CN105095788B - The method, apparatus and system of private data guard - Google Patents
The method, apparatus and system of private data guard Download PDFInfo
- Publication number
- CN105095788B CN105095788B CN201510375462.6A CN201510375462A CN105095788B CN 105095788 B CN105095788 B CN 105095788B CN 201510375462 A CN201510375462 A CN 201510375462A CN 105095788 B CN105095788 B CN 105095788B
- Authority
- CN
- China
- Prior art keywords
- application program
- private data
- pseudo
- true
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses the method, apparatus and system of a kind of private data guard, are related to field of communication technology, and the access rights that main purpose is to solve the problem of to obtain user information during application program installation cause user privacy information to be revealed.The main technical schemes of the present invention include:The pseudo- private data of the first application program is obtained to server based on preset attribute information, pseudo- private data is the initialization data of the first application program;The store path of the corresponding true private data of the first application program is changed, and pseudo- private data is stored under the former store path of true private data;Access rights of second application program to the first application program are configured;When the second application program accesses the first application program, pseudo- private data is sent to the second application program.Present invention is mainly applied to Android system mobile terminal install and use application program during.
Description
Technical field
The present invention relates to field of communication technology, more particularly to the method, apparatus and system of a kind of private data guard.
Background technology
Along with the fast development of mobile terminal, more and more application programs (Application, APP) are pooled to shifting
In dynamic terminal.At present, user is during the mobile terminal installation APP for using android system, APP usually to be installed
The solicited message for obtaining user information access rights can be sent, if getting the access rights of user information, which can pacify
The related content in other APP is accessed after dress, may result in the leakage of user privacy information.If the in addition, privacy got
Information is illegally distorted or is used, and certain loss will be brought to the user.
For example, when user is when installing APP1, if the APP1 obtains short message service in mobile terminal, contact person, position letter
The access rights of the information such as breath, message registration, when user gives the login password of certain shopping website for change by short message service,
The APP1 can get the information such as the account name of Related shopper website, identifying code in short message service, and the information that will be got
It uploads on the corresponding servers of the APP1, leads to the leakage of user privacy information.If in addition, in user installation APP1, it is somebody's turn to do
APP1 fails to obtain the access rights of the information such as short message service, contact person, location information, message registration in mobile terminal, then exists
When subsequently using the APP1, it is possible that the situation that the APP1 is exited extremely or the APP1 can not be used, is using APP1 mistakes
In journey unnecessary trouble is caused to user.
Invention content
In view of this, the method, apparatus and system of a kind of private data guard provided by the invention, main purpose are to solve
The problem of access rights of user privacy information are obtained when certainly application program is installed, user privacy information is caused to be revealed.
According to the present invention in a first aspect, the present invention provides a kind of method of private data guard, including:
The pseudo- private data of the first application program is obtained to server based on preset attribute information, pseudo- private data is first
The initialization data of application program;
The store path of the corresponding true private data of the first application program is changed, and pseudo- private data is stored in really
Under the former store path of private data;
Access rights of second application program to the first application program are configured;
When the second application program accesses the first application program, pseudo- private data is sent to the second application program.
Second aspect according to the present invention, the present invention provides a kind of device of private data guard, including:
Acquiring unit, it is pseudo- for obtaining the pseudo- private data of the first application program to server based on preset attribute information
Private data is the initialization data of the first application program;
Unit is changed, for changing the store path of the corresponding true private data of the first application program;
Storage unit, for the pseudo- private data that acquiring unit obtains to be stored in the former store path of true private data
Under;
Dispensing unit, for access rights of second application program to the first application program to be configured;
First transmitting element, for when the second application program accesses the first application program, being sent to the second application program
Pseudo- private data.
The third aspect according to the present invention, the present invention provides a kind of system of private data guard, including:Mobile terminal and
Server, wherein,
Mobile terminal includes device as described above;
For receiving the solicited message of mobile terminal transmission, the first application program pair is searched based on solicited message for server
The pseudo- private data answered, and the pseudo- private data found is sent to mobile terminal.
By above-mentioned technical proposal, the method, apparatus and system of a kind of private data guard provided by the invention are mobile whole
End group obtains the pseudo- private data of the first application program in preset attribute information to server, and the pseudo- private data of acquisition is stored
To under the store path of the corresponding true private data of the first application program, and change the corresponding true privacy of the first application program
The store path of data, the second application program of configuration is to the access rights of the first application program, when the second application program accesses the
During one application program, pseudo- private data is sent to the second application program.In the present invention, mobile terminal can be by the first application program
True private data carry out " exchanges " with pseudo- private data, the true private data storage of the first application program is answered to second
With in the unknown storage region of program, therefore, when the second application program obtains the access rights to the first application program, and access
During the first application program, access be the first application program pseudo- private data rather than the first application program it is corresponding true
Private data, not only can ensure that the normal operation of the second application program, but also can ensure that the true private data of the first application program
Safety.
Above description is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, below the special specific embodiment for lifting the present invention.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, it is various other the advantages of and benefit it is common for this field
Technical staff will become clear.Attached drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of flow chart of the method for private data guard provided in an embodiment of the present invention;
Fig. 2 shows a kind of composition frame charts of the device of private data guard provided in an embodiment of the present invention;
Fig. 3 shows the composition frame chart of the device of another private data guard provided in an embodiment of the present invention;
Fig. 4 shows a kind of composition frame chart of the system of private data guard provided in an embodiment of the present invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
An embodiment of the present invention provides a kind of method of private data guard, as shown in Figure 1, the method includes:
101st, the pseudo- private data of the first application program is obtained to server based on preset attribute information.
Under normal conditions, server is in the corresponding pseudo- private data of the first application program of storage, it is understood that there may be difference is moved
The manufacturer of dynamic terminal is corresponding with different storage information, wherein, the storage information includes:The storage road of the puppet private data
Diameter, storage format, title of storage file etc., specific this law inventive embodiments are to this without limiting.Of the invention real
It applies in example, pseudo- private data of the mobile terminal based on the first application program of preset attribute acquisition of information, it is intended that in order to anti-
Only the pseudo- private data of acquisition for mobile terminal cannot be identified and use, and therefore, it is preset that each mobile terminal will be based on its own
Attribute information obtains pseudo- private data, the corresponding pseudo- private data of the first application program stored in adaptation services device.Wherein, originally
Mobile terminal described in inventive embodiments refers to the mobile terminal of Android android system.
Mobile terminal obtains the pseudo- private data of the first application program based on preset attribute information to server, wherein, institute
The unit type that preset attribute information includes but is not limited to mobile terminal is stated, distinct device model corresponds to different-format or type
Pseudo- private data.Illustratively, it is assumed that the unit type of mobile terminal A is I3, and corresponding the first of mobile terminal A should
With entitled " the pseudo- private data 001 " of the pseudo- private data of program in the server, and the unit type of mobile terminal B is
The pseudo- private data of corresponding first application program of II3, mobile terminal B in the server it is entitled " pseudo- private data-
It is general ", if mobile terminal B obtains the pseudo- private data of entitled " pseudo- private data 001 ", mobile terminal B is can not
The private data is identified.Therefore, in order to ensure each mobile terminal accurately identify its obtain pseudo- privacy
Data obtain the pseudo- private data of the first application program based on the unit type of mobile terminal to server.It these are only example
The citing of property, the embodiment of the present invention to the specific device type of mobile terminal and the file name of storage Pseudo private data without
It limits.
It should be noted that the pseudo- private data described in the embodiment of the present invention is the initialization data of the first application program,
The data when initialization data is not used for the first application program under normal conditions, i.e. the puppet private data are clear data,
The memory space of occupancy is 0KB.In embodiments of the present invention, a storage file in an application program corresponding server,
But storage form of the corresponding pseudo- private data of application program in mobile terminal and server is there may be difference, in server
During middle storage Pseudo private data, for the ease of unified management, usually using the storage Pseudo private data in a manner of database file;
In the terminal during storage Pseudo private data, the interface in order to beautify mobile terminal or the use convenient for user usually make
With the modes storage Pseudo private data such as interface, list, image.Illustratively, when the first application program is mobile terminal short message
When, it may be stored, be shown in the form of a list in the terminal, it in the server may be with the database of A.db
File is stored.The embodiment of the present invention to pseudo- private data in mobile terminal and server specific storage form without
It is specific to limit.
102nd, the store path of the corresponding true private data of the first application program of modification, and pseudo- private data is stored in
Under the former store path of true private data.
The store path of the corresponding true private data of first application program is modified, it is intended that preventing it
His application program accesses the corresponding true private data of the first application program, it is ensured that the safety of the true private data of user.It will
Under the pseudo- private data storage to the former store path of true private data obtained in step 101, when other application programs are visited
When asking the first application program, acquisition is pseudo- private data.
The embodiment of the present invention may be used in the store path for changing the corresponding true private data of the first application program
But it is not limited to following mode to realize, for example, demand of the user according to oneself, true privacy corresponding to the first application program
The store path of data is modified;Alternatively, mobile terminal depositing the corresponding true private data of the first application program automatically
It is revised as under preset store path in storage path.The specific embodiment of the present invention is to this without limiting.Illustratively, it is assumed that
When the first application program is the address list of mobile terminal, the former store path of the address list is:“/data/data/
Com.providers.contacts/databases/Ts2.db ", in order to ensure the safety of private data true in address list,
The pseudo- private data of acquisition is saved in the former store path of the address list, and by the corresponding true privacy number of the address list
According to being saved under other store paths, for example, the corresponding true private data of address list is saved in predefined paths by system
Under, and the store path is informed into the mobile terminal user;Alternatively, user oneself selects the corresponding true private data of address list
Store path, for example, being stored in the SD card of mobile terminal, specifically, the embodiment of the present invention is to storing the first application program
The store path of corresponding true private data is without limiting.
103rd, the second application program of configuration is to the access rights of the first application program.
If access rights of second application program to the first application program are not configured for user or system, it is possible that the
Two application programs are unable to operate normally or abnormal phenomena such as exiting occurs in use in the second application program, therefore,
In the embodiment of the present invention, before the second application program accesses the first application program, needing to configure the second application program has to the
The access rights of one application program.It should be noted that in embodiments of the present invention, the second application program of configuration is applied to first
The access rights of program only allow the second application program to access the first application program, are not to access the first application program
Involved in true private data.
104th, when the second application program accesses the first application program, pseudo- private data is sent to the second application program.
Second application program can access the first application program during its operation or the second application program passes through backstage
Access the first application program during operation, the embodiment of the present invention the second application program is accessed opportunity of the first application program without
It is specific to limit.When the second application program accesses the first application program, what is got is the pseudo- private data of the first application program,
Rather than it is the true private data of the first application program.In the embodiment of the present invention, mobile terminal sends pseudo- to the second application program
Private data had not both interfered with the normal use of the second application program, will not be by the true privacy number in the first application program
According to leakage, under the premise of the second application program normal operation is ensured, the peace of the true private data of the first application program ensure that
Entirely.
In another realization method of the embodiment of the present invention, from step 101 it is found that mobile terminal was obtained to server
Pseudo- private data is clear data, and for the service provider of some more intelligent application programs, when the second application program
When accessing the first application program, and obtaining the pseudo- private data of the first application program, the data of its acquisition can be first determined whether in lattice
It is whether correct in formula.For the above situation, the embodiment of the present invention can according to the actual demand of the service provider of different application,
Content in pseudo- private data is adaptively adjusted, it is ensured that pseudo- private data meets the service provider of application program on form
Requirement.Illustratively, it is assumed that the corresponding service provider's requirement of the second application program installed in mobile terminal obtains the first application
User identity card information in program, and judge whether the form of its ID card information obtained is correct, in the embodiment of the present invention
In the method for offer, system can be that the pseudo- private data of the first application program is randomly assigned the data of an identity card form, with
Prevent the second application program from judging that it obtains the authenticity of data;It should be noted that in system to the puppet of the first application program
Only it is correct on form when private data is randomly assigned the data of identity card form, and the corresponding tool of pseudo- private data
Holding in vivo need to ensure it is not true user identity card information.The embodiment of the present invention is to the specific reality of the service provider of application program
Demand is without limiting.
A kind of method of private data guard provided in an embodiment of the present invention, mobile terminal are based on preset attribute information to clothes
The pseudo- private data for device the first application program of acquisition of being engaged in, the pseudo- private data storage of acquisition is corresponding true to the first application program
Under the store path of real private data, and the store path of the corresponding true private data of the first application program is changed, configuration the
Two application programs, should to second when the second application program accesses the first application program to the access rights of the first application program
Pseudo- private data is sent with program.In embodiments of the present invention, mobile terminal can be by the true private data of the first application program
" exchange " is carried out with pseudo- private data, the true private data of the first application program is stored to the second application program is unknown and is deposited
In storage area domain, therefore, when the second application program is obtained to the access rights of the first application program, the first application program is being accessed
When, acquisition is the pseudo- private data of the first application program rather than the corresponding true private data of the first application program, can
Ensure the normal operation of the second application program, and can ensure that the safety of the true private data of the first application program.
Further, as the refinement and extension to above-described embodiment, the second application program pair is configured in above-mentioned steps 103
During the access rights of the first application program, normal operation and use in order to ensure the second application program, in the second application of configuration
Program during the access rights of the first application program to may be employed without limitation of following mode to realize, in the second application of installation
During program, access rights of second application program to the first application program are configured, in the process for subsequently using the second application program
It is middle to have the access rights for accessing the first application program always;Alternatively, in the second application program in the process of running, with pop-up pair
The form of frame is talked about, inquires the user of mobile terminal, if the second application program is allowed to obtain the access for accessing the first application program
Permission, this kind of mode can be in the second application program of each run and use, and whether will pop up allows the second application program to obtain
Take the dialog box for the access rights for accessing the first application program.The embodiment of the present invention applies the second application program of configuration to first
The specific implementation of the access rights of program is without limiting.
Further, what the second application program obtained in above-described embodiment is the corresponding pseudo- privacy number of the first application program
According to, and in inventive embodiments, it is also possible to it needs to obtain the corresponding true privacy of the first application program there are the second application program
Data, for example, when the first application program is address list, when the second application program is backup address list application program, at this point, second
Application program needs to get the true private data of the first application program.When the second application program accesses the first application program
When, it prompts the user whether that the second application program is allowed to access true private data, if user allows the second application program to access very
Real private data then sends true private data to the second application program;It is true that if user does not allow the second application program to access
Private data then sends pseudo- private data to the second application program.
Illustratively, when the second application program accesses the first application program, mobile terminal can pop up inquiry and use every time
Whether family allows the dialog box of the true private data of the second application program access, and the content involved in dialog box includes system and sends
The control button that the content of prompt message and allowed/not allowed second application program access.Wherein, the content in dialog box can be with
Including but not limited to following content, " whether allow to access" or " allowing to access true private data " etc.;Dialog box
In control button in can include contents, the user such as " permanent allow ", " this once permission ", " not allowing to access " can root
According to the actual demand of its own to whether the permission that the second application program is allowed to access true private data is set.The present invention
Form, the content for prompting user of embodiment to prompting user etc. is without specifically limiting.
Further, as described above when the second application program accesses the first application program, mobile terminal every time can bullet
Go out the prompt message for asking the user whether that the second application program is allowed to access true private data, this cumbersome mode of operation exists
Puzzlement can be brought to user to a certain extent, to solve the above-mentioned problems, in method provided in an embodiment of the present invention, is used in prompting
Before whether family allows the true private data of the second application program access, count to the second application program and send true private data
Transmission times, if transmission times is more than or equal to preset times threshold value, cancel prompting to user, and from trend second
Application program sends true private data;If transmission times is less than preset times threshold value, prompt the user whether to allow second to answer
With the true private data of routine access.Wherein, the preset times threshold value is the parameter being manually set, and user can be according to it certainly
The actual demand of body is configured the preset times threshold value.The embodiment of the present invention, can be with when setting preset times threshold value
It is set as 5 times;Alternatively, may be set to be 8 times etc., the specific embodiment of the present invention is to this without limiting.
Illustratively, it is assumed that preset times threshold value is 5 times, when mobile terminal counts true hidden to the transmission of the second application program
When the transmission times of private data is 5 times, then true private data is sent from the second application program of trend;When mobile terminal count to
When the transmission times that second application program sends true private data is 1 time, then mobile terminal can prompt the user whether permission the
Two application programs access true private data.
In another implementation, mobile terminal is determining whether the second application program the first application program of access
True private data when, can also be by judging whether the second application program is the default trusted application journey trusted in list
The mode of sequence is realized, when judging the second application program for the trusted application program in default trust list, to the second application
Program sends true private data;When it is not the trusted application program in default trust list to judge the second application program,
Then pseudo- private data is sent to the second application program.Wherein, the trusted application program in the default trust list can be
User is according to the actual demand of its own is set or mobile terminal is set automatically.
Illustratively, when user is configured default trust list, there are one the default letters of setting in the terminal
Appoint the control of the trusted application program in list, when user clicks the control, can pop up in a drop-down list, the list
In comprising all application programs installed in mobile terminal, user may be selected that the second application for accessing the first application program
Program, and second application program is identified, such user just completes the addition trusted into default trust list and answers
Use program;If user wants to delete the default trusted application program trusted in list of setting, the second application program is not allowed to continue
When accessing the true private data of the first application program, set likewise, user can also complete to delete by above-mentioned realization method
Put default the second application program trusted in list.In addition, when mobile terminal sets default trust list automatically, can sentence automatically
Trusted application program during which application program of breaking, for example, when the first application program is information, then mobile terminal can will communicate
Record is automatically added in default trust list, using address list as the default trusted application program trusted in list;When first
When application program is photograph album, then camera can be added in default trust list by mobile terminal, trust name using camera as default
Trusted application program in list.It these are only illustrative citing, the embodiment of the present invention is to setting in default trust list
The realization method of trusted application program and the concrete type of specific trusted application program are without limiting.
Further, in order to further ensure that the corresponding true private data of the first application program is safety,
After the store path for changing the corresponding true private data of the first application program, to the memory block of the true private data
Domain is encrypted.It should be noted that involved in the embodiment of the present invention being that the storage region of true private data is added
It is close rather than true private data is encrypted.If it is only that true private data is encrypted, when the second application program
When the true private data of the first application program is accessed without the permission of mobile terminal, which can be uploaded to
It, equally can be by the private data of user if the password of the encrypted true private data is cracked on corresponding server
Leakage, therefore, mode used in the embodiment of the present invention is that the storage region of true private data is encrypted, in this way, second
The true private data of the first application program just will not be accessed in application program, it is ensured that the true private data of the first application program
Safety.The embodiment of the present invention may be used and appoint in the prior art when the storage region to true private data is encrypted
A kind of what cipher mode is realized, cipher mode of storage region of true private data is no longer repeated at this.
Further, as the realization to method shown in above-mentioned Fig. 1, the embodiment of the present invention provides a kind of private data guard
Device, as shown in Fig. 2, described device includes:
Acquiring unit 21, for the pseudo- private data of the first application program to be obtained to server based on preset attribute information,
Pseudo- private data is the initialization data of the first application program;
Unit 22 is changed, for changing the store path of the corresponding true private data of the first application program;
Storage unit 23 stores for the pseudo- private data that acquiring unit 21 obtains to be stored in the former of true private data
Under path;
Dispensing unit 24, for access rights of second application program to the first application program to be configured;
First transmitting element 25, for when the second application program accesses the first application program, being sent out to the second application program
Send pseudo- private data.
Further, dispensing unit 24 are additionally operable to when installing the second application program, and the second application program of configuration is to the
The access rights of one application program.
Further, as shown in figure 3, device further includes:
Prompt unit 26, for when the second application program accesses the first application program, prompting the user whether permission second
Application program accesses true private data;
Second transmitting element 27, for when prompt unit 26 allows to access, true privacy to be sent to the second application program
Data.
Further, as shown in figure 3, device further includes:
Statistic unit 28, for prompting the user whether that the second application program is allowed to access true privacy number in prompt unit 26
According to the transmission times before, counted to the true private data of the second application program transmission;
Cancel unit 29, when the transmission times for being counted when statistic unit 28 is greater than or equal to preset times threshold value, take
The prompting to disappear to user;
Second transmitting element 27 is additionally operable to send true private data from the second application program of trend.
Further, as shown in figure 3, device further includes:
Judging unit 210, for when the second application program accesses the first application program, whether judging the second application program
For the default trusted application program trusted in list;
Third transmitting element 211, for when the judging result of judging unit 210 is when being, sends to the second application program
True private data.
Further, as shown in figure 3, device further includes:
Encryption unit 212, for changing the storage of the corresponding true private data of the first application program in modification unit 22
After path, the storage region of true private data is encrypted.
Further, unit type of the preset attribute information in acquiring unit 21 for mobile terminal, distinct device model
The pseudo- privacy information of corresponding different-format or type.
Further, the embodiment of the present invention also provides a kind of system of private data guard, as shown in figure 4, the system packet
It includes:Mobile terminal 41 and server 42, wherein,
Mobile terminal 41 includes the device as shown in any one of Fig. 2 or Fig. 3;
Server 42 for receiving the solicited message of the transmission of mobile terminal 41, searches first based on solicited message and applies journey
The corresponding pseudo- private data of sequence, and the pseudo- private data found is sent to mobile terminal 41.
A kind of apparatus and system of private data guard provided in an embodiment of the present invention, mobile terminal are believed based on preset attribute
The pseudo- private data that the first application program is obtained to server is ceased, by the pseudo- private data storage of acquisition to the first application program pair
Under the store path of true private data answered, and the store path of the corresponding true private data of the first application program is changed,
Access rights of second application program to the first application program are configured, when the second application program accesses the first application program, to
Second application program sends pseudo- private data.In embodiments of the present invention, mobile terminal can be by the true hidden of the first application program
Private data carry out " exchange " with pseudo- private data, and the true private data of the first application program is stored to the second application program not
In the storage region known, therefore, when the second application program is obtained to the access rights of the first application program, the first application is being accessed
During program, acquisition is the pseudo- private data of the first application program rather than the corresponding true private data of the first application program,
Not only it can ensure that the normal operation of the second application program, but also can ensure that the safety of the true private data of the first application program.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment
Point, it may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment
" first ", " second " etc. be for distinguishing each embodiment, and do not represent the quality of each embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit can refer to the corresponding process in preceding method embodiment, and details are not described herein.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with teaching based on this.As described above, required by constructing this kind of system
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that it can utilize various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the specification provided in this place, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim is in itself
Separate embodiments all as the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Profit requirement, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization or to be run on one or more processor
Software module realize or realized with combination thereof.It will be understood by those of skill in the art that it can use in practice
Microprocessor or digital signal processor (DSP) realize the denomination of invention according to embodiments of the present invention (as determined in website
The device of Hyperlink rank) in some or all components some or all functions.The present invention is also implemented as being used for
Perform method as described herein some or all equipment or program of device (for example, computer program and calculating
Machine program product).Such program for realizing the present invention can may be stored on the computer-readable medium or there are one can having
Or the form of multiple signals.Such signal can be downloaded from internet website and obtain or be provided on carrier signal,
Or it is provided in the form of any other.
It should be noted that the present invention will be described rather than limits the invention, and ability for above-described embodiment
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and run after fame
Claim.
Claims (13)
- A kind of 1. method of private data guard, which is characterized in that including:The pseudo- private data of the first application program is obtained to server based on preset attribute information, the puppet private data is described The initialization data of first application program;The store path of the corresponding true private data of first application program is changed, and the pseudo- private data is stored in Under the former store path of the true private data;The storage region of the true private data is encrypted;Access rights of second application program to first application program are configured;When second application program accesses first application program, the pseudo- privacy is sent to second application program Data.
- 2. according to the method described in claim 1, it is characterized in that, the second application program of the configuration applies journey to described first The access rights of sequence, including:When installing second application program, access right of second application program to first application program is configured Limit.
- 3. according to the method described in claim 2, it is characterized in that, the method further includes:When second application program accesses first application program, prompt the user whether to allow second application program Access the true private data;If allowing to access, the true private data is sent to second application program.
- 4. according to the method described in claim 3, it is characterized in that, prompt the user whether to allow described second using journey described Before sequence accesses the true private data, the method further includes:Count the transmission times that the true private data is sent to second application program;If the transmission times is greater than or equal to preset times threshold value, cancel the prompting to the user, and from described in trend Second application program sends the true private data.
- 5. according to the method described in claim 2, it is characterized in that, the method further includes:When second application program accesses first application program, judge whether second application program is default letter Appoint the trusted application program in list;If the determination result is YES, then the true private data is sent to second application program.
- 6. the method according to any one of claims 1 to 5, it is characterized in that, the preset attribute information is mobile whole The unit type at end, distinct device model correspond to different-format or the pseudo- privacy information of type.
- 7. a kind of device of private data guard, which is characterized in that including:Acquiring unit, for obtaining the pseudo- private data of the first application program, the puppet to server based on preset attribute information Private data is the initialization data of first application program;Unit is changed, for changing the store path of the corresponding true private data of first application program;Encryption unit is encrypted for the storage region to the true private data;Storage unit, for the pseudo- private data that the acquiring unit obtains to be stored in the original of the true private data Under store path;Dispensing unit, for access rights of second application program to first application program to be configured;First transmitting element, for when second application program accesses first application program, being applied to described second Program sends the pseudo- private data.
- 8. device according to claim 7, which is characterized in that the dispensing unit, being additionally operable to should in installation described second During with program, access rights of second application program to first application program are configured.
- 9. device according to claim 8, which is characterized in that described device further includes:Prompt unit, for when second application program accesses first application program, prompting the user whether to allow institute It states the second application program and accesses the true private data;Second transmitting element, for when the prompt unit allows to access, being sent to second application program described true Private data.
- 10. device according to claim 9, which is characterized in that described device further includes:Statistic unit, for prompting the user whether to allow the second application program access described true hidden in the prompt unit Before private data, the transmission times that the true private data is sent to second application program is counted;Cancel unit, when the transmission times for being counted when the statistic unit is greater than or equal to preset times threshold value, take The prompting to disappear to the user;Second transmitting element is additionally operable to after the cancellation unit is cancelled to the prompting of the user, from described in trend the Two application programs send the true private data.
- 11. device according to claim 8, which is characterized in that described device further includes:Judging unit, for when second application program accesses first application program, judging described second using journey Whether sequence is the default trusted application program trusted in list;Third transmitting element, for when the judging result of the judging unit is when being, institute is sent to second application program State true private data.
- 12. the device according to any one of claim 7 to 11, which is characterized in that described pre- in the acquiring unit The unit type that attribute information is mobile terminal is put, distinct device model corresponds to different-format or the pseudo- privacy information of type.
- 13. a kind of system of private data guard, which is characterized in that the system comprises:Mobile terminal and server, wherein,The mobile terminal includes the device described in any one of claim 7 to 12;The server, for receiving the solicited message that the mobile terminal is sent, searching first based on the solicited message should With the corresponding pseudo- private data of program, and the pseudo- private data found is sent to the mobile terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510375462.6A CN105095788B (en) | 2015-06-30 | 2015-06-30 | The method, apparatus and system of private data guard |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510375462.6A CN105095788B (en) | 2015-06-30 | 2015-06-30 | The method, apparatus and system of private data guard |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105095788A CN105095788A (en) | 2015-11-25 |
| CN105095788B true CN105095788B (en) | 2018-06-29 |
Family
ID=54576187
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510375462.6A Active CN105095788B (en) | 2015-06-30 | 2015-06-30 | The method, apparatus and system of private data guard |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095788B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106874748A (en) * | 2015-12-11 | 2017-06-20 | 北京奇虎科技有限公司 | A kind of method and apparatus that user data is provided |
| CN106909853A (en) * | 2015-12-22 | 2017-06-30 | 北京奇虎科技有限公司 | One kind operation performs method and device |
| CN107979684A (en) * | 2016-10-21 | 2018-05-01 | 中兴通讯股份有限公司 | Right management method, device and terminal |
| CN106980792B (en) * | 2017-03-31 | 2023-07-21 | 联想(北京)有限公司 | Control method of application permission, electronic equipment and server |
| CN107220538A (en) * | 2017-06-27 | 2017-09-29 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN107341406A (en) * | 2017-07-05 | 2017-11-10 | 北京奇安信科技有限公司 | A kind of method and terminal for protecting privacy of user data |
| CN107703852B (en) * | 2017-10-17 | 2020-08-18 | 珠海格力电器股份有限公司 | System and method for counting using information of electric appliance |
| CN110765426A (en) * | 2019-10-22 | 2020-02-07 | 深圳市康冠智能科技有限公司 | Equipment permission setting method, device, equipment and computer storage medium |
| CN114969798B (en) * | 2022-07-25 | 2022-11-04 | 成都中科合迅科技有限公司 | Industrial data safety management method based on digital middlebox |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1673982A (en) * | 2004-03-23 | 2005-09-28 | 联想(北京)有限公司 | Method for realizing hard disk protection |
| CN103294941A (en) * | 2012-02-22 | 2013-09-11 | 腾讯科技(深圳)有限公司 | Method for accessing private space and mobile device |
| CN103312801A (en) * | 2013-06-05 | 2013-09-18 | 上海西本网络科技有限公司 | Application devices, interaction method and system for data between application devices and server |
| CN103310135A (en) * | 2012-03-13 | 2013-09-18 | 腾讯科技(深圳)有限公司 | Method for shielding application permission and mobile terminal |
| CN103544447A (en) * | 2013-05-30 | 2014-01-29 | Tcl集团股份有限公司 | Method and terminal for preventing leakage of confidential information according to Android system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103176853A (en) * | 2011-12-23 | 2013-06-26 | 腾讯科技(深圳)有限公司 | Method and system realizing communication among multiple applications |
| CN104348895A (en) * | 2013-08-09 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for sharing data among programs in mobile terminal |
| CN104462961B (en) * | 2014-12-24 | 2018-04-10 | 北京奇虎科技有限公司 | Mobile terminal and its privacy authority optimization method |
-
2015
- 2015-06-30 CN CN201510375462.6A patent/CN105095788B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1673982A (en) * | 2004-03-23 | 2005-09-28 | 联想(北京)有限公司 | Method for realizing hard disk protection |
| CN103294941A (en) * | 2012-02-22 | 2013-09-11 | 腾讯科技(深圳)有限公司 | Method for accessing private space and mobile device |
| CN103310135A (en) * | 2012-03-13 | 2013-09-18 | 腾讯科技(深圳)有限公司 | Method for shielding application permission and mobile terminal |
| CN103544447A (en) * | 2013-05-30 | 2014-01-29 | Tcl集团股份有限公司 | Method and terminal for preventing leakage of confidential information according to Android system |
| CN103312801A (en) * | 2013-06-05 | 2013-09-18 | 上海西本网络科技有限公司 | Application devices, interaction method and system for data between application devices and server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105095788A (en) | 2015-11-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105095788B (en) | The method, apparatus and system of private data guard | |
| CN105007280B (en) | A kind of application login method and device | |
| US11017088B2 (en) | Crowdsourced, self-learning security system through smart feedback loops | |
| CN107645486B (en) | login authentication method and device | |
| AU2020202168B2 (en) | Method and system related to authentication of users for accessing data networks | |
| US9898621B2 (en) | Automatic application dependent anonymization | |
| US11968217B2 (en) | Domain name and URL visual verification for increased security | |
| CN105207775B (en) | The read method and device of verification information | |
| CN103607385A (en) | Method and apparatus for security detection based on browser | |
| CN110086768A (en) | A kind of method for processing business and device | |
| CN109088909B (en) | Service gray level publishing method and device based on merchant type | |
| CN108307333B (en) | Method and device for transmitting intermediate number for mobile communication equipment and storage medium | |
| CN103139761B (en) | The method and communication terminal of a kind of information real-time show | |
| CN105340213A (en) | Method and apparatus for secure data transmissions | |
| CN104822145A (en) | Method, apparatus and system for identifying a pseudo base-station short message | |
| CN112311769B (en) | Method, system, electronic device and medium for security authentication | |
| US20100106771A1 (en) | Method and apparatus for communication based on certification using static and dynamic identifier | |
| CN108009439A (en) | The method, apparatus and system of resource request | |
| US10116701B2 (en) | Device-type based content management | |
| CN106304022A (en) | Mobile terminal and the processing method to log-on message thereof | |
| CN104022874A (en) | Method for information processing and electronic equipment | |
| KR20150049457A (en) | Method and apparatus for managing authentication information | |
| CN102946397B (en) | User authen method and system | |
| CN107592217A (en) | A kind of user identification method and device | |
| CN106416188B (en) | Method, system and network for protecting user identity and/or user data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220725 Address after: 300450 No. 9-3-401, No. 39, Gaoxin 6th Road, Binhai Science Park, Binhai New Area, Tianjin Patentee after: 3600 Technology Group Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230713 Address after: 1765, floor 17, floor 15, building 3, No. 10 Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: Beijing Hongxiang Technical Service Co.,Ltd. Address before: 300450 No. 9-3-401, No. 39, Gaoxin 6th Road, Binhai Science Park, Binhai New Area, Tianjin Patentee before: 3600 Technology Group Co.,Ltd. |