CN105430195A - Data transmission method - Google Patents
Data transmission method Download PDFInfo
- Publication number
- CN105430195A CN105430195A CN201511030843.7A CN201511030843A CN105430195A CN 105430195 A CN105430195 A CN 105430195A CN 201511030843 A CN201511030843 A CN 201511030843A CN 105430195 A CN105430195 A CN 105430195A
- Authority
- CN
- China
- Prior art keywords
- data
- application
- information
- sensitive
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72448—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
- H04M1/72463—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Human Computer Interaction (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
An embodiment of the invention discloses a data transmission method. The data transmission method comprises the steps of A, transmitting information of an application to a server when a terminal determines a fact that a trustless application transmits data which comprise sensitive information to outside; B, determining whether the information of the application matches a stored good application list by the server, and performing corresponding information feedback of the terminal; and C, processing transmission of the data according to the feedback information. Therefore, the data transmission method provided by the embodiment of the invention can prevent sensitive information leakage in time and overcomes a defect that only the source of the sensitive information can be traced and sensitive information leakage cannot be stopped in time in prior art.
Description
Technical field
The present invention relates to the communications field, particularly a kind of data transmission method for uplink.
Background technology
In recent years, popularizing and developing rapidly along with terminal, the problem of divulging a secret of the user sensitive information (as mobile phone IMEI information, telephone number, geographical location information, photograph album photo etc.) in terminal was also more outstanding.Application program has legal reason usually to obtain the private data of user, but user often wishes that the data of oneself are used properly.Solve this Consumer's Experience enjoyment and use third-party application software and the personal secrets conflict that brings is a challenge greatly.In the market, also do not have a set ofly to present visual for user, traceable and management those send the management tool of the third-party application of user sensitive informations.
Prior art can only follow the trail of the source of reveal sensitive information, but when finding that these sensitive informations leak, can not prevent in time.Some lawless person can utilize these sensitive informations leaked to cause economic loss in various degree to user.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of data transmission method for uplink, can prevent sensitive information in time and leak, overcome the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
The invention provides a kind of data transmission method for uplink, said method comprising the steps of:
When the application program that A, terminal judges are not trusted outwards sends the data containing sensitive information, the information of this application program is sent to server;
B, server judge whether the information of described application program mates the good will list of application of its storage, and feedback terminal corresponding information;
C, terminal are according to the transmission of described feedback information processing said data.
By upper, sensitive information can be prevented in time and leak, overcome the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
Preferably, the step judged described in steps A comprises:
Judge according to the sensitive tags whether described data comprise sensitive data corresponding.
By upper, by detecting sensitive tags, can sensitive data be determined whether, be conducive to carrying out respective handling in time, prevent sensitive information in time and leak.
Preferably, described sensitive tags is when detecting that the application program of being trusted comprises sensitive data, adds the sensitive data comprised in described application program of being trusted.
By upper, by adding sensitive tags to the sensitive data comprised in the application program of being trusted, sensitive information is marked, when distrusting application program outwards to send data, be conducive to, by detecting sensitive tags, conveniently detecting whether the data sent are sensitive datas.
Preferably, sensitive information described in steps A comprises one of at least following:
The international mobile equipment identification number IMEI of terminal, telephone number, geographical position, photograph album photo, recording.
By upper, be conducive to following the trail of sensitive data, be conducive to distinguishing different sensitive data, to detect simultaneously.
Preferably, the information of application program described in steps A comprises one of at least following:
Send the application bag name of data, receive the IP address of data, data type, timestamp, described terminal IMEI.
By upper, be conducive to detecting this application program and judging.
Preferably, when the result judged described in described step B is as coupling, step C comprises:
Terminal continues the transmission of described data according to described feedback information, and does not notify user.
By upper, when judging that this is applied as good will application, just send data, avoid the leakage of sensitive information, further, now not eject notification, with overcome the notice of reminding in prior art too much time, user can be caused cannot to distinguish normal use and Malware, or miss the defect of notice of Malware.
Preferably, when the result judged described in described step B is not mated, also comprise: judge whether further to mate its malicious application list stored, and when judged result is for coupling, step C comprises: terminal forbids the transmission of described data according to described feedback information, and eject notification.
By upper, when judging that this is applied as malicious application, forbid sending data, avoid the leakage of sensitive information, further, now eject notification, can inform in custom system have malicious application, can delete this application with reminding user in time or kill virus or other process, ensure the fail safe of terminal system.
Preferably, described in judge whether to mate the malicious application list that it stores judged result for not mating time, step C comprises: terminal notification user, and allows according to the operation of user or forbid the transmission of described data.
By upper, when detecting as doubtful malicious application, eject notification, and allow user select whether to trust described application, reveal to prevent sensitive data.
Preferably, the content of described notice comprises the information of described sensitive information and/or described application program, and/or the options whether allowing data to occur.
By upper, directly present relevant information for user is visual, be conducive to user and carry out judging and selecting.
Preferably, also comprise after step C:
According to the described permission of user or the operation forbidden, the good will list of application of update server or malicious application list database, and/or more the good will list of application of new terminal or malicious application list database.
By upper, prevent sensitive data from revealing, simultaneously can reduce user's selection, reduce the ejection of notice, with overcome the notice of reminding in prior art too much time, user can be caused cannot to distinguish normal use and Malware, or miss the defect of notice of Malware)
As seen from the above, the invention provides a kind of data transmission method for uplink, sensitive information can be prevented in time and leak, overcome the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
A kind of schematic flow sheet of data transmission method for uplink of Fig. 1 for providing in the embodiment of the present invention;
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
For overcoming defect of the prior art, the invention provides a kind of data transmission method for uplink, sensitive information can be prevented in time and leak, overcoming the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
Embodiment one
As shown in Figure 1, be a kind of schematic flow sheet of data transmission method for uplink provided in the embodiment of the present invention, described method is applied in mobile terminal, and described method comprises:
S101, determines the type of the sensitive data needing to be labeled.According to the type of sensitive data, define sensitive tags respectively.
In the present embodiment, the type of sensitive data comprises: the IMEI (international mobile equipment identification number), telephone number, geographical position, photograph album photo, recording etc. of terminal.
In the present embodiment, according to dissimilar sensitive data, define different sensitive tags respectively.Such as: the label of definition terminal IMEI information is 1; The label of definition nonsensitive data is 0; The label of acquiescence is 0.
S102, after certain application of terminal is activated, according to the good will list of application that it stores, determines whether trusted application, if so, then performs step S103, if not, perform step S107.
S103, when after trusted application program initialization, detects whether data to be processed in this program are sensitive data, if so, then performs S105, if not, then perform S104.
S104, terminates the operation of flow process of the present invention, runs this application program according to common mode.
S105, is applied as the mode processing said data of being trusted according to this, comprises: for these data add sensitive tags.
In the present embodiment, when detecting that the data in trusted application program are sensitive data, according to the sensitive tags defined in S101, for these data add sensitive tags.
S106, propagates described sensitive tags.
The present embodiment is that the sensitive information of many granularities is followed the tracks of, and uses the tracking of variable level in VM interpreter.When application program performs nation method time, sensitive tags is returned by as return value.Finally, sensitive tags is assigned to Bundle (executable file), is propagated by Binder mechanism.Such as, an application program creates the variable that a value is mobile terminal IMEI information, so quotes, transmits the method for this variable, class, process and all can be marked as sensitive tags with IMEI.Dalvik virtual machine, as application program trusty, propagates sensitive tags according to data flow rule.Each interpreter example can propagate sensitive tags simultaneously.
Whether S107, after determining that this is applied as the application of not trusted, when the application program of not trusted outwards sends data, detect these data with sensitive tags; If so, then perform S109, if not, then perform S108.
In the present embodiment, when an application program of not trusted outwards sends data, need whether to detect with sensitive tags.Can process timely, to overcome the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
S108, terminal sends described data.
In the present embodiment, when detecting that these data are without sensitive tags, then not eject notification, can send data in a conventional manner, terminate this flow process.
This step can overcome the notice of reminding in prior art too much time, user can be caused cannot to distinguish normal use and Malware, or miss the defect of notice of Malware.
S109, terminal to server end sends the information of described application program.
In the present embodiment, when detecting that these data are with sensitive tags, send the information of the application program that this is not trusted to server end, this information comprises the application bag name sending sensitive data, receives the IP address of sensitive data, the type of sensitive data, timestamp, this mobile terminal IMEI etc.
S110, whether server end detects this application information received and matches with the good will application message in its local data base; If coupling, then feedback terminal this be applied as good will application, terminal is eject notification not, upgrades its good will list of application, and perform step S108 by terminal; If do not mate, then perform S111.
Whether in the present embodiment, after server end accepts this application message, itself and the good will application message in the local data base of server end are contrasted, detecting this application is good will application.If the contents of a project that this application message is specified with good will application message are mated, then this is applied as good will application.Such as: the application bag name of the transmission data in this application message, receive the IP address of sensitive data, the type of sensitive data, this mobile terminal IMEI mates with good will application message in database, then this transfer of data is normal data transfer, then this is applied as good will application, then notification terminal, not eject notification, performs step S108 and processes these data of transmission.If do not mate, then this application may be malicious application or doubtful malicious application, also needs further to detect.
S111, server end detect this application information whether with the malicious application information match in its local data base; If so, then perform S112, if not, then perform, S113.
In the present embodiment, if this application information whether with the malicious application information match in local data base, then this transfer of data is malicious data transmission, and this is applied as malicious application.If do not mate, also need further process.
S112, server end feedback terminal this be applied as malicious application, terminal disables sends described data, and eject notification.
In the present embodiment, content of announcement comprises: send the Apply Names of sensitive data, the IP address accepting data, the type of sensitive data, timestamp.To inform that user now has malicious application outwards to send data, can delete this application with reminding user in time or kill virus or other process, ensure the fail safe of terminal system.
S113, terminal ejects option and notice, and allows user select whether to trust this application.
In the present embodiment, terminal ejects respective interface option, and allows user select whether to trust described application.Content of announcement comprises: send the Apply Names of sensitive data, the IP address accepting data, the type of sensitive data, timestamp, think that user presents visual application message, be conducive to user and make further judgement.
S114, terminal receives user when selecting to trust the option of this application, then return step S108 to process to send these data, and the good will list of application database of synchronized update itself and server end.
In the present embodiment, when user selects to trust this application, terminal sends data, and be applied as good will application by upgrading this in the database of server end, no longer eject notification when sending data to make follow-up this application, with overcome the notice of reminding in prior art too much time, user can be caused cannot to distinguish normal use and Malware, or miss the defect of notice of Malware, and the corresponding good will list of application upgrading terminal storage.
S115, when user selects to distrust that this applies, do not send data, announcement server end is labeled as malicious application.
In the present embodiment, when user selects to distrust that this applies, do not send data, and at server end, this application is labeled as malicious application.Directly can send by forbidden data when sending data to make this application follow-up, reveal to prevent sensitive data.
In addition, if terminal also stores above-mentioned malicious application list with server sync, then when above-mentioned steps S102, can also judge whether described application is malicious application further accordingly, when then performing above-mentioned steps S112 for during malicious application, and when described application is not in described good will list of application, malicious application list, jump to step S107.Further, accordingly when performing step S115, malicious application list can be upgraded with server sync.
In sum, compared with prior art, the embodiment of the present invention provides a kind of data transmission method for uplink, when can prevent sensitive information leakage in time, overcome the source can only following the trail of reveal sensitive information in prior art, the defect can not prevented in time when sensitive information leaks.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a data transmission method for uplink, is characterized in that, described method comprises:
When the application program that A, terminal judges are not trusted outwards sends the data containing sensitive information, the information of this application program is sent to server;
B, server judge whether the information of described application program mates the good will list of application of its storage, and feedback terminal corresponding information;
C, terminal are according to the transmission of described feedback information processing said data.
2. method according to claim 1, is characterized in that, the step judged described in steps A comprises:
Judge according to the sensitive tags whether described data comprise sensitive data corresponding.
3. method according to claim 2, is characterized in that, described sensitive tags is when detecting that the application program of being trusted comprises sensitive data, adds the sensitive data comprised in described application program of being trusted.
4. the method according to any one of claim 1-3, is characterized in that, sensitive information described in steps A comprises one of at least following:
The international mobile equipment identification number IMEI of terminal, telephone number, geographical position, photograph album photo, recording.
5. method according to claim 1, is characterized in that, the information of application program described in steps A comprises one of at least following:
Send the application bag name of data, receive the IP address of data, data type, timestamp, described terminal IMEI.
6. method according to claim 1, is characterized in that, when the result judged described in described step B is as coupling, step C comprises:
Terminal continues the transmission of described data according to described feedback information, and does not notify user.
7. method according to claim 1, is characterized in that, when the result judged is not mated, also comprises described in described step B: judge whether further to mate its malicious application list stored, and when judged result is for coupling, step C comprises:
Terminal forbids the transmission of described data according to described feedback information, and notifies user.
8. method according to claim 7, is characterized in that, described in judge whether to mate the malicious application list that it stores judged result for not mating time, step C comprises:
Terminal notification user, and allow according to the operation of user or forbid the transmission of described data.
9. method according to claim 8, is characterized in that, the content of described notice comprises the information of described sensitive information and/or described application program, and/or the options whether allowing data to occur.
10. method according to claim 8, is characterized in that, also comprises after step C:
According to the described permission of user or the operation forbidden, the good will list of application of update server or malicious application list database, and/or more the good will list of application of new terminal or malicious application list database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511030843.7A CN105430195A (en) | 2015-12-31 | 2015-12-31 | Data transmission method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511030843.7A CN105430195A (en) | 2015-12-31 | 2015-12-31 | Data transmission method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105430195A true CN105430195A (en) | 2016-03-23 |
Family
ID=55508128
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511030843.7A Pending CN105430195A (en) | 2015-12-31 | 2015-12-31 | Data transmission method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105430195A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101105A (en) * | 2016-06-14 | 2016-11-09 | 北京小米移动软件有限公司 | Data processing method, Apparatus and system |
| CN106713067A (en) * | 2016-11-30 | 2017-05-24 | 广东电网有限责任公司信息中心 | Sensitive file circulation monitoring method based on DPI |
| CN107645480A (en) * | 2016-07-22 | 2018-01-30 | 阿里巴巴集团控股有限公司 | Data monitoring method and system, device |
| CN110119632A (en) * | 2018-02-05 | 2019-08-13 | 中国移动通信有限公司研究院 | Sensitive data requesting method, device, system and computer readable storage medium |
| WO2019141290A3 (en) * | 2019-05-15 | 2020-03-05 | Alibaba Group Holding Limited | Processing data elements stored in blockchain networks |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101430752A (en) * | 2008-12-22 | 2009-05-13 | 哈尔滨工业大学 | Sensitive data switching control module and method for computer and movable memory device |
| EP2642716A1 (en) * | 2012-03-22 | 2013-09-25 | British Telecommunications public limited company | Electronic communications device |
| CN103327183A (en) * | 2013-06-13 | 2013-09-25 | 中国科学院信息工程研究所 | Black box protecting method and system for private data of Android user based on tag |
| CN103778377A (en) * | 2014-01-28 | 2014-05-07 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and method for preventing sensitive information leakage |
| CN104955043A (en) * | 2015-06-01 | 2015-09-30 | 成都中科创达软件有限公司 | Intelligent terminal safety protection system |
-
2015
- 2015-12-31 CN CN201511030843.7A patent/CN105430195A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101430752A (en) * | 2008-12-22 | 2009-05-13 | 哈尔滨工业大学 | Sensitive data switching control module and method for computer and movable memory device |
| EP2642716A1 (en) * | 2012-03-22 | 2013-09-25 | British Telecommunications public limited company | Electronic communications device |
| CN103327183A (en) * | 2013-06-13 | 2013-09-25 | 中国科学院信息工程研究所 | Black box protecting method and system for private data of Android user based on tag |
| CN103778377A (en) * | 2014-01-28 | 2014-05-07 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and method for preventing sensitive information leakage |
| CN104955043A (en) * | 2015-06-01 | 2015-09-30 | 成都中科创达软件有限公司 | Intelligent terminal safety protection system |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101105A (en) * | 2016-06-14 | 2016-11-09 | 北京小米移动软件有限公司 | Data processing method, Apparatus and system |
| CN107645480A (en) * | 2016-07-22 | 2018-01-30 | 阿里巴巴集团控股有限公司 | Data monitoring method and system, device |
| CN106713067A (en) * | 2016-11-30 | 2017-05-24 | 广东电网有限责任公司信息中心 | Sensitive file circulation monitoring method based on DPI |
| CN106713067B (en) * | 2016-11-30 | 2020-03-17 | 广东电网有限责任公司信息中心 | Sensitive file circulation monitoring method based on DPI |
| CN110119632A (en) * | 2018-02-05 | 2019-08-13 | 中国移动通信有限公司研究院 | Sensitive data requesting method, device, system and computer readable storage medium |
| CN110119632B (en) * | 2018-02-05 | 2021-01-15 | 中国移动通信有限公司研究院 | Sensitive data request method, device, system and computer readable storage medium |
| WO2019141290A3 (en) * | 2019-05-15 | 2020-03-05 | Alibaba Group Holding Limited | Processing data elements stored in blockchain networks |
| US10778445B1 (en) | 2019-05-15 | 2020-09-15 | Alibaba Group Holding Limited | Processing data elements stored in blockchain networks |
| US10917249B2 (en) | 2019-05-15 | 2021-02-09 | Advanced New Technologies Co., Ltd. | Processing data elements stored in blockchain networks |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11886232B2 (en) | Providing a mobile communications device with access to a provider service conditioned upon a device security level determination | |
| CN105430195A (en) | Data transmission method | |
| CN104917749B (en) | account registration method and device | |
| KR102071160B1 (en) | Application Information Methods and Devices for Risk Management | |
| US20180324735A1 (en) | Bluetooth automatic connection method, and master device, slave device, and system | |
| WO2016045191A1 (en) | Information processing method and information processing device | |
| US20120110174A1 (en) | System and method for a scanning api | |
| CN107836123A (en) | Communication control method, device, terminal and the network platform | |
| US10542422B2 (en) | Data backup method, storage medium and electronic device | |
| US20170325171A1 (en) | Message Processing Method and Apparatus | |
| US20170123828A1 (en) | Host device coupled to a mobile phone and method of operating the same | |
| WO2012027588A1 (en) | System and method for server-coupled malware prevention | |
| US12010515B2 (en) | Security management on a mobile device | |
| CN104462997A (en) | Method, device and system for protecting work data in mobile terminal | |
| CN106325993A (en) | Freezing method of application program and terminal | |
| CN111460473A (en) | Data encryption and decryption method, plug-in, data security system and medium | |
| CN105447384B (en) | A kind of anti-method monitored, system and mobile terminal | |
| CN106874748A (en) | A kind of method and apparatus that user data is provided | |
| KR101817566B1 (en) | Method and system for preventing call message recording in opposite user phone terminal | |
| CN106161072A (en) | The collocation method of a kind of feature database, feature configuration management platform and feature plug-in unit | |
| CN108763357A (en) | Document handling method and relevant apparatus | |
| KR20170015178A (en) | Security system and method for web server | |
| CN109348053B (en) | Telephone number mark processing method, server, terminal device and computer readable storage medium | |
| KR101450009B1 (en) | Mobile terminal based phishing prevention method | |
| CN107678928B (en) | Application program processing method and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160323 |
|
| RJ01 | Rejection of invention patent application after publication |