CN102279812A - Data protection method and terminal - Google Patents
Data protection method and terminal Download PDFInfo
- Publication number
- CN102279812A CN102279812A CN2011102254507A CN201110225450A CN102279812A CN 102279812 A CN102279812 A CN 102279812A CN 2011102254507 A CN2011102254507 A CN 2011102254507A CN 201110225450 A CN201110225450 A CN 201110225450A CN 102279812 A CN102279812 A CN 102279812A
- Authority
- CN
- China
- Prior art keywords
- data
- application program
- instruction
- sent
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data protection method and a terminal, wherein the data protection method comprises the following steps: step 102, receiving an instruction of saving data to a shared data region from an application program and then confirming whether the instruction is automatically sent out by the application program; and step 104, saving the data to an RAM (random access memory) in the shared data region if the instruction is automatically sent out by the application program. By the invention, data probably read by a malicious program autonomously can be saved to the RAM while the data can be lost if the RAM is powered down, thus the potential safety hazard can be prevented from keeping for a long time and the data can be prevented from being used by the malicious program.
Description
Technical field
The present invention relates to mobile communication technology, in particular to a kind of data guard method and a kind of terminal.
Background technology
In present mobile phone terminal, the data that part is important need a plurality of different functional modules frequently to use.For instance, for the multi-mold multi-card mobile phone, a plurality of communication modules wherein often all need to use usim card (Universal Subscriber Identity Module, whole world Subscriber Identity Module) data in, this will usim card data realize sharing, can be after certain communication module be closed, the user can also read usim card data that should module.
For foregoing, present scheme is behind mobile phone power-on, information in each usim card is read out, be kept at a shared region, be the zone that a plurality of functional modules or application program can both be carried out read-write operation, this shared region read and write control by AP (Application Processor, application processor), communication module can be via AP to this shared region visit USIM data, and the effect of doing like this is convenient and swift.But because what preserve among the USIM is the very strong data of privacy such as address list, note, this way is very dangerous, allows rogue program or wooden horse steal information in the shared region easily.
AP by communication module with the data read among the USIM after, store shared region into.Storer divides RAM (loss of data after the power down) and FLASH (data are still preserved after the power down) two kinds, if mobile phone saves the data among the FLASH automatically, even mobile phone shutdown or power down data all can exist so, there is potential safety hazard in this.
Such as, user's USIM information is employed program and copies among the FLASH under the unwitting situation of user, behind user's normal shutdown, and after the usim card taking-up, start again, the information in the mobile phone among the still in store former USIM, this is not that the user wishes to see; Perhaps in some cases, the user may temporarily use to other users mobile phone, even so former USIM takes out, and changed other users' USIM, but because the data among the former USIM have been kept among the FLASH, will leak the information among the former USIM in careless, there is potential safety hazard in this.That is to say,, leak the very strong information of privacy among the USIM easily under the unwitting situation of user, form potential safety hazard when the application program in the terminal is saved in data in the mobile phone.
Therefore, need a kind of Data Protection Scheme, can guarantee to realize sharing of data between a plurality of functional modules, can guarantee the safety of shared data again, protect it not used by rogue program.
Summary of the invention
Technical matters to be solved by this invention is, a kind of Data Protection Scheme is provided, and can guarantee to realize sharing of data between a plurality of functional modules, can guarantee the safety of shared data again, protects it not used by rogue program.
In view of this, the invention provides a kind of data guard method, comprising: step 102, from application program data storage during to the instruction of sharing data area, is confirmed whether described instruction is sent automatically by described application program receiving; Step 104 is when described instruction is sent automatically by described application program, with the RAM (random access memory) of described data storage in the described sharing data area.In this technical scheme, may be the data storage that independently reads of rogue program in RAM, and data are just lost after the RAM power down, preventing to retain for a long time becomes potential safety hazard, is used by rogue program.
In technique scheme, preferably, in described step 102, also comprise: confirm whether described instruction is that described application program is sent according to user's operation; In described step 104, also comprise: in described instruction is described application program when sending according to user's operation, with described data storage RAM or FLASH (flash memory) by described user's appointment in the described sharing data area.In this technical scheme, if user's suggestion is saved in assigned address with data, the operation of affirmation user suggestion does not have potential safety hazard, preserves according to user intention to get final product.
Whether in technique scheme, preferably, described step 102 specifically comprises: when described application program is sent described instruction, add mark in described instruction, sent automatically by described application program to identify described instruction; According to the described mark in the described instruction, confirm whether described instruction is sent automatically by described application program.In this technical scheme, this mark can be a handle that adds for instruction, and by this handle, can pick out each instruction easily is that application program is sent voluntarily or sent according to user intention.
In technique scheme, preferably, described data are from global Subscriber Identity Module, and the type of described data comprises address list and note.In this technical scheme; need the data of protection can have multiple; data among the USIM not just; also can be other data; for example be recorded in the address list of each immediate communication tool of mobile phone terminal; this address list often also needs a plurality of communication tools shared, and some pictures that perhaps multiple application program can visit and upload, audio frequency etc. also need protection.
In technique scheme, preferably, described step 104 specifically comprises: when described instruction was sent automatically by described application program, notice AP (application processor) read described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived RAM.
The present invention also provides a kind of terminal, comprising: the confirmation command module, from application program data storage during to the instruction of sharing data area, is confirmed whether described instruction is sent automatically by described application program receiving; Data memory module is when described instruction is sent automatically by described application program, with the RAM of described data storage in the described sharing data area.In this technical scheme, may be the data storage that independently reads of rogue program in RAM, and data are just lost after the RAM power down, preventing to retain for a long time becomes potential safety hazard, is used by rogue program.
In technique scheme, preferably, described confirmation command module confirms also whether described instruction is that described application program is sent according to user's operation; Described data memory module is a described application program when sending according to user's operation in described instruction also, with described data storage RAM or FLASH by described user's appointment in the described sharing data area.In this technical scheme, if user suggestion is saved in assigned address with data, confirm that but the operation that the user gets do not have potential safety hazard, preserve according to user intention and get final product.
In technique scheme, preferably, also comprise: the cue mark module, when described application program is sent described instruction, in described instruction, add mark, whether send automatically to identify described instruction by described application program; Described confirmation command module confirms according to the described mark in the described instruction whether described instruction is sent automatically by described application program.In this technical scheme, this mark can be a handle that adds for instruction, and by this handle, can pick out each instruction easily is that application program is sent voluntarily or sent according to user intention.
In technique scheme, preferably, described data are from global Subscriber Identity Module, and the type of described data comprises address list and note.In this technical scheme; need the data of protection can have multiple; data among the USIM not just; also can be other data; for example be recorded in the address list of each immediate communication tool of mobile phone terminal; this address list often also needs a plurality of communication tools shared, and some pictures that perhaps multiple application program can visit and upload, audio frequency etc. also need protection.
In technique scheme, preferably, when described data memory module was sent by described application program automatically in described instruction, notice AP read described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived RAM.
By above technical scheme; a kind of data guard method and a kind of terminal have been realized; can judge automatically whether the application storage data are spontaneous behaviour; and automatically the data of spontaneous storage are kept among the RAM; these data can be lost after the RAM power down; can avoid it to be employed program and frequently read use, become potential safety hazard.
Description of drawings
Fig. 1 is the process flow diagram of data guard method according to an embodiment of the invention;
Fig. 2 is the block diagram of terminal according to an embodiment of the invention;
Fig. 3 is the process flow diagram of data guard method according to an embodiment of the invention;
Fig. 4 is the data sharing synoptic diagram of data guard method according to an embodiment of the invention.
Embodiment
In order more to be expressly understood above-mentioned purpose of the present invention, feature and advantage, the present invention is further described in detail below in conjunction with the drawings and specific embodiments.
Set forth a lot of details in the following description so that fully understand the present invention, still, the present invention can also adopt other to be different from other modes described here and implement, and therefore, the present invention is not limited to the restriction of following public specific embodiment.
Fig. 1 is the process flow diagram of data guard method according to an embodiment of the invention.
As shown in Figure 1, the invention provides a kind of data guard method, comprising: step 102, from application program data storage during to the instruction of sharing data area, is confirmed whether described instruction is sent automatically by described application program receiving; Step 104 is when described instruction is sent automatically by described application program, with the RAM (random access memory) of described data storage in the described sharing data area.In this technical scheme, may be the data storage that independently reads of rogue program in RAM, and data are just lost after the RAM power down, preventing to retain for a long time becomes potential safety hazard, is used by rogue program.
In technique scheme, preferably, in described step 102, also comprise: confirm that described instruction is that described application program is sent according to user's operation; In described step 104, also comprise: whether in described instruction is described application program when sending according to user's operation, with described data storage RAM or FLASH (flash memory) by described user's appointment in the described sharing data area.In this technical scheme, if user suggestion is saved in assigned address with data, confirm that but the operation that the user gets do not have potential safety hazard, preserve according to user intention and get final product.
Whether in technique scheme, preferably, described step 102 specifically comprises: when described application program is sent described instruction, add mark in described instruction, sent automatically by described application program to identify described instruction; According to the described mark in the described instruction, confirm whether described instruction is sent automatically by described application program.In this technical scheme, this mark can be a handle that adds for instruction, and by this handle, can pick out each instruction easily is that application program is sent voluntarily or sent according to user intention.
In technique scheme, preferably, described data are from global Subscriber Identity Module, and the type of described data comprises address list and note.In this technical scheme; need the data of protection can have multiple; data among the USIM not just; also can be other data; for example be recorded in the address list of each immediate communication tool of mobile phone terminal; this address list often also needs a plurality of communication tools shared, and some pictures that perhaps multiple application program can visit and upload, audio frequency etc. also need protection.
In technique scheme, preferably, described step 104 specifically comprises: when described instruction was sent automatically by described application program, notice AP (application processor) read described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived RAM.
Fig. 2 is the block diagram of terminal according to an embodiment of the invention.
As shown in Figure 2, the present invention also provides a kind of terminal 200, comprising: confirmation command module 202, from application program data storage during to the instruction of sharing data area, is confirmed whether described instruction is sent automatically by described application program receiving; Data memory module 204 is when described instruction is sent automatically by described application program, with the RAM of described data storage in the described sharing data area.In this technical scheme, may be the data storage that independently reads of rogue program in RAM, and data are just lost after the RAM power down, preventing to retain for a long time becomes potential safety hazard, is used by rogue program.
In technique scheme, preferably, described confirmation command module 202 confirms also whether described instruction is that described application program is sent according to user's operation; Described data memory module 204 is a described application program when sending according to user's operation in described instruction also, with described data storage RAM or FLASH by described user's appointment in the described sharing data area.In this technical scheme, if user's suggestion is saved in assigned address with data, the operation of affirmation user suggestion does not have potential safety hazard, preserves according to user intention to get final product.
In technique scheme, preferably, also comprise: cue mark module 206, when described application program is sent described instruction, in described instruction, add mark, whether send automatically to identify described instruction by described application program; Described confirmation command module 202 confirms according to the described mark in the described instruction whether described instruction is sent automatically by described application program.In this technical scheme, this mark can be a handle that adds for instruction, and by this handle, can pick out each instruction easily is that application program is sent voluntarily or sent according to user intention.
In technique scheme, preferably, described data are from global Subscriber Identity Module, and the type of described data comprises address list and note.In this technical scheme; need the data of protection can have multiple; data among the USIM not just; also can be other data; for example be recorded in the address list of each immediate communication tool of mobile phone terminal; this address list often also needs a plurality of communication tools shared, and some pictures that perhaps multiple application program can visit and upload, audio frequency etc. also need protection.
In technique scheme, preferably, when described data memory module 204 was sent by described application program automatically in described instruction, notice AP read described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived RAM.
Fig. 3 is the process flow diagram of data guard method according to an embodiment of the invention.Fig. 4 is the data sharing synoptic diagram of data guard method according to an embodiment of the invention.
For protected data safety, in the present embodiment, provide a kind of method of safer shared data, protect at the USIM data, concrete steps as shown in Figure 3:
In conjunction with Fig. 4, as required, application program is sent the information of obtaining among USIM1 or the USIM2, and it is write the instruction of sharing data area; Described instruction can be the instruction that application program is sent according to user's operation, can be the spontaneous behaviour of application program also, and the latter then probably is that malicious application is the behavior that illegal purpose is stolen user's private information.
Automatically preserve the data of USIM1 or USIM2 or user and have a mind to manually preserve data in order to distinguish mobile phone, need increase a handle memory command, by this handle judge whether manually preserve for the user.
AP is by communication module 1 and communication module 2, sense data from USIM1 and USIM2 respectively, and these information can be note or address list etc.
As mentioned above, the described behavior of reading can be the behavior that the user knows the inside story, it also can be the unwitting behavior of user, write the described USIM1 or the information among the USIM2 that reads to sharing data area before, need judge whether in advance that the user decides in its sole discretion will deposit data to the FLASH, specifically: extract handle, and analyze to the storage instruction of sharing data area storage data.
Suppose that if user decision deposits the data of USIM1 among the FLASH in, then the data that will read write FLASH zone in the sharing data area by AP from USIM1.
Suppose that if be not that the user sends for the storage instruction of data among the USIM2, then the data that will read write ram region in the sharing data area by AP from USIM2.
Use this method, can only save the data in when mobile phone is stored automatically among the RAM, but when the user is meant to be kept at the data among the USIM in the mobile phone, then data is saved among the FLASH, thereby prevents that rogue program from utilizing this leak to steal user's private information.
By technical scheme of the present invention; can realize a kind of data guard method and a kind of terminal; can judge automatically whether the application storage data are spontaneous behaviour; and automatically the data of spontaneous storage are kept among the RAM; these data can be lost after the RAM power down; can avoid it to be employed program and frequently read use, become potential safety hazard.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a data guard method is characterized in that, comprising:
Step 102 during to the instruction of sharing data area, confirms whether described instruction is sent automatically by described application program with data storage from application program receiving;
Step 104 is when described instruction is sent automatically by described application program, with the random access memory of described data storage in the described sharing data area.
2. data guard method according to claim 1 is characterized in that, in described step 102, also comprises:
Confirm whether described instruction is that described application program is sent according to user's operation;
In described step 104, also comprise:
In described instruction is described application program when sending according to user's operation, with described data storage described random access memory or described flash memory by described user's appointment in the described sharing data area.
3. data guard method according to claim 1 is characterized in that, described step 102 specifically comprises:
When described application program is sent described instruction, in described instruction, add mark, whether send automatically to identify described instruction by described application program;
According to the described mark in the described instruction, confirm whether described instruction is sent automatically by described application program.
4. according to each described data guard method in the claim 1 to 3, it is characterized in that described data are from global Subscriber Identity Module, the type of described data comprises address list and note.
5. data guard method according to claim 4 is characterized in that, described step 104 specifically comprises:
When described instruction was sent automatically by described application program, the notice application processor read described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived described random access memory.
6. a terminal is characterized in that, comprising:
The confirmation command module during to the instruction of sharing data area, confirms whether described instruction is sent automatically by described application program with data storage from application program receiving;
Data memory module is when described instruction is sent automatically by described application program, with the random access memory of described data storage in the described sharing data area.
7. terminal according to claim 6 is characterized in that, described confirmation command module confirms also whether described instruction is that described application program is sent according to user's operation;
Described data memory module is a described application program when sending according to user's operation in described instruction also, with described data storage described random access memory or described flash memory by described user's appointment in the described sharing data area.
8. terminal according to claim 6 is characterized in that, also comprises:
Whether the cue mark module when described application program is sent described instruction, is added mark in described instruction, sent automatically by described application program to identify described instruction;
Described confirmation command module confirms according to the described mark in the described instruction whether described instruction is sent automatically by described application program.
9. according to each described terminal in the claim 6 to 8, it is characterized in that described data are from global Subscriber Identity Module, the type of described data comprises address list and note.
10. terminal according to claim 9, it is characterized in that, when described data memory module is sent by described application program automatically in described instruction, the notice application processor reads described data by the communication module corresponding with described global Subscriber Identity Module, and described data storage is arrived described random access memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201110225450 CN102279812B (en) | 2011-08-08 | 2011-08-08 | Data protection method and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201110225450 CN102279812B (en) | 2011-08-08 | 2011-08-08 | Data protection method and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102279812A true CN102279812A (en) | 2011-12-14 |
| CN102279812B CN102279812B (en) | 2013-12-25 |
Family
ID=45105271
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201110225450 Active CN102279812B (en) | 2011-08-08 | 2011-08-08 | Data protection method and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102279812B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256373A (en) * | 2020-10-21 | 2021-01-22 | 中国联合网络通信集团有限公司 | USIM application shortcut setting method, terminal and smart card |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH0562028A (en) * | 1991-09-02 | 1993-03-12 | Nec Corp | Information processor |
| CN101137963A (en) * | 2005-04-07 | 2008-03-05 | 微软公司 | Systems and methods for verifying trust of executable files |
| CN101231682A (en) * | 2007-01-26 | 2008-07-30 | 李贵林 | Computer information safe method |
| CN101833622A (en) * | 2010-05-10 | 2010-09-15 | 深圳市五巨科技有限公司 | Method and apparatus for checking and killing Trojan of removable storage device of terminal |
-
2011
- 2011-08-08 CN CN 201110225450 patent/CN102279812B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH0562028A (en) * | 1991-09-02 | 1993-03-12 | Nec Corp | Information processor |
| CN101137963A (en) * | 2005-04-07 | 2008-03-05 | 微软公司 | Systems and methods for verifying trust of executable files |
| CN101231682A (en) * | 2007-01-26 | 2008-07-30 | 李贵林 | Computer information safe method |
| CN101833622A (en) * | 2010-05-10 | 2010-09-15 | 深圳市五巨科技有限公司 | Method and apparatus for checking and killing Trojan of removable storage device of terminal |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256373A (en) * | 2020-10-21 | 2021-01-22 | 中国联合网络通信集团有限公司 | USIM application shortcut setting method, terminal and smart card |
| CN112256373B (en) * | 2020-10-21 | 2023-05-23 | 中国联合网络通信集团有限公司 | Setting method of USIM application shortcut, terminal and smart card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102279812B (en) | 2013-12-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3116161B1 (en) | Security unit management method and terminal | |
| CN101026834A (en) | Locking method and unlocking method | |
| US20150050913A1 (en) | Method and device for preventing recording during a conversation | |
| CN103888932B (en) | A kind of smart card and its method of support multi-operator number switching | |
| CN103503036A (en) | Method for exporting and importing data of a javacard application | |
| WO2008129701A1 (en) | File management system and method, and mobile terminal | |
| CN101389100A (en) | Personal information protecting method for mobile communication terminal equipment | |
| CN103188672A (en) | Mobile terminal and data protection method thereof | |
| CN103116801B (en) | A kind of wireless SD card and the implementation method of mode of operation switching thereof | |
| CN104598831A (en) | Data security protection method and terminal | |
| CN104486716A (en) | Method and device for showing bluetooth name | |
| CN108040335A (en) | A kind of Internet of Things communication number management method and system based on smart card | |
| CN103237118A (en) | Mobile terminal startup method and system, and mobile terminal | |
| CN104423928A (en) | Data processing method, data processing device and terminal equipment | |
| CN101795328A (en) | Set-card separation mobile phone and method for realizing card initialization | |
| CN102279812B (en) | Data protection method and terminal | |
| WO2010148779A1 (en) | Method and terminal for implementing network and card locking function of terminal | |
| CN103067556A (en) | Handling method, terminal and system of privacy information | |
| CN104765631A (en) | Restoration method and device for application program of mobile terminal | |
| CN103813315A (en) | Data protection method of mobile communication terminal | |
| CN103530580A (en) | Terminal SD card security management method, device and terminal | |
| CN103209240A (en) | Method and system for encrypting and deciphering data | |
| EP3200436B1 (en) | Data processing method and data processing apparatus | |
| CN105700971A (en) | Data backup method and device | |
| CN104766022A (en) | File protection system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |