Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
Completely it is communicated to those skilled in the art.
An embodiment of the present invention provides a kind of method of private data guard, as shown in Figure 1, the method includes:
101st, the pseudo- private data of the first application program is obtained to server based on preset attribute information.
Under normal conditions, server is in the corresponding pseudo- private data of the first application program of storage, it is understood that there may be difference is moved
The manufacturer of dynamic terminal is corresponding with different storage information, wherein, the storage information includes:The storage road of the puppet private data
Diameter, storage format, title of storage file etc., specific this law inventive embodiments are to this without limiting.Of the invention real
It applies in example, pseudo- private data of the mobile terminal based on the first application program of preset attribute acquisition of information, it is intended that in order to anti-
Only the pseudo- private data of acquisition for mobile terminal cannot be identified and use, and therefore, it is preset that each mobile terminal will be based on its own
Attribute information obtains pseudo- private data, the corresponding pseudo- private data of the first application program stored in adaptation services device.Wherein, originally
Mobile terminal described in inventive embodiments refers to the mobile terminal of Android android system.
Mobile terminal obtains the pseudo- private data of the first application program based on preset attribute information to server, wherein, institute
The unit type that preset attribute information includes but is not limited to mobile terminal is stated, distinct device model corresponds to different-format or type
Pseudo- private data.Illustratively, it is assumed that the unit type of mobile terminal A is I3, and corresponding the first of mobile terminal A should
With entitled " the pseudo- private data 001 " of the pseudo- private data of program in the server, and the unit type of mobile terminal B is
The pseudo- private data of corresponding first application program of II3, mobile terminal B in the server it is entitled " pseudo- private data-
It is general ", if mobile terminal B obtains the pseudo- private data of entitled " pseudo- private data 001 ", mobile terminal B is can not
The private data is identified.Therefore, in order to ensure each mobile terminal accurately identify its obtain pseudo- privacy
Data obtain the pseudo- private data of the first application program based on the unit type of mobile terminal to server.It these are only example
The citing of property, the embodiment of the present invention to the specific device type of mobile terminal and the file name of storage Pseudo private data without
It limits.
It should be noted that the pseudo- private data described in the embodiment of the present invention is the initialization data of the first application program,
The data when initialization data is not used for the first application program under normal conditions, i.e. the puppet private data are clear data,
The memory space of occupancy is 0KB.In embodiments of the present invention, a storage file in an application program corresponding server,
But storage form of the corresponding pseudo- private data of application program in mobile terminal and server is there may be difference, in server
During middle storage Pseudo private data, for the ease of unified management, usually using the storage Pseudo private data in a manner of database file;
In the terminal during storage Pseudo private data, the interface in order to beautify mobile terminal or the use convenient for user usually make
With the modes storage Pseudo private data such as interface, list, image.Illustratively, when the first application program is mobile terminal short message
When, it may be stored, be shown in the form of a list in the terminal, it in the server may be with the database of A.db
File is stored.The embodiment of the present invention to pseudo- private data in mobile terminal and server specific storage form without
It is specific to limit.
102nd, the store path of the corresponding true private data of the first application program of modification, and pseudo- private data is stored in
Under the former store path of true private data.
The store path of the corresponding true private data of first application program is modified, it is intended that preventing it
His application program accesses the corresponding true private data of the first application program, it is ensured that the safety of the true private data of user.It will
Under the pseudo- private data storage to the former store path of true private data obtained in step 101, when other application programs are visited
When asking the first application program, acquisition is pseudo- private data.
The embodiment of the present invention may be used in the store path for changing the corresponding true private data of the first application program
But it is not limited to following mode to realize, for example, demand of the user according to oneself, true privacy corresponding to the first application program
The store path of data is modified;Alternatively, mobile terminal depositing the corresponding true private data of the first application program automatically
It is revised as under preset store path in storage path.The specific embodiment of the present invention is to this without limiting.Illustratively, it is assumed that
When the first application program is the address list of mobile terminal, the former store path of the address list is:“/data/data/
Com.providers.contacts/databases/Ts2.db ", in order to ensure the safety of private data true in address list,
The pseudo- private data of acquisition is saved in the former store path of the address list, and by the corresponding true privacy number of the address list
According to being saved under other store paths, for example, the corresponding true private data of address list is saved in predefined paths by system
Under, and the store path is informed into the mobile terminal user;Alternatively, user oneself selects the corresponding true private data of address list
Store path, for example, being stored in the SD card of mobile terminal, specifically, the embodiment of the present invention is to storing the first application program
The store path of corresponding true private data is without limiting.
103rd, the second application program of configuration is to the access rights of the first application program.
If access rights of second application program to the first application program are not configured for user or system, it is possible that the
Two application programs are unable to operate normally or abnormal phenomena such as exiting occurs in use in the second application program, therefore,
In the embodiment of the present invention, before the second application program accesses the first application program, needing to configure the second application program has to the
The access rights of one application program.It should be noted that in embodiments of the present invention, the second application program of configuration is applied to first
The access rights of program only allow the second application program to access the first application program, are not to access the first application program
Involved in true private data.
104th, when the second application program accesses the first application program, pseudo- private data is sent to the second application program.
Second application program can access the first application program during its operation or the second application program passes through backstage
Access the first application program during operation, the embodiment of the present invention the second application program is accessed opportunity of the first application program without
It is specific to limit.When the second application program accesses the first application program, what is got is the pseudo- private data of the first application program,
Rather than it is the true private data of the first application program.In the embodiment of the present invention, mobile terminal sends pseudo- to the second application program
Private data had not both interfered with the normal use of the second application program, will not be by the true privacy number in the first application program
According to leakage, under the premise of the second application program normal operation is ensured, the peace of the true private data of the first application program ensure that
Entirely.
In another realization method of the embodiment of the present invention, from step 101 it is found that mobile terminal was obtained to server
Pseudo- private data is clear data, and for the service provider of some more intelligent application programs, when the second application program
When accessing the first application program, and obtaining the pseudo- private data of the first application program, the data of its acquisition can be first determined whether in lattice
It is whether correct in formula.For the above situation, the embodiment of the present invention can according to the actual demand of the service provider of different application,
Content in pseudo- private data is adaptively adjusted, it is ensured that pseudo- private data meets the service provider of application program on form
Requirement.Illustratively, it is assumed that the corresponding service provider's requirement of the second application program installed in mobile terminal obtains the first application
User identity card information in program, and judge whether the form of its ID card information obtained is correct, in the embodiment of the present invention
In the method for offer, system can be that the pseudo- private data of the first application program is randomly assigned the data of an identity card form, with
Prevent the second application program from judging that it obtains the authenticity of data;It should be noted that in system to the puppet of the first application program
Only it is correct on form when private data is randomly assigned the data of identity card form, and the corresponding tool of pseudo- private data
Holding in vivo need to ensure it is not true user identity card information.The embodiment of the present invention is to the specific reality of the service provider of application program
Demand is without limiting.
A kind of method of private data guard provided in an embodiment of the present invention, mobile terminal are based on preset attribute information to clothes
The pseudo- private data for device the first application program of acquisition of being engaged in, the pseudo- private data storage of acquisition is corresponding true to the first application program
Under the store path of real private data, and the store path of the corresponding true private data of the first application program is changed, configuration the
Two application programs, should to second when the second application program accesses the first application program to the access rights of the first application program
Pseudo- private data is sent with program.In embodiments of the present invention, mobile terminal can be by the true private data of the first application program
" exchange " is carried out with pseudo- private data, the true private data of the first application program is stored to the second application program is unknown and is deposited
In storage area domain, therefore, when the second application program is obtained to the access rights of the first application program, the first application program is being accessed
When, acquisition is the pseudo- private data of the first application program rather than the corresponding true private data of the first application program, can
Ensure the normal operation of the second application program, and can ensure that the safety of the true private data of the first application program.
Further, as the refinement and extension to above-described embodiment, the second application program pair is configured in above-mentioned steps 103
During the access rights of the first application program, normal operation and use in order to ensure the second application program, in the second application of configuration
Program during the access rights of the first application program to may be employed without limitation of following mode to realize, in the second application of installation
During program, access rights of second application program to the first application program are configured, in the process for subsequently using the second application program
It is middle to have the access rights for accessing the first application program always;Alternatively, in the second application program in the process of running, with pop-up pair
The form of frame is talked about, inquires the user of mobile terminal, if the second application program is allowed to obtain the access for accessing the first application program
Permission, this kind of mode can be in the second application program of each run and use, and whether will pop up allows the second application program to obtain
Take the dialog box for the access rights for accessing the first application program.The embodiment of the present invention applies the second application program of configuration to first
The specific implementation of the access rights of program is without limiting.
Further, what the second application program obtained in above-described embodiment is the corresponding pseudo- privacy number of the first application program
According to, and in inventive embodiments, it is also possible to it needs to obtain the corresponding true privacy of the first application program there are the second application program
Data, for example, when the first application program is address list, when the second application program is backup address list application program, at this point, second
Application program needs to get the true private data of the first application program.When the second application program accesses the first application program
When, it prompts the user whether that the second application program is allowed to access true private data, if user allows the second application program to access very
Real private data then sends true private data to the second application program;It is true that if user does not allow the second application program to access
Private data then sends pseudo- private data to the second application program.
Illustratively, when the second application program accesses the first application program, mobile terminal can pop up inquiry and use every time
Whether family allows the dialog box of the true private data of the second application program access, and the content involved in dialog box includes system and sends
The control button that the content of prompt message and allowed/not allowed second application program access.Wherein, the content in dialog box can be with
Including but not limited to following content, " whether allow to access" or " allowing to access true private data " etc.;Dialog box
In control button in can include contents, the user such as " permanent allow ", " this once permission ", " not allowing to access " can root
According to the actual demand of its own to whether the permission that the second application program is allowed to access true private data is set.The present invention
Form, the content for prompting user of embodiment to prompting user etc. is without specifically limiting.
Further, as described above when the second application program accesses the first application program, mobile terminal every time can bullet
Go out the prompt message for asking the user whether that the second application program is allowed to access true private data, this cumbersome mode of operation exists
Puzzlement can be brought to user to a certain extent, to solve the above-mentioned problems, in method provided in an embodiment of the present invention, is used in prompting
Before whether family allows the true private data of the second application program access, count to the second application program and send true private data
Transmission times, if transmission times is more than or equal to preset times threshold value, cancel prompting to user, and from trend second
Application program sends true private data;If transmission times is less than preset times threshold value, prompt the user whether to allow second to answer
With the true private data of routine access.Wherein, the preset times threshold value is the parameter being manually set, and user can be according to it certainly
The actual demand of body is configured the preset times threshold value.The embodiment of the present invention, can be with when setting preset times threshold value
It is set as 5 times;Alternatively, may be set to be 8 times etc., the specific embodiment of the present invention is to this without limiting.
Illustratively, it is assumed that preset times threshold value is 5 times, when mobile terminal counts true hidden to the transmission of the second application program
When the transmission times of private data is 5 times, then true private data is sent from the second application program of trend;When mobile terminal count to
When the transmission times that second application program sends true private data is 1 time, then mobile terminal can prompt the user whether permission the
Two application programs access true private data.
In another implementation, mobile terminal is determining whether the second application program the first application program of access
True private data when, can also be by judging whether the second application program is the default trusted application journey trusted in list
The mode of sequence is realized, when judging the second application program for the trusted application program in default trust list, to the second application
Program sends true private data;When it is not the trusted application program in default trust list to judge the second application program,
Then pseudo- private data is sent to the second application program.Wherein, the trusted application program in the default trust list can be
User is according to the actual demand of its own is set or mobile terminal is set automatically.
Illustratively, when user is configured default trust list, there are one the default letters of setting in the terminal
Appoint the control of the trusted application program in list, when user clicks the control, can pop up in a drop-down list, the list
In comprising all application programs installed in mobile terminal, user may be selected that the second application for accessing the first application program
Program, and second application program is identified, such user just completes the addition trusted into default trust list and answers
Use program;If user wants to delete the default trusted application program trusted in list of setting, the second application program is not allowed to continue
When accessing the true private data of the first application program, set likewise, user can also complete to delete by above-mentioned realization method
Put default the second application program trusted in list.In addition, when mobile terminal sets default trust list automatically, can sentence automatically
Trusted application program during which application program of breaking, for example, when the first application program is information, then mobile terminal can will communicate
Record is automatically added in default trust list, using address list as the default trusted application program trusted in list;When first
When application program is photograph album, then camera can be added in default trust list by mobile terminal, trust name using camera as default
Trusted application program in list.It these are only illustrative citing, the embodiment of the present invention is to setting in default trust list
The realization method of trusted application program and the concrete type of specific trusted application program are without limiting.
Further, in order to further ensure that the corresponding true private data of the first application program is safety,
After the store path for changing the corresponding true private data of the first application program, to the memory block of the true private data
Domain is encrypted.It should be noted that involved in the embodiment of the present invention being that the storage region of true private data is added
It is close rather than true private data is encrypted.If it is only that true private data is encrypted, when the second application program
When the true private data of the first application program is accessed without the permission of mobile terminal, which can be uploaded to
It, equally can be by the private data of user if the password of the encrypted true private data is cracked on corresponding server
Leakage, therefore, mode used in the embodiment of the present invention is that the storage region of true private data is encrypted, in this way, second
The true private data of the first application program just will not be accessed in application program, it is ensured that the true private data of the first application program
Safety.The embodiment of the present invention may be used and appoint in the prior art when the storage region to true private data is encrypted
A kind of what cipher mode is realized, cipher mode of storage region of true private data is no longer repeated at this.
Further, as the realization to method shown in above-mentioned Fig. 1, the embodiment of the present invention provides a kind of private data guard
Device, as shown in Fig. 2, described device includes:
Acquiring unit 21, for the pseudo- private data of the first application program to be obtained to server based on preset attribute information,
Pseudo- private data is the initialization data of the first application program;
Unit 22 is changed, for changing the store path of the corresponding true private data of the first application program;
Storage unit 23 stores for the pseudo- private data that acquiring unit 21 obtains to be stored in the former of true private data
Under path;
Dispensing unit 24, for access rights of second application program to the first application program to be configured;
First transmitting element 25, for when the second application program accesses the first application program, being sent out to the second application program
Send pseudo- private data.
Further, dispensing unit 24 are additionally operable to when installing the second application program, and the second application program of configuration is to the
The access rights of one application program.
Further, as shown in figure 3, device further includes:
Prompt unit 26, for when the second application program accesses the first application program, prompting the user whether permission second
Application program accesses true private data;
Second transmitting element 27, for when prompt unit 26 allows to access, true privacy to be sent to the second application program
Data.
Further, as shown in figure 3, device further includes:
Statistic unit 28, for prompting the user whether that the second application program is allowed to access true privacy number in prompt unit 26
According to the transmission times before, counted to the true private data of the second application program transmission;
Cancel unit 29, when the transmission times for being counted when statistic unit 28 is greater than or equal to preset times threshold value, take
The prompting to disappear to user;
Second transmitting element 27 is additionally operable to send true private data from the second application program of trend.
Further, as shown in figure 3, device further includes:
Judging unit 210, for when the second application program accesses the first application program, whether judging the second application program
For the default trusted application program trusted in list;
Third transmitting element 211, for when the judging result of judging unit 210 is when being, sends to the second application program
True private data.
Further, as shown in figure 3, device further includes:
Encryption unit 212, for changing the storage of the corresponding true private data of the first application program in modification unit 22
After path, the storage region of true private data is encrypted.
Further, unit type of the preset attribute information in acquiring unit 21 for mobile terminal, distinct device model
The pseudo- privacy information of corresponding different-format or type.
Further, the embodiment of the present invention also provides a kind of system of private data guard, as shown in figure 4, the system packet
It includes:Mobile terminal 41 and server 42, wherein,
Mobile terminal 41 includes the device as shown in any one of Fig. 2 or Fig. 3;
Server 42 for receiving the solicited message of the transmission of mobile terminal 41, searches first based on solicited message and applies journey
The corresponding pseudo- private data of sequence, and the pseudo- private data found is sent to mobile terminal 41.
A kind of apparatus and system of private data guard provided in an embodiment of the present invention, mobile terminal are believed based on preset attribute
The pseudo- private data that the first application program is obtained to server is ceased, by the pseudo- private data storage of acquisition to the first application program pair
Under the store path of true private data answered, and the store path of the corresponding true private data of the first application program is changed,
Access rights of second application program to the first application program are configured, when the second application program accesses the first application program, to
Second application program sends pseudo- private data.In embodiments of the present invention, mobile terminal can be by the true hidden of the first application program
Private data carry out " exchange " with pseudo- private data, and the true private data of the first application program is stored to the second application program not
In the storage region known, therefore, when the second application program is obtained to the access rights of the first application program, the first application is being accessed
During program, acquisition is the pseudo- private data of the first application program rather than the corresponding true private data of the first application program,
Not only it can ensure that the normal operation of the second application program, but also can ensure that the safety of the true private data of the first application program.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment
Point, it may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in the above method and device can be referred to mutually.In addition, in above-described embodiment
" first ", " second " etc. be for distinguishing each embodiment, and do not represent the quality of each embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit can refer to the corresponding process in preceding method embodiment, and details are not described herein.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with teaching based on this.As described above, required by constructing this kind of system
Structure be obvious.In addition, the present invention is not also directed to any certain programmed language.It should be understood that it can utilize various
Programming language realizes the content of invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the specification provided in this place, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention
Example can be put into practice without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of each inventive aspect,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
Shield the present invention claims the more features of feature than being expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim is in itself
Separate embodiments all as the present invention.
Those skilled in the art, which are appreciated that, to carry out adaptively the module in the equipment in embodiment
Change and they are arranged in one or more equipment different from the embodiment.It can be the module or list in embodiment
Member or component be combined into a module or unit or component and can be divided into addition multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it may be used any
Combination is disclosed to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so to appoint
Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Profit requirement, abstract and attached drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means in of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
One of meaning mode can use in any combination.
The all parts embodiment of the present invention can be with hardware realization or to be run on one or more processor
Software module realize or realized with combination thereof.It will be understood by those of skill in the art that it can use in practice
Microprocessor or digital signal processor (DSP) realize the denomination of invention according to embodiments of the present invention (as determined in website
The device of Hyperlink rank) in some or all components some or all functions.The present invention is also implemented as being used for
Perform method as described herein some or all equipment or program of device (for example, computer program and calculating
Machine program product).Such program for realizing the present invention can may be stored on the computer-readable medium or there are one can having
Or the form of multiple signals.Such signal can be downloaded from internet website and obtain or be provided on carrier signal,
Or it is provided in the form of any other.
It should be noted that the present invention will be described rather than limits the invention, and ability for above-described embodiment
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference mark between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any sequence.These words can be explained and run after fame
Claim.