WO2022022346A1 - Secure interaction method and apparatus - Google Patents

Secure interaction method and apparatus Download PDF

Info

Publication number
WO2022022346A1
WO2022022346A1 PCT/CN2021/107491 CN2021107491W WO2022022346A1 WO 2022022346 A1 WO2022022346 A1 WO 2022022346A1 CN 2021107491 W CN2021107491 W CN 2021107491W WO 2022022346 A1 WO2022022346 A1 WO 2022022346A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
electronic device
personal data
key
authority
Prior art date
Application number
PCT/CN2021/107491
Other languages
French (fr)
Chinese (zh)
Inventor
杨长盛
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2022022346A1 publication Critical patent/WO2022022346A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • the present application relates to the field of artificial intelligence, and more specifically, to a secure interaction method and device.
  • intelligent devices such as intelligent robots have been gradually accepted by the public, and are widely used in scenarios such as homes, shopping malls, supermarkets, hospitals, subways, enterprises and schools.
  • the robot will save a large amount of the user's personal data, such as the user's personal information, photos, videos, recordings, family member relationships, friend relationships, schedules, and memos.
  • the mainstream intelligent robots on the market mainly include interactive modules and safety modules.
  • the user When the user needs to store the personal data X, the user will input the instruction A1 to store the personal data X to the interactive module, the interactive module will send the personal data X to the security module according to the instruction A1, and the security module will encrypt the personal data X and store it.
  • the user When the user needs to view the personal data X, the user will input the instruction A2 for viewing the personal data X to the interactive module, the interactive module will notify the security module to provide the personal data X according to the instruction A2, and the security module will decrypt the encrypted personal data X to obtain the personal data.
  • the interactive module outputs personal data X through the display screen or speaker.
  • the above-mentioned intelligent robot encrypts the stored data, which can prevent hackers from the external network from illegally obtaining the data in the intelligent robot, thereby ensuring that the data in the intelligent robot is safe.
  • each user can view, modify or delete other users' personal data, so the above intelligent robot cannot guarantee the privacy of each user's personal data and security.
  • Embodiments of the present application provide a secure interaction method and apparatus to ensure the privacy and security of each user's personal data.
  • an embodiment of the present application provides a secure interaction method, the method is applied to an electronic device, the method includes: the electronic device receives a first instruction issued by a user, and the first instruction is used to instruct the electronic device to respond to the first
  • the first personal data of the user performs the first operation
  • the first user is a user registered on the electronic device in advance.
  • the electronic device determines the user's user identity.
  • the electronic device obtains the operation authority of the first personal data, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data.
  • the electronic device determines whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
  • the electronic device when the electronic device receives the first instruction issued by the user, it indicates that the user wants the electronic device to perform the first operation on the first personal data of the first user, and the electronic device will obtain the first personal data , and determine the user's user identity. Then, the electronic device determines whether the user has the authority to perform the first operation according to the user's user identity and the operation authority of the first personal data. The first operation is performed on the personal data, otherwise, the electronic device will not perform the first operation on the first personal data. Therefore, the secure interaction method provided by the embodiments of the present application can ensure the privacy and security of each user's personal data.
  • the electronic device determining whether to perform the first operation on the first personal data according to the user's user identity and the operation authority of the first personal data includes: the electronic device determining the first Whether the operation authority of personal data includes the user's user identity. When the operation authority of the first personal data includes the user identity of the user, the electronic device performs the first operation on the first personal data. When the operation authority of the first personal data does not include the user identity of the user, the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device can quickly determine whether to perform the first operation on the first personal data by determining whether the operation authority of the first personal data includes the user identity of the user, so the execution efficiency of the electronic device will be higher.
  • the electronic device performing the first operation on the first personal data includes: the electronic device determines whether there is a second user within a preset range of the electronic device, and the second user is a preset user in the electronic device. Users registered on electronic devices. When the second user exists within the preset range of the electronic device, the electronic device determines whether the access authority of the first personal data includes the second user. When the access right of the first personal data includes the second user, the electronic device performs the first operation on the first personal data. When the access authority of the first personal data does not include the second user, the electronic device prohibits performing the first operation on the first personal data. When the second user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
  • the electronic device determines whether the access authority of the first personal data includes the second user. With regard to the access authority of the first personal data, the second user does not need to worry about the leakage of private information to the second user, then the electronic device can perform the first operation on the first personal data.
  • the electronic device prohibits the first operation on the first personal data, In order to avoid leaking the first personal data to the second user during the process of performing the first operation on the first personal data by the electronic device.
  • the electronic device performing the first operation on the first personal data includes: the electronic device determines whether there is a third user within a preset range of the electronic device, and the third user is not in the Users registered on electronic devices. When a third user exists within a preset range of the electronic device, the electronic device prohibits the electronic device from performing the first operation on the first personal data. When the third user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
  • the electronic device prohibits the first operation on the first personal data to avoid During the process of performing the first operation on the first personal data by the electronic device, the first personal data is leaked to the third user.
  • the electronic device performing the first operation on the first personal data includes: the electronic device determines a first confidence level, the first confidence The degree is the degree of similarity between the user's current human body feature and the first user's human body feature pre-stored in the electronic device.
  • the electronic device acquires the first privacy level of the first personal data, where the first privacy level is used to indicate the degree of privacy of the first personal data.
  • the electronic device acquires a pre-established first mapping relationship between the confidence level and the privacy level.
  • the electronic device determines a privacy level set corresponding to the first confidence level according to the first mapping relationship, where the privacy level set includes at least one privacy level.
  • the electronic device determines whether the set of privacy levels includes the first privacy level. When the set of privacy levels includes the first privacy level, the electronic device performs the first operation on the first personal data. When the set of privacy levels does not include the first privacy level, the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device determines the privacy level that can provide the user with personal data according to the first confidence level of the user. If the first confidence level is higher, it indicates that the user is very likely to be the first user, and the electronic device allows the user to operate personal data with a higher privacy level. If the first confidence level is lower, it means that the possibility of the user being the first user is very low, and the electronic device allows the user to operate personal data with a lower privacy level. Therefore, the embodiments of the present application can avoid leaking personal data with a higher privacy level to a user with a lower confidence level, thereby ensuring the security of the user's personal data.
  • the electronic device receives a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user.
  • the electronic device determines the user's user identity.
  • the electronic device determines a first storage area for storing the first key, which is a key for encrypting the personal data of the first user.
  • the electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted.
  • the electronic device deletes all personal data of the first user encrypted by the first key.
  • the electronic device avoids illegal users from obtaining the first key by eliminating the first key. Even if the illegal user restores all the deleted personal data of the first user encrypted by the first key to the storage area of the electronic device by illegal means, since the illegal user cannot obtain the first key, he cannot All personal data of the first user encrypted by the first key is decrypted. Therefore, the embodiment of the present application can prevent the user's privacy from being leaked.
  • the first operation is an input operation
  • the operation authority of the first personal data is the input authority
  • the user identity of the user is the first user.
  • the electronic device determining whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data includes: the electronic device determining that the input authority of the first personal data includes the first user.
  • the electronic device acquires a first key corresponding to the first user, where the first key is a key for encrypting personal data of the first user.
  • the electronic device encrypts the first personal data with the first key to obtain encrypted first personal data.
  • the electronic device establishes a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data, where the second privacy level is a privacy level corresponding to the first personal data.
  • the electronic device stores the second mapping relationship.
  • the embodiment of this application not only encrypts the personal data, but also stores the privacy level and user identity corresponding to the personal data, so that when reading personal data, the user identity can be read Personal data is found, and the privacy level corresponding to the personal data can be determined when the personal data is read.
  • the first operation is an input operation, an output operation, a modification operation or a deletion operation.
  • the electronic device receives a third instruction sent by the user, where the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, and the personal data set includes the first user At least one personal data of the user set includes at least one user registered in the electronic device in advance.
  • the electronic device determines the user identity of the user as the first user.
  • the electronic device configures the access rights of each user in the user set to each personal data in the personal data set.
  • the first user can configure whether his personal data can be accessed by other registered users on the electronic device. If the first user allows other registered users to access his own personal data, then the first user can add the access rights of other registered users to his own personal data. If the first user does not allow other registered users to access his own personal data, the first user can delete the access rights of other registered users to his own personal data. Therefore, the embodiment of the present application can enable the first user to flexibly configure the access rights of other registered users to his own personal data.
  • configuring the access rights of the user set to each personal data in the personal data set by the electronic device includes: adding the electronic device to each user in the user set to each personal data in the personal data set access rights. Alternatively, the electronic device deletes the access rights of each user in the user set to each personal data in the personal data set.
  • an embodiment of the present application provides an electronic device, the electronic device includes: a receiving module configured to receive a first instruction sent by a user, where the first instruction is used to instruct the electronic device to respond to the first user's first
  • the first operation is performed on the personal data, and the first user is a user registered on the electronic device in advance.
  • the processing module is used to determine the user identity of the user.
  • the operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
  • the processing module is specifically configured to determine whether the operation authority of the first personal data includes the user identity of the user.
  • the electronic device performs the first operation on the first personal data.
  • the electronic device prohibits performing the first operation on the first personal data.
  • the processing module is specifically configured to determine whether there is a second user within a preset range of the electronic device, where the second user is a user registered on the electronic device in advance.
  • the electronic device determines whether the access authority of the first personal data includes the second user.
  • the electronic device performs the first operation on the first personal data.
  • the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device performs the first operation on the first personal data.
  • the processing module is specifically configured to determine whether there is a third user within a preset range of the electronic device, where the third user is a user who has not been registered on the electronic device.
  • the electronic device prohibits the electronic device from performing the first operation on the first personal data.
  • the electronic device performs the first operation on the first personal data.
  • the processing module is specifically configured to determine a first confidence level, where the first confidence level is the difference between the user's current human body feature and the first user's human body feature pre-stored in the electronic device similarity between.
  • the first privacy level of the first personal data is obtained, where the first privacy level is used to indicate the privacy degree of the first personal data.
  • a pre-established first mapping relationship between confidence levels and privacy levels is acquired.
  • a privacy level set corresponding to the first confidence level is determined according to the first mapping relationship, where the privacy level set includes at least one privacy level. It is judged whether the set of privacy levels includes the first privacy level.
  • the electronic device performs the first operation on the first personal data.
  • the set of privacy levels does not contain the first privacy level, the electronic device prohibits performing the first operation on the first personal data.
  • the processing module is further configured to receive a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user.
  • the electronic device determines a first storage area for storing the first key, which is a key for encrypting the personal data of the first user.
  • the electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted. Delete all personal data of the first user encrypted by the first key.
  • the processing module is specifically configured to determine that the input authority of the first personal data includes the first user.
  • a first key corresponding to the first user is obtained, where the first key is a key for encrypting personal data of the first user.
  • the first personal data is encrypted by using the first key to obtain encrypted first personal data.
  • a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data is established, where the second privacy level is a privacy level corresponding to the first personal data. The second mapping relationship is stored.
  • the first operation is an input operation, an output operation, a modification operation or a deletion operation.
  • the processing module is further configured to receive a third instruction sent by the user, where the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, and the personal data set At least one personal data of the first user is included, and the user set includes at least one user registered in the electronic device in advance.
  • the user identity of the user is determined as the first user. Configure the access rights of each user in the user collection to each personal data in the personal data collection.
  • the processing module is specifically configured to add the access authority of each user in the user set to each personal data in the personal data set. Or, the processing module is specifically configured to delete the access rights of each user in the user set to each personal data in the personal data set.
  • an embodiment of the present application provides an electronic device, the electronic device includes a memory and a processor connected to the memory, and the memory is used for storing instructions.
  • the processor is used for executing the instruction, so that the computer device performs the following operations: receiving the first instruction issued by the user, the first instruction is used for instructing the electronic device to perform the first operation on the first personal data of the first user, and the first user is Users pre-registered on electronic devices. Determine the user's user identity.
  • the operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
  • FIG. 1 is a schematic diagram of a scenario provided by an embodiment of the present application.
  • FIG. 2 is a flowchart of a security interaction method provided by an embodiment of the present application
  • FIG. 3 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 4 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 5 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 6 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 7 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 8 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 9 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • FIG. 10 is a schematic diagram of an electronic device provided by an embodiment of the present application.
  • FIG. 11 is a schematic diagram of another electronic device provided by an embodiment of the present application.
  • FIG. 12 is a schematic diagram of yet another electronic device according to an embodiment of the present application.
  • FIG. 1 is a schematic diagram of a scenario provided by an embodiment of the present application.
  • the scenario diagram shown in FIG. 1 shows an intelligent robot 100, a smartphone 200, a cloud server 300, a user 400, and a network 500, wherein the intelligent robot 100 shown in FIG. 1 can execute the secure interaction method provided by the embodiment of the present application.
  • a communication connection can be established between the intelligent robot 100 , the smartphone 200 and the cloud server 300 through the network 500 .
  • the intelligent robot 100 and the smart phone 200 can also establish a communication connection by means of Bluetooth or the like.
  • the intelligent robot 100 may include a processor, a microphone, a camera, a touch display screen, a speaker, a sensor, and various communication interfaces, among others.
  • the intelligent robot 100 may be capable of speech recognition and face recognition, for example, speech synthesis (text to speech, TTS), automatic speech recognition (automatic speech recognition, ASR), voice print recognition (voice print recognition, VPR), natural language Processing (natural language processing, NLP), face recognition, sound source localization and face tracking capabilities.
  • the cloud server 300 includes an artificial intelligence server and a business server.
  • the artificial intelligence server may provide capabilities such as speech recognition and face recognition, and the service server may provide related services for the application software on the intelligent robot 100 and the application software on the smart phone 200 .
  • the smartphone 200 is installed with application software for controlling the intelligent robot 100 , so that the user 400 can send control commands to the intelligent robot 100 through the smartphone 200 , and can also input personal information of the user 400 to the intelligent robot 100 through the smartphone 200 .
  • FIG. 2 is a flowchart of a secure interaction method provided by an embodiment of the present application.
  • the security interaction method shown in FIG. 2 can be applied to electronic devices, and the electronic devices can be devices such as smart robots, smart screens, smart speakers, and smart security products.
  • the method shown in FIG. 2 includes the following steps S101 to S104.
  • the electronic device receives a first instruction sent by a user.
  • the first instruction is used to instruct the electronic device to perform a first operation on the first personal data of the first user, the first user is a user who has been registered on the electronic device in advance, and the first operation may be an input operation, an output operation, For modification operation or deletion operation, the user can be the first user, other registered users or unregistered users.
  • the user 400 can send the information to the intelligent robot 100 A voice command, the voice command may specifically be "please display the schedule within a week".
  • the user 400 is a user who has registered on the intelligent robot 100 in advance, and the user 400 wants to check the date of birth of the first user on the intelligent robot 100 , then the user 400 can ask the intelligent robot 100 Send a voice command, the voice command may specifically be "please display the date of birth of the first user".
  • the user 400 is a user who has not registered on the intelligent robot 100 , and the user 400 wants to check the phone number of the first user on the intelligent robot 100 , then the user 400 can ask the intelligent robot 100 Send a voice command, the voice command may specifically be "please display the phone number of the first user".
  • the electronic device determines the user identity of the user.
  • the user identity of the user refers to a user who is pre-registered in the electronic device or a user who has not been registered in the electronic device.
  • the electronic device can determine the user identity of the user by verifying the account and password input by the user.
  • the electronic device can also determine the user identity of the user by recognizing the fingerprint of the user's finger.
  • the electronic device can also determine the user identity of the user through face recognition, voiceprint recognition, or face recognition combined with voiceprint recognition.
  • the electronic device can use its own hardware to determine the user identity of the user, and can also use the cloud server to determine the user identity of the user. For example, after the electronic device obtains the user's face image and the user's voiceprint features, if the electronic device has the recognition capability of the face image and voiceprint features, the electronic device will preferentially use its own recognition capability to determine the user user identity. If the electronic device does not have the ability to recognize face images and voiceprint features, the electronic device will send the acquired user's face image and user's voiceprint features to the cloud server, and the cloud server will use its own recognition capabilities. The user's face image and the user's voiceprint feature are correspondingly recognized, and the cloud server will feed back the recognition result to the electronic device, so that the electronic device can determine the user's user identity according to the recognition result.
  • the following introduces a specific method for the electronic device to determine the user identity of the user, and the method includes A1021 to A1023.
  • the electronic device acquires the first voice sent by the user.
  • the first voice is the voice made by the user when speaking.
  • the electronic device extracts the sound feature of the first speech.
  • the sound features of the first speech specifically include acoustic features, lexical features, prosody features, language types, dialect features, accent features, and the like.
  • the electronic device uses a pre-generated voiceprint recognition model to determine the user identity of the user corresponding to the sound feature of the first voice.
  • the voiceprint recognition model mentioned in A1023 can be generated according to the following method.
  • the method includes: first, the electronic device acquires the voice made by the user through a microphone. Then, the electronic device extracts the sound features in the voice uttered by the user. Secondly, the electronic device uses a preset training method to train the sound features in the speech to obtain a voiceprint recognition model.
  • the preset training method may be a Markov model method, a clustering method, a neural network method, a nearest neighbor method, or a polynomial classifier method.
  • Each user using the electronic device needs to train the voiceprint recognition model according to the above method for training the voiceprint recognition model, so that the trained voiceprint recognition model can recognize the voice features of each user.
  • the following introduces another specific method for the electronic device to determine the user identity of the user, and the method includes B1021 to B1023.
  • the electronic device acquires a first face image of the user.
  • the electronic device can collect the first face image of the user through a camera, and the first face image needs to have an image of the user's facial features.
  • the electronic device extracts the first face feature in the first face image.
  • the first face features include but are not limited to histogram features, color features, template features, structural features, Haar-like features, and the like.
  • the electronic device uses a pre-generated face recognition model to determine the user identity of the user corresponding to the first face feature.
  • the face recognition model mentioned in B1023 can be generated according to the following method, and the method includes: first, the electronic device obtains the face image of the user through a camera. Then, the electronic device extracts the facial features in the facial image. Secondly, the electronic device uses a preset learning method to train the face features in the face image to obtain a face recognition model.
  • the preset learning method can be a deep learning algorithm, a neural network algorithm, or a support vector machine (support vector machine, SVM) algorithm, or the like.
  • Each user using the electronic device needs to train the face recognition model according to the above method for training the face recognition model, so that the trained face recognition model can recognize the face image of each user.
  • the following introduces another specific method for the electronic device to determine the user identity of the user, and the method includes C1021 to C1027.
  • the electronic device acquires the first face image of the user and the first voice uttered by the user.
  • the electronic device extracts the sound feature of the first voice.
  • the electronic device extracts the first face feature in the first face image.
  • the electronic device uses the pre-generated voiceprint recognition model to calculate the voiceprint confidence of the sound feature of the first speech.
  • the voiceprint confidence level is used to indicate the degree of similarity between the voice feature of the first voice and the voice feature of the first user.
  • the electronic device uses the pre-generated face recognition model to calculate the face confidence of the first face feature.
  • the face confidence level is used to indicate the degree of similarity between the first face feature and the face feature of the first user.
  • the electronic device calculates a comprehensive confidence level according to the voiceprint confidence level and the face confidence level.
  • the electronic device determines that the user identity of the user is the first user.
  • the comprehensive confidence level (V ⁇ S) ⁇ 1-[V ⁇ (1-S)+S ⁇ (1-V)] ⁇ , where V is the face confidence level, and S is the voiceprint confidence level.
  • the electronic device obtains the operation authority of the first personal data.
  • the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data.
  • the operation authority can be input authority, access authority, modification authority or deletion authority, etc. Each operation corresponds to an operation permissions.
  • Table 1 is the correspondence table between personal data and various operation permissions.
  • user ID personal data Enter permissions access permission edit permission remove permission User A bank card information User A User A User A User A User A telephone number User A User A, User B User A User A User A User A birth place User A User A, User B, User C User A User A ... ... ... ... ... ... ... ... ... ...
  • the electronic device can output user A according to the first instruction bank card information. If the user is user B, user C or an unregistered user, the electronic device will not output user A's bank card information according to the first instruction, and the electronic device will remind the user that the access authority is insufficient to output user A's bank card information .
  • the electronic device can output the phone number according to the first instruction.
  • User A's phone number If the user is user C or an unregistered user, the electronic device will not output user A's phone number according to the first instruction, and the electronic device will remind the user that the access authority is insufficient to output user A's phone number.
  • the electronic device allows the user to modify the place of birth of user A. if the user is user B, user C, or an unregistered user, the electronic device does not allow the user to modify the birthplace of user A, and the electronic device will remind the user that the modification authority is insufficient to modify the birthplace of user A.
  • the electronic device determines whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
  • the electronic device can determine whether to perform the first operation on the first personal data.
  • the electronic device when the electronic device receives the first instruction sent by the user, it indicates that the user wants the electronic device to perform the first operation on the first personal data of the first user, and the electronic device will obtain the first command.
  • the authority to operate on a person's data and determine the user identity of the user. Then, the electronic device determines whether the user has the authority to perform the first operation according to the user's user identity and the operation authority of the first personal data. The first operation is performed on the personal data, otherwise, the electronic device will not perform the first operation on the first personal data. Therefore, the secure interaction method provided by the embodiments of the present application can ensure the privacy and security of each user's personal data.
  • the electronic device when the first operation is an output manipulation, if the electronic device determines that the output operation can be performed on the first personal data according to the user's user identity and the operation authority of the first personal data, then The electronic device first obtains a first key corresponding to the first user, and the first key is a key for encrypting the personal data of the first user. Then, the electronic device will obtain the first personal data encrypted in advance by the first key. Secondly, the electronic device decrypts the encrypted first personal data by using the first key to obtain the first personal data. Finally, the electronic device can output the first personal data.
  • FIG. 3 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 3 is the refinement step of S104 in FIG. 2 , and is specifically the step of “the electronic device determines whether to perform the first operation on the first personal data according to the user’s user identity and the operation authority of the first personal data”. refinement steps.
  • the method shown in FIG. 3 includes the following steps S201 to S203.
  • step S201 The electronic device determines whether the operation authority of the first personal data includes the user identity of the user. If the operation authority of the first personal data includes the user identity of the user, step S202 is performed; otherwise, step S203 is performed.
  • the electronic device performs a first operation on the first personal data.
  • the electronic device prohibits performing the first operation on the first personal data.
  • the operation authority of the first personal data is access authority
  • the user's user identity is User A.
  • Table 1 you can see that the bank User A is included in the access authority of the card information, then the electronic device performs an output operation on the bank card information.
  • the operation authority of the first personal data is access authority
  • the user's user identity is User B.
  • Table 1 you can see that the bank If user B is not included in the access authority of the card information, the electronic device will prohibit the output operation of the bank card information.
  • the electronic device can quickly determine whether to perform the first operation on the first personal data by determining whether the operation authority of the first personal data includes the user identity of the user, so the electronic device can quickly determine whether to perform the first operation on the first personal data.
  • the device will perform more efficiently.
  • FIG. 4 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 4 is the refinement step of S202 in FIG. 3 , and is specifically the refinement step of “the electronic device performs the first operation on the first personal data”.
  • the method shown in FIG. 4 includes the following steps S301 to S304.
  • the electronic device determines whether there is a second user within the preset range of the electronic device, and when the second user exists within the preset range of the electronic device, perform step S302; otherwise, perform step S303.
  • the second user is a user registered on the electronic device in advance, and the electronic device can detect whether there is a second user within a preset range of the electronic device through hardware such as a camera, a microphone array, or a sensor.
  • the preset range of the electronic device can be defined by the user according to the actual situation. For example, the user can set the preset range of the electronic device to be within 3 meters with the electronic device as the center.
  • the electronic device determines whether the access authority of the first personal data includes the second user, and when the access authority of the first personal data includes the second user, execute step S303; otherwise, execute step S304.
  • the electronic device determines whether the access authority of the first personal data includes the second user. With regard to the access authority of the first personal data, the second user does not need to worry about the leakage of private information to the second user, then the electronic device can perform the first operation on the first personal data.
  • the electronic device prohibits the first operation on the first personal data, In order to avoid leaking the first personal data to the second user during the process of performing the first operation on the first personal data by the electronic device.
  • the electronic device performs a first operation on the first personal data.
  • the electronic device determines whether there is a second user within the preset range of the electronic device, and if there is a second user within the preset range of the electronic device and the second user is user B, then the electronic device determines the first personal data Whether the operation authority of user B is included. In Table 1, it can be seen that user B is not included in the access authority of bank card information, and the electronic device prohibits the output operation of bank card information to avoid leaking user A's bank card information to user B.
  • the electronic device determines whether there is a second user within the preset range of the electronic device, and if there is a second user within the preset range of the electronic device and the second user is user B, then the electronic device determines the first personal data Whether the access rights of user B are included.
  • Table 1 it can be seen that user B is included in the access authority of the phone number, and the electronic device performs an output operation on the phone number.
  • the electronic device determines whether the second user exists within the preset range of the electronic device, and if the second user does not exist within the preset range of the electronic device, the electronic device performs an output operation on the phone number.
  • FIG. 5 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 5 is the refinement step of S202 in FIG. 3 , and specifically is the refinement step of “the electronic device performs the first operation on the first personal data”.
  • the method shown in FIG. 5 includes the following steps S401 to S403.
  • the electronic device determines whether a third user exists within a preset range of the electronic device, and when a third user exists within the preset range of the electronic device, perform step S402; otherwise, perform step S403.
  • the third user is a user who has not registered on the electronic device, and the electronic device can detect whether there is a third user within a preset range of the electronic device through hardware such as a camera, a microphone array, or a sensor.
  • the preset range of the electronic device can be defined by the user according to the actual situation. For example, the user can set the preset range of the electronic device to be within 3 meters with the electronic device as the center.
  • the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device performs a first operation on the first personal data.
  • the electronic device prohibits the first operation on the first personal data to avoid During the process of performing the first operation on the first personal data by the electronic device, the first personal data is leaked to the third user.
  • the electronic device determines whether there is a third user within the preset range of the electronic device, and if there is a third user within the preset range of the electronic device and the third user is an unregistered user, the electronic device prohibits the bank card information Execute the output operation to avoid leaking user A's bank card information to unregistered users.
  • FIG. 6 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 6 is the refinement step of S202 in FIG. 3 , specifically the refinement step of “the electronic device performs the first operation on the first personal data”, and the scenario of the embodiment of the present application is the user of the user The identity is the first user.
  • the method shown in FIG. 6 includes the following steps S501 to S507.
  • the electronic device determines a first confidence level.
  • the first confidence level is the degree of similarity between the current human body feature of the user and the human body feature of the first user pre-stored in the electronic device.
  • the current human body feature of the user refers to the human body features such as the user's face image, voiceprint feature, or eyeball iris feature, which are collected on-site by the electronic device when the user inputs the first instruction to the electronic device.
  • the human body feature of the first user refers to a face image, voiceprint feature or eye iris feature, etc. previously input by the first user to the electronic device, and the human body feature of the first user is used as a reference standard for identifying the user identity of the first user .
  • the calculation method of the first confidence level reference may be made to the calculation method of the comprehensive confidence level in the embodiment corresponding to FIG. 2 .
  • the calculation method of the first confidence level is the same as the calculation method of the comprehensive confidence level.
  • the electronic device acquires the first privacy level of the first personal data.
  • the first privacy level is used to indicate the privacy degree of the first personal data.
  • the electronic device can automatically assign the corresponding privacy level to the personal data according to the mapping relationship between the personal data and the privacy level, or the user can send an instruction to the electronic device to determine the corresponding privacy level of the personal data. privacy level.
  • Table 2 is a correspondence table between personal data and privacy levels pre-stored by the electronic device.
  • the electronic device pre-stores the mapping relationship table between personal data and privacy level as shown in Table 2, when the electronic device stores the bank card information of user A, the electronic device will be user A according to Table 2. 's bank card information is assigned a privacy level of high risk.
  • the electronic device acquires a pre-established first mapping relationship between the confidence level and the privacy level.
  • Table 3 is the correspondence table between confidence levels and privacy levels pre-established by the electronic device.
  • the electronic device determines a privacy level set corresponding to the first confidence level according to the first mapping relationship.
  • the privacy level set includes at least one privacy level.
  • the privacy level set corresponding to the first confidence level includes 3 privacy levels, namely high risk, medium risk and low risk.
  • the privacy level set corresponding to the first confidence level includes two privacy levels, which are medium risk and low risk.
  • step S505. The electronic device determines whether the privacy level set includes the first privacy level. When the privacy level set includes the first privacy level, step S506 is performed; when the privacy level set does not include the first privacy level, step S507 is performed.
  • the first personal data is bank card information
  • the first confidence level is 0.9
  • Table 2 it can be determined that the first privacy level corresponding to the bank card information is high risk
  • the set of privacy levels corresponding to the first confidence level of 0.9 includes high risk, medium risk and low risk.
  • the electronic device may determine that the set of privacy levels includes the first privacy level, and finally the electronic device performs the first operation on the first personal data.
  • the first personal data is bank card information
  • the first confidence level is 0.75
  • the first privacy level corresponding to the bank card information is high risk
  • the set of privacy levels corresponding to the first confidence level of 0.75 includes medium risk and low risk.
  • the electronic device may determine that the set of privacy levels does not contain the first privacy level, and finally the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device performs a first operation on the first personal data.
  • the electronic device prohibits performing the first operation on the first personal data.
  • the electronic device determines, through the first confidence level of the user, the privacy level that can provide the user with personal data. If the first confidence level is higher, it indicates that the user is very likely to be the first user, and the electronic device allows the user to operate personal data with a higher privacy level. If the first confidence level is lower, it means that the possibility of the user being the first user is very low, and the electronic device allows the user to operate personal data with a lower privacy level. Therefore, the embodiments of the present application can avoid leaking personal data with a higher privacy level to a user with a lower confidence level, thereby ensuring the security of the user's personal data.
  • FIG. 7 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 7 is an extension of FIG. 2 , that is, the steps shown in FIG. 7 are further included on the basis of FIG. 2 .
  • the method shown in FIG. 7 includes the following steps S601 to S605.
  • the electronic device receives a second instruction sent by a user.
  • the second instruction is used to instruct the electronic device to delete all personal data of the first user.
  • the user can send a second instruction to the electronic device through a communication device such as a smartphone, so that the electronic device can send a second instruction to the electronic device. All personal data of the first user is deleted.
  • the user can also directly input the second instruction on the electronic device.
  • the electronic device determines the user identity of the user.
  • S602 in FIG. 7 is the same step as S102 in FIG. 2 .
  • S602 in FIG. 7 please refer to the detailed description of S102 in FIG. 2 .
  • the electronic device determines a first storage area for storing the first key.
  • the first key is a key for encrypting the personal data of the first user.
  • Each user registered on the electronic device corresponds to a key, and each user's key can be generated based on a secure random number generator, so each user's key is unique, and the password between users is unique.
  • the keys are not the same.
  • the electronic device After the electronic device receives the second instruction sent by the user, the electronic device will confirm the user identity of the user. When the user identity of the user is the first user or the administrator, it means that the user has the authority to delete all personal data of the first user, then the electronic device will determine the first storage area for storing the first key, so that the electronic device The first key may be destroyed within the first storage area.
  • the electronic device deletes the first key in the first storage area by using a secure deletion method.
  • the safe deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted.
  • the electronic device may write target data for a preset number of times in the first storage area, so as to prevent the recovery of the first key after the electronic device deletes the first key.
  • the preset number of times is a preset number of times, for example, 3 times, 5 times, and the like.
  • the target data can be pre-generated random numbers.
  • the purpose of repeatedly writing the target data in the first storage area is to completely delete the first key in the first storage area, so as to prevent an illegal user from recovering the first key from the first storage area through some technical means.
  • the electronic device deletes all personal data of the first user encrypted by the first key.
  • all personal data of the first user encrypted by the first key are stored in the electronic device. If the personal data in the device is leaked to others, the electronic device avoids illegal users from obtaining the first key by eliminating the first key. Even if the illegal user restores all the deleted personal data of the first user encrypted by the first key to the storage area of the electronic device by illegal means, since the illegal user cannot obtain the first key, he cannot All personal data of the first user encrypted by the first key is decrypted. Therefore, the embodiment of the present application can prevent the user's privacy from being leaked.
  • FIG. 8 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 8 is the refinement step of S104 in FIG. 2 , and is specifically the step of “the electronic device determines whether to perform the first operation on the first personal data according to the user’s user identity and the operation authority of the first personal data”. refinement steps.
  • the method shown in FIG. 8 includes the following steps S701 to S705.
  • the electronic device determines that the input authority of the first personal data includes the first user.
  • the electronic device acquires the first key corresponding to the first user.
  • the first key is a key for encrypting the personal data of the first user.
  • Each user registered on the electronic device corresponds to a key, and each user's key can be generated based on a secure random number generator, so each user's key is unique, and the password between users is unique.
  • the keys are not the same.
  • the root key may be used to encrypt the first key, and the encrypted first key may be stored in the electronic device. Furthermore, the root key can be stored in the on-chip non-volatile memory of a central processing unit (CPU), system on chip (SOC), or cryptographic coprocessor, and is not exposed to the outside for reading The physical interface or logical interface of the root key to ensure the security of the root key.
  • CPU central processing unit
  • SOC system on chip
  • cryptographic coprocessor cryptographic coprocessor
  • the key encryption key may also be used to encrypt the first key, and the encrypted first key may be stored in the electronic device.
  • the key encryption key is encrypted by using the root key, and the encrypted key encryption key is stored in the electronic device.
  • the root key can be stored in the on-chip non-volatile memory of the central processing unit, the system-on-chip or the encryption coprocessor, and the physical interface or logical interface for reading the root key is not exposed to the outside, so as to ensure the root key key security.
  • the electronic device encrypts the first personal data with the first key to obtain encrypted first personal data.
  • the electronic device establishes a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data.
  • the second privacy level is the privacy level corresponding to the first personal data.
  • Each personal data corresponds to a privacy level, as shown in Table 2, if the first personal data is a phone number, then the second privacy level corresponding to the first personal data is medium risk.
  • the electronic device stores the second mapping relationship.
  • the embodiment of the present application in the process of storing personal data, not only encrypts the personal data, but also stores the privacy level and user identity corresponding to the personal data, so as to facilitate the reading of the personal data.
  • the personal data can be found through the identity of the user, and the privacy level corresponding to the personal data can be determined when the personal data is read.
  • FIG. 9 is a flowchart of another security interaction method provided by an embodiment of the present application.
  • the method shown in FIG. 9 is an extension of FIG. 2 , that is, the steps shown in FIG. 9 are further included on the basis of FIG. 2 .
  • the method shown in FIG. 9 includes the following steps S801 to S803.
  • the electronic device receives a third instruction sent by a user.
  • the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, the personal data set includes at least one personal data of the first user, and the user set includes at least one user registered in the electronic device in advance.
  • the electronic device determines that the user identity of the user is the first user.
  • the electronic device configures the access authority of each user in the user set to each personal data in the personal data set.
  • the electronic device adds the access authority of each user in the user set to each personal data in the personal data set.
  • the user may send a third instruction to the electronic device.
  • the electronic device receives the third instruction from the user, the electronic device determines that the user's user identity is the first user, and the electronic device adds the second user in the user set to the first personal data and the second personal data in the personal data set. data access rights.
  • the second user has access rights to the first personal data and the second personal data of the first user.
  • the electronic device deletes the access authority of each user in the user set to each personal data in the personal data set
  • the user may send a third instruction to the electronic device.
  • the electronic device determines that the user's user identity is the first user, and the electronic device deletes the second user in the user set to the first personal data and the second personal data in the personal data set. data access rights.
  • the second user does not have access rights to the first personal data and the second personal data of the first user.
  • the first user can configure on the electronic device whether his personal data can be accessed by other registered users. If the first user allows other registered users to access his own personal data, then the first user can add the access rights of other registered users to his own personal data. If the first user does not allow other registered users to access his own personal data, the first user can delete the access rights of other registered users to his own personal data. Therefore, the embodiment of the present application can enable the first user to flexibly configure the access rights of other registered users to his own personal data.
  • FIG. 10 is a schematic diagram of an electronic device according to an embodiment of the present application.
  • the electronic device shown in Figure 10 includes the following modules:
  • the receiving module 11 is used to receive the first instruction issued by the user, the first instruction is used to instruct the electronic device to perform the first operation on the first personal data of the first user, and the first user is pre-registered on the electronic device. user.
  • the processing module 12 is used to determine the user identity of the user.
  • the operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
  • the apparatus embodiment described in FIG. 10 is only illustrative.
  • the division of modules is only a logical function division. In actual implementation, there may be other division methods.
  • multiple modules or components may be combined or integrated into Another system, or some features can be ignored, or not implemented.
  • Each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist physically alone, or two or more modules may be integrated into one module.
  • FIG. 11 is a schematic diagram of another electronic device provided in an embodiment of the present application.
  • the electronic device shown in Figure 11 includes the following modules:
  • the receiving module 21 is used for receiving the input of the user.
  • the receiving module 21 may specifically include components such as a touch screen, a microphone, a camera, and a sensor, wherein the touch screen is used to receive user's touch input, the microphone is used to receive user's voice input, and the camera is used to collect the user's face image.
  • the output module 22 is used to feed back the output to the user.
  • the output module 22 may specifically include a touch screen, a speaker, etc., wherein the touch screen is used for displaying output in the form of images, and the speaker is used for outputting in the form of sound.
  • the output module 22 may also include a vibration motor for providing haptic feedback.
  • the output module 22 may further include the limbs of the intelligent robot, and the limbs of the intelligent robot are used to provide motion feedback, such as tapping, stroking and hugging the user.
  • the user identity identification module 23 is used to identify the user identity.
  • the user identity recognition module 23 may include a face recognition system, a voiceprint recognition system, a fingerprint recognition system, a password system, and the like.
  • the user identification module 23 can perform a fusion determination on the results of the identification of the multiple identification systems through the fusion determination system, and finally determine the user's identity.
  • the face recognition system includes multiple functions such as face detection and analysis, facial features positioning, face search, face comparison, face verification, and liveness detection.
  • the voiceprint recognition system is a system that performs identification based on the characteristics of the speaker's voice.
  • the main tasks of the voiceprint recognition system include voice signal processing, voiceprint feature extraction, voiceprint modeling, voiceprint comparison, and discriminative decision-making.
  • the fingerprint identification system is to classify and compare the fingerprints of the identified users to identify the identity.
  • the fusion judgment system obtains the final identity judgment result by merging and judging the recognition results of the face recognition system, the voiceprint recognition system and the fingerprint recognition system.
  • the privacy level determination module 24 may determine the privacy level of the personal data according to the pre-established mapping relationship between the personal data and the privacy level.
  • the encryption and decryption module 25 includes functions in charge of key management, encrypted data and decrypted data.
  • the encryption algorithm used for encrypting data may specifically be an advanced encryption standard (AES).
  • the storage module 26 may store the user's personal data.
  • the application module 27 is used to provide the user with functions for daily use, including functions such as daily dialogue and chat, games, entertainment, learning, and reminders.
  • FIG. 12 is a schematic diagram of another electronic device provided by an embodiment of the present application.
  • the electronic device shown in FIG. 12 includes a processor 31 and a memory 32 .
  • the processor 31 is configured to execute the instructions stored in the memory 32, so that the electronic device performs the following operations: receiving a first instruction issued by the user, and the first instruction is used to instruct the electronic device to The first operation is performed on the first personal data of a user, and the first user is a user registered on the electronic device in advance. Determine the user's user identity. The operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
  • the processor 31 is one or more CPUs.
  • the CPU is a single-core CPU or a multi-core CPU.
  • the memory 32 includes, but is not limited to, random access memory (RAM), read only memory (Read only Memory, ROM), erasable programmable read-only memory (erasable programmable read-only memory, EPROM or flash memory) memory), flash memory, or optical memory, etc.
  • RAM random access memory
  • ROM read only memory
  • EPROM erasable programmable read-only memory
  • flash memory or optical memory, etc.
  • the code of the operating system is stored in the memory 32 .
  • the electronic device further includes a bus 33, and the above-mentioned processor 31 and the memory 32 are connected to each other through the bus 33, and may also be connected to each other in other ways.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Facsimiles In General (AREA)

Abstract

A secure interaction method and apparatus. The method is applied to an electronic device. The method comprises: the electronic device receives a first instruction issued by a user (S101), the first instruction being used for instructing the electronic device to perform a first operation on first personal data of a first user, and the first user being a user registered in the electronic device beforehand; the electronic device determines a user identity of the user (S102); the electronic device obtains an operation permission of the first personal data (S103), the operation permission of the first personal data being used for indicating that the operation on the user identity of the first personal data is allowed; and the electronic device determines, according to the user identity of the user and the operation permission of the first personal data, whether to perform the first operation on the first personal data (S104). The secure interaction method can ensure the privacy and the security of personal data of each user.

Description

一种安全交互方法及装置A security interaction method and device
本申请要求于2020年7月31日提交中国国家知识产权局、申请号为202010758901.2、发明名称为“一种安全交互方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application with an application number of 202010758901.2 and an invention titled "A Secure Interaction Method and Device" filed with the State Intellectual Property Office of China on July 31, 2020, the entire contents of which are incorporated herein by reference Applying.
技术领域technical field
本申请涉及人工智能领域,更具体的说,涉及安全交互方法及装置。The present application relates to the field of artificial intelligence, and more specifically, to a secure interaction method and device.
背景技术Background technique
随着技术的不断发展,智能机器人等智能设备已经逐渐的被大众所接受,并且广泛的使用在家庭、商场、超市、医院、地铁、企业和学校等场景中。在用户使用智能机器人的过程中,机器人会保存用户大量的个人数据,例如,用户的个人信息、照片、视频、录音、家庭成员关系、朋友关系、日程安排和备忘录等。With the continuous development of technology, intelligent devices such as intelligent robots have been gradually accepted by the public, and are widely used in scenarios such as homes, shopping malls, supermarkets, hospitals, subways, enterprises and schools. During the user's use of the intelligent robot, the robot will save a large amount of the user's personal data, such as the user's personal information, photos, videos, recordings, family member relationships, friend relationships, schedules, and memos.
目前,市场上主流的智能机器人主要包括交互模块和安全模块。在用户需要存储个人数据X时,用户会向交互模块输入存储个人数据X的指令A1,交互模块会根据指令A1将个人数据X发送至安全模块,安全模块会对个人数据X进行加密后存储。在用户需要查看个人数据X时,用户会向交互模块输入查看个人数据X的指令A2,交互模块会根据指令A2通知安全模块提供个人数据X,安全模块对加密的个人数据X进行解密得到个人数据X,交互模块再通过显示屏或音箱输出个人数据X。At present, the mainstream intelligent robots on the market mainly include interactive modules and safety modules. When the user needs to store the personal data X, the user will input the instruction A1 to store the personal data X to the interactive module, the interactive module will send the personal data X to the security module according to the instruction A1, and the security module will encrypt the personal data X and store it. When the user needs to view the personal data X, the user will input the instruction A2 for viewing the personal data X to the interactive module, the interactive module will notify the security module to provide the personal data X according to the instruction A2, and the security module will decrypt the encrypted personal data X to obtain the personal data. X, the interactive module outputs personal data X through the display screen or speaker.
上述智能机器人对存储的数据进行加密,可以防止外网的黑客非法获取智能机器人中的数据,从而保证智能机器人中的数据是安全的。但是,在多个用户使用同一个智能机器人的过程中,每个用户都可以对其他用户的个人数据进行查看、修改或删除等操作,所以上述智能机器人无法保证每个用户的个人数据的私密性和安全性。The above-mentioned intelligent robot encrypts the stored data, which can prevent hackers from the external network from illegally obtaining the data in the intelligent robot, thereby ensuring that the data in the intelligent robot is safe. However, in the process of multiple users using the same intelligent robot, each user can view, modify or delete other users' personal data, so the above intelligent robot cannot guarantee the privacy of each user's personal data and security.
发明内容SUMMARY OF THE INVENTION
本申请实施例提供一种安全交互方法及装置,以保证每个用户的个人数据的私密性和安全性。Embodiments of the present application provide a secure interaction method and apparatus to ensure the privacy and security of each user's personal data.
第一方面,本申请实施例提供了一种安全交互方法,该方法应用于电子设备中,该方法包括:电子设备接收使用者发出的第一指令,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户。电子设备确定使用者的用户身份。电子设备获取第一个人数据的操作权限,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份。电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。In a first aspect, an embodiment of the present application provides a secure interaction method, the method is applied to an electronic device, the method includes: the electronic device receives a first instruction issued by a user, and the first instruction is used to instruct the electronic device to respond to the first The first personal data of the user performs the first operation, and the first user is a user registered on the electronic device in advance. The electronic device determines the user's user identity. The electronic device obtains the operation authority of the first personal data, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. The electronic device determines whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
在第一方面中,在电子设备接收使用者发出的第一指令时,说明使用者想让电子设备对第一用户的第一个人数据执行第一操作,电子设备会获取第一个人数据的操作权限,并确定使用者的用户身份。然后,电子设备根据使用者的用户身份和第一个人数据的操作权限确定使用者是否具有执行第一操作的权限,如果使用者具有执行第一操作的权限,那么 电子设备会对第一个人数据执行第一操作,否则,电子设备不会对第一个人数据执行第一操作。因此,本申请实施例提供的安全交互方法可以保证每个用户的个人数据的私密性和安全性。In the first aspect, when the electronic device receives the first instruction issued by the user, it indicates that the user wants the electronic device to perform the first operation on the first personal data of the first user, and the electronic device will obtain the first personal data , and determine the user's user identity. Then, the electronic device determines whether the user has the authority to perform the first operation according to the user's user identity and the operation authority of the first personal data. The first operation is performed on the personal data, otherwise, the electronic device will not perform the first operation on the first personal data. Therefore, the secure interaction method provided by the embodiments of the present application can ensure the privacy and security of each user's personal data.
在第一方面的一种可能的实现方式中,电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作包括:电子设备确定第一个人数据的操作权限是否包含使用者的用户身份。在第一个人数据的操作权限包含使用者的用户身份时,电子设备对第一个人数据执行第一操作。在第一个人数据的操作权限未包含使用者的用户身份时,电子设备禁止对第一个人数据执行第一操作。In a possible implementation manner of the first aspect, the electronic device determining whether to perform the first operation on the first personal data according to the user's user identity and the operation authority of the first personal data includes: the electronic device determining the first Whether the operation authority of personal data includes the user's user identity. When the operation authority of the first personal data includes the user identity of the user, the electronic device performs the first operation on the first personal data. When the operation authority of the first personal data does not include the user identity of the user, the electronic device prohibits performing the first operation on the first personal data.
其中,电子设备通过确定第一个人数据的操作权限是否包含使用者的用户身份的方式,可以快速的确定是否对第一个人数据执行第一操作,所以电子设备的执行效率会更高。The electronic device can quickly determine whether to perform the first operation on the first personal data by determining whether the operation authority of the first personal data includes the user identity of the user, so the execution efficiency of the electronic device will be higher.
在第一方面的一种可能的实现方式中,电子设备对第一个人数据执行第一操作包括:电子设备确定在电子设备的预设范围内是否存在第二用户,第二用户为预先在电子设备上注册过的用户。在电子设备的预设范围内存在第二用户时,电子设备确定第一个人数据的访问权限是否包含第二用户。在第一个人数据的访问权限包含第二用户时,电子设备对第一个人数据执行第一操作。在第一个人数据的访问权限未包含第二用户时,电子设备禁止对第一个人数据执行第一操作。在电子设备的预设范围内不存在第二用户时,电子设备对第一个人数据执行第一操作。In a possible implementation manner of the first aspect, the electronic device performing the first operation on the first personal data includes: the electronic device determines whether there is a second user within a preset range of the electronic device, and the second user is a preset user in the electronic device. Users registered on electronic devices. When the second user exists within the preset range of the electronic device, the electronic device determines whether the access authority of the first personal data includes the second user. When the access right of the first personal data includes the second user, the electronic device performs the first operation on the first personal data. When the access authority of the first personal data does not include the second user, the electronic device prohibits performing the first operation on the first personal data. When the second user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
其中,如果在电子设备的预设范围内存在第二用户,说明在电子设备对第一个人数据执行第一操作的过程中可能会被第二用户看到或听到一些使用者的私密信息。为了避免使用者的私密信息被泄露,电子设备还需要确定第一个人数据的访问权限是否包含第二用户,如果第一个人数据的访问权限包含第二用户,说明使用者预先赋予了第二用户关于第一个人数据的访问权限,无需担心私密信息泄露给第二用户,那么电子设备便可以对第一个人数据执行第一操作。如果第一个人数据的访问权限未包含第二用户,说明使用者预先未赋予第二用户关于第一个人数据的访问权限,那么电子设备便禁止对第一个人数据执行第一操作,以避免在电子设备对第一个人数据执行第一操作的过程中将第一个人数据泄露给第二用户。Wherein, if there is a second user within the preset range of the electronic device, it means that some private information of the user may be seen or heard by the second user during the process of the electronic device performing the first operation on the first personal data. . In order to prevent the user's private information from being leaked, the electronic device also needs to determine whether the access authority of the first personal data includes the second user. With regard to the access authority of the first personal data, the second user does not need to worry about the leakage of private information to the second user, then the electronic device can perform the first operation on the first personal data. If the access right of the first personal data does not include the second user, it means that the user has not given the second user the access right to the first personal data in advance, then the electronic device prohibits the first operation on the first personal data, In order to avoid leaking the first personal data to the second user during the process of performing the first operation on the first personal data by the electronic device.
在第一方面的一种可能的实现方式中,电子设备对第一个人数据执行第一操作包括:电子设备确定在电子设备的预设范围内是否存在第三用户,第三用户为未在电子设备上注册过的用户。在电子设备的预设范围内存在第三用户时,电子设备禁止对第一个人数据执行第一操作。在电子设备的预设范围内不存在第三用户时,电子设备对第一个人数据执行第一操作。In a possible implementation manner of the first aspect, the electronic device performing the first operation on the first personal data includes: the electronic device determines whether there is a third user within a preset range of the electronic device, and the third user is not in the Users registered on electronic devices. When a third user exists within a preset range of the electronic device, the electronic device prohibits the electronic device from performing the first operation on the first personal data. When the third user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
其中,如果在电子设备的预设范围内存在第三用户,说明在电子设备对第一个人数据执行第一操作的过程中可能会被第三用户看到或听到一些使用者的私密信息。而且,在第三用户为未注册用户时,说明使用者预先未赋予第三用户关于第一个人数据的操作权限,那么电子设备便禁止对第一个人数据执行第一操作,以避免在电子设备对第一个人数据执行第一操作的过程中将第一个人数据泄露给第三用户。Wherein, if there is a third user within the preset range of the electronic device, it means that some private information of the user may be seen or heard by the third user during the process of the electronic device performing the first operation on the first personal data . Moreover, when the third user is an unregistered user, it means that the user has not given the third user the right to operate on the first personal data in advance, then the electronic device prohibits the first operation on the first personal data to avoid During the process of performing the first operation on the first personal data by the electronic device, the first personal data is leaked to the third user.
在第一方面的一种可能的实现方式中,在使用者的用户身份为第一用户时,电子设备对第一个人数据执行第一操作包括:电子设备确定第一置信度,第一置信度为使用者当前的人体特征与电子设备中预先存储的第一用户的人体特征之间的相似程度。电子设备获取 第一个人数据的第一隐私级别,第一隐私级别用于指示第一个人数据的隐私程度。电子设备获取预先建立的置信度与隐私级别的第一映射关系。电子设备根据第一映射关系确定第一置信度对应的隐私级别集合,隐私级别集合包含至少一个隐私级别。电子设备判断隐私级别集合是否包含第一隐私级别。在隐私级别集合包含第一隐私级别时,电子设备对第一个人数据执行第一操作。在隐私级别集合未包含第一隐私级别时,电子设备禁止对第一个人数据执行第一操作。In a possible implementation manner of the first aspect, when the user identity of the user is the first user, the electronic device performing the first operation on the first personal data includes: the electronic device determines a first confidence level, the first confidence The degree is the degree of similarity between the user's current human body feature and the first user's human body feature pre-stored in the electronic device. The electronic device acquires the first privacy level of the first personal data, where the first privacy level is used to indicate the degree of privacy of the first personal data. The electronic device acquires a pre-established first mapping relationship between the confidence level and the privacy level. The electronic device determines a privacy level set corresponding to the first confidence level according to the first mapping relationship, where the privacy level set includes at least one privacy level. The electronic device determines whether the set of privacy levels includes the first privacy level. When the set of privacy levels includes the first privacy level, the electronic device performs the first operation on the first personal data. When the set of privacy levels does not include the first privacy level, the electronic device prohibits performing the first operation on the first personal data.
其中,电子设备通过使用者的第一置信度确定可以为使用者提供个人数据的隐私级别。如果第一置信度越高,说明使用者是第一用户的可能性非常大,电子设备允许使用者操作隐私级别较高的个人数据。如果第一置信度越低,说明使用者是第一用户的可能性非常低,电子设备允许使用者操作隐私级别较低的个人数据。因此,本申请实施例可以避免将隐私级别较高的个人数据泄露给置信度较低的使用者,从而保证了用户的个人数据的安全性。Wherein, the electronic device determines the privacy level that can provide the user with personal data according to the first confidence level of the user. If the first confidence level is higher, it indicates that the user is very likely to be the first user, and the electronic device allows the user to operate personal data with a higher privacy level. If the first confidence level is lower, it means that the possibility of the user being the first user is very low, and the electronic device allows the user to operate personal data with a lower privacy level. Therefore, the embodiments of the present application can avoid leaking personal data with a higher privacy level to a user with a lower confidence level, thereby ensuring the security of the user's personal data.
在第一方面的一种可能的实现方式中,电子设备接收使用者发出的第二指令,第二指令用于指示电子设备删除第一用户的全部个人数据。电子设备确定使用者的用户身份。在使用者的用户身份为第一用户或管理员时,电子设备确定用于存储第一密钥的第一存储区域,第一密钥为对第一用户的个人数据进行加密的密钥。电子设备利用安全删除方法在第一存储区域内删除第一密钥,安全删除方法为删除第一密钥后可防止第一密钥恢复的删除方法。电子设备删除被第一密钥加密过的第一用户的全部个人数据。In a possible implementation manner of the first aspect, the electronic device receives a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user. The electronic device determines the user's user identity. When the user's user identity is the first user or the administrator, the electronic device determines a first storage area for storing the first key, which is a key for encrypting the personal data of the first user. The electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted. The electronic device deletes all personal data of the first user encrypted by the first key.
其中,电子设备中存储有被第一密钥加密过的第一用户的全部个人数据,在电子设备销户、借用、维修或丢失等场景下,为了避免电子设备内的个人数据泄露给其他人,电子设备通过消除第一密钥的方式避免非法用户获取到第一密钥。即使非法用户通过非法手段将已经被删除的被第一密钥加密过的第一用户的全部个人数据恢复至电子设备的存储区域中,由于非法用户无法获取到第一密钥,所以无法对被第一密钥加密过的第一用户的全部个人数据进行解密操作。因此,本申请实施例可以避免用户的隐私被泄露。Among them, all personal data of the first user encrypted by the first key are stored in the electronic device, in order to prevent the personal data in the electronic device from being leaked to other people in the scenario of selling out, borrowing, repairing or losing the electronic device , the electronic device avoids illegal users from obtaining the first key by eliminating the first key. Even if the illegal user restores all the deleted personal data of the first user encrypted by the first key to the storage area of the electronic device by illegal means, since the illegal user cannot obtain the first key, he cannot All personal data of the first user encrypted by the first key is decrypted. Therefore, the embodiment of the present application can prevent the user's privacy from being leaked.
在第一方面的一种可能的实现方式中,第一操作为输入操作,第一个人数据的操作权限为输入权限,使用者的用户身份为第一用户。电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作包括:电子设备确定第一个人数据的输入权限包括第一用户。电子设备获取第一用户对应的第一密钥,第一密钥为对第一用户的个人数据进行加密的密钥。电子设备利用第一密钥对第一个人数据进行加密得到加密后的第一个人数据。电子设备建立第一用户、第二隐私级别和加密后的第一个人数据之间的第二映射关系,第二隐私级别为与第一个人数据对应的隐私级别。电子设备存储第二映射关系。In a possible implementation manner of the first aspect, the first operation is an input operation, the operation authority of the first personal data is the input authority, and the user identity of the user is the first user. The electronic device determining whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data includes: the electronic device determining that the input authority of the first personal data includes the first user. The electronic device acquires a first key corresponding to the first user, where the first key is a key for encrypting personal data of the first user. The electronic device encrypts the first personal data with the first key to obtain encrypted first personal data. The electronic device establishes a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data, where the second privacy level is a privacy level corresponding to the first personal data. The electronic device stores the second mapping relationship.
其中,本申请实施例在存储个人数据的过程中,不仅会对个人数据进行加密,而且还会存储该个人数据对应的隐私级别和用户身份,以便于在读取个人数据的时候可以通过用户身份找到个人数据,以及在读取个人数据的时候可以确定该个人数据对应的隐私级别。Among them, in the process of storing personal data, the embodiment of this application not only encrypts the personal data, but also stores the privacy level and user identity corresponding to the personal data, so that when reading personal data, the user identity can be read Personal data is found, and the privacy level corresponding to the personal data can be determined when the personal data is read.
在第一方面的一种可能的实现方式中,第一操作为输入操作、输出操作、修改操作或删除操作。In a possible implementation manner of the first aspect, the first operation is an input operation, an output operation, a modification operation or a deletion operation.
在第一方面的一种可能的实现方式中,电子设备接收使用者发出的第三指令,第三指令用于指示电子设备配置用户集合对个人数据集合的访问权限,个人数据集合包括第一用 户的至少一个个人数据,用户集合包括预先在电子设备注册过的至少一个用户。电子设备确定使用者的用户身份为第一用户。电子设备配置用户集合中每个用户对个人数据集合中每个个人数据的访问权限。In a possible implementation manner of the first aspect, the electronic device receives a third instruction sent by the user, where the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, and the personal data set includes the first user At least one personal data of the user set includes at least one user registered in the electronic device in advance. The electronic device determines the user identity of the user as the first user. The electronic device configures the access rights of each user in the user set to each personal data in the personal data set.
其中,第一用户可以在电子设备上配置自己的个人数据是否可以被其他的注册用户访问。如果第一用户允许其他注册用户访问自己的个人数据,那么第一用户可以添加其他注册用户对自己的个人数据的访问权限。如果第一用户不允许其他注册用户访问自己的个人数据,那么第一用户可以删除其他注册用户对自己的个人数据的访问权限。因此,本申请实施例可以使第一用户灵活的配置其他注册用户对自己的个人数据的访问权限。The first user can configure whether his personal data can be accessed by other registered users on the electronic device. If the first user allows other registered users to access his own personal data, then the first user can add the access rights of other registered users to his own personal data. If the first user does not allow other registered users to access his own personal data, the first user can delete the access rights of other registered users to his own personal data. Therefore, the embodiment of the present application can enable the first user to flexibly configure the access rights of other registered users to his own personal data.
在第一方面的一种可能的实现方式中,电子设备配置用户集合对个人数据集合中每个个人数据的访问权限包括:电子设备添加用户集合中每个用户对个人数据集合中每个个人数据的访问权限。或者,电子设备删除用户集合中每个用户对个人数据集合中每个个人数据的访问权限。In a possible implementation manner of the first aspect, configuring the access rights of the user set to each personal data in the personal data set by the electronic device includes: adding the electronic device to each user in the user set to each personal data in the personal data set access rights. Alternatively, the electronic device deletes the access rights of each user in the user set to each personal data in the personal data set.
第二方面,本申请实施例提供了一种电子设备,该电子设备包括:接收模块,用于接收使用者发出的第一指令,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户。处理模块,用于确定使用者的用户身份。获取第一个人数据的操作权限,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份。根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。In a second aspect, an embodiment of the present application provides an electronic device, the electronic device includes: a receiving module configured to receive a first instruction sent by a user, where the first instruction is used to instruct the electronic device to respond to the first user's first The first operation is performed on the personal data, and the first user is a user registered on the electronic device in advance. The processing module is used to determine the user identity of the user. The operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
在第二方面的一种可能的实现方式中,处理模块,具体用于确定第一个人数据的操作权限是否包含使用者的用户身份。在第一个人数据的操作权限包含使用者的用户身份时,电子设备对第一个人数据执行第一操作。在第一个人数据的操作权限未包含使用者的用户身份时,电子设备禁止对第一个人数据执行第一操作。In a possible implementation manner of the second aspect, the processing module is specifically configured to determine whether the operation authority of the first personal data includes the user identity of the user. When the operation authority of the first personal data includes the user identity of the user, the electronic device performs the first operation on the first personal data. When the operation authority of the first personal data does not include the user identity of the user, the electronic device prohibits performing the first operation on the first personal data.
在第二方面的一种可能的实现方式中,处理模块,具体用于确定在电子设备的预设范围内是否存在第二用户,第二用户为预先在电子设备上注册过的用户。在电子设备的预设范围内存在第二用户时,电子设备确定第一个人数据的访问权限是否包含第二用户。在第一个人数据的访问权限包含第二用户时,电子设备对第一个人数据执行第一操作。在第一个人数据的访问权限未包含第二用户时,电子设备禁止对第一个人数据执行第一操作。在电子设备的预设范围内不存在第二用户时,电子设备对第一个人数据执行第一操作。In a possible implementation manner of the second aspect, the processing module is specifically configured to determine whether there is a second user within a preset range of the electronic device, where the second user is a user registered on the electronic device in advance. When the second user exists within the preset range of the electronic device, the electronic device determines whether the access authority of the first personal data includes the second user. When the access right of the first personal data includes the second user, the electronic device performs the first operation on the first personal data. When the access authority of the first personal data does not include the second user, the electronic device prohibits performing the first operation on the first personal data. When the second user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
在第二方面的一种可能的实现方式中,处理模块,具体用于确定在电子设备的预设范围内是否存在第三用户,第三用户为未在电子设备上注册过的用户。在电子设备的预设范围内存在第三用户时,电子设备禁止对第一个人数据执行第一操作。在电子设备的预设范围内不存在第三用户时,电子设备对第一个人数据执行第一操作。In a possible implementation manner of the second aspect, the processing module is specifically configured to determine whether there is a third user within a preset range of the electronic device, where the third user is a user who has not been registered on the electronic device. When a third user exists within a preset range of the electronic device, the electronic device prohibits the electronic device from performing the first operation on the first personal data. When the third user does not exist within the preset range of the electronic device, the electronic device performs the first operation on the first personal data.
在第二方面的一种可能的实现方式中,处理模块,具体用于确定第一置信度,第一置信度为使用者当前的人体特征与电子设备中预先存储的第一用户的人体特征之间的相似程度。获取第一个人数据的第一隐私级别,第一隐私级别用于指示第一个人数据的隐私程度。获取预先建立的置信度与隐私级别的第一映射关系。根据第一映射关系确定第一置信度对应的隐私级别集合,隐私级别集合包含至少一个隐私级别。判断隐私级别集合是否包含第一隐私级别。在隐私级别集合包含第一隐私级别时,电子设备对第一个人数据执行第一操作。在隐私级别集合未包含第一隐私级别时,电子设备禁止对第一个人数据执行第一 操作。In a possible implementation manner of the second aspect, the processing module is specifically configured to determine a first confidence level, where the first confidence level is the difference between the user's current human body feature and the first user's human body feature pre-stored in the electronic device similarity between. The first privacy level of the first personal data is obtained, where the first privacy level is used to indicate the privacy degree of the first personal data. A pre-established first mapping relationship between confidence levels and privacy levels is acquired. A privacy level set corresponding to the first confidence level is determined according to the first mapping relationship, where the privacy level set includes at least one privacy level. It is judged whether the set of privacy levels includes the first privacy level. When the set of privacy levels includes the first privacy level, the electronic device performs the first operation on the first personal data. When the set of privacy levels does not contain the first privacy level, the electronic device prohibits performing the first operation on the first personal data.
在第二方面的一种可能的实现方式中,处理模块,还用于接收使用者发出的第二指令,第二指令用于指示电子设备删除第一用户的全部个人数据。确定使用者的用户身份。在使用者的用户身份为第一用户或管理员时,电子设备确定用于存储第一密钥的第一存储区域,第一密钥为对第一用户的个人数据进行加密的密钥。电子设备利用安全删除方法在第一存储区域内删除第一密钥,安全删除方法为删除第一密钥后可防止第一密钥恢复的删除方法。删除被第一密钥加密过的第一用户的全部个人数据。In a possible implementation manner of the second aspect, the processing module is further configured to receive a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user. Determine the user's user identity. When the user's user identity is the first user or the administrator, the electronic device determines a first storage area for storing the first key, which is a key for encrypting the personal data of the first user. The electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted. Delete all personal data of the first user encrypted by the first key.
在第二方面的一种可能的实现方式中,处理模块,具体用于确定第一个人数据的输入权限包括第一用户。获取第一用户对应的第一密钥,第一密钥为对第一用户的个人数据进行加密的密钥。利用第一密钥对第一个人数据进行加密得到加密后的第一个人数据。建立第一用户、第二隐私级别和加密后的第一个人数据之间的第二映射关系,第二隐私级别为与第一个人数据对应的隐私级别。存储第二映射关系。In a possible implementation manner of the second aspect, the processing module is specifically configured to determine that the input authority of the first personal data includes the first user. A first key corresponding to the first user is obtained, where the first key is a key for encrypting personal data of the first user. The first personal data is encrypted by using the first key to obtain encrypted first personal data. A second mapping relationship between the first user, the second privacy level, and the encrypted first personal data is established, where the second privacy level is a privacy level corresponding to the first personal data. The second mapping relationship is stored.
在第二方面的一种可能的实现方式中,第一操作为输入操作、输出操作、修改操作或删除操作。In a possible implementation manner of the second aspect, the first operation is an input operation, an output operation, a modification operation or a deletion operation.
在第二方面的一种可能的实现方式中,处理模块,还用于接收使用者发出的第三指令,第三指令用于指示电子设备配置用户集合对个人数据集合的访问权限,个人数据集合包括第一用户的至少一个个人数据,用户集合包括预先在电子设备注册过的至少一个用户。确定使用者的用户身份为第一用户。配置用户集合中每个用户对个人数据集合中每个个人数据的访问权限。In a possible implementation manner of the second aspect, the processing module is further configured to receive a third instruction sent by the user, where the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, and the personal data set At least one personal data of the first user is included, and the user set includes at least one user registered in the electronic device in advance. The user identity of the user is determined as the first user. Configure the access rights of each user in the user collection to each personal data in the personal data collection.
在第二方面的一种可能的实现方式中,处理模块,具体用于添加用户集合中每个用户对个人数据集合中每个个人数据的访问权限。或者,处理模块,具体用于删除用户集合中每个用户对个人数据集合中每个个人数据的访问权限。In a possible implementation manner of the second aspect, the processing module is specifically configured to add the access authority of each user in the user set to each personal data in the personal data set. Or, the processing module is specifically configured to delete the access rights of each user in the user set to each personal data in the personal data set.
第三方面,本申请实施例提供了一种电子设备,该电子设备包括存储器和与存储器连接的处理器,存储器用于存储指令。处理器用于执行指令,以使计算机设备执行以下操作:接收使用者发出的第一指令,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户。确定使用者的用户身份。获取第一个人数据的操作权限,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份。根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。In a third aspect, an embodiment of the present application provides an electronic device, the electronic device includes a memory and a processor connected to the memory, and the memory is used for storing instructions. The processor is used for executing the instruction, so that the computer device performs the following operations: receiving the first instruction issued by the user, the first instruction is used for instructing the electronic device to perform the first operation on the first personal data of the first user, and the first user is Users pre-registered on electronic devices. Determine the user's user identity. The operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
附图说明Description of drawings
图1所示的为本申请实施例提供的一种场景示意图;FIG. 1 is a schematic diagram of a scenario provided by an embodiment of the present application;
图2所示的为本申请实施例提供的一种安全交互方法的流程图;FIG. 2 is a flowchart of a security interaction method provided by an embodiment of the present application;
图3所示的为本申请实施例提供的另一种安全交互方法的流程图;FIG. 3 is a flowchart of another security interaction method provided by an embodiment of the present application;
图4所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 4 is a flowchart of another security interaction method provided by an embodiment of the present application;
图5所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 5 is a flowchart of another security interaction method provided by an embodiment of the present application;
图6所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 6 is a flowchart of another security interaction method provided by an embodiment of the present application;
图7所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 7 is a flowchart of another security interaction method provided by an embodiment of the present application;
图8所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 8 is a flowchart of another security interaction method provided by an embodiment of the present application;
图9所示的为本申请实施例提供的又一种安全交互方法的流程图;FIG. 9 is a flowchart of another security interaction method provided by an embodiment of the present application;
图10所示的为本申请实施例提供的一种电子设备的示意图;FIG. 10 is a schematic diagram of an electronic device provided by an embodiment of the present application;
图11所示的为本申请实施例提供的另一种电子设备的示意图;FIG. 11 is a schematic diagram of another electronic device provided by an embodiment of the present application;
图12所示的为本申请实施例提供的又一种电子设备的示意图。FIG. 12 is a schematic diagram of yet another electronic device according to an embodiment of the present application.
具体实施方式detailed description
请参见图1所示,图1所示的为本申请实施例提供的一种场景示意图。图1所示的场景示意图展示了智能机器人100、智能手机200、云端服务器300、用户400和网络500,其中,图1所示的智能机器人100能够执行本申请实施例提供的安全交互方法。具体的,智能机器人100、智能手机200和云端服务器300之间可以通过网络500建立通信连接。当然,智能机器人100与智能手机200也可以通过蓝牙等方式建立通信连接。Please refer to FIG. 1 , which is a schematic diagram of a scenario provided by an embodiment of the present application. The scenario diagram shown in FIG. 1 shows an intelligent robot 100, a smartphone 200, a cloud server 300, a user 400, and a network 500, wherein the intelligent robot 100 shown in FIG. 1 can execute the secure interaction method provided by the embodiment of the present application. Specifically, a communication connection can be established between the intelligent robot 100 , the smartphone 200 and the cloud server 300 through the network 500 . Of course, the intelligent robot 100 and the smart phone 200 can also establish a communication connection by means of Bluetooth or the like.
在图1所示的示例中,智能机器人100可以包括处理器、麦克风、摄像头、触摸显示屏、扬声器、传感器和多种通信接口等。智能机器人100可以具备语音识别和人脸识别等能力,例如,语音合成(text to speech,TTS)、自动语音识别(automatic speech recognition,ASR)、声纹识别(voice print recognition,VPR)、自然语言处理(natural language processing,NLP)、人脸识别、声源定位和人脸跟踪等能力。In the example shown in FIG. 1, the intelligent robot 100 may include a processor, a microphone, a camera, a touch display screen, a speaker, a sensor, and various communication interfaces, among others. The intelligent robot 100 may be capable of speech recognition and face recognition, for example, speech synthesis (text to speech, TTS), automatic speech recognition (automatic speech recognition, ASR), voice print recognition (voice print recognition, VPR), natural language Processing (natural language processing, NLP), face recognition, sound source localization and face tracking capabilities.
云端服务器300包括人工智能服务器和业务服务器。其中,人工智能服务器可以提供语音识别和人脸识别等能力,业务服务器可以为智能机器人100上的应用软件和智能手机200上的应用软件提供相关的服务。The cloud server 300 includes an artificial intelligence server and a business server. The artificial intelligence server may provide capabilities such as speech recognition and face recognition, and the service server may provide related services for the application software on the intelligent robot 100 and the application software on the smart phone 200 .
智能手机200安装有控制智能机器人100的应用软件,以使用户400可以通过智能手机200向智能机器人100发送控制指令,也可以通过智能手机200向智能机器人100输入用户400的个人信息。The smartphone 200 is installed with application software for controlling the intelligent robot 100 , so that the user 400 can send control commands to the intelligent robot 100 through the smartphone 200 , and can also input personal information of the user 400 to the intelligent robot 100 through the smartphone 200 .
在用户400使用智能机器人100的过程中,会在智能机器人100中存储大量的个人数据。在多个用户同时使用智能机器人100的时候,如何保证每个用户的个人数据的私密性和安全性尤为重要。下面将介绍一种安全交互方法,该安全交互方法可以在多个用户同时使用一台智能机器人100的时候,保证每个用户的个人数据的私密性和安全性。During the process of using the intelligent robot 100 by the user 400 , a large amount of personal data will be stored in the intelligent robot 100 . When multiple users use the intelligent robot 100 at the same time, how to ensure the privacy and security of each user's personal data is particularly important. The following will introduce a security interaction method, which can ensure the privacy and security of each user's personal data when multiple users use one intelligent robot 100 at the same time.
请参见图2所示,图2所示的为本申请实施例提供的一种安全交互方法的流程图。图2所示的安全交互方法可以应用于电子设备中,电子设备可以为智能机器人、智慧屏、智能音箱和智能安防产品等设备。图2所示的方法包括以下步骤S101至S104。Please refer to FIG. 2, which is a flowchart of a secure interaction method provided by an embodiment of the present application. The security interaction method shown in FIG. 2 can be applied to electronic devices, and the electronic devices can be devices such as smart robots, smart screens, smart speakers, and smart security products. The method shown in FIG. 2 includes the following steps S101 to S104.
S101、电子设备接收使用者发出的第一指令。S101. The electronic device receives a first instruction sent by a user.
其中,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户,第一操作可以为输入操作、输出操作、修改操作或删除操作,使用者可以为第一用户、其他的已注册用户或未注册用户。The first instruction is used to instruct the electronic device to perform a first operation on the first personal data of the first user, the first user is a user who has been registered on the electronic device in advance, and the first operation may be an input operation, an output operation, For modification operation or deletion operation, the user can be the first user, other registered users or unregistered users.
例如,请结合图1所示,假设用户400是预先在智能机器人100上注册过的用户,用户400想要在智能机器人100上查看自己一周内的日程安排,那么用户400可以向智能机器人100发送语音指令,该语音指令具体可以为“请显示一周内的日程安排”。For example, referring to FIG. 1 , assuming that the user 400 is a user who has registered on the intelligent robot 100 in advance, and the user 400 wants to check his schedule for the week on the intelligent robot 100, the user 400 can send the information to the intelligent robot 100 A voice command, the voice command may specifically be "please display the schedule within a week".
又如,请结合图1所示,假设用户400是预先在智能机器人100上注册过的用户,用户400想要在智能机器人100上查看第一用户的出生日期,那么用户400可以向智能机器人100发送语音指令,该语音指令具体可以为“请显示出第一用户的出生日期”。For another example, please refer to FIG. 1 , assuming that the user 400 is a user who has registered on the intelligent robot 100 in advance, and the user 400 wants to check the date of birth of the first user on the intelligent robot 100 , then the user 400 can ask the intelligent robot 100 Send a voice command, the voice command may specifically be "please display the date of birth of the first user".
再如,请结合图1所示,假设用户400是未在智能机器人100上注册过的用户,用户400想要在智能机器人100上查看第一用户的电话号码,那么用户400可以向智能机器人 100发送语音指令,该语音指令具体可以为“请显示出第一用户的电话号码”。For another example, please refer to FIG. 1 , assuming that the user 400 is a user who has not registered on the intelligent robot 100 , and the user 400 wants to check the phone number of the first user on the intelligent robot 100 , then the user 400 can ask the intelligent robot 100 Send a voice command, the voice command may specifically be "please display the phone number of the first user".
S102、电子设备确定使用者的用户身份。S102, the electronic device determines the user identity of the user.
其中,使用者的用户身份指的是预先在电子设备内注册的用户或未在电子设备内注册过的用户。The user identity of the user refers to a user who is pre-registered in the electronic device or a user who has not been registered in the electronic device.
本申请实施例存在多种方式来确定使用者的用户身份。例如,电子设备可以通过验证使用者输入的账号和密码确定使用者的用户身份。又如,电子设备还可以通过识别使用者的手指的指纹来确定使用者的用户身份。再如,电子设备还可以通过人脸识别、声纹识别或人脸识别结合声纹识别来确定使用者的用户身份。There are various ways to determine the user identity of the user in this embodiment of the present application. For example, the electronic device can determine the user identity of the user by verifying the account and password input by the user. For another example, the electronic device can also determine the user identity of the user by recognizing the fingerprint of the user's finger. For another example, the electronic device can also determine the user identity of the user through face recognition, voiceprint recognition, or face recognition combined with voiceprint recognition.
电子设备既可以利用自身的硬件来确定使用者的用户身份,也可以利用云端服务器来确定使用者的用户身份。例如,在电子设备获取到使用者的人脸图像和使用者的声纹特征以后,如果电子设备具有人脸图像和声纹特征的识别能力,那么电子设备会优先利用自身的识别能力确定使用者的用户身份。如果电子设备不具有人脸图像和声纹特征的识别能力,那么电子设备会将获取到的使用者的人脸图像和使用者的声纹特征发送给云端服务器,云端服务器会利用自身的识别能力对使用者的人脸图像和使用者的声纹特征进行相应的识别,云端服务器会将识别结果反馈给电子设备,以使电子设备根据识别结果确定使用者的用户身份。The electronic device can use its own hardware to determine the user identity of the user, and can also use the cloud server to determine the user identity of the user. For example, after the electronic device obtains the user's face image and the user's voiceprint features, if the electronic device has the recognition capability of the face image and voiceprint features, the electronic device will preferentially use its own recognition capability to determine the user user identity. If the electronic device does not have the ability to recognize face images and voiceprint features, the electronic device will send the acquired user's face image and user's voiceprint features to the cloud server, and the cloud server will use its own recognition capabilities. The user's face image and the user's voiceprint feature are correspondingly recognized, and the cloud server will feed back the recognition result to the electronic device, so that the electronic device can determine the user's user identity according to the recognition result.
下面介绍一种电子设备确定使用者的用户身份的具体方法,该方法包括A1021至A1023。The following introduces a specific method for the electronic device to determine the user identity of the user, and the method includes A1021 to A1023.
A1021、电子设备获取使用者发出的第一语音。A1021. The electronic device acquires the first voice sent by the user.
其中,第一语音为使用者在说话时发出的声音。Wherein, the first voice is the voice made by the user when speaking.
A1022、电子设备提取第一语音的声音特征。A1022. The electronic device extracts the sound feature of the first speech.
其中,第一语音的声音特征具体包括声学特征、词法特征、韵律特征、语种、方言特征和口音特征等。The sound features of the first speech specifically include acoustic features, lexical features, prosody features, language types, dialect features, accent features, and the like.
A1023、电子设备利用预先生成的声纹识别模型确定第一语音的声音特征对应的使用者的用户身份。A1023. The electronic device uses a pre-generated voiceprint recognition model to determine the user identity of the user corresponding to the sound feature of the first voice.
其中,在A1023中提到的声纹识别模型可以按照以下方法生成,该方法包括:首先,电子设备通过麦克风获取用户发出的语音。然后,电子设备提取用户发出的语音中的声音特征。其次,电子设备利用预设训练方法对语音中的声音特征进行训练得到声纹识别模型。Wherein, the voiceprint recognition model mentioned in A1023 can be generated according to the following method. The method includes: first, the electronic device acquires the voice made by the user through a microphone. Then, the electronic device extracts the sound features in the voice uttered by the user. Secondly, the electronic device uses a preset training method to train the sound features in the speech to obtain a voiceprint recognition model.
预设训练方法可以为马尔可夫模型方法、聚类方法、神经网络方法、最近邻方法或多项式分类器方法等。使用电子设备的每个用户都需要按照上述训练声纹识别模型的方法来训练声纹识别模型,以使训练完成的声纹识别模型能够识别出每个用户的声音特征。The preset training method may be a Markov model method, a clustering method, a neural network method, a nearest neighbor method, or a polynomial classifier method. Each user using the electronic device needs to train the voiceprint recognition model according to the above method for training the voiceprint recognition model, so that the trained voiceprint recognition model can recognize the voice features of each user.
下面介绍另一种电子设备确定使用者的用户身份的具体方法,该方法包括B1021至B1023。The following introduces another specific method for the electronic device to determine the user identity of the user, and the method includes B1021 to B1023.
B1021、电子设备获取使用者的第一人脸图像。B1021. The electronic device acquires a first face image of the user.
其中,电子设备可以通过摄像头采集使用者的第一人脸图像,第一人脸图像需要具有使用者的五官图像。Wherein, the electronic device can collect the first face image of the user through a camera, and the first face image needs to have an image of the user's facial features.
B1022、电子设备提取第一人脸图像中的第一人脸特征。B1022. The electronic device extracts the first face feature in the first face image.
其中,第一人脸特征包括但不限于直方图特征、颜色特征、模板特征、结构特征和哈尔特征(Haar-like features)等。The first face features include but are not limited to histogram features, color features, template features, structural features, Haar-like features, and the like.
B1023、电子设备利用预先生成的人脸识别模型确定第一人脸特征对应的使用者的用户身份。B1023. The electronic device uses a pre-generated face recognition model to determine the user identity of the user corresponding to the first face feature.
其中,在B1023中提到的人脸识别模型可以按照以下方法生成,该方法包括:首先,电子设备通过摄像头获取用户的人脸图像。然后,电子设备提取人脸图像中的人脸特征。其次,电子设备利用预设学习方法对人脸图像中的人脸特征进行训练得到人脸识别模型。Wherein, the face recognition model mentioned in B1023 can be generated according to the following method, and the method includes: first, the electronic device obtains the face image of the user through a camera. Then, the electronic device extracts the facial features in the facial image. Secondly, the electronic device uses a preset learning method to train the face features in the face image to obtain a face recognition model.
预设学习方法可以为深度学习算法、神经网络算法或支持向量机(support vector machine,SVM)算法等。使用电子设备的每个用户都需要按照上述训练人脸识别模型的方法来训练人脸识别模型,以使训练完成的人脸识别模型能够识别出每个用户的人脸图像。The preset learning method can be a deep learning algorithm, a neural network algorithm, or a support vector machine (support vector machine, SVM) algorithm, or the like. Each user using the electronic device needs to train the face recognition model according to the above method for training the face recognition model, so that the trained face recognition model can recognize the face image of each user.
下面介绍另一种电子设备确定使用者的用户身份的具体方法,该方法包括C1021至C1027。The following introduces another specific method for the electronic device to determine the user identity of the user, and the method includes C1021 to C1027.
C1021、电子设备获取使用者的第一人脸图像和使用者发出的第一语音。C1021. The electronic device acquires the first face image of the user and the first voice uttered by the user.
C1022、电子设备提取第一语音的声音特征。C1022. The electronic device extracts the sound feature of the first voice.
C1023、电子设备提取第一人脸图像中的第一人脸特征。C1023. The electronic device extracts the first face feature in the first face image.
C1024、电子设备利用预先生成的声纹识别模型计算第一语音的声音特征的声纹置信度。C1024. The electronic device uses the pre-generated voiceprint recognition model to calculate the voiceprint confidence of the sound feature of the first speech.
其中,声纹置信度用于指示第一语音的声音特征与第一用户的声音特征的相似程度。The voiceprint confidence level is used to indicate the degree of similarity between the voice feature of the first voice and the voice feature of the first user.
C1025、电子设备利用预先生成的人脸识别模型计算第一人脸特征的人脸置信度。C1025. The electronic device uses the pre-generated face recognition model to calculate the face confidence of the first face feature.
其中,人脸置信度用于指示第一人脸特征与第一用户的人脸特征的相似程度。The face confidence level is used to indicate the degree of similarity between the first face feature and the face feature of the first user.
C1026、电子设备根据声纹置信度和人脸置信度计算综合置信度。C1026. The electronic device calculates a comprehensive confidence level according to the voiceprint confidence level and the face confidence level.
C1027、在综合置信度大于阈值时,电子设备确定使用者的用户身份为第一用户。C1027. When the comprehensive confidence level is greater than the threshold, the electronic device determines that the user identity of the user is the first user.
具体的,综合置信度=(V×S)÷{1-[V×(1-S)+S×(1-V)]},其中,V为人脸置信度,S为声纹置信度。Specifically, the comprehensive confidence level=(V×S)÷{1-[V×(1-S)+S×(1-V)]}, where V is the face confidence level, and S is the voiceprint confidence level.
例如,假设V=0.7,S=0.6,那么综合置信度=V×S÷{1-[V×(1-S)+S×(1-V)]}=0.77。For example, assuming V=0.7 and S=0.6, then the overall confidence level=V×S÷{1-[V×(1-S)+S×(1-V)]}=0.77.
S103、电子设备获取第一个人数据的操作权限。S103, the electronic device obtains the operation authority of the first personal data.
其中,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份,操作权限具体可以为输入权限、访问权限、修改权限或删除权限等,每个操作均会对应一个操作权限。Among them, the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. The operation authority can be input authority, access authority, modification authority or deletion authority, etc. Each operation corresponds to an operation permissions.
示例的,请结合表1所示,表1所示的为个人数据与多种操作权限的对应关系表。For example, please refer to Table 1, which is the correspondence table between personal data and various operation permissions.
用户身份user ID 个人数据personal data 输入权限Enter permissions 访问权限access permission 修改权限edit permission 删除权限remove permission
用户AUser A 银行卡信息bank card information 用户AUser A 用户AUser A 用户AUser A 用户AUser A
用户AUser A 电话号码telephone number 用户AUser A 用户A,用户BUser A, User B 用户AUser A 用户AUser A
用户AUser A 出生地点Birth place 用户AUser A 用户A,用户B,用户CUser A, User B, User C 用户AUser A 用户AUser A
表1Table 1
例如,结合表1的示例可知,假设第一个人数据为银行卡信息,第一操作为输出用户A的银行卡信息,如果使用者为用户A,那么电子设备可以根据第一指令输出用户A的银行卡信息。如果使用者为用户B、用户C或未注册用户,那么电子设备不会根据第一指令输出用户A的银行卡信息,电子设备会提醒使用者的访问权限不够,无法输出用户A的银行卡信息。For example, with reference to the examples in Table 1, assuming that the first personal data is bank card information, and the first operation is to output the bank card information of user A, if the user is user A, then the electronic device can output user A according to the first instruction bank card information. If the user is user B, user C or an unregistered user, the electronic device will not output user A's bank card information according to the first instruction, and the electronic device will remind the user that the access authority is insufficient to output user A's bank card information .
又如,结合表1的示例可知,假设第一个人数据为电话号码,第一操作为输出用户A的电话号码,如果使用者为用户A或用户B,那么电子设备可以根据第一指令输出用户A的电话号码。如果使用者为用户C或未注册用户,那么电子设备不会根据第一指令输出用户A的电话号码,电子设备会提醒使用者的访问权限不够,无法输出用户A的电话号码。For another example, in combination with the examples in Table 1, it can be seen that, assuming that the first personal data is a phone number, and the first operation is to output the phone number of user A, if the user is user A or user B, then the electronic device can output the phone number according to the first instruction. User A's phone number. If the user is user C or an unregistered user, the electronic device will not output user A's phone number according to the first instruction, and the electronic device will remind the user that the access authority is insufficient to output user A's phone number.
再如,结合表1的示例可知,假设第一个人数据为出生地点,第一操作为修改用户A的出生地点,如果使用者为用户A,那么电子设备允许使用者修改用户A的出生地点。如果使用者为用户B、用户C或未注册用户,那么电子设备不允许使用者修改用户A的出生地点,电子设备会提醒使用者的修改权限不够,无法修改用户A的出生地点。For another example, combined with the examples in Table 1, it can be seen that, assuming that the first personal data is the place of birth, and the first operation is to modify the place of birth of user A, if the user is user A, then the electronic device allows the user to modify the place of birth of user A. . If the user is user B, user C, or an unregistered user, the electronic device does not allow the user to modify the birthplace of user A, and the electronic device will remind the user that the modification authority is insufficient to modify the birthplace of user A.
S104、电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。S104, the electronic device determines whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
其中,根据上述表1的示例可以得知,电子设备在获取到使用者的用户身份和第一个人数据的操作权限以后,便可以确定是否对第一个人数据执行第一操作。Wherein, according to the example in Table 1 above, it can be known that after obtaining the user identity of the user and the operation authority of the first personal data, the electronic device can determine whether to perform the first operation on the first personal data.
在图2所示的实施例中,在电子设备接收使用者发出的第一指令时,说明使用者想让电子设备对第一用户的第一个人数据执行第一操作,电子设备会获取第一个人数据的操作权限,并确定使用者的用户身份。然后,电子设备根据使用者的用户身份和第一个人数据的操作权限确定使用者是否具有执行第一操作的权限,如果使用者具有执行第一操作的权限,那么电子设备会对第一个人数据执行第一操作,否则,电子设备不会对第一个人数据执行第一操作。因此,本申请实施例提供的安全交互方法可以保证每个用户的个人数据的私密性和安全性。In the embodiment shown in FIG. 2 , when the electronic device receives the first instruction sent by the user, it indicates that the user wants the electronic device to perform the first operation on the first personal data of the first user, and the electronic device will obtain the first command. The authority to operate on a person's data and determine the user identity of the user. Then, the electronic device determines whether the user has the authority to perform the first operation according to the user's user identity and the operation authority of the first personal data. The first operation is performed on the personal data, otherwise, the electronic device will not perform the first operation on the first personal data. Therefore, the secure interaction method provided by the embodiments of the present application can ensure the privacy and security of each user's personal data.
在图2所示的实施例中,在第一操作为输出操纵时,如果电子设备根据使用者的用户身份和第一个人数据的操作权限确定可以对第一个人数据执行输出操作,那么电子设备会先获取第一用户对应的第一密钥,第一密钥为专门对第一用户的个人数据进行加密的密钥。然后,电子设备会获取到预先被第一密钥加密的第一个人数据。其次,电子设备会利用第一密钥对被加密的第一个人数据进行解密得到第一个人数据。最后,电子设备便可以输出该第一个人数据。In the embodiment shown in FIG. 2 , when the first operation is an output manipulation, if the electronic device determines that the output operation can be performed on the first personal data according to the user's user identity and the operation authority of the first personal data, then The electronic device first obtains a first key corresponding to the first user, and the first key is a key for encrypting the personal data of the first user. Then, the electronic device will obtain the first personal data encrypted in advance by the first key. Secondly, the electronic device decrypts the encrypted first personal data by using the first key to obtain the first personal data. Finally, the electronic device can output the first personal data.
请参见图3所示,图3所示的为本申请实施例提供的另一种安全交互方法的流程图。图3所示的方法为图2的S104的细化步骤,具体为“电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作”的细化步骤。图3所示的方法包括以下步骤S201至S203。Please refer to FIG. 3 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 3 is the refinement step of S104 in FIG. 2 , and is specifically the step of “the electronic device determines whether to perform the first operation on the first personal data according to the user’s user identity and the operation authority of the first personal data”. refinement steps. The method shown in FIG. 3 includes the following steps S201 to S203.
S201、电子设备确定第一个人数据的操作权限是否包含使用者的用户身份。如果第一个人数据的操作权限包含使用者的用户身份,执行步骤S202;否则,执行步骤S203。S201. The electronic device determines whether the operation authority of the first personal data includes the user identity of the user. If the operation authority of the first personal data includes the user identity of the user, step S202 is performed; otherwise, step S203 is performed.
S202、电子设备对第一个人数据执行第一操作。S202, the electronic device performs a first operation on the first personal data.
S203、电子设备禁止对第一个人数据执行第一操作。S203, the electronic device prohibits performing the first operation on the first personal data.
示例的,请结合表1所示,如果第一个人数据为银行卡信息,第一个人数据的操作权限为访问权限,使用者的用户身份为用户A,在表1中可以看到银行卡信息的访问权限中包含用户A,那么电子设备对银行卡信息执行输出操作。For example, please refer to Table 1. If the first personal data is bank card information, the operation authority of the first personal data is access authority, and the user's user identity is User A. In Table 1, you can see that the bank User A is included in the access authority of the card information, then the electronic device performs an output operation on the bank card information.
示例的,请结合表1所示,如果第一个人数据为银行卡信息,第一个人数据的操作权限为访问权限,使用者的用户身份为用户B,在表1中可以看到银行卡信息的访问权限中未包含用户B,那么电子设备会禁止对银行卡信息执行输出操作。For example, please refer to Table 1. If the first personal data is bank card information, the operation authority of the first personal data is access authority, and the user's user identity is User B. In Table 1, you can see that the bank If user B is not included in the access authority of the card information, the electronic device will prohibit the output operation of the bank card information.
在图3所示的实施例中,电子设备通过确定第一个人数据的操作权限是否包含使用者的用户身份的方式,可以快速的确定是否对第一个人数据执行第一操作,所以电子设备的执行效率会更高。In the embodiment shown in FIG. 3, the electronic device can quickly determine whether to perform the first operation on the first personal data by determining whether the operation authority of the first personal data includes the user identity of the user, so the electronic device can quickly determine whether to perform the first operation on the first personal data. The device will perform more efficiently.
请参见图4所示,图4所示的为本申请实施例提供的又一种安全交互方法的流程图。图4所示的方法为图3的S202的细化步骤,具体为“电子设备对第一个人数据执行第一操作”的细化步骤。图4所示的方法包括以下步骤S301至S304。Please refer to FIG. 4 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 4 is the refinement step of S202 in FIG. 3 , and is specifically the refinement step of “the electronic device performs the first operation on the first personal data”. The method shown in FIG. 4 includes the following steps S301 to S304.
S301、电子设备确定在电子设备的预设范围内是否存在第二用户,在电子设备的预设范围内存在第二用户时,执行步骤S302;否则,执行步骤S303。S301. The electronic device determines whether there is a second user within the preset range of the electronic device, and when the second user exists within the preset range of the electronic device, perform step S302; otherwise, perform step S303.
其中,第二用户为预先在电子设备上注册过的用户,电子设备通过摄像头、麦克风阵列或传感器等硬件可以检测出在电子设备的预设范围内是否存在第二用户。电子设备的预设范围可以由用户根据实际情况来定义,例如,用户可以将电子设备的预设范围设定为以电子设备为圆心的3米以内。The second user is a user registered on the electronic device in advance, and the electronic device can detect whether there is a second user within a preset range of the electronic device through hardware such as a camera, a microphone array, or a sensor. The preset range of the electronic device can be defined by the user according to the actual situation. For example, the user can set the preset range of the electronic device to be within 3 meters with the electronic device as the center.
S302、电子设备确定第一个人数据的访问权限是否包含第二用户,在第一个人数据的访问权限包含第二用户时,执行步骤S303;否则,执行步骤S304。S302. The electronic device determines whether the access authority of the first personal data includes the second user, and when the access authority of the first personal data includes the second user, execute step S303; otherwise, execute step S304.
其中,如果在电子设备的预设范围内存在第二用户,说明在电子设备对第一个人数据执行第一操作的过程中可能会被第二用户看到或听到一些使用者的私密信息。为了避免使用者的私密信息被泄露,电子设备还需要确定第一个人数据的访问权限是否包含第二用户,如果第一个人数据的访问权限包含第二用户,说明使用者预先赋予了第二用户关于第一个人数据的访问权限,无需担心私密信息泄露给第二用户,那么电子设备便可以对第一个人数据执行第一操作。如果第一个人数据的访问权限未包含第二用户,说明使用者预先未赋予第二用户关于第一个人数据的访问权限,那么电子设备便禁止对第一个人数据执行第一操作,以避免在电子设备对第一个人数据执行第一操作的过程中将第一个人数据泄露给第二用户。Wherein, if there is a second user within the preset range of the electronic device, it means that some private information of the user may be seen or heard by the second user during the process of the electronic device performing the first operation on the first personal data. . In order to prevent the user's private information from being leaked, the electronic device also needs to determine whether the access authority of the first personal data includes the second user. With regard to the access authority of the first personal data, the second user does not need to worry about the leakage of private information to the second user, then the electronic device can perform the first operation on the first personal data. If the access right of the first personal data does not include the second user, it means that the user has not given the second user the access right to the first personal data in advance, then the electronic device prohibits the first operation on the first personal data, In order to avoid leaking the first personal data to the second user during the process of performing the first operation on the first personal data by the electronic device.
S303、电子设备对第一个人数据执行第一操作。S303, the electronic device performs a first operation on the first personal data.
S304、电子设备禁止对第一个人数据执行第一操作。S304, the electronic device prohibits performing the first operation on the first personal data.
示例的,请结合表1所示,如果第一个人数据为银行卡信息,第一个人数据的操作权限为访问权限,使用者的用户身份为用户A,在表1中可以看到银行卡信息的访问权限中包含用户A。此时,电子设备确定在电子设备的预设范围内是否存在第二用户,如果在电子设备的预设范围内存在第二用户且第二用户为用户B,那么电子设备确定第一个人数据的操作权限是否包含用户B。在表1中可以看到银行卡信息的访问权限中未包含用户B,电子设备禁止对银行卡信息执行输出操作,以避免将用户A的银行卡信息泄露给用户B。For example, please refer to Table 1. If the first personal data is bank card information, the operation authority of the first personal data is access authority, and the user's user identity is User A. In Table 1, you can see that the bank User A is included in the access authority of the card information. At this time, the electronic device determines whether there is a second user within the preset range of the electronic device, and if there is a second user within the preset range of the electronic device and the second user is user B, then the electronic device determines the first personal data Whether the operation authority of user B is included. In Table 1, it can be seen that user B is not included in the access authority of bank card information, and the electronic device prohibits the output operation of bank card information to avoid leaking user A's bank card information to user B.
示例的,请结合表1所示,如果第一个人数据为电话号码,第一个人数据的操作权限为访问权限,使用者的用户身份为用户A,在表1中可以看到电话号码的访问权限中包含用户A。此时,电子设备确定在电子设备的预设范围内是否存在第二用户,如果在电子设备的预设范围内存在第二用户且第二用户为用户B,那么电子设备确定第一个人数据的访问权限是否包含用户B。在表1中可以看到电话号码的访问权限中包含用户B,电子设备对电话号码执行输出操作。For example, please refer to Table 1. If the first personal data is a phone number, the operation authority of the first personal data is access authority, and the user's user identity is User A, the phone number can be seen in Table 1. User A is included in the access rights of . At this time, the electronic device determines whether there is a second user within the preset range of the electronic device, and if there is a second user within the preset range of the electronic device and the second user is user B, then the electronic device determines the first personal data Whether the access rights of user B are included. In Table 1, it can be seen that user B is included in the access authority of the phone number, and the electronic device performs an output operation on the phone number.
示例的,请结合表1所示,如果第一个人数据为电话号码,第一个人数据的操作权限为访问权限,使用者的用户身份为用户A,在表1中可以看到电话号码的访问权限中包含 用户A。此时,电子设备确定在电子设备的预设范围内是否存在第二用户,如果在电子设备的预设范围内不存在第二用户,那么电子设备对电话号码执行输出操作。For example, please refer to Table 1. If the first personal data is a phone number, the operation authority of the first personal data is access authority, and the user's user identity is User A, the phone number can be seen in Table 1. User A is included in the access rights of . At this time, the electronic device determines whether the second user exists within the preset range of the electronic device, and if the second user does not exist within the preset range of the electronic device, the electronic device performs an output operation on the phone number.
请参见图5所示,图5所示的为本申请实施例提供的又一种安全交互方法的流程图。图5所示的方法为图3的S202的细化步骤,具体为“电子设备对第一个人数据执行第一操作”的细化步骤。图5所示的方法包括以下步骤S401至S403。Please refer to FIG. 5 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 5 is the refinement step of S202 in FIG. 3 , and specifically is the refinement step of “the electronic device performs the first operation on the first personal data”. The method shown in FIG. 5 includes the following steps S401 to S403.
S401、电子设备确定在电子设备的预设范围内是否存在第三用户,在电子设备的预设范围内存在第三用户时,执行步骤S402;否则,执行步骤S403。S401. The electronic device determines whether a third user exists within a preset range of the electronic device, and when a third user exists within the preset range of the electronic device, perform step S402; otherwise, perform step S403.
其中,第三用户为未在电子设备上注册过的用户,电子设备通过摄像头、麦克风阵列或传感器等硬件可以检测出在电子设备的预设范围内是否存在第三用户。电子设备的预设范围可以由用户根据实际情况来定义,例如,用户可以将电子设备的预设范围设定为以电子设备为圆心的3米以内。The third user is a user who has not registered on the electronic device, and the electronic device can detect whether there is a third user within a preset range of the electronic device through hardware such as a camera, a microphone array, or a sensor. The preset range of the electronic device can be defined by the user according to the actual situation. For example, the user can set the preset range of the electronic device to be within 3 meters with the electronic device as the center.
S402、电子设备禁止对第一个人数据执行第一操作。S402, the electronic device prohibits performing the first operation on the first personal data.
S403、电子设备对第一个人数据执行第一操作。S403, the electronic device performs a first operation on the first personal data.
其中,如果在电子设备的预设范围内存在第三用户,说明在电子设备对第一个人数据执行第一操作的过程中可能会被第三用户看到或听到一些使用者的私密信息。而且,在第三用户为未注册用户时,说明使用者预先未赋予第三用户关于第一个人数据的操作权限,那么电子设备便禁止对第一个人数据执行第一操作,以避免在电子设备对第一个人数据执行第一操作的过程中将第一个人数据泄露给第三用户。Wherein, if there is a third user within the preset range of the electronic device, it means that some private information of the user may be seen or heard by the third user during the process of the electronic device performing the first operation on the first personal data . Moreover, when the third user is an unregistered user, it means that the user has not given the third user the right to operate on the first personal data in advance, then the electronic device prohibits the first operation on the first personal data to avoid During the process of performing the first operation on the first personal data by the electronic device, the first personal data is leaked to the third user.
示例的,请结合表1所示,如果第一个人数据为银行卡信息,第一个人数据的操作权限为访问权限,使用者的用户身份为用户A,在表1中可以看到银行卡信息的访问权限中包含用户A。此时,电子设备确定在电子设备的预设范围内是否存在第三用户,如果在电子设备的预设范围内存在第三用户且第三用户为未注册用户,那么电子设备禁止对银行卡信息执行输出操作,以避免将用户A的银行卡信息泄露给未注册用户。For example, please refer to Table 1. If the first personal data is bank card information, the operation authority of the first personal data is access authority, and the user's user identity is User A. In Table 1, you can see that the bank User A is included in the access authority of the card information. At this time, the electronic device determines whether there is a third user within the preset range of the electronic device, and if there is a third user within the preset range of the electronic device and the third user is an unregistered user, the electronic device prohibits the bank card information Execute the output operation to avoid leaking user A's bank card information to unregistered users.
请参见图6所示,图6所示的为本申请实施例提供的又一种安全交互方法的流程图。图6所示的方法为图3的S202的细化步骤,具体为“电子设备对第一个人数据执行第一操作”的细化步骤,而且,本申请实施例的场景是使用者的用户身份为第一用户。图6所示的方法包括以下步骤S501至S507。Please refer to FIG. 6 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 6 is the refinement step of S202 in FIG. 3 , specifically the refinement step of “the electronic device performs the first operation on the first personal data”, and the scenario of the embodiment of the present application is the user of the user The identity is the first user. The method shown in FIG. 6 includes the following steps S501 to S507.
S501、电子设备确定第一置信度。S501. The electronic device determines a first confidence level.
其中,第一置信度为使用者当前的人体特征与电子设备中预先存储的第一用户的人体特征之间的相似程度。The first confidence level is the degree of similarity between the current human body feature of the user and the human body feature of the first user pre-stored in the electronic device.
使用者当前的人体特征指的是在使用者向电子设备输入第一指令时,电子设备现场采集的使用者的人脸图像、声纹特征或眼球虹膜特征等人体特征。The current human body feature of the user refers to the human body features such as the user's face image, voiceprint feature, or eyeball iris feature, which are collected on-site by the electronic device when the user inputs the first instruction to the electronic device.
第一用户的人体特征指的是第一用户预先向电子设备输入的人脸图像、声纹特征或眼球虹膜特征等,第一用户的人体特征用于作为识别第一用户的用户身份的参考标准。The human body feature of the first user refers to a face image, voiceprint feature or eye iris feature, etc. previously input by the first user to the electronic device, and the human body feature of the first user is used as a reference standard for identifying the user identity of the first user .
具体的,第一置信度的计算方法可以参见图2对应的实施例中综合置信度的计算方法,第一置信度的计算方法与综合置信度的计算方式相同。Specifically, for the calculation method of the first confidence level, reference may be made to the calculation method of the comprehensive confidence level in the embodiment corresponding to FIG. 2 . The calculation method of the first confidence level is the same as the calculation method of the comprehensive confidence level.
S502、电子设备获取第一个人数据的第一隐私级别。S502, the electronic device acquires the first privacy level of the first personal data.
其中,第一隐私级别用于指示第一个人数据的隐私程度。Wherein, the first privacy level is used to indicate the privacy degree of the first personal data.
在每个个人数据输入至电子设备的时候,电子设备可以根据个人数据与隐私级别的映 射关系自动的为个人数据分配对应的隐私级别,也可以由用户向电子设备发送指令以确定个人数据对应的隐私级别。When each personal data is input to the electronic device, the electronic device can automatically assign the corresponding privacy level to the personal data according to the mapping relationship between the personal data and the privacy level, or the user can send an instruction to the electronic device to determine the corresponding privacy level of the personal data. privacy level.
示例的,请结合表2所示,表2所示的为电子设备预先存储的个人数据与隐私级别的对应关系表。As an example, please refer to Table 2, which is a correspondence table between personal data and privacy levels pre-stored by the electronic device.
个人数据personal data 隐私级别privacy level
银行卡信息bank card information 高风险high risk
电话号码telephone number 中风险medium risk
出生地点Birth place 低风险low risk
表2Table 2
例如,结合表2所示,假设电子设备预先存储有如表2所示的个人数据与隐私级别的映射关系表,在电子设备存储用户A的银行卡信息时,电子设备会根据表2为用户A的银行卡信息分配的隐私级别为高风险。For example, in conjunction with Table 2, assuming that the electronic device pre-stores the mapping relationship table between personal data and privacy level as shown in Table 2, when the electronic device stores the bank card information of user A, the electronic device will be user A according to Table 2. 's bank card information is assigned a privacy level of high risk.
S503、电子设备获取预先建立的置信度与隐私级别的第一映射关系。S503, the electronic device acquires a pre-established first mapping relationship between the confidence level and the privacy level.
示例的,请结合表3所示,表3所示的为电子设备预先建立的置信度与隐私级别的对应关系表。By way of example, please refer to Table 3, which is the correspondence table between confidence levels and privacy levels pre-established by the electronic device.
置信度Mconfidence M 隐私级别privacy level
M≥0.8M≥0.8 高风险,中风险,低风险high risk, medium risk, low risk
0.7≤M<0.80.7≤M<0.8 中风险,低风险medium risk, low risk
0.6≤M<0.70.6≤M<0.7 低风险low risk
表3table 3
通过表3可以得知,置信度M的数值越高,对应可以访问的个人数据的隐私级别越高。置信度M的数值越低,对应可以访问的个人数据的隐私级别越低。It can be known from Table 3 that the higher the confidence value M, the higher the privacy level of the personal data that can be accessed. The lower the value of the confidence level M, the lower the privacy level corresponding to the personal data that can be accessed.
S504、电子设备根据第一映射关系确定第一置信度对应的隐私级别集合。S504. The electronic device determines a privacy level set corresponding to the first confidence level according to the first mapping relationship.
其中,隐私级别集合包含至少一个隐私级别。Wherein, the privacy level set includes at least one privacy level.
示例的,请结合表3所示,假设第一置信度为0.9,那么第一置信度对应的隐私级别集合包括3个隐私级别,分别是高风险、中风险和低风险。As an example, please refer to Table 3, assuming that the first confidence level is 0.9, then the privacy level set corresponding to the first confidence level includes 3 privacy levels, namely high risk, medium risk and low risk.
示例的,请结合表3所示,假设第一置信度为0.75,那么第一置信度对应的隐私级别集合包括2个隐私级别,分别是中风险和低风险。As an example, please refer to Table 3, assuming that the first confidence level is 0.75, then the privacy level set corresponding to the first confidence level includes two privacy levels, which are medium risk and low risk.
S505、电子设备判断隐私级别集合是否包含第一隐私级别。在隐私级别集合包含第一隐私级别时,执行步骤S506;在隐私级别集合未包含第一隐私级别时,执行步骤S507。S505. The electronic device determines whether the privacy level set includes the first privacy level. When the privacy level set includes the first privacy level, step S506 is performed; when the privacy level set does not include the first privacy level, step S507 is performed.
示例的,请结合表2和表3所示,假设第一个人数据为银行卡信息,且第一置信度为0.9,结合表2可以确定银行卡信息对应的第一隐私级别为高风险,结合表3可以确定第一置信度0.9对应隐私级别集合包括高风险、中风险和低风险。电子设备可以确定隐私级别集合包含第一隐私级别,最后电子设备对第一个人数据执行第一操作。For example, please combine Table 2 and Table 3, assuming that the first personal data is bank card information, and the first confidence level is 0.9, combined with Table 2, it can be determined that the first privacy level corresponding to the bank card information is high risk, With reference to Table 3, it can be determined that the set of privacy levels corresponding to the first confidence level of 0.9 includes high risk, medium risk and low risk. The electronic device may determine that the set of privacy levels includes the first privacy level, and finally the electronic device performs the first operation on the first personal data.
示例的,请结合表2和表3所示,假设第一个人数据为银行卡信息,且第一置信度为0.75,结合表2可以确定银行卡信息对应的第一隐私级别为高风险,结合表3可以确定第一置信度0.75对应隐私级别集合包括中风险和低风险。电子设备可以确定隐私级别集合 未包含第一隐私级别,最后电子设备禁止对第一个人数据执行第一操作。For example, please combine Table 2 and Table 3, assuming that the first personal data is bank card information, and the first confidence level is 0.75, combined with Table 2, it can be determined that the first privacy level corresponding to the bank card information is high risk, With reference to Table 3, it can be determined that the set of privacy levels corresponding to the first confidence level of 0.75 includes medium risk and low risk. The electronic device may determine that the set of privacy levels does not contain the first privacy level, and finally the electronic device prohibits performing the first operation on the first personal data.
S506、电子设备对第一个人数据执行第一操作。S506, the electronic device performs a first operation on the first personal data.
S507、电子设备禁止对第一个人数据执行第一操作。S507, the electronic device prohibits performing the first operation on the first personal data.
在图6所示的实施例中,电子设备通过使用者的第一置信度确定可以为使用者提供个人数据的隐私级别。如果第一置信度越高,说明使用者是第一用户的可能性非常大,电子设备允许使用者操作隐私级别较高的个人数据。如果第一置信度越低,说明使用者是第一用户的可能性非常低,电子设备允许使用者操作隐私级别较低的个人数据。因此,本申请实施例可以避免将隐私级别较高的个人数据泄露给置信度较低的使用者,从而保证了用户的个人数据的安全性。In the embodiment shown in FIG. 6 , the electronic device determines, through the first confidence level of the user, the privacy level that can provide the user with personal data. If the first confidence level is higher, it indicates that the user is very likely to be the first user, and the electronic device allows the user to operate personal data with a higher privacy level. If the first confidence level is lower, it means that the possibility of the user being the first user is very low, and the electronic device allows the user to operate personal data with a lower privacy level. Therefore, the embodiments of the present application can avoid leaking personal data with a higher privacy level to a user with a lower confidence level, thereby ensuring the security of the user's personal data.
请参见图7所示,图7所示的为本申请实施例提供的又一种安全交互方法的流程图。图7所示的方法为图2的扩展,即在图2的基础上还包括图7所示的步骤。图7所示的方法包括以下步骤S601至S605。Please refer to FIG. 7 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 7 is an extension of FIG. 2 , that is, the steps shown in FIG. 7 are further included on the basis of FIG. 2 . The method shown in FIG. 7 includes the following steps S601 to S605.
S601、电子设备接收使用者发出的第二指令。S601. The electronic device receives a second instruction sent by a user.
其中,第二指令用于指示电子设备删除第一用户的全部个人数据。The second instruction is used to instruct the electronic device to delete all personal data of the first user.
在电子设备销户、借用、维修或丢失等场景下,为了避免电子设备内的个人数据泄露给其他人,使用者可以通过智能手机等通信设备向电子设备发送第二指令,以使电子设备将第一用户的全部个人数据删除。当然,如果使用者可以使用电子设备,那么使用者也可以在电子设备上直接输入第二指令。In the case of the electronic device being sold, borrowed, repaired or lost, in order to avoid leakage of personal data in the electronic device to others, the user can send a second instruction to the electronic device through a communication device such as a smartphone, so that the electronic device can send a second instruction to the electronic device. All personal data of the first user is deleted. Of course, if the user can use the electronic device, the user can also directly input the second instruction on the electronic device.
S602、电子设备确定使用者的用户身份。S602, the electronic device determines the user identity of the user.
其中,图7的S602与图2的S102是相同的步骤,关于图7的S602可以参见图2的S102的详细说明。Wherein, S602 in FIG. 7 is the same step as S102 in FIG. 2 . For details on S602 in FIG. 7 , please refer to the detailed description of S102 in FIG. 2 .
S603、在使用者的用户身份为第一用户或管理员时,电子设备确定用于存储第一密钥的第一存储区域。S603. When the user identity of the user is the first user or the administrator, the electronic device determines a first storage area for storing the first key.
其中,第一密钥为对第一用户的个人数据进行加密的密钥。在电子设备上注册的每个用户均对应一个密钥,每个用户的密钥可以是基于安全的随机数发生器生成的,所以每个用户的密钥都是唯一的,用户之间的密钥均不相同。The first key is a key for encrypting the personal data of the first user. Each user registered on the electronic device corresponds to a key, and each user's key can be generated based on a secure random number generator, so each user's key is unique, and the password between users is unique. The keys are not the same.
在电子设备接收使用者发出的第二指令以后,电子设备会确认使用者的用户身份。在使用者的用户身份为第一用户或管理员时,说明使用者具有删除第一用户的全部个人数据的权限,那么电子设备会确定存储第一密钥的第一存储区域,以使电子设备可以在第一存储区域内销毁第一密钥。After the electronic device receives the second instruction sent by the user, the electronic device will confirm the user identity of the user. When the user identity of the user is the first user or the administrator, it means that the user has the authority to delete all personal data of the first user, then the electronic device will determine the first storage area for storing the first key, so that the electronic device The first key may be destroyed within the first storage area.
S604、电子设备利用安全删除方法在第一存储区域内删除第一密钥。S604, the electronic device deletes the first key in the first storage area by using a secure deletion method.
其中,安全删除方法为删除第一密钥后可防止第一密钥恢复的删除方法。具体的,电子设备可以在第一存储区域中写入预设次数目标数据,以便于在电子设备删除第一密钥后可防止第一密钥恢复。其中,预设次数为预先设定的次数,例如,3次,5次等。目标数据可以为预先生成的随机数。在第一存储区域反复写入目标数据的目的在于彻底删除第一存储区域中的第一密钥,避免非法用户通过一些技术手段将第一密钥从第一存储区域中恢复。The safe deletion method is a deletion method that can prevent the recovery of the first key after the first key is deleted. Specifically, the electronic device may write target data for a preset number of times in the first storage area, so as to prevent the recovery of the first key after the electronic device deletes the first key. The preset number of times is a preset number of times, for example, 3 times, 5 times, and the like. The target data can be pre-generated random numbers. The purpose of repeatedly writing the target data in the first storage area is to completely delete the first key in the first storage area, so as to prevent an illegal user from recovering the first key from the first storage area through some technical means.
S605、电子设备删除被第一密钥加密过的第一用户的全部个人数据。S605, the electronic device deletes all personal data of the first user encrypted by the first key.
在图7所示的实施例中,电子设备中存储有被第一密钥加密过的第一用户的全部个人 数据,在电子设备销户、借用、维修或丢失等场景下,为了避免电子设备内的个人数据泄露给其他人,电子设备通过消除第一密钥的方式避免非法用户获取到第一密钥。即使非法用户通过非法手段将已经被删除的被第一密钥加密过的第一用户的全部个人数据恢复至电子设备的存储区域中,由于非法用户无法获取到第一密钥,所以无法对被第一密钥加密过的第一用户的全部个人数据进行解密操作。因此,本申请实施例可以避免用户的隐私被泄露。In the embodiment shown in FIG. 7 , all personal data of the first user encrypted by the first key are stored in the electronic device. If the personal data in the device is leaked to others, the electronic device avoids illegal users from obtaining the first key by eliminating the first key. Even if the illegal user restores all the deleted personal data of the first user encrypted by the first key to the storage area of the electronic device by illegal means, since the illegal user cannot obtain the first key, he cannot All personal data of the first user encrypted by the first key is decrypted. Therefore, the embodiment of the present application can prevent the user's privacy from being leaked.
请参见图8所示,图8所示的为本申请实施例提供的又一种安全交互方法的流程图。图8所示的方法为图2的S104的细化步骤,具体为“电子设备根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作”的细化步骤。图8所示的方法包括以下步骤S701至S705。Please refer to FIG. 8 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 8 is the refinement step of S104 in FIG. 2 , and is specifically the step of “the electronic device determines whether to perform the first operation on the first personal data according to the user’s user identity and the operation authority of the first personal data”. refinement steps. The method shown in FIG. 8 includes the following steps S701 to S705.
S701、电子设备确定第一个人数据的输入权限包括第一用户。S701. The electronic device determines that the input authority of the first personal data includes the first user.
S702、电子设备获取第一用户对应的第一密钥。S702. The electronic device acquires the first key corresponding to the first user.
其中,第一密钥为对第一用户的个人数据进行加密的密钥。在电子设备上注册的每个用户均对应一个密钥,每个用户的密钥可以是基于安全的随机数发生器生成的,所以每个用户的密钥都是唯一的,用户之间的密钥均不相同。The first key is a key for encrypting the personal data of the first user. Each user registered on the electronic device corresponds to a key, and each user's key can be generated based on a secure random number generator, so each user's key is unique, and the password between users is unique. The keys are not the same.
在S702中,为了提高第一密钥的安全性,可以使用根密钥来对第一密钥进行加密,并将加密后的第一密钥存储在电子设备中。而且,根密钥可以存储在中央处理器(central processing unit,CPU)、系统级芯片(system on chip,SOC)或者加密协处理器的片内非易失性存储器里面,并且不对外部暴露读取根密钥的物理接口或逻辑接口,以保证根密钥的安全性。In S702, in order to improve the security of the first key, the root key may be used to encrypt the first key, and the encrypted first key may be stored in the electronic device. Furthermore, the root key can be stored in the on-chip non-volatile memory of a central processing unit (CPU), system on chip (SOC), or cryptographic coprocessor, and is not exposed to the outside for reading The physical interface or logical interface of the root key to ensure the security of the root key.
在S702中,为了提高第一密钥的安全性,还可以使用密钥加密密钥来对第一密钥进行加密,并将加密后的第一密钥存储在电子设备中。再利用根密钥对密钥加密密钥进行加密,并将加密后的密钥加密密钥存储在电子设备中。而且,根密钥可以存储在中央处理器、系统级芯片或者加密协处理器的片内非易失性存储器里面,并且不对外部暴露读取根密钥的物理接口或逻辑接口,以保证根密钥的安全性。In S702, in order to improve the security of the first key, the key encryption key may also be used to encrypt the first key, and the encrypted first key may be stored in the electronic device. The key encryption key is encrypted by using the root key, and the encrypted key encryption key is stored in the electronic device. Moreover, the root key can be stored in the on-chip non-volatile memory of the central processing unit, the system-on-chip or the encryption coprocessor, and the physical interface or logical interface for reading the root key is not exposed to the outside, so as to ensure the root key key security.
S703、电子设备利用第一密钥对第一个人数据进行加密得到加密后的第一个人数据。S703, the electronic device encrypts the first personal data with the first key to obtain encrypted first personal data.
S704、电子设备建立第一用户、第二隐私级别和加密后的第一个人数据之间的第二映射关系。S704. The electronic device establishes a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data.
其中,第二隐私级别为与第一个人数据对应的隐私级别。每个个人数据均对应一个隐私级别,请结合表2所示,如果第一个人数据为电话号码,那么第一个人数据对应的第二隐私级别为中风险。The second privacy level is the privacy level corresponding to the first personal data. Each personal data corresponds to a privacy level, as shown in Table 2, if the first personal data is a phone number, then the second privacy level corresponding to the first personal data is medium risk.
S705、电子设备存储第二映射关系。S705. The electronic device stores the second mapping relationship.
在图8所示的实施例中,本申请实施例在存储个人数据的过程中,不仅会对个人数据进行加密,而且还会存储该个人数据对应的隐私级别和用户身份,以便于在读取个人数据的时候可以通过用户身份找到个人数据,以及在读取个人数据的时候可以确定该个人数据对应的隐私级别。In the embodiment shown in FIG. 8 , in the process of storing personal data, the embodiment of the present application not only encrypts the personal data, but also stores the privacy level and user identity corresponding to the personal data, so as to facilitate the reading of the personal data. When personal data is used, the personal data can be found through the identity of the user, and the privacy level corresponding to the personal data can be determined when the personal data is read.
请参见图9所示,图9所示的为本申请实施例提供的又一种安全交互方法的流程图。图9所示的方法为图2的扩展,即在图2的基础上还包括图9所示的步骤。图9所示的方法包括以下步骤S801至S803。Please refer to FIG. 9 , which is a flowchart of another security interaction method provided by an embodiment of the present application. The method shown in FIG. 9 is an extension of FIG. 2 , that is, the steps shown in FIG. 9 are further included on the basis of FIG. 2 . The method shown in FIG. 9 includes the following steps S801 to S803.
S801、电子设备接收使用者发出的第三指令。S801. The electronic device receives a third instruction sent by a user.
其中,第三指令用于指示电子设备配置用户集合对个人数据集合的访问权限,个人数据集合包括第一用户的至少一个个人数据,用户集合包括预先在电子设备注册过的至少一个用户。The third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, the personal data set includes at least one personal data of the first user, and the user set includes at least one user registered in the electronic device in advance.
S802、电子设备确定使用者的用户身份为第一用户。S802, the electronic device determines that the user identity of the user is the first user.
S803、电子设备配置用户集合中每个用户对个人数据集合中每个个人数据的访问权限。S803, the electronic device configures the access authority of each user in the user set to each personal data in the personal data set.
可选的,在S803中,具体可以包括以下步骤:电子设备添加用户集合中每个用户对个人数据集合中每个个人数据的访问权限。Optionally, in S803, it may specifically include the following steps: the electronic device adds the access authority of each user in the user set to each personal data in the personal data set.
例如,假设使用者为第一用户,用户集合包括第二用户,第一用户和第二用户均为电子设备的注册用户,个人数据集合包括第一用户的第一个人数据和第二个人数据,第二用户不具有对第一个人数据和第二个人数据的访问权限。使用者为了添加第二用户对第一个人数据和第二个人数据的访问权限,使用者可以向电子设备发送第三指令。在电子设备接收使用者发出的第三指令时,电子设备确定使用者的用户身份为第一用户,电子设备会添加用户集合中第二用户对个人数据集合中第一个人数据和第二个人数据的访问权限。此时,第二用户便具有了对第一用户的第一个人数据和第二个人数据的访问权限。For example, assuming that the user is the first user, the user set includes the second user, the first user and the second user are both registered users of the electronic device, and the personal data set includes the first personal data and the second personal data of the first user , the second user does not have access to the first personal data and the second personal data. In order to increase the access rights of the second user to the first personal data and the second personal data, the user may send a third instruction to the electronic device. When the electronic device receives the third instruction from the user, the electronic device determines that the user's user identity is the first user, and the electronic device adds the second user in the user set to the first personal data and the second personal data in the personal data set. data access rights. At this point, the second user has access rights to the first personal data and the second personal data of the first user.
可选的,在S803中,具体可以包括以下步骤:电子设备删除用户集合中每个用户对个人数据集合中每个个人数据的访问权限Optionally, in S803, it may specifically include the following steps: the electronic device deletes the access authority of each user in the user set to each personal data in the personal data set
例如,假设使用者为第一用户,用户集合包括第二用户,第一用户和第二用户均为电子设备的注册用户,个人数据集合包括第一用户的第一个人数据和第二个人数据,第二用户具有对第一个人数据和第二个人数据的访问权限。使用者为了删除第二用户对第一个人数据和第二个人数据的访问权限,使用者可以向电子设备发送第三指令。在电子设备接收使用者发出的第三指令时,电子设备确定使用者的用户身份为第一用户,电子设备会删除用户集合中第二用户对个人数据集合中第一个人数据和第二个人数据的访问权限。此时,第二用户便不具有对第一用户的第一个人数据和第二个人数据的访问权限。For example, assuming that the user is the first user, the user set includes the second user, the first user and the second user are both registered users of the electronic device, and the personal data set includes the first personal data and the second personal data of the first user , the second user has access rights to the first personal data and the second personal data. In order to delete the access authority of the second user to the first personal data and the second personal data, the user may send a third instruction to the electronic device. When the electronic device receives the third instruction from the user, the electronic device determines that the user's user identity is the first user, and the electronic device deletes the second user in the user set to the first personal data and the second personal data in the personal data set. data access rights. At this time, the second user does not have access rights to the first personal data and the second personal data of the first user.
在图9所示的实施例中,第一用户可以在电子设备上配置自己的个人数据是否可以被其他的注册用户访问。如果第一用户允许其他注册用户访问自己的个人数据,那么第一用户可以添加其他注册用户对自己的个人数据的访问权限。如果第一用户不允许其他注册用户访问自己的个人数据,那么第一用户可以删除其他注册用户对自己的个人数据的访问权限。因此,本申请实施例可以使第一用户灵活的配置其他注册用户对自己的个人数据的访问权限。In the embodiment shown in FIG. 9 , the first user can configure on the electronic device whether his personal data can be accessed by other registered users. If the first user allows other registered users to access his own personal data, then the first user can add the access rights of other registered users to his own personal data. If the first user does not allow other registered users to access his own personal data, the first user can delete the access rights of other registered users to his own personal data. Therefore, the embodiment of the present application can enable the first user to flexibly configure the access rights of other registered users to his own personal data.
请参见图10所示,图10所示的为本申请实施例提供的一种电子设备的示意图。图10所示的电子设备包括以下模块:Please refer to FIG. 10 , which is a schematic diagram of an electronic device according to an embodiment of the present application. The electronic device shown in Figure 10 includes the following modules:
接收模块11,用于接收使用者发出的第一指令,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户。The receiving module 11 is used to receive the first instruction issued by the user, the first instruction is used to instruct the electronic device to perform the first operation on the first personal data of the first user, and the first user is pre-registered on the electronic device. user.
处理模块12,用于确定使用者的用户身份。获取第一个人数据的操作权限,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份。根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。The processing module 12 is used to determine the user identity of the user. The operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
其中,接收模块11和处理模块12能够实现的附加功能、实现上述功能的更多细节请 参考前面各个方法实施例中的描述,在这里不再重复。The additional functions that can be implemented by the receiving module 11 and the processing module 12, and more details of implementing the above functions, please refer to the descriptions in the foregoing method embodiments, which will not be repeated here.
图10所描述的装置实施例仅仅是示意性的,例如,模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个模块或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。在本申请各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。The apparatus embodiment described in FIG. 10 is only illustrative. For example, the division of modules is only a logical function division. In actual implementation, there may be other division methods. For example, multiple modules or components may be combined or integrated into Another system, or some features can be ignored, or not implemented. Each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist physically alone, or two or more modules may be integrated into one module.
请参见图11所示,图11所示的为本申请实施例提供的另一种电子设备的示意图。图11所示的电子设备包括以下模块:Please refer to FIG. 11 , which is a schematic diagram of another electronic device provided in an embodiment of the present application. The electronic device shown in Figure 11 includes the following modules:
接收模块21,用于接收用户的输入。接收模块21具体可以包括有触摸屏、麦克风、摄像头和传感器等部件,其中,触摸屏用于接收用户的触摸输入,麦克风用于接收用户的语音输入,摄像头用于采集用户的人脸图像。The receiving module 21 is used for receiving the input of the user. The receiving module 21 may specifically include components such as a touch screen, a microphone, a camera, and a sensor, wherein the touch screen is used to receive user's touch input, the microphone is used to receive user's voice input, and the camera is used to collect the user's face image.
输出模块22,用于向用户反馈输出。输出模块22具体可以包括触摸屏和扬声器等,其中,触摸屏用于以图像的方式显示输出,扬声器用于以声音的方式输出。当然,输出模块22还可以包括振动马达,振动马达用于提供触觉反馈。在电子设备为智能机器人时,输出模块22还可以包括智能机器人的肢体,智能机器人的肢体用于提供运动反馈,如拍打、抚摸和拥抱用户。The output module 22 is used to feed back the output to the user. The output module 22 may specifically include a touch screen, a speaker, etc., wherein the touch screen is used for displaying output in the form of images, and the speaker is used for outputting in the form of sound. Of course, the output module 22 may also include a vibration motor for providing haptic feedback. When the electronic device is an intelligent robot, the output module 22 may further include the limbs of the intelligent robot, and the limbs of the intelligent robot are used to provide motion feedback, such as tapping, stroking and hugging the user.
用户身份识别模块23,用于对用户身份进行识别。用户身份识别模块23可以包括人脸识别系统、声纹识别系统、指纹识别系统和密码系统等等。在用户身份识别模块23中存在多种身份识别系统时,用户身份识别模块23可以通过融合判定系统对多种身份识别系统识别的结果进行融合判定,最终确定用户的身份。The user identity identification module 23 is used to identify the user identity. The user identity recognition module 23 may include a face recognition system, a voiceprint recognition system, a fingerprint recognition system, a password system, and the like. When there are multiple identification systems in the user identification module 23, the user identification module 23 can perform a fusion determination on the results of the identification of the multiple identification systems through the fusion determination system, and finally determine the user's identity.
人脸识别系统包括人脸检测与分析、五官定位、人脸搜索、人脸比对、人脸验证、活体检测等多种功能,是根据人的面部图片进行用户的身份确认。The face recognition system includes multiple functions such as face detection and analysis, facial features positioning, face search, face comparison, face verification, and liveness detection.
声纹识别系统是根据说话人的声波特性进行身份辨识的系统,声纹识别系统的主要任务包括语音信号处理、声纹特征提取、声纹建模、声纹比对、判别决策等。The voiceprint recognition system is a system that performs identification based on the characteristics of the speaker's voice. The main tasks of the voiceprint recognition system include voice signal processing, voiceprint feature extraction, voiceprint modeling, voiceprint comparison, and discriminative decision-making.
指纹识别系统是将识别用户的指纹进行分类比对从而进行身份判别。The fingerprint identification system is to classify and compare the fingerprints of the identified users to identify the identity.
融合判定系统通过对人脸识别系统、声纹识别系统和指纹识别系统的识别结果进行融合判定,得到最终的身份判定结果。The fusion judgment system obtains the final identity judgment result by merging and judging the recognition results of the face recognition system, the voiceprint recognition system and the fingerprint recognition system.
隐私级别判断模块24可以根据预先建立的个人数据与隐私级别的映射关系来确定个人数据的隐私级别。The privacy level determination module 24 may determine the privacy level of the personal data according to the pre-established mapping relationship between the personal data and the privacy level.
加密解密模块25包括负责密钥的管理、加密数据和解密数据等功能。例如,加密数据所使用的加密算法具体可以为高级加密标准(advanced encryption standard,AES)。The encryption and decryption module 25 includes functions in charge of key management, encrypted data and decrypted data. For example, the encryption algorithm used for encrypting data may specifically be an advanced encryption standard (AES).
存储模块26可以对用户的个人数据进行存储。The storage module 26 may store the user's personal data.
应用模块27用于给用户提供日常使用的功能,包括日常对话聊天、游戏、娱乐、学习、备忘提醒等功能。The application module 27 is used to provide the user with functions for daily use, including functions such as daily dialogue and chat, games, entertainment, learning, and reminders.
请参见图12所示,图12所示的为本申请实施例提供的又一种电子设备的示意图。图12所示的电子设备包括处理器31和存储器32。Please refer to FIG. 12 , which is a schematic diagram of another electronic device provided by an embodiment of the present application. The electronic device shown in FIG. 12 includes a processor 31 and a memory 32 .
在图12所示的实施例中,处理器31用于执行存储器32中存储的指令,以使电子设备执行以下操作:接收使用者发出的第一指令,第一指令用于指示电子设备对第一用户的第一个人数据执行第一操作,第一用户为预先在电子设备上注册过的用户。确定使用者的 用户身份。获取第一个人数据的操作权限,第一个人数据的操作权限用于指示允许操作第一个人数据的用户身份。根据使用者的用户身份和第一个人数据的操作权限确定是否对第一个人数据执行第一操作。In the embodiment shown in FIG. 12 , the processor 31 is configured to execute the instructions stored in the memory 32, so that the electronic device performs the following operations: receiving a first instruction issued by the user, and the first instruction is used to instruct the electronic device to The first operation is performed on the first personal data of a user, and the first user is a user registered on the electronic device in advance. Determine the user's user identity. The operation authority of the first personal data is obtained, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data. Whether to perform the first operation on the first personal data is determined according to the user identity of the user and the operation authority of the first personal data.
处理器31是一个或多个CPU。可选的,该CPU为单核CPU或多核CPU。The processor 31 is one or more CPUs. Optionally, the CPU is a single-core CPU or a multi-core CPU.
存储器32包括但不限于是随机存取存储器(random access memory,RAM)、只读存储器(Read only Memory,ROM)、可擦除可编程只读存储器(erasable programmable read-only memory,EPROM或者快闪存储器)、快闪存储器、或光存储器等。存储器32中保存有操作系统的代码。The memory 32 includes, but is not limited to, random access memory (RAM), read only memory (Read only Memory, ROM), erasable programmable read-only memory (erasable programmable read-only memory, EPROM or flash memory) memory), flash memory, or optical memory, etc. The code of the operating system is stored in the memory 32 .
可选地,电子设备还包括总线33,上述处理器31和存储器32通过总线33相互连接,也可以采用其他方式相互连接。Optionally, the electronic device further includes a bus 33, and the above-mentioned processor 31 and the memory 32 are connected to each other through the bus 33, and may also be connected to each other in other ways.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, and the same and similar parts between the various embodiments may be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the system embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for related parts, please refer to the partial descriptions of the method embodiments.
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的范围。这样,倘若本申请的这些修改和变型属于本发明权利要求的范围之内,则本发明也意图包括这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the scope of the present invention. Thus, provided that these modifications and variations of the present application fall within the scope of the claims of the present invention, the present invention is also intended to include such modifications and variations.

Claims (21)

  1. 一种安全交互方法,其特征在于,所述方法应用于电子设备中,所述方法包括:A security interaction method, characterized in that the method is applied to an electronic device, and the method comprises:
    所述电子设备接收使用者发出的第一指令,所述第一指令用于指示所述电子设备对第一用户的第一个人数据执行第一操作,所述第一用户为预先在所述电子设备上注册过的用户;The electronic device receives a first instruction issued by the user, the first instruction is used to instruct the electronic device to perform a first operation on the first personal data of the first user registered users on electronic devices;
    所述电子设备确定所述使用者的用户身份;the electronic device determines the user identity of the user;
    所述电子设备获取所述第一个人数据的操作权限,所述第一个人数据的操作权限用于指示允许操作所述第一个人数据的用户身份;The electronic device obtains the operation authority of the first personal data, and the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data;
    所述电子设备根据所述使用者的用户身份和所述第一个人数据的操作权限确定是否对所述第一个人数据执行第一操作。The electronic device determines whether to perform a first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
  2. 根据权利要求1所述的安全交互方法,其特征在于,所述电子设备根据所述使用者的用户身份和所述第一个人数据的操作权限确定是否对所述第一个人数据执行第一操作包括:The secure interaction method according to claim 1, wherein the electronic device determines whether to execute the first personal data on the first personal data according to the user identity of the user and the operation authority of the first personal data. An operation includes:
    所述电子设备确定所述第一个人数据的操作权限是否包含所述使用者的用户身份;The electronic device determines whether the operation authority of the first personal data includes the user identity of the user;
    在所述第一个人数据的操作权限包含所述使用者的用户身份时,所述电子设备对所述第一个人数据执行第一操作;When the operation authority of the first personal data includes the user identity of the user, the electronic device performs a first operation on the first personal data;
    在所述第一个人数据的操作权限未包含所述使用者的用户身份时,所述电子设备禁止对所述第一个人数据执行第一操作。When the operation authority of the first personal data does not include the user identity of the user, the electronic device prohibits performing the first operation on the first personal data.
  3. 根据权利要求2所述的安全交互方法,其特征在于,所述电子设备对所述第一个人数据执行第一操作包括:The secure interaction method according to claim 2, wherein the electronic device performing the first operation on the first personal data comprises:
    所述电子设备确定在所述电子设备的预设范围内是否存在第二用户,所述第二用户为预先在所述电子设备上注册过的用户;The electronic device determines whether there is a second user within a preset range of the electronic device, where the second user is a user registered on the electronic device in advance;
    在所述电子设备的预设范围内存在所述第二用户时,所述电子设备确定所述第一个人数据的访问权限是否包含所述第二用户;在所述第一个人数据的访问权限包含所述第二用户时,所述电子设备对所述第一个人数据执行第一操作;在所述第一个人数据的访问权限未包含所述第二用户时,所述电子设备禁止对所述第一个人数据执行第一操作;When the second user exists within the preset range of the electronic device, the electronic device determines whether the access authority of the first personal data includes the second user; When the access right includes the second user, the electronic device performs the first operation on the first personal data; when the access right of the first personal data does not include the second user, the electronic device The device prohibits performing the first operation on the first personal data;
    在所述电子设备的预设范围内不存在所述第二用户时,所述电子设备对所述第一个人数据执行第一操作。When the second user does not exist within a preset range of the electronic device, the electronic device performs a first operation on the first personal data.
  4. 根据权利要求2所述的安全交互方法,其特征在于,所述电子设备对所述第一个人数据执行第一操作包括:The secure interaction method according to claim 2, wherein the electronic device performing the first operation on the first personal data comprises:
    所述电子设备确定在所述电子设备的预设范围内是否存在第三用户,所述第三用户为未在所述电子设备上注册过的用户;The electronic device determines whether there is a third user within a preset range of the electronic device, where the third user is a user who has not been registered on the electronic device;
    在所述电子设备的预设范围内存在所述第三用户时,所述电子设备禁止对所述第一个人数据执行第一操作;When the third user exists within the preset range of the electronic device, the electronic device prohibits the electronic device from performing a first operation on the first personal data;
    在所述电子设备的预设范围内不存在所述第三用户时,所述电子设备对所述第一个人数据执行第一操作。When the third user does not exist within a preset range of the electronic device, the electronic device performs a first operation on the first personal data.
  5. 根据权利要求2所述的安全交互方法,其特征在于,在所述使用者的用户身份为所述第一用户时,所述电子设备对所述第一个人数据执行第一操作包括:The secure interaction method according to claim 2, wherein when the user identity of the user is the first user, the electronic device performing the first operation on the first personal data comprises:
    所述电子设备确定第一置信度,所述第一置信度为所述使用者当前的人体特征与所述 电子设备中预先存储的所述第一用户的人体特征之间的相似程度;The electronic device determines a first confidence level, and the first confidence level is the similarity between the current human body feature of the user and the human body feature of the first user pre-stored in the electronic device;
    所述电子设备获取所述第一个人数据的第一隐私级别,所述第一隐私级别用于指示所述第一个人数据的隐私程度;obtaining, by the electronic device, a first privacy level of the first personal data, where the first privacy level is used to indicate a privacy degree of the first personal data;
    所述电子设备获取预先建立的置信度与隐私级别的第一映射关系;obtaining, by the electronic device, a pre-established first mapping relationship between the confidence level and the privacy level;
    所述电子设备根据所述第一映射关系确定所述第一置信度对应的隐私级别集合,所述隐私级别集合包含至少一个隐私级别;The electronic device determines, according to the first mapping relationship, a privacy level set corresponding to the first confidence level, where the privacy level set includes at least one privacy level;
    所述电子设备判断所述隐私级别集合是否包含所述第一隐私级别;The electronic device determines whether the set of privacy levels includes the first privacy level;
    在所述隐私级别集合包含所述第一隐私级别时,所述电子设备对所述第一个人数据执行第一操作;When the set of privacy levels includes the first privacy level, the electronic device performs a first operation on the first personal data;
    在所述隐私级别集合未包含所述第一隐私级别时,所述电子设备禁止对所述第一个人数据执行第一操作。The electronic device prohibits performing a first operation on the first personal data when the set of privacy levels does not include the first privacy level.
  6. 根据权利要求1所述的安全交互方法,其特征在于,所述方法还包括:The secure interaction method according to claim 1, wherein the method further comprises:
    所述电子设备接收使用者发出的第二指令,所述第二指令用于指示所述电子设备删除所述第一用户的全部个人数据;The electronic device receives a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user;
    所述电子设备确定所述使用者的用户身份;the electronic device determines the user identity of the user;
    在所述使用者的用户身份为所述第一用户或管理员时,所述电子设备确定用于存储第一密钥的第一存储区域,所述第一密钥为对所述第一用户的个人数据进行加密的密钥;When the user identity of the user is the first user or the administrator, the electronic device determines a first storage area for storing a first key, and the first key is for the first user the key to encrypt your personal data;
    所述电子设备利用安全删除方法在所述第一存储区域内删除所述第一密钥,所述安全删除方法为删除所述第一密钥后可防止所述第一密钥恢复的删除方法;The electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is a deletion method that can prevent recovery of the first key after deleting the first key ;
    所述电子设备删除被所述第一密钥加密过的所述第一用户的全部个人数据。The electronic device deletes all personal data of the first user encrypted by the first key.
  7. 根据权利要求1所述的安全交互方法,其特征在于,所述第一操作为输入操作,所述第一个人数据的操作权限为输入权限,所述使用者的用户身份为所述第一用户;The secure interaction method according to claim 1, wherein the first operation is an input operation, the operation authority of the first personal data is an input authority, and the user identity of the user is the first user;
    所述电子设备根据所述使用者的用户身份和所述第一个人数据的操作权限确定是否对所述第一个人数据执行第一操作包括:The electronic device determining whether to perform the first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data includes:
    所述电子设备确定所述第一个人数据的输入权限包括所述第一用户;The electronic device determines that the input authority of the first personal data includes the first user;
    所述电子设备获取所述第一用户对应的第一密钥,所述第一密钥为对所述第一用户的个人数据进行加密的密钥;obtaining, by the electronic device, a first key corresponding to the first user, where the first key is a key for encrypting personal data of the first user;
    所述电子设备利用所述第一密钥对所述第一个人数据进行加密得到加密后的所述第一个人数据;The electronic device encrypts the first personal data with the first key to obtain the encrypted first personal data;
    所述电子设备建立所述第一用户、第二隐私级别和加密后的所述第一个人数据之间的第二映射关系,所述第二隐私级别为与所述第一个人数据对应的隐私级别;The electronic device establishes a second mapping relationship between the first user, the second privacy level, and the encrypted first personal data, where the second privacy level corresponds to the first personal data the level of privacy;
    所述电子设备存储所述第二映射关系。The electronic device stores the second mapping relationship.
  8. 根据权利要求1所述的安全交互方法,其特征在于,所述第一操作为输入操作、输出操作、修改操作或删除操作。The secure interaction method according to claim 1, wherein the first operation is an input operation, an output operation, a modification operation or a deletion operation.
  9. 根据权利要求1所述的安全交互方法,其特征在于,所述方法还包括:The secure interaction method according to claim 1, wherein the method further comprises:
    所述电子设备接收使用者发出的第三指令,所述第三指令用于指示所述电子设备配置用户集合对个人数据集合的访问权限,所述个人数据集合包括所述第一用户的至少一个个人数据,所述用户集合包括预先在所述电子设备注册过的至少一个用户;The electronic device receives a third instruction issued by the user, and the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, the personal data set including at least one of the first user. Personal data, the user set includes at least one user registered in the electronic device in advance;
    所述电子设备确定所述使用者的用户身份为所述第一用户;The electronic device determines that the user identity of the user is the first user;
    所述电子设备配置所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限。The electronic device configures the access rights of each user in the set of users to each personal data in the set of personal data.
  10. 根据权利要求9所述的安全交互方法,其特征在于,所述电子设备配置所述用户集合对所述个人数据集合中每个个人数据的访问权限包括:The secure interaction method according to claim 9, wherein configuring, by the electronic device, the access authority of the user set to each personal data in the personal data set comprises:
    所述电子设备添加所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限;The electronic device adds the access authority of each user in the user set to each personal data in the personal data set;
    或者,or,
    所述电子设备删除所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限。The electronic device deletes the access rights of each user in the user set to each personal data in the personal data set.
  11. 一种电子设备,其特征在于,包括:An electronic device, comprising:
    接收模块,用于接收使用者发出的第一指令,所述第一指令用于指示所述电子设备对第一用户的第一个人数据执行第一操作,所述第一用户为预先在所述电子设备上注册过的用户;A receiving module, configured to receive a first instruction sent by a user, the first instruction is used to instruct the electronic device to perform a first operation on the first personal data of the first user, the first user is a users who have registered on the aforementioned electronic device;
    处理模块,用于确定所述使用者的用户身份;获取所述第一个人数据的操作权限,所述第一个人数据的操作权限用于指示允许操作所述第一个人数据的用户身份;根据所述使用者的用户身份和所述第一个人数据的操作权限确定是否对所述第一个人数据执行第一操作。a processing module, configured to determine the user identity of the user; obtain the operation authority of the first personal data, the operation authority of the first personal data is used to indicate the user who is allowed to operate the first personal data identity; determining whether to perform a first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
  12. 根据权利要求11所述的电子设备,其特征在于:The electronic device according to claim 11, wherein:
    所述处理模块,具体用于确定所述第一个人数据的操作权限是否包含所述使用者的用户身份;在所述第一个人数据的操作权限包含所述使用者的用户身份时,所述电子设备对所述第一个人数据执行第一操作;在所述第一个人数据的操作权限未包含所述使用者的用户身份时,所述电子设备禁止对所述第一个人数据执行第一操作。The processing module is specifically configured to determine whether the operation authority of the first personal data includes the user identity of the user; when the operation authority of the first personal data includes the user identity of the user, The electronic device performs a first operation on the first personal data; when the operation authority of the first personal data does not include the user identity of the user, the electronic device prohibits the first operation on the first personal data. Person data performs the first operation.
  13. 根据权利要求12所述的电子设备,其特征在于:The electronic device according to claim 12, wherein:
    所述处理模块,具体用于确定在所述电子设备的预设范围内是否存在第二用户,所述第二用户为预先在所述电子设备上注册过的用户;在所述电子设备的预设范围内存在所述第二用户时,所述电子设备确定所述第一个人数据的访问权限是否包含所述第二用户;在所述第一个人数据的访问权限包含所述第二用户时,所述电子设备对所述第一个人数据执行第一操作;在所述第一个人数据的访问权限未包含所述第二用户时,所述电子设备禁止对所述第一个人数据执行第一操作;在所述电子设备的预设范围内不存在所述第二用户时,所述电子设备对所述第一个人数据执行第一操作。The processing module is specifically configured to determine whether there is a second user within the preset range of the electronic device, where the second user is a user registered on the electronic device in advance; When the second user exists within the scope, the electronic device determines whether the access right of the first personal data includes the second user; if the access right of the first personal data includes the second user user, the electronic device performs the first operation on the first personal data; when the access authority of the first personal data does not include the second user, the electronic device prohibits the first operation on the first personal data. The personal data performs a first operation; when the second user does not exist within a preset range of the electronic device, the electronic device performs a first operation on the first personal data.
  14. 根据权利要求12所述的电子设备,其特征在于:The electronic device according to claim 12, wherein:
    所述处理模块,具体用于确定在所述电子设备的预设范围内是否存在第三用户,所述第三用户为未在所述电子设备上注册过的用户;在所述电子设备的预设范围内存在所述第三用户时,所述电子设备禁止对所述第一个人数据执行第一操作;在所述电子设备的预设范围内不存在所述第三用户时,所述电子设备对所述第一个人数据执行第一操作。The processing module is specifically configured to determine whether there is a third user within the preset range of the electronic device, where the third user is a user who has not been registered on the electronic device; When the third user exists within the preset range, the electronic device prohibits the first operation on the first personal data; when the third user does not exist within the preset range of the electronic device, the electronic device The electronic device performs a first operation on the first personal data.
  15. 根据权利要求12所述的电子设备,其特征在于:The electronic device according to claim 12, wherein:
    所述处理模块,具体用于确定第一置信度,所述第一置信度为所述使用者当前的人体特征与所述电子设备中预先存储的所述第一用户的人体特征之间的相似程度;获取所述第一个人数据的第一隐私级别,所述第一隐私级别用于指示所述第一个人数据的隐私程度; 获取预先建立的置信度与隐私级别的第一映射关系;根据所述第一映射关系确定所述第一置信度对应的隐私级别集合,所述隐私级别集合包含至少一个隐私级别;判断所述隐私级别集合是否包含所述第一隐私级别;在所述隐私级别集合包含所述第一隐私级别时,所述电子设备对所述第一个人数据执行第一操作;在所述隐私级别集合未包含所述第一隐私级别时,所述电子设备禁止对所述第一个人数据执行第一操作。The processing module is specifically configured to determine a first confidence level, where the first confidence level is the similarity between the current human body feature of the user and the human body feature of the first user pre-stored in the electronic device obtaining the first privacy level of the first personal data, where the first privacy level is used to indicate the privacy level of the first personal data; obtaining a pre-established first mapping relationship between the confidence level and the privacy level ; Determine a privacy level set corresponding to the first confidence level according to the first mapping relationship, where the privacy level set includes at least one privacy level; determine whether the privacy level set includes the first privacy level; When the privacy level set includes the first privacy level, the electronic device performs the first operation on the first personal data; when the privacy level set does not include the first privacy level, the electronic device prohibits A first operation is performed on the first personal data.
  16. 根据权利要求11所述的电子设备,其特征在于:The electronic device according to claim 11, wherein:
    所述处理模块,还用于接收使用者发出的第二指令,所述第二指令用于指示所述电子设备删除所述第一用户的全部个人数据;确定所述使用者的用户身份;在所述使用者的用户身份为所述第一用户或管理员时,所述电子设备确定用于存储第一密钥的第一存储区域,所述第一密钥为对所述第一用户的个人数据进行加密的密钥;所述电子设备利用安全删除方法在所述第一存储区域内删除所述第一密钥,所述安全删除方法为删除所述第一密钥后可防止所述第一密钥恢复的删除方法;删除被所述第一密钥加密过的所述第一用户的全部个人数据。The processing module is further configured to receive a second instruction sent by the user, where the second instruction is used to instruct the electronic device to delete all personal data of the first user; determine the user identity of the user; When the user identity of the user is the first user or the administrator, the electronic device determines a first storage area for storing a first key, and the first key is a key to the first user. The key for encrypting personal data; the electronic device deletes the first key in the first storage area by using a secure deletion method, and the secure deletion method is to delete the first key to prevent the A method for deleting the first key recovery; deleting all personal data of the first user encrypted by the first key.
  17. 根据权利要求11所述的电子设备,其特征在于:The electronic device according to claim 11, wherein:
    所述处理模块,具体用于确定所述第一个人数据的输入权限包括所述第一用户;获取所述第一用户对应的第一密钥,所述第一密钥为对所述第一用户的个人数据进行加密的密钥;利用所述第一密钥对所述第一个人数据进行加密得到加密后的所述第一个人数据;建立所述第一用户、第二隐私级别和加密后的所述第一个人数据之间的第二映射关系,所述第二隐私级别为与所述第一个人数据对应的隐私级别;存储所述第二映射关系。The processing module is specifically configured to determine that the input authority of the first personal data includes the first user; obtain a first key corresponding to the first user, and the first key is for the first user. A key for encrypting personal data of a user; encrypting the first personal data with the first key to obtain the encrypted first personal data; establishing the first user and second privacy A second mapping relationship between the level and the encrypted first personal data, where the second privacy level is a privacy level corresponding to the first personal data; and the second mapping relationship is stored.
  18. 根据权利要求11所述的电子设备,其特征在于,所述第一操作为输入操作、输出操作、修改操作或删除操作。The electronic device according to claim 11, wherein the first operation is an input operation, an output operation, a modification operation or a deletion operation.
  19. 根据权利要求11所述的电子设备,其特征在于:The electronic device according to claim 11, wherein:
    所述处理模块,还用于接收使用者发出的第三指令,所述第三指令用于指示所述电子设备配置用户集合对个人数据集合的访问权限,所述个人数据集合包括所述第一用户的至少一个个人数据,所述用户集合包括预先在所述电子设备注册过的至少一个用户;确定所述使用者的用户身份为所述第一用户;配置所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限。The processing module is further configured to receive a third instruction issued by the user, where the third instruction is used to instruct the electronic device to configure the access authority of the user set to the personal data set, the personal data set including the first At least one personal data of a user, the user set includes at least one user registered in the electronic device in advance; determine the user identity of the user as the first user; configure each user in the user set to Access rights for each personal data in the set of personal data.
  20. 根据权利要求19所述的电子设备,其特征在于:The electronic device according to claim 19, wherein:
    所述处理模块,具体用于添加所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限;或者,The processing module is specifically configured to add the access authority of each user in the user set to each personal data in the personal data set; or,
    所述处理模块,具体用于删除所述用户集合中每个用户对所述个人数据集合中每个个人数据的访问权限。The processing module is specifically configured to delete the access authority of each user in the user set to each personal data in the personal data set.
  21. 一种电子设备,其特征在于,包括存储器和与所述存储器连接的处理器,所述存储器用于存储指令;An electronic device, characterized in that it comprises a memory and a processor connected to the memory, and the memory is used for storing instructions;
    所述处理器用于执行所述指令,以使所述计算机设备执行以下操作:The processor is configured to execute the instructions to cause the computing device to:
    接收使用者发出的第一指令,所述第一指令用于指示所述电子设备对第一用户的第一个人数据执行第一操作,所述第一用户为预先在所述电子设备上注册过的用户;确定所述使用者的用户身份;获取所述第一个人数据的操作权限,所述第一个人数据的操作权限用于指示允许操作所述第一个人数据的用户身份;根据所述使用者的用户身份和所述第一个 人数据的操作权限确定是否对所述第一个人数据执行第一操作。Receive a first instruction sent by a user, where the first instruction is used to instruct the electronic device to perform a first operation on the first personal data of a first user who is pre-registered on the electronic device determine the user identity of the user; obtain the operation authority of the first personal data, the operation authority of the first personal data is used to indicate the identity of the user who is allowed to operate the first personal data ; Determine whether to perform a first operation on the first personal data according to the user identity of the user and the operation authority of the first personal data.
PCT/CN2021/107491 2020-07-31 2021-07-21 Secure interaction method and apparatus WO2022022346A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010758901.2A CN111949956A (en) 2020-07-31 2020-07-31 Secure interaction method and device
CN202010758901.2 2020-07-31

Publications (1)

Publication Number Publication Date
WO2022022346A1 true WO2022022346A1 (en) 2022-02-03

Family

ID=73339873

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/107491 WO2022022346A1 (en) 2020-07-31 2021-07-21 Secure interaction method and apparatus

Country Status (2)

Country Link
CN (1) CN111949956A (en)
WO (1) WO2022022346A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111949956A (en) * 2020-07-31 2020-11-17 华为技术有限公司 Secure interaction method and device
CN112966297B (en) * 2021-02-04 2022-01-14 华为技术有限公司 Data protection method, system, medium and electronic device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103130060A (en) * 2011-11-22 2013-06-05 株式会社日立制作所 Safety system of elevator
CN105354960A (en) * 2015-10-30 2016-02-24 夏翊 Financial self-service terminal security zone control method
US20180248888A1 (en) * 2017-02-28 2018-08-30 Fujitsu Limited Information processing apparatus and access control method
CN109166579A (en) * 2018-09-04 2019-01-08 广州市果豆科技有限责任公司 A kind of sound control method and system of combination face information
CN109237736A (en) * 2018-09-25 2019-01-18 珠海格力电器股份有限公司 A kind of control method and household appliance of household appliance
CN110895599A (en) * 2018-09-12 2020-03-20 西门子(中国)有限公司 Access right determining device and access right determining method
CN111949956A (en) * 2020-07-31 2020-11-17 华为技术有限公司 Secure interaction method and device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102930194A (en) * 2012-09-20 2013-02-13 无锡华御信息技术有限公司 Data security operating system and method based on authority management and control
CN105447422A (en) * 2016-01-29 2016-03-30 广东欧珀移动通信有限公司 Method for protecting user privacy and terminal
CN106778160A (en) * 2016-11-28 2017-05-31 上海摩软通讯技术有限公司 Data item display methods and device
CN108334761B (en) * 2017-01-20 2020-04-21 深圳大森智能科技有限公司 User authority identification method and device
CN109151161A (en) * 2018-06-27 2019-01-04 Oppo广东移动通信有限公司 display control method and related product
CN109165492B (en) * 2018-08-02 2020-08-14 Oppo广东移动通信有限公司 Device control method, device, storage medium and electronic device
CN109447789A (en) * 2018-11-01 2019-03-08 北京得意音通技术有限责任公司 Method for processing business, device, electronic equipment and storage medium
CN110889142B (en) * 2019-12-20 2022-08-26 中国银行股份有限公司 Data authority management method, device, system and equipment

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103130060A (en) * 2011-11-22 2013-06-05 株式会社日立制作所 Safety system of elevator
CN105354960A (en) * 2015-10-30 2016-02-24 夏翊 Financial self-service terminal security zone control method
US20180248888A1 (en) * 2017-02-28 2018-08-30 Fujitsu Limited Information processing apparatus and access control method
CN109166579A (en) * 2018-09-04 2019-01-08 广州市果豆科技有限责任公司 A kind of sound control method and system of combination face information
CN110895599A (en) * 2018-09-12 2020-03-20 西门子(中国)有限公司 Access right determining device and access right determining method
CN109237736A (en) * 2018-09-25 2019-01-18 珠海格力电器股份有限公司 A kind of control method and household appliance of household appliance
CN111949956A (en) * 2020-07-31 2020-11-17 华为技术有限公司 Secure interaction method and device

Also Published As

Publication number Publication date
CN111949956A (en) 2020-11-17

Similar Documents

Publication Publication Date Title
US8515139B1 (en) Facial feature detection
US9177130B2 (en) Facial feature detection
US11170084B2 (en) Biometric authentication
CN108804884B (en) Identity authentication method, identity authentication device and computer storage medium
US9547760B2 (en) Method and system for authenticating user of a mobile device via hybrid biometics information
US20170230363A1 (en) Method, computer program, and system for identifying multiple users based on their behavior
EP3321853B1 (en) Facial recognition similarity threshold adjustment
US20150220772A1 (en) System and methods for contactless biometrics-based identification
US20140333414A1 (en) Systems And Methods For High Fidelity Multi-Modal Out-Of-Band Biometric Authentication Through Vector-Based Multi-Profile Storage
US11030291B2 (en) Methods and systems for user authentication
WO2022022346A1 (en) Secure interaction method and apparatus
JP2021508870A (en) Systems and methods for user authentication by biometric authentication
US10956548B2 (en) User authentication via emotion detection
US11552944B2 (en) Server, method for controlling server, and terminal device
CN109254661B (en) Image display method, image display device, storage medium and electronic equipment
CN113826135B (en) System, method and computer system for contactless authentication using voice recognition
KR102403471B1 (en) Method and system for personal identification using homomorphic encryption
Debnath et al. Multimodal authentication system based on audio-visual data: A review
Subha Biometrics in internet of things (iot) security
CN109614804B (en) Bimodal biological characteristic encryption method, device and storage device
US20180373922A1 (en) Facial gesture captcha
CN107431714A (en) Control the access via user equipment at the control point of resource to resource function
US9674185B2 (en) Authentication using individual's inherent expression as secondary signature
Wells et al. Privacy and biometrics for smart healthcare systems: attacks, and techniques
KR102502686B1 (en) Control method of electronic apparatus, server and system for non-face-to-face identification using speaker authentication and facial authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21849507

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21849507

Country of ref document: EP

Kind code of ref document: A1