing units to read only memory, GPUs, system memory, and persistent storage devices.
  • the processing unit retrieves the instructions to be executed and the data to be processed from these various memory units in order to perform the processes of the present invention.
  • one or more of the processing units can be a single processor or a multi-core processor. Some instructions are passed to and executed by the GPU.
  • the GPU can offload various computing instructions or supplement the image processing provided by the processing unit.
  • a read only memory (ROM) stores static data and instructions required by one or more processing units and other modules of the electronic system.
  • Permanent storage devices on the other hand, are read and write memory devices. The device is even in an electronic system
  • Non-volatile memory locations that store instructions and data when closed.
  • Some embodiments of the present invention use mass storage devices, such as magnetic or optical disks and their corresponding hard drives, as permanent storage devices.
  • the terms "computer,” “server,” “processor,” and “memory” mean electronic or other technical device. These terms exclude people or Group of people.
  • display or display is meant to be displayed on an electronic device.
  • computer readable medium and “machine readable medium” are fully limited to tangible physical objects that store information in a form readable by a computer. These terms do not include any wireless signals, cable download signals, and any other ephemeral signals.
  • the method for preventing personal information leakage of the present invention does not perform identity verification when the program is started, but selects whether to perform core events after the core event is triggered, and cancels the authentication of the identity every time the startup program is performed.
  • the experience, on the other hand the successful authentication of the program does not mean that the personal information is not leaked when the device is shared and used during the use of the device. Therefore, a series of judgments when triggering the core event can be effective for the individual. Information disclosure is monitored and intercepted.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

The present invention provides a method for preventing personal information leakage, and in particular a method and apparatus for preventing personal information leakage applied to the field of Internet teaching. The method and apparatus of the present invention select to determine, after a core event is triggered, whether to execute the core event, instead of performing identity authentication when starting a program, cancel the identity authentication every time the program is started, and improve user experience. In addition, a successful identity authentication for the program does not represent that personal information leakage would not occur when sharing a device, and lending the device during use. Therefore, only a series of determinations during the triggering of a core event can effectively monitor and intercept the personal information leakage.

Description

一种防止个人信息泄露的方法和装置Method and device for preventing leakage of personal information 技术领域Technical field
本发明涉及在线教育技术领域,特别是涉及一种用于互联网在线教育过程中防止个人信息泄露的方法和装置。The present invention relates to the field of online education technology, and in particular, to a method and apparatus for preventing personal information leakage during an online education process of the Internet.
背景技术Background technique
随着当前通讯技术的发展和智能化设备的普及,智能计算设备如智能电话、平板电脑、膝上型电脑等制造成本普遍降低,已经成为了大多数普通民众日常生活中不可或缺的一个重要组成部分。使用移动设备中进行在线学习、深造越来越普遍,其具有学习地点灵活化,学习内容个性化,学习模式私人化等特点,而且随着学习程序的社交功能越来越多,在线学习程序也同样具有即时在线通话、交流等功能,而社交本身具有私密性,应被列为个人敏感信息。因此,在线学习程序的功能分为两部分,一种是课程类的,这部分功能不具有私密性,另一种为个人信息类的,比如学习成绩、社交学习的好友、虚拟货币信息等。一种典型的在城市上班通勤过程中的在线学习模式为学员通过移动设备进行在线学习,在学习过程中可能将移动设备借给同行的有共同学习爱好的同伴共享,在借出过程中,课程类的功能是可以让同伴观看的,但个人信息是不希望泄露的。我们将对设备拥有者的个人敏感信息进行未经允许的访问或获取的行为称为个人信息泄露,如何防止在线学习中,移动设备在借出时或分享时对个人信息的保护,是各种智能计算设备客观面临的一个技术问题。With the development of current communication technologies and the popularization of intelligent devices, the manufacturing costs of intelligent computing devices such as smart phones, tablets, laptops, etc. have generally been reduced, and have become an indispensable part of the daily lives of most ordinary people. component. The use of mobile devices for online learning and further education is becoming more and more popular. It has the characteristics of flexible learning places, personalized learning content, and personalized learning modes. And with the increasing social functions of learning programs, online learning programs are also It also has instant online calls, communication and other functions, and the social itself is private and should be classified as personal sensitive information. Therefore, the function of the online learning program is divided into two parts, one is the course category, this part of the function is not private, and the other is the personal information category, such as academic scores, social learning friends, virtual currency information, and so on. A typical online learning mode in the commuting process in the city allows students to learn online through mobile devices. In the learning process, mobile devices may be loaned to peers who share the same learning hobby. In the process of lending, the course is The function of the class is to allow peers to watch, but personal information is not intended to be leaked. We will conduct unauthorized access or acquisition of personally sensitive information of device owners as personal information disclosure. How to prevent online devices from protecting personal information during lending or sharing is a variety of A technical problem faced by intelligent computing devices.
还有一种需要对个人信息的保护情况是应对恶意程序(也被称为“恶意程序”)的威胁,恶意程序是指当被计算机执行时不利地影响计算机的性能和/或危害存储在计算机上的数据的完整性的未经授权的指令。作为示例,恶意程序可以获得对应用的访问;扰乱计算机操作;擦除存储在计算机上的文件;收集敏感信息(例如密码或其它个人信息);追踪计算机的用户的行为;使用计算机以用于非预期操作等等。There is also a need to protect personal information in response to malicious programs (also known as "malware"), which are programs that, when executed by a computer, adversely affect the performance and/or hazard of the computer. Unauthorized instructions for the integrity of the data. As an example, a malicious program can gain access to an application; disrupt computer operations; erase files stored on the computer; collect sensitive information (such as passwords or other personal information); track the behavior of the user of the computer; use the computer for non- Expected operations and so on.
一种现有技术是提供了具有多种访问模式的移动计算设备,所述移动设 备在设备的触摸屏显示器上显示用于在一级访问模式下或二级访问模式下访问所述设备的锁屏页面。所述一级访问模式提供对设备的若干应用程序的访问,并且二级访问模式提供对有限的一组应用程序的访问。移动设备接收锁屏页面上的触摸输入以在二级访问模式下访问设备。移动设备通过允许对该组应用程序的访问以及限制对多个应用程序中的剩余应用程序的访问来将设备解锁至所述二级访问模式。但这种设备依赖于设备拥有人对设备的提前设定,主动的将设备在一级访问模式和二级访问模式之间切换,但在现实生活中很多的信息泄露发生在设备拥有人没有准备或没有防备的情况下,若没有将一级访问模式切换到二级访问模式,导致设备共享或外借发生了敏感的人个信息外泄。另外,这种技术只能将程序按不同涉及隐私的级别分级,但不能对程序内部的多种不同功能进行涉及隐私等级的区分。也就是说,这种设备的对个人信息的保护功能还是具有缺陷。One prior art is to provide a mobile computing device having multiple access modes, the mobile device A lock screen page for accessing the device in the primary access mode or the secondary access mode is displayed on the touch screen display of the device. The primary access mode provides access to several applications of the device, and the secondary access mode provides access to a limited set of applications. The mobile device receives a touch input on the lock screen page to access the device in the secondary access mode. The mobile device unlocks the device to the secondary access mode by allowing access to the set of applications and restricting access to the remaining applications of the plurality of applications. However, this kind of device relies on the device owner's advanced setting of the device, and actively switches the device between the first-level access mode and the second-level access mode, but in real life, many information leaks occur when the device owner is not prepared. If there is no defense, if the primary access mode is not switched to the secondary access mode, sensitive information is leaked from device sharing or borrowing. In addition, this technology can only classify programs at different levels of privacy, but does not distinguish between different levels of privacy within the program. That is to say, the protection function of such devices for personal information is still defective.
还有一种现有技术,是一种恶意行为的监控方法及装置,属于监控领域。所述方法包括:检测是否有事件被触发;若检测到事件被触发,将检测到的事件与行为列表中的各行为进行比对,并判断检测到的事件是否符合行为列表中的行为;若检测到该事件符合行为列表中的行为,将行为与行为库中预先存储的恶意行为进行匹配;若行为与行为库中预先存储的恶意行为相匹配,则判定行为为恶意行为,被检测到的事件为恶意事件;对恶意行为中的恶意事件进行拦截。本发明通过采用自动对恶意行为中的恶意事件进行拦截的方式,从而使得在恶意行为监控过程中,能够自动对恶意行为进行有效、快速识别并实时拦截。但这种匹配的行为很难适应快速的恶意行为变化,一种监控装置是无法包括所有种类的恶意行为的,该技术中只是理论上可行。There is also a prior art, which is a monitoring method and device for malicious behavior, belonging to the field of monitoring. The method includes: detecting whether an event is triggered; if the detected event is triggered, comparing the detected event with each behavior in the behavior list, and determining whether the detected event conforms to the behavior in the behavior list; The event is detected to be consistent with the behavior in the behavior list, and the behavior is matched with the malicious behavior pre-stored in the behavior library; if the behavior matches the malicious behavior pre-stored in the behavior library, the behavior is determined to be malicious behavior, and the detected behavior is detected. The event is a malicious event; the malicious event in the malicious behavior is intercepted. By adopting a method of automatically intercepting malicious events in malicious behavior, the invention can automatically and effectively identify malicious behaviors and intercept them in real time during the malicious behavior monitoring process. However, this kind of matching behavior is difficult to adapt to rapid changes in malicious behavior. A monitoring device cannot include all kinds of malicious behaviors, and the technology is only theoretically feasible.
还有一种现有技术提供了一种应用程序的保护方法和装置,为提高应用程序的安全性且提高用户体验。该应用程序的保护方法包括接收用户输入的第一信息,所述第一信息用于启动第一应用程序;判断所述第一应用程序是否属于预先设定的要伪装的应用程序;在所述第一应用程序属于预先设定的要伪装的应用程序时,向用户显示预先设定的伪装界面,所述伪装界面用于表明所述应用程序出现异常。该方法提高应用程序的安全性且提高用户体验。当然,根据不同应用程序设定的启动方式,第一信息也不限于点击信息,例 如也可以是双击、选择等信息。这种保护方法最大的问题是对待任何程序访问人都无差别的生成伪装界面,给设备拥有者也造成很大的困扰,每次打开该选定程序,都会生成伪装界面,需要输入解密信息才能进行下一步的操作,非常的不方便,而且正如前文分析,很多程序的大部分的功能都不涉及个人信息,对学习程序本身来说,大部分的功能都不具有隐私性,比如具体的课程内容和课程安排等,只有涉及个人信息的部分才具有隐私性。如果对程序本身设定过于严格的保密级别,既没有必要,也不方便操作。Still another prior art provides an application protection method and apparatus for improving application security and improving user experience. The protection method of the application includes receiving first information input by a user, the first information is used to start a first application, and determining whether the first application belongs to a preset application to be spoofed; When the first application belongs to a preset application to be disguised, a preset camouflage interface is displayed to the user, and the camouflage interface is used to indicate that the application is abnormal. This approach improves application security and improves the user experience. Of course, according to the startup mode set by different applications, the first information is not limited to click information, for example. For example, it can also be double-click, select, etc. The biggest problem with this protection method is that it generates a disguised interface that is indistinguishable from any program visitor, which also causes great trouble to the device owner. Each time the selected program is opened, a camouflage interface is generated, and the decryption information needs to be input. It is very inconvenient to carry out the next step, and as the analysis above, most of the functions of many programs do not involve personal information. For the learning program itself, most of the functions are not private, such as specific courses. Content, course schedules, etc., only the part that involves personal information is private. If the program itself is set to a strict level of confidentiality, it is neither necessary nor convenient to operate.
还有一种现有技术提供了一种基于自然交互的隐式身份认证方法,其步骤包括:1)隐式触发并开启隐式身份认证过程;2)开启多个采集设备,隐式采集用户的多个生物特征信息;3)判断是否采集到可利用的生物特征信息,如果没有采集到可利用的生物特征信息,则在预设采集次数内提示隐式引导性信息并开启与引导性信息相关的采集设备采集用户的生物特征信息,并继续判断是否采集到可利用的生物特征信息;如果采集到可利用的生物特征信息,则将采集到的可利用的生物特征信息作为用户的待认证生物特征信息与对应的预存生物特征信息进行验证匹配;4)如果匹配一致,则允许用户进行特定操作;如果匹配不一致,则提示用户未通过身份认证并进行显示身份认证。这种方法通过自然交互过程中的隐式身份认证方式可以对用户身份进行自然、高安全性认证,相较于现有动态身份认证的方式,认证过程自然不死板,在不干扰用户的情况下,隐式提取待认证生物特征信息进行身份认证,或者通过简单隐式引导性提示信息,促使用户产生特定自然反应后,再隐式提取待认证生物特征信息进行身份认证。这种技术相对于现有的验证方式有了很大的改善,但仍存在重大的缺陷,即隐式的身份认证方式还不够“隐式”,因为当一系列的生物信息被搜集后,如果不能通过验证,就开始了显性的验证,显性的验证实质上是对操作人员的一种提醒,这是设备拥有者不希望看到了,其更希望整个过程在隐性的前提下完成。Still another prior art provides an implicit identity authentication method based on natural interaction, the steps comprising: 1) implicitly triggering and enabling an implicit identity authentication process; 2) enabling multiple collection devices to implicitly collect the user's a plurality of biometric information; 3) determining whether biometric information is available for use, and if no biometric information is available, prompting implicit guiding information within the preset number of acquisitions and opening the information related to the guiding information The collecting device collects the biometric information of the user, and continues to determine whether the biometric information that is available is collected; if the biometric information that is available is collected, the collected biometric information is used as the user to be authenticated The feature information is verified and matched with the corresponding pre-stored biometric information; 4) if the matching is consistent, the user is allowed to perform a specific operation; if the matching is inconsistent, the user is prompted not to pass the identity authentication and display the identity authentication. This method can perform natural and high security authentication on the user identity through the implicit identity authentication method in the natural interaction process. Compared with the existing dynamic identity authentication mode, the authentication process is naturally not rigid, without disturbing the user. The implicitly extracting the biometric information to be authenticated for identity authentication, or prompting the user to generate a specific natural reaction through simple implicit guiding prompt information, and then implicitly extracting the biometric information to be authenticated for identity authentication. This technology has greatly improved compared to the existing verification methods, but there are still major flaws, that is, the implicit authentication method is not enough "implicit" because when a series of biological information is collected, if Explicit verification can be started without verification. Explicit verification is essentially a reminder to the operator. This is what the device owner does not want to see. It is more desirable that the entire process be completed under implicit conditions.
现有技术中还有一种用户身份识别系统的识别方法,包括以下步骤:系统采集用户历史操作信息及操作信息上传至云平台,云平台对用户历史操作信息进行分析学习,找出用户操作习惯集合作为标志信息进行存储;所述历史操作习惯集合随着用户的使用次数增加而迭代更新;使用时,系统对用户 的身份信息进行验证,若验证失败则拒绝用户访问,若验证通过则将用户操作信息与存储的标志信息进行比对,比对成功则运行用户访问,否则拒绝用户访问。适用于身份识别。但根据其记载的用户A使用手机的在线支付功能,打开某付款APP,用户每次在支付操作前,在手机的触摸屏上画一个圆圈,再进行支付操作。系统把这种操作习惯记录下来作为以后的对比操作,但这种手势的精度是非常低的,而且非常容易被人观察及模仿,另外,这种手势本身也没有任何的实际意义,其只是现有技术中的手势验证而已。对于激活验证的时机,其也是在程序启动前的一种隐性身份验证,也是无差别的,每次都会进行验证,对会对用户的正常使用带来不便。In the prior art, there is also a method for identifying a user identity recognition system, which includes the following steps: the system collects user history operation information and operation information and uploads the operation information to the cloud platform, and the cloud platform analyzes and learns the user history operation information to find a user operation habit set. Stored as flag information; the historical operating habit set is iteratively updated as the number of uses of the user increases; when used, the system pairs the user The identity information is verified. If the verification fails, the user access is denied. If the verification is passed, the user operation information is compared with the stored flag information, and if the comparison is successful, the user access is run, otherwise the user access is denied. Suitable for identification. However, according to the recorded user A, the online payment function of the mobile phone is used to open a payment APP, and the user draws a circle on the touch screen of the mobile phone before the payment operation, and then performs a payment operation. The system records this operating habit as a contrast operation in the future, but the accuracy of this gesture is very low, and it is very easy to be observed and imitated. In addition, the gesture itself has no practical significance, it is only now There are technical gesture verifications. For the timing of activation verification, it is also a kind of implicit authentication before the program is started, and it is also indistinguishable. It will be verified every time, which will bring inconvenience to the normal use of the user.
综上,可以得知,现有技术中,对于设行备中的敏感个人信息的保护方法,一种是人为的在正常使用的第一状态和限制性使用的第二状态下切换,限制性使用包括可供使用的程序数量减少,去除了包括敏感信息的程序,还有一种限制性使用是伪装界面,干脆就无法使用,或需要解密后再使用,或者,与人为切换相对应的是提前预设特定程序,一旦触发这类程序,自动开启伪装界面,只有通过人为的解密才能进一步使用,这使得隐式的身份验证变得显性,是设备拥有者不希望看到的。In summary, it can be known that in the prior art, for the protection method of sensitive personal information in the standby device, one is artificially switched in the first state of normal use and the second state of restrictive use, and is restrictive. Use includes a reduced number of programs available, removes programs that include sensitive information, and a restrictive use is a camouflage interface that simply cannot be used, or needs to be decrypted before use, or, in contrast to human switching, is advanced Preset specific programs. Once such a program is triggered, the camouflage interface is automatically opened and can only be further used by human decryption, which makes implicit authentication become dominant and is not desired by the device owner.
发明内容Summary of the invention
提出本发明的目的是给出一种保护个人信息,对个人信息泄露具有足够防护的方法和设备,并且该方法或设备不会明显增加使用人或者设备拥有者的操负担,而且在整个验证过程中,都是隐性的验证。The object of the present invention is to provide a method and a device for protecting personal information and having sufficient protection against personal information leakage, and the method or device does not significantly increase the burden on the user or the device owner, and throughout the verification process. In, all are implicit verification.
本发明的目的在于提供一种防止个人信息泄露的方法,所述方法包括:It is an object of the present invention to provide a method for preventing leakage of personal information, the method comprising:
一种防止个人信息泄露的方法,包括:A method of preventing the disclosure of personal information, including:
S1:开始;S1: Start;
S2:启动程序;S2: start the program;
S3:判断是否有核心事件被触发,若是,进入S4;S3: determining whether a core event is triggered, and if so, entering S4;
S4:判断触发核心事件之前发生的操作与行为库中预先存储的第一预定 操作事件是否匹配,如果是,进入S5,如果否进入S6;S4: determining the operation occurring before the triggering of the core event and the first reservation pre-stored in the behavior library Whether the operation events match, if yes, enter S5, if not enter S6;
S5:执行核心事件;S5: Execution of core events;
S6:生成伪装界面,提供伪装信息;S6: generating a camouflage interface to provide camouflage information;
S7:结束。S7: End.
优选的是,所述步骤S6包括:Preferably, the step S6 includes:
S601:根据核心事件来生成第一伪装界面,并提供伪装信息;S601: Generate a first camouflage interface according to the core event, and provide camouflage information;
S602:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行S5;如果否,执行S603:S602: Determine whether a second predetermined operation event occurs on the first masquerading interface, if yes, execute S5; if not, execute S603:
S603:生成第二伪装界面。S603: Generate a second camouflage interface.
优选的是,所述步骤S6包括:Preferably, the step S6 includes:
S601’:根据核心事件来生成第一伪装界面,并提供伪装信息;S601': generating a first camouflage interface according to the core event, and providing camouflage information;
S602’:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行604’;如果否,执行S603’:S602': determining whether a second predetermined operation event occurs on the first masquerading interface, and if so, executing 604'; if not, executing S603':
S603’:生成第二伪装界面;S603': generating a second camouflage interface;
S604’:退出第一伪装界面,执行S3。S604': Exit the first camouflage interface and execute S3.
优选的是,执行所述核心事件能够获得需要保护的信息,所述的预先存储的第一预定操作事件是该程序所具有的实际功能的操作。Preferably, performing the core event enables obtaining information requiring protection, and the pre-stored first predetermined operational event is an operation of an actual function possessed by the program.
优选的是,执行所述核心事件能够获得需要保护的信息,所述的预先存储的第一预定操作事件是该程序所具有的实际功能的操作的组合。Preferably, performing the core event enables obtaining information requiring protection, and the pre-stored first predetermined operational event is a combination of operations of actual functions possessed by the program.
一种防止个人信息泄露的设备,包括:A device that prevents disclosure of personal information, including:
第一接收模块,用于接收用户启动程序指令;a first receiving module, configured to receive a user startup program instruction;
第二接收模块,用于接收用户触发核心事件指令,第一判断模块,用于判断核心事件是否被触发,第二判断模块,用于判断触发核心事件之前发生的操作与行为库中预先存储的第一预定操作事件是否匹配;a second receiving module, configured to receive a user trigger core event instruction, a first determining module, configured to determine whether a core event is triggered, and a second determining module, configured to determine an operation and a pre-stored in the behavior library before the triggering of the core event Whether the first predetermined operational event matches;
存储介质,用于存储行为库。 Storage medium for storing behavior libraries.
优选的是,还包括:第三判断模块,用于判断在第一伪装界面上是否发生第二预定操作事件。Preferably, the method further includes: a third determining module, configured to determine whether a second predetermined operation event occurs on the first camouflage interface.
有益效果:Beneficial effects:
1、本申请的防止个人信息泄露的方法并没有在启动程序时进行身份验证,而是选择在核心事件被触发后才进行判断是否执行核心事件,取消了每次启动程序都对身份进行验证提高了用户的体验,另一方面,程序的身份验证成功不代表在共享设备、使用过程中的借出设备时就不发生个人信息的泄露,因此,在触发核心事件时的一系列判断才能有效的对个人信息泄露进行监控和拦截。1. The method for preventing personal information leakage of the present application does not perform identity verification when the program is started, but chooses to judge whether to execute the core event after the core event is triggered, and cancels the verification of the identity every time the startup program is performed. The user's experience, on the other hand, the successful authentication of the program does not mean that the personal information is not leaked when the device is shared and used during the use of the device. Therefore, a series of judgments when triggering the core event can be effective. Monitor and block personal information disclosure.
2、本申请中“预定操作”实质就是设备的拥有者在触发核心事件之前习惯性的对其他功能的操作被记录和保存,当设备的拥有者在希望执行核心事件时,由于操作的习惯会先执行预定操作。如果设备经过判断在触发核心事件之前有这样的预定操作,则会认为是设备的拥有者在执行相应的操作从而正常执行核心事件,否则认为是个人信息泄露。“预定操作”为有实质功能的操作,并不是简单的手势操作,手势操作容易被人模仿,但实质功能的操作特别是连续的实质功能操作的组合是不容易被他人发现的,因为他人无法在看似平常的程序使用中看出操作之间的人为设定的联系。2. The "predetermined operation" in this application is essentially that the owner of the device habitually records and saves other functions before triggering the core event. When the owner of the device wishes to execute the core event, due to the operational habits Perform the scheduled operation first. If the device is judged to have such a predetermined operation before triggering the core event, it is considered that the owner of the device is performing the corresponding operation to perform the core event normally, otherwise it is considered to be a personal information leak. "Scheduled operation" is a function with substantial functions. It is not a simple gesture operation. The gesture operation is easy to be imitated, but the combination of the function of the essential function, especially the continuous functional operation, is not easily found by others because others cannot The artificially set connection between operations is seen in the use of seemingly normal programs.
3、本申请还提出了科学的伪装界面生成的手段,由于隐性的身份验证与第一伪装界面相结合,使得设备拥有者在正常使用时由于误操作引起的生成第一伪装界面时其本人无法有效的识别出,因此,出于避免对设备拥有者的正常使用造成误导,这里在第一伪装界面的环境下,也预先设定第二预定操作事件,该第二预定操作事件与设备拥有者在操作核心事件的部分操作完全一致,仍然是利用设备拥有者的操作习惯来进行身份验证,并不向其进行显性的认证,将整个的验证过程都作为隐性的验证来体现。将第一伪装界面置于两次的预定操作事件判之间,大大避免了设备拥有者的误操作的概率,有效的保护了设备拥有者个人隐私。 3. The application also proposes a scientific method for generating a camouflage interface. Because the implicit identity verification is combined with the first camouflage interface, the device owner himself/herself generates a first camouflage interface due to a misoperation during normal use. Can not be effectively identified, therefore, in order to avoid misleading the normal use of the device owner, here in the environment of the first camouflage interface, a second predetermined operational event is also preset, the second predetermined operational event and device possession The operation of the core event is completely consistent, and the device owner's operating habits are still used for identity verification, and no explicit authentication is performed, and the entire verification process is embodied as implicit verification. The first camouflage interface is placed between two predetermined operational event judgments, which greatly avoids the probability of the device owner's misoperation, and effectively protects the device owner's personal privacy.
附图说明DRAWINGS
图1为现在技术常规的执行核心操作的流程图;Figure 1 is a flow chart showing the core operation of the conventional technology;
图2为本发明中防止个人信息泄露的第一实施例流程图;2 is a flow chart of a first embodiment for preventing leakage of personal information in the present invention;
图3为本发明中防止个人信息泄露的第二实施例流程图;3 is a flow chart of a second embodiment of preventing personal information leakage in the present invention;
图4为本发明中防止个人信息泄露的第三实施例流程图;4 is a flow chart of a third embodiment of preventing personal information leakage in the present invention;
图5为本发明中示例在线学习程序的第1标签菜单界面;5 is a first label menu interface of an example online learning program in the present invention;
图6为本发明中示例在线学习程序的第2标签菜单界面;6 is a second tab menu interface of an example online learning program in the present invention;
图7为本发明中示例在线学习程序的第3标签菜单界面。Figure 7 is a third tab menu interface of an exemplary online learning program in the present invention.
附图标记:1、第1标签菜单;2、第2标签菜单;3、第3标签菜单。Reference numerals: 1, the first label menu; 2, the second label menu; 3, the third label menu.
具体实施方式Detailed ways
下面将结合附图对本发明的具体实施方式进行详细说明。应当理解,此处所描述的实施例仅仅是用于解释本发明,并不是用于限制本发明。有关领域的普通技术人员在不背离本发明精神的情况下所做的各种变化和变形,都在本发明的独立权利要求和从属权利要求的范围内。Specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It is understood that the embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Various changes and modifications may be made by those skilled in the art without departing from the spirit and scope of the invention.
在本文中,程序代表包括个人敏感信息的应用程序,该应用程序包括多种功能,对这些功能的执行称为事件,核心事件代表了执行应用程序中的一个功能从而获取了个人敏感信息。在现有技术中,用户一般都需要在设备启动时或解除屏幕保护时对设备进行解锁,解锁的操作一般包括对身份的验证。图1是现有技术的典型的一种操作流程,启动设备后就进行一系列的启动程序,执行核心事件。而在共享设备、使用过程中的借出设备时,个人敏感信息的泄露发生在身份验证之后,本实施例中,并没有在启动程序中进行身份验证,而是选择在核心事件被触发后才进行判断是否执行核心事件,这是因为每次启动程序都对身份进行验证是一件非常繁锁的操作,容易引起用户的不满,另一方面,程序的身份验证成功不代表在共享设备、使用过程中的借出设备时就不发生个人信息的泄露。只有在触发核心事件时的一系列判断才能有效的对个人信息泄露进行监控和拦截。 In this context, a program represents an application that includes personally sensitive information, and the application includes a variety of functions, the execution of which is called an event, and the core event represents a function in the execution of the application to obtain personally sensitive information. In the prior art, the user generally needs to unlock the device when the device is started or when the screen saver is released. The unlocking operation generally includes verification of the identity. FIG. 1 is a typical operation flow of the prior art. After starting the device, a series of startup programs are executed to execute core events. When the device is shared and the device is borrowed during use, the leakage of personal sensitive information occurs after the identity verification. In this embodiment, the authentication is not performed in the startup program, but the core event is triggered. It is judged whether to execute the core event. This is because verifying the identity every time the program is started is a very complicated operation, which is easy to cause user dissatisfaction. On the other hand, the successful authentication of the program does not mean that the device is shared and used. The leakage of personal information does not occur when the device is borrowed in the process. Only a series of judgments when triggering a core event can effectively monitor and intercept personal information disclosure.
本实施例中对于核心事件被触发后的判断提出一种正向验证的逻辑,一般的验证都是看这个行为是否与个人信息泄露行为库中数据相匹配,如果是,就被认定为个人信息泄露行为,因此设备只能根据现有数据库的数据来进行判断,对于既不能判断是合法的,也不能判断是恶意的的,就只能将其放行。但这种判断是非常低效的,设备通常需要经常更新数据库来应对日益增多种类的恶意行为。In this embodiment, a logic for forward verification is proposed for the judgment after the core event is triggered. The general verification is to see whether the behavior matches the data in the personal information disclosure behavior database, and if so, it is recognized as personal information. Leakage behavior, so the device can only judge according to the data of the existing database. If it can neither be judged to be legal nor judged to be malicious, it can only be released. But this judgment is very inefficient, and devices often need to update the database frequently to cope with a growing variety of malicious behavior.
这种设定在实践中有重要意义,不但可以排除他人的触发核心事件的行为,更重要的是,对恶意程序后台触发核心事件进行了有效的管控,目前恶意的病毒更新很频繁,新病毒层出不穷,因此很多恶意病毒并未被及时收集到数据库中,如果仅是因为某种触发行为没有被记录在数据库里,设备就将其放行。这样,就带来了个人敏感信息会被恶意程序获取的可能。而本发明中,对于是否执行核心事件的判断仅限于判断其是否满足预设的事件的发生。这大大减轻了设备判断操作的负担。This kind of setting is of great significance in practice. It can not only exclude other people's behaviors that trigger core events, but more importantly, it can effectively control the core events of malicious programs in the background. Currently, malicious virus updates are frequent, new viruses. There are endless streams, so many malicious viruses are not collected in the database in time. If only a certain triggering behavior is not recorded in the database, the device will release it. In this way, the possibility that personal sensitive information will be obtained by malicious programs is brought about. In the present invention, the determination as to whether or not to execute the core event is limited to determining whether it satisfies the occurrence of a preset event. This greatly reduces the burden on the device to judge the operation.
参见图2,一种防止个人信息泄露的方法,所述方法包括:Referring to FIG. 2, a method for preventing leakage of personal information includes:
S1:开始;一般在设备启动时或设备拥有者解除锁屏时就会启动该防止个人信息泄露的方法。因为在设备中,会有很多个涉及个人敏感信息的程序,比如各类在线学习程序,只要是对这些程序进行启动就需要防止个人信息泄露。S1: Start; this method of preventing personal information leakage is generally initiated when the device is started or when the device owner releases the lock screen. Because there are many programs in the device that involve sensitive personal information, such as various online learning programs, as long as these programs are launched, it is necessary to prevent personal information from being leaked.
S2:启动程序;只要多个涉及个人敏感信息的程序中的任意一个被启动,就需要进入后面的判断。S2: Start the program; as long as any one of the programs involving personal sensitive information is activated, it is necessary to enter the subsequent judgment.
S3:判断是否有核心事件被触发,若是,进入S4;对于上述程序中,很多功能不会涉及到个人信息,而这些信息可能是操作者平时大量的、反复使用的功能,比如图5-7是一种典型的在线学习程序中第1-3标签菜单界面,其中,第3标签菜单界面涉及个人信息,是核心事件。这里的第1标签菜单界面中的“通用功能1”、“通用功能2”、“通用功能3”就不涉及个人敏感信息,通用功能可以是在线查词、课程查找、推送新闻等不涉及个人信息的功能,如果每次用户在使用第1标签菜单界面时,系统都执行判断或者身份验证,那么将非常影响用户的体验。但对于第3标签菜单界,这里包括了用户的大 量的个人信息,比如学习兴趣好友、好友留言、虚拟财产及触发在线支付程序等,这些就属于个人的敏感信息。如果想触发第3标签菜单界面,系统应该去判断是否是设备拥有者在使用这个功能。所以在S3中,如果发现涉及个人敏感信息的事件被触发才会进入后面的判断,如果没有,系统不会打断用户的操作,保持设程序运行的流畅性。S3: judging whether a core event is triggered, and if so, entering S4; for the above program, many functions do not involve personal information, and the information may be a function of a large number of repeated use by the operator, such as Figure 5-7. It is a typical online learning program in the 1-3 label menu interface, wherein the third tab menu interface involves personal information and is a core event. The "General Function 1", "General Function 2", and "Common Function 3" in the first tab menu interface do not involve personal sensitive information. The common functions can be online search, course search, push news, etc. The function of the information, if the system performs judgment or authentication every time the user uses the first tab menu interface, it will greatly affect the user experience. But for the third tab menu world, this includes the user's big Amount of personal information, such as learning interest friends, friends messages, virtual property and triggering online payment programs, etc., are sensitive personal information. If you want to trigger the third tab menu interface, the system should determine if the device owner is using this feature. Therefore, in S3, if an event involving personal sensitive information is triggered, it will enter the subsequent judgment. If not, the system will not interrupt the user's operation and keep the program running smoothly.
S4:判断触发核心事件之前发生的操作与行为库中预先存储的第一预定操作事件是否匹配,如果是,进入S5,如果否进入S6;需要申明的是,这里的预先存诸的预定操作有别于输入密码或者输入指纹进行匹配也不是简单手预定手势,在某现有技术中,对于操作习惯可以包括但不限于用户使用的应用程序、S4: judging whether the operation occurring before the triggering of the core event matches the first predetermined operation event pre-stored in the behavior library, if yes, entering S5, if not entering S6; it needs to be stated that the pre-stored predetermined operation here has It is not a simple hand-scheduled gesture to enter a password or input a fingerprint. In some prior art, the operating habits may include, but are not limited to, an application used by the user,
用户的屏幕解锁手势/密码、用户的习惯性手势、用户的习惯性连续操作手势。但这些现有技术中对操作习惯的采集都不能很好的解决个人信息泄露的问题。首先如果将其他的应用程序做为触发核心事件的前提,那么核心事件也是并列的应用程序,但正如前文所说,每次启运程序都进行验证是复杂的,另外,信息泄露发生在某程序的具体功能上而不是整个程序都涉及泄露个人信息,提高安全级别或扩大对信息的保护会引起用户体验度下降。输入密码是显式验证;而手势易于被模仿;指纹验证并不是操作习惯,仍是生物信息的一部分。The user's screen unlock gesture/password, the user's habitual gesture, the user's habitual continuous operation gesture. However, the collection of operating habits in these prior art methods cannot solve the problem of personal information leakage. First, if other applications are used as a precondition for triggering core events, then the core event is also a parallel application, but as mentioned earlier, it is complicated to verify each shipment, and information leakage occurs in a program. Specific functions, rather than the entire program, involve the disclosure of personal information, increasing the level of security or expanding the protection of information can cause a decline in user experience. Entering passwords is explicit; gestures are easy to imitate; fingerprint verification is not an operating habit and is still part of biological information.
步骤S4希望用不打断用户操作的方式进行判断。预定操作事件指的是对打开的程序中其他功能的执行或者一系列这类功能执行的集合,比如通用功能,比如课程信息。只要在触发核心事件之前,操作者执行了一系列预定的程序的功能,设备即可判断操作人员是设备的拥有者,从而可以进入后面的S5中,否者,认为这种触发核心事件的行为是个人信息泄露。需要进一步解释的,本申请中的预见定操作对应着实际的应用程序的功能,用户在执行这操作时会有实际的功能由程序完成,这不同于将其他程序作为预先操作或者用手势指纹等无实际意义的操作。Step S4 is intended to be judged in a manner that does not interrupt the user's operation. A predetermined operational event refers to the execution of other functions in an open program or a collection of such functions performed, such as general functions, such as course information. As long as the operator performs a series of predetermined program functions before triggering the core event, the device can determine that the operator is the owner of the device, so that it can enter the next S5, otherwise, the behavior of triggering the core event is considered It is a personal information leak. To further explain, the pre-determined operation in this application corresponds to the function of the actual application. When the user performs this operation, the actual function is completed by the program, which is different from using other programs as pre-operations or using gesture fingerprints, etc. No practical operation.
在现有技术中,很少有技术关注到操作人员对应用程序的功能性的习惯性操作或者一贯性操作与操作者身份的认证之间的联系,很多的程序针对操作者的习惯提供了更人性化的设置,一方面,这些程序被设计为允许操作者 调整UI界面,比如操作者可以将平时不用的按钮删除,再增加新的、常用的按钮,这体现了按个人风格定制UI界面的思维,经过调整,UI界面上的按钮更加适应于操作者的需要;另一方面,很多程序主动的对用户进行信息的推送,比如百度会根据操作者的阅读习惯推送新闻,天猫会根据操作者的查找习惯推送特定种类的商品,这种推送的行为也提高的用户的阅读效率,可见,智能化的根据操作者的习惯对程序本身的设定或修改可以提高操作者的用户体验。同样,本实施例中,“预定操作”实质就是设备的拥有者在触发核心事件之前习惯性的对其他功能的操作被记录和保存,这些功能本身有自己的实质意义,但相互之间并没有任何的逻辑联系,因此,将这些功能或者功能的组合作为预定操作既能使操作人员进行实质性的操作,又能很好的进行隐式的身份验证,当设备的拥有者在希望执行核心事件时,由于操作的习惯会先执行预定操作。如果设备经过判断在触发核心事件之前有这样的预定操作,则会认为是设备的拥有者在执行相应的操作从而进入S5,否则认为是个人信息泄露。对于习惯性的预先操作来说,这不会增加用户的负担,因为其不作为判定条件,用户也用这样去操作程序的功能。作为一种举例,对于图5,一个用户习惯在第1标签菜单界面先触发通用功能2比如了解最新课程介绍,然后再触发通用功能1了解相应科目的考试时间,然后再进入第3标签菜单界面触发个人信息2,比如查看账户余额决定是否要充值。那么先执行通用功能2再执行执行通用功能1就是进入第3标签菜单界面这个核心事件的“预定操作”。对于“预定操作”的设置,其可以是灵活的和多变的,其与设备拥有者的习惯密切相关。In the prior art, few techniques pay attention to the operator's habitual operation of the functionality of the application or the connection between the consistency operation and the authentication of the operator identity. Many programs provide more for the operator's habits. User-friendly settings, on the one hand, these programs are designed to allow operators Adjust the UI interface, for example, the operator can delete the buttons that are not used normally, and then add new and commonly used buttons. This reflects the thinking of customizing the UI interface according to personal style. After adjustment, the buttons on the UI interface are more suitable for the operator. On the other hand, many programs actively push information to users. For example, Baidu will push news according to the reader's reading habits. Tmall will push specific types of products according to the operator's search habits. The improved user's reading efficiency can be seen, and the intelligent setting or modification of the program itself according to the operator's habit can improve the operator's user experience. Similarly, in the present embodiment, the "predetermined operation" is essentially that the owner of the device habitually records and saves other functions before triggering the core event. These functions have their own substantive meanings, but there is no mutual relationship between them. Any logical connection, therefore, the combination of these functions or functions as a predetermined operation enables both the operator to perform substantial operations and good implicit authentication, when the owner of the device wishes to perform core events. At the time, the predetermined operation is performed first due to the habit of operation. If the device is judged to have such a predetermined operation before triggering the core event, it is considered that the owner of the device is performing the corresponding operation to enter S5, otherwise it is considered to be a personal information leak. For habitual pre-operations, this does not increase the burden on the user, because it is not used as a determination condition, and the user also uses the function of operating the program in this way. As an example, for FIG. 5, a user is accustomed to trigger a general function in the first tab menu interface, for example, to learn about the latest course introduction, and then trigger the general function 1 to understand the examination time of the corresponding subject, and then enter the third tab menu interface. Trigger personal information 2, such as checking the account balance to decide whether to recharge. Then execute the general function 2 and then execute the general function 1 to enter the "predetermined operation" of the core event of the third tab menu interface. For the "predetermined operation" setting, it can be flexible and variable, which is closely related to the habits of the device owner.
当然,如果有必要,设备的拥有者完全可以基于信息安全的需要,人为的培养一种独特的操作习惯,然后为作一种全新身份验证来对核心事件触发限定条件。这种全新身份验证有别于现有的密码或指纹验证,后者只是单纯的身份验证,但使用预定操作来验证身份,其本身是可以为操作者提供程序的功能的服务的,另外,其没有明显的程序的间断性。Of course, if necessary, the owner of the device can artificially develop a unique operating habit based on the needs of information security, and then trigger a qualification for the core event for a new type of authentication. This new authentication is different from existing password or fingerprint authentication. The latter is purely authentication, but uses a predetermined operation to verify identity. It is itself a service that can provide the operator with the functions of the program. In addition, it There is no obvious discontinuity in the procedure.
S5:执行核心事件;经过一系列的判断,程序将执行核心事件,比如展示第3标签菜单界面下面的各种信息。S5: Execute the core event; after a series of judgments, the program will execute the core event, such as displaying various information under the third tab menu interface.
S6:生成伪装界面,提供伪装信息。生成伪装界面的意义在于,将整个 操作都按隐式的操作来执行,不会向正在使用的人提供任何关于身份验证通过或不通过的提示或者信息。伪装界面或者伪装信息的提供是现有技术,这点在前文的背景技术里已经提到,但现有技术中,对于伪装界面的启动或者触发非常不科学,一是不分前提,只要是启动了某程序就直接生成伪装界面需要解密后再使用,这会给使用者带来非常大的不便;第二种,人为的触发伪装界面,但这种设计也无法有效的保护个人信息。可见,S6中生成伪装界面是有前提的,并不是盲目的启动程序就生成伪装界面,也不是手动切换,而是在程序的使用过程中,不着痕迹的提出身份的验证,然后再生成伪装界面,一般他人很难在正常使用程序时发现自己被设备识别出不是设备的拥有者,而且在隐式身份验证时,验证之后随之也生成了伪装界面,从而被伪装界面迷惑。S6: Generate a camouflage interface to provide camouflage information. The significance of generating a camouflage interface is that it will be the whole The operations are performed in an implicit manner, and no prompts or information about the pass or fail of authentication are provided to the person in use. The provision of camouflage interface or camouflage information is prior art, which has been mentioned in the prior art, but in the prior art, the startup or triggering of the camouflage interface is very unscientific, and the first is as long as it is started. A program directly generates a camouflage interface that needs to be decrypted and then used, which will cause great inconvenience to the user. Second, artificially trigger the camouflage interface, but this design can not effectively protect personal information. It can be seen that the generation of the camouflage interface in S6 has a premise. It is not a blind startup program to generate a camouflage interface, nor is it a manual switch. Instead, in the process of using the program, the identity verification is performed without traces, and then the camouflage interface is generated. It is difficult for others to find that they are not the owner of the device when they use the program normally. In the case of implicit authentication, the camouflage interface is also generated after the verification, which is confused by the camouflage interface.
可选的是,执行所述核心事件能够获得需要保护的信息,预定操作事件为该程序中除核心事件外的任意执行其他功能。可选的是,执行所述核心事件能够获得需要保护的信息,预定操作事件为该程序中除核心事件外的任意执行其他功能的组合。Optionally, executing the core event can obtain information that needs to be protected, and the predetermined operation event is any other function in the program except the core event. Optionally, executing the core event can obtain information that needs to be protected, and the predetermined operation event is a combination of any other function in the program except the core event.
S7:结束S7: End
如图3所示,所述步骤S6包括:As shown in FIG. 3, the step S6 includes:
S601:根据核心事件来生成第一伪装界面,并提供伪装信息;S601: Generate a first camouflage interface according to the core event, and provide camouflage information;
S602:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行S5;如果否,执行S603;S602: determining whether a second predetermined operation event occurs on the first masquerading interface, if yes, executing S5; if not, executing S603;
S603:生成第二伪装界面;S603: Generate a second camouflage interface.
所述的第二预定操作事件对应于核心事件的功能操作。The second predetermined operational event corresponds to a functional operation of the core event.
可选的是,可以根据操作人员在第一伪装界面上的操作进一步进行隐式的身份验证。现有技术中并没有将隐式身份验证和伪装界面连用的技术,发明人在实际的操作中发现,这种隐式的的身份验证太具有迷惑性,有时连真正的设备拥有人在误操作的情况下,也会被生成的第一伪装界面所迷惑。总结起来,还是因为隐式的身份验证与用户之间没有互动,是一种单向的信息传送的过程。为了消除这种因为误操作而引起的误激活第一伪装界面,该方 法进一步包括对比在第一伪装界面的环境下,其操作是否与第二预定操作事件相匹配,如果是的话,可以被认为在核心操作之前的操作虽然不能与第一预定操作事件相符合,但仅是一种误操作。因此,可以执行S5,执行核心事件。但如果在第二次的隐式身份验证中再次失败,系统会生成第二伪装界面,来提供虚假的信息。Optionally, the implicit authentication can be further performed according to the operation of the operator on the first camouflage interface. In the prior art, there is no technology for using implicit authentication and camouflage interfaces. The inventor found in actual operation that such implicit authentication is too confusing, sometimes even the real device owner is mishandling. In the case, it will be confused by the generated first camouflage interface. To sum up, it is because there is no interaction between the implicit authentication and the user, which is a one-way process of information transmission. In order to eliminate this misuse of the first camouflage interface caused by misoperation, the party The method further includes comparing whether the operation in the environment of the first camouflage interface matches the second predetermined operational event, and if so, the operation before the core operation can be considered as not consistent with the first predetermined operational event, but It's just a misuse. Therefore, S5 can be executed to execute the core event. However, if it fails again in the second implicit authentication, the system will generate a second masquerading interface to provide false information.
比如在在线学习程序找开的情况下,如果把手机借给朋友,让他看一眼图6中的“课程信息2”,但朋友不小心碰了一下“第3标签菜单界面”,结果看到了他的个人信息2,这种情况时有发生但没有办法保护个人信息。但根据S601-603来判断,首先设备的拥有者将“第3标签菜单界面”设为核心事件,那么在手机借给朋友时,朋友触发“第2标签菜单界面”是完全可以正常使用的,但一旦朋友点击了“第3标签菜单界面”,由于没有事先执行预定操作,所以点击“第3标签菜单界面”就会生成虚假的第一伪装界面,这时他的朋友并不能知晓这个是伪装的页面,所有的验证都是在隐式的验证方式下进行的。For example, if the online learning program is found, if you lend the mobile phone to a friend, let him take a look at the "course information 2" in Figure 6, but the friend accidentally touched the "third label menu interface", and the result is seen. His personal information 2, this happens from time to time but there is no way to protect personal information. However, according to S601-603, first, the owner of the device sets the "third tab menu interface" as the core event, and when the mobile phone lends to the friend, the friend triggers the "second tab menu interface" to be fully usable. However, once a friend clicks on the "3rd tab menu interface", since the predetermined operation is not performed in advance, clicking the "3rd tab menu interface" will generate a false first camouflage interface, when his friend does not know that this is camouflage. The page, all validations are performed in an implicit verification mode.
但正如前文所述,如果是投备的拥有人自己误操作导致成了第一伪装界面,其本人也难于发现,但这并不影响正常的使用,其本人只需要按照在核心事件的界面上的习惯在第一伪装界面操作相应功能,还是能够在S5中切换回真实的核心事件。这就消除了隐式身份验证的易出现误操作的问题。因此,只需要按核心操作的界面来设计第一伪装界面,并核对使用者在第一伪装界面上的操作即可。However, as mentioned above, if the owner of the investment himself becomes the first camouflage interface by mistake, it is difficult for him to discover, but this does not affect the normal use. He only needs to follow the interface at the core event. The habit of operating the corresponding function in the first camouflage interface, or being able to switch back to the real core event in S5. This eliminates the problem of misuse of implicit authentication. Therefore, it is only necessary to design the first camouflage interface according to the interface of the core operation, and check the operation of the user on the first camouflage interface.
如图4所示,可选的是,所述步骤S6包括:As shown in FIG. 4, optionally, the step S6 includes:
S601’:根据核心事件来生成第一伪装界面,并提供伪装信息;S601': generating a first camouflage interface according to the core event, and providing camouflage information;
S602’:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行604’;如果否,执行S603’:S602': determining whether a second predetermined operation event occurs on the first masquerading interface, and if so, executing 604'; if not, executing S603':
S603’:生成第二伪装界面;S603': generating a second camouflage interface;
S604’:退出第一伪装界面,执行S3。S604': Exit the first camouflage interface and execute S3.
这种情况下,如果在第二预定操作事件的隐式验证中获得通过,进而返回至S3,重新的对第一预定操作事件进行操作。这进一步的加强了验证的效果,但不足是,这种不符合常理的转跳实质是一种提醒,提醒设备的使用人 员,程序并没有按照一贯的流程运行。不过,本申请的发明构思主要体现在第一预定操作事件——第一伪装界面——第二预定操作事件的联用,这种完全隐式的身份验证使得所有的验证行为都在使用者不知情的情况下进行。In this case, if the pass is obtained in the implicit verification of the second predetermined operation event, and then returns to S3, the first predetermined operation event is re-operated. This further enhances the effectiveness of the verification, but the disadvantage is that this non-conformity of the jump is a reminder to remind the user of the device The program did not follow the usual process. However, the inventive concept of the present application is mainly embodied by a combination of a first predetermined operational event, a first masquerading interface, and a second predetermined operational event, such that the completely implicit authentication allows all verification actions to be unknown to the user. In the case of love.
一种防止个人信息泄露的设备,包括:A device that prevents disclosure of personal information, including:
第一接收模块,用于接收用户启动程序指令;a first receiving module, configured to receive a user startup program instruction;
第二接收模块,用于接收用户触发核心事件指令,第一判断模块,用于判断核心事件是否被触发,第二判断模块,用于判断触发核心事件之前发生的操作与行为库中预先存储的第一预定操作事件是否匹配;a second receiving module, configured to receive a user trigger core event instruction, a first determining module, configured to determine whether a core event is triggered, and a second determining module, configured to determine an operation and a pre-stored in the behavior library before the triggering of the core event Whether the first predetermined operational event matches;
存储介质,用于存储行为库。Storage medium for storing behavior libraries.
优选的是,还包括:第三判断模块,用于判断在第一伪装界面上是否发生第二预定操作事件。Preferably, the method further includes: a third determining module, configured to determine whether a second predetermined operation event occurs on the first camouflage interface.
可选的是,还包括显示模块,用于在第二判断模块身份验证为否时,向操作者反馈第一虚假界面。Optionally, the method further includes: displaying, by the display module, the first fake interface to the operator when the second determining module is authenticated.
可选的是,根据核心事件界面来生成第一虚假界面。Optionally, the first fake interface is generated according to the core event interface.
也可以将方法应用于金融软件领域,某用户使用支付宝时,将“我的”列为核心事件,其将先点击查看“余额宝”再点击“记账本”作为预定事件,这样每次他想了解“我的”内的余额信息、银行卡信息等时,先习惯性的看“余额宝”和记账本”,随后点击“我的”,可以顺利打开“我的”;如果是其他人使用这个设备,其可以使用“余额宝”、“记账本”及其他功能,但点击“我的”时,因为没有第一预定事件的前提,系统会依据“我的”的界面来生成第一伪装界面。You can also apply the method to the field of financial software. When a user uses Alipay, he lists “My” as a core event. He will first click on “Yuebao” and then click “Billbook” as the scheduled event, so that every time he If you want to know the balance information, bank card information, etc. in "My", you should first read "Yuebao" and the bookkeeping book, then click "My" to open "My" smoothly; if it is other People use this device, they can use "Yuebao", "bookkeeping" and other functions, but when you click "My", because there is no pre-requisite for the first scheduled event, the system will generate according to the "My" interface. The first camouflage interface.
但如果是该用户误操作生成了第一伪装界面,只需要在第一伪装界面上按预定的操作来执行“我的”相应的功能,即第二预定事件,就可以重新切换到核心事件或者重新进行第一预定事件的验证。However, if the user erroneously operates to generate the first masquerading interface, it is only necessary to perform the "my" corresponding function on the first masquerading interface, that is, the second predetermined event, and then can switch back to the core event or The verification of the first predetermined event is resumed.
硬件设备及实适环境Hardware equipment and practical environment
在上述各实例中,设备的用户执行触摸手势来选择确定。用户可通过触摸手势或基于动作的手势指引设备来触发核心事件。例如,用户轻按并按下应用程序图标的功能按钮,本领域技术人员将会理解这些只是示例性手势, 可使用其他手势执行相同功能。不同触摸手势(例如,单次轻按、两次轻按、单次轻按、轻按并按下(即,按压)、拖拽、捏合、拉伸按压、旋转等)可相互交换来提供类似功能。不同于旋转计算设备,设备可在一表面上面朝下或面朝上放置,设备可被翻转,或者任何其他基于动作的手势可通过计算设备的一个或多个方位/运动检测部件,诸如陀螺仪和加速度计检测到。In each of the above examples, the user of the device performs a touch gesture to select the determination. The user can trigger the core event by a touch gesture or an action-based gesture to direct the device. For example, a user taps and presses a function button of an application icon, and those skilled in the art will understand that these are merely exemplary gestures. Other gestures can be used to perform the same function. Different touch gestures (eg, single tap, two taps, single tap, tap and press (ie, press), drag, pinch, stretch press, rotate, etc.) can be exchanged to provide similar Features. Unlike a rotating computing device, the device can be placed face down or face up on a surface, the device can be flipped, or any other motion-based gesture can be passed through one or more orientation/motion detection components of the computing device, such as a gyroscope And accelerometer detected.
在许多上述实例中,不仅局限于触摸屏式的智能计算设备。本领域的普通技术人员也将认识到,对于在具有光标和光标控制器或其他输入机制的设备上执行的其他实施例,可使用光标控制器或其他输入设备来与在这些实例中所示出的控件进行交互。不同于按压应用程序图标的操作方式,这类设备可允许用户结合光标控制器来使用键盘。这些均为成熟的现有技术。In many of the above examples, it is not limited to touch screen type smart computing devices. One of ordinary skill in the art will also recognize that other embodiments for performing on a device having a cursor and cursor controller or other input mechanism may use a cursor controller or other input device to be shown in these examples. The controls interact. Unlike the way in which the application icons are pressed, such devices may allow the user to use the keyboard in conjunction with the cursor controller. These are all mature prior art.
上文所述应用程序被实施为指定在计算机可读存储介质(又称为计算机可读介质)上记录的一组指令的程序。在这些指令由一个或多个计算或处理单元(例如,一个或多个处理器、处理器的内核或者其他处理单元)执行时,这些指令使得一个或多个处理单元能够执行指令中所指示的动作。计算机可读介质的实例包括但不限于CD-ROM、闪存驱动器、随机存取存储器(RAM)芯片、硬盘驱动器、可擦可编程只读存储器(EPROM)、电可擦可编程只读存储器(EEPROM)等。计算机可读介质不包括无线地传送或通过有线连接的载波和电信号。The application described above is implemented as a program that specifies a set of instructions recorded on a computer readable storage medium (also referred to as a computer readable medium). When the instructions are executed by one or more computing or processing units (eg, one or more processors, a processor's core, or other processing unit), the instructions enable one or more processing units to perform the action. Examples of computer readable media include, but are not limited to, CD-ROMs, flash drives, random access memory (RAM) chips, hard disk drives, erasable programmable read only memory (EPROM), electrically erasable programmable read only memory (EEPROM) )Wait. The computer readable medium does not include carrier and electrical signals that are transmitted wirelessly or through a wired connection.
在本说明书中,术语“程序”意在包括驻留在只读存储器中的固件或者存储在磁性存储设备中的应用程序,所述固件或应用程序可被读取到存储器中以用于由处理器进行处理。此外,在一些实施例中,可在保留不同的程序发明的同时将多个程序发明实现为更大程序的子部分。在一些实施例中,还可将多个程序发明实施为独立程序。In the present specification, the term "program" is intended to include firmware residing in a read-only memory or an application stored in a magnetic storage device, which can be read into a memory for processing by Processing. Moreover, in some embodiments, multiple program inventions can be implemented as sub-portions of larger programs while preserving different program inventions. In some embodiments, multiple program inventions may also be implemented as separate programs.
本说明书中的设备作为实例包括智能电话、平板电脑、膝上型电脑等。移动计算设备包括一个或多个处理单元、存储器接口和外围设备接口。The devices in this specification include, by way of example, a smart phone, a tablet, a laptop, and the like. The mobile computing device includes one or more processing units, a memory interface, and a peripheral device interface.
外围设备接口耦接到各种传感器和子系统,所述子系统包括摄像机子系统、一个或多个无线通信子系统、音频子系统、输入/输出(I/O)子系统等。外围设备接口能够实现处理单元与各种外围设备之间的通信。例如,取向传感 器(例如,陀螺仪)和加速度传感器(例如,加速度计)耦接到外围设备接口,以便促进取向和加速功能。The peripheral device interface is coupled to various sensors and subsystems including a camera subsystem, one or more wireless communication subsystems, an audio subsystem, an input/output (I/O) subsystem, and the like. The peripheral device interface enables communication between the processing unit and various peripheral devices. For example, orientation sensing A device (eg, a gyroscope) and an acceleration sensor (eg, an accelerometer) are coupled to the peripheral device interface to facilitate orientation and acceleration functions.
相机子系统耦接到一个或多个光学传感器(例如,电荷耦合设备(CCD)光学传感器、互补金属氧化物半导体(CMOS)光学传感器等)。与光学传感器耦接的相机子系统促进相机功能,诸如图像和/或视频数据捕获。无线通信子系统用于有利于通信功能。在一些实施例中,无线通信子系统包括射频接收器和发射器,以及光学接收器和发射器。一些实施例的这些接收器和发射器被实现为工作于一个或多个通信网络上,所述通信网络诸如是GSM网络、Wi-Fi网络、蓝牙网络等。音频子系统耦接到扬声器以输出音频。另外,音频子系统耦接到麦克风以促进支持语音-的功能诸如语音识别、数字记录等。The camera subsystem is coupled to one or more optical sensors (eg, charge coupled device (CCD) optical sensors, complementary metal oxide semiconductor (CMOS) optical sensors, etc.). A camera subsystem coupled to the optical sensor facilitates camera functions, such as image and/or video data capture. The wireless communication subsystem is used to facilitate communication functions. In some embodiments, the wireless communication subsystem includes a radio frequency receiver and transmitter, and an optical receiver and transmitter. These receivers and transmitters of some embodiments are implemented to operate on one or more communication networks, such as a GSM network, a Wi-Fi network, a Bluetooth network, and the like. The audio subsystem is coupled to the speaker to output audio. Additionally, the audio subsystem is coupled to a microphone to facilitate voice-enabled functions such as voice recognition, digital recording, and the like.
I/O子系统涉及输入/输出外围设备(诸如显示器、触摸屏等)和处理单元的数据总线之间通过外围设备接口的传输。输入/输出子系统包括触摸屏控制器和其他输入控制器以有利于输入/输出外围设备和处理单元的数据总线之间的传输。如图所示,触摸屏控制器耦接至触摸屏。触摸-屏控制器使用任何多点触感技术来检测触摸屏上的接触和移动。其他输入控制器耦接至其他输入/控制设备,诸如一个或多个按钮。一些实施例包括旁近触感屏和对应控制器,该对应控制器可检测替代触摸交互或除触摸交互之外的接近触摸交互。The I/O subsystem involves the transfer of input/output peripherals (such as displays, touch screens, etc.) and the processing unit's data bus through a peripheral interface. The input/output subsystem includes a touch screen controller and other input controllers to facilitate transfer between the input/output peripherals and the data bus of the processing unit. As shown, the touch screen controller is coupled to the touch screen. The touch-screen controller uses any multi-touch technology to detect contact and movement on the touch screen. Other input controllers are coupled to other input/control devices, such as one or more buttons. Some embodiments include a proximity touch screen and a corresponding controller that can detect an alternate touch interaction or a proximity touch interaction other than a touch interaction.
存储器接口耦接至存储器。在一些实施例中,存储器包括易失性存储器(例如,高-速随机存取存储器)、非易失性存储器(例如,闪存存储器)、易失性存储器和非易失性存储器的组合和/或任何其他类型的存储器。存储器存储操作系统(OS)。OS包括用于处理基础系统服务和用于执行硬件相关任务的指令。The memory interface is coupled to the memory. In some embodiments, the memory includes a combination of volatile memory (eg, high-speed random access memory), non-volatile memory (eg, flash memory), volatile memory, and non-volatile memory and/or Or any other type of memory. The memory stores an operating system (OS). The OS includes instructions for processing basic system services and for performing hardware related tasks.
存储器还包括:促进与一个或多个附加设备通信的通信指令;促进图形用户界面处理的图形用户界面指令;促进图像相关的处理和功能的图像处理指令;促进输入相关(例如,触摸输入)的过程和功能的输入处理指令;促进音频-相关的过程和功能的音频处理指令;以及促进相机相关的过程和功能的相机指令。上述指令仅是示例性的,并且在一些实施例中,存储器包括附加的和/或其他指令。例如,用于智能电话的存储器可包括促进电话相关的过程和功能的电话指令。以上所识别的指令不需要作为独立的程序程序或模块来 实施。可在硬件和/或程序中,包括在一个或多个信号处理和/或专用集成电路中来实现移动计算设备的各种功能。The memory also includes: communication instructions to facilitate communication with one or more additional devices; graphical user interface instructions to facilitate graphical user interface processing; image processing instructions to facilitate image related processing and functions; facilitate input related (eg, touch input) Process and function input processing instructions; audio processing instructions that facilitate audio-related processes and functions; and camera instructions that facilitate camera-related processes and functions. The above instructions are merely exemplary, and in some embodiments, the memory includes additional and/or other instructions. For example, a memory for a smart phone can include phone instructions that facilitate phone related processes and functions. The above identified instructions do not need to be used as separate programs or modules. Implementation. The various functions of the mobile computing device can be implemented in hardware and/or a program, including in one or more signal processing and/or application specific integrated circuits.
虽然例示的组件被示出为独立的组件,但是本领域的普通技术人员将认识到,可将两个或更多个组件集成到一个或多个集成电路中。另外,两个或更多个组件可由一条或多条通信总线或信号线来耦接在一起。另外,虽然已将许多功能描述为由一个组件执行,但是本领域的技术人员将认识到,可将相对于上述的功能拆分到两个或更多个集成电路中。While the illustrated components are shown as separate components, one of ordinary skill in the art will recognize that two or more components can be integrated into one or more integrated circuits. Additionally, two or more components may be coupled together by one or more communication buses or signal lines. Additionally, while a number of functions have been described as being performed by one component, those skilled in the art will recognize that the functionality described above can be split into two or more integrated circuits.
实现本发明的一些实施例是利用了电子系统,电子系统可为计算机(例如,台式计算机、个人计算机、平板电脑等)、电话、PDA或任何其他种类的电子或计算设备。此类电子系统包括各种类型的计算机可读介质以及用于各种其他类型的计算机可读介质的接口。电子系统包括总线、处理单元、图形处理单元(GPU)、系统存储器、网络、只读存储器、永久性存储设备、输入设备以及输出设备。Some embodiments embodying the present invention utilize an electronic system that can be a computer (eg, a desktop computer, a personal computer, a tablet, etc.), a telephone, a PDA, or any other kind of electronic or computing device. Such electronic systems include various types of computer readable media and interfaces for various other types of computer readable media. Electronic systems include buses, processing units, graphics processing units (GPUs), system memories, networks, read-only memories, persistent storage devices, input devices, and output devices.
总线总体表示在通信上连接电子系统6800的许多内部设备的所有系统、外围设备、以及芯片组总线。例如,总线可通信地将一个或多个处理单元与只读存储器、GPU、系统存储器以及永久性存储设备连接。The bus generally represents all of the systems, peripherals, and chipset buses that are communicatively coupled to many of the internal devices of electronic system 6800. For example, the bus can communicatively connect one or more processing units to read only memory, GPUs, system memory, and persistent storage devices.
处理单元从这些各种存储器单元检索要执行的指令和要处理的数据,以便执行本发明的过程。在不同实施例中,一个或多个处理单元可为单个处理器或者多核处理器。一些指令被传送至GPU并且由该GPU执行。GPU可卸载各种计算指令,或补充由处理单元提供的图像处理。The processing unit retrieves the instructions to be executed and the data to be processed from these various memory units in order to perform the processes of the present invention. In various embodiments, one or more of the processing units can be a single processor or a multi-core processor. Some instructions are passed to and executed by the GPU. The GPU can offload various computing instructions or supplement the image processing provided by the processing unit.
只读存储器(ROM)存储一个或多个处理单元以及电子系统的其他模块所需的静态数据和指令。另一方面,永久性存储设备是读写存储器设备。该设备是即使在电子系统A read only memory (ROM) stores static data and instructions required by one or more processing units and other modules of the electronic system. Permanent storage devices, on the other hand, are read and write memory devices. The device is even in an electronic system
关闭时也存储指令和数据的非易失性存储器单元。本发明的一些实施例将海量存储设备(诸如磁盘或光盘及其对应的硬盘驱动器)用作永久性存储设备。Non-volatile memory locations that store instructions and data when closed. Some embodiments of the present invention use mass storage devices, such as magnetic or optical disks and their corresponding hard drives, as permanent storage devices.
如本说明书以及本专利申请的任何权利要求所用,术语“计算机”、“服务器”、“处理器”及“存储器”均是指电子或其他技术设备。这些术语排除人或者 人的群组。出于本说明书的目的,术语显示或正在显示意指在电子设备上显示。如在本专利申请的本说明书以及任何权利要求中所使用的,术语“计算机可读介质”以及“机器可读介质”完全限于以可由计算机读取的形式存储信息的可触摸的物理对象。这些术语不包括任何无线信号、有线下载信号以及任何其他短暂信号。As used in this specification and any claims of this patent application, the terms "computer," "server," "processor," and "memory" mean electronic or other technical device. These terms exclude people or Group of people. For the purposes of this specification, the term display or display is meant to be displayed on an electronic device. As used in this specification and any claims of this patent application, the terms "computer readable medium" and "machine readable medium" are fully limited to tangible physical objects that store information in a form readable by a computer. These terms do not include any wireless signals, cable download signals, and any other ephemeral signals.
以上介绍了本发明的较佳实施方式,旨在使得本发明的精神更加清楚和便于理解,并不是为了限制本发明,凡在本发明的精神和原则之内,所做的更新、替换、改进,均应包含在本发明所附的权利要求概况的保护范围之内。The preferred embodiments of the present invention have been described above, and are intended to provide a further understanding of the embodiments of the present invention. It is intended to be included within the scope of the appended claims.
工业实用性Industrial applicability
本发明的防止个人信息泄露的方法并没有在启动程序时进行身份验证,而是选择在核心事件被触发后才进行判断是否执行核心事件,取消了每次启动程序都对身份进行验证提高了用户的体验,另一方面,程序的身份验证成功不代表在共享设备、使用过程中的借出设备时就不发生个人信息的泄露,因此,在触发核心事件时的一系列判断才能有效的对个人信息泄露进行监控和拦截。 The method for preventing personal information leakage of the present invention does not perform identity verification when the program is started, but selects whether to perform core events after the core event is triggered, and cancels the authentication of the identity every time the startup program is performed. The experience, on the other hand, the successful authentication of the program does not mean that the personal information is not leaked when the device is shared and used during the use of the device. Therefore, a series of judgments when triggering the core event can be effective for the individual. Information disclosure is monitored and intercepted.

Claims (10)

  1. 一种防止个人信息泄露的方法,其特征在于,包括:A method for preventing leakage of personal information, comprising:
    S1:开始;S1: Start;
    S2:启动程序;S2: start the program;
    S3:判断是否有核心事件被触发,若是,进入S4;S3: determining whether a core event is triggered, and if so, entering S4;
    S4:判断触发核心事件之前发生的操作与行为库中预先存储的第一预定操作事件是否匹配,如果是,进入S5,如果否进入S6;S4: determining whether the operation occurring before the triggering of the core event matches the first predetermined operation event pre-stored in the behavior library, if yes, entering S5, if not entering S6;
    S5:执行核心事件;S5: Execution of core events;
    S6:生成伪装界面,提供伪装信息;S6: generating a camouflage interface to provide camouflage information;
    S7:结束。S7: End.
  2. 根据权利要求1的所述方法,其特征在于,所述步骤S6具体包括:The method according to claim 1, wherein the step S6 specifically comprises:
    S601:根据核心事件的界面来生成第一伪装界面,并提供伪装信息;S601: Generate a first camouflage interface according to an interface of the core event, and provide camouflage information;
    S602:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行S5;如果否,执行S603;S602: determining whether a second predetermined operation event occurs on the first masquerading interface, if yes, executing S5; if not, executing S603;
    S603:生成第二伪装界面;S603: Generate a second camouflage interface.
    所述的第二预定操作事件对应于核心事件的功能操作。The second predetermined operational event corresponds to a functional operation of the core event.
  3. 根据权利要求1的所述方法,其特征在于,所述步骤S6具体包括:The method according to claim 1, wherein the step S6 specifically comprises:
    S601’:根据核心事件的界面来生成第一伪装界面,并提供伪装信息;S601': generating a first camouflage interface according to an interface of the core event, and providing camouflage information;
    S602’:判断在第一伪装界面上是否发生第二预定操作事件,如果是,执行604’;如果否,执行S603’:S602': determining whether a second predetermined operation event occurs on the first masquerading interface, and if so, executing 604'; if not, executing S603':
    S603’:生成第二伪装界面;S603': generating a second camouflage interface;
    S604’:退出第一伪装界面,执行S3;S604': exiting the first camouflage interface, executing S3;
    所述的第二预定操作事件对应于核心事件的功能操作。The second predetermined operational event corresponds to a functional operation of the core event.
  4. 根据权利要求1的所述方法,其特征在于,执行所述核心事件能够获得需要保护的信息,所述的预先存储的第一预定操作事件是该程序所具有的实际功能的操作。The method of claim 1 wherein performing said core event enables obtaining information requiring protection, said pre-stored first predetermined operational event being an operation of an actual function of the program.
  5. 根据权利要求1的所述方法,其特征在于,执行所述核心事件能够获得需要保护的信息,所述的预先存储的第一预定操作事件是该程序所具有的实际功能的操作的组合。The method of claim 1 wherein performing said core event enables obtaining information requiring protection, said pre-stored first predetermined operational event being a combination of operations of actual functions possessed by the program.
  6. 一种防止个人信息泄露的设备,其特征在于,包括: A device for preventing leakage of personal information, comprising:
    第一接收模块,用于接收用户启动程序指令;a first receiving module, configured to receive a user startup program instruction;
    第二接收模块,用于接收用户触发核心事件指令,第一判断模块,用于判断核心事件是否被触发,第二判断模块,用于判断触发核心事件之前发生的操作与行为库中预先存储的第一预定操作事件是否匹配;a second receiving module, configured to receive a user trigger core event instruction, a first determining module, configured to determine whether a core event is triggered, and a second determining module, configured to determine an operation and a pre-stored in the behavior library before the triggering of the core event Whether the first predetermined operational event matches;
    存储介质,用于存储行为库。Storage medium for storing behavior libraries.
  7. 根据权利要求6的所述设备,其特征在于,还包括:The device of claim 6 further comprising:
    第三判断模块,用于判断在第一伪装界面上是否发生第二预定操作事件。The third determining module is configured to determine whether a second predetermined operation event occurs on the first camouflage interface.
  8. 根据权利要求6的所述设备,其特征在于,还包括:显示模块,用于在第二判断模块的身份验证为否时,向操作者反馈第一虚假界面。The device according to claim 6, further comprising: a display module, configured to feed back a first fake interface to the operator when the identity verification of the second determining module is negative.
  9. 根据权利要求8的所述设备,其特征在于,还包括:显示模块根据核心事件的界面来生成第一虚假界面。The device according to claim 8, further comprising: the display module generating the first fake interface according to the interface of the core event.
  10. 根据权利要求9的所述设备,其特征在于,还包括:显示模块,还用于在第三判断模块身份验证为否时,向操作者反馈第二虚假界面。 The device according to claim 9, further comprising: a display module, configured to: when the third judging module is authenticated to be no, to feed back the second spurious interface to the operator.
PCT/CN2017/114406 2017-11-17 2017-12-04 Method and apparatus for preventing personal information leakage WO2019095449A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201711141994.9 2017-11-17
CN201711141994.9A CN109800548B (en) 2017-11-17 2017-11-17 Method and device for preventing personal information from being leaked

Publications (1)

Publication Number Publication Date
WO2019095449A1 true WO2019095449A1 (en) 2019-05-23

Family

ID=66539998

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/114406 WO2019095449A1 (en) 2017-11-17 2017-12-04 Method and apparatus for preventing personal information leakage

Country Status (2)

Country Link
CN (1) CN109800548B (en)
WO (1) WO2019095449A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111917718B (en) * 2020-06-24 2023-04-07 武汉绿色网络信息服务有限责任公司 Personal information leakage monitoring method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103870098A (en) * 2012-12-13 2014-06-18 腾讯科技(深圳)有限公司 Interface display control method and device and mobile terminal
US9015849B1 (en) * 2008-09-16 2015-04-21 Symantec Corporation Method and apparatus for preventing data leakage of e-discovery data items
CN104580674A (en) * 2013-10-25 2015-04-29 西安群丰电子信息科技有限公司 Method for protecting mobile phone information security

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9589149B2 (en) * 2012-11-30 2017-03-07 Microsoft Technology Licensing, Llc Combining personalization and privacy locally on devices
CN103391367A (en) * 2013-07-19 2013-11-13 蓝盾信息安全技术股份有限公司 Data anti-theft method in case of mobile phone loss
CN104580091B (en) * 2013-10-21 2019-11-08 深圳市腾讯计算机系统有限公司 A kind of auth method, device, system and storage medium
CN103824004A (en) * 2014-02-26 2014-05-28 可牛网络技术(北京)有限公司 Application program protection method and device
CN104320536B (en) * 2014-09-26 2016-06-15 来安县新元机电设备设计有限公司 A kind of method and system of secret protection
CN105678125B (en) * 2014-11-20 2019-02-19 阿里巴巴集团控股有限公司 A kind of user authen method, device
CN105956484B (en) * 2016-04-22 2019-04-02 广东小天才科技有限公司 A kind of safety interacting method and system of intelligent terminal
CN106384027A (en) * 2016-09-05 2017-02-08 四川长虹电器股份有限公司 User identity recognition system and recognition method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015849B1 (en) * 2008-09-16 2015-04-21 Symantec Corporation Method and apparatus for preventing data leakage of e-discovery data items
CN103870098A (en) * 2012-12-13 2014-06-18 腾讯科技(深圳)有限公司 Interface display control method and device and mobile terminal
CN104580674A (en) * 2013-10-25 2015-04-29 西安群丰电子信息科技有限公司 Method for protecting mobile phone information security

Also Published As

Publication number Publication date
CN109800548B (en) 2021-02-02
CN109800548A (en) 2019-05-24

Similar Documents

Publication Publication Date Title
US11928200B2 (en) Implementation of biometric authentication
AU2019250143B2 (en) User interface for managing access to credentials for use in an operation
US9286482B1 (en) Privacy control based on user recognition
CN105519038B (en) User input data protection method and system
WO2017219269A1 (en) Method and device for activating virtual card
Damopoulos et al. From keyloggers to touchloggers: Take the rough with the smooth
US20160226865A1 (en) Motion based authentication systems and methods
CN107223254B (en) Method, user device, and storage medium for hidden setting processing
CN110287694B (en) Application program management method, mobile terminal and storage medium
US9218474B1 (en) Enhanced biometric security measures
EP3271853A1 (en) Selectively providing personal information and access to functionality on lock screen based on biometric user authentication
Mohamed et al. Smashed: Sniffing and manipulating android sensor data for offensive purposes
WO2019127467A1 (en) Data access method and device
CN105760737A (en) Control method for applications and terminal
CN107862194B (en) A kind of method, device and mobile terminal of safety verification
US11176228B2 (en) Application interface display method, apparatus, and terminal, and storage medium
WO2020001385A1 (en) Electronic apparatus and application program control method
WO2021018169A1 (en) Privacy protection method for electronic device, and electronic device
US11475123B2 (en) Temporary removal of software programs to secure mobile device
CN105701420B (en) A kind of management method and terminal of user data
CN107767133A (en) Virtual card opens chucking method, apparatus and system, storage medium
CN110263515B (en) Opening method of encrypted application and terminal equipment
WO2019196655A1 (en) Mode switching method and apparatus, and computer-readable storage medium, and terminal
TW201826158A (en) Method, Device and Terminal for Displaying Data
WO2019095449A1 (en) Method and apparatus for preventing personal information leakage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17932151

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17932151

Country of ref document: EP

Kind code of ref document: A1