CN105101183B - The method and system that privacy content on mobile terminal is protected - Google Patents
The method and system that privacy content on mobile terminal is protected Download PDFInfo
- Publication number
- CN105101183B CN105101183B CN201410190390.3A CN201410190390A CN105101183B CN 105101183 B CN105101183 B CN 105101183B CN 201410190390 A CN201410190390 A CN 201410190390A CN 105101183 B CN105101183 B CN 105101183B
- Authority
- CN
- China
- Prior art keywords
- secret protection
- application
- user
- key
- mobile terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The embodiment of the invention discloses the method and systems that privacy content on a kind of pair of mobile terminal is protected, wherein method includes:Secret protection client includes authentication information in application access request, authentication information includes the application ID, User ID and terminal device ID that user requests access to application to secret protection server sending application access request;Secret protection server carries out authentication to authentication information according to application protection list;If authentication information from privacy application protection list acquisition key rule function corresponding with application ID, User ID, terminal device ID in authentication information and returns to secret protection client by authentication;Secret protection client generates the application that key pair user clicks by five yards of information of mobile terminal based on the key rule function received and is decrypted, and the privacy content of the application is shown to user.The embodiment of the present invention, which can be improved, is related to the safety of the content of individual subscriber privacy on mobile terminal.
Description
Technical field
The method protected the present invention relates to privacy content on the communication technology, especially a kind of pair of mobile terminal and it is
System.
Background technique
(also referred to as with the rapid development of mobile Internet and intelligent mobile phone terminal:Mobile terminal, mobile phone) it is universal,
User increasingly gets used to carrying out various applications on intelligent mobile phone terminal, for example, social networks interacts, instant message is interactive,
The task that the past such as mail treatment complete on personal computer (PC) really realizes web experience at any time, everywhere.
In the implementation of the present invention, inventors have found that dependence due to user to intelligent mobile phone terminal, user is in hand
It carries out various more and more being related to the information of individual subscriber privacy in application, can store on mobile phone terminal in machine terminal.Also,
It since these information datas are huge, is often stored directly on mobile phone terminal or storage card, even if user has pulled out in mobile phone
Subscriber identification card (also referred to as mobile phone card), these information can be also deposited on mobile phone terminal, to will cause privacy of user
Leakage.
Summary of the invention
One technical problem to be solved by the embodiment of the invention is that:Privacy content on a kind of pair of mobile terminal is provided to carry out
The method and system of protection, to improve the safety for the content for being related to individual subscriber privacy on mobile terminal.
The method that privacy content is protected on a kind of pair of mobile terminal provided in an embodiment of the present invention, including:
Secret protection client in mobile terminal receives user and is sent by clicking the application encrypted in mobile terminal
Access request after, include authentication information in application access request to secret protection server sending application access request,
The authentication information includes application identities ID, User ID and the terminal device ID that user requests access to application;Wherein, application ID is answered
It is applied with unique identification one, User ID is used for one mobile terminal user of unique identification, and terminal device ID is used for unique identification
One mobile terminal;
Secret protection server carries out authentication, institute to authentication information according to the privacy application protection list pre-established
State the correspondence relationship information applied include in protection list between User ID, terminal device ID, application ID and key rule function;
If the authentication information passes through authentication, corresponding relationship of the secret protection server from privacy application protection list
Obtain corresponding with application ID, User ID, terminal device ID in authentication information key rule function in information, and to secret protection
Client returns to the key rule function;
Secret protection client is generated based on the key rule function received by five yards of information of the mobile terminal close
Key;
Secret protection client is decrypted using the application that the key pair user of generation clicks, and shows the application to user
Privacy content.
It is described to secret protection server sending application access request packet in another embodiment of the above method of the present invention
It includes:Secret protection client by pre-set third algorithm, using acquisition for mobile terminal to radio open parameter to recognizing
Card information is encrypted, the authentication information encrypted and to secret protection server sending application access request, the application
It include the authentication information and User ID of encryption in access request;
The secret protection server carries out certification mirror to authentication information according to the privacy application protection list pre-established
Before power, further include:Secret protection server is based on pre-set third algorithm, utilizes the corresponding wireless sky of the User ID
The authentication information of the encryption is decrypted in mouth parameter, certified Information.
It is described to return to the key rule function to secret protection client in another embodiment of the above method of the present invention
Including:Secret protection server encrypts the key rule function according to pre-set first algorithm, generates encrypted word
Symbol goes here and there and returns to secret protection client;
Secret protection client is generated based on the key rule function received by five yards of information of the mobile terminal close
Key includes:Secret protection client is decrypted the encrypted characters string received according to pre-set first algorithm, obtains
Key rule function generates key by five yards of information of the mobile terminal based on the key rule function that decryption obtains.
It further include that secret protection server pre-establishes privacy application guarantor in another embodiment of the above method of the present invention
Protect the operation of list.
In another embodiment of the above method of the present invention, the secret protection server pre-establishes privacy application protection
List includes:
Secret protection client, which is based on user, requests to send secret protection setting request, the privacy to secret protection server
It include that the User ID of the user, the terminal device ID of the mobile terminal and request carry out secret protection in protection setting request
The application ID of application;
Secret protection server is created for secret protection setting request with five yards of information of the mobile terminal
The key rule function of variable, and establish the application protection list of the user, include in the application protection list User ID,
Correspondence relationship information between terminal device ID, application ID and the key of creation rule function.
In another embodiment of the above method of the present invention, secret protection server create the key rule function it
Afterwards, further include:
The key rule function of creation is sent to secret protection client by secret protection server;
Secret protection client generates key according to the key rule function, by five yards of information of the mobile terminal,
And the application for carrying out secret protection is requested to be encrypted using the key pair of generation, and discharge the key after encrypting successfully.
In another embodiment of the above method of the present invention, the secret protection server is by the key rule function of creation
Being sent to secret protection client includes:Secret protection server according to pre-set first algorithm to key rule function into
Row encryption, generates encrypted characters string, which is sent to secret protection client with the random code generated at random;
The key rule function that the secret protection client is obtained according to decryption, by five yards of information of the mobile terminal
Before generating key, further include:
Secret protection client is decrypted the encrypted characters string received according to pre-set first algorithm, obtains
Key rule function, the key rule function obtained by pre-set second algorithm by decryption combine the random code received
Generate identifying code;
The identifying code of generation is sent to secret protection server by secret protection client;
Pre-set second algorithm of secret protection server by utilizing, by the key rule for being sent to secret protection client
Function and random code generate identifying code, and whether compare the identifying code of secret protection client transmission and the identifying code itself generated
Unanimously;
If the identifying code that secret protection client is sent is consistent with the identifying code that itself is generated, secret protection server is to hidden
Private protection client returns to success response.
A kind of secret protection client provided in an embodiment of the present invention, including:
Privacy content setting unit, for addition to need to carry out privacy in privacy content protection list according to user's operation
The application of protection, and indicate that generating secret protection setting request Concurrency gives first message interface unit according to user, the privacy
The terminal device ID of mobile terminal where User ID, the secret protection client in protection setting request including the user
With the application ID for the application for needing to carry out secret protection;Wherein, application ID application unique identification one application, User ID is for only
One one mobile terminal user of mark, terminal device ID are used for one mobile terminal of unique identification;
Secret protection execution unit, the key rule function for being forwarded according to first message interface unit, by the shifting
Five yards of information of dynamic terminal generate key, and protect list according to the privacy content in privacy content setting unit, utilize generation
Key pair need to carry out the application of secret protection and encrypted, and the key is discharged after encrypting successfully;And based on the
The key rule function that one message interface unit receives generates key by five yards of information of the mobile terminal;And utilize generation
Key pair user click application be decrypted, the privacy content of the application is shown to user;
Privacy information control unit, for receiving user by clicking the visit using transmission encrypted in mobile terminal
It include authentication information, institute in the application access request to first message interface unit sending application access request after asking request
Stating authentication information includes the application ID, User ID and terminal device ID that user requests access to application;
First message interface unit for secret protection setting request to be transmitted to secret protection server, and connects
Secret protection server is received to request the key rule function returned for secret protection setting and be transmitted to secret protection to hold
Row unit;And the application access request that privacy information control unit is sent is transmitted to secret protection server;And it receives
Secret protection server requests the key rule function returned for the application access and is transmitted to secret protection execution unit,
The key rule function recognizes authentication information according to the privacy application protection list pre-established by secret protection server
Card authentication and in the authentication information by being obtained from the correspondence relationship information of privacy application protection list after authentication
Key rule function corresponding with the application ID, User ID, terminal device ID.
In another embodiment of the above-mentioned secret protection client of the present invention, further include:
Encrypted authentication information unit, for being arrived using acquisition for mobile terminal wireless by pre-set third algorithm
Parameter of eating dishes without rice or wine encrypts authentication information, the authentication information encrypted;
The privacy information control unit is specifically included into the application access request that first message interface unit is sent to be added
Close authentication information and User ID.
In another embodiment of the above-mentioned secret protection client of the present invention, the first message interface unit receives privacy
When the key rule function for protecting server to return for application access request, the secret protection server is specifically received
The key rule function is encrypted according to pre-set first algorithm and generates encrypted characters string;
The secret protection execution unit forwards first message interface unit with specific reference to pre-set first algorithm
Encrypted characters string be decrypted, obtain key rule function, the key rule function obtained based on decryption by it is described it is mobile eventually
Five yards of information at end generate key.
In another embodiment of the above-mentioned secret protection client of the present invention, the first message interface unit receives privacy
It is specific to receive secret protection clothes when the key rule function for protecting server to return for secret protection setting request is specific
The encrypted characters string and life at random that business device carries out encrypting to the key rule function according to pre-set first algorithm generation
At random code and be transmitted to the secret protection execution unit;And the identifying code for generating the secret protection execution unit
It is transmitted to secret protection server, receive the success response that secret protection server returns after the identifying code is by verifying and is turned
Issue the secret protection execution unit;
The secret protection execution unit is also used to before generating key by the five of the mobile terminal yard information, root
The encrypted characters string received is decrypted according to pre-set first algorithm, key rule function is obtained, by setting in advance
The key rule function that the second algorithm set is obtained by decryption in conjunction with the random code that receives generates identifying code and described in being sent to
First message interface unit.
A kind of mobile terminal provided in an embodiment of the present invention is stored with five yards of letters of the mobile terminal on the mobile terminal
It ceases, coupling is provided with more than one application on the mobile terminal, and also coupling is provided with any of the above-described reality on the mobile terminal
The secret protection client of example offer is provided.
A kind of secret protection server provided in an embodiment of the present invention, including:
Using protection list storage unit, privacy application protection list is pre-established for storing, the privacy application is protected
It protects in list including the correspondence relationship information between User ID, terminal device ID, application ID and key rule function;Wherein, it answers
It is applied with ID application unique identification one, User ID is used for one mobile terminal user of unique identification, and terminal device ID is for only
One one mobile terminal of mark;
Second message interface unit, the secret protection setting for receiving the transmission of secret protection client are requested and are transmitted to
The terminal device of User ID, mobile terminal that in requesting including the user is arranged in key rule generating unit, the secret protection
ID and request carry out the application ID of secret protection application;And the key rule function for sending key rule generating unit forwards
To the secret protection client;It receives the access request that the application that secret protection client is sent is sent and is transmitted to and described recognize
Authenticating unit is demonstrate,proved, includes authentication information in the application access request, the authentication information includes that user requests access to application
Application ID, User ID and terminal device ID;And authentication unit transmission key rule function is transmitted to secret protection visitor
Family end;
Key rule generating unit, the secret protection setting request creation for being received for second message interface unit
As the key rule function of variable and it is sent to the second message interface unit using five yards of information of the mobile terminal, and is built
The application protection list of the user is stood, includes User ID, terminal device ID, application ID and creation in the application protection list
Key rule function between correspondence relationship information;
Authentication unit, for carrying out authentication to the authentication information according to privacy application protection list;
If the authentication information is protected in the correspondence relationship information of list in acquisition and authentication information by authentication from privacy application
The corresponding key rule function of application ID, User ID, terminal device ID, and it is sent to the second message interface unit.
In another embodiment of the above-mentioned secret protection server of the present invention, what the second message interface unit received
The radio open parameter that the authentication information for including in application access request specially utilizes acquisition for mobile terminal to arrive is to authentication information
The authentication information of the encryption encrypted;
The authentication unit is also used to before carrying out authentication to authentication information, based on pre-set the
Three algorithms are decrypted the authentication information of the encryption using the corresponding radio open parameter of the User ID, are authenticated
Information.
In another embodiment of the above-mentioned secret protection server of the present invention, the key rule function is also used to according to pre-
The first algorithm being first arranged encrypts the key rule function, generates encrypted characters string and is sent to the second message and connects
Mouth unit;
Authentication unit transmission key rule function is transmitted to secret protection client by the second message interface unit
When end is transmitted to the secret protection client, encrypted characters string is specifically transmitted to the secret protection client.
In another embodiment of the above-mentioned secret protection server of the present invention, the key rule generating unit is also used to
Key rule function is encrypted according to pre-set first algorithm, generate encrypted characters string, by the encrypted characters string with
The random code generated at random is sent to second message interface unit;
The key rule function that key rule generating unit is sent is transmitted to described hidden by the second message interface unit
When private protection client, the encrypted characters string and the random code are specifically transmitted to the secret protection client;It receives
Identifying code described in the secret protection client is simultaneously transmitted to identifying code recognition unit;And it is returned to secret protection client
Success response;
The secret protection server further includes:Identifying code recognition unit, for utilizing pre-set second algorithm, by
The key rule function and random code for being sent to second message interface unit generate identifying code, and compare second message interface unit
Whether the identifying code of transmission and the identifying code that itself is generated are consistent;If identifying code and itself generate that secret protection client is sent
Identifying code it is consistent, by second message interface unit to secret protection client return success response.
The system that privacy content is protected on a kind of pair of mobile terminal provided in an embodiment of the present invention, including:
Secret protection client, coupling are set in mobile terminal, for receiving user by clicking in mobile terminal
After the access request that the application of encryption is sent, to secret protection server sending application access request, the application access request
In include authentication information, the authentication information includes the application ID, User ID and terminal device ID that user requests access to application;Its
In, application ID application unique identification one application, User ID is used for one mobile terminal user of unique identification, and terminal device ID is used
In one mobile terminal of unique identification;And the key rule function based on the transmission of secret protection server is by the mobile terminal
Five yards of information generate key;And be decrypted using the application that the key pair user of generation clicks, the application is shown to user
Privacy content;
Secret protection server, for carrying out certification mirror to authentication information according to the privacy application protection list pre-established
Power, the application are protected in list including the corresponding relationship between User ID, terminal device ID, application ID and key rule function
Information;If the authentication information by authentication, is obtained from the correspondence relationship information of privacy application protection list and certification
The corresponding key rule function of application ID, User ID, terminal device ID in information, and the key is returned to secret protection client
Rule function.
In another embodiment of above system of the present invention, the secret protection client is specially that the present invention is any of the above-described
The secret protection client that embodiment provides;The secret protection server is specially that any of the above-described embodiment of the present invention provides
Secret protection server.
It is hidden based on the method and system protected to privacy content on mobile terminal that the above embodiment of the present invention provides
The privacy application protection list that private protection server pre-establishes, including User ID, terminal device ID, application ID and key
Correspondence relationship information between rule function.After secret protection client receives the access request of user's transmission, protected to privacy
Server sending application access request is protected, including authentication information, authentication information includes the application that user requests access to application
ID, User ID and terminal device ID;Secret protection server carries out authentication to authentication information according to application protection list, only
Have after authentication information is by authentication, secret protection server is just from the correspondence relationship information of privacy application protection list
It obtains key rule function corresponding with application ID, User ID, terminal device ID in authentication information and is sent to secret protection client
End;Secret protection client generates key, benefit by five yards of information of place mobile terminal based on the key rule function received
It is decrypted with the application that the key pair user of generation clicks.The embodiment of the present invention utilizes the secret of five yards of information of mobile terminal
Property, the key data source encrypted using five yards of information of mobile terminal as privacy application is (i.e.:As the key for generating key
The variable of rule function), temporary key is generated based on five yards of information of mobile terminal, to support its key of different mobile terminal
It is all different;The corresponding key rule function of one group of User ID, terminal device ID, application ID, different user, are answered at mobile terminal
Key rule function is different, and corresponding key is also different, pulls out or replaces mobile phone card if realizing, can not read former hand
The classified information that machine card user is applied on mobile terminals;In addition, creating key rule letter by secret protection Server remote
Number, secret protection client generate the temporary key that application is decrypted according to the key rule function, make key rule letter
Several and key data source is respectively stored in secret protection server end and secret protection client, and secret protection server is not direct
Key is generated, and secret protection client does not store key, the method increasing of this key rule function and the separation of key data source
Strong secret protection safety, avoids the easy cracking that key is stored directly in client server.
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Detailed description of the invention
The attached drawing for constituting part of specification describes the embodiment of the present invention, and together with description for explaining
The principle of the present invention.
The present invention can be more clearly understood according to following detailed description referring to attached drawing, wherein:
Fig. 1 is the flow chart of method one embodiment that the present invention protects privacy content on mobile terminal.
Fig. 2 is a specific example flow chart for carrying out secret protection setting in the embodiment of the present invention to application.
Fig. 3 is the flow chart for method another embodiment that the present invention protects privacy content on mobile terminal.
Fig. 4 is the structural schematic diagram of secret protection client one embodiment of the present invention.
Fig. 5 is the structural schematic diagram of mobile terminal one embodiment of the present invention.
Fig. 6 is the structural schematic diagram of secret protection server one embodiment of the present invention.
Fig. 7 is the structural schematic diagram of system one embodiment that the present invention protects privacy content on mobile terminal.
Specific embodiment
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should be noted that:Unless in addition having
Body explanation, the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally
The range of invention.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality
Proportionate relationship draw.
Be to the description only actually of at least one exemplary embodiment below it is illustrative, never as to the present invention
And its application or any restrictions used.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Fig. 1 is the flow chart of method one embodiment that the present invention protects privacy content on mobile terminal.Such as Fig. 1
Shown, the method which protects privacy content on mobile terminal includes:
110, the secret protection client in mobile terminal receives user by clicking the application encrypted in mobile terminal
It include certification letter in application access request to secret protection server sending application access request after the access request of transmission
Breath, which includes the application ID, User ID and terminal device ID that user requests access to application.
Wherein, application ID application unique identification one application, User ID are used for one mobile terminal user of unique identification, eventually
End equipment ID is used for one mobile terminal of unique identification.
120, secret protection server carries out certification mirror to authentication information according to the privacy application protection list pre-established
Power, it includes that corresponding between User ID, terminal device ID, application ID and key rule function is closed in list that application therein, which is protected,
It is information.
130, if authentication information passes through authentication, corresponding relationship of the secret protection server from privacy application protection list
Obtain corresponding with application ID, User ID, terminal device ID in authentication information key rule function in information, and to secret protection
Client returns to the key rule function.
If the unauthenticated authentication of authentication information, does not execute the follow-up process of the present embodiment.
140, secret protection client is generated based on the key rule function received by five yards of information of mobile terminal close
Key.
150, secret protection client is decrypted using the application that the key pair user of generation clicks, and shows this to user
The privacy content of application.
Based on the method protected to privacy content on mobile terminal that the above embodiment of the present invention provides, movement is utilized
The privacy of five yards of information of terminal, the key data source that five yards of information of mobile terminal are encrypted as privacy application, with
Temporary key is generated based on five yards of information of mobile terminal, to support its key of different mobile terminal all different;One group of User ID,
The corresponding key rule function of terminal device ID, application ID, different user, mobile terminal, the key rule function of application are equal
Difference, corresponding key is also different, pulls out or replaces mobile phone card if realizing, can not read former mobile phone card user in mobile terminal
The classified information of upper application;In addition, creating key rule function, secret protection client root by secret protection Server remote
The temporary key that application is decrypted is generated according to the key rule function, deposits key rule function and key data source respectively
Storage is in secret protection server end and secret protection client, and secret protection server does not directly generate key, and secret protection
Client does not store key, and the method that this key rule function and key data source separate enhances secret protection safety,
Avoid the easy cracking that key is stored directly in client server.
One specific example of the embodiment of the method that privacy content on mobile terminal is protected according to the present invention rather than
Limitation, the operation 110 of embodiment illustrated in fig. 1 can specifically include to secret protection server sending application access request:Privacy
Protect client by pre-set third algorithm, the radio open parameter arrived using acquisition for mobile terminal to authentication information into
Row encryption, the authentication information that is encrypted and to secret protection server sending application access request, in application access request
Authentication information and User ID including encryption.Correspondingly, before operation 120, further include:Secret protection server is based on setting in advance
The third algorithm set is decrypted the authentication information of encryption using the corresponding radio open parameter of User ID, obtains certification letter
Breath.
The safety that the present embodiment is eated dishes without rice or wine using mobile communication wireless, by radio open parameter to application ID, User ID
Encryption certification is carried out with terminal device ID, pulls out or replaces mobile phone card if realizing, former mobile phone card user can not be read in mobile phone
On apply classified information.
Another specific example for the embodiment of the method that privacy content on mobile terminal is protected according to the present invention and
Unrestricted, in the operation 130 of embodiment illustrated in fig. 1, returning to the key rule function to secret protection client specifically be can wrap
It includes:Secret protection server encrypts the key rule function according to pre-set first algorithm, generates encrypted characters
It goes here and there and returns to secret protection client;Secret protection client is based on the key rule function received by five yards of mobile terminal
Information generates key:Secret protection client carries out the encrypted characters string received according to pre-set first algorithm
Decryption obtains key rule function, generates key by five yards of information of mobile terminal based on the key rule function that decryption obtains.
It can also include hidden in another embodiment of the present invention protects privacy content on mobile terminal method
Private protection server pre-establishes the operation of privacy application protection list.
Specifically, secret protection server can pre-establish privacy application protection list in the following way:
Secret protection client, which is based on user, requests to send secret protection setting request, the privacy to secret protection server
It include that the User ID of user, the terminal device ID of mobile terminal and request carry out answering for secret protection application in protection setting request
Use ID;
Secret protection server is for secret protection setting request creation using five yards of information of mobile terminal as the close of variable
Key rule function, and the application protection list of user is established, it include User ID, terminal device ID, application in list using protecting
Correspondence relationship information between ID and the key rule function of creation.
In another embodiment of the present invention protects privacy content on mobile terminal method, secret protection service
After device creates key rule function, the key rule function of creation can also be sent to secret protection client;Privacy is protected
It protects client and key is generated by five yards of information of mobile terminal according to key rule function, and requested using the key pair generated
The application for carrying out secret protection is encrypted, and the key is discharged after encrypting successfully.
Illustratively, the key rule function of creation is sent to secret protection client and specifically may be used by secret protection server
To include:Secret protection server encrypts key rule function according to pre-set first algorithm, generates encrypted word
The encrypted characters string is sent to secret protection client with the random code generated at random by symbol string.Correspondingly, secret protection client
End can also include before generating key by five yards of information of mobile terminal according to the key rule function of decryption acquisition:
Secret protection client is decrypted the encrypted characters string received according to pre-set first algorithm, obtains
Key rule function, the key rule function obtained by pre-set second algorithm by decryption combine the random code received
Generate identifying code;
The identifying code of generation is sent to secret protection server by secret protection client;
Pre-set second algorithm of secret protection server by utilizing, by the key rule for being sent to secret protection client
Function and random code generate identifying code, and whether compare the identifying code of secret protection client transmission and the identifying code itself generated
Unanimously;
If the identifying code that secret protection client is sent is consistent with the identifying code that itself is generated, secret protection server is to hidden
Private protection client returns to success response.
Fig. 2 is a specific example flow chart for carrying out secret protection setting in the embodiment of the present invention to application.Such as Fig. 2 institute
Show, the method for the embodiment includes following below scheme:
210, user initiates secret protection request by the application that the selection of secret protection client needs to carry out secret protection,
For example, short message, mail, photograph album, instant messaging (IM) application, social networks (SNS) application etc., each application is applied by one
Identify (ID) unique identification.
220, secret protection client sends secret protection setting request, secret protection setting to secret protection server
The terminal device of one user identifier (ID), unique identification mobile terminal device in request including one user of unique identification
ID and request carry out the application ID of the application of secret protection.
User ID therein for example can be international mobile subscriber identity (International Mobile
Subscriber Identity, IMSI) etc..
230, secret protection server, which is created for secret protection setting request with five yards of information of the mobile terminal, is
The key rule function of variable, and the application protection list of the user is established, it include User ID, end in the application protection list
Correspondence relationship information between end equipment ID, application ID and key rule function.
Wherein, five yards of information of mobile terminal store in the terminal, including:IMSI, Electronic Serial Number
The key (A_KEY) of (Electronic Serial Number, ESN), authentication and encryption.Access net (AN), is awarded at authentication
Power and statistics (AAA).Key rule function, as variable, i.e. key data source, comes for five yards of information based on mobile terminal
Generate for this application carry out encryption and decryption key, the key rule function can be using five yards of information of mobile terminal as
Any form of function of variable, such as can be the application programming interface based on five yards of information of mobile terminal for variable
(Application Programming Interface, API) function.
240, secret protection server encrypts key rule function according to pre-set first algorithm, generates and adds
Close character string sends jointly to secret protection client together with the random code generated at random.
250, after secret protection client receives encrypted characters string, according to pre-set first algorithm to encrypted characters
String is decrypted, and obtains key rule function, the key rule function knot obtained by pre-set second algorithm by decryption
The random code that splice grafting receives generates identifying code.
260, the identifying code of generation is sent to secret protection server by secret protection client.
270, pre-set second algorithm of secret protection server by utilizing, by the key for being sent to secret protection client
Rule function and random code generate identifying code, and the identifying code for comparing the identifying code of secret protection client transmission and itself generating
It is whether consistent, so that whether the identifying code for judging that secret protection client occurs is correct.If the two is consistent, secret protection client
It holds the identifying code sent correct, returns to success response to secret protection client.
280, secret protection client generates setting and results messages is successfully arranged and are shown to user by mobile terminal.
290, the key rule function that secret protection client is obtained according to decryption, by five yards of information of place mobile terminal
Key is generated, carries out the application of secret protection (i.e. using the key pair request of generation:Application program) it is encrypted, and encrypting
The key is discharged after success, i.e.,:Delete the encryption key.
Wherein, there is no execution sequences to limit between operation 280 and operation 290, and the two may be performed simultaneously or with any
The time difference successively executes.
Fig. 3 is the flow chart for method another embodiment that the present invention protects privacy content on mobile terminal.Such as
Shown in Fig. 3, the method for the embodiment includes following below scheme:
310, user clicks the application wanted access in mobile terminal (i.e.:Application program) send access request.
320, secret protection client is by pre-set third algorithm, the radio open arrived using acquisition for mobile terminal
Parameter encrypts authentication information, the authentication information encrypted, and authentication information therein includes that user requests access to application
Application ID, User ID and terminal device ID.
Wherein, radio open parameter, such as random value (RAND), unique challenge random number (RANDU) etc., by mobile terminal
It is obtained automatically in accessing mobile communication network from base transceiver station (Base Transceiver Station, BTS), BTS
It is middle to store the radio open parameter for being handed down to each mobile terminal.
330, secret protection client is to secret protection server sending application access request, including the certification of encryption
Information and User ID.
340, after secret protection server receives application access request, it is handed down to based on User ID from corresponding BTS acquisition
The radio open parameter of the customer mobile terminal is based on pre-set third algorithm, utilizes the radio open parameter got
The authentication information encrypted in application access request is decrypted, certified Information.
350, secret protection server carries out authentication to authentication information according to privacy application protection list, compares certification
Whether application ID, User ID and terminal device ID are consistent with the corresponding relationship in privacy application protection list in information.
It is closed if whether application ID, User ID and terminal device ID are corresponding with privacy application protection list in authentication information
System is consistent, which executes 360 operation by authentication.Otherwise, authentication information is not executed by authentication
The follow-up process of the present embodiment executes to the property of can choose 380 operation.
360, secret protection server is protected in the correspondence relationship information of list in acquisition and authentication information from privacy application
Application ID, User ID, the corresponding key rule function of terminal device ID three, according to pre-set first algorithm to the key
Rule function is encrypted, and is generated encrypted characters string and is returned to secret protection client.
370, after secret protection client receives encrypted characters string, according to pre-set first algorithm to encrypted characters
String is decrypted, and obtains key rule function, generates key by five yards of information of mobile terminal based on the key rule function.
380, secret protection client is decrypted using the application that the key pair user of generation wants access to, aobvious to user
Show that it wants access to the privacy content of application.
390, secret protection client shows messy code to user.
Those of ordinary skill in the art will appreciate that:Realize that all or part of the steps of above method embodiment can pass through
The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer readable storage medium, the program
When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes:ROM, RAM, magnetic disk or light
The various media that can store program code such as disk.
Fig. 4 is the structural schematic diagram of secret protection client one embodiment of the present invention.The secret protection visitor of the embodiment
Family end can be used for realizing secret protection client in privacy content is protected on the above-mentioned each pair of mobile terminal of the present invention method
Corresponding function.As shown in Figure 4 comprising privacy content setting unit, secret protection execution unit, privacy information control unit
With first message interface unit.Wherein:
Privacy content setting unit, for addition to need to carry out privacy in privacy content protection list according to user's operation
The application of protection, and indicate that generating secret protection setting request Concurrency gives first message interface unit according to user, the privacy
Include in protection setting request the terminal device ID of mobile terminal where the User ID of user, secret protection client and need into
The application ID of the application of row secret protection.Wherein, application ID application unique identification one application, User ID are used for unique identification one
A mobile terminal user, terminal device ID are used for one mobile terminal of unique identification.
Secret protection execution unit, the key rule function for being forwarded according to first message interface unit, by mobile whole
Five yards of information at end generate key, and protect list according to the privacy content in privacy content setting unit, utilize the close of generation
Key encrypts the application for needing to carry out secret protection, and discharges key after encrypting successfully;And it is connect based on first message
The key rule function that mouth unit receives generates key by five yards of information of mobile terminal;And utilize the key pair user generated
The application of click is decrypted, and the privacy content of the application is shown to user.
Privacy information control unit, for receiving user by clicking the visit using transmission encrypted in mobile terminal
It include authentication information, the certification in application access request to first message interface unit sending application access request after asking request
Information includes the application ID, User ID and terminal device ID that user requests access to application.
First message interface unit for secret protection setting request to be transmitted to secret protection server, and receives hidden
Private protection server requests the key rule function returned for secret protection setting and is transmitted to secret protection execution unit;With
And the application access request that privacy information control unit is sent is transmitted to secret protection server;And receive secret protection clothes
Business device requests the key rule function returned for application access and is transmitted to secret protection execution unit, the key rule function
Authentication is carried out to authentication information according to the privacy application protection list pre-established by secret protection server and is being authenticated
Information pass through authentication after from privacy application protection list correspondence relationship information in obtain with application ID, User ID, end
The corresponding key rule function of end equipment ID.
Further, can also include in another embodiment of secret protection client of the present invention referring back to Fig. 4
Encrypted authentication information unit is used for through pre-set third algorithm, the radio open parameter arrived using acquisition for mobile terminal
Authentication information is encrypted, the authentication information encrypted.Correspondingly, in the embodiment, privacy information control unit is to
The authentication information and User ID of encryption are specifically included in the application access request that one message interface unit is sent.
In a specific example of the above-mentioned each embodiment of secret protection client of the present invention, first message interface unit is connect
When receiving the key rule function that secret protection server is returned for application access request, secret protection server is specifically received
The key rule function is encrypted according to pre-set first algorithm and generates encrypted characters string.Correspondingly, secret protection executes
Unit is decrypted the encrypted characters string that first message interface unit forwards with specific reference to pre-set first algorithm, obtains
Key rule function generates key by five yards of information of mobile terminal based on the key rule function that decryption obtains.
In another specific example of the above-mentioned each embodiment of secret protection client of the present invention, first message interface unit
When the key rule function that reception secret protection server is returned for secret protection setting request is specific, specifically receives privacy and protect
The encrypted characters string and life at random that shield server carries out encrypting to key rule function according to pre-set first algorithm generation
At random code and be transmitted to secret protection execution unit;And the identifying code that secret protection execution unit generates is transmitted to hidden
Private protection server receives the success response that secret protection server returns after the identifying code is by verifying and is transmitted to privacy
Protect execution unit.Correspondingly, in the embodiment, secret protection execution unit can also be used in five yards of information by mobile terminal
Before generating key, the encrypted characters string received is decrypted according to pre-set first algorithm, obtains key rule
Function, the key rule function obtained by pre-set second algorithm by decryption combine the random code received to generate verifying
Code is simultaneously sent to first message interface unit.
Further, referring back to Fig. 4, in another specific example of the above-mentioned each embodiment of secret protection client of the present invention
In, secret protection execution unit can specifically include temporary key generation module, encrypting module, deciphering module and identifying code and generate
Module.Wherein, identifying code generation module is used for before generating key by the five of mobile terminal yard information, according to pre-set
The encrypted characters string received is decrypted in first algorithm, obtains key rule function, passes through pre-set second algorithm
The key rule function obtained by decryption combines the random code received to generate identifying code and is sent to first message interface unit;
Temporary key generation module is used for the encrypted characters string forwarded according to pre-set first algorithm to first message interface unit
It is decrypted, obtains key rule function, generated based on the key rule function that decryption obtains by five yards of information of mobile terminal
Key;Encrypting module is used to protect list according to the privacy content in privacy content setting unit, is needed using the key pair of generation
The application for carrying out secret protection is encrypted, and discharges key after encrypting successfully;Deciphering module is used for close using what is generated
The application that user clicks is decrypted in key, and the privacy content of the application is shown to user.
Fig. 5 is the structural schematic diagram of mobile terminal one embodiment of the present invention.The mobile terminal of the embodiment can be used for reality
The corresponding function of mobile terminal in the method that privacy content is protected on the existing above-mentioned each pair of mobile terminal of the present invention.Such as Fig. 5 institute
Show, five yards of information of the mobile terminal are stored on the mobile terminal of the embodiment, and coupling is provided with one on the mobile terminal
In addition use above also couples the secret protection client for being provided with any embodiment shown in the above-mentioned Fig. 4 of the present invention.
Fig. 6 is the structural schematic diagram of secret protection server one embodiment of the present invention.The secret protection of the embodiment takes
Business device can be used for realizing secret protection server in privacy content is protected on the above-mentioned each pair of mobile terminal of the present invention method
Corresponding function.As shown in Figure 6 comprising application protection list storage unit, second message interface unit, key rule generate
Unit and authentication unit.Wherein:
Using protection list storage unit, privacy application protection list is pre-established for storing, privacy application protection column
It include the correspondence relationship information between User ID, terminal device ID, application ID and key rule function in table.Wherein, application ID
It is applied using unique identification one, User ID is used for one mobile terminal user of unique identification, and terminal device ID is for uniquely marking
Know a mobile terminal.
Second message interface unit, the secret protection setting for receiving the transmission of secret protection client are requested and are transmitted to
Key rule generating unit, include in the secret protection setting request User ID of user, mobile terminal terminal device ID and
Request carries out the application ID of secret protection application;And the key rule function that key rule generating unit is sent is transmitted to hidden
Private protection client;It receives the access request that the application that secret protection client is sent is sent and is transmitted to authentication unit,
Include authentication information in application access request, the authentication information include user request access to the application ID of application, User ID and
Terminal device ID;And authentication unit transmission key rule function is transmitted to secret protection client.
Key rule generating unit, the secret protection setting request creation for being received for second message interface unit
As the key rule function of variable and it is sent to second message interface unit using five yards of information of mobile terminal, and establishes user's
Using protection list, using protection list in include User ID, terminal device ID, application ID and the key rule function of creation it
Between correspondence relationship information.
Authentication unit, for carrying out authentication to authentication information according to privacy application protection list;If certification letter
Breath is obtained and application ID, user in authentication information from the correspondence relationship information of privacy application protection list by authentication
The corresponding key rule function of ID, terminal device ID, and it is sent to second message interface unit.
In another embodiment of secret protection server of the present invention, the application that second message interface unit receives is visited
Ask request in include authentication information be specially using acquisition for mobile terminal to radio open parameter authentication information is added
The authentication information of close obtained encryption.Correspondingly, in the embodiment, authentication unit can also be used to carry out to authentication information
Before authentication, it is based on pre-set third algorithm, the certification using the corresponding radio open parameter of User ID to encryption
Information is decrypted, certified Information.
In another embodiment of secret protection server of the present invention, key rule function can also be used in basis and set in advance
The first algorithm set encrypts the key rule function, generates encrypted characters string and is sent to second message interface unit.
Correspondingly, in the embodiment, authentication unit transmission key rule function is transmitted to privacy and protected by second message interface unit
When shield client is transmitted to secret protection client, encrypted characters string is specifically transmitted to secret protection client.
Further, can also include in the further embodiment of secret protection server of the present invention referring back to Fig. 6
Identifying code recognition unit.In the embodiment, key rule generating unit can also be used according to pre-set first algorithm to close
Key rule function is encrypted, and encrypted characters string is generated, which is sent to second with the random code generated at random
Message interface unit.Correspondingly, the key rule function that second message interface unit sends key rule generating unit forwards
When to secret protection client, encrypted characters string and random code are specifically transmitted to secret protection client;And receive privacy
It protects the identifying code of client and is transmitted to identifying code recognition unit;And success response is returned to secret protection client.It tests
It demonstrate,proves code recognition unit to be used to utilize pre-set second algorithm, by the key rule function for being sent to second message interface unit
With random code generate identifying code, and compare second message interface unit transmission identifying code and itself generate identifying code whether one
It causes;If secret protection client send identifying code it is consistent with the identifying code that itself is generated, by second message interface unit to
Secret protection client returns to success response.
Fig. 7 is the structural schematic diagram of system one embodiment that the present invention protects privacy content on mobile terminal.
The system of the embodiment can be used for realizing the embodiment of the method that privacy content is protected on the above-mentioned each pair of mobile terminal of the present invention.
As shown in fig. 7, the system that the embodiment protects privacy content on mobile terminal includes secret protection client and privacy
Protect server.Wherein:
The coupling of secret protection client is set in mobile terminal, is added for receiving user by clicking in mobile terminal
After the access request that close application is sent, to secret protection server sending application access request, include in application access request
Authentication information, the authentication information include the application ID, User ID and terminal device ID that user requests access to application;Wherein, it applies
ID application unique identification one application, User ID are used for one mobile terminal user of unique identification, and terminal device ID is for unique
Identify a mobile terminal;And the key rule function based on the transmission of secret protection server is by five yards of information of mobile terminal
Generate key;And be decrypted using the application that the key pair user of generation clicks, the privacy content of the application is shown to user.
Secret protection server, for carrying out certification mirror to authentication information according to the privacy application protection list pre-established
Power, the application are protected in list including the corresponding relationship letter between User ID, terminal device ID, application ID and key rule function
Breath;If authentication information is protected in the correspondence relationship information of list in acquisition and authentication information by authentication from privacy application
The corresponding key rule function of application ID, User ID, terminal device ID, and the key rule letter is returned to secret protection client
Number.
Illustratively, the secret protection client in system shown in Figure 7 embodiment specifically can be using shown in Fig. 4 of the present invention
The secret protection client terminal structure of any embodiment is realized;Secret protection services implement body can appoint using shown in Fig. 6 of the present invention
The secret protection server architecture of one embodiment is realized.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with its
The difference of its embodiment, the same or similar part cross-reference between each embodiment.It is real for equipment, system
For applying example, since it is substantially corresponding with embodiment of the method, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
Method, apparatus and system of the invention may be achieved in many ways.For example, software, hardware, firmware can be passed through
Or any combination of software, hardware, firmware realizes method, apparatus and system of the invention.The step of for the method
Said sequence merely to be illustrated, the step of method of the invention, is not limited to sequence described in detail above, unless with
Other way illustrates.In addition, in some embodiments, also the present invention can be embodied as to record journey in the recording medium
Sequence, these programs include for realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage and uses
In the recording medium for executing program according to the method for the present invention.
Description of the invention is given for the purpose of illustration and description, and is not exhaustively or will be of the invention
It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches
It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage
The solution present invention is to design various embodiments suitable for specific applications with various modifications.
Claims (18)
1. the method that privacy content is protected on a kind of pair of mobile terminal, which is characterized in that including:
Secret protection client in mobile terminal receives the visit that user sends by clicking the application encrypted in mobile terminal
It include authentication information in the application access request to secret protection server sending application access request after asking request, it is described
Authentication information includes application identities ID, User ID and the terminal device ID that user requests access to application;Wherein, application ID is for only
One application of mark one, User ID are used for one mobile terminal user of unique identification, and terminal device ID is used for unique identification one
Mobile terminal;
Secret protection server carries out authentication to authentication information according to the privacy application protection list pre-established, described to answer
It include correspondence relationship information between User ID, terminal device ID, application ID and key rule function in protection list;
If the authentication information passes through authentication, correspondence relationship information of the secret protection server from privacy application protection list
It is middle to obtain corresponding with application ID, User ID, terminal device ID in authentication information key rule function, and to secret protection client
End returns to the key rule function;
Secret protection client generates key by five yards of information of the mobile terminal based on the key rule function received;
Secret protection client is decrypted using the application that the key pair user of generation clicks, and shows the hidden of the application to user
Private content.
2. the method according to claim 1, wherein described to secret protection server sending application access request
Including:Secret protection client is by pre-set third algorithm, the radio open parameter pair arrived using acquisition for mobile terminal
Authentication information is encrypted, the authentication information encrypted and to secret protection server sending application access request, described to answer
With the authentication information and User ID in access request including encryption;
The secret protection server according to pre-establish privacy application protection list to authentication information carry out authentication it
Before, further include:Secret protection server is based on pre-set third algorithm, is joined using the corresponding radio open of the User ID
Several authentication informations to the encryption are decrypted, certified Information.
3. according to the method described in claim 2, it is characterized in that, described return to the key rule letter to secret protection client
Number includes:Secret protection server encrypts the key rule function according to pre-set first algorithm, generates encryption
Character string simultaneously returns to secret protection client;
Secret protection client generates key packet by five yards of information of the mobile terminal based on the key rule function received
It includes:Secret protection client is decrypted the encrypted characters string received according to pre-set first algorithm, obtains key
Rule function generates key by five yards of information of the mobile terminal based on the key rule function that decryption obtains.
4. according to claim 1 to method described in 3 any one, which is characterized in that further include that secret protection server is preparatory
Establish the operation of privacy application protection list.
5. according to the method described in claim 4, it is characterized in that, the secret protection server pre-establishes privacy application guarantor
Protecting list includes:
Secret protection client, which is based on user, requests to send secret protection setting request, the secret protection to secret protection server
Be arranged in request includes that the User ID of the user, the terminal device ID of the mobile terminal and request carry out secret protection application
Application ID;
Secret protection server is for secret protection setting request creation using five yards of information of the mobile terminal as variable
Key rule function, and establish the application protection list of the user, include User ID, terminal in application protection list
Correspondence relationship information between device id, application ID and the key of creation rule function.
6. according to the method described in claim 4, it is characterized in that, secret protection server create the key rule function it
Afterwards, further include:
The key rule function of creation is sent to secret protection client by secret protection server;
Secret protection client generates key, and benefit according to the key rule function, by five yards of information of the mobile terminal
It is encrypted with the application that the request of the key pair of generation carries out secret protection, and discharges the key after encrypting successfully.
7. according to the method described in claim 6, it is characterized in that, the secret protection server is by the key rule letter of creation
Number is sent to secret protection client and includes:Secret protection server is according to pre-set first algorithm to key rule function
It is encrypted, generates encrypted characters string, which is sent to secret protection client with the random code generated at random;
The key rule function that the secret protection client is obtained according to decryption is generated by five yards of information of the mobile terminal
Before key, further include:
Secret protection client is decrypted the encrypted characters string received according to pre-set first algorithm, obtains key
Rule function, the key rule function obtained by pre-set second algorithm by decryption combine the random code received to generate
Identifying code;
The identifying code of generation is sent to secret protection server by secret protection client;
Pre-set second algorithm of secret protection server by utilizing, by the key rule function for being sent to secret protection client
With random code generate identifying code, and compare secret protection client transmission identifying code and itself generate identifying code whether one
It causes;
If the identifying code that secret protection client is sent is consistent with the identifying code that itself is generated, secret protection server is protected to privacy
It protects client and returns to success response.
8. a kind of secret protection client, which is characterized in that including:
Privacy content setting unit, for addition to need to carry out secret protection in privacy content protection list according to user's operation
Application, and according to user indicate generate secret protection setting request Concurrency give first message interface unit, the secret protection
The terminal device ID and need of User ID in request including the user, mobile terminal where the secret protection client are set
Carry out the application ID of the application of secret protection;Wherein, application ID is for unique identification one application, and User ID is for uniquely marking
Know a mobile terminal user, terminal device ID is used for one mobile terminal of unique identification;
Secret protection execution unit, the key rule function for being forwarded according to first message interface unit, by described mobile whole
Five yards of information at end generate key, and protect list according to the privacy content in privacy content setting unit, utilize the close of generation
Key encrypts the application for needing to carry out secret protection, and the key is discharged after encrypting successfully;And disappear based on first
The key rule function that breath interface unit receives generates key by five yards of information of the mobile terminal;And it is close using what is generated
The application that user clicks is decrypted in key, and the privacy content of the application is shown to user;
Privacy information control unit, for receive user by click mobile terminal in encrypt application send access ask
It include authentication information in the application access request to first message interface unit sending application access request after asking, it is described to recognize
Card information includes the application ID, User ID and terminal device ID that user requests access to application;
First message interface unit for secret protection setting request to be transmitted to secret protection server, and receives hidden
Private protection server requests the key rule function returned and is transmitted to secret protection to execute list for secret protection setting
Member;And the application access request that privacy information control unit is sent is transmitted to secret protection server;And receive privacy
Protection server requests the key rule function returned for the application access and is transmitted to secret protection execution unit, this is close
Key rule function is authenticated according to the privacy application protection list pre-established to authentication information by secret protection server
Authenticate and the authentication information by obtained from the correspondence relationship information of privacy application protection list after authentication with
The corresponding key rule function of the application ID, User ID, terminal device ID.
9. secret protection client according to claim 8, which is characterized in that further include:
Encrypted authentication information unit is used for through pre-set third algorithm, the radio open arrived using acquisition for mobile terminal
Parameter encrypts authentication information, the authentication information encrypted;
The privacy information control unit specifically includes encryption into the application access request that first message interface unit is sent
Authentication information and User ID.
10. secret protection client according to claim 9, which is characterized in that the first message interface unit receives
When the key rule function that secret protection server is returned for application access request, the secret protection clothes are specifically received
The encrypted characters string that business device generates key rule function encryption according to pre-set first algorithm;
The secret protection execution unit adds first message interface unit forwarding with specific reference to pre-set first algorithm
Close character string is decrypted, and obtains key rule function, and the key rule function based on decryption acquisition is by the mobile terminal
Five yards of information generate key.
11. according to secret protection client described in claim 8 to 10 any one, which is characterized in that the first message
When interface unit receives the key rule function that secret protection server is returned for secret protection setting request, specifically connect
Receive the encrypted word that secret protection server carries out encryption generation according to pre-set first algorithm to the key rule function
Symbol string and the random code generated at random are simultaneously transmitted to the secret protection execution unit;And by the secret protection execution unit
The identifying code of generation is transmitted to secret protection server, receives what secret protection server returned after the identifying code is by verifying
Success response is simultaneously transmitted to the secret protection execution unit;
The secret protection execution unit is also used to before generating key by the five of the mobile terminal yard information, according to pre-
The encrypted characters string received is decrypted in the first algorithm being first arranged, and key rule function is obtained, by pre-set
The key rule function that second algorithm is obtained by decryption generates identifying code in conjunction with the random code received and is sent to described first
Message interface unit.
12. a kind of mobile terminal, five yards of information of the mobile terminal, coupling on the mobile terminal are stored on the mobile terminal
Conjunction is provided with more than one application, which is characterized in that also to be provided with claim 8 to 11 any one for coupling on the mobile terminal
Secret protection client described in.
13. a kind of secret protection server, which is characterized in that including:
Using protection list storage unit, for storing the privacy pre-established application protection list, the privacy application protection
It include the correspondence relationship information between User ID, terminal device ID, application ID and key rule function in list;Wherein, it applies
ID is for unique identification one application, and User ID is used for one mobile terminal user of unique identification, and terminal device ID is for unique
Identify a mobile terminal;
Second message interface unit, the secret protection setting for receiving the transmission of secret protection client request and are transmitted to key
Rule generating unit, include in the secret protection setting request User ID of the user, mobile terminal terminal device ID and
Request carries out the application ID of secret protection application;And the key rule function that key rule generating unit is sent is transmitted to institute
State secret protection client;It receives the access request that the application that secret protection client is sent is sent and is transmitted to authentication list
Member includes authentication information in application access request, and the authentication information includes that user requests access to the application ID of application, uses
Family ID and terminal device ID;And the key rule function that authentication unit is sent is transmitted to secret protection client;
Key rule generating unit, the secret protection setting request creation for receiving for second message interface unit is with institute
Five yards of information for stating mobile terminal are the key rule function of variable and are sent to the second message interface unit, and establish institute
The application protection list of user is stated, includes the close of User ID, terminal device ID, application ID and creation in the application protection list
Correspondence relationship information between key rule function;
Authentication unit, for carrying out authentication to the authentication information according to privacy application protection list;If institute
Authentication information is stated by authentication, obtains from the correspondence relationship information of privacy application protection list and is applied in authentication information
The corresponding key rule function of ID, User ID, terminal device ID, and it is sent to the second message interface unit.
14. secret protection server according to claim 13, which is characterized in that the second message interface unit receives
To application access request in include authentication information be specially utilize acquisition for mobile terminal to arrive radio open parameter to certification
The authentication information for the encryption that information is encrypted;
The authentication unit is also used to before carrying out authentication to authentication information, is calculated based on pre-set third
Method is decrypted the authentication information of the encryption using the corresponding radio open parameter of the User ID, certified Information.
15. secret protection server according to claim 14, which is characterized in that the key rule function is also used to root
The key rule function is encrypted according to pre-set first algorithm, generate encrypted characters string and is sent to described second and disappears
Cease interface unit;
The key rule function that authentication unit is sent is transmitted to secret protection client by the second message interface unit
When, encrypted characters string is specifically transmitted to the secret protection client.
16. secret protection server described in 3 to 15 any one according to claim 1, which is characterized in that the key rule
Generation unit is also used to encrypt key rule function according to pre-set first algorithm, generates encrypted characters string, will
The encrypted characters string and the random code generated at random are sent to second message interface unit;
The key rule function that key rule generating unit is sent is transmitted to the privacy and protected by the second message interface unit
When protecting client, the encrypted characters string and the random code are specifically transmitted to the secret protection client;Described in reception
The identifying code of secret protection client is simultaneously transmitted to identifying code recognition unit;And it returns to secret protection client and successfully rings
It answers;
The secret protection server further includes:Identifying code recognition unit, for utilizing pre-set second algorithm, by sending
Identifying code is generated to the key rule function and random code of second message interface unit, and compares the transmission of second message interface unit
Identifying code and the identifying code that itself is generated it is whether consistent;If the identifying code that secret protection client is sent is tested with what itself was generated
It is consistent to demonstrate,prove code, success response is returned to secret protection client by second message interface unit.
17. the system that privacy content is protected on a kind of pair of mobile terminal, which is characterized in that including:
Secret protection client, coupling are set in mobile terminal, are encrypted for receiving user by clicking in mobile terminal
The access request that sends of application after, to secret protection server sending application access request, wrapped in application access request
Authentication information is included, the authentication information includes the application ID, User ID and terminal device ID that user requests access to application;Wherein,
Application ID is used for one mobile terminal user of unique identification for unique identification one application, User ID, and terminal device ID is used for
One mobile terminal of unique identification;And the key rule function based on the transmission of secret protection server is by the mobile terminal
Five yards of information generate key;And be decrypted using the application that the key pair user of generation clicks, the application is shown to user
Privacy content;
Secret protection server, for carrying out authentication to authentication information according to the privacy application protection list pre-established,
It include the corresponding relationship letter between User ID, terminal device ID, application ID and key rule function in the application protection list
Breath;If the authentication information is obtained from the correspondence relationship information of privacy application protection list and is believed with certification by authentication
The corresponding key rule function of application ID, User ID, terminal device ID in breath, and key rule are returned to secret protection client
Then function.
18. the system according to claim 17 protected to privacy content on mobile terminal, which is characterized in that described
Secret protection client is specially secret protection client described in claim 8 to 11 any one;The secret protection clothes
Implement body be engaged in as secret protection server described in claim 13 to 16 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410190390.3A CN105101183B (en) | 2014-05-07 | 2014-05-07 | The method and system that privacy content on mobile terminal is protected |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410190390.3A CN105101183B (en) | 2014-05-07 | 2014-05-07 | The method and system that privacy content on mobile terminal is protected |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105101183A CN105101183A (en) | 2015-11-25 |
| CN105101183B true CN105101183B (en) | 2018-11-27 |
Family
ID=54580516
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410190390.3A Active CN105101183B (en) | 2014-05-07 | 2014-05-07 | The method and system that privacy content on mobile terminal is protected |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105101183B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871556A (en) * | 2016-03-28 | 2016-08-17 | 联想(北京)有限公司 | Information processing method and system, electronic equipment and server |
| CN106059767A (en) * | 2016-08-17 | 2016-10-26 | 王树栋 | Terminal private data protection system and method based on Internet |
| CN108809914A (en) * | 2017-05-05 | 2018-11-13 | 国民技术股份有限公司 | Access control method, device, terminal and Internet of Things house system |
| CN109150814B (en) * | 2017-06-28 | 2022-12-02 | 西安中兴新软件有限责任公司 | Data processing method and device, terminal and storage medium |
| CN107947924A (en) * | 2017-12-04 | 2018-04-20 | 深圳绿米联创科技有限公司 | Intelligent domestic system and information ciphering method and device, terminal |
| EP3528150A1 (en) * | 2018-02-14 | 2019-08-21 | OneSpan NV | A system, apparatus and method for privacy preserving contextual authentication |
| CN108718313A (en) * | 2018-05-31 | 2018-10-30 | 深圳市文鼎创数据科技有限公司 | Application of software data uses method, terminal device and server safely |
| CN113038459A (en) * | 2019-12-25 | 2021-06-25 | 中兴通讯股份有限公司 | Private information transmission method and device, computer equipment and computer readable medium |
| CN111414596A (en) * | 2020-04-07 | 2020-07-14 | 中国建设银行股份有限公司 | Method and device for processing request |
| CN113422758B (en) * | 2021-06-08 | 2023-04-07 | 深圳市欢太数字科技有限公司 | Data encryption method and device, internet of things system, electronic equipment and storage medium |
| CN114338138A (en) * | 2021-12-27 | 2022-04-12 | 建信金融科技有限责任公司 | Processing method of private data acquisition request, private data acquisition method and device |
| CN114978785B (en) * | 2022-08-03 | 2022-10-25 | 中科雨辰科技有限公司 | Control method for special machine interconnection authentication |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103109509A (en) * | 2010-09-13 | 2013-05-15 | 诺基亚公司 | Method and apparatus for providing communication with a service using a recipient identifier |
| CN103139174A (en) * | 2011-11-30 | 2013-06-05 | 中国联合网络通信集团有限公司 | Processing method of communication business and processing system of communication business |
| CN103701757A (en) * | 2012-09-27 | 2014-04-02 | 中国电信股份有限公司 | Identity authentication method and system for service access |
| CN103731268A (en) * | 2013-09-23 | 2014-04-16 | 中兴通讯股份有限公司 | Terminal, network side device, and terminal application control method and system |
-
2014
- 2014-05-07 CN CN201410190390.3A patent/CN105101183B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103109509A (en) * | 2010-09-13 | 2013-05-15 | 诺基亚公司 | Method and apparatus for providing communication with a service using a recipient identifier |
| CN103139174A (en) * | 2011-11-30 | 2013-06-05 | 中国联合网络通信集团有限公司 | Processing method of communication business and processing system of communication business |
| CN103701757A (en) * | 2012-09-27 | 2014-04-02 | 中国电信股份有限公司 | Identity authentication method and system for service access |
| CN103731268A (en) * | 2013-09-23 | 2014-04-16 | 中兴通讯股份有限公司 | Terminal, network side device, and terminal application control method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105101183A (en) | 2015-11-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105101183B (en) | The method and system that privacy content on mobile terminal is protected | |
| CN106161359B (en) | It authenticates the method and device of user, register the method and device of wearable device | |
| CN106304074B (en) | Auth method and system towards mobile subscriber | |
| JP2024012467A (en) | System and method for second factor authentication of customer support calls | |
| CN105812332A (en) | Data protection method | |
| US9372987B1 (en) | Apparatus and method for masking a real user controlling synthetic identities | |
| CN102761870B (en) | Terminal authentication and service authentication method, system and terminal | |
| US11451533B1 (en) | Data cycling | |
| CN103249045A (en) | Identification method, device and system | |
| CN105450395A (en) | Information encryption and decryption processing method and system | |
| CN102739708A (en) | System and method for accessing third party application based on cloud platform | |
| CN109618341A (en) | A kind of digital signature authentication method, system, device and storage medium | |
| CN101815091A (en) | Cipher providing equipment, cipher authentication system and cipher authentication method | |
| CN103812651B (en) | Method of password authentication, apparatus and system | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| CN108234442A (en) | Obtain method, system and the readable storage medium storing program for executing of contract | |
| CN106452770A (en) | Data encryption method and apparatus, data decryption method and apparatus, and system | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| CN103210607A (en) | Secure registration to a service provided by a web server | |
| CN106375990A (en) | Encryption and decryption system and encryption and decryption method for private data of mobile phone | |
| CN102404337A (en) | Data encryption method and device | |
| CN103973543B (en) | Instant communicating method and device | |
| CN105790945B (en) | A kind of authentication method, device and system realizing user's unique identities and authenticating | |
| CN106027530A (en) | Instant message encryption system based on smartphone and implementation method thereof | |
| KR101358375B1 (en) | Prevention security system and method for smishing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |