CN105631350B - Data manipulation method, data operation device and terminal - Google Patents
Data manipulation method, data operation device and terminal Download PDFInfo
- Publication number
- CN105631350B CN105631350B CN201510098384.XA CN201510098384A CN105631350B CN 105631350 B CN105631350 B CN 105631350B CN 201510098384 A CN201510098384 A CN 201510098384A CN 105631350 B CN105631350 B CN 105631350B
- Authority
- CN
- China
- Prior art keywords
- data
- target data
- systems
- operational order
- safe class
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 15
- 238000010586 diagram Methods 0.000 description 19
- 230000009977 dual effect Effects 0.000 description 8
- 239000002699 waste material Substances 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 230000007717 exclusion Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6236—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database between heterogeneous systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The present invention proposes a kind of data manipulation method, a kind of data operation device and a kind of terminal, wherein the method includes:In operational order of any system in receiving the multiple system to the target data in the shared data bank of the multiple system, judge whether that other any systems operate the target data;When the determination result is yes, any system is forbidden to be operated to the target data according to the operational order;Otherwise, any system is allowed to be operated to the target data according to the operational order, wherein other described any systems are any system in addition to any system in the multiple system.Technical solution through the invention can also ensure that the safety of the data of multisystem to the full extent while the memory space and simplification for saving multisystem are managed the data of multisystem.
Description
Technical field
The present invention relates to field of terminal technology, in particular to a kind of data manipulation method, a kind of data operation device
With a kind of terminal.
Background technology
Currently, being equipped with multiple systems in terminal, this multiple system has respective database, and multiple systems is each
From database between be independent from each other, be stored with short message corresponding with system in the database of corresponding multiple systems and contact
The data such as people.
But be equipped with a database for each system and database is encrypted, it ensure that data well
While safe, terminal but has following two drawbacks:
1. some data are repeated in the database of a system more than, such as may be same in the address list of multiple systems
The same contact persons of Shi Yongyou and its contact method, this just wastes memory space.And identical storage data are bigger, storage
The waste degree in space is also bigger.
2. being difficult to be managed to the data of multiple systems, for example, when data are moved from the database of a system
When in the database of another system, the movement that data may be prohibited to result in data is pretty troublesome.
Therefore, the memory space of multisystem how is saved, and simplifies the management to the data of multisystem, it can also be ensured that
The safety of the data of multisystem, becomes urgent problem to be solved.
Invention content
The present invention is based on the above problem, it is proposed that a kind of new technical solution, it is empty in the storage for saving multisystem
Between and simplify while be managed to the data of multisystem, can also ensure that the peace of the data of multisystem to the full extent
Entirely.
In view of this, an aspect of of the present present invention proposes a kind of data manipulation method, the end for being equipped with multiple systems
End, including:In any system in receiving the multiple system to the number of targets in the shared data bank of the multiple system
According to operational order when, judge whether that other any systems operate the target data;In judging result
When to be, any system is forbidden to be operated to the target data according to the operational order;Otherwise, allow described appoint
One system operates the target data according to the operational order, wherein other described any systems are the multiple
Any system in system in addition to any system.
In the technical scheme, when terminal receives shared data bank of any system in multiple systems to multiple systems
In target data operational order when, at this point, if other any systems operate target data, forbid appointing
One system operates target data according to operational order, if other any systems do not operate target data,
Any system is then allowed to be operated to target data according to operational order, to ensure that multiple systems of same time to shared
The operation of target data in database is mutual exclusion, i.e., the same time only allows a system in multiple systems to number of targets
According to being operated, it thus is avoided that multiple systems while target data is operated, and being unable to ensure has target data
Effect operation, even results in faulty operation, in addition, also ensure that the safety of the data in shared data bank to the full extent, from
And avoid data of multiple systems when being operated to the data in shared data bank in shared data bank and leaked,
In, which is the peculiar data of the common data or any system in multiple systems.
In the above-mentioned technical solutions, it is preferable that further include:Multiple any systems are received to the target when simultaneously
When the operational order of data, if the judging result is no, allow the highest mesh of safe class in multiple any systems
Mark system operates the target data, and forbids the system pair except goal systems described in multiple any systems
The target data is operated.
In the technical scheme, when terminal receives operational order of multiple any systems to target data simultaneously, and
There is no other any systems to be operated to target data, then allows the highest mesh of safe class in multiple any systems
Mark system operates target data, forbids system lower than the safe class of goal systems in multiple any systems to target
Data are operated, and not only ensure that the same time only allows a system in multiple systems to operate target data,
To ensure that the safety of the data in shared data bank to the full extent, also make the higher System Priority operation of safe class
The permission of target data in shared data bank.
In the above-mentioned technical solutions, it is preferable that any system in receiving the multiple system is to the multiple system
Before the operational order of target data in the shared data bank of system, further include:It, will be described more according to the store instruction received
Common data in a system is stored in the shared data bank.
In the technical scheme, since multiple systems in the related technology are independent from each other, and multiple systems is each
From database be also independent from each other, resulted in the data in the respective database of multiple systems be repeat, for example,
It is empty thus to waste storage for the correlative connection mode for having the same contact person and the contact person in address list in multiple systems
Between, and the respective database for managing multiple systems is also pretty troublesome, for example, data move between the database of multiple systems
During, since the safe class of system is different, data movement may be prohibited, cause data multiple systems data
Movement is pretty troublesome between library, therefore, in any system in receiving multiple systems in the shared data bank of multiple systems
Before the operational order of target data, also according to the store instruction received, the common data in multiple systems is stored in altogether
It enjoys in database, then multisystem can co-operate the common data in shared data bank, and it is weight to avoid the data in multisystem
Multiple, the memory space of multisystem is not only saved, is also convenient for being managed the common data in shared data bank, improve
The convenience of management.
In the above-mentioned technical solutions, it is preferable that the operational order includes:Read operation instruction or write operation instruction;And
The data manipulation method further includes:According to the setting command received, safe class in the multiple system is allowed to be higher than in advance
If the appointing system of safe class is configured the security attribute of the target data, to forbid safety in the multiple system
Grade is less than reading and/or write permission of the system of the default safe class to the target data.
In the technical scheme, any system includes but unlimited to the operational order of the target data in shared data bank
In:Read operation instruction or write operation instruction allow safety in multiple systems furthermore it is also possible to according to the setting command received
The appointing system that grade is higher than default safe class is configured the security attribute of target data, to forbid in multiple systems
Safe class is less than reading and/or write permission of the system of default safe class to target data, further increases shared number
According to the safety of the data in library, prevent the system that safe class is less than default safe class from arbitrarily being grasped into row write to target data
Work or read-write operation, in addition, the appointing system that safe class is higher than default safe class can also be as needed to target data
Security attribute modify, and after the security attribute of target data is set, is equivalent to and peace be added to target data
All mark, the target data are secure data, and the system that such safe class is less than default safe class just can not be arbitrarily right
Target data carries out write operation or read-write operation.
In the above-mentioned technical solutions, it is preferable that when the appointing system does not carry out the security attribute of the target data
When setting, each system in the multiple system has reading and write permission to the target data.
In the technical scheme, when appointing system is not configured the security attribute of target data, the target data
It is not just secure data, systems all so can carry out read and write operation to the target data.
Another aspect of the present invention proposes a kind of data operation device, the terminal for being equipped with multiple systems, including:
Judging unit, in any system in receiving the multiple system to the number of targets in the shared data bank of the multiple system
According to operational order when, judge whether that other any systems operate the target data;Processing unit,
Judging result is when being, any system to be forbidden to be operated to the target data according to the operational order;Otherwise, permit
Perhaps the described any system operates the target data according to the operational order, wherein other described any systems are
Any system in the multiple system in addition to any system.
In the technical scheme, when terminal receives shared data bank of any system in multiple systems to multiple systems
In target data operational order when, at this point, if other any systems operate target data, forbid appointing
One system operates target data according to operational order, if other any systems do not operate target data,
Any system is then allowed to be operated to target data according to operational order, to ensure that multiple systems of same time to shared
The operation of target data in database is mutual exclusion, i.e., the same time only allows a system in multiple systems to number of targets
According to being operated, it thus is avoided that multiple systems while target data is operated, and being unable to ensure has target data
Effect operation, even results in faulty operation, in addition, also ensure that the safety of the data in shared data bank to the full extent, from
And avoid data of multiple systems when being operated to the data in shared data bank in shared data bank and leaked,
In, which is the peculiar data of the common data or any system in multiple systems.
In the above-mentioned technical solutions, it is preferable that further include:The processing unit is additionally operable to:Multiple institutes are received when simultaneously
When stating operational order of any system to the target data, if the judging result is no, allow multiple any systems
The highest goal systems of safe class operates the target data in system, and forbids described in multiple any systems
System except goal systems operates the target data.
In the technical scheme, when terminal receives operational order of multiple any systems to target data simultaneously, and
There is no other any systems to be operated to target data, then allows the highest mesh of safe class in multiple any systems
Mark system operates target data, forbids system lower than the safe class of goal systems in multiple any systems to target
Data are operated, and not only ensure that the same time only allows a system in multiple systems to operate target data,
To ensure that the safety of the data in shared data bank to the full extent, also make the higher System Priority operation of safe class
The permission of target data in shared data bank.
In the above-mentioned technical solutions, it is preferable that further include:Storage unit, any in receiving the multiple system
Before system is to the operational order of the target data in the shared data bank of the multiple system, referred to according to the storage received
It enables, the common data in the multiple system is stored in the shared data bank.
In the technical scheme, since multiple systems in the related technology are independent from each other, and multiple systems is each
From database be also independent from each other, resulted in the data in the respective database of multiple systems be repeat, for example,
It is empty thus to waste storage for the correlative connection mode for having the same contact person and the contact person in address list in multiple systems
Between, and the respective database for managing multiple systems is also pretty troublesome, for example, data move between the database of multiple systems
During, since the safe class of system is different, data movement may be prohibited, cause data multiple systems data
Movement is pretty troublesome between library, therefore, in any system in receiving multiple systems in the shared data bank of multiple systems
Before the operational order of target data, also according to the store instruction received, the common data in multiple systems is stored in altogether
It enjoys in database, then multisystem can co-operate the common data in shared data bank, and it is weight to avoid the data in multisystem
Multiple, the memory space of multisystem is not only saved, is also convenient for being managed the common data in shared data bank, improve
The convenience of management.
In the above-mentioned technical solutions, it is preferable that the operational order includes:Read operation instruction or write operation instruction;And
The data operation device further includes:Setting unit allows safety etc. in the multiple system according to the setting command received
Grade is configured the security attribute of the target data higher than the appointing system of default safe class, to forbid the multiple system
Safe class is less than reading and/or write permission of the system of the default safe class to the target data in system.
In the technical scheme, any system includes but unlimited to the operational order of the target data in shared data bank
In:Read operation instruction or write operation instruction allow safety in multiple systems furthermore it is also possible to according to the setting command received
The appointing system that grade is higher than default safe class is configured the security attribute of target data, to forbid in multiple systems
Safe class is less than reading and/or write permission of the system of default safe class to target data, further increases shared number
According to the safety of the data in library, prevent the system that safe class is less than default safe class from arbitrarily being grasped into row write to target data
Work or read-write operation, in addition, the appointing system that safe class is higher than default safe class can also be as needed to target data
Security attribute modify, and after the security attribute of target data is set, is equivalent to and peace be added to target data
All mark, the target data are secure data, and the system that such safe class is less than default safe class just can not be arbitrarily right
Target data carries out write operation or read-write operation.
In the above-mentioned technical solutions, it is preferable that when the appointing system does not carry out the security attribute of the target data
When setting, each system in the multiple system has reading and write permission to the target data.
In the technical scheme, when appointing system is not configured the security attribute of target data, the target data
It is not just secure data, systems all so can carry out read and write operation to the target data.
Another aspect of the present invention proposes a kind of terminal, including the data manipulation dress described in any of the above-described technical solution
It sets.
In the technical scheme, multisystem can co-operate the common data in shared data bank, avoid in multisystem
Data be repeat, not only save the memory space of multisystem, be also convenient for in shared data bank common data carry out
Management.In addition, the same time only allows a system in multiple systems to operate target data, in this way utmostly
On ensure that the safety of data in shared data bank, carried out to the data in shared data bank so as to avoid multiple systems
Data when operation in shared data bank are leaked.
Technical solution through the invention, the memory space that saves multisystem and simplify to the data of multisystem into
While row management, the safety of the data in shared data bank can also ensure that the full extent.
Description of the drawings
Fig. 1 shows the flow diagram of data manipulation method according to an embodiment of the invention;
Fig. 2 shows the flow diagrams of data manipulation method according to another embodiment of the invention;
Fig. 3 shows the structural schematic diagram of data operation device according to an embodiment of the invention;
Fig. 4 shows the structural schematic diagram of terminal according to an embodiment of the invention;
Fig. 5 shows the theory structure schematic diagram of data operation device according to an embodiment of the invention;
Fig. 6 shows the theory structure schematic diagram of data operation device according to another embodiment of the invention;
Fig. 7 shows the schematic diagram according to an embodiment of the invention that contact person is arranged in the security system;
Fig. 8 shows the schematic diagram that contact person is arranged in the security system according to another embodiment of the invention;
Fig. 9 shows the schematic diagram that contact person is arranged in modular system according to still another embodiment of the invention.
Specific implementation mode
It is below in conjunction with the accompanying drawings and specific real in order to be more clearly understood that the above objects, features and advantages of the present invention
Mode is applied the present invention is further described in detail.It should be noted that in the absence of conflict, the implementation of the application
Feature in example and embodiment can be combined with each other.
Many details are elaborated in the following description to facilitate a thorough understanding of the present invention, still, the present invention may be used also
To be implemented different from other modes described here using other, therefore, protection scope of the present invention is not by described below
Specific embodiment limitation.
Fig. 1 shows the flow diagram of data manipulation method according to an embodiment of the invention.
As shown in Figure 1, data manipulation method according to an embodiment of the invention, including:Step 102, it is receiving
When any system in the multiple system is to the operational order of the target data in the shared data bank of the multiple system, sentence
It is disconnected that the target data is operated with the presence or absence of other any systems;Step 104, when the determination result is yes, prohibit
Only any system operates the target data according to the operational order;Otherwise, allow any system root
The target data is operated according to the operational order, wherein other described any systems are to be removed in the multiple system
Any system except any system.
In the technical scheme, when terminal receives shared data bank of any system in multiple systems to multiple systems
In target data operational order when, at this point, if other any systems operate target data, forbid appointing
One system operates target data according to operational order, if other any systems do not operate target data,
Any system is then allowed to be operated to target data according to operational order, to ensure that multiple systems of same time to shared
The operation of target data in database is mutual exclusion, i.e., the same time only allows a system in multiple systems to number of targets
According to being operated, it thus is avoided that multiple systems while target data is operated, and being unable to ensure has target data
Effect operation, even results in faulty operation, in addition, also ensure that the safety of the data in shared data bank to the full extent, from
And avoid data of multiple systems when being operated to the data in shared data bank in shared data bank and leaked,
In, which is the peculiar data of the common data or any system in multiple systems.
In the above-mentioned technical solutions, it is preferable that further include:Multiple any systems are received to the target when simultaneously
When the operational order of data, if the judging result is no, allow the highest mesh of safe class in multiple any systems
Mark system operates the target data, and forbids the system pair except goal systems described in multiple any systems
The target data is operated.
In the technical scheme, when terminal receives operational order of multiple any systems to target data simultaneously, and
There is no other any systems to be operated to target data, then allows the highest mesh of safe class in multiple any systems
Mark system operates target data, forbids system lower than the safe class of goal systems in multiple any systems to target
Data are operated, and not only ensure that the same time only allows a system in multiple systems to operate target data,
To ensure that the safety of the data in shared data bank to the full extent, also make the higher System Priority operation of safe class
The permission of target data in shared data bank.
In the above-mentioned technical solutions, it is preferable that before step 102, further include:It, will according to the store instruction received
Common data in the multiple system is stored in the shared data bank.
In the technical scheme, since multiple systems in the related technology are independent from each other, and multiple systems is each
From database be also independent from each other, resulted in the data in the respective database of multiple systems be repeat, for example,
It is empty thus to waste storage for the correlative connection mode for having the same contact person and the contact person in address list in multiple systems
Between, and the respective database for managing multiple systems is also pretty troublesome, for example, data move between the database of multiple systems
During, since the safe class of system is different, data movement may be prohibited, cause data multiple systems data
Movement is pretty troublesome between library, therefore, in any system in receiving multiple systems in the shared data bank of multiple systems
Before the operational order of target data, also according to the store instruction received, the common data in multiple systems is stored in altogether
It enjoys in database, then multisystem can co-operate the common data in shared data bank, and it is weight to avoid the data in multisystem
Multiple, the memory space of multisystem is not only saved, is also convenient for being managed the common data in shared data bank, improve
The convenience of management.
In the above-mentioned technical solutions, it is preferable that the operational order includes:Read operation instruction or write operation instruction;And
The data manipulation method further includes:According to the setting command received, safe class in the multiple system is allowed to be higher than in advance
If the appointing system of safe class is configured the security attribute of the target data, to forbid safety in the multiple system
Grade is less than reading and/or write permission of the system of the default safe class to the target data.
In the technical scheme, any system includes but unlimited to the operational order of the target data in shared data bank
In:Read operation instruction or write operation instruction allow safety in multiple systems furthermore it is also possible to according to the setting command received
The appointing system that grade is higher than default safe class is configured the security attribute of target data, to forbid in multiple systems
Safe class is less than reading and/or write permission of the system of default safe class to target data, further increases shared number
According to the safety of the data in library, prevent the system that safe class is less than default safe class from arbitrarily being grasped into row write to target data
Work or read-write operation, in addition, the appointing system that safe class is higher than default safe class can also be as needed to target data
Security attribute modify, and after the security attribute of target data is set, is equivalent to and peace be added to target data
All mark, the target data are secure data, and the system that such safe class is less than default safe class just can not be arbitrarily right
Target data carries out write operation or read-write operation.
In the above-mentioned technical solutions, it is preferable that when the appointing system does not carry out the security attribute of the target data
When setting, each system in the multiple system has reading and write permission to the target data.
In the technical scheme, when appointing system is not configured the security attribute of target data, the target data
It is not just secure data, systems all so can carry out read and write operation to the target data.
Fig. 2 shows the flow diagrams of data manipulation method according to another embodiment of the invention.
As shown in Fig. 2, (in this embodiment, terminal is data manipulation method according to another embodiment of the invention
Mobile phone is equipped with dual system, the i.e. lower modular system of safe class and the higher security system of safe class on mobile phone), packet
It includes:
Step 202, criterion system (or security system) to target data (can be understood as shared data) whether into
Row write operation (corresponds to write operation to instruct), when judging result is to be, that is, receives the write operation instruction of goal systems, enters
Step 204, when judging result is no, that is, the read operation instruction to target data is received, dual system can be simultaneously to target
Data carry out read operation, enter step 206.
Step 204, judge whether security system (or modular system) is carrying out write operation to target data, i.e., whether obtain
The lock for getting target data write operation enters step 208 when judging result is no, when judging result is to be, terminates data
The flow of operating method continues waiting for until security system (or modular system) terminates the write operation to target data.
Step 206, it is instructed according to the read operation to target data received, number of targets is read in shared data bank
According to.
Step 208, it is instructed according to the write operation to target data received, target data is write in shared data bank.
Step 210, judge whether terminate to the write operation of target data, when judging result is to be, enter step 212,
When judging result is no, target data is write in continuation in shared data bank, enters step 208.
Step 212, the lock of write operation is discharged, so that the security system (or modular system) in dual system is in shared data bank
In can carry out write operation.
Fig. 3 shows the structural schematic diagram of data operation device according to an embodiment of the invention.
As shown in figure 3, data operation device 300 according to an embodiment of the invention, for being equipped with multiple systems
Terminal, including:Judging unit 302 and processing unit 304, the judging unit 302 are used for:Receiving the multiple system
In any system to the operational order of the target data in the shared data bank of the multiple system when, judge whether it
He operates the target data any system;Processing unit 304 is used for:When the determination result is yes, forbid institute
Any system is stated to operate the target data according to the operational order;Otherwise, allow any system according to institute
It states operational order to operate the target data, wherein other described any systems are in the multiple system except described
Any system except any system.
In the technical scheme, when terminal receives shared data bank of any system in multiple systems to multiple systems
In target data operational order when, at this point, if other any systems operate target data, forbid appointing
One system operates target data according to operational order, if other any systems do not operate target data,
Any system is then allowed to be operated to target data according to operational order, to ensure that multiple systems of same time to shared
The operation of target data in database is mutual exclusion, i.e., the same time only allows a system in multiple systems to number of targets
According to being operated, it thus is avoided that multiple systems while target data is operated, and being unable to ensure has target data
Effect operation, even results in faulty operation, in addition, also ensure that the safety of the data in shared data bank to the full extent, from
And avoid data of multiple systems when being operated to the data in shared data bank in shared data bank and leaked,
In, which is the peculiar data of the common data or any system in multiple systems.
In the above-mentioned technical solutions, it is preferable that further include:The processing unit 304 is additionally operable to:It is multiple when receiving simultaneously
When any system is to the operational order of the target data, if the judging result is no, allow multiple described any
The highest goal systems of safe class operates the target data in system, and forbids institute in multiple any systems
The system except goal systems is stated to operate the target data.
In the technical scheme, when terminal receives operational order of multiple any systems to target data simultaneously, and
There is no other any systems to be operated to target data, then allows the highest mesh of safe class in multiple any systems
Mark system operates target data, forbids system lower than the safe class of goal systems in multiple any systems to target
Data are operated, and not only ensure that the same time only allows a system in multiple systems to operate target data,
To ensure that the safety of the data in shared data bank to the full extent, also make the higher System Priority operation of safe class
The permission of target data in shared data bank.
In the above-mentioned technical solutions, it is preferable that further include:Storage unit 306, appointing in receiving the multiple system
Before one system is to the operational order of the target data in the shared data bank of the multiple system, referred to according to the storage received
It enables, the common data in the multiple system is stored in the shared data bank.
In the technical scheme, since multiple systems in the related technology are independent from each other, and multiple systems is each
From database be also independent from each other, resulted in the data in the respective database of multiple systems be repeat, for example,
It is empty thus to waste storage for the correlative connection mode for having the same contact person and the contact person in address list in multiple systems
Between, and the respective database for managing multiple systems is also pretty troublesome, for example, data move between the database of multiple systems
During, since the safe class of system is different, data movement may be prohibited, cause data multiple systems data
Movement is pretty troublesome between library, therefore, in any system in receiving multiple systems in the shared data bank of multiple systems
Before the operational order of target data, also according to the store instruction received, the common data in multiple systems is stored in altogether
It enjoys in database, then multisystem can co-operate the common data in shared data bank, and it is weight to avoid the data in multisystem
Multiple, the memory space of multisystem is not only saved, is also convenient for being managed the common data in shared data bank, improve
The convenience of management.
In the above-mentioned technical solutions, it is preferable that the operational order includes:Read operation instruction or write operation instruction;And
The data operation device 300 further includes:Setting unit 308 allows according to the setting command received in the multiple system
The appointing system that safe class is higher than default safe class is configured the security attribute of the target data, described to forbid
Safe class is less than reading and/or write permission of the system of the default safe class to the target data in multiple systems.
In the technical scheme, any system includes but unlimited to the operational order of the target data in shared data bank
In:Read operation instruction or write operation instruction allow safety in multiple systems furthermore it is also possible to according to the setting command received
The appointing system that grade is higher than default safe class is configured the security attribute of target data, to forbid in multiple systems
Safe class is less than reading and/or write permission of the system of default safe class to target data, further increases shared number
According to the safety of the data in library, prevent the system that safe class is less than default safe class from arbitrarily being grasped into row write to target data
Work or read-write operation, in addition, the appointing system that safe class is higher than default safe class can also be as needed to target data
Security attribute modify, and after the security attribute of target data is set, is equivalent to and peace be added to target data
All mark, the target data are secure data, and the system that such safe class is less than default safe class just can not be arbitrarily right
Target data carries out write operation or read-write operation.
In the above-mentioned technical solutions, it is preferable that when the appointing system does not carry out the security attribute of the target data
When setting, each system in the multiple system has reading and write permission to the target data.
In the technical scheme, when appointing system is not configured the security attribute of target data, the target data
It is not just secure data, systems all so can carry out read and write operation to the target data.
Fig. 4 shows the structural schematic diagram of terminal according to an embodiment of the invention.
As shown in figure 4, terminal 400 according to an embodiment of the invention, including described in any of the above-described technical solution
Data operation device 300.
In the technical scheme, multisystem can co-operate the common data in shared data bank, avoid in multisystem
Data be repeat, not only save the memory space of multisystem, be also convenient for in shared data bank common data carry out
Management.In addition, the same time only allows a system in multiple systems to operate target data, in this way utmostly
On ensure that the safety of data in shared data bank, carried out to the data in shared data bank so as to avoid multiple systems
Data when operation in shared data bank are leaked, and then improve the safety of terminal 400.
Fig. 5 shows the theory structure schematic diagram of data operation device according to an embodiment of the invention.
As shown in figure 5, (in this embodiment, terminal is data operation device 300 according to an embodiment of the invention
Mobile phone is equipped with dual system, the i.e. lower modular system of safe class and the higher security system of safe class on mobile phone), packet
It includes:Security system, modular system and shared data bank.Wherein, there is self contained data base in security system, also have in modular system solely
Vertical database, security system and modular system share shared data bank, and security system and standard are stored in shared data bank
The common data of system, security system and modular system can to the common data in shared data bank carry out read operation and/or
Write operation.It is of course also possible to according to user to the real-time requirement of mobile phone, security system and modular system can be to all databases
Shared, can also only shared part database.
Fig. 6 shows the theory structure schematic diagram of data operation device according to another embodiment of the invention.
As shown in fig. 6,300 (in this embodiment, terminal of data operation device according to another embodiment of the invention
For mobile phone, dual system, the i.e. lower modular system of safe class and the higher security system of safe class are installed on mobile phone),
Including:Modular system, security system and shared data bank, the following detailed description of data operation device 300:
The data of shared data bank part can be changed by dual system, but since this partial data also belongs to safe system
System reduces the safety of data in a sense, for example address list is put into inside shared data bank by we,
Modular system can also access and change address list, but security system requires its contact person that cannot be repaiied by modular system sometimes
Change, the safety for ensureing data.
In order to ensure the data safety of the security system in shared data bank, the security attribute to shared data can be passed through
It is configured, specially:Shared data is marked, such as label is √ " in shared data, and is marked as pacifying
System-wide data, modular system haves no right to access or only part permission is accessed as there was only read right, in maximum journey
The safety of data is protected on degree.
In the above-mentioned technical solutions, the data in shared data bank are divided into the data that two class one kind are labeled, a kind of
For not labeled data.For not labeled data, two systems have access limit to it.For labeled data
Belong to the data of security system, security system has it reading and write permission, modular system to only have read right, certainly, may be used also to it
According to the real-time requirement to mobile phone, to keep security system and modular system different to the permission of the data in shared data bank.
Fig. 7 shows the schematic diagram according to an embodiment of the invention that contact attribute is arranged in the security system.
As shown in fig. 7, the schematic diagram according to an embodiment of the invention that contact person is arranged in the security system, Fig. 8
Show the schematic diagram that contact person is set in the security system according to another embodiment of the invention;Fig. 9 shows basis
The schematic diagram that contact person is set in the security system of another embodiment of the present invention.
Below in conjunction with Fig. 7 to Fig. 9 technical solutions that the present invention will be described in detail, (in this embodiment, terminal is mobile phone, hand
Dual system, the i.e. lower modular system of safe class and safe class higher security system are installed) on machine:
The public contact person of dual system is put into shared data bank, but only security system has the modification contact person's
Permission (as shown in Figure 7), i.e., only security system can be configured the security attribute of contact person, become secure relationship
People, and as after secure relationship people, secure relationship people information will there are one mark " √ ".
After secure relationship people is marked in security system, the specifying information of the contact person can only be shown in security system
In (as shown in Figure 8), and in modular system only have contact person simple information (such as name), do not show the specifying information of contact person
(as shown in Figure 9), and the permission that security system can modify to the security attribute of the associated person information;Certainly, to safety
After contact person is marked, i.e., after being configured to its security attribute, the permission of modular system can also be read-only authority, complete
Labeled secure relationship people's information is checked entirely entirely, only no write permission, and security system is to secure relationship people
Information has reading and write permission.
Technical scheme of the present invention is described in detail above in association with attached drawing, in the memory space and simplification for saving multisystem
While being managed to the data of multisystem, the peace of the data in shared data bank can also ensure that the full extent
Entirely.
In the present invention, term " first ", " second " are only used for the purpose described, are not understood to indicate or imply phase
To importance;Term " multiple " indicates two or more.It for the ordinary skill in the art, can be according to tool
Body situation understands the concrete meaning of above-mentioned term in the present invention.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (9)
1. a kind of data manipulation method, the terminal for being equipped with multiple systems, which is characterized in that including:
In any system in receiving the multiple system to the target data in the shared data bank of the multiple system
When operational order, judge whether that other any systems operate the target data;
When the determination result is yes, any system is forbidden to be operated to the target data according to the operational order;
Otherwise, any system is allowed to be operated to the target data according to the operational order, wherein described other are any
System is any system in addition to any system in the multiple system;
The operational order includes:Read operation instruction or write operation instruction;And
The data manipulation method further includes:
According to the setting command received, safe class in the multiple system is allowed to be higher than the appointing system for presetting safe class
The security attribute of the target data is configured, to forbid safe class in the multiple system to be less than the default safety
Reading and/or write permission of the system of grade to the target data.
2. data manipulation method according to claim 1, which is characterized in that further include:
When receiving operational order of multiple any systems to the target data simultaneously, if the judging result is
It is no, then allow the highest goal systems of safe class in multiple any systems to operate the target data, and prohibit
Only the system except goal systems described in multiple any systems operates the target data.
3. data manipulation method according to claim 1, which is characterized in that
In any system in receiving the multiple system to the target data in the shared data bank of the multiple system
Before operational order, further include:
According to the store instruction received, the common data in the multiple system is stored in the shared data bank.
4. data manipulation method according to claim 1, which is characterized in that
When the appointing system is not configured the security attribute of the target data, each system in the multiple system
System has reading and write permission to the target data.
5. a kind of data operation device, the terminal for being equipped with multiple systems, which is characterized in that including:
Judging unit, in any system in receiving the multiple system to the mesh in the shared data bank of the multiple system
When marking the operational order of data, judge whether that other any systems operate the target data;
Processing unit forbids any system according to the operational order to the target data when the determination result is yes
It is operated;Otherwise, any system is allowed to be operated to the target data according to the operational order, wherein institute
It is any system in the multiple system in addition to any system to state other any systems;
The operational order includes:Read operation instruction or write operation instruction;And
The data operation device further includes:
Setting unit allows safe class in the multiple system to be higher than default safe class according to the setting command received
Appointing system the security attribute of the target data is configured, to forbid in the multiple system safe class to be less than institute
State reading and/or write permission of the system of default safe class to the target data.
6. data operation device according to claim 5, which is characterized in that further include:
The processing unit is additionally operable to:
When receiving operational order of multiple any systems to the target data simultaneously, if the judging result is
It is no, then allow the highest goal systems of safe class in multiple any systems to operate the target data, and prohibit
Only the system except goal systems described in multiple any systems operates the target data.
7. data operation device according to claim 5, which is characterized in that further include:
Storage unit, in any system in receiving the multiple system to the mesh in the shared data bank of the multiple system
Before the operational order for marking data, according to the store instruction received, the common data in the multiple system is stored in institute
It states in shared data bank.
8. data operation device according to claim 5, which is characterized in that
When the appointing system is not configured the security attribute of the target data, each system in the multiple system
System has reading and write permission to the target data.
9. a kind of terminal, which is characterized in that including:Data operation device as described in any one of claim 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510098384.XA CN105631350B (en) | 2015-03-05 | 2015-03-05 | Data manipulation method, data operation device and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510098384.XA CN105631350B (en) | 2015-03-05 | 2015-03-05 | Data manipulation method, data operation device and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105631350A CN105631350A (en) | 2016-06-01 |
| CN105631350B true CN105631350B (en) | 2018-07-24 |
Family
ID=56046271
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510098384.XA Active CN105631350B (en) | 2015-03-05 | 2015-03-05 | Data manipulation method, data operation device and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105631350B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106056000B (en) * | 2016-06-24 | 2019-12-24 | 北京奇虎科技有限公司 | Mobile device storage partition configuration method and device based on system permission |
| CN106156314B (en) * | 2016-06-30 | 2019-09-20 | 珠海市魅族科技有限公司 | A kind of data manipulation method and device, data search method and device |
| CN115394392B (en) * | 2022-08-31 | 2023-06-20 | 西安交通大学 | Medical data sharing system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1913412A (en) * | 2006-07-31 | 2007-02-14 | 杭州华为三康技术有限公司 | Queue access method and device |
| CN101650646A (en) * | 2009-09-22 | 2010-02-17 | 杭州华三通信技术有限公司 | Method and device for realizing shared data consistency |
| CN103345482A (en) * | 2013-06-20 | 2013-10-09 | 上海爱数软件有限公司 | Network storage system and file access conflict processing method thereof |
| CN103778208A (en) * | 2014-01-15 | 2014-05-07 | 广州普邦园林股份有限公司 | Method for cooperating working directory or document access and system thereof |
-
2015
- 2015-03-05 CN CN201510098384.XA patent/CN105631350B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1913412A (en) * | 2006-07-31 | 2007-02-14 | 杭州华为三康技术有限公司 | Queue access method and device |
| CN101650646A (en) * | 2009-09-22 | 2010-02-17 | 杭州华三通信技术有限公司 | Method and device for realizing shared data consistency |
| CN103345482A (en) * | 2013-06-20 | 2013-10-09 | 上海爱数软件有限公司 | Network storage system and file access conflict processing method thereof |
| CN103778208A (en) * | 2014-01-15 | 2014-05-07 | 广州普邦园林股份有限公司 | Method for cooperating working directory or document access and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105631350A (en) | 2016-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6385639B1 (en) | Device and method of controlling intergroup resource utilization | |
| EP2071504B1 (en) | Sensitive information management | |
| CN102254124B (en) | A kind of information of mobile terminal security protection system and method | |
| CN105631350B (en) | Data manipulation method, data operation device and terminal | |
| US20120149331A1 (en) | Method and system for remote control of smart card | |
| CN105138310B (en) | A kind of concurrent access control method and system | |
| CN103345482A (en) | Network storage system and file access conflict processing method thereof | |
| CN103065100A (en) | Container-based method of users to protect private data | |
| CN103544446B (en) | The method and apparatus that document is demarcated level of confidentiality | |
| CN104902074B (en) | A kind of mobile phone information safety management method based on more permission modes | |
| CN104008345A (en) | Method and device for protecting user privacy data of application program | |
| CN109923547B (en) | Program behavior monitoring device, distributed object generation management device, storage medium, and program behavior monitoring system | |
| US20140223571A1 (en) | Programmable display | |
| CN111142480A (en) | Safety communication method and system for process control station and distributed control system | |
| CN106534102A (en) | Device access method and device and electronic device | |
| CN103778379A (en) | Managing application execution and data access on a device | |
| CN107180201A (en) | The creation method and device of private space | |
| JP3420761B2 (en) | A secure way to load multiple applications on a microprocessor memory card | |
| CN112070940B (en) | Access control authorization method, access control release method, device, access control controller and medium | |
| CN105516500A (en) | Method and system for selecting device mode | |
| CN103440465A (en) | Mobile storage medium safety control method | |
| CN109032798A (en) | A kind of Power quality management system shared drive lock control method | |
| CN112051944B (en) | Method and device for mutually switching personal space and working space on android device | |
| CN101231599A (en) | Method overwriting orientation specified main memory | |
| CN103078926A (en) | Method and device as well as system for file accessing of distributed storage system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220424 Address after: 330000 room 106, building 1, science and technology production, standard workshop, industrial park, No. 4368, Jingkai Avenue, Nanchang Economic and Technological Development Zone, Nanchang City, Jiangxi Province Patentee after: Nanchang Kupai Zhongying Intelligent Technology Co.,Ltd. Address before: 710065 block a, No. 8, Tangyan South Road, high tech Zone, Xi'an, Shaanxi Province Patentee before: XI'AN KUPAI SOFTWARE TECHNOLOGY Co.,Ltd. |