Smart mobile phone multi-user mode right management method and Rights Management System
Technical field
The present invention relates to a kind of right management method, specifically, is a kind of smart mobile phone multi-user mode right management method and Rights Management System.
Background technology
Extensive use along with smart mobile phone, application on smart mobile phone is also more and more, and the field that relates to is also more and more extensive, and people are even with in a lot of personal information of oneself, mobile phone that business information is stored in oneself, the life that greatly is convenient for people to, but this also brings a lot of problems.For example, we may run into following several situation in life:
1, passerby's first is used mobile phone and is made a phone call.
2, the head of a family is child bull machine, only is used for communicating by letter and the application of study aspect but want to limit it, does not allow it to play games
3, during the picture in appreciating mobile phone with friend, want that mobile phone is lent the other side appreciates picture in mobile phone, but do not want seeing other sensitive information in mobile phone.
4, in working conference, there is certain part of sensitive document in certain application in mobile phone (may be working software), want to the subordinate or pass round for a look simultaneously, but not wanting to allow it can see other sensitive information in using.
In sum, smart mobile phone also needs multi-user access mechanism.The operating system of existing smart mobile phone designs for alone family cell phone as the symbian system, other certain operations system such as Windows Phone, iPhone OS and android develop from user's desktop system, they are respectively from MS Windows, OS X, Linux, but these operating systems and support the multi-user unlike desktop system.
Summary of the invention
In order to solve existing intelligent mobile phone system and unlike desktop system support multi-user, can't to realize the rights management of intelligent mobile phone system.The present invention proposes a kind of smart mobile phone multi-user mode Rights Management System and method of operation of being applicable to, and by setting the different user rights of using, reaches the purpose of sensitive information in the protection mobile phone, and also can realize the quick switching of user right.
Smart mobile phone multi-user mode right management method of the present invention, realize by following step:
Step 1: the operating right of setting the user right grade and having;
Moment user's a certain according to smart mobile phone difference is divided into 1,2,3,4 level-right users from high to low with the user right grade.
Wherein, 1 level-right user has the unloading of installation application program, access all application programs and resource, generate 2,3,4 level-right users, application program and the resource that 2,3,4 level-right users can access and the operating right that switches to 2,3,4 level-right users are set.
2 level-right users only have application program and the resource of the permission 2 level-right users access of access 1 level-right user setting, generate 3 level-right users, application program and the resource that 3 level-right users can access and the operating right that switches to 1,3,4 level-right users are set.
3 level-right users only have application program and the resource that 3 level-right users that access 1 level-right user or 2 level-right users arrange can access and the operating right that switches to 1,2,4 level-right users;
And 4 level-right users only have application program and the resource of the set permission of access 1 level-right user 4 level-right user access and the operating right that switches to 1,2 level-right users.
Step 2: each level-right user's unlocking pin and each level-right user's smart mobile phone are set use and the resource access authority; When each level-right user's unlocking pin and smart mobile phone use with the resource access authority after setting completed, automatically generate the profile configuration file; And 1,2 level-right users' unlocking pin and smart mobile phone use with the resource access authority after setting completed, enter step 3; And 3 level-right users' unlocking pin and smart mobile phone use with the resource access authority after setting completed, directly enter step 4.
Step 3: by smart mobile phone current time state, select the switching mode between each Permission Levels authority user;
Switching between each level-right user comprises three kinds of modes:
Mode one: when using in smart mobile phone application program, carry out the switching of each level-right by long by the shutdown button;
Mode two: smart mobile phone is in released state, and when being in the homepage of smart mobile phone, switches by shutdown button or user's switching menu button of clicking on mobile phone by long;
Mode three: smart mobile phone is in screen lock state, by selecting unlocking manner to carry out the switching of user class.
In aforesaid way one and mode two, if the user when turning to the low rights class user by high Permission Levels user, need not to verify, directly enter step 4; If when turning to high Permission Levels user by the low rights class user, need to carry out corresponding Authority Verification, the unlocking pin of setting for the level-right user who needs to switch in input step two enters step 4 subsequently; When switching between above-mentioned each level-right user, automatically eliminate and have the casual user in smart mobile phone.
Step 4: each Permission Levels authority user smart mobile phone is used and the resource access control of authority;
Call loadapplication () function, the PackageManagerService that provides by Android system serves, the permission authority of all application and resource in the acquisition smart mobile phone, compare with the profile configuration file that generates in step 2, the smart mobile phone that does not have in the profile configuration file is used the permission authority corresponding with resource forbid; Simultaneously, function call loadapplication () realizes the smart mobile phone Fumction display that current level-right user is set in the onRestart () at Android system master interface.
For the smart mobile phone multi-user mode Rights Management System of above-mentioned smart mobile phone multi-user mode right management method, comprise authority setting module 1, password authority configuration module 2, user right control module 3, user class authority recognition judge module 4, authentication module 5 and user's handover module 6.
Described authority setting module 1 is divided into 1,2,3,4 level-right users from high to low with the user right grade, and has set for each level-right user the operating right that has.Wherein, 1 level-right user has the unloading of installation application program, access all application programs and resource, generate 2,3,4 level-right users, application program and the resource that 2,3,4 level-right users can access and the operating right that switches to 2,3,4 level-right users are set.2 level-right users only have application program and the resource of the permission 2 level-right users access of access 1 level-right user setting, generate 3 level-right users, application program and the resource that 3 level-right users can access and the operating right that switches to 1,3,4 level-right users are set.3 level-right users only have application program and the resource that 3 level-right users that access 1 level-right user or 2 level-right users arrange can access and the operating right that switches to 1,2,4 level-right users; And 4 level-right users only have application program and the resource of the set permission of access 1 level-right user 4 level-right user access and the operating right that switches to 1,2 level-right users.
Password authority configuration module 2 is used for arranging for each level-right user the password of release, also is used for each level-right user is arranged the access rights of using in smart mobile phone with resource; After each level-right user's unlocking pin is complete with the authority setting of resource with the smart mobile phone application that allows access, automatically generate the profile configuration file by password authority configuration module 2.
The smart mobile phone that described user right control module 3 is used for having according to each level-right user who sets in the authority configuration module is used with resource access control of authority smart mobile phone when each level-right user, shows addressable smart mobile phone application and resource.
Wherein, user's handover module 6 is used for controlling each level-right user's switching mode, in be set with three kinds of switching modes between each level-right user, be respectively:
A, the long closing key of pressing switch the user;
B, user's switching menu button of clicking on mobile phone switch;
C, selection unlocking manner carry out the switching of user class.
Described user class authority recognition judge module 4 is used for identifying the use state of current smart mobile phone, and according to the use state of current smart mobile phone, switching mode between corresponding each level-right user who sets in invoke user switching mode setting module is specially:
The use state of smart mobile phone comprises three kinds, is respectively:
In A, smart mobile phone, application program is opened when using;
B, smart mobile phone are in released state, but do not use any application program (namely being in the homepage of smart mobile phone);
C, smart mobile phone are in screen lock state.
After 4 pairs of above-mentioned three kinds of smart mobile phone states of user class authority recognition judge module are identified, three kinds of switching modes in the corresponding invoke user handover module 6 of difference; When if smart mobile phone is in state A, call switching mode a; When if smart mobile phone is in state B, call simultaneously switching mode a and b; When if smart mobile phone is in the C state, call switching mode c.
User class authority recognition judge module 4 also judges current time user's level-right and required switching user's level-right; When height changes to undercutting if current time user's level-right and required switching user's level-right is served as reasons, can directly carry out the user and switch; If active user's level-right and the user class authority switched when switching from low to high, enter authentication module 5; Input is the unlocking pin that required switching level-right user arranges by password authority configuration module in authentication module 5, the password that arranges for required switching level-right user in authentication module 5 logarithm input passwords and password authority configuration module 2 compares, and completing user switches if be consistent; Do not meet and re-enter.
When above-mentioned user class authority recognition judge module 4 also switches, eliminate the casual user who exists between each level-right user.
The invention has the advantages that:
1, smart mobile phone multi-user mode right management method of the present invention, according to authority classification needs, set four other users of level, and by setting the different user rights of using, reach the purpose of sensitive information in the protection mobile phone, and also can realize the quick switching of user right, thereby the user authority management of providing convenience for the user;
2, smart mobile phone multi-user mode right management method of the present invention, for the user provides 3 kinds of switching modes, the user realizes switching easily and quickly according to use scenes.
3, smart mobile phone multi-user mode right management method of the present invention, according to the characteristics of smart mobile phone self, carry out control of authority based on class of subscriber, realizes that impact is little, effect is remarkable.
Description of drawings
Fig. 1 smart mobile phone multi-user mode of the present invention right management method flow chart;
Fig. 2 smart mobile phone multi-user mode of the present invention Rights Management System overall structure block diagram.
In figure:
1-authority setting module 2-password authority configuration module 3-user right control module 4-user class authority recognition judge module 4 5-authentication module 6-user handover modules
Embodiment
The present invention will be further described below in conjunction with accompanying drawing.
Due to the multi-user mode access mechanism in smart mobile phone derive from computer operating system in multi-user access mechanism, but again with conventional computer system in multi-user access concept some do not put with, the multi-user access in computer system refers to: a plurality of users can use a computer system to do different things simultaneously; And in smart mobile phone, synchronization only has a user can use smart mobile phone.Therefore, the present invention uses at alone family on the basis of mobile phone, and the user that uses the mobile phone person to be divided into different brackets simultaneously for they provide corresponding authority, is realized by following step:
Step 1: the operating right of setting the user right grade and having;
Moment user's a certain according to smart mobile phone difference is divided into 1,2,3,4 level-right users from high to low with the user right grade, and corresponding user is divided into the owner, general user, casual user and visitor respectively;
Wherein, 1 level-right user has the unloading of installation application program, access all application programs and resource, generate 2,3,4 level-right users, application program and the resource that 2,3,4 level-right users can access and the operating right that switches to 2,3,4 level-right users are set;
2 level-right users only have application program and the resource of the permission 2 level-right users access of access 1 level-right user setting, generate 3 level-right users, the operating right that application program that 3 level-right users can access and resource (scope needs allow 1 level-right user application program and the resource of 2 level-right users access) is set and switches to 1,3,4 level-right users;
3 level-right users only have application program and the resource that 3 level-right users that access 1 level-right user or 2 level-right users arrange can access and the operating right that switches to 1,2,4 level-right users;
And 4 level-right users only have application program and the resource of the set permission of access 1 level-right user 4 level-right user access and the operating right that switches to 1,2 level-right users.
Step 2: each level-right user's unlocking pin and each level-right user's smart mobile phone are set use and the resource access authority;
For preventing that each level-right user from when using smart mobile phone, can't enter smart mobile phone master interface, or directly entering into 1 level-right user's main interface after screen locking, therefore the password of corresponding release need to be set to each level-right user in step 1; Common 1 level-right user and 2 level-right users can select safe unlocking manner, as: the unlocking manners such as numerical ciphers, nine grids; The visitor can adopt unlocking manner easy but safely, as: shake, slip release etc. need not the unlocking manner of password.
Arrange for each level-right user password complete after, can use with the resource access authority each level-right user's smart mobile phone and arrange; Wherein, the rights of using such as the various transducers such as gravity, WiFi, GPS, bluetooth, camera), system arranges access rights (comprising: the unloading of application program and installation, system date and time is set, the rights of using such as the setting of default software such as input method design are set), application access authority smart mobile phone is used with the resource access authority and comprised: personal information access authority (comprising: note, the rights of using such as contacts list, picture), resource access authority (comprising:.When each level-right user's unlocking pin and smart mobile phone use with the resource access authority after setting completed, automatically generate the profile configuration file, completed since then each rank user's initial setting up.After each level-right user, also can modify with the resource access authority to unlocking pin or smart mobile phone application that each level-right user has arranged in selected step 1, can automatically generate new profile configuration file subsequently.And 3 level-right users' unlocking pin and smart mobile phone use with the resource access authority after setting completed, directly enter step 4.
Step 3: by smart mobile phone current time state, select the switching mode between each Permission Levels authority user;
After completing steps two, need to realize that each level-right user accesses application corresponding to smart mobile phone and resource access by the mode of switching.Therefore in the present invention, the switching between each level-right user comprises three kinds of modes:
Mode one: when using in smart mobile phone certain application program, carry out the switching of each level-right by long by the shutdown button;
Mode two: smart mobile phone is in released state, but when not using any application program (namely being in the homepage of smart mobile phone), switches by shutdown button or user's switching menu button of clicking on mobile phone by long;
Mode three: smart mobile phone is in screen lock state, when needing to select a kind of user to access mobile phone, carries out the switching of user class by selecting unlocking manner;
In aforesaid way one and mode two, if the user when turning to the low rights class user by high Permission Levels user, need not to verify (namely inputting password), directly enter step 4; If when turning to high Permission Levels user by the low rights class user, need to carry out corresponding Authority Verification, the unlocking pin of setting for the level-right user who needs to switch in input step two enters step 4 subsequently.
When switching, automatically eliminate the casual user between above-mentioned each level-right user.
Step 4: each Permission Levels authority user smart mobile phone is used and the resource access control of authority;
In step 3, after switching to each level-right user, call loadapplication () function, and the profile configuration file that generates according to each level-right user in step 2, the smart mobile phone that shows each level-right user-accessible is used and resource, thereby realizes that each rank user smart mobile phone is used and inspection and the control of access authorization for resource.In above-mentioned loadapplication () function, the PackageManagerService that provides by Android system serves, the permission authority of all application and resource in the acquisition smart mobile phone, and by in smart mobile phone all use with the permission authority of resource and step 2 in the profile configuration file that generates compare, the smart mobile phone application permission authority corresponding with resource that does not have in the profile configuration file forbidden; Simultaneously, function call loadapplication () realizes the smart mobile phone Fumction display that current level-right user is set in the onRestart () at Android system master interface, reaches the control of the smart mobile phone operating right of controlling each level-right user.For example: call function is not set in the profile configuration file, therefore can use the application forbidding of call function permission authority to smart mobile phone at loadapplication () function, i.e. these application with call function all do not show.
Also propose a kind of smart mobile phone multi-user mode Rights Management System that is applicable to for said method the present invention, comprise authority setting module 1, password authority configuration module 2, user right control module 3, user class authority recognition judge module 4, authentication module 5 and user's handover module 6.
Described authority setting module 1 is divided into 1,2,3,4 level-right users from high to low with the user right grade, and corresponding user is the owner, general user, casual user and visitor respectively; And set for each level-right user the operating right that has.Wherein, 1 level-right user has the unloading of installation application program, access all application programs and resource, generate 2,3,4 level-right users, application program and the resource that 2,3,4 level-right users can access and the operating right that switches to 2,3,4 level-right users are set; 2 level-right users only have application program and the resource of the permission 2 level-right users access of access 1 level-right user setting, generate 3 level-right users, the operating right that application program that 3 level-right users can access and resource (scope needs allow 1 level-right user application program and the resource of 2 level-right users access) is set and switches to 1,3,4 level-right users; 3 level-right users only have application program and the resource that 3 level-right users that access 1 level-right user or 2 level-right users arrange can access and the operating right that switches to 1,2,4 level-right users; And 4 level-right users only have application program and the resource of the set permission of access 1 level-right user 4 level-right user access and the operating right that switches to 1,2 level-right users.
For preventing that each level-right user is when using mobile phone, can't enter smart mobile phone master interface after screen locking, or directly enter into 1 level-right user's main interface, so each level-right user arranges the password of release for each level-right user by password authority configuration module 2; Password authority configuration module 2 has the unlock password mode and non-unlock password mode can be selected, and common 1 level-right user and 2 level-right users can select safe unlock password mode, as: the unlocking manners such as numerical ciphers, nine grids; The visitor can adopt non-unlock password mode easy but that fail safe is low, as: shake, slip release etc. need not the mode that cracks of password.
Password authority configuration module 2 also is used for each level-right user who sets in authority setting module 1 is arranged the access rights of using in smart mobile phone with resource; Wherein, the rights of using such as the various transducers such as gravity, WiFi, GPS, bluetooth, camera), system's setup and use authority (comprising: the unloading of application program and installation, system date and time is set, the rights of using such as the setting of default software such as input method design are set), application program rights of using smart mobile phone is used with access authorization for resource and comprised: personal information rights of using (comprising: note, the rights of using such as contacts list, picture), resource access rights of using (comprising:.
After above-mentioned each level-right user's unlocking pin is complete with the authority setting of resource with the smart mobile phone application that allows access, automatically generate the profile configuration file by password authority configuration module 2.
Described user right control module 3 is used for using with resource access control of authority smart mobile phone when each level-right user according to the smart mobile phone that each level-right user who sets in authority setting module 1 has, and shows addressable smart mobile phone application and resource; Concrete mode is: user right control module 3 is called loadapplication () function, and according to generating the profile configuration file by password authority configuration module 2, be presented at the smart mobile phone that can access that arranges for current level-right user in password authority configuration module 2 and use and resource, thereby realize that each rank user smart mobile phone is used and inspection and the control of access authorization for resource.In above-mentioned loadapplication () function, the PackageManagerService that provides by Android system serves, the permission authority of all application and resource in the acquisition smart mobile phone, and by in smart mobile phone all use with the permission authority of resource and password authority configuration module 2 in the profile configuration file that generates compare, the smart mobile phone that does not have in the profile configuration file is used and the corresponding permission authority of access authorization for resource is forbidden; Simultaneously, onRestart () the function call loadapplication () that has by Android system realizes that the smart mobile phone that can access each level-right user in authority setting module 1 is used and resource function shows, reaches each level-right user's smart mobile phone application and the control of resource access authority.
Described user's handover module 6 is used for controlling each level-right user's switching mode, in be set with three kinds of switching modes between each level-right user, be respectively:
A, the long closing key of pressing switch the user;
B, user's switching menu button of clicking on mobile phone switch;
C, selection unlocking manner carry out the switching of user class.
Described user class authority recognition judge module 4 is used for identifying the use state of current smart mobile phone, and according to the use state of current smart mobile phone, switching mode between corresponding each level-right user who sets in invoke user switching mode setting module is specially:
The use state of smart mobile phone comprises three kinds, is respectively:
In A, smart mobile phone, application program is opened when using;
B, smart mobile phone are in released state, but do not use any application program (namely being in the homepage of smart mobile phone);
C, smart mobile phone are in screen lock state.
After 4 pairs of above-mentioned three kinds of smart mobile phone states of user class authority recognition judge module are identified, three kinds of switching modes in the corresponding invoke user handover module 6 of difference; When if smart mobile phone is in state A, call switching mode a; When if smart mobile phone is in state B, call simultaneously switching mode a and b; When if smart mobile phone is in the C state, call switching mode c.
User class authority recognition judge module 4 also judges current time user's level-right and required switching user's level-right; When height changes to undercutting if current time user's level-right and required switching user's level-right is served as reasons, can directly carry out the user and switch; If active user's level-right and the user class authority switched when switching from low to high, enter authentication module 5; Input is the unlocking pin that required switching level-right user arranges by password authority configuration module in authentication module 5, the password that arranges for required switching level-right user in 5 pairs of input passwords of authentication module and password authority configuration module 2 compares, and completing user switches if be consistent; Do not meet and re-enter.
When above-mentioned user class authority recognition judge module 4 also switches, eliminate the casual user who exists between each level-right user.