WO2020062192A1

WO2020062192A1 - Operation control method and electronic device

Info

Publication number: WO2020062192A1
Application number: PCT/CN2018/108898
Authority: WO
Inventors: 祁德春; 臧磊真; 张亮; 章迅; 鲁志军; 薛军; 朱海涛; 孟小珍
Original assignee: 华为技术有限公司
Priority date: 2018-09-29
Filing date: 2018-09-29
Publication date: 2020-04-02
Also published as: CN111566632B; CN111566632A

Abstract

Provided are an operation control method and an electronic device, relating to the technical field of electronics, capable of improving the security of user data, and increasing processing efficiency. The specific solution is: if the electronic device detects first request information that is used by a first application program to request execution of a first operation, the first operation being an operation used to modify a first data unit, denying, according to first parameter information corresponding to the first data unit, execution of the first operation, the first parameter information being used to represent a prohibition to modify the first data unit; and if the electronic device detects second request information that is used by a second application program to request execution of a second operation, the second operation being an operation used to remove a second data unit, denying, according to second parameter information corresponding to the second data unit, execution of the second operation, the second parameter information being used to represent a prohibition to remove the first data unit; wherein, a data unit is a file or a file folder. The present method is used to control an operation.

Description

Operation control method and electronic equipment

Technical field

The embodiments of the present application relate to the field of electronic technology, and in particular, to an operation control method and an electronic device.

Background technique

In order to facilitate study, work and life, users usually install a dozen or even dozens of applications on electronic devices such as mobile phones and iPads. These applications installed in electronic devices may inadvertently or even intentionally tamper with or delete user data on the phone. For example, some malicious software or rogue software may tamper or delete user photos or contact information, which seriously threatens users Privacy and security.

In this regard, the prior art provides a data protection solution, that is, the user achieves the purpose of protecting user data by setting a correspondence relationship between different application programs and deletion rights of the user data to be protected. For example, the user sets the correspondence between the application 1 and the deletion of the contact information, and sets the correspondence between the application 2 and the deletion of the contact information to improve the security of the contact information. In this solution, the user needs to set the corresponding relationship between each application and the operation authority of the user data to be protected, and the processing efficiency is low.

Summary of the Invention

The embodiments of the present application provide an operation control method and an electronic device, which can improve the security of user data to be protected and the processing efficiency in the operation control process.

To achieve the above purpose, the embodiments of the present application adopt the following technical solutions:

In a first aspect, the technical solution of the present application provides an operation control method. A correspondence relationship between a first data unit and first parameter information is stored on an electronic device. The data unit is a file or a folder, and the first parameter information is used to indicate that modification of the first data unit is prohibited. The electronic device also stores a correspondence between the second data unit and the second parameter information. The second parameter information is used to indicate that deletion of the second data unit is prohibited. In this way, if the electronic device detects the first request information used by the first application to request the first operation, and the first operation is an operation to modify the first data unit, the electronic device according to the first parameter information corresponding to the first data unit It is determined that the first operation is prohibited, and thus the execution of the first operation may be refused. If the electronic device detects the second request information used by the second application to request the second operation, and the second operation is an operation to delete the second data unit, the electronic device determines the first request information according to the second parameter information corresponding to the second data unit. The second operation is prohibited, so the second operation can be refused. In this way, the parameter information is used to indicate that the data unit is prohibited from being deleted, modified, or read by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

In a possible implementation manner, after the electronic device refuses to perform the first operation, the method further includes: if the first application is a specific application, indicating that the first application may be a secure application, and thus the electronic The device may prompt the user whether to authorize the first operation, and the electronic device performs the first operation after the electronic device detects the instructed operation of the user to authorize the first operation.

In another possible implementation manner, after the electronic device refuses to perform the first operation, the method further includes: if the first operation is an operation initiated by the user, it indicates that the user may indeed want to perform the first operation, so The electronic device may prompt the user whether to authorize the first operation, and after the electronic device detects the instructed operation of the user to authorize the first operation, the electronic device performs the first operation.

In another possible implementation manner, after the electronic device refuses to perform the second operation, the method further includes: if the second application is a specific application, indicating that the second application may be a secure application, and thus The electronic device may prompt the user whether to authorize the second operation. After the electronic device detects the user's instruction to authorize the second operation, the electronic device performs the second operation.

In another possible implementation manner, the method further includes: if the electronic device detects a third operation request that the third application uses to request the first operation, the electronic device according to the first parameter corresponding to the first data unit The information determines that the first operation is prohibited, and thus the electronic device refuses to perform the first operation.

In another possible implementation manner, the correspondence between the third data unit and the third parameter information is stored on the electronic device, and the third parameter information is used to indicate that reading of the third data unit is prohibited. If the electronic device detects the fourth request information used by the fourth application program to request the third operation, and the third operation is an operation of reading the third data unit, the electronic device according to the third parameter information corresponding to the third data unit, It is determined that the third operation is prohibited, and thus the electronic device refuses to perform the third operation.

In another possible implementation manner, when the electronic device detects an operation that the user adds the first data unit to the first partition, the electronic device saves the correspondence between the first data unit and the first parameter information and the second parameter information to indicate that The first data unit belongs to the first partition.

In another possible implementation manner, when the electronic device detects an operation that the user adds the second data unit to the second partition, the electronic device saves the correspondence between the second data unit and the second parameter information to indicate that the second data unit belongs to The second partition.

In another possible implementation manner, the electronic device saves the third data unit and the first parameter information, the second parameter information, and the third parameter information when detecting that the user adds the third data unit to the third partition. Correspondence relationship to indicate that the third data unit belongs to the third partition.

In another possible implementation manner, the method further includes: after the data unit in the first partition, the second partition, or the third partition is deleted, the electronic device saves a delete log, and the delete log is used to record the data in these partitions. The deletion time of the deleted data unit, the deletion subject, and the path of the deleted data unit. The deletion subject is an application that requests a deletion operation. In this way, the electronic device can track and record the deletion of the data unit in the second partition, so that relevant personnel and users can understand how the files and folders are deleted.

In another possible implementation manner, after the fourth data unit changes the partition, the electronic device saves the partition change log. The partition change log includes the time when the fourth data unit changes the partition, the path of the fourth data unit, and the time before the partition is changed. Location and location after changing partitions. In this way, relevant personnel and users can know the current security level of files and folders in real time.

Wherein, changing the fourth data unit includes changing the fourth data unit from one of the first, second, and third partitions to another of the first, second, and third partitions. Either the third data unit is changed from outside the partition to the first, the second, or the third partition, or the fourth data unit is changed from the first, the second, or the third partition to the outside of the partition.

In another possible implementation manner, the display status of files and folders in the partition may be different from the display status of files and folders outside the partition, so that the user can know whether the file or folder is in the partition. Whether it is an important document.

In another possible implementation manner, the display states of the data units in different partitions are different, so that users can distinguish files of different security levels. The display state includes one or any combination of a color of the data unit icon, a mark on the data unit icon, a shape of the data unit icon, or a transparency of the data unit icon.

In a second aspect, the technical solution of the present application provides an operation control method. A correspondence relationship between a first data unit and first parameter information is stored on an electronic device. The first data unit is a file or a folder, and the first parameter information is used to indicate that modification of the first data unit is prohibited. In this way, if the electronic device detects the first request information used by the first application to request the first operation, and the first operation is an operation to modify the first data unit, the electronic device according to the first parameter information corresponding to the first data unit It is determined that the first operation is prohibited, and thus the execution of the first operation may be refused. In this way, the parameter information is used to indicate that the data unit is prohibited from being modified by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

In a third aspect, the technical solution of the present application provides an operation control method. The electronic device stores a correspondence between the first data unit and the first parameter information. The first data unit is a file or a folder, and the first parameter information is used to indicate that deletion of the first data unit is prohibited. In this way, if the electronic device detects the first request information used by the first application to request the first operation, and the first operation is an operation to delete the first data unit, the electronic device according to the first parameter information corresponding to the first data unit It is determined that the first operation is prohibited, and thus the execution of the first operation may be refused. In this way, the parameter information is used to indicate that the data unit is prohibited from being deleted by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

In a fourth aspect, the technical solution of the present application provides an operation control method. The correspondence relationship between the first data unit and the first parameter information is stored on the electronic device. The first data unit is a file or a folder, and the first parameter information is used to indicate that reading of the first data unit is prohibited. In this way, if the electronic device detects the first request information used by the first application to request the first operation, and the first operation is an operation of reading the first data unit, the electronic device according to the first parameter corresponding to the first data unit The information determines that the first operation is prohibited, and thus the execution of the first operation may be refused. In this way, the parameter unit is used to indicate that the data unit is forbidden to be read by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

In a fifth aspect, the technical solution of the present application provides an operation control method, including: the electronic device detects that the user adds the first data unit to the first partition, and the electronic device detects that the user modifies the first data unit through the first application program For the first operation, the electronic device prompts the user that the first operation has been rejected, and the electronic device prompts the user whether to authorize the first operation.

Optionally, if the electronic device detects an authorized operation of the first operation by the user, the electronic device prompts the user that the first operation has been successfully performed.

In a possible implementation manner, the method further includes: the electronic device detects that the user modifies the second operation of the first data unit through the second application program, and the electronic device prompts the user that the second operation has been rejected.

In another possible implementation manner, the method further includes: the electronic device detects that the user adds the second data unit to the second partition; the electronic device detects that the user deletes the third of the second data unit through the third application program Operation; the electronic device prompts the user that the third operation has been rejected; the electronic device prompts the user whether to authorize the third operation; if the electronic device detects the user's authorized operation on the third operation, the electronic device prompts the user that the third operation has been successfully performed .

In another possible implementation manner, the method further includes: the electronic device detects that the user adds the third data unit to the third partition; the electronic device detects that the user reads the third data unit through the fourth application program. Four operations; the electronic device prompts the user that the fourth operation has been rejected; the electronic device prompts the user whether to authorize the fourth operation; if the electronic device detects the user's authorized operation on the fourth operation, the electronic device prompts the user that the fourth operation has succeeded carried out.

According to a sixth aspect, the technical solution of the present application provides an operation control method, including: the electronic device detects that the user adds the first data unit to the first partition; the electronic device detects that the user modifies or deletes the first data unit through the first application program; The first operation of the data unit; the electronic device prompts the user that the first operation has been rejected; the electronic device prompts the user whether to authorize the first operation.

In a seventh aspect, the technical solution of the present application provides an operation control method, including: the electronic device detects that the user adds the first data unit to the second partition; the electronic device detects that the user deletes the first data unit through the first application program The electronic device prompts the user that the first operation has been rejected; the electronic device prompts the user whether to authorize the first operation.

In an eighth aspect, the technical solution of the present application provides an operation control method, including: the electronic device detects that the user adds the first data unit to the third partition; the electronic device detects that the user modifies, deletes, or reads through the first application program Take the first operation of the first data unit; the electronic device prompts the user that the first operation has been rejected; the electronic device prompts the user whether to authorize the first operation.

In a ninth aspect, the technical solution of the present application provides an operation control device, which is included in an electronic device, and the device has a function of implementing the behavior of the electronic device in the first to eighth aspects and possible implementation manners. This function can be realized by hardware, and can also be implemented by hardware executing corresponding software. The hardware or software includes one or more modules or units corresponding to the above functions. For example, a save module or unit, a detection module or unit, a processing module or unit, a prompt module or unit, and so on.

In a tenth aspect, the technical solution of the present application provides an electronic device including one or more processors and one or more memories. The one or more memories are coupled to one or more processors. The one or more memories are used to store computer program code. The computer program code includes computer instructions. When the one or more processors execute the computer instructions, the electronic device executes the instructions. The operation control method in any possible implementation of the foregoing first to eighth aspects.

According to an eleventh aspect, the technical solution of the present application provides a computer storage medium including computer instructions, and when the computer instructions are run on the electronic device, the electronic device is caused to execute any one of the foregoing first to eighth possible implementations. Operation control method.

In a twelfth aspect, the technical solution of the present application provides a computer program product. When the computer program product runs on a computer, the computer is caused to execute the operation control method in any one of the possible implementations of the first aspect to the eighth aspect.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram of a group of interfaces according to an embodiment of the present application;

2 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present application;

3 is a schematic diagram of a software structure of an electronic device according to an embodiment of the present application;

FIG. 4 is a schematic interface diagram according to an embodiment of the present application; FIG.

5 is a flowchart of a method according to an embodiment of the present application;

FIG. 6 is a schematic diagram of another group of interfaces according to an embodiment of the present application; FIG.

7 is a schematic diagram of another interface according to an embodiment of the present application;

FIG. 8 is a schematic diagram of another group of interfaces according to an embodiment of the present application; FIG.

FIG. 9 is a schematic diagram of another group of interfaces according to an embodiment of the present application; FIG.

FIG. 10 is a flowchart of another method according to an embodiment of the present application; FIG.

11 is a flowchart of another method according to an embodiment of the present application;

FIG. 12 is a schematic diagram of another group of interfaces according to an embodiment of the present application; FIG.

13 is a schematic diagram of another interface according to an embodiment of the present application;

14 is a flowchart of another method according to an embodiment of the present application;

15 is a flowchart of another method according to an embodiment of the present application;

16 is a flowchart of another method according to an embodiment of the present application;

FIG. 17 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

detailed description

The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. Wherein, in the description of the embodiments of the present application, unless otherwise stated, "/" represents or means, for example, A / B may represent A or B; "and / or" herein is only a description of an associated object The association relationship indicates that there can be three types of relationships, for example, A and / or B can indicate: there are three cases where A exists alone, A and B exist simultaneously, and B exists alone. In addition, in the description of the embodiments of the present application, “multiple” means two or more than two.

The embodiments of the present application provide an operation control method, which can be applied to an electronic device to improve the security of user data on the electronic device. Among them, user data refers to data generated by the user in the process of using the electronic device, such as contact information stored by the user on the electronic device, photos taken by the user with the electronic device, and documents received by the user from other devices through the electronic device , Audio files recorded by users using electronic devices, chat records when users use WeChat, and so on.

The electronic device may include at least one partition, and the partition may be a virtual storage partition or a real disk partition (for example, disk D, SD card 1, etc.), which is not limited in the embodiment of the present application. Different partitions can include different data units. The data unit can be a file or a folder. The folder may include only files or subfolders, which are not specifically limited in the embodiment of the present application.

It can be understood that the operating systems adopted by the electronic devices are different, and the types of data units in different partitions may also be different. For example, under the Android operating system, the data unit in partition 1 may be a file or a folder, and the data unit in partition 2 may be a folder. In other operating systems, the data unit in partition 1 may be a file or folder, and the data unit in partition 2 may also be a file or folder.

When the electronic device detects a user operation to open a partition, files and folders in the partition can be displayed on the electronic device. Exemplarily, after a digital camera storage (DCIM) folder for storing photos on an electronic device has been added to the partition 1, see FIG. 1 (a), when the user clicks on the control 01 of the partition 1 As shown in FIG. 1 (b), the electronic device can display files and folders included in the partition 1, that is, a DCIM folder. When the user clicks on the control 02 of the partition 2, the electronic device can display files and folders included in the partition 2. When the partition on the electronic device is a virtual storage partition, after a file or folder is added to the partition, the file or folder logically belongs to a partition, but the storage path of the file or folder has not changed. . For example, after the DCIM folder is added to the first partition, the DCIM file is still the original storage path.

Each partition on the electronic device can correspond to a set of parameter information. When a data unit is added to a partition, the electronic device can save the correspondence between the data unit and the corresponding parameter information of the partition to indicate that the data unit belongs to the partition. . That is, if a correspondence between a data unit and a set of parameter information is stored on the electronic device, it can be shown that the data unit belongs to a partition corresponding to the parameter information. The parameter information is used to indicate that the application is prohibited from deleting one or any combination of data units, modifying data units, or reading data units.

In some embodiments, the parameter information corresponding to the data unit stored on the electronic device may be attribute information of the data unit. The attribute information may include attribute information forbidden to delete, attribute information forbidden to modify, or attribute information forbidden to read. One or any combination.

When the data unit is a file, the electronic device can save the correspondence between the file and the attribute information. Wherein, the attribute information for prohibiting deletion is used to indicate that the application is prohibited from deleting (for example, unlink) the file; the attribute information for prohibiting modification is used to indicate that the application is prohibited from modifying the content of the file (for example, adding data to the file, reducing data) Or replace data) and prohibit the modification of the name of the file (that is, prohibit the renaming (eg, rename) of the file); the read-inhibited attribute information is used to indicate that the application is prohibited from reading the file.

For example, when the electronic device has a correspondence between a file and attribute information, and the attribute information is forbidden to delete, if the application requests deletion of the file, the electronic device determines to refuse deletion according to the attribute information corresponding to the file.

When the data unit is a folder, the electronic device can save the correspondence between the folder and the attribute information. The attribute information for prohibiting deletion is used to indicate that the application is prohibited from deleting the folder, and specifically includes the application is prohibited from deleting the files in the folder and the application is prohibited from deleting the folder; the attribute information forbidden to modify is used to indicate that the application is prohibited Modifying the folder specifically includes prohibiting the name of the folder from being modified (that is, prohibiting renaming the folder), prohibiting modifying the contents of the files in the folder, and prohibiting modifying the name of the files in the folder (that is, prohibiting renaming the folder File), etc .; the read-inhibited attribute information is used to indicate that the application is prohibited from reading the folder (including the file from the folder).

For example, when the correspondence between a folder and attribute information is stored on the electronic device, and the attribute information is forbidden to delete, if the application requests to delete a file in the folder, the electronic device determines to refuse execution according to the attribute information. The delete operation.

In other embodiments, the parameter information may be a forbidden operation set, the operations in the forbidden operation set are prohibited from being performed, and the forbidden operation set may include one or any combination of a delete operation, a modify operation, or a read operation.

When the data unit is a file, the electronic device can save the correspondence between the file and the prohibited operation set. The delete operation in the forbidden operation set is used to indicate that the application is prohibited from deleting the file; the modify operation in the forbidden operation set is used to indicate that the application is prohibited from modifying the content of the file and the file name; and the read operation in the forbidden operation set is prohibited Used to indicate that the application is prevented from reading the file.

When the data unit is a folder, the electronic device can save the correspondence between the folder and the prohibited operation set. The delete operation in the forbidden operation set is used to indicate that the application is prohibited from deleting the folder, and specifically includes the prohibition of the application from deleting the files in the folder and the application to delete the folder; the modify operation in the forbidden operation collection is used for Indicates that the application is prohibited from modifying the folder, which specifically includes prohibiting the modification of the name of the folder and the content of the file in the folder and the name of the file; the read operation in the prohibited operation set is used to indicate that the application is prohibited from reading The folder.

It can be understood that, in addition to the attribute information and the prohibited operation set, the foregoing parameter information may also be other information, which is not specifically limited in the embodiment of the present application.

When an application program on an electronic device requests deletion, modification, or reading of a file or folder in a partition, the electronic device reads parameter information corresponding to the file or folder. If it is determined that the operation is prohibited, the electronic device refuses to perform the operation. The application program on the electronic device may include a native application program and a third-party application program on the electronic device. For example, the application may be a WeChat application, a gallery application, a phone application, a Weibo application, and the like.

In other words, when a file or folder belongs to a certain partition, and the correspondence between the file or folder and the parameter information is stored on the electronic device, since the electronic device needs to operate according to the parameter information before operating these files or folders, Determine whether the operation is allowed, so the application on the electronic device cannot successfully perform an operation (such as delete, modify, or read operation) prohibited in the parameter information of the file or folder, thus preventing the data in the file or folder Lost or tampered with to increase data security.

It should be noted that, in the embodiment of the present application, parameter information is used to indicate that a file or folder is prohibited from being deleted, modified, or read by any application program, without requiring the user to set each application program and each file or file separately as in the prior art. The corresponding relationship between the operation permissions (such as delete, modify, and other operation permissions) of each folder can improve the processing efficiency of the operation control process.

In addition, since there are many applications on the electronic device (for example, there may be dozens), if a user needs to set each application in a plurality of applications for a certain file or folder and delete the file or folder, Correspondence between operation permissions such as modification, the user may accidentally set the correspondence between an application and an operation permission of the file or folder, so that the application can automatically delete or modify the file or folder , Which may cause loss of important data in the file or folder. By using the method provided in the embodiment of the present application, from the perspective of files and folders, it is possible to uniformly prevent any application from deleting or modifying the file or folder by setting parameter information. The problem of data loss due to missetting.

In addition, another solution to improve data security is provided in the prior art, that is, it is set in advance that some important files need to be placed in the recycle bin, and when these files are deleted, they are transferred to the recycle bin for storage. This solution cannot prevent the file name and user data in the file from being tampered with, and the file will be cleared when the recycle bin exceeds the storage period, thus still causing data loss. By adopting the operation control method provided in the foregoing embodiments of the present application, important files and folders added to the partition cannot be tampered or deleted by the application program.

The prior art also provides another solution for improving data security, that is, the electronic device periodically backs up user data to an external memory card, a computer, or a cloud. This solution cannot achieve real-time backup, and the problem may occur that user data has been deleted before the backup. In addition, users need to pay additional costs to purchase storage devices or cloud storage space. For storage on the cloud, users will also worry about privacy leaks. problem. By adopting the operation control method provided by the above embodiments of the present application, user data does not need to be stored in an additional storage device or cloud storage space, and user data can be protected in real time, and users do not need to worry about issues such as privacy leakage.

The operation control method provided in the embodiments of the present application can be applied to mobile phones, tablet computers, wearable devices, in-vehicle devices, augmented reality (AR) / virtual reality (VR) devices, notebook computers, and super mobile personal computers. (ultra-mobile personal computer (UMPC)), netbooks, personal digital assistants (personal digital assistants, PDAs) and other electronic devices, the embodiments of this application do not place any restrictions on the specific types of electronic devices.

Exemplarily, FIG. 2 shows a schematic structural diagram of the electronic device 100. The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, and an antenna 2 , Mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headphone interface 170D, sensor module 180, button 190, motor 191, indicator 192, camera 193, display 194, and Subscriber identification module (SIM) card interface 195 and the like. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, and ambient light. Sensor 180L, bone conduction sensor 180M, etc.

It can be understood that the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, the electronic device 100 may include more or fewer parts than shown, or some parts may be combined, or some parts may be split, or different parts may be arranged. The illustrated components can be implemented in hardware, software, or a combination of software and hardware.

The processor 110 may include one or more processing units. For example, the processor 110 may include an application processor (AP), a modem processor, a graphics processing unit (GPU), and an image signal processor. (image, signal processor, ISP), controller, memory, video codec, digital signal processor (DSP), baseband processor, and / or neural-network processing unit (NPU) Wait. Among them, different processing units may be independent devices or integrated in one or more processors.

The controller may be a command center of the electronic device 100. The controller can generate operation control signals according to the instruction operation code and timing signals, and complete the control of fetching and executing instructions.

The processor 110 may further include a memory for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may store instructions or data that the processor 110 has just used or used cyclically. If the processor 110 needs to use the instruction or data again, it can be directly called from the memory. Repeated accesses are avoided and the waiting time of the processor 110 is reduced, thereby improving the efficiency of the system.

In some embodiments, the processor 110 may include one or more interfaces. The interface may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit (inter-integrated circuit, sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous transceiver receiver / transmitter (UART) interface, mobile industry processor interface (MIPI), general-purpose input / output (GPIO) interface, subscriber identity module (SIM) interface, and / Or universal serial bus (universal serial bus, USB) interface.

It can be understood that the interface connection relationship between the modules shown in the embodiments of the present application is only a schematic description, and does not constitute a limitation on the structure of the electronic device 100. In other embodiments of the present application, the electronic device 100 may also adopt different interface connection modes or a combination of multiple interface connection modes in the above embodiments.

The charging management module 140 is configured to receive a charging input from a charger. The power management module 141 is used to connect the battery 142, the charge management module 140 and the processor 110.

The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, a modem processor, and a baseband processor.

The antenna 1 and the antenna 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in the electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be multiplexed to improve antenna utilization. For example, antenna 1 can be multiplexed into a diversity antenna for a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide a wireless communication solution including 2G / 3G / 4G / 5G and the like applied on the electronic device 100. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a low noise amplifier (LNA), and the like. In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the processor 110. In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the same device as at least part of the modules of the processor 110.

The modem processor may include a modulator and a demodulator. The modulator is configured to modulate a low-frequency baseband signal to be transmitted into a high-frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal.

The wireless communication module 160 may provide wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), Bluetooth (bluetooth, BT), and global navigation satellites applied to the electronic device 100. Wireless communication solutions such as global navigation system, GNSS, frequency modulation (FM), near field communication (NFC), and infrared technology (infrared, IR). The wireless communication module 160 may be one or more devices that integrate at least one communication processing module.

In some embodiments, the antenna 1 of the electronic device 100 is coupled with the mobile communication module 150, and the antenna 2 is coupled with the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. Wireless communication technologies can include global mobile communication systems (GSM), general packet radio services (GPRS), code division multiple access (code division multiple access, CDMA), and broadband code division Multiple access (wideband code division multiple access (WCDMA), time-division code division multiple access (TD-SCDMA), long-term evolution (LTE), BT, GNSS, WLAN, NFC, FM , And / or IR technology. GNSS can include global positioning system (GPS), global navigation satellite system (GLONASS), beidou navigation system (BDS), quasi-zenith satellite system (quasi-zenith satellite system (QZSS) and / or satellite-based augmentation systems (SBAS).

The electronic device 100 implements a display function through a GPU, a display screen 194, and an application processor. The GPU is a microprocessor for image processing and is connected to the display 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 194 is used to display images, videos, and the like. The display screen 194 includes a display panel. The display panel can use a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active matrix organic light emitting diode or an active matrix organic light emitting diode (active-matrix organic light-emitting diode). emitting diodes (AMOLED), flexible light-emitting diodes (FLEDs), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diodes (QLEDs), etc. In some embodiments, the electronic device 100 may include one or N display screens 194, where N is a positive integer greater than one.

The electronic device 100 may implement a shooting function through an ISP, a camera 193, a video codec, a GPU, a display screen 194, and an application processor.

The ISP processes the data fed back from the camera 193. The camera 193 is used to capture still images or videos. Video codecs are used to compress or decompress digital video.

The external memory interface 120 may be used to connect an external memory card, such as a Micro SD card, to extend the storage capacity of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to implement a data storage function. For example, save music, videos and other files on an external memory card.

The internal memory 121 may be used to store computer executable program code, and the executable program code includes instructions. The processor 110 executes various functional applications and data processing of the electronic device 100 by executing instructions stored in the internal memory 121. The internal memory 121 may include a storage program area and a storage data area. The storage program area may store an operating system, at least one application required by a function (such as a sound playback function, an image playback function, etc.) and the like. The storage data area can store data (such as audio files, phonebook files, parameter information corresponding to files or folders) created during the use of the electronic device 100. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (UFS), and the like.

The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, a headphone interface 170D, and an application processor. Such as music playback, recording, etc.

The audio module 170 is configured to convert digital audio signals and analog audio signals, and encode and decode audio signals. It can also be used to give voice prompts to users, and detect voice signals input by users.

The pressure sensor 180A is used to sense a pressure signal, and can convert the pressure signal into an electrical signal.

The fingerprint sensor 180H is used to collect fingerprints. The electronic device 100 may use the collected fingerprint characteristics to realize fingerprint unlocking, access application lock, fingerprint photographing, fingerprint answering an incoming call, and the like.

The touch sensor 180K is also called "touch panel". The touch sensor 180K may be disposed on the display screen 194, and the touch screen is composed of the touch sensor 180K and the display screen 194, which is also referred to as a "touch screen". The touch sensor 180K is used to detect a touch operation on or near the user. The touch sensor 180K can pass the detected touch operation to the application processor to determine the type of touch event. A visual output related to the touch operation may be provided through the display screen 194. In other embodiments, the touch sensor 180K may also be disposed on the surface of the electronic device 100, which is different from the position of the display screen 194. For example, when a user long presses a certain file displayed on the electronic device, the touch sensor 180K can detect the touch operation and pass the touch operation to the application processor to determine the type of touch event.

The key 190 includes a start key, a volume key, and the like, and may be a mechanical key or a touch key.

The motor 191 may generate a vibration alert. The motor 191 can be used for vibration alert for incoming calls, and can also be used for touch vibration feedback. For example, the touch operation applied to different applications (such as taking pictures, playing audio, etc.) can correspond to different vibration feedback effects.

The indicator 192 can be an indicator light, which can be used to indicate the charging status, power change, and can also be used to indicate messages, missed calls, notifications, and so on.

The SIM card interface 195 is used to connect a SIM card. The electronic device 100 may support one or N SIM card interfaces, and N is a positive integer greater than 1. The SIM card interface 195 is also compatible with external memory cards. The electronic device 100 interacts with the network through a SIM card to implement functions such as calling and data communication.

In the embodiment of the present application, the touch sensor 180K can detect a user's operation of adding the data unit k to the partition k on the display screen 194 and report the operation to the processor 110. The processor 110 stores parameter information k corresponding to the data unit k and the partition k. Corresponding relationship. When the processor 110 detects that the application program k requests to perform operation k on the data unit k in the partition k, the processor 110 may read parameter information k corresponding to the data unit k and determine whether the parameter information k prohibits the operation k. The operation k may include deleting, modifying, or reading the data unit k. If the parameter information k indicates that the operation k is prohibited, the processor 110 refuses to perform the operation k. If the parameter information k indicates that the operation k is not prohibited, the processor 110 executes the operation k. In this way, the parameter information is used to indicate that the data unit is prohibited from being deleted, modified, or read by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

In addition, after the processor 110 refuses to perform the operation k, it can also determine whether the application program k is a specific application program. If the application k is not a specific application, the processor 110 does not perform processing. If the application program k is a specific application program, the processor 110 determines whether the data unit k is within a partition and whether the partition k is prohibited from operating k. If the data unit k is not in the partition or the operation of the data unit k is not prohibited, the processor 110 does not perform processing. If the data unit k is in the partition and the operation k is prohibited in the partition, the processor 110 instructs the display screen 194 to prompt the user whether to authorize the operation k. If the touch sensor 180K detects an operation authorized by the user on the operation k on the display screen 194, the operation is reported to the processor 110, and the processor 110 executes the operation k. Alternatively, if the data unit k is in a partition and the operation k is prohibited in the partition, the processor 110 instructs the audio module 170 to prompt the user whether to authorize the operation k. If the audio module 170 detects the voice information authorized by the user for the operation k, it reports it to the processor 110, and the processor 110 executes the operation k.

The software system of the electronic device 100 may adopt a layered architecture, an event-driven architecture, a micro-core architecture, a micro-service architecture, or a cloud architecture. The embodiment of the present application takes the Android system with a layered architecture as an example, and exemplifies a software structure of the electronic device 100.

FIG. 3 is a software block diagram of an electronic device 100 according to an embodiment of the present application. The layered architecture divides the software into layers. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, which are an application layer, an application framework layer, an Android runtime and a system library, and a kernel layer from top to bottom. The application layer can include a series of application packages.

As shown in Figure 3, the application package can include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, SMS, etc.

The application framework layer provides an application programming interface (API) and a programming framework for applications at the application layer. The application framework layer includes some predefined functions.

As shown in FIG. 3, the application framework layer may include a window manager, a content provider, a view system, a phone manager, a resource manager, a notification manager, and the like.

Among them, the window manager is used to manage window programs. The window manager can obtain the display size, determine whether there is a status bar, lock the screen, take a screenshot, etc.

Content providers are used to store and retrieve data and make it accessible to applications. Data can include videos, images, audio, calls made and received, browsing history and bookmarks, phone books, and more.

The view system includes visual controls, such as controls that display text, controls that display pictures, and so on. The view system can be used to build applications. The display interface can consist of one or more views. For example, the display interface including the SMS notification icon may include a view that displays text and a view that displays pictures.

The phone manager is used to provide a communication function of the electronic device 100. For example, management of call status (including connection, hang up, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on.

The notification manager enables the application to display notification information in the status bar, which can be used to convey notification-type messages that can disappear automatically after a short stay without user interaction. For example, the notification manager is used to inform download completion, message reminders, etc. The notification manager can also be a notification that appears in the status bar at the top of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window. For example, text messages are displayed in the status bar, sounds are emitted, electronic equipment vibrates, and the indicator light flashes.

Android Runtime includes core libraries and virtual machines. Android runtime is responsible for the scheduling and management of the Android system.

The core library contains two parts: one is the functional functions that the Java language needs to call, and the other is the Android core library.

The application layer and the application framework layer run in a virtual machine. The virtual machine executes the java files of the application layer and the application framework layer as binary files. Virtual machines are used to perform object lifecycle management, stack management, thread management, security and exception management, and garbage collection.

The system library can include multiple functional modules. For example: surface manager (media manager), media library (Media library), three-dimensional graphics processing library (for example: OpenGL ES), 2D graphics engine (for example: SGL) and so on.

The Surface Manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications.

The media library supports a variety of commonly used audio and video formats for playback and recording, as well as still image files. The media library can support multiple audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing. The 2D graphics engine is a graphics engine for 2D graphics.

The kernel layer is the layer between hardware and software. The kernel layer contains at least a display driver, a camera driver, an audio driver, and a sensor driver. The kernel layer can also include storage device drivers and file system drivers. The file system driver can accept file-oriented input / output (I / O) requests and convert these requests into I / O requests for a certain storage device.

In the embodiment of the present application, the electronic device may include an application program, an interaction manager, a monitoring agent, an operation result checker, and an operation manager. The interaction manager may be implemented by a user program and modules such as a window manager, a view system, a notification manager, a resource manager, and a content provider in an application framework layer. The monitoring agent and operation result checker can be implemented by multiple modules in the system library and application framework layer. The operation manager can be implemented by modules such as a file system driver and a storage device driver in the kernel layer. The embodiment of the present invention does not limit which modules are specifically implemented.

The monitoring agent can monitor the data unit k added to the partition k, and save the correspondence between the data unit k and the parameter information k. In addition, if the partition to which the data unit k belongs is changed, the monitoring agent may also update parameter information corresponding to the data unit k. The application k may request the operation manager to perform operation k. The operation k may be deleting, modifying, or reading the data unit k. The operation manager may read the parameter information k corresponding to the data unit k and determine whether the parameter information k prohibits the operation k. If the parameter information k indicates that the operation k is prohibited, the operation manager refuses to perform the operation k. If the parameter information k indicates that the operation k is not prohibited, the operation manager executes the operation k. In this way, the parameter information is used to indicate that the data unit is prohibited from being deleted, modified, or read by any application program, which can improve the security of the data unit and the processing efficiency of the operation control process.

And, the operation manager may notify the operation result checker after refusing to perform the operation k. The operation result checker determines whether the application k is a specific application. If the application k is not a specific application, the operation result checker does not process it. If the application k is a specific application, the operation result checker determines to the operation manager whether the data unit k is within a partition and whether the partition prohibits operation k. If the data unit k is not in the partition or the partition k is not prohibited from operating, the operation result checker does not process it. If the data unit k is in a partition and the operation k is prohibited in the partition, the operation result checker requests the monitoring agent to authorize the operation k. The monitoring agent notifies the interaction manager to prompt the user whether to authorize the operation k. If the interaction manager detects that the user has authorized the operation k, it notifies the monitoring agent, and the monitoring agent executes the operation k.

It should be noted that, in general, most of the data units on the electronic device are not in the partition, and only a few important data units are in the partition. The application has the operation rights of deleting and modifying most data units that are not in the partition. Therefore, the operation manager can successfully perform operations such as deletion and modification requested by the application on most data units. Compared with the electronic device that first determines whether the data unit to be operated is in the partition each time it is deleted and modified, if the electronic device refuses to perform operations such as deletion and modification in the operation manager, the operation fails, which indicates the data to be operated. The unit may be in the partition, and then determine whether the data unit to be operated is in the partition, thereby prompting the user whether to perform authorization when determining that the data unit to be operated is in the partition, thereby reducing the electronic device determining whether the data unit to be operated is in the partition. Times, reducing the workload of electronic equipment and reducing the power consumption of electronic equipment.

In the following, the parameter information is used as the attribute information, and the electronic device is a mobile phone as an example, the operation control method provided in the embodiment of the present application will be described. For the case where the parameter information is other information, refer to the specific description process of the parameter information being attribute information, which will not be described in the following embodiments.

In some embodiments, the electronic device may include a 0th partition, and the attribute information corresponding to the 0th partition is prohibited from modification. In other words, after the file is added to the 0th partition, the correspondence between the file and the attribute information forbidden to be modified is stored on the electronic device. No application on the electronic device can modify the file until the correspondence has changed. ; After the folder is added to the 0th partition, the correspondence between the file and the attribute information forbidden to be modified is stored on the electronic device. No application on the electronic device can modify the folder and the relationship until the correspondence has not changed. Files in the folder. However, applications in the electronic device can delete and read files and folders in partition 0.

In some solutions, when the application requests to delete files or folders in the 0th partition, the electronic device may notify the user that the application is prohibited from modifying the files in the 0th partition, so that the user can know which applications intend to tamper with the 0th partition. Files in the partition. For example, taking a mobile phone as an example, see FIG. 4, when the game software A requests to modify the contacts stored on the mobile phone, the mobile phone displays a prompt box 401 to prompt the user "Please note: Game A intends to modify your contacts!"

In other solutions, when an application requests to delete a file or folder in the 0th partition, the electronic device may not prompt the user, thereby preventing an illegal application from prompting the user maliciously and frequently, which may cause the electronic device to malfunction. Problems at work.

In other embodiments, the electronic device may include a first partition, and the attribute information corresponding to the first partition includes deletion prohibition and modification prohibition. That is, after the file is added to the first partition, the correspondence between the file and the prohibition of deleting attribute information and the prohibition of modifying attribute information is saved on the electronic device. Before the correspondence relationship changes, any application program on the electronic device is The file cannot be deleted and modified; after the folder is added to the first partition, the corresponding relationship between the file and the prohibition of deletion and modification is saved on the electronic device. Before the corresponding relationship does not change, any application on the electronic device is You cannot delete and modify this folder and the files in this folder. However, applications in the electronic device can read files and folders in the first partition.

The first partition can be used to store very important user data, such as evidence files of legal procedures, so that the evidence files cannot be modified, deleted, or renamed by the application program, to ensure that the evidence files are not tampered with or lost, and improve the evidence files. Security. For another example, the first partition may be used to store user data such as contacts, short messages, call records, recordings, or location information of the user, so that the user data is not tampered or lost, and the security of the user data is improved.

In some solutions, when the application requests to delete or modify files or folders in the first partition, the electronic device may prompt the user that the application is prohibited from deleting or modifying files in the first partition, so that the user can know which applications are convenient Intent to delete or tamper with files in the first partition.

In other solutions, when an application requests to delete or modify a file or folder in the first partition, the electronic device may not prompt the user, thereby preventing an illegal application from prompting the user maliciously and frequently, resulting in the electronic device. Not working properly.

In other embodiments, the electronic device may include a second partition, and the attribute information corresponding to the second partition is prohibited from being deleted. In other words, after the file is added to the second partition, the corresponding relationship between the file and the attribute information forbidden to be deleted is stored on the electronic device. No application on the electronic device can delete the file until the corresponding relationship has changed. ; After the folder is added to the second partition, the correspondence between the folder and the attribute information forbidden to be deleted is stored on the electronic device. No application on the electronic device can delete the folder until the correspondence does not change. And the files in that folder. However, an application in the electronic device can modify and read files in the second partition and files in the folder of the second partition.

The second partition can be used to store more important user data, such as user photos and videos, so that the user's photos and videos cannot be deleted by the application to prevent user photos or videos from being lost; but the second partition The photos or videos can be modified or renamed, for example, they can be beautified by some retouching software, etc., for the convenience of users.

Similarly, when the application requests to delete a file or folder in the second partition, the electronic device may indicate to the user that the application is prohibited from deleting the file in the second partition, or the electronic device may not prompt the user.

In other embodiments, the electronic device may include a third partition, and attribute information corresponding to the third partition includes deletion prohibition, modification prohibition, and read prohibition. In other words, after the file is added to the third partition, the correspondence between the file and the attribute information forbidden to be deleted, the attribute information forbidden to be modified, and the attribute information forbidden to be read is stored on the electronic device. Before the correspondence relationship is modified, No application on the electronic device can delete, modify, or read the file; after the folder is added to the third partition, the electronic device holds the file and the attribute information forbidden to delete, the attribute information forbidden to modify, and the read prohibited For the corresponding relationship of the attribute information, no application on the electronic device can delete, modify or read the folder and the files in the folder.

The third partition can be used to store some private information, such as the user's diary and the user's private photo.

Similarly, when the application requests to delete, modify, or read files or folders in the third partition, the electronic device may prompt the user that the application is prohibited from deleting, modifying, or reading files in the third partition; or, electronic The device may not provide the prompt to the user.

In other embodiments, the electronic device may include at least two partitions among the 0th partition, the first partition, the second partition, and the third partition. The following description is made by taking an electronic device including a first partition and a second partition as an example.

According to the above description, the first partition and the data unit in the first partition may correspond to the attribute information i. The attribute information i includes the first attribute information and the second attribute information. The first attribute information indicates that the modification is prohibited and the second attribute information indicates that the modification is prohibited. Delete; the second partition and the data unit in the second partition correspond to the second attribute information.

In some embodiments, the files and folders in each partition on the electronic device may be preset when the electronic device is shipped from the factory. The electronic device stores the correspondence between the files and folders preset in the partition and the attribute information. For example, the electronic device presets the camera's DCIM folder in the second partition.

In other embodiments, the files and folders in each partition on the electronic device may also be automatically set by the electronic device during use. For example, the electronic device may determine whether to set a file in a partition and in which partition, according to the types of files and folders. Exemplarily, if the file or folder is a text message type or a recording type, the electronic device may set the file in the first partition; if the file or folder is a photo type or a video type, the electronic device may set the file or The folder is set in the second partition. For another example, the electronic device may determine whether to set a file in a partition and in which partition, according to a file name, a label or a keyword of the file. Exemplarily, if the file name is "camera", the electronic device may set the file in the second partition; if the file name is "recording", the electronic device may set the file in the first partition. Exemplarily, if the file name includes the keyword "important", the electronic device may set the file in the second partition; if the file name includes the keyword "evidence", the electronic device may set the file The file is set in the first partition. When an electronic device automatically sets a file or folder into a partition, it can save the correspondence between the file or folder and the above-mentioned attribute information.

In other embodiments, the files and folders in each partition on the electronic device may be set by the user. When the user actively sets files or folders in the partition, the electronic device can save the correspondence between the files and folders and the above-mentioned attribute information. For example, referring to FIG. 5, the step of the electronic device actively setting files and files in each partition may include:

501. When the electronic device detects a user's operation of adding the first data unit to the first partition, the electronic device saves the correspondence between the first data unit and the first attribute information and the second attribute information.

The first attribute information and the second attribute information may be collectively referred to as a group of attribute information i. Taking the first data unit as the folder 1, for example, in one case, the electronic device can save the correspondence between the folder 1 and the attribute information i; in another case, the electronic device can save the folder 1 and the attribute information i And the corresponding relationship between the files and folders in the folder 1 and the attribute information i.

502. When the electronic device detects an operation that the user adds the second data unit to the second partition, the electronic device saves the correspondence between the second data unit and the second attribute information.

The following takes the user's initiative to set the folder DCIM outside the partition as an example. Referring to (a) in FIG. 6, when the electronic device detects that the user has long pressed the DCIM folder, a menu list 601 is displayed. The menu list 601 includes setting a partition, copying, cutting, deleting, compressing, renaming, etc. Options. Referring to (b) in FIG. 6, when the user clicks the set partition option, the electronic device may display a menu list 602 as shown in (c) in FIG. 6. The menu list 602 includes adding a first partition and adding a second partition. Options such as partitioning and unsetting. When the user clicks on the option to join the first partition, the DCIM folder is set to belong to the first partition, and the electronic device can set the icon of the DCIM folder to color 1. Similarly, when the user clicks on the option to join the second partition The DCIM folder is set to belong to the second partition, and the electronic device can set the icon of the DCIM folder to color 2. When the user clicks the cancel setting option, the electronic device exits the setting about the partition.

Alternatively, when the electronic device detects that the user has long pressed the DCIM folder, the electronic device displays a menu list 601. The menu list 601 includes options such as adding a first partition, adding a second partition, and canceling settings.

In addition, the user can change the partition to which the file or folder belongs or move the file or folder out of the partition. Exemplarily, the DCIM folder is currently in the first partition, and the electronic device stores a correspondence between the DCIM folder and the first attribute information and the second attribute information. When the user clicks the set partition option, the electronic device can display options such as moving to the second partition and moving out of the partition. When the user clicks the move to the second partition option, the DCIM folder is set to belong to the second partition; the electronic device can delete the correspondence between the DCIM folder and the first attribute information, and save the correspondence between the DCIM folder and the second attribute information . When the user clicks the remove partition option, the DCIM file is removed from the partition, and the electronic device can delete the correspondence between the DCIM folder and the attribute information.

In addition, when the electronic device includes multiple partitions, different partitions may also correspond to different security levels. For example, the first partition may correspond to the security level 1, the second partition may correspond to the security level 2, and the security level of the security level 1 is higher than the security level 2. If the DCIM folder is currently in the first partition, when the user clicks on the set partition option, referring to FIG. 7, the electronic device may display options such as a “reduced partition level” option 701 and a “remove partition” option 702. When the user clicks the "reduced partition level" option 701, the DCIM folder is set to belong to the second partition that is one security level lower than the first partition.

In addition to the menu list shown in FIG. 6 and FIG. 7, the user can also set the correspondence between files and partitions in other ways. For example, referring to (a) in FIG. 8, in response to the user's gesture of drawing a circle on the touch screen, the electronic device displays the control 801 of the first partition and the control 802 of the second partition. Among them, the control 801 of the first partition indicates that files and folders in the partition are not allowed to be deleted and modified by the application; the control 802 of the second partition indicates that files and folders in the partition are not allowed to be deleted by the application. Referring to (b) in FIG. 8, when the user drags the DCIM folder to the position of the control 801 of the first partition, the DCIM folder is set to belong to the first partition. Alternatively, when the user drags the control 801 of the first partition to the position of the DCIM folder, the DCIM folder is set to belong to the first partition. After the DCIM folder is added to the first partition, as shown in FIG. 8 (c), the DCIM folder is restored to the original location.

For another example, the user can add the DCIM folder to the first partition by voice.

It can be understood that there may be other ways to set the correspondence between files and folders and partitions, which will not be repeated here.

In some embodiments, the display status of files and folders in the partition may be different from the display status of files and folders outside the partition, so that the user can know whether the file or folder is in the partition and is an important file. . Exemplarily, the icon of the file in the partition is a semi-transparent icon; the icon of the file outside the partition is a normal icon.

In other embodiments, the display status of files and folders in different partitions may also be different, so as to facilitate users to distinguish files of different security levels. The different display states may include one or any combination of different colors of the icons of the files or folders, different marks, different shapes, different marks, or different transparency.

For the convenience of description, the first partition is called the red area, and the recording folder belongs to the red area; the second partition is called the blue area, and the DCIM folder belongs to the blue area; the "download folder" is outside the partition as an example.

Exemplarily, the icon color of the recording folder in the red area is red, the icon color of the DCIM folder in the blue area is blue, and the icon of the download folder outside the partition is yellow.

For another example, referring to (a) in FIG. 9, the icon of the recording folder in the red area is displayed with a label “red area”, and the icon of the DCIM folder in the blue area is displayed with a label “blue area”. There is no red or blue label on the download folder icon outside the partition.

For another example, referring to FIG. 9 (b), the outline of the icon of the recording folder in the red area is rectangular, the outline of the icon of the DCIM folder in the blue area is circular, and the icon of the folder icon outside the partition is round. The shape of a normal folder.

For another example, the icon of the recording folder in the red area is displayed with a mark prohibiting deletion and modification as shown in (c) of FIG. 9, and the icon of the DCIM folder in the blue area is displayed as shown in FIG. The deletion prohibition mark shown in (c) in 9 is the normal icon for the "Download Folder" icon outside the partition.

As another example, referring to (d) in FIG. 9, a semi-transparent window is displayed in front of the icon of the recording folder in the red zone, and the semi-transparent window is used to prompt the user that the folder cannot be deleted or modified ; A semi-transparent window is displayed in front of the icon of the DCIM folder in the blue area. This semi-transparent window is used to remind the user that the folder must not be deleted. The icon of the "Download Folder" outside the partition is not displayed in front of it Translucent form.

The electronic device includes a first partition and a second partition, and the first data unit belongs to the first partition and the second data unit belongs to the second partition. The electronic device stores a correspondence between the first data unit and the attribute information i, and the attribute information i includes first attribute information and second attribute information. The first attribute information is prohibited from modification and the second attribute information is prohibited from being deleted. The correspondence between the second data unit and the second attribute information is also stored on the electronic device as an example. The operation control method provided in the embodiment of the present application. Referring to FIG. 10, the operation control method may include:

1001: If the electronic device detects first request information used by the first application to request the first operation, and the first operation is an operation to modify the first data unit, the electronic device according to the first attribute information corresponding to the first data unit , Refuse to perform the first operation.

The first operation is an operation prohibited by the first attribute information (that is, the first parameter information) corresponding to the first data unit. For example, the first operation may be an operation (for example, write, replace, delete data, etc.) that the first application requests to modify the content of the file in the first data unit, or the first operation may be repeated for the first application. An operation of naming a file (including a file in a folder) in the first data unit, or an operation of renaming a folder in the first data unit for the first application, or the like.

Similarly, if the electronic device detects the third request information used by the third application to request the first operation, the electronic device may also refuse to perform the first operation according to the first attribute information corresponding to the first data unit.

In addition, if the electronic device detects that the first application is used to request deletion of the request information corresponding to the first data unit, the deletion operation is an operation prohibited by the second attribute information (that is, the second parameter information) corresponding to the first data unit. , The electronic device refuses to perform the deleting operation according to the second attribute information. The deletion operation may be an operation that the first application requests to delete files (including files in the folder) in the first data unit, or the first operation may request that the files in the first data unit be deleted in the first application. Clip operation, etc.

1002: If the electronic device detects second request information used by the second application to request the second operation, and the second operation is an operation to delete the second data unit, the electronic device according to the second attribute information corresponding to the second data unit. , Refuse to perform the second operation.

The second operation is an operation prohibited by the second attribute information (that is, the second parameter information) corresponding to the second data unit. For example, the second operation may be an operation that the second application requests to delete files (including files in the folder) in the second data unit, or the second operation may request that the files in the second data unit be deleted in the second application. Clip operation, etc.

In the solution described in steps 1001-1002, when the file or folder belongs to the first or second partition, and the electronic device saves the correspondence between the file or folder and the attribute information, for the file or folder, the application program The deletion or modification operation forbidden by the attribute information cannot be performed successfully, so that the data in the file or folder can be prevented from being lost or tampered with, and the security of the data in the file or folder is improved. In addition, the file or folder attribute information can be used to identify the file or folder forbidden to be deleted or modified by any application, without requiring the user to separately set each application and each file or folder as in the prior art. The corresponding relationship of the operation authority can reduce the user's operation.

It should be noted that there is no clear sequence relationship between step 1001 and step 1002, and step 1001 may be before step 1002 or after step 1002.

In other embodiments, if the application requesting the operation prohibited by the attribute information on the file or folder in the partition is some specific application, the electronic device may consider the application to be a secure application. Therefore, after determining that the operation is refused to be performed according to the attribute information corresponding to the file or folder, the electronic device may also request the user to authorize the operation, so as to perform the operation after the user authorizes. For example, these specific applications can be applications developed by the manufacturer of the electronic device, or applications preset when the electronic device leaves the factory, or applications in a white list set by the user, or high-priority applications Wait. In this way, the electronic device can delete or modify files and folders in the partition only after the user grants permission, so the files and folders in the partition have higher security.

Taking the electronic device including the first partition and the second partition as an example, referring to FIG. 11, after the electronic device refuses to perform the first operation in step 1001, the method may further include:

1101. If the first application is a specific application, the electronic device prompts the user whether to authorize the first operation.

In addition, if the first application is not a specific application, the electronic device ends the data operation flow and does not perform the first operation.

1102: If the electronic device detects an instruction operation for authorizing the first operation by the user, the electronic device executes the first operation.

In addition, if the electronic device detects that the user refuses to instruct the first operation to authorize the operation, the electronic device ends the data operation process and does not perform the first operation.

That is, if the first application requesting the first operation prohibited by the attribute information on the file or folder in the partition is a specific application, the electronic device may consider the first application to be a trusted application. . Therefore, when the electronic device refuses to perform the first operation according to the attribute information corresponding to the file or folder, the electronic device may also request the user to authorize the first operation, so that the first operation is performed after the user authorizes.

Exemplarily, if the contact file belongs to the first partition, the electronic device stores a correspondence between the contact file and the first attribute information, and the first attribute information is prohibited from being deleted and modified from being prohibited. The phone application requests modification of the contact information in the first partition. The electronic device determines that modifying the contact information in the first partition is an operation prohibited by the first attribute information according to the first attribute information corresponding to the contact file, and therefore refuses to modify the contact in the first partition. The phone application is a specific application program, so the electronic device can request the user to authorize the operation of modifying the contact information in the first partition. For example, referring to (a) in FIG. 12, the electronic device may display a prompt box 1201 to prompt the user whether to authorize the operation; if the user clicks “Cancel”, the electronic device does not perform the operation of modifying the contact information in the first partition; If the user clicks "Agree", the electronic device performs an operation of modifying the contact information in the first partition. In addition, after the electronic device performs an operation of modifying the contact information in the first partition, the electronic device may further prompt the user that the modification operation has been successfully performed. For example, referring to (b) in FIG. 12, the electronic device notifies the user that the contact information has been successfully modified through the prompt box 1202.

After the electronic device refuses to perform the second operation in step 1002, the method may further include:

1103. If the second application is a specific application, the electronic device prompts the user whether to authorize the second operation.

In addition, if the second application is not a specific application, the electronic device ends the data operation flow and does not perform the second operation.

1104. If the electronic device detects an instruction operation for authorizing the second operation by the user, the electronic device performs the second operation.

In addition, if the electronic device detects that the user refuses to instruct the second operation to authorize the instruction operation, the electronic device ends the data operation flow and does not perform the second operation.

That is, if the second application requesting the second operation prohibited by the attribute information of the file or folder in the partition is a specific application, the electronic device may consider the second application to be a trusted application. . Therefore, when the electronic device refuses to perform the second operation according to the attribute information corresponding to the file or folder, the electronic device may also request the user to authorize the second operation, so that the second operation is performed after the user authorizes.

Exemplarily, if the DCIM folder belongs to the second partition, the electronic device stores the correspondence between the DCIM folder and the second attribute information, and the second attribute information is prohibited from being deleted. If the photo editing software requests to modify the photo A in the DCIM folder, the modification operation is not an operation prohibited by the second attribute information, so the electronic device performs an operation of modifying the photo A in the DCIM folder. If the photo editing software requests to delete the photo A in the DCIM folder, the modification operation is an operation prohibited by the second attribute information, so the electronic device refuses to modify the photo A in the DCIM folder. Retouching software is not a specific application, so the electronic device does not prompt the user for authorization.

If the application of the gallery requests to delete the photo A in the DCIM folder, the modification operation is an operation prohibited by the second attribute information, so the electronic device rejects the operation of modifying the photo A in the DCIM folder. The gallery is a specific application, so the electronic device prompts the user to authorize the operation of deleting photo A in the DCIM folder. For example, referring to FIG. 13, the electronic device may display a prompt box 1301 to prompt the user whether to authorize the operation; if the user clicks "Yes", the electronic device performs an operation of deleting the photo; if the user clicks "No", the electronic device Do not delete the photo.

It should be noted that in the above, the electronic device displays a prompt box on the interface to prompt the user to authorize, and the user performs authorization by clicking the right control on the interface as an example. The electronic device can also prompt the user to authorize in other ways, and the user can also authorize in other ways. For example, the electronic device can also prompt the user to authorize by sound, and the user can also authorize by voice. As another example, the electronic device may prompt the user for authorization through an interface or voice, and the user may also perform authorization through fingerprint authentication. As another example, the electronic device may prompt the user for authorization through an interface or voice, and the user may also perform authorization through facial authentication.

In some other embodiments, if an application requests an operation prohibited by the attribute information of a file or folder in the above partition to be initiated by a user, although the file or folder in the above partition is important, the user may The user really wants to delete or modify the file or folder, so after the electronic device refuses to perform the operation according to the attribute information corresponding to the file or folder, the electronic device may also request the user to authorize the operation, so that the operation is performed after the user authorizes.

In other words, the electronic device prohibits the application from automatically performing operations prohibited by the attribute information on the files or folders in the partition; when the user actively instructs the application to perform the operations prohibited by the attribute information on the files or folders in the partition, The electronic device prompts the user to authorize and performs operations prohibited by the attribute information on the files or folders in the partition after the user authorizes. That is, the electronic device can delete or modify files and folders in the partition only after the user grants permission, so the security of the files and folders in the partition is high.

Among them, there may be various ways for the electronic device to determine whether operations such as deletion and modification are initiated by the user. For example, before the electronic device detects that the application sends request information to request an operation prohibited by the attribute information on a file or folder in the partition, the electronic device detects the user's input operation and determines the target input event corresponding to the input operation And save. The electronic device distributes the target input event to the corresponding application. If the difference between the distribution time and the time when the electronic device detects that the application sends the request information is less than or equal to a preset value (the preset value may be smaller), the electronic device may determine that the operation is initiated by the user.

For example, as shown in FIG. 13, after the electronic device detects that the user clicks the delete control 1302, the click operation is processed into a target input event. The electronic device recognizes that the control corresponding to the target input event is a delete control of the gallery, and distributes the target input event to the gallery. The electronic device detected a request message from the gallery to request deletion of the photo. And, the distribution time is earlier than the time when the gallery request delete operation, and the difference between the time when the distribution time and the gallery request delete operation is less than or equal to a preset value, the electronic device may determine that the delete operation is initiated by the user.

For another example, the electronic device detects an input operation of the user, determines a target input event corresponding to the input operation, and saves it. The electronic device distributes the target input event to the corresponding application. The application sends request information for performing an operation and information for identifying a user input operation. The electronic device may determine that the operation is initiated by the user according to the operation request and information used to identify the user's input operation.

In some other embodiments, if an application requests an operation prohibited by the attribute information of a file or folder in the partition, the operation is initiated by a user, and the application is a specific application. The file or folder is important, but the user may indeed want to delete or modify the file or folder, and the application is a specific and secure application, so the electronic device is refusing to execute based on the attribute information corresponding to the file or folder After the operation, the user can also be requested to authorize the operation, so that the operation can be performed after the user authorizes.

In some embodiments, the electronic device may also create a log file, which is used to track and record the deletion of files and folders in each of the above partitions and the change of partitions, in order to facilitate relevant personnel and users to understand the files and folders How it was deleted or what security level it is currently in. After the log file is created, only the appended content cannot be deleted, that is, the log file has an append attribute. Among them, the case of changing a partition may include a case where a file or a folder is changed between different partitions, a case where a file or a folder is changed from outside the partition to a partition, and a file or folder is changed from inside the partition to the partition Outside the situation.

For example, after files or folders in the first and second partitions are deleted, the electronic device may save a deletion log for recording deletion of files or folders in the first and second partitions. Information such as time, subject of deletion, and path of the deleted file or folder; where the subject of deletion is an application that deletes the file or folder. For example, when the gallery requests to delete the photo A in the second partition, the electronic device prompts the user for authorization; after the user authorizes, the electronic device deletes the photo A at 2018-09-18, 09:23:56; then the delete log Can be "2018-09-18, 09: 23: 56 + Gallery + Mobile Storage / DCIM / IMG_20180917_080630.jpg".

For another example, if the electronic device detects that the user moves the fourth data unit from one of the partitions to another partition, the electronic device saves a partition change log, and the partition change log includes a change time of the fourth data unit of the changed partition. The path of the fourth data unit of the changed partition, the partition before the change, and the partition after the change. For example, after the user instructs to switch the recording file 1 in the first partition to the second partition, the electronic device switches the recording file 1 to the second partition at 2018-09-18, 12:35:18. The partition change log can be "2018-09-18, 12: 35: 18 + Mobile storage / recording / 7: 36 pm. Ogg + belongs to the first partition before the change + belongs to the second partition after the change". As another example, after the user instructs to move the recording file 1 in the first partition out of the partition, the electronic device moves the recording file 1 out of the first partition at 2018-09-18, 20:08:08. The partition change log may be “2018 -09-18, 12: 35: 18 + mobile storage / recording / 7: 36 pm. Ogg + belongs to the first partition before the change + outside the partition after the change ".

In addition, when a data unit is changed from outside the partition to inside the partition, or from inside the partition to outside the partition, the electronic device can also save the corresponding partition change log, which will not be repeated here.

Another embodiment of the present application provides another operation control method. As shown in FIG. 14, the method may include:

1401. The electronic device detects an operation that the user adds the data unit 1 to the first partition.

For example, the user may add the data unit 1 to the first partition in the manner shown in FIG. 6 to FIG. 8.

1402. The electronic device detects that the user modifies the operation of the data unit 1 through the application program 1.

Exemplarily, the operation of the user to modify the data unit 1 may be the operation of modifying the contact information shown in (a) and (b) in FIG. 12.

1403. The electronic device prompts the user that operation 1 has been rejected.

For example, if the electronic device determines that operation 1 is prohibited according to the attribute information corresponding to the data unit 1, the electronic device may prompt the user that operation 1 has been rejected.

Exemplarily, a schematic interface diagram of the electronic device notifying the user that an operation has been rejected can be seen in FIG. 4.

Similar to the application 1, when the electronic device detects that the user modifies the operation of the data unit 1 through the application 2, the electronic device may also prompt the user that the operation has been rejected.

1404. The electronic device prompts the user whether to authorize operation 1.

After the electronic device prompts to refuse to perform operation 1, the electronic device may prompt the user whether to authorize operation 1, so as to improve the security of the data unit 1 to be operated.

Exemplarily, a schematic interface diagram of the electronic device prompting the user whether to authorize the modification operation may refer to (a) in FIG. 12.

1405. If the electronic device detects that the user instructs the operation 1 to be authorized, the electronic device prompts the user that the operation 1 has been successfully performed.

After the user indicates authorization, the electronic device can perform operation 1 and notify the user that operation 1 has been successfully performed, thereby realizing the user's need to perform operation 1. Exemplarily, the operation that the electronic device authorizes the operation 1 may be an operation that the user clicks "agree" in (a) in FIG. 12. For a schematic diagram of the interface in which the electronic device prompts the user that the operation 1 has been successfully performed, refer to (b) in FIG. 12.

Another embodiment of the present application provides another operation control method. As shown in FIG. 15, the method may include:

1501. The electronic device detects an operation that the user adds the data unit 1 to the second partition.

1502. The electronic device detects an operation of the user to delete the data unit 1 through the application 1.

1503. The electronic device prompts the user that operation 1 has been rejected.

Similar to the application 1, when the electronic device detects an operation of the user to delete the data unit 1 through the application 2, the electronic device may further prompt the user that the operation has been rejected.

1504. The electronic device prompts the user whether to authorize operation 1.

Exemplarily, a schematic interface diagram of the electronic device prompting the user whether to authorize the delete operation can be seen in FIG. 13.

1505. If the electronic device detects that the user instructs the operation 1 to be authorized, the electronic device prompts the user that the operation 1 has been successfully performed.

After the user indicates authorization, the electronic device can perform operation 1 and notify the user that operation 1 has been successfully performed, thereby realizing the user's need to perform operation 1.

Another embodiment of the present application provides another operation control method. As shown in FIG. 16, the method may include:

1601. The electronic device detects an operation that the user adds the data unit 1 to the third partition.

1602 The electronic device detects an operation that the user reads the data unit 1 through the application program 1.

1603. The electronic device prompts the user that operation 1 has been rejected.

Similar to the application 1, when the electronic device detects an operation that the user reads the data unit 1 through the application 2, the electronic device may further prompt the user that the operation has been rejected.

1604. The electronic device prompts the user whether to authorize operation 1.

1605. If the electronic device detects that the user instructs the operation 1 to be authorized, the electronic device prompts the user that the operation 1 has been successfully performed.

In another embodiment of the present application, the electronic device may include any combination of the first partition, the second partition, or the third partition. The operation control methods described in FIG. 14, FIG. 15, and FIG. 16 can also be arbitrarily combined. For example, one operation control method includes steps 1401-1405 and 1501-1505, another operation control method includes steps 1501-1505 and 1601-1605, and another operation control method includes steps 1401-1405 and 1501-150. 1505 and steps 1601-1605 are not described in the embodiment of the present application.

It can be understood that, in order to implement the foregoing functions, the electronic device includes hardware and / or software modules corresponding to performing each function. With reference to the example algorithm steps described in the embodiments disclosed herein, the present application can be implemented in the form of hardware or a combination of hardware and computer software. Whether a certain function is performed by hardware or computer software-driven hardware depends on the specific application of the technical solution and design constraints. Those skilled in the art can use different methods to implement the described functions for each specific application in combination with the embodiments, but such implementation should not be considered to be beyond the scope of the present application.

In this embodiment, the electronic device may be divided into functional modules according to the foregoing method example. For example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The above integrated modules may be implemented in the form of hardware. It should be noted that the division of the modules in this embodiment is schematic, and is only a logical function division. In actual implementation, there may be another division manner.

In a case where each functional module is divided according to each function, FIG. 17 shows a possible composition diagram of the electronic device 1700 involved in the foregoing embodiment. As shown in FIG. 17, the electronic device 1700 may include: a saving unit 1701, a detection unit 1702, a processing unit 1703, and a prompting unit 1704.

In some embodiments, the saving unit 1701 may be used to support the electronic device 1700 to perform the

above steps

501, 502, etc., and / or other processes for the techniques described herein.

The detection unit 1702 may be used to support the electronic device 1700 to perform the

above steps

1401, 1402, 1501, 1502, 1601, 1602, etc., and / or other processes for the technology described herein.

The processing unit 1703 may be used to support the electronic device 1700 to perform the

above steps

1001, 1002, 1102, 1104, etc., and / or other processes used in the technology described herein.

The prompting unit 1704 may be used to support the electronic device 1700 to perform the

above steps

1101, 1103, 1403-1405, 1503-1505, 1603-1605, etc., and / or other processes for the technology described herein.

It should be noted that all relevant content of each step involved in the foregoing method embodiments can be referred to the functional description of the corresponding functional module, and will not be repeated here.

The electronic device 1700 provided in this embodiment is configured to execute the foregoing operation control method or operation control method, and therefore, the same effect as the above implementation method can be achieved.

In the case where an integrated unit is adopted, the electronic device 1700 may include a processing module, a storage module, and a communication module. The processing module may be used to control and manage the actions of the electronic device 1700. For example, the processing module may be used to support the electronic device 1700 to perform the steps performed by the detection unit 1702, the processing unit 1703, and the prompt unit 1704. The storage module may be used to support the electronic device 1700 to execute the steps performed by the saving unit 1701 described above, and to store program code and data. The communication module can be used to support communication between the electronic device 1700 and other devices.

The processing module may be a processor or a controller. It may implement or execute various exemplary logical blocks, modules, and circuits described in connection with the present disclosure. The processor may also be a combination that implements computing functions, such as a combination including one or more microprocessors, a combination of digital signal processing (DSP) and a microprocessor, and so on. The memory module may be a memory. The communication module may specifically be a device that interacts with other devices such as a radio frequency circuit, a Bluetooth chip, and a Wi-Fi chip.

In one embodiment, when the processing module is a processor and the storage module is a memory, the electronic device involved in this embodiment may be an electronic device having a structure shown in FIG. 2 and FIG. 3.

An embodiment of the present application further provides a computer storage medium. The computer storage medium stores computer instructions, and when the computer instructions are run on the electronic device, the electronic device is caused to execute the related method steps to implement the operation control in the foregoing embodiment. Method or operation control method.

An embodiment of the present application further provides a computer program product, when the computer program product is run on a computer, the computer is caused to execute the foregoing related steps to implement the operation control method or the operation control method performed by the electronic device in the foregoing embodiment.

In addition, an embodiment of the present application further provides a device. The device may specifically be a chip, a component, or a module. The device may include a connected processor and a memory. The memory is used to store a computer to execute instructions. When the device is running, The processor may execute computer execution instructions stored in the memory, so that the chip executes the operation control method or the operation control method performed by the electronic device in the foregoing method embodiments.

The electronic device, the computer storage medium, the computer program product, or the chip provided in this embodiment are used to execute the corresponding methods provided above. Therefore, for the beneficial effects that can be achieved, refer to the corresponding ones provided above. The beneficial effects in the method are not repeated here.

Through the description of the above embodiments, those skilled in the art can understand that, for the convenience and brevity of the description, only the above-mentioned division of the functional modules is used as an example. In practical applications, the above-mentioned functions can be assigned by different The function module is completed, that is, the internal structure of the device is divided into different function modules to complete all or part of the functions described above.

In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the device embodiments described above are only schematic. For example, the division of the modules or units is only a logical function division. In actual implementation, there may be another division manner. For example, multiple units or components may be divided. The combination can either be integrated into another device, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, which may be electrical, mechanical or other forms.

The units described as separate components may or may not be physically separated, and the components displayed as units may be one physical unit or multiple physical units, that is, may be located in one place, or may be distributed to multiple different places. . Some or all of the units may be selected according to actual needs to achieve the objective of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each of the units may exist separately physically, or two or more units may be integrated into one unit. The above integrated unit may be implemented in the form of hardware or in the form of software functional unit.

When the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a readable storage medium. Based on such an understanding, the technical solution of the embodiments of the present application is essentially a part that contributes to the existing technology or all or part of the technical solution may be embodied in the form of a software product that is stored in a storage medium. Included are several instructions for causing a device (which can be a single-chip microcomputer, a chip, etc.) or a processor to execute all or part of the steps of the method described in the embodiments of the present application. The foregoing storage media include: U disks, mobile hard disks, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks, which can store program codes.

The above content is only a specific implementation of this application, but the scope of protection of this application is not limited to this. Any person skilled in the art can easily think of changes or replacements within the technical scope disclosed in this application. Covered within the scope of this application. Therefore, the protection scope of this application shall be subject to the protection scope of the claims.

Claims

An operation control method applied to an electronic device, wherein the electronic device stores a correspondence between a first data unit and first parameter information, and the first parameter information is used to indicate that modification of the first data unit is prohibited A data unit, where the first data unit is a file or a folder; the electronic device also stores a correspondence between a second data unit and second parameter information, and the second parameter information is used to indicate that deletion of the first data unit is prohibited Two data units, the second data unit is a file or a folder; the method includes:

If the electronic device detects first request information used by a first application to request a first operation, and the first operation is an operation to modify the first data unit, the electronic device is configured according to the first The first parameter information corresponding to the data unit refuses to perform the first operation;

If the electronic device detects second request information used by the second application to request a second operation, and the second operation is an operation to delete the second data unit, the electronic device is configured according to the second The second parameter information corresponding to the data unit refuses to perform the second operation.
The method according to claim 1, wherein after the electronic device refuses to perform the first operation, the method further comprises:

If the first application is a specific application, the electronic device prompts the user whether to authorize the first operation;

If the electronic device detects an instruction operation for the user to authorize the first operation, the electronic device executes the first operation.
The method according to claim 1 or 2, wherein after the electronic device refuses to perform the second operation, the method further comprises:

If the second application is a specific application, the electronic device prompts the user whether to authorize the second operation;

If the electronic device detects an instruction operation for the user to authorize the second operation, the electronic device executes the second operation.
The method according to any one of claims 1 to 3, further comprising:

If the electronic device detects a third operation request that the third application uses to request the first operation, the electronic device refuses to execute the first operation according to the first parameter information corresponding to the first data unit. One operation.
The method according to any one of claims 1-4, wherein a correspondence between a third data unit and third parameter information is stored on the electronic device, and the third parameter information is used to indicate that reading is prohibited The third data unit, and the third data unit is a file or a folder;

If the electronic device detects fourth request information used by the fourth application program to request a third operation, and the third operation is an operation of reading the third data unit, the electronic device according to the first The third parameter information corresponding to the three data units refuses to perform the third operation.
The method according to claim 5, wherein before the electronic device refuses to perform the first operation according to the first parameter information corresponding to the first data unit, the method further comprises:

When detecting that the user adds the first data unit to the first partition, the electronic device saves the correspondence between the first data unit and the first parameter information and the second parameter information;

Before the electronic device refuses to perform the second operation according to the second parameter information corresponding to the second data unit, the method further includes:

When the electronic device detects an operation that the user adds the second data unit to a second partition, the electronic device stores a correspondence between the second data unit and the second parameter information;

Before the electronic device refuses to perform the third operation according to the third parameter information corresponding to the third data unit, the method further includes:

When the electronic device detects an operation that the user adds the third data unit to the third partition, the electronic device saves the third data unit and the first parameter information, the second parameter information, and the first Correspondence between three parameter information.
The method according to claim 6, further comprising:

After the data unit in the first partition, the second partition, or the third partition is deleted, the electronic device stores a deletion log, where the deletion log is used to record the deletion time of the deleted data unit, A deletion subject and a path of the deleted data unit; wherein the deletion subject is an application program requesting the deletion operation.
The method according to claim 6 or 7, further comprising:

After the fourth data unit changes the partition, the electronic device saves the partition change log, and the partition change log includes the time when the fourth data unit changed the partition, the path of the fourth data unit, the location before the partition was changed, After changing the location;

Wherein, the fourth data unit is a file or a folder, and the fourth data unit changes the partition including that the fourth data unit is from the first partition, the second partition, and the third partition. One of the partitions is changed to another partition, or the third data unit is changed from outside the partition to the first partition, the second partition, or the third partition, or the fourth data unit is changed from The inside of the first partition, the inside of the second partition, or the inside of the third partition is changed outside the partition.
The method according to any one of claims 6 to 8, wherein display states of data units in different partitions are different, and the display states include a color of an icon of the data unit, and an icon on the data unit. One or any combination of a mark of the icon, the shape of the icon of the data unit, or the transparency of the icon of the data unit.
An operation control method, comprising:

The electronic device detects an operation that a user adds a first data unit to a first partition, where the first data unit is a file or a folder;

The electronic device detects that the user modifies a first operation of the first data unit through a first application program;

The electronic device prompting the user that the first operation has been rejected;

The electronic device prompts the user whether to authorize the first operation.
The method according to claim 10, further comprising:

If the electronic device detects an instruction operation for the user to authorize the first operation, the electronic device prompts the user that the first operation has been successfully performed.
The method according to claim 10 or 11, further comprising:

The electronic device detects that the user modifies a second operation of the first data unit through a second application program;

The electronic device prompts the user that the second operation has been rejected.
The method according to any one of claims 10-12, wherein the method further comprises:

The electronic device detects an operation that a user adds a second data unit to a second partition, and the second data unit is a file or a folder;

The electronic device detects a third operation that the user deletes the second data unit through a third application program;

The electronic device prompts the user that the third operation has been rejected;

The electronic device prompting the user whether to authorize the third operation;

If the electronic device detects an instruction operation for the user to authorize the third operation, the electronic device prompts the user that the third operation has been successfully performed.
The method according to any one of claims 10-13, wherein the method further comprises:

The electronic device detects a user's operation of adding a third data unit to a third partition, and the third data unit is a file or a folder;

The electronic device detects a fourth operation that the user reads the third data unit through a fourth application program;

The electronic device prompting the user that the fourth operation has been rejected;

The electronic device prompting the user whether to authorize the fourth operation;

If the electronic device detects an instruction operation for the user to authorize the fourth operation, the electronic device prompts the user that the fourth operation has been successfully performed.
An electronic device, comprising one or more processors and one or more memories;

The one or more memories are coupled to the one or more processors, and the one or more memories are configured to store computer program code, where the computer program code includes computer instructions, and when the one or more processors When the computer instruction is executed, the electronic device executes the operation control method according to any one of claims 1-14.
A computer storage medium includes computer instructions, and when the computer instructions are run on an electronic device, the electronic device is caused to execute the operation control method according to any one of claims 1-14.
A computer program product, characterized in that when the computer program product is run on a computer, the computer is caused to execute the operation control method according to any one of claims 1-14.