WO2022160991A1

WO2022160991A1 - Permission control method and electronic device

Info

Publication number: WO2022160991A1
Application number: PCT/CN2021/138388
Authority: WO
Inventors: 廖晓锋
Original assignee: 华为技术有限公司
Priority date: 2021-01-29
Filing date: 2021-12-15
Publication date: 2022-08-04
Also published as: CN114817939A

Abstract

A permission control method and an electronic device. The method is executed by an electronic device, and comprises: acquiring a permission request initiated by an application, wherein the permission request carries identification information of a target permission applied for by the application; displaying a selection prompt interface corresponding to the permission request, wherein the selection prompt interface comprises selection options and a recommendation result, which corresponds to the permission request, the selection options comprise an allow option and a prohibit option, and the recommendation result comprises a recommendation level for granting the target permission to the application; and in response to a selection operation on a selection option by a user, granting the target permission to the application, or not granting the target permission to the application. By means of the method, a reference with respect to permission selection can be given to a user by means of displaying, to the user, a recommendation level for granting a target permission to an application, such that the user has better reference information during selection, thereby better improving the user experience during the use of the application.

Description

Authorization control method and electronic device

This application claims the priority of the Chinese patent application with the application number 202110127457.9 and the application name "authority control method and electronic device" filed with the State Intellectual Property Office on January 29, 2021, the entire contents of which are incorporated into this application by reference .

technical field

The present application relates to the field of electronic technology, and in particular, to an authority control method and an electronic device.

Background technique

At present, in order to improve the quality of life of users, various application programs (application, APP) have emerged. Irrelevant privacy permissions (such as address book, call history, SMS, geographic location, camera, microphone, etc.), and even some malicious programs seek economic benefits by obtaining users' privacy permissions.

In the existing permission control methods, when faced with such an application, it is usually up to the user to decide whether to grant the corresponding permission. Some users are often at a loss when faced with such a permission granting operation. It is forbidden to grant permissions, or make random selections. Therefore, these problems can lead to a poor user experience when using the application.

SUMMARY OF THE INVENTION

The embodiments of the present application provide an authority control method and an electronic device, which can greatly improve a user's experience when using an application program.

In a first aspect, an embodiment of the present application provides a permission control method. The method is executed by an electronic device and includes: acquiring a permission request initiated by an application, where the permission request carries the identification information of the target permission applied for by the application; displaying the corresponding permission request The selection prompt interface includes the selection option and the recommendation result corresponding to the permission request, the selection option includes the allow option and the prohibit option, and the recommendation result includes the recommendation degree of granting the target permission to the application; in response to the user's selection operation on the selection option , grant the target permission to the application, or not grant the target permission to the application.

Among them, the application can initiate a permission request during the installation process, or when it runs for the first time, or during the running process, the identification information of the target permission can include the name or logo of the target permission, etc., and the target permission can include phone calls, text messages, contacts, calls, etc. Permissions involving user privacy information, such as recording, camera, location information, microphone, calendar, floating window, and opening third-party application requests. The electronic device can display a selection prompt interface corresponding to the permission request, including displaying selection options and recommendation results. The recommendation degree can be a percentage, score, text or other display forms. The recommendation level allows the user to quickly make a choice whether to grant the target permission to the aforementioned application. Optionally, the electronic device may also play the recommendation result in the form of voice, which is not limited in this embodiment. If the user selects the allow option, the electronic device grants the target permission to the application, and if the user selects the prohibit option, the electronic device does not grant the target permission to the application.

As an achievable manner, the electronic device may determine the recommendation result corresponding to the permission request according to the name of the application and the identification information of the target permission. Exemplarily, the electronic device may store the correspondence between different application names and grantable permissions, and then according to the above-mentioned application names, as well as the preset application name and the correspondence between the grantable permissions. , determine the identification information of the grantable permissions of the application, and then determine the recommendation result corresponding to the permission request by matching the identification information of the grantable permissions of the application with the identification information of the target permissions.

As another achievable way, for the target permission applied for by the application, the electronic device can obtain the selection results of the target permission by different users. The electronic device may determine a recommendation degree for granting the target permission to the application according to the ratio.

In the above embodiment, the electronic device can give the user a reference on the selection of the permission by displaying the recommendation degree of the target permission granted to the application to the user, so that the user has better reference information when selecting, which can greatly improve the user's ability to use the application. program experience.

In some implementations of the first aspect, the recommendation result further includes a recommendation degree of not granting the target permission to the application.

Combining the first aspect and the above implementation manner, the electronic device can simultaneously display to the user a recommendation level (eg, 90%) for granting the target permission to an application and a recommendation level (eg, 10%) for not granting the target permission to the application, for example, in Displaying "90%" next to the allowed option and "10%" next to the forbidden option can make the user more clearly understand the reference information about the permission selection, and further improve the user's experience when using the application.

In some implementations of the first aspect, the selection option further includes a virtual permission option, and the recommendation result further includes a recommendation degree for granting the target virtual permission to the application.

Among them, in some usage scenarios, if the user chooses to prohibit granting the target permission to the application, it may affect the normal use of the application. For example, if the user chooses to prohibit granting the camera permission to a camera application, the application will Camera function cannot be implemented. If the user chooses to allow the target permission to be granted to the application, but is worried about the leakage of private information, for example, the user allows the permission to obtain location information to a camera application, the application can continuously obtain the location information of the electronic device, and there is security hidden danger. Therefore, the above recommendation result also includes the recommendation degree of granting the target virtual permission to the application, and displays the recommended program next to the virtual permission option. The virtual information can be generated by: for example, randomly changing the real location information of the electronic device, or uniformly changing it to the default location, or encrypting the real location information to generate corresponding virtual location information. The information is fused with the generated virtual location information again to generate new virtual location information.

In combination with the first aspect and the above implementation manner, by introducing the option of virtual authority, the user's privacy can be further protected on the basis of improving the user's experience.

In some implementations of the first aspect, if the number of permission requests initiated by the application program is multiple, displaying the selection prompt interface corresponding to the permission request includes: sequentially displaying the selection prompt interface corresponding to each permission request; or, simultaneously Displays the selection prompt interface corresponding to multiple permission requests.

In combination with the first aspect and the above implementation manner, if the electronic device sequentially displays the selection prompt interface for each permission request, the user can select each permission request in sequence, which can reduce the error rate of the user when selecting. If the electronic device simultaneously displays a selection prompt interface for multiple permission requests, the selection time of the user can be reduced and the selection efficiency can be improved.

In some implementations of the first aspect, the above method further includes: receiving a permission switching operation input by the user for the application program; in response to the permission switching operation, switching the first permission category that has been granted to the application program to the second permission category, When the first permission class is the target permission, the second permission class is the target virtual permission, or, when the first permission class is the target virtual permission, the second permission class is the target permission.

Among them, in some scenarios, the user uses an application and grants a virtual permission (ie, the first permission category) to the A permission applied for the application. When the user uses the application for a period of time, he feels that the application can be used. The reliability is high, and you want to switch the virtual permission of A to the real permission (ie, the second permission category). Or the user uses another application and grants the real permission (that is, the first permission category) to the B permission applied for by the application. After using the application for a period of time, the user feels that it is unnecessary to grant the real permission and wants to The real rights of B are switched to virtual rights (ie, the second rights category). Therefore, the electronic device also provides a switching interface between real permissions and virtual permissions. By introducing a virtual authorization switch, users can switch between real permissions and virtual permissions for applications in real time, providing a switchable operation for the user's permission granting. Under the premise of protecting user privacy and security, the user experience is further improved.

In some implementations of the first aspect, the method for determining the recommendation result corresponding to the permission request includes: obtaining the application type corresponding to the application; and determining the recommendation result corresponding to the permission request according to the application type and identification information of the target permission.

Wherein, the electronic device can obtain the classification information, introduction information or comment information of the above-mentioned application program from the application market, and obtain the application type of the application program by analyzing the information. Alternatively, the electronic device may locally store the correspondence between the application program and the application type, and directly obtain the application type through the correspondence.

Combined with the first aspect and the above implementation manner, the electronic device determines the corresponding recommendation result according to the application type and the identification information of the target authority for display, and can give the user a reference about the authority selection, so that the user has better reference information when choosing. , which can improve the user's experience when using the application.

In some implementations of the first aspect, determining the recommendation result corresponding to the permission request according to the identification information of the application type and target permission includes: inputting the identification information of the application type and target permission into a preset machine learning model, and determining the permission request corresponding recommendation results.

Combining the first aspect and the above implementation manner, the identification information of the application type and target authority is processed by training a converged machine learning model, and the corresponding recommendation result is obtained, which can improve the reliability of the obtained recommendation result, so that the user can choose when choosing. It has better reference information to further improve the user's experience when using the application.

In some implementations of the first aspect, the recommendation result corresponding to the permission request is determined according to the application type and the identification information of the target permission, including: according to the application type, the corresponding relationship between the preset application type and the grantable permission , determine the identification information of the grantable permission of the application; determine the recommendation result corresponding to the permission request according to the identification information of the grantable permission and the identification information of the target permission.

In combination with the first aspect and the above-mentioned implementation manner, the electronic device determines the identification information of the grantable authority of the application by setting the corresponding relationship between the application type and the grantable authority, and then determines according to the identification information of the information and the target authority. The recommendation result corresponding to the permission request can improve the reliability of the determined recommendation result, so that the user has better reference information when selecting, and further improves the user's experience when using the application.

In some implementations of the first aspect, the recommendation result corresponding to the permission request is determined according to the identification information of the grantable authority and the identification information of the target authority, including: according to the identification information of the grantable authority and the identification information of the target authority, Determine the first coefficient corresponding to the target authority. When the grantable authority includes the target authority, the first coefficient is the first preset value. When the grantable authority does not include the target authority, the first coefficient is the application that has applied for the target authority. The proportion of the program in the permission set. The permission set is the set of the reference application and the permission applied for by the reference application. The application type of the reference application is the same as the application type of the application; the second coefficient is determined according to the first coefficient. , the sum of the first coefficient and the second coefficient is the second preset value; the second coefficient and the identification information of the target authority are input into the preset machine learning model to determine the recommendation result corresponding to the authority request.

The first coefficient may be a correlation coefficient, and the second coefficient may be a vigilance coefficient. The electronic device may first determine whether the grantable authority includes the target authority, and if so, the first coefficient may be set to a first preset value, such as 1 ; If not included, the first coefficient can be determined according to the proportion of the number of applications that have applied for the target permission in the permission set. Optionally, the second preset value may be 1, that is, the second coefficient is determined by using a relational expression of (1-first coefficient).

In an implementation manner, the electronic device may also input the first coefficient and the identification information of the target authority into the machine learning model to determine the above recommendation result.

Combining the first aspect and the above implementation manner, by setting a vigilance coefficient, and comprehensively processing the vigilance coefficient and the identification information of the target authority by training a convergent machine learning model, a corresponding recommendation result can be obtained, which can further improve the obtained recommendation result. The reliability of the application allows users to have better reference information when choosing, and further improves the user's experience when using the application.

In a second aspect, an embodiment of the present application provides an apparatus, the apparatus is included in an electronic device, and the apparatus has a function of implementing the behavior of the electronic device in the above-mentioned first aspect and possible implementations of the above-mentioned first aspect. The functions can be implemented by hardware, or by executing corresponding software by hardware. The hardware or software includes one or more modules or units corresponding to the above functions. For example, a processing module or unit, a display module or unit, and the like.

In a third aspect, an embodiment of the present application provides an electronic device, the electronic device includes: a processor, a memory, and an interface; the processor, the memory, and the interface cooperate with each other, so that the electronic device executes any one of the methods in the technical solutions of the first aspect.

In a fourth aspect, an embodiment of the present application provides a chip including a processor. The processor is adapted to read and execute the computer program stored in the memory to perform the method of the first aspect and any possible implementations thereof.

Optionally, the chip further includes a memory, and the memory is connected to the processor through a circuit or a wire.

Further optionally, the chip further includes a communication interface.

In a fifth aspect, an embodiment of the present application provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the processor is made to execute any one of the technical solutions of the first aspect. a way.

In a sixth aspect, an embodiment of the present application provides a computer program product, the computer program product includes: computer program code, when the computer program code is run on an electronic device, the electronic device is made to perform any one of the technical solutions of the first aspect method.

Description of drawings

Fig. 1 is the display schematic diagram of the permission request inquiry interface in the traditional technology;

2 is a schematic structural diagram of an example of an electronic device provided by an embodiment of the present application;

3 is a block diagram of a software structure of an electronic device provided by an embodiment of the present application;

4 is a schematic flowchart of an example of an authority control method provided by an embodiment of the present application;

Figure (a) in FIG. 5 is a schematic diagram of an example of an interface for displaying a recommendation result provided by an embodiment of the present application;

Figure (b) in FIG. 5 is a schematic diagram of another example of an interface for displaying a recommendation result provided by an embodiment of the present application;

6 is a schematic diagram of another example of an interface for displaying a recommendation result provided by an embodiment of the present application;

Figure (a) in FIG. 7 is a schematic diagram of another example of an interface for displaying a recommendation result provided by an embodiment of the present application;

Figure (b) in FIG. 7 is a schematic diagram of another example of an interface for displaying a recommendation result provided by an embodiment of the present application;

8 is a schematic flowchart of another example of an authority control method provided by an embodiment of the present application;

9 is a schematic flowchart of another example of an authority control method provided by an embodiment of the present application;

FIG. 10 is a schematic flowchart of another example of an authority control method provided by an embodiment of the present application;

FIG. 11 is a schematic diagram of an example of a process of data encoding for the applicable authority and the vigilance coefficient corresponding to the applicable authority provided by the embodiment of the present application;

FIG. 12 is a schematic diagram of another example of an interface for displaying a recommendation result provided by an embodiment of the present application;

FIG. 13 is a schematic flowchart of another example of an authority control method provided by an embodiment of the present application;

Figure (a) in FIG. 14 is a schematic diagram of an example of an application setting interface provided by an embodiment of the present application;

Figure (b) in FIG. 14 is a schematic diagram of an example of a virtual authorization assistant setting interface provided by an embodiment of the present application;

Figure (c) in FIG. 14 is a schematic diagram of another example of a virtual authorization assistant setting interface provided by an embodiment of the present application;

Figure (d) in FIG. 14 is a schematic diagram of an example of a designated application interface provided by an embodiment of the present application;

Figure (e) in FIG. 14 is a schematic diagram of an example of an authority switching interface provided by an embodiment of the present application.

Detailed ways

The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application. Wherein, in the description of the embodiments of the present application, unless otherwise stated, “/” means or means, for example, A/B can mean A or B; “and/or” in this document is only a description of the associated object The association relationship of , indicates that there can be three kinds of relationships, for example, A and/or B, can indicate that A exists alone, A and B exist at the same time, and B exists alone. In addition, in the description of the embodiments of the present application, "plurality" refers to two or more than two.

Hereinafter, the terms "first", "second" and "third" are only used for descriptive purposes, and should not be understood as indicating or implying relative importance or implying the number of indicated technical features. Thus, a feature defined as "first", "second", "third" may expressly or implicitly include one or more of that feature.

The permission control method provided by the embodiments of the present application can be applied to mobile phones, tablet computers, wearable devices, in-vehicle devices, augmented reality (AR)/virtual reality (VR) devices, notebook computers, and super mobile personal computers (ultra-mobile personal computer, UMPC), netbook, personal digital assistant (personal digital assistant, PDA) and other electronic devices that can install application programs, the embodiments of the present application do not make any restrictions on the specific types of electronic devices.

Usually, when a user installs an application on an electronic device, the application will initiate some permission requests to the electronic device during the installation process, or during the use of the application, the user clicks a trigger button on the application interface After that, the application will initiate a corresponding permission request to the electronic device. For example, if the user clicks the camera button on the interface, the application will initiate a permission request to access the camera. Then, the electronic device will display the permission request inquiry interface of the application program (as shown in FIG. 1 ), at this time, the user needs to choose permission or prohibition according to his own judgment. However, for unfamiliar applications, unfamiliar permissions, or other special situations (such as first-time users of electronic devices), the user is not sure whether to allow or prohibit the granting of permissions, resulting in the user's use of Poor experience. The authority control method and electronic device provided by the embodiments of the present application aim to solve the above technical problems.

Exemplarily, FIG. 2 is a schematic structural diagram of an example of an electronic device 100 provided by an embodiment of the present application. The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2 , mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headphone jack 170D, sensor module 180, buttons 190, motor 191, indicator 192, camera 193, display screen 194, and Subscriber identification module (subscriber identification module, SIM) card interface 195 and so on. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, and ambient light. Sensor 180L, bone conduction sensor 180M, etc.

It can be understood that the structures illustrated in the embodiments of the present application do not constitute a specific limitation on the electronic device 100 . In other embodiments of the present application, the electronic device 100 may include more or less components than shown, or combine some components, or separate some components, or arrange different components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

The processor 110 may include one or more processing units, for example, the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, memory, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural-network processing unit (NPU) Wait. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.

The controller may be the nerve center and command center of the electronic device 100 . The controller can generate an operation control signal according to the instruction operation code and timing signal, and complete the control of fetching and executing instructions.

A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in processor 110 is cache memory. This memory may hold instructions or data that have just been used or recycled by the processor 110 . If the processor 110 needs to use the instruction or data again, it can be called directly from memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby increasing the efficiency of the system.

In some embodiments, the processor 110 may include one or more interfaces. The interface may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous transceiver (universal asynchronous transmitter) receiver/transmitter, UART) interface, mobile industry processor interface (MIPI), general-purpose input/output (GPIO) interface, subscriber identity module (SIM) interface, and / or universal serial bus (universal serial bus, USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus that includes a serial data line (SDA) and a serial clock line (SCL). In some embodiments, the processor 110 may contain multiple sets of I2C buses. The processor 110 can be respectively coupled to the touch sensor 180K, the charger, the flash, the camera 193 and the like through different I2C bus interfaces. For example, the processor 110 may couple the touch sensor 180K through the I2C interface, so that the processor 110 and the touch sensor 180K communicate with each other through the I2C bus interface, so as to realize the touch function of the electronic device 100 .

The I2S interface can be used for audio communication. In some embodiments, the processor 110 may contain multiple sets of I2S buses. The processor 110 may be coupled with the audio module 170 through an I2S bus to implement communication between the processor 110 and the audio module 170 . In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the I2S interface, so as to realize the function of answering calls through a Bluetooth headset.

The PCM interface can also be used for audio communications, sampling, quantizing and encoding analog signals. In some embodiments, the audio module 170 and the wireless communication module 160 may be coupled through a PCM bus interface. In some embodiments, the audio module 170 can also transmit audio signals to the wireless communication module 160 through the PCM interface, so as to realize the function of answering calls through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.

The UART interface is a universal serial data bus used for asynchronous communication. The bus may be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is typically used to connect the processor 110 with the wireless communication module 160 . For example, the processor 110 communicates with the Bluetooth module in the wireless communication module 160 through the UART interface to implement the Bluetooth function. In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the UART interface, so as to realize the function of playing music through the Bluetooth headset.

The MIPI interface can be used to connect the processor 110 with peripheral devices such as the display screen 194 and the camera 193 . MIPI interfaces include camera serial interface (CSI), display serial interface (DSI), etc. In some embodiments, the processor 110 communicates with the camera 193 through a CSI interface, so as to realize the photographing function of the electronic device 100 . The processor 110 communicates with the display screen 194 through the DSI interface to implement the display function of the electronic device 100 .

The GPIO interface can be configured by software. The GPIO interface can be configured as a control signal or as a data signal. In some embodiments, the GPIO interface may be used to connect the processor 110 with the camera 193, the display screen 194, the wireless communication module 160, the audio module 170, the sensor module 180, and the like. The GPIO interface can also be configured as I2C interface, I2S interface, UART interface, MIPI interface, etc.

The USB interface 130 is an interface that conforms to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like. The USB interface 130 can be used to connect a charger to charge the electronic device 100, and can also be used to transmit data between the electronic device 100 and peripheral devices. It can also be used to connect headphones to play audio through the headphones. The interface can also be used to connect other electronic devices, such as AR devices.

It can be understood that the interface connection relationship between the modules illustrated in the embodiments of the present application is only a schematic illustration, and does not constitute a structural limitation of the electronic device 100 . In other embodiments of the present application, the electronic device 100 may also adopt different interface connection manners in the foregoing embodiments, or a combination of multiple interface connection manners.

The charging management module 140 is used to receive charging input from the charger. The charger may be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 140 may receive charging input from the wired charger through the USB interface 130 . In some wireless charging embodiments, the charging management module 140 may receive wireless charging input through a wireless charging coil of the electronic device 100 . While the charging management module 140 charges the battery 142 , it can also supply power to the electronic device through the power management module 141 .

The power management module 141 is used for connecting the battery 142 , the charging management module 140 and the processor 110 . The power management module 141 receives input from the battery 142 and/or the charging management module 140, and supplies power to the processor 110, the internal memory 121, the external memory, the display screen 194, the camera 193, and the wireless communication module 160. The power management module 141 can also be used to monitor parameters such as battery capacity, battery cycle times, battery health status (leakage, impedance). In some other embodiments, the power management module 141 may also be provided in the processor 110 . In other embodiments, the power management module 141 and the charging management module 140 may also be provided in the same device.

The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modulation and demodulation processor, the baseband processor, and the like.

Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals. The structures of the antenna 1 and the antenna 2 in FIG. 2 are only an example. Each antenna in electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization. For example, the antenna 1 can be multiplexed as a diversity antenna of the wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide wireless communication solutions including 2G/3G/4G/5G etc. applied on the electronic device 100 . The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (LNA) and the like. The mobile communication module 150 can receive electromagnetic waves from the antenna 1, filter and amplify the received electromagnetic waves, and transmit them to the modulation and demodulation processor for demodulation. The mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor, and then turn it into an electromagnetic wave for radiation through the antenna 1 . In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the processor 110 . In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the same device as at least part of the modules of the processor 110 .

The modem processor may include a modulator and a demodulator. Wherein, the modulator is used to modulate the low frequency baseband signal to be sent into a medium and high frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low frequency baseband signal. Then the demodulator transmits the demodulated low-frequency baseband signal to the baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and passed to the application processor. The application processor outputs sound signals through audio devices (not limited to the speaker 170A, the receiver 170B, etc.), or displays images or videos through the display screen 194 . In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be independent of the processor 110, and may be provided in the same device as the mobile communication module 150 or other functional modules.

The wireless communication module 160 can provide applications on the electronic device 100 including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global navigation satellites Wireless communication solutions such as global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared technology (IR). The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2 , frequency modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 110 . The wireless communication module 160 can also receive the signal to be sent from the processor 110 , perform frequency modulation on it, amplify it, and convert it into electromagnetic waves for radiation through the antenna 2 .

In some embodiments, the antenna 1 of the electronic device 100 is coupled with the mobile communication module 150, and the antenna 2 is coupled with the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. Wireless communication technologies may include global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), broadband code division Multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC, FM , and/or IR technology, etc. GNSS may include global positioning system (GPS), global navigation satellite system (GLONASS), Beidou navigation satellite system (BDS), quasi-zenith satellite system (quasi-zenith) satellite system, QZSS) and/or satellite based augmentation systems (SBAS).

The electronic device 100 implements a display function through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.

Display screen 194 is used to display images, videos, and the like. Display screen 194 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode or an active-matrix organic light-emitting diode (active-matrix organic light). emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light-emitting diode (quantum dot light emitting diodes, QLED) and so on. In some embodiments, the electronic device 100 may include one or N display screens 194 , where N is a positive integer greater than one.

The electronic device 100 may implement a shooting function through an ISP, a camera 193, a video codec, a GPU, a display screen 194, an application processor, and the like.

The ISP is used to process the data fed back by the camera 193 . For example, when taking a picture, the shutter is opened, the light is transmitted to the camera photosensitive element through the lens, the light signal is converted into an electrical signal, and the camera photosensitive element transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise, brightness, and skin tone. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be provided in the camera 193 .

Camera 193 is used to capture still images or video. The object is projected through the lens to generate an optical image onto the photosensitive element. The photosensitive element may be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other formats of image signals. In some embodiments, the electronic device 100 may include 1 or N cameras 193 , where N is a positive integer greater than 1.

A digital signal processor is used to process digital signals, in addition to processing digital image signals, it can also process other digital signals. For example, when the electronic device 100 selects a frequency point, the digital signal processor is used to perform Fourier transform on the frequency point energy and so on.

Video codecs are used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 can play or record videos of various encoding formats, such as: Moving Picture Experts Group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4 and so on.

The NPU is a neural-network (NN) computing processor. By drawing on the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process the input information and can continuously learn by itself. Applications such as intelligent cognition of the electronic device 100 can be implemented through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.

The external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 100 . The external memory card communicates with the processor 110 through the external memory interface 120 to realize the data storage function. For example to save files like music, video etc in external memory card.

Internal memory 121 may be used to store computer executable program code, which includes instructions. The processor 110 executes various functional applications and data processing of the electronic device 100 by executing the instructions stored in the internal memory 121 . The internal memory 121 may include a storage program area and a storage data area. The storage program area can store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), and the like. The storage data area may store data (such as audio data, phone book, etc.) created during the use of the electronic device 100 and the like. In addition, the internal memory 121 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (UFS), and the like.

The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, an application processor, and the like. Such as music playback, recording, etc.

The audio module 170 is used for converting digital audio information into analog audio signal output, and also for converting analog audio input into digital audio signal. Audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be provided in the processor 110 , or some functional modules of the audio module 170 may be provided in the processor 110 .

Speaker 170A, also referred to as a "speaker", is used to convert audio electrical signals into sound signals. The electronic device 100 can listen to music through the speaker 170A, or listen to a hands-free call.

The receiver 170B, also referred to as "earpiece", is used to convert audio electrical signals into sound signals. When the electronic device 100 answers a call or a voice message, the voice can be answered by placing the receiver 170B close to the human ear.

The microphone 170C, also called "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 170C through a human mouth, and input the sound signal into the microphone 170C. The electronic device 100 may be provided with at least one microphone 170C. In other embodiments, the electronic device 100 may be provided with two microphones 170C, which can implement a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device 100 may further be provided with three, four or more microphones 170C to collect sound signals, reduce noise, identify sound sources, and implement directional recording functions.

The earphone jack 170D is used to connect wired earphones. The earphone interface 170D can be the USB interface 130, or can be a 3.5mm open mobile terminal platform (OMTP) standard interface, a cellular telecommunications industry association of the USA (CTIA) standard interface.

The pressure sensor 180A is used to sense pressure signals, and can convert the pressure signals into electrical signals. In some embodiments, the pressure sensor 180A may be provided on the display screen 194 . There are many types of pressure sensors 180A, such as resistive pressure sensors, inductive pressure sensors, capacitive pressure sensors, and the like. The capacitive pressure sensor may be comprised of at least two parallel plates of conductive material. When a force is applied to the pressure sensor 180A, the capacitance between the electrodes changes. The electronic device 100 determines the intensity of the pressure according to the change in capacitance. When a touch operation acts on the display screen 194, the electronic device 100 detects the intensity of the touch operation according to the pressure sensor 180A. The electronic device 100 may also calculate the touched position according to the detection signal of the pressure sensor 180A. In some embodiments, touch operations acting on the same touch position but with different touch operation intensities may correspond to different operation instructions. For example, when a touch operation whose intensity is less than the first pressure threshold acts on the short message application icon, the instruction for viewing the short message is executed. When a touch operation with a touch operation intensity greater than or equal to the first pressure threshold acts on the short message application icon, the instruction to create a new short message is executed.

The gyro sensor 180B may be used to determine the motion attitude of the electronic device 100 . In some embodiments, the angular velocity of electronic device 100 about three axes (ie, x, y, and z axes) may be determined by gyro sensor 180B. The gyro sensor 180B can be used for image stabilization. Exemplarily, when the shutter is pressed, the gyro sensor 180B detects the angle at which the electronic device 100 shakes, calculates the distance that the lens module needs to compensate for according to the angle, and allows the lens to counteract the shake of the electronic device 100 through reverse motion to achieve anti-shake. The gyro sensor 180B can also be used for navigation and somatosensory game scenarios.

The air pressure sensor 180C is used to measure air pressure. In some embodiments, the electronic device 100 calculates the altitude through the air pressure value measured by the air pressure sensor 180C to assist in positioning and navigation.

The magnetic sensor 180D includes a Hall sensor. The electronic device 100 can detect the opening and closing of the flip holster using the magnetic sensor 180D. In some embodiments, when the electronic device 100 is a flip machine, the electronic device 100 can detect the opening and closing of the flip according to the magnetic sensor 180D. Further, according to the detected opening and closing state of the leather case or the opening and closing state of the flip cover, characteristics such as automatic unlocking of the flip cover are set.

The acceleration sensor 180E can detect the magnitude of the acceleration of the electronic device 100 in various directions (generally three axes). The magnitude and direction of gravity can be detected when the electronic device 100 is stationary. It can also be used to identify the posture of electronic devices, and can be used in applications such as horizontal and vertical screen switching, pedometers, etc.

Distance sensor 180F for measuring distance. The electronic device 100 can measure the distance through infrared or laser. In some embodiments, when shooting a scene, the electronic device 100 can use the distance sensor 180F to measure the distance to achieve fast focusing.

Proximity light sensor 180G may include, for example, light emitting diodes (LEDs) and light detectors, such as photodiodes. The light emitting diodes may be infrared light emitting diodes. The electronic device 100 emits infrared light to the outside through the light emitting diode. Electronic device 100 uses photodiodes to detect infrared reflected light from nearby objects. When sufficient reflected light is detected, it can be determined that there is an object near the electronic device 100 . When insufficient reflected light is detected, the electronic device 100 may determine that there is no object near the electronic device 100 . The electronic device 100 can use the proximity light sensor 180G to detect that the user holds the electronic device 100 close to the ear to talk, so as to automatically turn off the screen to save power. Proximity light sensor 180G can also be used in holster mode, pocket mode automatically unlocks and locks the screen.

The ambient light sensor 180L is used to sense ambient light brightness. The electronic device 100 can adaptively adjust the brightness of the display screen 194 according to the perceived ambient light brightness. The ambient light sensor 180L can also be used to automatically adjust the white balance when taking pictures. The ambient light sensor 180L can also cooperate with the proximity light sensor 180G to detect whether the electronic device 100 is in a pocket, so as to prevent accidental touch.

The fingerprint sensor 180H is used to collect fingerprints. The electronic device 100 can use the collected fingerprint characteristics to realize fingerprint unlocking, accessing application locks, taking pictures with fingerprints, answering incoming calls with fingerprints, and the like.

The temperature sensor 180J is used to detect the temperature. In some embodiments, the electronic device 100 uses the temperature detected by the temperature sensor 180J to execute a temperature processing strategy. For example, when the temperature reported by the temperature sensor 180J exceeds a threshold value, the electronic device 100 reduces the performance of the processor located near the temperature sensor 180J in order to reduce power consumption and implement thermal protection. In other embodiments, when the temperature is lower than another threshold, the electronic device 100 heats the battery 142 to avoid abnormal shutdown of the electronic device 100 caused by the low temperature. In some other embodiments, when the temperature is lower than another threshold, the electronic device 100 boosts the output voltage of the battery 142 to avoid abnormal shutdown caused by low temperature.

Touch sensor 180K, also called "touch panel". The touch sensor 180K may be disposed on the display screen 194 , and the touch sensor 180K and the display screen 194 form a touch screen, also called a “touch screen”. The touch sensor 180K is used to detect a touch operation on or near it. The touch sensor can pass the detected touch operation to the application processor to determine the type of touch event. Visual output related to touch operations may be provided through display screen 194 . In other embodiments, the touch sensor 180K may also be disposed on the surface of the electronic device 100 , which is different from the location where the display screen 194 is located.

The bone conduction sensor 180M can acquire vibration signals. In some embodiments, the bone conduction sensor 180M can acquire the vibration signal of the vibrating bone mass of the human voice. The bone conduction sensor 180M can also contact the pulse of the human body and receive the blood pressure beating signal. In some embodiments, the bone conduction sensor 180M can also be disposed in the earphone, combined with the bone conduction earphone. The audio module 170 can analyze the voice signal based on the vibration signal of the voice part vibrating bone mass obtained by the bone conduction sensor 180M, so as to realize the voice function. The application processor can analyze the heart rate information based on the blood pressure beat signal obtained by the bone conduction sensor 180M, and realize the function of heart rate detection.

The keys 190 include a power-on key, a volume key, and the like. Keys 190 may be mechanical keys. It can also be a touch key. The electronic device 100 may receive key inputs and generate key signal inputs related to user settings and function control of the electronic device 100 .

Motor 191 can generate vibrating cues. The motor 191 can be used for vibrating alerts for incoming calls, and can also be used for touch vibration feedback. For example, touch operations acting on different applications (such as taking pictures, playing audio, etc.) can correspond to different vibration feedback effects. The motor 191 can also correspond to different vibration feedback effects for touch operations on different areas of the display screen 194 . Different application scenarios (for example: time reminder, receiving information, alarm clock, games, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.

The indicator 192 can be an indicator light, which can be used to indicate the charging state, the change of the power, and can also be used to indicate a message, a missed call, a notification, and the like.

The SIM card interface 195 is used to connect a SIM card. The SIM card can be contacted and separated from the electronic device 100 by inserting into the SIM card interface 195 or pulling out from the SIM card interface 195 . The electronic device 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 195 can support Nano SIM card, Micro SIM card, SIM card and so on. Multiple cards can be inserted into the same SIM card interface 195 at the same time. Multiple cards can be of the same type or different. The SIM card interface 195 can also be compatible with different types of SIM cards. The SIM card interface 195 is also compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to implement functions such as call and data communication. In some embodiments, the electronic device 100 employs an eSIM, ie: an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100 .

The software system of the electronic device 100 may adopt a layered architecture, an event-driven architecture, a microkernel architecture, a microservice architecture, or a cloud architecture. The embodiments of the present application take an Android system with a layered architecture as an example to exemplarily describe the software structure of the electronic device 100 .

FIG. 3 is a block diagram of the software structure of the electronic device 100 according to the embodiment of the present application. The layered architecture divides the software into several layers, and each layer has a clear role and division of labor. Layers communicate with each other through software interfaces. In some embodiments, the Android system is divided into four layers, which are, from top to bottom, an application layer, an application framework layer, an Android runtime (Android runtime) and a system library, and a kernel layer. The application layer can include a series of application packages.

As shown in Figure 3, the application package can include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, short message and so on.

The application framework layer provides an application programming interface (application programming interface, API) and a programming framework for applications in the application layer. The application framework layer includes some predefined functions.

As shown in Figure 3, the application framework layer may include window managers, content providers, view systems, telephony managers, resource managers, notification managers, and the like.

A window manager is used to manage window programs. The window manager can get the size of the display screen, determine whether there is a status bar, lock the screen, take screenshots, etc.

Content providers are used to store and retrieve data and make these data accessible to applications. Data can include videos, images, audio, calls made and received, browsing history and bookmarks, phone book, etc.

The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on. View systems can be used to build applications. A display interface can consist of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.

The phone manager is used to provide the communication function of the electronic device 100 . For example, the management of call status (including connecting, hanging up, etc.).

The resource manager provides various resources for the application, such as localization strings, icons, pictures, layout files, video files and so on.

The notification manager enables applications to display notification information in the status bar, which can be used to convey notification-type messages, and can disappear automatically after a brief pause without user interaction. For example, the notification manager is used to notify download completion, message reminders, etc. The notification manager can also display notifications in the status bar at the top of the system in the form of graphs or scroll bar text, such as notifications of applications running in the background, and notifications on the screen in the form of dialog windows. For example, text information is prompted in the status bar, a prompt sound is issued, the electronic device vibrates, and the indicator light flashes.

The Android runtime includes core libraries and a virtual machine. Android runtime is responsible for scheduling and management of the Android system.

The core library consists of two parts: one is the function functions that the java language needs to call, and the other is the core library of Android.

The application layer and the application framework layer run in virtual machines. The virtual machine executes the java files of the application layer and the application framework layer as binary files. The virtual machine is used to perform functions such as object lifecycle management, stack management, thread management, safety and exception management, and garbage collection.

A system library can include multiple functional modules. For example: surface manager (surface manager), media library (media library), 3D graphics processing library (eg: OpenGL ES), 2D graphics engine (eg: SGL), etc.

The Surface Manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications.

The media library supports playback and recording of a variety of commonly used audio and video formats, as well as still image files. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing.

2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is the layer between hardware and software. The kernel layer contains at least display drivers, camera drivers, audio drivers, and sensor drivers.

For ease of understanding, the following embodiments of the present application will take the electronic device having the structure shown in FIG. 2 and FIG. 3 as an example, and combine the drawings and application scenarios to specifically describe the permission control method provided by the embodiments of the present application.

FIG. 4 is a schematic flowchart of an example of a permission control method 200 provided by an embodiment of the present application. The method includes:

S201: Acquire a permission request initiated by an application, where the permission request carries identification information of a target permission applied for by the application.

Wherein, the application can initiate a permission request during the installation process, or when it is run for the first time, or during the running process, and the permission request can carry the identification information of the target permission applied for by the application, such as the name or ID of the target permission. For example, when a user opens a navigation application, the navigation application will initiate a permission request to obtain the location information of the electronic device. "Location Information" can be the name of the target permission, and the identifier "AddID" corresponding to the location information can be the ID of the target permission. .

Optionally, the target permissions may include permissions related to user privacy information, such as phone calls, text messages, contacts, call records, cameras, location information, microphones, calendars, floating windows, and requests to open third-party applications.

S202, an application type corresponding to the application is acquired.

Specifically, after the electronic device obtains the permission request initiated by the application, the electronic device can also obtain the application type corresponding to the application. Classification information or profile information of the application to determine its application type; or, the electronic device can analyze the name of the application to determine its application type; or, the electronic device can obtain the application type in the application market or application store. The review information of the application, and the application type of the application is determined by analyzing the review information. Optionally, the electronic device may call a database interface or script interface corresponding to the application market according to the identifier (eg, ID) or name of the application program to obtain classification information, profile information or comment information about the application program in the application market.

Exemplarily, for an application, if its profile information in the application market includes a description of "brand special sale, quality assurance", it can be determined that the application type corresponding to the application is shopping. For an application whose name is "SS Map", the corresponding application type can be determined by its name as a positioning navigation class. For an application, if the comment area of the application in the application market includes the comment information of "being able to show one's talents and meet more friends", then it can be determined that the application type corresponding to the application is social.

Optionally, a corresponding relationship between an application and an application type can also be established in the electronic device, such as a database or a data table, etc. If the application that initiates the above permission request is in this corresponding relationship, its application type can be directly obtained. ; If the application that initiates the above permission request is not in this corresponding relationship, its application type can be obtained through the above method.

S203: Determine a recommendation result corresponding to the permission request according to the application type and the identification information of the target permission, where the recommendation result includes a recommendation degree for granting the target permission to the application.

Specifically, according to the application type of the above-mentioned application program, the electronic device can obtain the reference permission set granted by other application programs of the same type, and then match the target permission applied for by the above-mentioned application program with the reference permission in the reference permission set one by one, For example, the name of the target permission is matched with the name of each reference permission one by one. If there is a match between the reference permission and the target permission, the user can be recommended to grant the target permission to the application. If the reference permission does not match the target permission, then The user can be recommended not to grant the target permission to the application. Optionally, after the electronic device grants a permission to an application, the application and the corresponding permission can be reported to the server, then another electronic device can obtain the reference permission information of the application from the server. get.

Exemplarily, it is assumed that the application type of an application is a positioning and navigation class, and the reference permissions granted by other applications of the positioning and navigation class obtained by the electronic device from the server include A, B, and C. If the target permission applied for by the application is A, it can be determined that the recommendation degree that allows granting the target permission is 100%; if the target permission applied for by the application is D, it can be determined that the recommendation degree that allows granting the target permission is 0 %, that is, the recommendation level that prohibits granting the target permission is 100%.

S204, displaying the recommendation result corresponding to the permission request.

For a schematic diagram showing the recommendation result corresponding to the permission request, please refer to (a) or (b) in FIG. 5 . As can be seen from (a) in FIG. 5 , the recommendation for granting the target permission to the application can be shown to the user. The degree of recommendation is shown in this embodiment by taking the recommendation degree as a percentage as an example, but the recommendation degree may also be shown in scores, text or other forms, and this embodiment does not limit the display form of the recommendation degree. As can be seen from (b) in FIG. 5 , the recommendation degree of granting the target permission to the application program and the recommendation degree of not granting the target permission to the application program can be displayed to the user at the same time. Then, the user can make a selection according to the recommendation result. If the user chooses to allow, the electronic device grants the target permission to the application, and if he chooses to prohibit, the electronic device does not grant the target permission to the application.

In addition, if the above applications apply for multiple target permissions at the same time, the electronic device can assign an identifier to the target permission in advance, and assign the same identifier to the recommendation result corresponding to the target permission. When recommending the result, the recommendation result may be displayed on the request prompt interface with the target authority with the same identifier. As an achievable way, the electronic device can sequentially display the recommendation results corresponding to each target authority, that is, firstly display the recommendation results corresponding to the first target authority, and then display the recommendation corresponding to the second target authority after the user selects result, and so on. As another achievable manner, as shown in FIG. 6 , the electronic device can simultaneously display the recommendation result corresponding to each target authority, and the user can complete the selection of multiple recommendation results in one display interface. As another achievable way, as shown in (a) of FIG. 7 , when the electronic device simultaneously displays the recommendation result corresponding to each target authority, a “select all” button can also be provided. When the user clicks the After pressing the button, the electronic device can jump to the figure (b) in FIG. 7 for the user to choose whether to allow all or all to prohibit, thereby reducing the number of selections by the user and improving the user's experience.

In the above permission control method, the electronic device can give the user a reference on the permission selection by showing the user the recommendation degree of the target permission granted to the application program, so that the user has better reference information when selecting the application program, which can improve the user's ability to use the application program. experience.

In another embodiment, the electronic device can also use the trained machine learning model to classify the application type of the application and the identification information of the target permission, and obtain the recommendation result corresponding to the permission request. Another example of a schematic flowchart of an authority control method 300 provided by the embodiment, the method includes:

S301: Acquire a permission request initiated by an application, where the permission request carries identification information of a target permission applied for by the application.

S302: Obtain an application type corresponding to the application.

For the implementation process of steps S301 and S302, reference may be made to the foregoing S201 and S202, which will not be repeated here.

S303: Input the identification information of the application type and target authority into a preset machine learning model, and obtain a recommendation result corresponding to the authority request, where the recommendation result includes a recommendation degree for granting the target authority to the application.

The machine learning model may be a neural network model, a classifier model, or other learning models, which are not limited in this embodiment. Taking the classifier model as an example, optionally, the machine learning model can be a random forest classifier, and the electronic device inputs the identification information of the application type and target permission into the random forest classifier, and the recommendation result corresponding to the permission request can be obtained. .

In an achievable manner, the training process of the random forest classifier can be performed by the server. First, a large number of application samples are obtained, and the application type of each application sample is correspondingly obtained, and then the application type of each application sample and the available application type are obtained. The permission application information is input into the initial random forest classifier for classification training until the convergent random forest classifier is obtained.

In another achievable manner, the server may also obtain the selection results of the permissions applied by different users for each application sample (for example, for a certain application sample, 90% of users choose to grant A permission to it), then the server The random forest classifier can also be trained according to the application type of the application sample and the user's selection results.

In another achievable manner, the server may also obtain, according to the user ID, the selection result of the permissions applied by the current user for each application sample during the use of the electronic device, and then obtain the selection result according to the user ID, the application type of the application sample, and the user's selection. The results train a random forest classifier. For example, if a user has granted permission to access location information to all navigation application samples, when another navigation application applies for this permission, it may be recommended to grant the application permission to access location information.

S304, displaying the recommendation result corresponding to the permission request.

For the implementation process of step S304, reference may be made to the above-mentioned S204, and details are not repeated here.

The above authority control method processes the identification information of the application type and target authority by training a converged machine learning model, and obtains the corresponding recommendation result, which can improve the reliability of the obtained recommendation result, so that the user has a better choice when choosing. Reference information to further improve the user's experience when using the application.

In another embodiment, the electronic device or server may also first store the correspondence between different application types and the predicted grantable permissions, for example, in a data table, database, etc. Determine the recommendation result corresponding to the application that initiated the permission request. Optionally, the predicted grantable permissions may be determined based on factors such as experience, application functionality, and user needs. FIG. 9 is a schematic flowchart of another example of a permission control method 400 provided by an embodiment of the present application, and the method includes:

S401: Acquire a permission request initiated by an application, where the permission request carries identification information of a target permission applied for by the application.

S402: Acquire an application type corresponding to the application.

For the implementation process of steps S401 and S402, reference may be made to the foregoing S201 and S202, which will not be repeated here.

S403 , according to the application type and the corresponding relationship between the preset application type and the grantable permission, determine the identification information of the grantable permission of the application program.

S404: Determine a recommendation result corresponding to the permission request according to the identification information of the grantable permission of the application and the identification information of the target permission, where the recommendation result includes a recommendation degree for granting the target permission to the application.

Specifically, since the electronic device or server stores the correspondence between the application type and the grantable permission, for the application program that initiates the permission request, the electronic device can obtain the corresponding grantable permission identification information according to the application type. . For example, the application type of an application is social, and the electronic device can obtain the grantable permissions of the application through the corresponding relationship between the application type and the grantable permissions, including E, F, and G.

Then, the electronic device can match the identification information of the determined grantable permission with the identification information of the target permission applied for by the above application, and if there is a match between the grantable permission and the target permission, it can recommend the user to the application Grant the target permission. If there is no grantable permission matching the target permission, you can recommend the user not to grant the target permission to the application. For an example of the process of determining the recommendation degree, reference may be made to the example in S203 in the foregoing embodiment, and details are not repeated here.

S405, displaying the recommendation result corresponding to the permission request.

In an achievable manner, for the implementation process of step S405, reference may be made to the foregoing S204, which will not be repeated here.

In another achievable manner, the electronic device may also store the correspondence between different application program names and the grantable permissions. If the permission request in the above S401 carries the application program name, the The step may be replaced by the following implementation manner: determining the identification information of the grantable permission of the above application program according to the application program name and the corresponding relationship between the preset application program name and the grantable permission.

In the above-mentioned authority control method, the electronic device determines the identification information of the grantable authority of the application program by setting the corresponding relationship between the application type and the authority that can be granted, and then determines that the authority request corresponds to the identification information according to the identification information and the identification information of the target authority. The recommended result can improve the reliability of the determined recommendation result, so that the user has better reference information when selecting, and further improves the user's experience when using the application.

In another embodiment, after the electronic device obtains the identification information of the grantable authority of the above application program, it can also calculate a vigilance coefficient according to the identification information of the grantable authority and the identification information of the target authority, and then determine the corresponding recommendation result. FIG. 10 is a schematic flowchart of another example of an authority control method 500 provided by an embodiment of the present application. The method includes:

S501: Acquire a permission request initiated by an application, where the permission request carries identification information of a target permission applied for by the application.

S502: Acquire an application type corresponding to the application.

S503 , according to the application type and the corresponding relationship between the preset application type and the grantable permission, determine the identification information of the grantable permission of the above-mentioned application program.

For the implementation process of steps S501-S503, reference may be made to the above-mentioned S401-S403, which will not be repeated here.

S504: Determine a vigilance coefficient corresponding to the target authority according to the identification information of the grantable authority of the application and the identification information of the target authority.

Specifically, if the grantable authority includes the target authority, a smaller alert coefficient may be set, and if the grantable authority does not include the target authority, a larger alert coefficient may be set.

Optionally, the electronic device may first perform correlation calculation on the identification information of the grantable authority and the identification information of the target authority to obtain the correlation coefficient corresponding to the target authority, and then calculate the corresponding vigilance coefficient according to the obtained correlation coefficient. As shown in Table 1, it is assumed that the target permissions applied by the above application are A, B, D and Y, and the grantable permissions of the application are B, C and D. If the target permissions are among the grantable permissions, then The correlation coefficient is 1 (indicating that the target permission is a common permission of this type of application); if the target permission is not among the permissions that can be granted, calculate the set of permissions applied by the application that has applied for the target permission in all such applications. The proportion of the number in the middle (statistics under big data), and the proportion of the number is used as the correlation coefficient; among them, when an application initiates a permission request to an electronic device, the electronic device can apply for the permission of the application. If the identification information is sent to the server, the server can store the corresponding relationship between the application and the identification information of the requested permission, and make statistics on the permissions applied for by the same type of application. For example, count the number of T-type applications. How many applications have applied for permission A, how many applications have applied for permission Y, etc.

For example, if none of the 100 applications of this type applies for the Y permission, the correlation coefficient of the Y permission is 0. If 50% of the 100 applications of this type apply for the A permission, the correlation coefficient of the A permission is 0.5; from this, the correlation coefficients corresponding to the target authority can be obtained through correlation calculation: A: 0.5, B; 1, D; 1, Y: 0; then the target is calculated by using the relational formula of (1-correlation coefficient) The vigilance coefficients corresponding to permissions are A: 0.5, B; 0, D; 0, Y: 1.

Table 1 Target authority and corresponding vigilance coefficient

S505 , input the vigilance coefficient and the identification information of the target authority into a preset machine learning model, and obtain a recommendation result corresponding to the authority request, where the recommendation result includes a recommendation degree for granting the target authority to the application.

In an achievable manner, after obtaining the vigilance coefficient corresponding to the target authority, the electronic device can input the vigilance coefficient and the identification information of the target authority into the machine learning model for processing, so as to obtain the recommendation result corresponding to the above-mentioned authority request. Optionally, the machine learning model can also be a random forest classifier, and the training process of the classifier can be as follows:

First, obtain a large number of application samples, including positive samples and negative samples, and determine the applicable permissions and the vigilance coefficients corresponding to the applicable permissions for each application sample; then encode the applicable permissions and the vigilance coefficients corresponding to the applicable permissions , get the input sample set and the test sample set; next, input the input sample set into the initial random forest classifier for training to obtain the convergent random forest classifier; finally, use the test sample set to test the obtained random forest classifier , to get the final usable random forest classifier. Among them, the process of data coding of the applicable authority and the vigilance coefficient corresponding to the applicable authority can be seen in Figure 11. Assuming that the applicable authority is B, E, G, and I, the permissions B, E, G, and I correspond to The vigilance coefficients are 0.5, 0.8, 0.3, 0.9, set the same size matrix or other forms of data sets, the first matrix sets the positions of permissions B, E, G, I to 1, other positions are set to 0, the second The position of authority B, E, G, and I is set as the corresponding vigilance coefficient for each matrix, and the other positions are set to 0, and then the two matrices are normalized, such as average summation, weighted summation, etc. (this implementation The average summation is shown as an example), and the coding result is obtained as a sample set.

In another achievable manner, a coefficient threshold (such as 0.9) may also be set. If the obtained alertness coefficient of the target authority is less than the coefficient threshold, the electronic device will input the alertness coefficient and information of the target authority into the machine learning model , get the recommended result. If the obtained vigilance coefficient of the target authority is greater than or equal to the coefficient threshold, it can be directly determined that the recommendation result is that the target authority is not granted to the application, that is, the recommendation degree of granting the target authority is 0%. Thereby, the calculation amount of the electronic device can be reduced, and the calculation efficiency can be improved.

S506, displaying the recommendation result corresponding to the permission request.

For the implementation process of step S506, reference may be made to the above-mentioned S405, which will not be repeated here.

The above authority control method, by setting a vigilance coefficient, and comprehensively processing the vigilance coefficient and the identification information of the target authority by training a convergent machine learning model, to obtain a corresponding recommendation result, which can further improve the reliability of the obtained recommendation result. This enables the user to have better reference information when selecting, and further improves the user's experience when using the application.

In some usage scenarios, if the user chooses to prohibit granting target permissions to an application, it may affect the normal use of the application. For example, a positioning and navigation application initiates an application for permission to obtain the location information of electronic devices, but the user only wants to view the route from the WW Building to the TT Building, and does not need to upload their own location information. If the user chooses to prohibit If the app is granted the permission to obtain location information, the app may close abnormally, and if the user chooses to allow the app to be granted the permission to obtain location information, they are worried that private information will be leaked. Therefore, the recommendation results obtained in the above-mentioned embodiments may also include the degree of recommendation for granting virtual permissions to applications; wherein, the electronic device may first generate a virtual permission environment, and optionally, a sandbox (Sandboxie ) to create the above-mentioned virtual authority environment, of course, the above-mentioned virtual authority environment can also be created in other ways, which is not limited here; because the virtual authority environment is actually a virtual image of the real authority environment, when the virtual environment is started for the first time, the virtual authority environment The data stored in the virtual rights is empty, therefore, corresponding virtual rights information needs to be generated for the above virtual rights. In this embodiment, the electronic device can randomly change the real location information of the electronic device, or uniformly change it to the default location, or encrypt the real location information to generate corresponding virtual location information. In addition, the real location information can also be It is fused with the generated virtual position information again to generate new virtual position information.

As shown in FIG. 12, the electronic device can obtain the recommendation degree of granting the target real permission to the application program, the recommendation degree of granting the target virtual permission to the application program, and the recommendation degree of not granting the target permission to the application program corresponding to the permission request, and display it to The user makes a selection. If the user chooses to grant the real permission, the electronic device outputs the current real location information to the application; if the user chooses to grant the virtual permission, the electronic device outputs the virtual location information generated by randomly changing the real location information to the application The program, for example, the current real location information of the electronic device is ZZ Building, and the electronic device can randomly change the real location information ZZ Building to KK Street, etc.; if the user chooses to prohibit granting permission, the application cannot obtain the location information of the electronic device. In this embodiment, by introducing the option of virtual authority, the user's privacy can be further protected on the basis of improving the user's experience.

It should be noted that the recommendation result displayed by the electronic device to the user may include at least one of the recommendation degree of granting the target real permission to the application, the recommendation degree of granting the target virtual permission to the application, and the recommendation degree of not granting the target permission to the application. two.

In other usage scenarios, the user uses an application and grants a virtual permission to the A permission applied for by the application. After using the application for a period of time, the user feels that the application is highly reliable and wants to Switch A's virtual permissions to real permissions. Or the user uses another application and grants the real permission to the B permission applied for by the application. When the user uses the application for a period of time, he feels that there is no need to grant the real permission, and wants to switch the real permission of B to the virtual one. permissions. For this problem, this embodiment also provides an implementation process for switching between real rights and virtual rights. As shown in FIG. 13 , the process may include:

S601: Receive an authority switching operation input by a user for an application program, and respond to the authority switching operation.

S602, it is judged whether to switch to applying for the real authority, if it is, execute S603, and if not, execute S604.

S603, switch the access environment of the application to the real permission environment, and grant the real permission to the application.

S604: Generate a virtual permission environment, switch the access environment of the application to the virtual permission environment, and grant the virtual permission to the application.

Wherein, (a) in Fig. 14 shows the application setting interface of the electronic device, when the user clicks the "Virtual Authorization Assistant" button on the interface, he can jump to the interface in Fig. 14 (b), the The interface is an interface where the virtual authorization function is not enabled on the electronic device. If the user wants to enable the virtual authorization function of the electronic device, he can click the switch icon 21 to enable the virtual authorization function. For the display interface after the virtual authorization function is turned on, refer to the (c) diagram interface in FIG. 14 , on which the relevant virtual authorization information can be configured, including: the generation method of the virtual information (referred to as the virtual method, such as performing the real information on the display interface). Random change, encryption of real information or fusion of real information and virtual information, etc.), virtual authorization designated application, virtual authorization function introduction, etc. If the user clicks the “designate application” button 22 on (c) in FIG. 14 , the electronic device jumps to the interface in (d) in FIG. 14 . In addition, if the user chooses to grant virtual authority in the above FIG. 12, but the virtual authorization function of the electronic device is not enabled, you can jump from FIG. 12 to (b) in FIG. 14 to enable the virtual authorization function.

On the interface of (d) in FIG. 14 , all the permissions included in the electronic device are listed (in this embodiment, five permissions are included as an example), when the user clicks a certain permission button, the electronic device can Jump to the application selection interface corresponding to the permission. For example, if the user clicks the "storage" permission button 23, the user jumps to the interface (e) in FIG. 14, where the interface displays which applications have enabled the virtual permission function and which applications have not enabled the virtual permission function. It can be seen from the interface (e) in Figure 14 that application 1 has enabled the virtual permission function of the "storage" permission, that is, application 1 can obtain virtual photos, media content and file information on the electronic device. If the user wants to switch the permission to the real permission, he can directly click the switch icon 24 to turn off the virtual permission function. After receiving the closing instruction input by the user, the electronic device switches the application access environment to the real permission environment, and at this time allows the application 1 to access real photos, media content and file information.

It can also be seen from the interface (e) in Figure 14 that the virtual permission function of the "storage" permission is not enabled for Application 2, that is, Application 2 can obtain real photos, media content and file information on the electronic device. If the user wants to switch the permission to a virtual permission, he can directly click the switch icon 25 to enable the virtual permission function. After receiving the opening instruction input by the user, the electronic device first generates a virtual permission environment and corresponding virtual permission information according to the method of the above embodiment. In this embodiment, the electronic device can randomly change the real photos, media content and file information, or uniformly change the default content to generate corresponding virtual photos, media content and file information, and then the electronic device switches the application access environment To the virtual rights environment, application 2 is now allowed to access virtual photos, media content and file information.

The above permission control method, through the introduction of a virtual authorization switch, enables users to switch between real permissions and virtual permissions for applications in real time, providing a switchable operation for the user's permission granting, and on the premise of protecting user privacy. user experience.

The entire process of the above-mentioned permission control method is described again by taking the application as the SS map and applying for the permission to obtain the location information of the electronic device as an example:

When the user opens the SS map application, the SS map application initiates a permission request to the electronic device for obtaining the location information of the electronic device. The electronic device analyzes the name of the SS map application, and determines that its application type is a positioning and navigation class. Then, according to the correspondence between the application type and the grantable permissions, the electronic device can obtain the grantable permissions of the positioning and navigation application, including the permission to obtain the location information of the electronic device, the permission to obtain the microphone of the electronic device, and the access to the storage information of the electronic device. permission.

Next, the electronic device performs a correlation calculation on the authority applied by SS Map to obtain the location information of the electronic device and the obtained grantable authority, and judges that the applied authority for obtaining the position information of the electronic equipment is included in the grantable authority, then It is determined that the correlation coefficient corresponding to the applied authority to obtain the location information of the electronic device is 1, and then the corresponding vigilance coefficient is determined to be 0. Then, the electronic device inputs the vigilance coefficient and the permission information for obtaining the location information of the electronic device into the random forest classifier, and obtains the recommendation result corresponding to the permission request initiated by the above-mentioned SS map, including granting the SS map the real permission to obtain the location information of the electronic device. The recommendation degree, the recommendation degree that grants the virtual authority to obtain the location information of the electronic device to the SS map, and the recommendation degree that does not grant the authority to obtain the location information of the electronic device to the SS map are displayed to the user for selection.

If the user chooses to prohibit granting permission, the SS map cannot obtain the location information of the electronic device.

If the user chooses to grant the real authority, the electronic device outputs the current real location information to the SS map. If the user wants to switch the real permission to the virtual permission later, the virtual permission function corresponding to obtaining the location information of the electronic device can be turned on through the interface shown in (d) in FIG. 14 , so that the electronic device can switch the application access environment to a virtual authority environment and allow SS Maps to obtain virtual location information of electronic devices.

If the user chooses to grant the virtual authority, the electronic device constructs a virtual location information and outputs it to the SS map. If the user wants to switch the virtual permission to the real permission later, the virtual permission function corresponding to obtaining the location information of the electronic device can be turned off through the interface shown in (d) in FIG. 14 , thereby enabling the electronic device to switch the application access environment. To the real authority environment, and allow SS map to obtain the real location information of electronic devices.

Examples of the permission control method provided by the embodiments of the present application are described in detail above. It can be understood that, in order to realize the above-mentioned functions, the electronic device includes corresponding hardware and/or software modules for executing each function. Those skilled in the art should easily realize that the present application can be implemented in hardware or a combination of hardware and computer software with the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein. Whether a function is performed by hardware or computer software driving hardware depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functionality for each particular application in conjunction with the embodiments, but such implementations should not be considered beyond the scope of this application.

In this embodiment of the present application, the electronic device may be divided into functional modules according to the foregoing method examples. For example, each function may be divided into various functional modules, such as a processing unit and a display unit, or two or more functions may be integrated. in a module. The above-mentioned integrated modules can be implemented in the form of hardware, and can also be implemented in the form of software function modules. It should be noted that, the division of modules in the embodiments of the present application is schematic, and is only a logical function division, and there may be other division manners in actual implementation.

It should be noted that, all relevant contents of the steps involved in the above method embodiments can be cited in the functional description of the corresponding functional module, which will not be repeated here.

The electronic device provided in this embodiment is used to execute the above-mentioned authority control method, and thus can achieve the same effect as the above-mentioned implementation method.

Where an integrated unit is employed, the electronic device may also include a processing module, a storage module and a communication module. The processing module may be used to control and manage the actions of the electronic device. The storage module may be used to support the electronic device to execute stored program codes and data, and the like. The communication module can be used to support the communication between the electronic device and other devices.

The processing module may be a processor or a controller. It may implement or execute the various exemplary logical blocks, modules and circuits described in connection with this disclosure. The processor may also be a combination that implements computing functions, such as a combination of one or more microprocessors, a combination of digital signal processing (DSP) and a microprocessor, and the like. The storage module may be a memory. The communication module may specifically be a device that interacts with other electronic devices, such as a radio frequency circuit, a Bluetooth chip, and a Wi-Fi chip.

In one embodiment, when the processing module is a processor and the storage module is a memory, the electronic device involved in this embodiment may be a device having the structure shown in FIG. 2 .

Embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by the processor, the processor is made to execute the permission control method of any of the foregoing embodiments.

Embodiments of the present application further provide a computer program product, which, when the computer program product runs on a computer, causes the computer to execute the above-mentioned relevant steps, so as to implement the authority control method in the above-mentioned embodiment.

In addition, the embodiments of the present application also provide an apparatus, which may specifically be a chip, a component or a module, and the apparatus may include a connected processor and a memory; wherein, the memory is used for storing computer execution instructions, and when the apparatus is running, The processor can execute the computer-executed instructions stored in the memory, so that the chip executes the permission control methods in the foregoing method embodiments.

Wherein, the electronic device, computer-readable storage medium, computer program product or chip provided in this embodiment are all used to execute the corresponding method provided above. Therefore, for the beneficial effects that can be achieved, reference may be made to the above-provided method. The beneficial effects in the corresponding method will not be repeated here.

From the description of the above embodiments, those skilled in the art can understand that for the convenience and brevity of the description, only the division of the above functional modules is used as an example for illustration. In practical applications, the above functions can be allocated by different The function module is completed, that is, the internal structure of the device is divided into different function modules, so as to complete all or part of the functions described above.

In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of modules or units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or May be integrated into another device, or some features may be omitted, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

Units described as separate components may or may not be physically separated, and components shown as units may be one physical unit or multiple physical units, that is, may be located in one place, or may be distributed in multiple different places. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application can be embodied in the form of software products in essence, or the parts that contribute to the prior art, or all or part of the technical solutions, which are stored in a storage medium , including several instructions to make a device (which may be a single chip microcomputer, a chip, etc.) or a processor (processor) to execute all or part of the steps of the methods in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read only memory (ROM), random access memory (random access memory, RAM), magnetic disk or optical disk and other media that can store program codes.

The above content is only a specific embodiment of the present application, but the protection scope of the present application is not limited to this. Covered within the scope of protection of this application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

An access control method, the method being executed by an electronic device, characterized in that the method comprises:

Obtain a permission request initiated by an application, where the permission request carries the identification information of the target permission applied for by the application;

A selection prompt interface corresponding to the permission request is displayed, the selection prompt interface includes a selection option and a recommendation result corresponding to the permission request, the selection option includes an allow option and a prohibition option, and the recommendation result includes a recommendation for the application the degree of recommendation to grant said target permission;

In response to the user selecting the selection option, the target permission is granted to the application, or the target permission is not granted to the application.
The method according to claim 1, wherein the recommendation result further comprises a recommendation degree that the target permission is not granted to the application.
The method according to claim 1 or 2, wherein the selection option further includes a virtual permission option, and the recommendation result further includes a recommendation degree for granting the target virtual permission to the application.
The method according to any one of claims 1-3, wherein if the number of permission requests initiated by the application program is multiple, the displaying a selection prompt interface corresponding to the permission request includes:

Display the selection prompt interface corresponding to each permission request in turn;

or,

Simultaneously display the selection prompt interface corresponding to multiple permission requests.
The method according to any one of claims 1-4, wherein the method for determining the recommendation result corresponding to the permission request comprises:

Obtain the application type corresponding to the application;

A recommendation result corresponding to the permission request is determined according to the application type and the identification information of the target permission.
The method according to claim 5, wherein the determining a recommendation result corresponding to the permission request according to the application type and the identification information of the target permission comprises:

Input the identification information of the application type and the target permission into a preset machine learning model, and determine the recommendation result corresponding to the permission request.
The method according to claim 5, wherein the determining a recommendation result corresponding to the permission request according to the application type and the identification information of the target permission comprises:

Determine the identification information of the grantable permission of the application according to the application type and the corresponding relationship between the preset application type and the grantable permission;

According to the identification information of the grantable authority and the identification information of the target authority, a recommendation result corresponding to the authority request is determined.
The method according to claim 7, wherein the determining the recommendation result corresponding to the permission request according to the identification information of the grantable permission and the identification information of the target permission comprises:

A first coefficient corresponding to the target authority is determined according to the identification information of the grantable authority and the identification information of the target authority. When the grantable authority includes the target authority, the first coefficient is The first preset value, when the grantable permission does not include the target permission, the first coefficient is the ratio of the number of applications that have applied for the target permission in the permission set, and the permission set is A reference application and a collection of permissions applied for by the reference application, where the application type of the reference application is the same as the application type of the application;

A second coefficient is determined according to the first coefficient, and the sum of the first coefficient and the second coefficient is a second preset value;

The second coefficient and the identification information of the target authority are input into a preset machine learning model, and a recommendation result corresponding to the authority request is determined.
An electronic device, comprising: a processor, a memory and an interface;

The processor, memory and interface cooperate to cause the electronic device to perform the method of any one of claims 1 to 8.
A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the processor is made to execute any one of claims 1 to 8 method described in item.