CN100466783C - Right discriminating method between mobile terminal and network equipment - Google Patents

Right discriminating method between mobile terminal and network equipment Download PDF

Info

Publication number
CN100466783C
CN100466783C CN 200610034925 CN200610034925A CN100466783C CN 100466783 C CN100466783 C CN 100466783C CN 200610034925 CN200610034925 CN 200610034925 CN 200610034925 A CN200610034925 A CN 200610034925A CN 100466783 C CN100466783 C CN 100466783C
Authority
CN
China
Prior art keywords
user
information
access
name
mobile terminal
Prior art date
Application number
CN 200610034925
Other languages
Chinese (zh)
Other versions
CN1984402A (en
Inventor
进 庞
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN 200610034925 priority Critical patent/CN100466783C/en
Publication of CN1984402A publication Critical patent/CN1984402A/en
Application granted granted Critical
Publication of CN100466783C publication Critical patent/CN100466783C/en

Links

Abstract

本发明公开了一种多用户移动终端的管理方法,通过在移动终端内设置多个用户,用户属于不同的组,不同的组设置不同的访问权限,以实现移动终端的多用户管理,让多用户共用一个终端。 The present invention discloses a method for managing multi-user of the mobile terminal, by providing a plurality of users in the mobile terminal, users belonging to different groups, different access group settings, to achieve the multi-user management of the mobile terminal, so that multiple a common user terminal. 本发明还公开了一种多用户移动终端,通过在移动终端内可访问的文件和设备都加上权限(标识),并相应在移动终端内设置权限控制模块、用户标识模块等,以控制多用户的访问。 The present invention also discloses a multi-user mobile terminal through the file in the mobile terminal device and access rights are plus (identification), and the corresponding authority is provided in the mobile terminal control module, the subscriber identity module to control multiple access users. 本发明可以有效保证用户的个人资料和隐私不被泄漏,减少不必要的损失,还能保证终端设备的安全,使得多个用户可以安全地共用同一个终端,节省用户开支。 The present invention can effectively ensure the user's personal data and privacy is not leaking, reduce unnecessary losses, but also to ensure the security of the terminal device, so that multiple users may safely share the same terminal, the user to save costs.

Description

一种移动终端多用户管理方法和装置 A mobile terminal management method and apparatus multiuser

技术领域 FIELD

本发明涉及移动终端管理技术,特别涉及一种多用户公用一个移动终端的方法和装置。 The present invention relates to a mobile terminal management technology, particularly to a multi-user mobile terminal a common method and apparatus.

背景技术 Background technique

目前,在用户使用移动通讯终端时,基本上是不区分用户的,所有用户在使用同一移动终端时,对终端内存储的内容都拥有同样的权限。 Currently, when a user using a mobile communication terminal, basically does not distinguish between users, all users use the same mobile terminal, and the contents stored in the terminal have the same rights. 比如存储在手机 For example, stored in the phone

终端中的某个用户的资料:图片、邮件、短信以及通话记录等,对使用该手机终端的另外一个用户来说,都是可见的。 Terminal of a user's information: pictures, e-mail, text messages and call records, for another user to use the mobile terminals, it is visible. 这种现状容易造成信息的泄漏,并引起不必要的误会,给用户造成很大的经济或精神损失。 This situation is likely to cause leakage of information, and unnecessary misunderstanding caused great economic or moral damages to the user.

在中国专利号为02100780. 2的发明专利中,公开了一种在同一个移动通信终端用户识别卡中建立多个用户的实现方法。 Chinese patent for invention patent No. 02100780.2, there is disclosed a method for realizing the establishment of a plurality of users in the same mobile communication terminal user identification card. 该方法首先在移动通信终端用户识别卡中分区域存贮多个用户的用户信息;然后将每个用户的相关信息增加至移动通信网络中的移动用户管理信息存储单元中;最后将每个用户的相关信息读至移动电话中的用户管理模块中,用户管理模块控制管理着移动通信终端用户识别卡中的各用户进行正常的通讯业务处理。 Firstly, the user stores a plurality of user information in a mobile communication terminal user identification card equatorial region; then increments the relevant information for each user to manage the mobile subscriber in the mobile communication network information storage unit; each user finally the information read to a mobile telephone user management module, user management module controls and manages each user of mobile communication terminal user identification card in the normal communication service processing. 本发明使用一个移动通信终端用户识别卡为多个用户提供通信业务,满足了部分人群在某些情况下需以不同的移动电话用户身份处理事务的需要。 A plurality of communication service users, to meet the needs of part of the population in some cases to be processed in different transaction mobile telephone user using the present invention, a mobile communication terminal user identification card.

该方法主要是为了对用户卡资源的多用户共享,其缺点是: The method is primarily intended for multi-user card users to share resources, the drawback is:

(1) 该方法依赖于用户卡才能实现,对无需用户卡的通讯终端则无法进行多用户管理; (1) The method relies on the user card can be achieved, without the need for user communication terminal card can not be multi-user management;

(2) 该方法无法实现终端上的用户资源保密控制。 (2) The method can not be implemented on user terminal resource security control.

发明内容 SUMMARY

有鉴于此,本发明提出一种多用户移动终端,包括: 用户信息交互模块,用于向权限控制模块发送用户信息和操作指令; 用户标识;摸块,用于存放用户的用户名和组名之间的对应关系; 权限控制模块,用于查询用户标识模块,对操作指令进行权限判断,并进行相应操作。 Accordingly, the present invention provides a multi-user mobile terminal, comprising: a user information interaction module is configured to transmit the user to the access control module and an operation instruction information; user identifier; touch block, used to store user name and a group name of the correspondence between; access control module, configured to query a user identification module, and the operation permission determination instruction, and operate accordingly.

资料存放模块,用于存放用户的信息资料,以及向用户信息交互模块发送信息资料; Data storage means for storing user information data, and transmitting the information to the user profile information interaction module;

用户信息交互模块进一步用于向用户显示信息资料; 权P艮存放模块,用于存放组与使用权P艮之间的对应关系; 权限控制模块进一步用于根据权限存放模块中存放的组与使用权限之间 User information interaction module is further for displaying information to a user profile; P Gen right storage means for storing correspondence between the group and the right to use the P gen; access control module is further set of permissions according storage module stored with the use of between rights

的对应关系,对访问请求进行权限判断。 Correspondence between request for access rights determination.

用户访问的设备及信息资料均有权限标签,用于存放允许访问的用户名和 Equipment and information materials have permission to access the user's label, used to store and allow access to user names

组名; group name;

本发明还提出了一种移动终端多用户管理方法,包括以下步骤: The present invention further provides a multi-user mobile terminal management method, comprising the steps of:

用户输入登录信息; Enter the user login information;

初始化用户信息; Initialization user information;

用户向权限控制模块提出访问设备和/或信息资料请求; User access control module to the authority proposed equipment and / or request information material;

权限控制模块通过当前用户的组名和/或用户名对访问请求鉴权,判断当前用户名是否包含在访问请求中的设备和/或信息资料所允许访问的用户名中,以及判断当前用户名所对应的组名,是否包含在访问请求中的设备和/或信息资料所允许访问的组名中,若判断同为是则鉴权通过,允许该访问请求;若鉴权不通过,结束本流程。 Access control module by the current user name of the current user group name and / or user name to access requests authentication, judging whether the current user name is contained device in the access request and user name / or information material allowed accessed, and determining corresponding group name, the device is included in the access request of the group name and / or the information allowing access to the information, if the same is determined through the authentication, the access request is allowed; if the authentication is not passed, the process ends.

初始化用户信息具体为:将登录信息中的用户名设置为当前用户名,并初始化该用户名所对应的个性化设置; Specific initialization information to the user: the user login name information is set as the current user name, user name and initializes the corresponding personalized settings;

初始化用户信息之前还进一步包括: User information before initiating further comprises:

判断登录信息是否正确,若正确,初始化用户信息;若错误,用户重新输 Determine the login information is correct, if correct, initialize the user information; if wrong, the user re-enter

判断登录信息是否正确,若正确,初始化用户信息;若错误,用户重新输入登录信息; Determine the login information is correct, if correct, initialize the user information; if wrong, to re-enter login information;

若登录信息错误次数达到预定值,结束本流程。 If the login information for the number of errors reaches a predetermined value, the flow is ended.

所述权P艮控制模块通过当前用户的组名和/或用户名对访问请求鉴权之前, 权限控制模块到权限存放模块中查询该用户名是否拥有所述访问请求所请求的操作的权限,如无此权限,结束流程;若有权限,权限控制模块通过当前用户的组名和/或用户名对访问请求鉴权。 The weight P gen control module of the current user group name and / or user name before an access request authentication, access control rights to the rights module queries the storage module has a user name whether the operation requested in the access request, such as no such permission, the process ends; if permissions, access control module of the access request by the authentication of the current user group name and / or user name.

由上述本发明提供的技术方案可以看出,本发明不用用户卡即可以实现移动终端的多用户管理,让多用户共用一个终端,节省用户开支。 Provided by the present invention of the above it can be seen, the present invention i.e. without user card allows multiple users to manage the mobile terminal, allow multiple users to share a terminal, saving the user money. 并且可以有效保证用户的个人资料和隐私不被泄漏,减少不必要的损失,还能保证终端设备的安全。 And can effectively guarantee the user's personal information and privacy is not leaking, reduce unnecessary losses, but also to ensure the safety of terminal equipment.

附图说明 BRIEF DESCRIPTION

图1为本发明的移动终端结构示意图; 图2为本发明用户登录流程示意图; The mobile terminal configuration of FIG. 1 is a schematic diagram of the present invention; FIG. 2 is a schematic flowchart of a user login invention;

图3为本发明用户访问文件流程第一示意图; 图4为本发明用户访问文件流程第二示意图, 3 a schematic flow of the first user to access the file of the present invention; FIG. 4 schematic diagram of a second user process to access the file of the present invention,

具体实施方式 Detailed ways

为了使本发明的目的、技术方案和优点更加清楚明白,以下举实施例, 并参照附图,对本发明进一步详细说明。 To make the objectives, technical solutions, and advantages of the present invention will become apparent from, the following several embodiments and with reference to the accompanying drawings, the present invention is further described in detail.

本发明的核心在于,允许多个用户使用同一移动终端,并对终端用户进行分组管理,不同组的用户对于终端资源具有不同的使用和访问权限。 The core of the present invention is that it allows multiple users to use the same mobile terminal, and the terminal user group management, different groups of users having different usage and access rights to resources of the terminal. 具有不同访问权限的用户只能访问自己对应权限的设备和个人资料,具有管理员权限的用户可以查看终端上的所有资料,并能对所有用户进行管理。 Users with different access rights can only access their own personal data devices and the corresponding rights of users with administrator privileges can view all the information on the terminal, and can manage all users.

图l是^^发明的移动终端结构示意图。 Figure l is a schematic view of a mobile terminal configuration ^^ invention.

其中,用户信息交互模块接收用户输入的用户名、密码及各种指令,将其发送至权限控制模块,以及向用户显示各种信息,如登录成功、密码错误等信息,以便用户i^ff下一步^Mt; Wherein the user interaction module receives user information input by a user name, password, and various instructions, sends it to the access control module, and displaying to the user various kinds of information, such as login is successful, an error code and other information to the user i ff ^ step ^ Mt;

权,放模块,用于存放组与使用权限之间的对应关系; 用户标识模块,用于存放每个用户区别于其它用户的用户名以及所归属的组; Right, release means for storing correspondence between the groups and permissions; subscriber identity module, for storing each of the user distinguished from other user name and group belongs;

权限控制模块,用于接收用户信息交互模块发来的交互信息,与、用户标识模块、资料存放模块、权PMHt模块等进行交互,判断用户是否有权限进行相应的操作; Access control module for receiving user interaction information sent by the module interaction information, the user identification module, data storage module, a module interaction right PMHt determines whether the user has permission to perform the corresponding operation;

资料存放模块,用户存放用户的信息资料,如多媒体文件、文件夹等,以及向用户信息交互模块发送资料信息。 Data storage module, the user store the user's profile information, such as multimedia files, folders, etc., and send data information to the user information interaction module. 本领域普通技术人员可以理解,这里的资料存放模块可以设置在移动终端内,也可以设置移动终端可以访问的网络服务器上. Those of ordinary skill in the art will be appreciated, where the data storage module may be provided in the mobile terminal, the network server may be provided on a mobile terminal may access.

为了实现不同的用户拥有不同的使用和访问权限,就需要在终端内设置至少两个組,不同的用户属于不同的組,不同的組对应着不同的使用权限。 In order to achieve different users have different access and use, it is necessary in the terminal is provided at least two groups of different users belonging to different groups, different sets correspond to different usage rights. group

与使用权限之间的对应关系存放在权,放模块中,如下表所示: And the correspondence between the usage rights stored in the right place in the module, as shown in the following table:

<table>table see original document page 8</column></row> <table>表一 <Table> table see original document page 8 </ column> </ row> <table> Table

管理员组内用户拥有终端的最高权限,能够使用终端的所有资源:如更改终端的配置、安装或卸载软件、对终端进行升级、查看所有用户的所有信息、 管理所有用户。 Users in the Administrators group have the highest authority of the terminal, the terminal can use all the resources: such as changes to the configuration of the terminal, install or uninstall software, terminal upgrade all users to see all of the information management for all users. 一般用户组内用户只拥有系统初始化时确定的或者管理员分配的与该组对应的权限,权限小于管理员组,不能管理其它用户和查阅其它组成员的信息资料。 General users within the user group has only determine the initialization of the system corresponding to the group assigned privileges or administrator with privileges less than Administrators group can not manage other users and access to information material other group members. 本领域技术人员可以知道,组的个数以及权限的划分不限于上表所示,依终端的性质不同,不同的终端其组的划分方法和权限分配可能不同。 Those skilled in the art know, the group division is not limited to the number and the permissions indicated in the table, depending on the different nature of the terminal, and a dividing method different privileges assigned terminal groups which may be different. 管理员在创建用户时,每个用户都有区别于其它用户的用户名以及所归属的组,这一对应关系存放于用户标识模块中,如下表所示: Administrator when creating the user, each user has a user name different from the other group and belongs to, the corresponding relationship stored in the subscriber identification module in the following table:

<table>table see original document page 8</column></row> <table>为了加强安全性,上表中还有用户设置的密码,用户必须输入密码才能登录终端.密码建议采用加密的方式存储,在需要显示的时候以掩码的形式显示.表中的用户名和密码的位数及格式由不同的终端自己规定。 <Table> table see original document page 8 </ column> </ row> <table> In order to strengthen security on the table as well as the password set by the user, the user must enter a password to login terminal. Password stored in encrypted form recommended when needed displayed on the display in the form of masks. table user name and password digits and the format specified by the different terminals themselves.

系统在后台需要维护组和组的权限划分的信息,并记录组内的所有用户名, System in the background information needed to maintain the division of authority groups and groups, and record all user names in the group,

并维护其密码。 And maintain their passwords. 所有这些信息只有管理员用户能够看到,并可以对这些信息进行管理.任何用户(包括管理员用户)都不能看到其它用户的密码。 All this information is only an administrator user can see, and you can manage the information. Any user (including the Administrator user) can not see the other user's password. 管理员用 Administrators use

户对用户的管理至少包括:组的创建和删除;组的权限分配;组内用户的增加和删除。 User management of users includes at least: create and delete groups; assign group permissions; increase in user groups and deleted.

困2是用户登录;;iU呈示意困。 User login is trapped 2 schematically ;; iU was trapped.

步骤201~202:用户登录,移动终端权限控制模块要求用户输入用户名, 然后到用户标识模块中查询该用户名是否存在及是否设定了对应的密码。 Step 201 ~ 202: the user logs on the mobile terminal access control module requires the user to enter a user name and a user identification module to query the user name exists and is set corresponding password. 如果 in case

有对应密码,则还要求用户输入密码,这里可以在终端显示屏上弹出对话框等形式实现, With a corresponding password, the user is also required to enter a password, there may be a pop-up dialog boxes and so implemented in the terminal screen,

步骤203:权限控制模块判断用户名及密码是否正确,如果均正确,执行步骤205;如果有一项错误,执行步骤204或直接结束该登录流程; Step 203: access control module determines whether the user name and password are correct, if correct, perform step 205; if there is an error in step 204 or directly to the end of the login process;

步骤204:向用户返回错误信息,并要求重新输入用户名和密码; Step 204: return an error message to the user, and requires re-enter a user name and password;

步骤205:验证通过,初始化用户相关信息,将登录信息中的用户名设置为当前用户名,并初始化系统中保存的该用户名所对应的个性化设置,比如用户的个性化桌面等,初始化信息之后,该用户名就有一个对应的组,其所拥有的基本权限可以在用户标识模块中查询,例如某一用户想更改系统配置,则权限控制模块到用户标识模块中查询该用户属于一般用户组,而一般用户组不具有更改配置权限,则权限控制模块将拒绝用户的这一操作。 After the verification is passed, initialize the user-related information, the login user to the current user name name information, and initializes the system stored in the user name corresponding personalized settings, such as the user's personalized desktop etc., initialization information: Step 205 the user name there is a corresponding set of basic rights in its possession can query a subscriber identity module, for example, a user wants to change the system configuration, the access control module to the subscriber identity module to query the user belongs to the general user group , and general user group does not have authority to change the configuration, the access control module will reject the operation of the user.

上述流程适用于用户从系统启动时登录的情况,也适用于切换用户时的情况,例如,用户已经以用户名A成功登录,如果想要以另一个用户名B来访问的话,此时需要进行切换,输入B的账号名和密码,如果账号和密码正确,则释放账号A的信息,然后初始化B账号的信息。 The above process applies to the user logged on from the system startup, also applies to the case when switching users, for example, the user has a user name A successful login, if you want to access another user name, then B, then need to be switching input B of the account name and password, if the account number and password is correct, the account information of the release of a, B and initialization information account. 而且,如果用户B登录成功, 可以将上一用户A的当前登录信息^MK以备下一次用户A登录时进行场景恢复。 Further, if the user B is successful, the login information may be a current user A ^ MK a scene to prepare for the next recovery user A logs.

所有用户的资料都存放在资料存放模块中,该资料存放模块进一步包括公共资料存放棋块和私人资料存放模块, All user data are stored in the data storage module, the data storage module further includes a public information and private information stored chess block storage module,

存放于私人资料存放模块中每个文件都有一个权P艮标签。 Private information stored in the storing each file has a right module P Burgundy label. 该权限标签记录该文件对应的组名和/或用户名,这一对应关系可以是文件被用户创建时记录的,也可以由管理员更改, The record label permission of the file Group name and / or user name, the correspondence between the file may be recorded when a user creates, it can also be changed by an administrator,

用户在访问文件或文件夹时,需要根据系统的访问规则和用户的组名及用户名来判断该用户是否有权P艮去访问此文件或文件夹。 When users access a file or folder, you need to determine whether the user is authorized to access this P-gen files or folders based on access rules of the system and user group names and user names. 用户对设备资源的访问 User access to device resources

与文件的访问类似,可以把设备当作文件来管理,每个设备都有对应的权限标签,用户对设备的访问控制可以按照文件的访问控制来实现。 And access files similar to the device can be managed as a file, each device has a corresponding Permissions tab, users can follow to achieve access control file access control equipment. 如下表是一个文 The following table is a text

件权限标签示例: Piece Permissions tab Example:

<table>table see original document page 10</column></row> <table>表三中有文件所对应的组名和用户名,文件Apple可以被一般用户组访问,也可以被设置为仅能被用户Ben访问,视具体要求而定。 <Table> table see original document page 10 </ column> </ row> <table> Table Three has the file corresponding to the group name and user name, file Apple may be a general user group access, may be provided to only be Ben user access, depending on the specific requirements. 可访问文件Moon的组名为空,用户名为所有用户,则表示该文件是公共文件,可以被所有用户访问. Moon can access files of the group name is empty, the user name for all users, it means that the file is a common file that can be accessed by all users.

图3是一个对文件的访问流程: Figure 3 is to access a process to the file:

步骤301~302:用户向移动终端发出访问某一文件或文件夹的请求消息,请求消息中携带欲访问的文件名或文件夹名,这里的请求消息可以是用户浏览文件夹选中某一文件的形式发出,也可以是在对话框中直接输入文件名等形式发出, Step 301 ~ 302: The user sends to the mobile terminal to access a file or folder request message, carrying the name of the file to be accessed or folder name in the request message, where the request message may be user selected browse a file folder form issued in the form of input may be issued directly in the file name box,

步骤303 ~ 304:移动终端内的权限控制模块对该用户是否拥有访问此文件的权限进行判断.首先,权限控制模块在用户标识模块中查找出该用户所属的组;然后,权限控制模块提取出请求消息中的文件名,然后到资料存放模块中查找到该文件,从该文件的文件权限标签中提取出该文件所对应的组和用户名,在步骤303中,进行组名权限验证,根据访问规则判断该用户所属的组是否拥有访问权限。 Step 303 ~ 304: access control module in the mobile terminal whether the user has permission to access the file is determined first, the access control module searches for the user belongs in the user identity module; then extracts access control module. filename request message, and then to the data storage module to find the file, extracts the group and the user name of the file corresponding to the file permissions tag of the file, in step 303, a group name rights verification, in accordance with access rules to determine whether the user is a member of the group has access to. 例如,如果该文件能被所有人访问,则验证通过; 如果该用户是管理员组,则^通过;如果该用户所属的组和创建该文件的用户所属的组一致,則mt通过。 For example, if the file can be accessible to everyone, then verified; if the user is an administrator group, then ^ by; if the user belongs to the group and to create a consistent set of users of the file belongs, through mt. 若^ii不通过,则执行步骤306;若验证通过, 则执行步稞304,在这里,如果用户所属的组是管理员组,还可以跳过步骤304, 直接执行步骤305。 ^ Ii If not passed, step 306 is performed; if verified, the wheat to step 304, where, if a user belongs to the group administrator group also may skip step 304, step 305 is performed directly. 在步骤304中,进行用户名权IH^证,根据访问规则判断 In step 304, user rights IH ^ name card, access rules determined in accordance with

该用户的用户名是否拥有访问权限。 The user name whether it has access. 如果该文件能^皮所有人访问,则验证通过; 如果该用户名属于管理员组,则验汪通过;如果该用户的用户名和创建该文件的用户的用户名一致,则發汪通过.若Jmt通过,则执行步骤305;若验证不通过,則执行步骤306。 If the file can ^ skin accessible to everyone, then verified; if the user name belongs to the Administrators group, the inspection by Wang; if the same user name and the user who created the file's user name, if it is issued by Wang. by Jmt, execute step 305; if the authentication fails, step 306 is executed.

在步錄303和304对用户进行权PMHi前,还可以到权限存放模块中查询该用户名是否拥有欲进行的操作的权限,如无此权限,则不用进行步骤303和304的判断,直接结束流程。 Front right PMHi be recorded in step 303 and 304 users, permissions can also be stored in the module queries the user name permissions whether the operation has to be carried out, the absence of such authority, it is not the determination of step 303 and 304, and direct end Process. 如,用户发出更改配置的访问请求,而通过查询, 该用户属于一般用户组,而一般用户组不具有更改配置的权限,则直接结束流程,向用户返回#^信息, For example, a user access request to change the configuration, but by querying the user belongs to the general user group, and general user group does not have permission to change the configuration, then the process ends and returns to the user # ^ information,

步猓305:用户可以访问文件.此处对于文件的访问,包括对文件夹的访问,访问操作包括文件的读、写、创建和删除等。 Guo Step 305: Users can access files here for access to the file, including access to folders, file access operations include read, write, create, and delete.

步骤306:用户不具有访问文件权限,结束流程。 Step 306: The user does not have permission to access the file, the end of the process. 此时还可以在移动终端上显示"您不具有访问权限"等字样,对用户进行提示。 At this point can also be displayed on the mobile terminal, "you do not have access to," and other words, the user is prompted.

对多个文件、文件夹的访问权限控制流程与图3类似,在此不再赘述。 Multiple files, folder access control process similar to Figure 3, which will not be repeated here. 本领域普通技术人员可以理解,访问权限控制方法还有多种,如图4所示,其与图3的方法差别在于先进行步骤403用户名权卩H^证,后进行步骤404组名权PH^证,其中步骤403和步骤404都是可选的,比如只进行组名权卩^睑证或用户名权PIU^证.在此不再赘述。 Those of ordinary skill in the art can be appreciated, there are many access control method, as shown in FIG. 3 the difference is that the first method step 403 the user name right certificate Jie H ^ 4, right after step 404 the group name the PH ^ certificate, wherein step 403 and step 404 are optional, such as the group name only right eyelid Jie ^ right certificate or username ^ the PIU card. omitted herein.

虽然通过参照本发明的某些优选实施方式,已经对本发明进行了图示和描述,但本领域的普通技术人员应该明白,可以在形式上和细节上对其作各种改变,而不偏离本发明的精神和范围。 While the invention has been shown and described with reference to certain preferred embodiments of the present invention, but those of ordinary skill in the art should be understood that various changes may be made thereto in form and detail without departing from the present the spirit and scope of the invention.

Claims (9)

1. 一种多用户移动终端,其特征在于,包括:用户信息交互模块,用于向权限控制模块发送登录信息和访问请求;用户标识模块,用于存放用户的用户名和组名之间的对应关系;权限控制模块,用于查询用户标识模块,对访问请求进行权限判断,并进行相应操作。 A multi-user mobile terminal, comprising: a user information interaction module, configured to send a request to the login information and access permission control module; correspondence between the subscriber identity module, used to store user name and group name relationship; access control module, configured to query a user identification module, determining rights of access request, and operate accordingly.
2. 如权利要求1所述的多用户移动终端,其特征在于,还包括: 资料存放模块,用于存放用户的信息资料,以及向用户信息交互模块传送信息资料;用户信息交互才莫块进一步用于向用户显示信息资料。 2. The multi-user of the mobile terminal according to claim 1, characterized by further comprising: data storage means for storing user information data, and transmitting the information to the user profile information interaction module; user information block interaction was further Mo data for displaying information to the user.
3. 如权利要求l所述的多用户移动终端,其特征在于,还包括: 权P艮存放模块,用于存放组与使用权P艮之间的对应关系; 权限控制模块进一步用于根据权限存放模块中存放的组与使用权限之间的对应关系,对访问请求进行权限判断。 The multi-user mobile terminal according to claim l, characterized by further comprising: P Gen right storage means for storing correspondence between the group and the right to use the P gen; access control module is further configured according to the authority correspondence between the group and the usage rights stored in storage module, access requests permission determination.
4. 如权利要求l-3任意一项所述的多用户移动终端,其特征在于,用户访问的设备及信息资料均有权限标签,用于存放允许访问的用户名和组名。 L-3 as claimed in any one of the plurality of mobile user terminals, characterized in that the information equipment and materials have user access rights label, allowing access for storing user and group names.
5. —种移动终端多用户管理方法,其特征在于,包括以下步骤: 用户输入登录信息;初始化用户信息ti用户向权限控制模块提出访问设备和/或信息资料请求; 权限控制模块通过当前用户的组名和/或用户名对访问请求鉴权,判断当前用户名是否包含在访问请求中的设备和/或信息资料所允许访问的用户名中,以及判断当前用户名所对应的组名,是否包含在访问请求中的设备和/或信息资料所允许访问的组名中,若判断同为是则鉴权通过,允许该访问请求;若鉴权不通过,结束本流程。 5. - kind of multi-user mobile terminal management method, characterized by comprising the steps of: a user input login information; ti initialization information the user to control user access privileges module proposed device and / or requesting information materials; access control module of the current user group name and / or user name to access requests authentication, judging whether the current user name is contained device in the access request and user name / or information material are allowed access, and in determining the group name of the user name corresponding to the current, is included in the and a device access request group name / information or the information allowed access, if the same is determined through the authentication, the access request is allowed; if the authentication is not passed, the process ends.
6. 如权利要求5所述的移动终端多用户管理方法,其特征在于,初始化用户信息具体为:将登录信息中的用户名设置为当前用户名,并初始化该用户名所对应的个性化设置。 As claimed in claim 5 mobile terminal multi-user management, characterized in that the initialization information specific to the user: the user login name information is set as the current user name, user name and initializes the corresponding personalized settings.
7. 如权利要求5或6所迷的移动终端多用户管理方法,其特征在于,初始化用户信息之前进一步包括:判断登录信息是否正确,若正确,初始化用户信息;若错误,用户重新输入登录信息。 7. The fan 5 or 6 multiuser mobile terminal management method as claimed in claim, characterized in that, before initiating the user information further comprises: determining whether the login information is correct, if correct, the user initialization information; if error, re-enter user login information .
8. 如权利要求7所述的移动终端多用户管理方法,其特征在于,若登录信息错误次数达到预定值,结束本流程。 8. The mobile terminal of claim 7 multi-user management method as claimed in claim, characterized in that the number of errors if the login information reaches a predetermined value, the process ends.
9. 如权利要求5所述的移动终端多用户管理方法,其特征在于,所述权限控制模块通过当前用户的组名和/或用户名对访问请求鉴权之前,权限控制模块到权限存放^t块中查询该用户名是否拥有所述访问请求所请求的操作的权限, 如无此权限,结束流程;若有权限,权限控制模块通过当前用户的组名和/或用户名对访问请求鉴才又。 5 9. The mobile terminal according to multi-user management method as claimed in claim, wherein the access control module of the current user group name and / or name of the user authentication prior to access request, the access control module ^ t store permissions block queries whether the user name in the access request operation has requested permission, the absence of such permission, the process ends; if permissions, access control module group name of the current user and / or user name to access and before request KAM .
CN 200610034925 2006-04-06 2006-04-06 Right discriminating method between mobile terminal and network equipment CN100466783C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200610034925 CN100466783C (en) 2006-04-06 2006-04-06 Right discriminating method between mobile terminal and network equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200610034925 CN100466783C (en) 2006-04-06 2006-04-06 Right discriminating method between mobile terminal and network equipment

Publications (2)

Publication Number Publication Date
CN1984402A CN1984402A (en) 2007-06-20
CN100466783C true CN100466783C (en) 2009-03-04

Family

ID=38166541

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200610034925 CN100466783C (en) 2006-04-06 2006-04-06 Right discriminating method between mobile terminal and network equipment

Country Status (1)

Country Link
CN (1) CN100466783C (en)

Families Citing this family (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217399B (en) 2007-12-29 2010-08-04 华为终端有限公司 A data card background system and the corresponding operating method
CN101197874B (en) 2008-01-02 2012-06-06 中兴通讯股份有限公司 Mobile terminal equipment
US8549657B2 (en) * 2008-05-12 2013-10-01 Microsoft Corporation Owner privacy in a shared mobile device
JP2011118569A (en) * 2009-12-02 2011-06-16 Fuji Xerox Co Ltd Document management system and program
CN101800967B (en) * 2009-12-30 2012-12-12 华为技术有限公司 Method, gateway and mobile terminal for realizing strategy and charging control
CN102148696B (en) * 2010-09-06 2013-06-05 华为技术有限公司 Method and system for managing network service
CN101980232A (en) * 2010-10-13 2011-02-23 中兴通讯股份有限公司 Method, system and device for trying JAVA application program
CN102238276A (en) * 2011-04-06 2011-11-09 宇龙计算机通信科技(深圳)有限公司 Application program access priority setting method, system and mobile terminal
US9880604B2 (en) 2011-04-20 2018-01-30 Microsoft Technology Licensing, Llc Energy efficient location detection
CN102930221A (en) * 2011-08-09 2013-02-13 三星电子(中国)研发中心 Method for protecting data in handheld equipment
CN103002100B (en) * 2011-09-16 2017-04-12 中兴通讯股份有限公司 Its data card phone book record identification method and apparatus
CN102354353A (en) * 2011-09-27 2012-02-15 宇龙计算机通信科技(深圳)有限公司 Method for acquiring data and terminal
CN103136483A (en) * 2011-11-22 2013-06-05 中兴通讯股份有限公司 Data card and multi-user access method of external memory card thereof
US8732822B2 (en) 2011-12-16 2014-05-20 Microsoft Corporation Device locking with hierarchical activity preservation
US9325752B2 (en) 2011-12-23 2016-04-26 Microsoft Technology Licensing, Llc Private interaction hubs
US9467834B2 (en) 2011-12-23 2016-10-11 Microsoft Technology Licensing, Llc Mobile device emergency service
US9420432B2 (en) 2011-12-23 2016-08-16 Microsoft Technology Licensing, Llc Mobile devices control
US9363250B2 (en) 2011-12-23 2016-06-07 Microsoft Technology Licensing, Llc Hub coordination service
US8874162B2 (en) 2011-12-23 2014-10-28 Microsoft Corporation Mobile device safe driving
US20130305354A1 (en) 2011-12-23 2013-11-14 Microsoft Corporation Restricted execution modes
CN102404460A (en) * 2011-12-30 2012-04-04 上海华勤通讯技术有限公司 Multi-user management system, method and mobile terminal
CN103473232B (en) * 2012-06-06 2018-02-13 北京三星通信技术研究有限公司 Self-management apparatus and method of application
CN102833409A (en) * 2012-08-22 2012-12-19 广东欧珀移动通信有限公司 Automatic switchover method of users and mobile communication terminal thereof
US9230076B2 (en) 2012-08-30 2016-01-05 Microsoft Technology Licensing, Llc Mobile device child share
CN102932535A (en) * 2012-10-18 2013-02-13 广东欧珀移动通信有限公司 Mobile terminal shared by multiple users and using method for mobile terminal
CN103916527A (en) * 2013-01-09 2014-07-09 上海斐讯数据通信技术有限公司 Method for achieving multi-user log-in mode and mobile terminal
CN105164663B (en) * 2013-01-09 2018-05-01 艾菲尼莫公司 Controlled access to systems and methods of interaction
CN104063671B (en) * 2013-03-21 2016-08-10 腾讯科技(深圳)有限公司 Information security management system and method
US9820231B2 (en) 2013-06-14 2017-11-14 Microsoft Technology Licensing, Llc Coalescing geo-fence events
US9998866B2 (en) 2013-06-14 2018-06-12 Microsoft Technology Licensing, Llc Detecting geo-fence events using varying confidence levels
CN104518876B (en) * 2013-09-29 2019-01-04 腾讯科技(深圳)有限公司 Service login method and device
CN105187377A (en) * 2015-06-25 2015-12-23 联想(北京)有限公司 Data processing method, data processing device, data access method and data access device
CN105446901A (en) * 2015-12-28 2016-03-30 青岛海信移动通信技术股份有限公司 Data processing method and device for multi-user terminal
US20170193206A1 (en) * 2015-12-30 2017-07-06 Futurewei Technologies, Inc. Apparatus and Method for Camera-Based User Authentication for Content Acess
CN106570413A (en) * 2016-10-19 2017-04-19 上海爱数信息技术股份有限公司 System and method for controlling access permission of document system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1307283A (en) 2000-02-03 2001-08-08 英业达集团(上海)电子技术有限公司 Multiple-user safety operation document system and method
CN1434617A (en) 2002-01-25 2003-08-06 华为技术有限公司 Method for realizing one card multiuser in mobile communication terminal
CN1532718A (en) 2003-03-24 2004-09-29 北京北佳信息系统有限公司 Method and device for setting information access autority in computer network
CN1607484A (en) 2003-10-16 2005-04-20 富士通株式会社 Program and apparatus for blocking information leaks, and storage medium for the program
CN1617507A (en) 2003-11-12 2005-05-18 鸿富锦精密工业(深圳)有限公司 Managing system and method for user authority

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1307283A (en) 2000-02-03 2001-08-08 英业达集团(上海)电子技术有限公司 Multiple-user safety operation document system and method
CN1434617A (en) 2002-01-25 2003-08-06 华为技术有限公司 Method for realizing one card multiuser in mobile communication terminal
CN1532718A (en) 2003-03-24 2004-09-29 北京北佳信息系统有限公司 Method and device for setting information access autority in computer network
CN1607484A (en) 2003-10-16 2005-04-20 富士通株式会社 Program and apparatus for blocking information leaks, and storage medium for the program
CN1617507A (en) 2003-11-12 2005-05-18 鸿富锦精密工业(深圳)有限公司 Managing system and method for user authority

Also Published As

Publication number Publication date
CN1984402A (en) 2007-06-20

Similar Documents

Publication Publication Date Title
US9055060B2 (en) Cloud service system based on enhanced security function and method for supporting the same
US8719898B1 (en) Configuring and providing profiles that manage execution of mobile applications
US9098687B2 (en) User and device authentication in enterprise systems
JP5133248B2 (en) Off-line authentication method in a client / server authentication system
EP2115607B1 (en) Provisioning of digital identity representations
US9397988B2 (en) Secure portable store for security skins and authentication information
EP2109955B1 (en) Provisioning of digital identity representations
JP3499680B2 (en) System and method for transparently integrate private key operation from the smart card and host-based cryptographic services
US9438600B2 (en) Apparatus and methods for distributing and storing electronic access clients
KR100806477B1 (en) Remote access system, gateway, client device, program, and storage medium
KR100586654B1 (en) Wireless banking system and wireless banking method using mobile phone
US20100274859A1 (en) Method And System For The Creation, Management And Authentication Of Links Between Entities
CN104903910B (en) Control access security data to the mobile device
CN101815074B (en) User authentication methods and user authentication system
US20140075493A1 (en) System and method for location-based protection of mobile data
US20100042846A1 (en) Trusted card system using secure exchange
US9059988B2 (en) Printing device capable of authorizing printing limitedly according to user level, printing system using the same and printing method thereof
US9338155B2 (en) Security device provisioning
US7496952B2 (en) Methods for authenticating a user&#39;s credentials against multiple sets of credentials
US20060059544A1 (en) Distributed secure repository
US20090298468A1 (en) System and method for deleting data in a communication device
JP2004530195A (en) Access control protocol for user profile management
CN100464549C (en) Method for realizing data safety storing business
AU2008341026B2 (en) System and method for securing data
US20070016771A1 (en) Maintaining security for file copy operations

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C14 Granted