CN106462697A

CN106462697A - Auxiliary service management method and apparatus

Info

Publication number: CN106462697A
Application number: CN201680000855.1A
Authority: CN
Inventors: 伍亮雄; 刘海涛; 刘鸣
Original assignee: Beijing Xiaomi Mobile Software Co Ltd
Current assignee: Beijing Xiaomi Mobile Software Co Ltd
Priority date: 2016-09-09
Filing date: 2016-09-09
Publication date: 2017-02-22
Anticipated expiration: 2036-09-09
Also published as: CN106462697B; WO2018045564A1

Abstract

The embodiments of the invention provide an auxiliary service management method and apparatus and relates to the field of information safety. The method includes the following steps: if application requirements authorized by an auxiliary service is satisfied, displaying an authorization management interface of the auxiliary service, the authorization management interface including identification of an object application program which is an application program that is filtered by a blacklist and/or whitelist corresponding to the auxiliary service, wherein the authorization management interface is intended for a user to grant a user interface authorized by the auxiliary service to the object application program; addressing malicious operation by a malicious application program through the function of simulating clicks without knowledge of the user following the application for authorization of the auxiliary service from an Android system. The method and apparatus can filter the application program, shields identification of malicious application program, prevents the user from imparting the authorization provided by the auxiliary service to the malicious application program, thus improving the safety of an operation system.

Description

Assistant service management method and device

Technical field

The present embodiments relate to information security field, more particularly to a kind of assistant service management method and device.

Background technology

Assistant service (accessibility service) is to be directed in android system to have obstacle crowd to be provided Service.Obstacle crowd is had to include blind person, deaf mute, there is people of physical handicaps etc..

Content of the invention

In order to correlation technique is solved the problems, such as, a kind of assistant service management method and device is embodiments provided. The technical scheme is as follows：

A kind of first aspect, there is provided assistant service management method, methods described includes：

When the application demand of authority of assistant service offer is met, show the empowerment management interface of assistant service, described Empowerment management interface includes the mark of destination application, and the destination application is corresponding black by the assistant service List list and/or white list list filtered after application program；

Wherein, the empowerment management interface is used for authorizing assistant service offer for user to the destination application Authority user interface.

In one embodiment, methods described also includes：

First the application list is obtained, described first the application list includes the mark of at least one first application programs Know, first application program is the application program of the authority that the application assistant service is provided；

According to the blacklist list and/or the white list list, the mark of first application program was carried out Filter, obtains the mark of the destination application.

In one embodiment, described according to the blacklist list, the mark of first application program was carried out Filter, obtains the mark of the destination application, including：

Detect first application program identify whether belong to the blacklist list；

If the mark of first application program is not belonging to the blacklist list, by the mark of first application program Know the mark for being defined as the destination application.

In one embodiment, described according to the white list list, the mark of first application program was carried out Filter, obtains the mark of the destination application, including：

Detect first application program identify whether belong to the white list list；

If the mark of first application program belongs to the white list list, by the mark of first application program It is defined as the mark of the destination application.

In one embodiment, methods described also includes：

By authorized order of the empowerment management interface receive user to the destination application；

The authority of assistant service offer is provided to the destination application according to the authorized order.

In one embodiment, methods described also includes：

Second the application list is obtained, described second the application list includes the mark of at least one second application programs Know, second application program is the application program of the authority for having authorized assistant service offer；

According to the blacklist list and/or the white list list to described in the authorizing of second application program Authority is cancelled.

In one embodiment, described according to the blacklist list to described in the authorizing of second application program Authority is cancelled, including：

Detect second application program identify whether belong to the blacklist list；

If the mark of second application program belongs to the blacklist list, by empowerment management process to described the The authority that has authorized of two application programs is cancelled.

In one embodiment, described according to the white list list to described in the authorizing of second application program Authority is cancelled, including：

Detect second application program identify whether belong to the white list list；

If the mark of second application program is not belonging to the white list list, by empowerment management process to described The authority that has authorized of the second application program is cancelled.

In one embodiment, methods described also includes：

The destination application for the empowerment management interface being included by cloud server is configured.

In one embodiment, the destination application for the empowerment management interface being included by cloud server It is configured, including：

Rule downloads the blacklist list and/or the white list list, institute from cloud server to schedule State blacklist list and/or the white list list be in the updated list of the cloud server.

A kind of second aspect, there is provided assistant service managing device, described device includes：

Interface display module, for when the application demand of authority of assistant service offer is met, showing assistant service Empowerment management interface, the empowerment management interface includes the mark of destination application, the destination application be by institute State the corresponding blacklist list of assistant service and/or the application program after white list list is filtered；

In one embodiment, described device also includes：

First acquisition module, for obtaining first the application list, described first the application list includes at least one The mark of individual first application program, first application program is the application program of the authority that the application assistant service is provided；

First filtering module, for applying to described first according to the blacklist list and/or the white list list The mark of program is filtered, and obtains the mark of the destination application.

In one embodiment, first filtering module, including：

First detector unit, for detect first application program identify whether belong to the blacklist list；

First determining unit, if being not belonging to the blacklist list for the mark of first application program, by institute The mark for stating the first application program is defined as the mark of the destination application.

In one embodiment, first filtering module, including：

Second detector unit, for detect first application program identify whether belong to the white list list；

Second determining unit, if belonging to the white list list for the mark of first application program, will be described The mark of the first application program is defined as the mark of the destination application.

In one embodiment, described device also includes：

Command reception module, for the mandate by empowerment management interface receive user to the destination application Instruction；

Right-granting module, carries for authorizing the assistant service according to the authorized order to the destination application For authority.

In one embodiment, described device also includes：

Second acquisition module, for obtaining second the application list, described second the application list includes at least one The mark of individual second application program, second application program is the application journey of the authority for having authorized assistant service offer Sequence；

Authority cancels module, for being applied to described second according to the blacklist list and/or the white list list The authority that has authorized of program is cancelled.

In one embodiment, the authority cancels module, including：

3rd detector unit, for detect second application program identify whether belong to the blacklist list；

First cancels unit, if belonging to the blacklist list for the mark of second application program, by awarding Power managing process is cancelled to the authority that has authorized of second application program.

In one embodiment, the authority cancels module, including：

4th detector unit, for detect second application program identify whether belong to the white list list；

Second cancels unit, if being not belonging to the white list list for the mark of second application program, passes through Empowerment management process is cancelled to the authority that has authorized of second application program.

In one embodiment, described device also includes：

Setup module, the destination application for being included to the empowerment management interface by cloud server is set Put.

In one embodiment, the setup module, including：

List download unit, for rule to schedule from cloud server download the blacklist list and/or The white list list, the blacklist list and/or the white list list be in the updated row of the cloud server Table.

A kind of third aspect, there is provided assistant service managing device, including：

Processor；

For storing the memorizer of the executable instruction of the processor；

Wherein, the processor is configured to：

The beneficial effect of technical scheme provided in an embodiment of the present invention is：

By using the corresponding blacklist list of assistant service and/or white list list, application program is filtrated to get Destination application, display target application program in empowerment management interface, the application program of malice is solved to Android system After the authority of system application assistant service, asking for malicious operation is carried out in the case of user is unwitting using simulation click function Topic；Reach and application program can have been filtered, in empowerment management interface, shown the mark of the non-malicious application program after filtering Know, shield the mark of malicious application, it is to avoid user authorizes the authority of assistant service offer to malicious application, so as to carry The high effect of the safety of operating system.

Description of the drawings

For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to making needed for embodiment description Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for For those of ordinary skill in the art, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings Accompanying drawing.

Fig. 1 is a kind of schematic diagram at the miscellaneous function interface being related to provided in an embodiment of the present invention；

Fig. 2A is the flow chart of the assistant service management method that one embodiment of the invention is provided；

Fig. 2 B is the schematic diagram of the assistant service administration interface that one embodiment of the invention is provided；

Fig. 3 A is the flow chart of the assistant service management method that another embodiment of the present invention is provided；

Fig. 3 B is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 3 C is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 4 A is the flow chart of the assistant service management method that another embodiment of the present invention is provided；

Fig. 4 B is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 5 A is the flow chart of the assistant service management method that another embodiment of the present invention is provided；

Fig. 5 B is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 5 C is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 6 A is the flow chart of the assistant service management method that another embodiment of the present invention is provided；

Fig. 6 B is the schematic diagram of the assistant service administration interface that another embodiment of the present invention is provided；

Fig. 7 is the block diagram of the assistant service managing device that one embodiment of the invention is provided；

Fig. 8 is the block diagram of the assistant service managing device that another embodiment of the present invention is provided；

Fig. 9 is the structural representation of the terminal that one embodiment of the invention is provided.

Specific embodiment

For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to embodiment party of the present invention Formula is described in further detail.

Each embodiment of the present invention is applied to be illustrated in terminal with assistant service management method.Terminal can be Mobile phone, panel computer, E-book reader, MP3 player (Moving Picture Experts Group Audio Layer III, dynamic image expert's compression standard audio frequency aspect 3), MP4 (Moving Picture Experts Group Audio Layer IV, dynamic image expert's compression standard audio frequency aspect 4) player, wearable device, pocket computer on knee and platform Formula computer etc..

Alternatively, in terminal, operation has Android (ARIXTRA) operating system, abbreviation android system.The Android behaviour Assistant service (accessibility service), also referred to as miscellaneous function, Barrier-free Service, accessible work(are provided with as system Energy, accessible miscellaneous function.Interface is set in the system of android system, is typically provided with the setting interface of assistant service.Should The empowerment management interface that interface is assistant service is set.

Alternatively, multiple application programs can be run in terminal, and application program can be to the operating system application of terminal auxiliary clothes The authority that business is provided.Alternatively, assistant service is provided with the authority for realizing voice prompt function, for realizing physical feedback The authority of function, for realizing the authority of simulation click function, for realizing authority of text enlarging function etc..These authority energy Blind person or deaf mute etc. is enough helped to have use of the obstacle crowd to terminal.

After application program is to android system application to the authority of assistant service, can be provided using assistant service Various authorities.In the various authorities that assistant service is provided, there is the authority for realizing simulation click function, simulate click function It is a kind of function of being used to help blind person's click screen.After application program has for realizing the authority for simulating click function, Programmed instruction analog subscriber click signal on a user interface can be adopted, so as to shown control in control user interface Part.

As shown in figure 1, being provided with the corresponding user interface of miscellaneous function in the system setting interface of android system 100.Answering for all authorities that applies for or applied for assistant service is shown in the corresponding user interface 100 of the miscellaneous function Use program.

The application program of some malice is currently, there are to after the authority of android system application assistant service, using simulation Click function carries out malicious operation in the case of user is unwitting, and malicious operation includes：The power of user's mandate is not obtained Limit, unload system setting of competing product application program, modification operating system etc..

Fig. 2A is refer to, the interface that it illustrates the assistant service management method of one embodiment of the invention offer is illustrated Figure.The present embodiment is applied to be illustrated in terminal with the assistant service management method.The assistant service management method can To include several steps as follows：

Step 202, it is determined whether meet the application demand of the authority of assistant service；

Alternatively, application demand is that application program states predetermined code in installation package file, and the predetermined code is to use Code in the authority of application assistant service offer.

Step 204, when assistant service authority application demand is met, shows the empowerment management interface of assistant service, authorizes Administration interface includes the mark of destination application, destination application be by the corresponding blacklist list of assistant service and/ Or white list list filtered after application program；

Wherein, empowerment management interface is used for authorizing the user of the authority of assistant service offer to destination application for user Interface.

Alternatively, the mark of destination application is the bag name of destination application.

As shown in Figure 2 B, user clicks on " assistant service management " option in " more settings " interface 200, enters auxiliary clothes Business administration interface 210, when the application demand of authority of assistant service offer is met, shows in assistant service administration interface 210 The mark 003 of the mark 002, application program of the mark 001, application program of application program and the mark 004 of application program.Application The mark 004 of the mark 003 of the mark 002, application program of the mark 001, application program of program and application program be by auxiliary Application program after helping the corresponding blacklist list of service and/or white list list to be filtered.

In sum, the assistant service management method that the present embodiment is provided, by using the corresponding blacklist of assistant service List and/or white list list carry out being filtrated to get destination application to application program, show mesh in empowerment management interface Mark application program, is solved the application program of malice to after the authority of android system application assistant service, is clicked on using simulation Function carries out the problem of malicious operation in the case of user is unwitting；Reach and application program can have been filtered, authorized Show the mark of the non-malicious application program after filtering in administration interface, shield the mark of malicious application, it is to avoid user couple Malicious application authorizes the authority of assistant service offer, so as to improve the effect of the safety of operating system.

Fig. 3 A is refer to, the flow chart that the assistant service management method of another embodiment of the present invention offer is provided. The present embodiment is applied to be illustrated in terminal with the assistant service management method.The assistant service management method can be wrapped Include several steps as follows：

Step 301, terminal receives trigger；

Alternatively, the trigger be for showing the signal at the empowerment management interface of assistant service.

Step 302, terminal obtains the corresponding blacklist list of assistant service；

Alternatively, terminal is previously stored with blacklist list, and the blacklist list is stored with the mark of malicious application. Malicious application is the program for executing malicious operation using the authority that assistant service is provided.

The mark of application program is used for the unique mark application program.Alternatively, the mark of application program is application program Bag name (packet name).

Step 303, terminal obtains first the application list, and first the application list includes at least one first applications The mark of program, the first application program is the application program of the authority for applying for assistant service offer.

Assistant service is the service in android system for there is obstacle crowd to be provided.

The first application program in first the application list states predetermined code in installation package file, the predetermined generation Code be for apply for assistant service provide authority code.Alternatively, android system is by calling AccessibilityManager.getInstalledAccessibilityServiceLis t () function come obtain first should Use program listing.

The first application program in first the application list typically not yet applies for the authority for providing to assistant service Application program, or authorized assistant service offer authority application program (such as in the older version of operating system Obtain in this and authorize).

As shown in Figure 3 B, first the application list L01 includes the mark A of the first application program, the first application program Mark B, the mark C of the first application program, the mark D of the first application program, mark E of the first application program and the first application journey Mark F of sequence.

Step 304, terminal detect the first application program identify whether belong to blacklist list.

Blacklist list includes the mark of malicious application.

As shown in Figure 3 B, blacklist list includes the mark of malicious application：Mark B of the first application program and Mark E of one application program.

Alternatively, blacklist list is previously stored with terminal, or, terminal downloads blacklist list from server. Alternatively, blacklist list is updated according to prefixed time interval.

Alternatively, the mark of the first application program in the first list of application of terminal-pair is traveled through, and detection first is applied The identifying whether of program belongs to blacklist list.

Step 305, if the mark of the first application program is not belonging to blacklist list, terminal is then by the mark of the first application program Know the mark for being defined as destination application.

Destination application is the application program after being filtered by the corresponding blacklist list of assistant service.Target should It is the application program of non-malicious with program.

As shown in Figure 3 B, terminal through traversal draw the mark A of the first application program, mark C of the first application program, the Mark F of the mark D of one application program and the first application program is not belonging to blacklist list, and terminal is by the mark of the first application program Know A, the mark C of the first application program, the mark D of the first application program and mark F of the first application program to be defined as target and answer Mark with program.

Step 306, terminal shows the empowerment management interface of assistant service；Empowerment management interface includes destination application Mark；

Destination application is the application program after being filtered by the corresponding blacklist list of assistant service；Wherein, Empowerment management interface is used for authorizing the user interface of the authority of assistant service offer to destination application for user.

Alternatively, terminal is shielded and does not show the mark of the first application program for belonging to blacklist list.

As shown in Figure 3 B, terminal shows the empowerment management interface 300 of assistant service, and empowerment management interface 300 includes the The mark A of one application program, mark C, the mark D of the first application program of the first application program and the mark of the first application program F.Terminal is shielded and does not show the mark B of the first application program and mark E of the first application program.

After terminal shows empowerment management interface, user can carry out associative operation step according to the guiding at empowerment management interface Suddenly, as follows：

Step 307, terminal passes through authorized order of the empowerment management interface receive user to destination application.

User clicks on the management button triggering authorized order for providing in empowerment management interface, and terminal receive user should to target Authorized order with program.

As shown in Figure 3 C, user clicks on mark A of the first application program in empowerment management interface 300, and entering first should With the corresponding interface 003 of mark A of program, empowerment management button a in interface 003, is provided, user clicks on the empowerment management button A, triggering terminal is authorized to mark A of the first application program.The mandate is directed to the first application program and authorizes assistant service The authority of offer.

Alternatively, authorized order is used for authorizing and opens authority or cancel authority.

Step 308, terminal authorizes the authority of assistant service offer according to authorized order to destination application.

Such as, terminal authorizes the authority of " installing automatically redaction from this " to game application.From this, the game application Program has the function of realizing installing automatically redaction using simulation click function.

It should be noted that the list that blacklist list is terminal inner to be prestored, or, blacklist list is high in the clouds The list that collects in server and constantly update.

Step 309, terminal to schedule rule from cloud server download blacklist list, blacklist list be The updated list of cloud server.

Alternatively, scheduled time rule includes Fixed Time Interval and/or not Fixed Time Interval.

The blacklist list that terminal is downloaded using cloud server is updated to existing blacklist list.

In sum, the assistant service management method that the present embodiment is provided, in the mistake of the authority of application assistant service offer Cheng Zhong, carries out being filtrated to get destination application to application program by using the corresponding blacklist list of assistant service, is awarding Display target application program in power administration interface, solves the application program of malice to android system application assistant service The problem of malicious operation after authority, is carried out in the case of user is unwitting using simulation click function；Reach and can correspond to Filtered with program, in empowerment management interface, shown the mark of the non-malicious application program after filtering, shielded malicious application journey The mark of sequence, it is to avoid user authorizes the authority of assistant service offer to malicious application, so as to improve the peace of operating system The effect of full property.

In addition, being updated to blacklist list also by cloud server, the essence of shielding malicious application is improve Exactness.

Fig. 4 A is refer to, the flow chart that the assistant service management method of another embodiment of the present invention offer is provided. The present embodiment is applied to be illustrated in terminal with the assistant service management method.The assistant service management method can be wrapped Include several steps as follows：

Step 401, terminal receives trigger；

Step 402, terminal obtains the corresponding white list list of assistant service；

Alternatively, terminal is previously stored with white list list, and the white list list is stored with the mark of non-malicious application program Know.Non-malicious application program is the program for executing normal operating using the authority that assistant service is provided.

Step 403, terminal obtains first the application list, and first the application list includes at least one first applications The mark of program, the first application program is the application program of the authority for applying for assistant service offer.

As shown in Figure 4 B, first the application list L02 includes the mark X of the first application program, the first application program Mark Y, the mark Z of the first application program, the mark O of the first application program, mark P of the first application program and the first application journey Mark Q of sequence.

Step 404, terminal detect the first application program identify whether belong to white list list.

White list list includes the mark of non-malicious application program.

As shown in Figure 4 B, white list list includes the mark of non-malicious application program：Mark X of the first application program, The mark Y of the first application program, the mark Z of the first application program, mark O of the first application program.

Alternatively, white list list is previously stored with terminal, or, terminal downloads white list list from server. Alternatively, white list list is updated according to prefixed time interval.

Alternatively, the mark of the first application program in the first list of application of terminal-pair is traveled through, and detection first is applied The identifying whether of program belongs to white list list.

Step 405, if the mark of the first application program belongs to white list list, terminal is then by the mark of the first application program It is defined as the mark of destination application.

Destination application is the application program after being filtered by the corresponding white list list of assistant service.

As shown in Figure 4 B, terminal through traversal draw the mark X of the first application program, mark Y of the first application program, the The mark Z of one application program, mark O of the first application program belong to white list list.Terminal is then by the mark of the first application program Knowledge X, the mark Y of the first application program, the mark Z of the first application program, mark O of the first application program are defined as intended application The mark of program.

Step 406, terminal shows the empowerment management interface of assistant service, and empowerment management interface includes destination application Mark；

Destination application is the application program after being filtered by the corresponding white list list of assistant service；Wherein, Empowerment management interface is used for authorizing the user interface of the authority of assistant service offer to destination application for user.

Alternatively, terminal is shielded and does not show the mark of the first application program for being not belonging to white list list.

As shown in Figure 4 B, terminal shows the empowerment management interface 400 of assistant service, and empowerment management interface 400 includes the The mark X of one application program, the mark Y of the first application program, the mark Z of the first application program, the mark of the first application program O.Terminal is shielded and does not show the mark P of the first application program and mark Q of the first application program.

Step 407, terminal passes through authorized order of the empowerment management interface receive user to destination application.

User clicks on the management button triggering authorized order for providing in empowerment management interface, and terminal receive user should to target Authorized order with program.The mandate is directed to the authority that the first application program authorizes assistant service offer.

Step 408, terminal authorizes the authority of assistant service offer according to authorized order to destination application.

It should be noted that the list that white list list is terminal inner to be prestored, or, white list list is high in the clouds The list that collects in server and constantly update.

Step 409, terminal to schedule rule from cloud server download white list list, white list list be The updated list of cloud server.

The white list list that terminal is downloaded using cloud server is updated to existing white list list.

In sum, the assistant service management method that the present embodiment is provided, in the mistake of the authority of application assistant service offer Cheng Zhong, carries out being filtrated to get destination application to application program by using the corresponding white list list of assistant service, is awarding Display target application program in power administration interface, solves the application program of malice to android system application assistant service The problem of malicious operation after authority, is carried out in the case of user is unwitting using simulation click function；Reach and can correspond to Filtered with program, in empowerment management interface, shown the mark of the non-malicious application program after filtering, shielded malicious application journey The mark of sequence, it is to avoid user authorizes the authority of assistant service offer to malicious application, so as to improve the peace of operating system The effect of full property.

In addition, being updated to white list list also by cloud server, the essence of shielding malicious application is improve Exactness.

Fig. 5 A is refer to, the flow chart that the assistant service management method of another embodiment of the present invention offer is provided. The present embodiment is applied to be illustrated in terminal with the assistant service management method.The assistant service management method can be wrapped Include several steps as follows：

Step 501, after OTA upgrading, terminal obtains the corresponding blacklist list of assistant service.

After OTA (Over-the-Air Technology, space download technology) upgrading, terminal is obtained from OTA AKU The corresponding blacklist list of assistant service.

Blacklist list is stored with the mark of malicious application.Malicious application is the power for being provided using assistant service Limit executes the program of malicious operation.

Step 502, terminal obtains second the application list, and second the application list includes at least one second applications The mark of program, the second application program is the application program of the authority for having authorized assistant service offer.

The second application program in second the application list has typically authorized answering for the authority of assistant service offer (obtained such as in the older version of operating system and authorize) with program.

Such as, the second application program V of " installing automatically redaction from this " authority has been awarded.

As shown in Figure 5 B, second the application list L03 includes the mark K of the second application program, the second application program Mark J, the mark H of the second application program and mark G of the second application program.

Step 503, terminal detect the second application program identify whether belong to blacklist list.

Blacklist list includes the mark of malicious application.As shown in Figure 5 B, blacklist list includes that malice should Mark with program：Mark G of the second application program.

Alternatively, the mark of the second application program in the second list of application of terminal-pair is traveled through, and detection second is applied The identifying whether of program belongs to blacklist list.

Step 504, if the mark of the second application program belongs to blacklist list, terminal is then by empowerment management process to the The authority that has authorized of two application programs is cancelled.

Carry out cancellation and refer to that second application program no longer has authorizing to the authority that has authorized of the second application program Authority.Such as, the second application program G has authority " installing automatically redaction from this ", after cancelling the authority that has authorized, then Second application program G no longer has the authority of " installing automatically redaction from this ".

If the mark of the second application program is not belonging to blacklist list, terminal then keep to be not belonging to blacklist list The mandate of two application programs.

As shown in Figure 5 B, through traversal, terminal show that mark G of the second application program belongs to blacklist list, cancels second The authority that application program G has been authorized.Terminal keeps the second application program K, the awarding of the second application program J and the second application program H Power.Management terminal terminal shows the empowerment management interface 500 of assistant service, and empowerment management interface 500 includes the second application journey Mark K, the mark J of the second application program of sequence and mark H of the second application program.Management terminal terminal is shielded and does not show the Mark G of two application programs.

Again than as shown in Figure 5 C, former empowerment management interface 005 includes mark K of the second application program, the second application journey Mark J, the mark H of the second application program of sequence and mark G of the second application program, after cancelling the authority of the second application program G, Empowerment management interface 500 includes mark K, the mark J of the second application program and second application program of the second application program Mark H.

The present embodiment can be combined enforcement with above-mentioned Fig. 2A, Fig. 3 A and Fig. 4 A illustrated embodiment.

In sum, the assistant service management method that the present embodiment is provided, by using the corresponding blacklist of assistant service List is carried out being filtrated to get destination application to the application program for authorizing the authority of assistant service offer, in empowerment management circle Display target application program in face, solves the application program of malice to after the authority of android system application assistant service, makes The problem of malicious operation is carried out in the case of user is unwitting with simulation click function；Having reached can be to authorizing auxiliary clothes The application program of the authority that business is provided is filtered, and cancels the authority of the application program for belonging to blacklist list, empowerment management circle Show the mark of the non-malicious application program after filtering in face, shield the mark of malicious application, it is to avoid user should to malice The authority of assistant service offer is authorized with program, so as to improve the effect of the safety of operating system.

Fig. 6 A is refer to, the flow chart that the assistant service management method of another embodiment of the present invention offer is provided. The present embodiment is applied to be illustrated in terminal with the assistant service management method.The assistant service management method can be wrapped Include several steps as follows：

Step 601, after OTA upgrading, terminal obtains the corresponding white list list of assistant service.

After OTA (Over-the-Air Technology, space download technology) upgrading, terminal is obtained from OTA AKU The corresponding white list list of assistant service.

White list list is stored with the mark of non-malicious application program.Non-malicious application program is provided using assistant service Authority execute normal operating program.

Step 602, terminal obtains second the application list, and second the application list includes at least one second applications The mark of program, the second application program is the application program of the authority for having authorized assistant service offer.

As shown in Figure 6B, second the application list L04 includes the mark W of the second application program, the second application program Mark I, mark U, the mark T of the second application program of the second application program and mark R of the second application program.

Step 603, terminal detect the second application program identify whether belong to white list list.

White list list includes the mark of non-malicious application program.As shown in Figure 6B, white list list includes non-malicious The mark of application program：Mark U, the mark T of the second application program of the second application program and mark R of the second application program.

Step 604, if the mark of the second application program is not belonging to white list list, terminal then passes through empowerment management process pair The authority that has authorized of the second application program is cancelled.

If the mark of the second application program belongs to white list list, terminal then keep to belong to white list list second should Mandate with program.

As shown in Figure 6B, mark I that terminal draws the mark W of the second application program and the second application program through traversal is not Belong to white list list, cancel the authority that the second application program W and the second application program I has been authorized.Terminal keeps second to apply The mandate of program U, the second application program T and the second application program R.Terminal shows the empowerment management interface 600 of assistant service, awards Power administration interface 600 includes mark U, the mark T of the second application program and the mark of the second application program of the second application program Know R.Management terminal terminal is shielded and does not show the mark W of the second application program and mark I of the second application program.

In sum, the assistant service management method that the present embodiment is provided, by using the corresponding white list of assistant service List is carried out being filtrated to get destination application to the application program for authorizing the authority of assistant service offer, in empowerment management circle Display target application program in face, solves the application program of malice to after the authority of android system application assistant service, makes The problem of malicious operation is carried out in the case of user is unwitting with simulation click function；Having reached can be to authorizing auxiliary clothes The application program of the authority that business is provided is filtered, and cancels the authority for belonging to the application program for being not belonging to white list list, is authorized Show the mark of the non-malicious application program after filtering in administration interface, shield the mark of malicious application, it is to avoid user couple Malicious application authorizes the authority of assistant service offer, so as to improve the effect of the safety of operating system.

Following for apparatus of the present invention embodiment, can be used for executing the inventive method embodiment.For apparatus of the present invention reality The details not disclosed in example is applied, refer to the inventive method embodiment.

Fig. 7 is refer to, the block diagram of the assistant service managing device of one embodiment of the invention offer is provided, The assistant service managing device can pass through software, hardware or both be implemented in combination with become some or all of of terminal.Should Assistant service managing device can include：

Demand determining module 720, is used to determine whether to meet the application demand of the authority of assistant service；

Interface display module 740, for when the application demand of authority of assistant service offer is met, showing assistant service Empowerment management interface, empowerment management interface includes the mark of destination application, destination application be by assistant service Corresponding blacklist list and/or white list list filtered after application program；

In sum, the assistant service managing device that the present embodiment is provided, by using the corresponding blacklist of assistant service List and/or white list list carry out being filtrated to get destination application to application program, show mesh in empowerment management interface Mark application program, is solved the application program of malice to after the authority of android system application assistant service, is clicked on using simulation Function carries out the problem of malicious operation in the case of user is unwitting；Reach and application program can have been filtered, authorized Show the mark of the non-malicious application program after filtering in administration interface, shield the mark of malicious application, it is to avoid user couple Malicious application authorizes the authority of assistant service offer, so as to improve the effect of the safety of operating system.

Fig. 8 is refer to, the structure square frame of the assistant service managing device of another embodiment of the present invention offer is provided Figure, the assistant service managing device can pass through software, hardware or both be implemented in combination with become some or all of of terminal. The assistant service managing device can include：

Interface display module 820, for when the application demand of authority of assistant service offer is met, showing assistant service Empowerment management interface, empowerment management interface includes the mark of destination application, destination application be by assistant service Corresponding blacklist list and/or white list list filtered after application program；

In one embodiment,

The device also includes：

First acquisition module 830, for obtaining first the application list, first the application list includes at least one The mark of the first application program, the first application program is the application program of the authority for applying for assistant service offer；

First filtering module 840, for the mark according to blacklist list and/or white list list to the first application program Filtered, obtained the mark of destination application.

In one embodiment,

First filtering module 840, including：

First detector unit 841, for detect the first application program identify whether belong to blacklist list；

First determining unit 842, if being not belonging to blacklist list for the mark of the first application program, first is applied The mark of program is defined as the mark of destination application.

In one embodiment,

First filtering module 840, including：

Second detector unit 843, for detect the first application program identify whether belong to white list list；

Second determining unit 844, if belonging to white list list for the mark of the first application program, first is applied journey The mark of sequence is defined as the mark of destination application.

In one embodiment,

The device also includes：

Command reception module 850, for passing through authorized order of the empowerment management interface receive user to destination application；

Right-granting module 860, for authorizing the authority of assistant service offer according to authorized order to destination application.

In one embodiment,

The device also includes：

Second acquisition module 870, for obtaining second the application list, second the application list includes at least one The mark of the second application program, the second application program is the application program of the authority for having authorized assistant service offer；

Authority cancels module 880, for the awarding to the second application program according to blacklist list and/or white list list The authority that gives is cancelled.

In one embodiment,

Authority cancels module 880, including：

3rd detector unit 881, for detect the second application program identify whether belong to blacklist list；

First cancels unit 882, if belonging to blacklist list for the mark of the second application program, passes through empowerment management Process is cancelled to the authority that has authorized of the second application program.

In one embodiment,

Authority cancels module 880, including：

4th detector unit 883, for detect the second application program identify whether belong to white list list；

Second cancels unit 884, if being not belonging to white list list for the mark of the second application program, is managed by authorizing Reason process is cancelled to the authority that has authorized of the second application program.

In one embodiment,

The device also includes：

Setup module 890, the destination application for being included to empowerment management interface by cloud server is set Put.

In one embodiment,

Setup module 890, including：

List download unit 891, for regular from cloud server download blacklist list and/or white to schedule List list, blacklist list and/or white list list are the lists that server update is crossed beyond the clouds.

Additionally, also by using the corresponding blacklist list of assistant service and/or white list list to authorizing auxiliary clothes The application program of the authority that business is provided carries out being filtrated to get destination application, display target application journey in empowerment management interface Sequence；Reach and the application program for authorizing the authority of assistant service offer can have been filtered, cancelled and belong to blacklist list And/or the authority of the application program of white list list is not belonging to, show the non-malicious application journey after filtering in empowerment management interface The mark of sequence, shields the mark of malicious application, improves the effect of the safety of operating system.

In addition, being updated to blacklist list and/or white list list also by cloud server, improve shielding and disliking The degree of accuracy of meaning application program.

Fig. 9 it illustrates the block diagram of the terminal 900 of one embodiment of the invention offer.The terminal can include radio frequency (RF, Radio Frequency) circuit 901, include the memorizer 902 of one or more computer-readable recording mediums, defeated Enter unit 903, display unit 904, sensor 905, voicefrequency circuit 906, Wireless Fidelity (WiFi, Wireless Fidelity) The part such as module 907, the processor 908 for including or more than one processing core and power supply 909.Art technology Personnel are appreciated that the restriction of the terminal structure for illustrating in Fig. 9 not structure paired terminal, can include more more or less than illustrating Part, or combine some parts, or different part arrangements.Wherein：

RF circuit 901 can be used to receiving and sending messages or communication process in, the reception of signal and transmission, especially, by base station After downlink information is received, transfer to one or more than one processor 908 is processed；In addition, will be related to up data is activation to Base station.Generally, RF circuit 901 includes but is not limited to antenna, at least one amplifier, tuner, one or more agitators, use Family identity module (SIM, Subscriber Identity Module) card, transceiver, bonder, low-noise amplifier (LNA, Low Noise Amplifier), duplexer etc..Additionally, RF circuit 901 can also pass through radio communication and network and its His equipment communication.The radio communication can use arbitrary communication standard or agreement, including but not limited to global system for mobile telecommunications system System (GSM, Global System of Mobile communication), general packet radio service (GPRS, General Packet Radio Service), CDMA (CDMA, Code Division Multiple Access), wideband code division many Location (WCDMA, Wideband Code Division Multiple Access), Long Term Evolution (LTE, Long Term Evolution), Email, Short Message Service (SMS, Short Messaging Service) etc..

Memorizer 902 can be used to store software program and module, and processor 908 is stored in memorizer 902 by operation Software program and module, so as to execute various function application and data processing.Memorizer 902 mainly can include to store journey Sequence area and storage data field, wherein, storing program area can storage program area, the application program (ratio needed at least one function Such as sound-playing function, image player function etc.) etc.；Storage data field can be stored and use created data according to terminal (such as voice data, phone directory etc.) etc..Additionally, memorizer 902 can include high-speed random access memory, can also include Nonvolatile memory, for example, at least one disk memory, flush memory device or other volatile solid-state parts.Phase Ying Di, memorizer 902 can also include Memory Controller, to provide processor 908 and input block 903 is to memorizer 902 Access.

Input block 903 can be used for the numeral of receives input or character information, and produce and user setup and function The relevant keyboard of control, mouse, action bars, optics or trace ball signal input.Specifically, in a specific embodiment In, input block 903 may include Touch sensitive surface and other input equipments.Touch sensitive surface, also referred to as touch display screen or touch Control plate, user can be collected thereon or neighbouring touch operation (such as user using any suitable object such as finger, stylus or Operation of the adnexa on Touch sensitive surface or near the Touch sensitive surface), and corresponding connection dress is driven according to formula set in advance Put.Optionally, Touch sensitive surface may include touch detecting apparatus and two parts of touch controller.Wherein, touch detecting apparatus inspection The touch orientation of survey user, and the signal that touch operation brings is detected, transmit a signal to touch controller；Touch controller from Touch information being received on touch detecting apparatus, and is converted into contact coordinate, then gives processor 908, and can reception processing Order that device 908 is sent simultaneously is executed.Furthermore, it is possible to multiple using resistance-type, condenser type, infrared ray and surface acoustic wave etc. Type realizes Touch sensitive surface.Except Touch sensitive surface, input block 903 can also include other input equipments.Specifically, other are defeated Enter equipment and can include but is not limited to physical keyboard, function key (such as volume control button, switch key etc.), trace ball, Mus One or more in mark, action bars etc..

Display unit 904 can be used to showing by the information of user input or be supplied to the various of the information of user and terminal Graphical user interface, these graphical user interface can be made up of figure, text, icon, video and its combination in any.Than Such as, display unit 904, for showing the empowerment management interface of assistant service, empowerment management interface includes destination application Mark.Display unit 904 may include display floater, optionally, can adopt liquid crystal display (LCD, Liquid Crystal Display), the form such as Organic Light Emitting Diode (OLED, Organic Light-Emitting Diode) is configuring display surface Plate.Further, Touch sensitive surface can cover display floater, when Touch sensitive surface is detected thereon or after neighbouring touch operation, Processor 908 is sent to determine the type of touch event, with preprocessor 908 according to the type of touch event in display floater Upper provide corresponding visual output.Although in fig .9, Touch sensitive surface and display floater are the parts independent as two realizing Input and input function, but in some embodiments it is possible to will be integrated to Touch sensitive surface and display floater and realize input and defeated Go out function.

Terminal may also include at least one sensor 905, such as optical sensor, motion sensor and other sensors. Specifically, optical sensor may include ambient light sensor and proximity transducer, and wherein, ambient light sensor can be according to ambient light Light and shade adjusting the brightness of display floater, proximity transducer can cut out display floater and/or the back of the body when terminal is moved in one's ear Light.Used as one kind of motion sensor, Gravity accelerometer can detect (generally three axles) acceleration in all directions Size, can detect that size and the direction of gravity when static, can be used for recognize mobile phone attitude application (such as horizontal/vertical screen switching, Dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.；Can also configure as terminal Gyroscope, barometer, drimeter, thermometer, the other sensors such as infrared ray sensor, will not be described here.

Voicefrequency circuit 906, speaker, microphone can provide the audio interface between user and terminal.Voicefrequency circuit 906 can The signal of telecommunication after the voice data for receiving is changed, is transferred to speaker, is converted to acoustical signal output by speaker；Another Aspect, the acoustical signal of collection is converted to the signal of telecommunication by microphone, is converted to voice data by voicefrequency circuit 906 after being received, then After voice data output processor 908 is processed, through RF circuit 901 being sent to such as another terminal, or by voice data Export to memorizer 902 to process further.Voicefrequency circuit 906 is also possible that earphone jack, with provide peripheral hardware earphone with The communication of terminal.

WiFi belongs to short range wireless transmission technology, and terminal can help user's transceiver electronicses postal by WiFi module 907 Part, browse webpage and streaming video etc. is accessed, it has provided the user wireless broadband internet and has accessed.Although Fig. 9 shows WiFi module 907, but it is understood that, which is simultaneously not belonging to must be configured into for terminal, can not change as needed completely Omit in the scope of the essence for becoming invention.

Processor 908 is the control centre of terminal, using various interfaces and the various pieces of connection whole mobile phone, leads to Cross operation or the software program and/or the module that are stored in memorizer 902 is executed, and call and be stored in memorizer 902 Data, execute various functions and the processing data of terminal, so as to carry out integral monitoring to mobile phone.Optionally, processor 908 can be wrapped Include one or more processing cores；Preferably, processor 908 can integrated application processor and modem processor, wherein, should Operating system, user interface and application program etc. are mainly processed with processor, modem processor mainly processes radio communication. It is understood that above-mentioned modem processor can not also be integrated in processor 908.

Terminal also includes the power supply 909 (such as battery) that powers to all parts, it is preferred that power supply can pass through power supply pipe Reason system is logically contiguous with processor 908, so as to realize management charging, electric discharge and power managed by power-supply management system Etc. function.Power supply 909 can also include one or more direct current or alternating current power supply, recharging system, power failure inspection The random component such as slowdown monitoring circuit, power supply changeover device or inverter, power supply status indicator.

Although not shown, terminal can also be will not be described here including bluetooth module etc..Specifically in the present embodiment, eventually Processor 908 in end can run the one or more programmed instruction being stored in memorizer 902, above-mentioned so as to realize Assistant service management method provided in each embodiment of the method.

One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can Completed with instructing the hardware of correlation by program, the program can be stored in a computer-readable recording medium, storage Medium can include：Read only memory (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc..

One of ordinary skill in the art will appreciate that all or part of step for realizing above-described embodiment can pass through hardware To complete, it is also possible to which the hardware for being instructed correlation by program is completed, and described program can be stored in a kind of computer-readable In storage medium, storage medium mentioned above can be read only memory, disk or CD etc..

The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all spirit in the present invention and Within principle, any modification, equivalent substitution and improvement that is made etc., should be included within the scope of the present invention.

Claims

1. a kind of assistant service management method, it is characterised in that methods described includes：

When the application demand of authority of assistant service offer is met, show the empowerment management interface of assistant service, the mandate Administration interface includes the mark of destination application, the destination application be by the corresponding blacklist of the assistant service List and/or white list list filtered after application program；

Wherein, the empowerment management interface is used for authorizing the power of assistant service offer to the destination application for user The user interface of limit.

2. method according to claim 1, it is characterised in that methods described also includes：

First the application list is obtained, described first the application list includes the mark of at least one first application programs, First application program is the application program of the authority that the application assistant service is provided；

According to the blacklist list and/or the white list list, the mark of first application program is filtered, obtain Mark to the destination application.

3. method according to claim 2, it is characterised in that described applied to described first according to the blacklist list The mark of program is filtered, and obtains the mark of the destination application, including：

If the mark of first application program is not belonging to the blacklist list, will be true for the mark of first application program It is set to the mark of the destination application.

4. method according to claim 2, it is characterised in that described applied to described first according to the white list list The mark of program is filtered, and obtains the mark of the destination application, including：

If the mark of first application program belongs to the white list list, the mark of first application program is determined Mark for the destination application.

5. according to the arbitrary described method of Claims 1-4, it is characterised in that methods described also includes：

6. according to the arbitrary described method of Claims 1-4, it is characterised in that methods described also includes：

Second the application list is obtained, described second the application list includes the mark of at least one second application programs, Second application program is the application program of the authority for having authorized assistant service offer；

According to the authority that has authorized of the blacklist list and/or the white list list to second application program Cancelled.

7. method according to claim 6, it is characterised in that described applied to described second according to the blacklist list The authority that has authorized of program is cancelled, including：

If the mark of second application program belongs to the blacklist list, should to described second by empowerment management process Cancelled with the authority that has authorized of program.

8. method according to claim 6, it is characterised in that described applied to described second according to the white list list The authority that has authorized of program is cancelled, including：

If the mark of second application program is not belonging to the white list list, pass through empowerment management process to described second The authority that has authorized of application program is cancelled.

9. according to the arbitrary described method of claim 1 to 8, it is characterised in that methods described also includes：

10. method according to claim 9, it is characterised in that described by cloud server to empowerment management circle The destination application that face includes is configured, including：

Rule downloads the blacklist list and/or the white list list from cloud server to schedule, described black List list and/or the white list list be in the updated list of the cloud server.

11. a kind of assistant service managing devices, it is characterised in that described device includes：

Interface display module, for when the application demand of authority of assistant service offer is met, showing the mandate of assistant service Administration interface, the empowerment management interface includes the mark of destination application, the destination application be by described auxiliary Application program after helping the corresponding blacklist list of service and/or white list list to be filtered；

12. devices according to claim 11, it is characterised in that described device also includes：

First acquisition module, for obtaining first the application list, described first the application list includes at least one The mark of one application program, first application program is the application program of the authority that the application assistant service is provided；

First filtering module, for according to the blacklist list and/or the white list list to first application program Mark filtered, obtain the mark of the destination application.

13. devices according to claim 12, it is characterised in that first filtering module, including：

First determining unit, if being not belonging to the blacklist list for the mark of first application program, by described The mark of one application program is defined as the mark of the destination application.

14. devices according to claim 12, it is characterised in that first filtering module, including：

Second determining unit, if belonging to the white list list for the mark of first application program, by described first The mark of application program is defined as the mark of the destination application.

15. according to the arbitrary described device of claim 11 to 14, it is characterised in that described device also includes：

Command reception module, for being referred to the mandate of the destination application by empowerment management interface receive user Order；

Right-granting module, for authorizing assistant service offer according to the authorized order to the destination application Authority.

16. according to the arbitrary described device of claim 11 to 14, it is characterised in that described device also includes：

Second acquisition module, for obtaining second the application list, described second the application list includes at least one The mark of two application programs, second application program is the application program of the authority for having authorized assistant service offer；

Authority cancels module, for according to the blacklist list and/or the white list list to second application program The authority that has authorized cancelled.

17. devices according to claim 16, it is characterised in that the authority cancels module, including：

First cancels unit, if belonging to the blacklist list for the mark of second application program, is managed by authorizing Reason process is cancelled to the authority that has authorized of second application program.

18. devices according to claim 16, it is characterised in that the authority cancels module, including：

Second cancels unit, if being not belonging to the white list list for the mark of second application program, by authorizing Managing process is cancelled to the authority that has authorized of second application program.

19. according to the arbitrary described device of claim 11 to 18, it is characterised in that described device also includes：

Setup module, the destination application for being included to the empowerment management interface by cloud server is configured.

20. devices according to claim 19, it is characterised in that the setup module, including：

List download unit, for regular from the cloud server download blacklist list and/or described to schedule White list list, the blacklist list and/or the white list list be in the updated list of the cloud server.

21. a kind of assistant service managing devices, it is characterised in that include：

Processor；

For storing the memorizer of the executable instruction of the processor；

Wherein, the processor is configured to：