CN106777381A - A kind of Access and control strategy of database method, device and intelligent terminal - Google Patents
A kind of Access and control strategy of database method, device and intelligent terminal Download PDFInfo
- Publication number
- CN106777381A CN106777381A CN201710076712.5A CN201710076712A CN106777381A CN 106777381 A CN106777381 A CN 106777381A CN 201710076712 A CN201710076712 A CN 201710076712A CN 106777381 A CN106777381 A CN 106777381A
- Authority
- CN
- China
- Prior art keywords
- database
- access
- caller
- system debug
- debug process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
Abstract
The embodiment of the invention discloses a kind of Access and control strategy of database method, device and intelligent terminal.The method includes:Judge whether application program accesses database using system debug process;If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, wherein, sensitive database includes the database and/or the database for storage service data for storing permissions data;Determine whether that the system debug process accesses the database according to judged result.The embodiment of the present invention can effectively control the data in various applications access intelligent terminals, it is ensured that the security of data in intelligent terminal by using above-mentioned technical proposal.
Description
Technical field
The present embodiments relate to Android technology application domain, more particularly to a kind of Access and control strategy of database method,
Device and intelligent terminal.
Background technology
At present, intelligence system oneself through being the maximum intelligent terminal operation system platform of customer group, using the hand of intelligence system
The intelligent terminals such as machine are current many most frequently used most important electronic equipments of user, and intelligent terminal system can store the number of user
According to the private data and permissions data etc. such as including short message.These data can be stored in the database the inside of respective modules, such as
Short message is stored in the database of information module, and permissions data is stored in the safety database of setup module.
User often installs various applications on intelligent terminal, and these applications may be entered to the data in intelligent terminal
Row illegal operation, above operation destroys the security of data in intelligent terminal.
The content of the invention
The embodiment of the present invention provides a kind of method of data access control, device and intelligent terminal, can improve intelligent end
The security of data in end.
In a first aspect, a kind of Access and control strategy of database method is the embodiment of the invention provides, including:
Judge whether application program accesses database using system debug process;
If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, wherein, institute
Stating sensitive database includes the database and/or the database for storage service data that are used to store permissions data;
Determine whether that the system debug process accesses the database according to judged result.
Second aspect, the embodiment of the invention provides a kind of Access and control strategy of database device, including:
First application program judge module, for judging application program whether using system debug process access database;
Database judge module, for if so, then judging whether the database that the system debug process is accessed belongs to
In sensitive database, wherein, the sensitive database is included for storing the database of permissions data and/or for storage service
The database of data;
Database access determining module, for determining whether that the system debug process accesses institute according to judged result
State database.
The third aspect, the embodiment of the invention provides a kind of intelligent terminal, including memory, and processor and storage are in storage
On device and can processor operation computer program, realize following steps during computer program described in the computing device:
Judge whether application program accesses database using system debug process;
If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, wherein, institute
Stating sensitive database includes the database and/or the database for storage service data that are used to store permissions data;
Determine whether that the system debug process accesses the database according to judged result.
The Access and control strategy of database scheme provided in the embodiment of the present invention, can effectively control various applications to access intelligence eventually
Data in end, it is ensured that the security of data in intelligent terminal.
Brief description of the drawings
Fig. 1 is a kind of schematic flow sheet of Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 2 be a kind of Access and control strategy of database method provided in an embodiment of the present invention in intelligent terminal display interface prompting
The schematic diagram of user;
Fig. 3 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 4 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 5 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 6 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 7 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention;
Fig. 8 is a kind of structured flowchart of Access and control strategy of database device provided in an embodiment of the present invention;
Fig. 9 is the structured flowchart of another Access and control strategy of database device provided in an embodiment of the present invention;
Figure 10 is the structured flowchart of another Access and control strategy of database device provided in an embodiment of the present invention;
Figure 11 is a kind of structural representation of intelligent terminal provided in an embodiment of the present invention.
Specific embodiment
Further illustrate technical scheme below in conjunction with the accompanying drawings and by specific embodiment.May be appreciated
It is that specific embodiment described herein is used only for explaining the present invention, rather than limitation of the invention.Further need exist for explanation
, for the ease of description, part rather than entire infrastructure related to the present invention is illustrate only in accompanying drawing.
It should be mentioned that some exemplary embodiments are described as before exemplary embodiment is discussed in greater detail
The treatment described as flow chart or method.Although each step to be described as flow chart the treatment of order, many of which
Step can be implemented concurrently, concomitantly or simultaneously.Additionally, the order of each step can be rearranged.When its operation
The treatment can be terminated during completion, it is also possible to have the additional step being not included in accompanying drawing.The treatment can be with
Corresponding to method, function, code, subroutine, subprogram etc..
Step 101, judge whether application program accesses database using system debug process.
In the present embodiment, judge whether application program accesses the database in intelligent terminal using system debug process,
Wherein, the application program can be mounted various applications in intelligent terminal application program, or with intelligent end
Hold the application program of the various applications in the electronic equipment of connection.System debug process refers to call debugging bridge command access data
The process in storehouse, it is exemplary, bridge (Android Debug Bridge, ADB) instrument is debugged in intelligent terminal by Android
Database conducts interviews.
Step 102, if so, then judge system debug process access database whether belong to sensitive database.
When the database during judgement application program accesses intelligent terminal using system debug process, system is determined whether
Whether the database that debugging process is accessed is sensitive database, wherein, sensitive database includes the number for storing permissions data
According to storehouse and/or the database for storage service data.Exemplary, the database for storing permissions data can be storage
The database of Alipay related data, the database for storage service data can be the database of storage note data.
Step 103, determined whether according to judged result system debug process access database.
In the present embodiment, when judge system debug process access database belong to sensitive database when, do not allow be
System debugging process accesses database, when the database for judging that system debug process is accessed is not belonging to sensitive database, it is allowed to be
System debugging process accesses database.
Optionally, before determining whether that system debug process accesses database according to judged result, also include:It is logical
Cross the progress information that process call-by mechanism obtains system debug process;The caller of system debug process is judged according to progress information
It is whether legal.Exemplary, whether the caller that system debug process is judged according to progress information is mobile phone assistance application, if
It is, it is determined that the caller of system debug process is illegal, otherwise, it determines the caller of system debug process is legal.Accordingly,
Determine whether that system debug process accesses database according to judged result, including:According to the number that system debug process is accessed
Whether belong to the judged result of sensitive database and the whether legal judged result of caller of system debug process according to storehouse,
Determine whether that system debug process accesses database.When the database that system debug process is accessed is not belonging to sensitive database
And system debug process caller it is legal when, it is allowed to system debug process access database, otherwise, do not allow system debug to enter
Journey accesses database.
Optionally, before determining whether that system debug process accesses database according to judged result, also include:Root
Judge intelligent terminal currently whether under debugging mode according to the current value of the terminal attribute for preserving.Accordingly, according to judgement
Result determines whether that system debug process accesses database, including:Whether the database according to the access of system debug process
Belong to the judged result whether judged result and intelligent terminal of sensitive database are currently under debugging mode, it is determined that being
No permission system debug process accesses database.When the database that system debug process is accessed is not belonging to sensitive database, and intelligence
When energy terminal is not presently within debugging mode, it is allowed to which system debug process accesses database, otherwise, does not allow system debug to enter
Journey accesses database.
Optionally, before determining whether that system debug process accesses database according to judged result, also include:Will
The order that application program accesses database is converted to the recognizable information of user, and the recognizable information of user is shown, to carry
Show user to whether allowing application program access database to select.Exemplary, access short message for unauthorized applications
The situation of data, ejects a pair of words frames in the display interface of intelligent terminal, prompts the user whether to allow application program to access phase
The database answered.Fig. 2 be a kind of Access and control strategy of database method provided in an embodiment of the present invention in intelligent terminal display interface
Point out the schematic diagram of user.As shown in Fig. 2 the dialog box of user is pointed out in ejection one in the display interface 201 of intelligent terminal
202, exemplary, the content of dialog box 202 is:Distinguished client, so-and-so changes your note data at application, if permit
PerhapsAccordingly, determine whether that system debug process accesses database according to judged result, including:According to judged result and
The selection instruction of the user input for receiving, it is determined whether allow system debug process to access database.When system debug process
The database of access is not belonging to sensitive database, and the selection instruction of the user input for receiving is not allow application program to access
During database, system debug process is not allowed to access database, otherwise, it is allowed to which system debug process accesses database.
The Access and control strategy of database scheme that the present embodiment is provided, by judging application program whether using system debug process
Access database;If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, its
In, the sensitive database includes the database and/or the database for storage service data for storing permissions data;Root
It is judged that as a result determining whether that the system debug process accesses the database.Various applications can be effectively controlled to access
Data in intelligent terminal, it is ensured that the security of data in intelligent terminal.
As the Access and control strategy of database method that a preferred scheme of the present embodiment, the present embodiment are provided, also include:Note
Record the number of times of the application routine access sensitive database within the unit interval;Judge application program whether in running background, using journey
The number of times in sequence access sensitive data storehouse whether exceed the sensitive database that first threshold and application program are accessed number whether
More than Second Threshold;If application program be running background, application program access sensitive data storehouse number of times exceed first threshold,
And the number of the sensitive database of application program access exceedes Second Threshold, then application program is added into list list, so that
Application program in the list list of follow-up directly refusal accesses database.
Fig. 3 is that the flow of the Access and control strategy of database method of another intelligent terminal provided in an embodiment of the present invention is illustrated
Figure, the method can be performed by the Access and control strategy of database device of intelligent terminal, and wherein the device can be by software and/or hardware reality
It is existing, can typically be integrated in intelligent terminal.As shown in figure 3, the method includes:
Step 301, when monitoring to need by database in ADB command access intelligent terminals, obtain ADB orders
The progress information of caller and the identification information of database.
Exemplary, the intelligent terminal in the present embodiment is specifically as follows smart mobile phone and panel computer etc., and there is storage to use
The equipment of user data function.Can be divided into two kinds by the situation of database in ADB command access intelligent terminals:One kind is to work as intelligence
Can be after other electronic equipments such as terminal and PC be connected, the application on other electronic equipments passes through ADB instruments in intelligent terminal
Database conduct interviews, it is exemplary, when smart mobile phone is connected with PC, the PC assistant of PC, such as Baidu assistant, 360
The application such as assistant is conducted interviews by ADB instruments to the database in smart mobile phone.Another kind is install in intelligent terminal each
Application is planted, the database in intelligent terminal is conducted interviews by ADB instruments.Other electronics being either connected with intelligent terminal
The application installed in application or intelligent terminal in equipment, as long as monitoring the data by ADB command access intelligent terminals
It is necessary to obtain the progress information of the caller of ADB orders and the identification information of database during storehouse.
Exemplary, in the access intelligent terminal that other electronic equipments being connected with intelligent terminal send is received
During the progress information of the caller of ADB orders and the ADB orders of database, it is determined that monitoring that the application on other electronic equipments is needed
Will be by the database in ADB command access intelligent terminals;The identification information of database is obtained according to ADB orders.It is exemplary again
, when monitoring that the application on intelligent terminal is needed by database in ADB command access intelligent terminals, adjusted by process
The progress information of the caller of ADB orders is obtained with mechanism, and the identification information of database is obtained according to ADB orders.Need
Bright, the present embodiment is not limited monitoring the concrete condition of the database in ADB command access intelligent terminals.Wherein,
The progress information of caller can including the process of the process name of caller, the size of caller committed memory and caller etc. phase
The process of pass information, wherein caller is dynamic, reflects all dynamic mistakes that caller runs on certain data set
Journey.The identification information of database can include the title of database, and database is may determine that by the identification information of database
Type.It is exemplary, may determine that whether certain database is the safe number that stores permissions data by the identification information of database
According to storehouse.
Whether the identification information judgment of step 302, the progress information according to caller and database allows caller to access
The database.
Whether progress information and the identification information comprehensive descision of database in the present embodiment, according to caller allows to adjust
User accesses the database.Exemplary, can be generated according to the identification information of the progress information of caller and database and adjusted
User accesses the prompt message of database, and caller is determined whether according to the selection instruction that prompt message is input into by user
Access database.Can also determine whether caller is malicious application according to the progress information of caller, according to the mark of database
Knowledge information determines whether database is setting data storehouse, and the determination result according to both determines whether that caller accesses data
Storehouse.According to caller whether be malicious application determination result and database whether be setting data storehouse determination result,
Determine whether caller access the database when, with specific reference to caller whether be malicious application determination result, institute
State database whether be the determination result and intelligent terminal in setting data storehouse currently whether under the debugging mode, judgement is
No permission caller accesses the database.
Further, it is also possible to the progress information according to caller determines whether the process of caller is ADB order executive process,
And determining whether database is setting data storehouse according to the identification information of database, the determination result according to both judges whether to permit
Perhaps caller accesses database.When determining whether that caller accesses database according to both determination results, specific root
According to caller process whether be the determination result of ADB order executive process, database whether be setting data storehouse determination knot
Caller is determined whether really and to the determination result for setting addition Item and accesses the database.Wherein, set attached
Plus item include it is following at least one:Caller whether be malicious application, intelligent terminal currently whether under the debugging mode and
After the prompt message for sending the caller access database, whether the selection instruction of the user input of reception indicates to allow to adjust
User accesses the database.When whether judge caller is malicious application, by judging caller whether in default black name
Determine whether caller is malicious application in list, wherein the application in default blacklist is the time in preseting length of statistics
The number and number of times that database is accessed in section reach the application of given threshold.
It should be noted that the present embodiment to the progress information and the identification information judgment of database according to caller whether
The concrete mode for allowing caller to access the database is not limited, and the present embodiment includes above-mentioned three kinds of judgment modes, but not
It is only limited to above-mentioned three kinds of judgment modes.
Step 303, caller is refused according to judged result access the database or according to ADB orders execution to the number
According to the access in storehouse.
If the identification information judgment of progress information and database according to caller accesses the number to forbid caller
During according to storehouse, caller is not allowed to pass through database described in ADB command access;If according to the progress information and database of caller
Identification information judgment to allow caller to access the database when, according to ADB orders access of the execution to the database.
Wherein, performed according to ADB orders and the file letter that can include in reading, modification or move database is accessed to the database
Cease, the related access such as certain application is downloaded or inserted in database.
The Access and control strategy of database scheme provided in the present embodiment, when monitoring to need by ADB command access intelligence eventually
During database in end, the progress information and the identification information of database of the caller of ADB orders are obtained;According to entering for caller
Whether the identification information judgment of journey information and database allows caller to access database;Refuse caller according to judged result to visit
Ask database or the access to database is performed according to ADB orders.By using above-mentioned technical proposal, can effectively control to pass through
Data in ADB command access intelligent terminals, such as private data, sensitive permission data etc., it is ensured that data in intelligent terminal
Security.
Fig. 4 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention, the present embodiment
Optimized based on above-described embodiment, in the present embodiment, by step " when monitoring to need by ADB command access institute
When stating the database in intelligent terminal, the progress information of the caller of the ADB orders and the mark letter of the database are obtained
Breath " is optimized for:The database in the access intelligent terminal that the electronic equipment being connected with the intelligent terminal sends is received
ADB orders and the ADB orders caller progress information when, it is determined that monitor on the electronic equipment apply needs
By the database in intelligent terminal described in ADB command access;The mark letter of the database is obtained according to the ADB orders
Breath.Further, by step, " whether the identification information judgment of progress information and the database according to the caller allows
The caller accesses the database " it is optimized for:The mark letter of progress information and the database according to the caller
Breath, generates the prompt message that the caller accesses the database;Receive the selection that user is input into according to the prompt message
Instruction, determines whether that the caller accesses the database according to the selection instruction.
Accordingly, the method for the present embodiment comprises the following steps:
Whether the application on the electronic equipment of step 401, electronic equipment monitoring and intelligent terminal connection needs to be ordered by ADB
Order accesses the database in the intelligent terminal.
Step 402, electronic equipment obtain the progress information of the caller of ADB orders.
Application of the electronic equipment on electronic equipment is monitored is needed by the database in ADB command access intelligent terminals
When, obtain the progress information of the caller of ADB orders.
The progress information of ADB orders and the caller of ADB orders is sent to intelligent terminal by step 403, electronic equipment.
Whether the application on step 404, intelligent terminal detection electronic equipment is needed by ADB command access intelligent terminals
Database.
Intelligent terminal data in the access intelligent terminal that the electronic equipment being connected with intelligent terminal sends is received
During the progress information of the caller of the ADB orders in storehouse and the ADB orders, it is determined that monitoring whether the application on electronic equipment needs
Will be by the database in intelligent terminal described in ADB command access.Exemplary, intelligent terminal A is connected by data wire with PC
When connecing, when certain application such as 360 assistants of PC, Baidu assistant initiate to access the access instruction of certain database in intelligent terminal A, should
Access instruction is ADB orders, ADB orders in what intelligent terminal A received that PC sends access intelligent terminal A in database and
The progress information of ADB command calls persons, now, determines that the application on electronic equipment passes through ADB command access intelligent terminals
In database.
Step 405, intelligent terminal obtain the identification information of database according to ADB orders.
Step 406, intelligent terminal are accessed according to the progress information of caller and the identification information of database, generation caller
The prompt message of the database.
Exemplary, the identification information of progress information and database according to caller is generated strategy, and strategy includes direct
The access and generation caller that perform ADB orders access the prompt message two ways of database.For example, when caller is malice
Using or during solar obligation advertisement applications, or the database is obtained for sensitive permission database according to the identification information of database
When, the prompt message that caller accesses database can be generated.Prompt message is ejected by intelligent terminal display end, such as A is adjusted
User is carrying out B orders, if allowWherein, the prompt message of the caller access database of generation can be by intelligence
User's testing mechanism of terminal is analyzed treatment to ADB orders, is converted into the information that user can recognize, exemplary,
ADB is accessed the order of database, the prompt message being converted into after analyzing and processing is:Caller A is ready for modification short message record,
Whether allow.
The selection instruction that step 407, intelligent terminal for reception user are input into according to prompt message, be according to selection instruction judgement
No permission caller accesses the database.
User is input into selection instruction according to prompt message, that is, allowing caller to access database does not still allow caller to visit
Ask database.Optionally, on the display screen of intelligent terminal, the caller of generation accesses the prompt message interface of database, bag
Containing be with no two select buttons, when user input is, represent allow caller access database, when user input is no,
Expression forbids caller to access database.
Step 408, intelligent terminal refuse caller and access the database or according to ADB orders execution according to judged result
Access to the database.
The Access and control strategy of database method that the present embodiment is provided, by progress information and the mark of database according to caller
Knowledge information, generation caller accesses the prompt message of database;The selection instruction that user is input into according to prompt message is received, according to
Selection instruction determines whether that caller accesses database, can not only be effectively ensured sensitive permission in intelligent terminal not by
Modification, improves the security of intelligent terminal system, and allows user to choose whether the electronic equipment for allowing to be connected with intelligent terminal
In application access sensitive data, form interaction with user, be greatly improved Consumer's Experience.
Fig. 5 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention, the present embodiment
Optimized based on above-described embodiment, in the present embodiment, by step " progress information according to the caller and described
Whether the identification information judgment of database allows the caller to access the database " further it is optimized for:According to the tune
The progress information of user determines whether the caller is malicious application, and according to the identification information of the database determines
Whether database is setting data storehouse;Whether it is that the determination result and the database of malicious application is according to the caller
No is the determination result in setting data storehouse, determines whether that the caller accesses the database.
Accordingly, the method for the present embodiment comprises the following steps:
Whether the application on the electronic equipment of step 501, electronic equipment monitoring and intelligent terminal connection needs to be ordered by ADB
Order accesses the database in the intelligent terminal.
Step 502, electronic equipment obtain the progress information of the caller of ADB orders.
Application of the electronic equipment on electronic equipment is monitored is needed by the database in ADB command access intelligent terminals
When, obtain the progress information of the caller of ADB orders.
The progress information of ADB orders and the caller of ADB orders is sent to intelligent terminal by step 503, electronic equipment.
Whether the application on step 504, intelligent terminal monitoring electronic equipment is needed by ADB command access intelligent terminals
Database.
Intelligent terminal data in the access intelligent terminal that the electronic equipment being connected with intelligent terminal sends is received
During the progress information of the caller of the ADB orders in storehouse and the ADB orders, it is determined that monitoring whether the application on electronic equipment needs
Will be by the database in intelligent terminal described in ADB command access.
Step 505, intelligent terminal obtain the identification information of database according to ADB orders.
Step 506, intelligent terminal determine whether the caller is malicious application according to the progress information of caller, and root
Determine whether database is setting data storehouse according to the identification information of database.
It is exemplary, increase user's testing mechanism in intelligent terminal, based on user's testing mechanism, intelligent terminal according to
The progress information of the caller of acquisition, judges whether caller is the malicious applications such as rogue software, PC assistant.Wherein it is possible to logical
Cross blacklist mechanism and judge whether caller is malicious application, blacklist is the list of the dangerous caller of record.When caller exists
When in blacklist, judge that the caller is malicious application.Optionally, blacklist can be built in intelligent terminal, and extends ground
Can be pushed by high in the clouds.Blacklist is not changeless, it is also possible to the increase of the malicious application for judging, real-time update.
Exemplary, the title according to database judges whether database is setting data storehouse, wherein, setting data storehouse can be storage
The safety database of permissions data, or other data, the present embodiment are not limited this.
Whether step 507, intelligent terminal are whether the determination result and database of malicious application is to set according to caller
Determine the determination result of database, determine whether that caller accesses the database.
Whether can be whether the determination result and database of malicious application is setting according only to caller in this step
The determination result of database, determine whether caller access database, it is exemplary, if caller be malicious application and
Database is setting data storehouse, then judge not allowing caller to access database;Otherwise, judge to allow caller to access data
Storehouse.
Optionally, can also according to the caller whether be the determination result of malicious application, the database whether be
Whether the determination result and the intelligent terminal in setting data storehouse currently under debugging mode, determine whether described
Caller accesses the database.Exemplary, when caller is malicious application, and database is when being setting data storehouse, need to enter
One step judges whether intelligent terminal is currently under debugging mode, when intelligent terminal is currently under debugging mode, judges
Caller is allowed to access database, otherwise, judgement does not allow caller to access database.Wherein, to judge intelligent terminal current
When whether under the debugging mode, the attribute in intelligent terminal is read when calling by ADB security functions, when the attribute of reading
It is certain property value set in advance, then judges that intelligent terminal is currently at debugging mode, otherwise judges that intelligent terminal is currently at
Non- debugging mode.
Step 508, intelligent terminal refuse caller and access the database or according to ADB orders execution according to judged result
Access to the database.
The Access and control strategy of database method that the present embodiment is provided, determines that caller is by according to the progress information of caller
No is malicious application, and determines whether database is setting data storehouse according to the identification information of database;According to caller whether
For malicious application determination result and database whether be setting data storehouse determination result, determine whether caller visit
Database is asked, can effectively control the application in other electronic equipments being connected with intelligent terminal to access intelligent terminal by ADB
In data, it is ensured that the security of data in intelligent terminal, and whether combined with intelligent terminal currently sentence in debugging mode
It is disconnected whether to allow caller to access database, can avoid, when engineer debugs intelligent terminal, preventing to pass through ADB command access
The situation of the data of intelligent terminal occurs, and further increases Consumer's Experience.
Fig. 6 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention, the present embodiment
Optimized based on above-described embodiment, in the present embodiment, by step " when monitoring to need by ADB command access institute
When stating the database in intelligent terminal, the progress information of the caller of the ADB orders and the mark letter of the database are obtained
Breath " is optimized for:When monitoring that the application on intelligent terminal needed by the database in intelligent terminal described in ADB command access
When, the progress information of the caller of the ADB orders is obtained by process call-by mechanism, and institute is obtained according to the ADB orders
State the identification information of database.Accordingly, by step " the mark letter of progress information and the database according to the caller
Breath determines whether that the caller accesses the database " further it is optimized for:According to the progress information of the caller
Whether the process for determining the caller is ADB order executive process, and according to the identification information of the database determines
Whether database is setting data storehouse;Process according to the caller whether be ADB order executive process determination result with
And the database whether be setting data storehouse determination result, determine whether that the caller accesses the database.
Accordingly, the method for the present embodiment comprises the following steps:
Step 601, when monitoring that the application on intelligent terminal needed by the database in ADB command access intelligent terminals
When, the progress information of the caller of ADB orders is obtained by process call-by mechanism, and the database is obtained according to ADB orders
Identification information.
In the present embodiment, user's testing mechanism is increased in the system database management services module of intelligent terminal,
When the application in monitoring intelligent terminal passes through the database in ADB command access intelligent terminals, user's testing mechanism energy
Obtain it is current by way of process call-by mechanism (such as binder mechanism) come access the caller of database process name and
Progress information.And the identification information of the database accessed according to ADB orders acquisition, wherein, can by the identification information of database
To obtain the relevant information such as type, size of database.
Whether step 602, the process for determining caller according to the progress information of caller are ADB order executive process, and
Identification information according to database determines whether the database is setting data storehouse.
In the present embodiment, judge whether the process of current caller is that ADB orders are performed by using person's testing mechanism
Process, and determine whether database is setting data storehouse according to the title of the identification information such as database of database, wherein, if
Determine database, or other databases that database can be each module data in storage intelligent terminal, the present embodiment pair
This is not limited.
Step 603, according to the process of caller whether be ADB order executive process determination result and database whether
It is the determination result in setting data storehouse, determines whether that caller accesses the database.
In this step, can according only to the process of caller whether be ADB order executive process determination result and number
According to storehouse whether be setting data storehouse determination result, determine whether caller access database, it is exemplary, if caller
Process be ADB orders executive process and database is setting data storehouse, then judge not allowing caller to access database, it is no
Then, judge to allow caller to access database.
Optionally, whether can also be the determination result of ADB order executive process, described according to the process of the caller
Database whether be setting data storehouse determination result and the determination result to setting addition Item, determine whether described
Caller accesses the database;Wherein, it is described setting addition Item include it is following at least one:Whether the caller is malice
Whether currently under debugging mode and the caller is being sent the database is accessed using, the intelligent terminal
After prompt message, whether the selection instruction of the user input of reception indicates to allow the caller to access the database.
It is exemplary, if the process of caller is ADB orders executive process, database and being setting data storehouse and calling
Person is malicious application, then judge not allow caller to access database, otherwise, judges to allow caller to access database;Show again
Example property, if it is that setting data storehouse and intelligent terminal are current not that the process of caller is ADB orders executive process, database
In debugging mode, then judge not allowing caller to access database, otherwise, judge to allow caller to access database;Show again
Example property, if the process of caller is ADB orders executive process, database and being setting data storehouse and being visited caller is being sent
After asking the prompt message of database, the selection instruction of the user input of reception indicates not allowing caller to access database, then sentence
It is disconnected not allow caller to access database, otherwise, judge to allow caller to access database.
Wherein, by judging whether the caller in default blacklist determines whether the caller is that malice should
With;Application in wherein described default blacklist be statistics within the time period of preseting length access database number and time
Number reaches the application of given threshold.Exemplary, in 1 minute, caller A accesses certain database 10 times, then judge that caller A exists
Abnormal unauthorized access is carried out, is added into default blacklist.In 1 hour, caller B accesses three databases, and accesses every
The number of times of individual database is 3 times, then judge that caller B is malicious application, is added into default blacklist.
Step 604, caller is refused according to judged result access the database or according to ADB orders execution to the number
According to the access in storehouse.
A kind of Access and control strategy of database method that the present embodiment is provided, calls by according to the determination of the progress information of caller
Whether the process of person is ADB order executive process, and determines whether database is setting data according to the identification information of database
Storehouse;Whether process according to caller is whether the determination result and the database of ADB order executive process is setting number
According to the determination result in storehouse, determine whether that caller accesses the database, in can not only effectively controlling intelligent terminal
Using by the data in ADB command access intelligent terminals, substantially increasing the security of the system of intelligent terminal, and combine
Set the determination result of addition Item to determine whether caller access database, can avoid when engineer's debugging is intelligent eventually
During end, prevent by the situation generation of the data of ADB command access intelligent terminals, in combination with user input to intelligent terminal
In application access the selection result of the database, form interaction with user, be greatly improved Consumer's Experience.
Fig. 7 is the schematic flow sheet of another Access and control strategy of database method provided in an embodiment of the present invention, and the method can
Performed with by the Access and control strategy of database device of electronic equipment, wherein the device can be realized by software and/or hardware, can typically be collected
Into in the electronic equipments such as PC.As shown in fig. 7, the method includes:
Whether the application on electronic equipment that step 701, monitoring are connected with intelligent terminal is needed by ADB command access institute
State the database in intelligent terminal.
Step 702, the application on electronic equipment is monitored are needed by the database in ADB command access intelligent terminals
When, obtain the progress information of the caller of ADB orders.
Optionally, the application on electronic equipment is monitored is needed by the database in ADB command access intelligent terminals
When, the ADB instruments on electronic equipment obtain the progress information of the caller of the ADB orders by process call-by mechanism.Example
Property, electronic equipment is PC, the ADB instruments of PC, by the process call-by mechanism of PC, direct access PC ends caller
Process name is (for example:The Baidu assistant of PC, 360 assistants) and progress information.
Step 703, the progress information of ADB orders and the caller of ADB orders is sent to intelligent terminal, so that intelligence is eventually
End determines whether that caller accesses the database according to the progress information of ADB orders and the caller of ADB orders.
In the present embodiment, electronic equipment such as PC ends pass the progress information of the caller of ADB orders and ADB orders together
It is delivered to intelligent terminal, such as mobile phone end.The explanation module of caller information is received by increasing in mobile phone terminal ADB instruments,
Mobile phone terminal is set to determine whether that caller accesses the data according to the progress information of ADB orders and the caller of ADB orders
Storehouse.
A kind of Access and control strategy of database method that the present embodiment is provided, the electronic equipment being connected with intelligent terminal by monitoring
On application whether need by the database in ADB command access intelligent terminals;Application on electronic equipment is monitored is needed
Will by the database in ADB command access intelligent terminals when, obtain ADB orders caller progress information;By ADB orders
Progress information with the caller of ADB orders is sent to intelligent terminal, so that intelligent terminal is according to ADB orders and ADB orders
The progress information of caller determines whether that caller accesses database, and application that can be effectively in control electronics passes through
ADB accesses the data in the intelligent terminal being attached thereto, such as private data, sensitive permission data etc., it is ensured that intelligent terminal
The security of middle data.
Fig. 8 is a kind of structured flowchart of the Access and control strategy of database device of intelligent terminal provided in an embodiment of the present invention, should
Device can be realized by software and/or hardware, can be typically integrated in intelligent terminal, can visited by performing the database of intelligent terminal
Ask that control method is controlled come the database access to intelligent terminal.As shown in figure 8, the device is sentenced including the first application program
Disconnected module 801, database judge module 802 and database access determining module 803.
First application program judge module 801, for judging application program whether using system debug process access data
Storehouse;Database judge module 802, for if so, then judging whether the database that the system debug process is accessed belongs to
Sensitive database, wherein, the sensitive database is included for storing the database of permissions data and/or for storage service number
According to database;Database access determining module 803, for determining whether the system debug process according to judged result
Access the database.
A kind of Access and control strategy of database device that the present embodiment is provided, by judging application program whether using system debug
Process accesses database;If so, then judge whether the database that the system debug process is accessed belongs to sensitive database,
Wherein, sensitive database includes the database and/or the database for storage service data for storing permissions data;According to
Judged result determines whether that the system debug process accesses the database, can effectively control application program to access intelligence
Database in energy terminal, it is ensured that the security of data in intelligent terminal.
On the basis of above-described embodiment, also include:
Progress information acquisition module, for determining whether that the system debug process accesses institute according to judged result
Before stating database, the progress information of the system debug process is obtained by process call-by mechanism;
The whether legal judge module of caller, for judging calling for the system debug process according to the progress information
Whether person is legal;
Accordingly, the database access determining module, is used for:
According to the system debug process access the database whether belong to sensitive database judged result and
The whether legal judged result of the caller of the system debug process, it is determined whether allow the system debug process to access institute
State database.
On the basis of above-described embodiment, also include:
Access times logging modle, for record within the unit interval application program access sensitive data storehouse time
Number;
Second application program judge module, for judging the application program whether in running background, the application program
Whether the number of the sensitive database accessed more than first threshold and the application program is the number of times in access sensitive data storehouse
It is no more than Second Threshold;
Application program adds module, if being to access sensitive in running background, the application program for the application program
The number that the number of times of database exceedes the sensitive database that first threshold and the application program are accessed exceedes Second Threshold,
The application program is then added into list list, so that the follow-up application program directly refused in the list list accesses data
Storehouse.
On the basis of above-described embodiment, whether the legal judge module of the caller is used for:
Whether the caller that the system debug process is judged according to the progress information is mobile phone assistance application, if so,
Then determine that the caller of the system debug process is illegal, otherwise, it determines the caller of the system debug process is legal.
On the basis of above-described embodiment, also include:
Intelligent terminal judge module, for determining whether that the system debug process accesses institute according to judged result
Before stating database, whether the current value according to the terminal attribute for preserving judges intelligent terminal currently under debugging mode;
Accordingly, the database access determining module, is used for:
According to the system debug process access the database whether belong to sensitive database judged result and
Whether the intelligent terminal is currently in the judged result under debugging mode, it is determined whether allow the system debug process to access
The database.
On the basis of above-described embodiment, also include:
Order conversion module, for determining whether that the system debug process accesses the number according to judged result
Before according to storehouse, the order that the application program accesses database is converted into the recognizable information of user, and user be can recognize that into letter
Whether breath is shown, to point out user to allowing the application program access database to select;
Accordingly, the database access determining module, is used for:
According to judged result and the selection instruction of the user input for receiving, it is determined whether allow the system debug process
Access the database.
Fig. 9 is the structured flowchart of the Access and control strategy of database device of another intelligent terminal provided in an embodiment of the present invention,
The device can realize by software and/or hardware, can be typically integrated in intelligent terminal, can be by performing the database of intelligent terminal
Access control method is controlled come the database access to intelligent terminal.As shown in figure 9, the device includes data obtaining module
901st, judge module 902 and access reject or performing module 903 are accessed.
Wherein, data obtaining module 901, monitor to need by intelligent terminal described in ADB command access for working as
During database, the progress information and the identification information of the database of the caller of the ADB orders are obtained;Access judge module
902, whether the identification information judgment for the progress information according to the caller and the database allows the caller
Access the database;Access reject or performing module 903, the number is accessed for refusing the caller according to judged result
The access to the database is performed according to storehouse or according to the ADB orders.
A kind of Access and control strategy of database device that the present embodiment is provided, by progress information and database according to caller
Identification information judgment whether allow caller access database;According to judged result refuse caller access database or according to
ADB orders perform the access to database, the private data in can effectively preventing ADB from accessing intelligent terminal, change it sensitive
Authority, it is ensured that the security of data in intelligent terminal.
On the basis of above-described embodiment, described information acquisition module includes:
Determining unit is accessed, for receiving the access intelligence that the electronic equipment being connected with the intelligent terminal sends
During the progress information of the ADB orders in energy data in terminal storehouse and the caller of the ADB orders, it is determined that monitoring that the electronics sets
Standby upper application is needed by the database in intelligent terminal described in ADB command access;
Identification information obtaining unit, the identification information for obtaining the database according to the ADB orders.
On the basis of above-described embodiment, the access judge module, including:
Prompt message generation unit, for the progress information according to the caller and the identification information of the database,
Generate the prompt message that the caller accesses the database;
Selection instruction receiving unit, for receiving the selection instruction that user is input into according to the prompt message, according to described
Selection instruction determines whether that the caller accesses the database.
On the basis of above-described embodiment, the access judge module, including:
Malicious application and setting data storehouse determining unit, for being called according to the determination of the progress information of the caller
Whether person is malicious application, and determines whether the database is setting data storehouse according to the identification information of the database;
First access judging unit, for according to the caller whether be malicious application determination result and the number
According to storehouse whether be setting data storehouse determination result, determine whether that the caller accesses the database.
On the basis of above-described embodiment, the first access judging unit is used for:
According to the caller whether be the determination result of malicious application, the database whether be setting data storehouse really
Determine whether result and the intelligent terminal are currently under debugging mode, determine whether that the caller is accessed described
Database.
On the basis of above-described embodiment, described information acquisition module is used for:
When monitoring that the application on intelligent terminal is needed by database in intelligent terminal described in ADB command access,
The progress information of the caller of the ADB orders is obtained by process call-by mechanism, and the number is obtained according to the ADB orders
According to the identification information in storehouse.
On the basis of above-described embodiment, the access judge module, including:
Executive process determining unit, for determined according to the progress information of the caller caller process whether
It is ADB order executive process, and determines whether the database is setting data storehouse according to the identification information of the database;
Second access judging unit, for the process according to the caller whether be ADB order executive process determination
Result and the database whether be setting data storehouse determination result, determine whether that the caller accesses the number
According to storehouse.
On the basis of above-described embodiment, the second access judging unit is used for:
Process according to the caller whether be the determination result of ADB order executive process, the database whether be
The determination result in setting data storehouse and the determination result to setting addition Item, determine whether that the caller accesses institute
State database;Wherein,
It is described setting addition Item include it is following at least one:Whether the caller is malicious application, the intelligent terminal
It is current whether to be under debugging mode and after the prompt message for sending the caller access database, reception
Whether the selection instruction of user input indicates to allow the caller to access the database.
On the basis of above-described embodiment, whether the second access judging unit is by judging the caller default
Determine whether the caller is malicious application in blacklist;Application in wherein described default blacklist is setting for statistics
The number and number of times that database is accessed in the time period of measured length reach the application of given threshold.
Figure 10 is the structured flowchart of another Access and control strategy of database device provided in an embodiment of the present invention, the database
Access control apparatus are configured in electronic equipment, such as PC.As shown in Figure 10, the device includes access detection module 1001, enters
Journey data obtaining module 1002 and information sending module 1003.
Access detection module 1001, for monitoring whether the application on the electronic equipment being connected with intelligent terminal needs to pass through
Database in intelligent terminal described in ADB command access;Progress information acquisition module 1002, for monitoring that the electronics sets
Standby upper application needs during by database in intelligent terminal described in ADB command access, to obtain the caller of the ADB orders
Progress information;Information sending module 1003, for by the progress information of the ADB orders and the caller of the ADB orders
The intelligent terminal is sent to, so that the intelligent terminal is according to the ADB orders and the process of the caller of the ADB orders
Information determines whether that the caller accesses the database.
The Access and control strategy of database device that the present embodiment is provided, by the electronic equipment that monitoring is connected with intelligent terminal
Using whether needing by the database in ADB command access intelligent terminals;Application on electronic equipment is monitored needs logical
During the database crossed in ADB command access intelligent terminals, the progress information of the caller of ADB orders is obtained;By ADB orders and
The progress information of the caller of ADB orders is sent to intelligent terminal, so that intelligent terminal is according to ADB orders and the tune of ADB orders
The progress information of user determines whether that caller accesses database, can effectively prevent the application in electronic equipment from passing through
ADB accesses the private data in the intelligent terminal being attached thereto, and changes its sensitive permission, it is ensured that the peace of data in intelligent terminal
Quan Xing.
On the basis of above-described embodiment, the progress information of the caller for obtaining the ADB orders, including:
ADB instruments on the electronic equipment obtain the process of the caller of the ADB orders by process call-by mechanism
Information.
A kind of intelligent terminal is the embodiment of the invention provides, the intelligent terminal includes memory, processor and storage are being deposited
Following step can be realized on reservoir and during computer program described in the computing device in the computer program of processor operation
Suddenly:When monitoring to need by database in intelligent terminal described in ADB command access, calling for the ADB orders is obtained
The identification information of the progress information of person and the database;The mark of progress information and the database according to the caller
Information determines whether that the caller accesses the database;The caller is refused according to judged result and accesses the number
The access to the database is performed according to storehouse or according to the ADB orders.
Following steps can be also realized described in the computing device during computer program:Judge application program whether using system
System debugging process accesses database;If so, then judging whether the database that the system debug process is accessed belongs to sensitive
Database, wherein, the sensitive database is included for storing the database of permissions data and/or for storage service data
Database;Determine whether that the system debug process accesses the database according to judged result.
Figure 11 is a kind of structural representation of intelligent terminal provided in an embodiment of the present invention.As shown in figure 11, the intelligence is whole
End can include:Housing (not shown), memory 1101, central processing unit (Central Processing Unit,
CPU) 1102 (also known as processors, hereinafter referred to as CPU), circuit board (not shown) and power circuit (not shown).Institute
State circuit board and be placed in the interior volume that the housing is surrounded;The CPU1102 and the memory 1101 are arranged on the electricity
On the plate of road;The power circuit, powers for each circuit or device for the intelligent terminal;The memory 1101, uses
In storage executable program code;The CPU1102 is by reading the executable program code stored in the memory 1101
To run program corresponding with the executable program code.
The intelligent terminal also includes:Peripheral Interface 1103, RF (Radio Frequency, radio frequency) circuit 1105, audio
Circuit 1106, loudspeaker 1111, power management chip 1108, input/output (I/O) subsystem 1109, touch-screen 1112, other
Input/control devices 1110 and outside port 1104, these parts pass through one or more communication bus or holding wire 1107
To communicate.
It should be understood that diagram intelligent terminal 1100 is only an example of intelligent terminal, and intelligent terminal
1100 can have than the more or less part shown in figure, can combine two or more parts, or
There can be different parts to configure.Various parts shown in figure can including one or more signal transactings and/or
Application specific integrated circuit is realized in the combination of interior hardware, software or hardware and software.
The intelligent terminal for access of controlling database for being provided with regard to the present embodiment below is described in detail, the intelligence
Terminal is by taking mobile phone as an example.
Memory 1101, the memory 1101 can be accessed by CPU1102, Peripheral Interface 1103 etc., the memory
1101 can include high-speed random access memory, can also include nonvolatile memory, and such as one or more disks are deposited
Memory device, flush memory device or other volatile solid-state parts.
The input of equipment and output peripheral hardware can be connected to CPU1102 by Peripheral Interface 1103, the Peripheral Interface 1103
With memory 1101.
I/O subsystems 1109, the I/O subsystems 1109 can be by the input/output peripheral in equipment, such as touch-screen
1112 and other input/control devicess 1110, it is connected to Peripheral Interface 1103.I/O subsystems 1109 can include display control
Device 11091 and one or more input controllers 11092 for controlling other input/control devicess 1110.Wherein, one or
Multiple input controllers 11092 receive electric signal or to other input/control devicess from other input/control devicess 1110
1110 send electric signals, other input/control devicess 1110 can include physical button (pressing button, rocker buttons etc.), group
Dialer, slide switch, control stick, click roller.What deserves to be explained is, input controller 11092 can be with following any one company
Connect:The instruction equipment of keyboard, infrared port, USB interface and such as mouse.
Touch-screen 1112, the touch-screen 1112 is the input interface and output interface between user terminal and user, will
, to user, visual output can be including figure, text, icon, video etc. for visual output display.
Display controller 11091 in I/O subsystems 1109 receives electric signal or to touch-screen from touch-screen 1112
1112 send electric signal.Contact on the detection touch-screen of touch-screen 1112, the contact conversion that display controller 11091 will be detected
It is to be interacted with the user interface object being displayed on touch-screen 1112, that is, realizes man-machine interaction, is displayed on touch-screen 1112
User interface object can be the icon of running game, the icon etc. that is networked to corresponding network.What deserves to be explained is, equipment is also
Light mouse can be included, light mouse is the touch sensitive surface for not showing visual output, or the touch sensitivity formed by touch-screen
The extension on surface.
RF circuits 1105, are mainly used in setting up the communication of mobile phone and wireless network (i.e. network side), realize mobile phone with it is wireless
The data receiver of network and transmission.Such as transmitting-receiving short message, Email etc..Specifically, RF circuits 1105 are received and send RF
Signal, RF signals are also referred to as electromagnetic signal, and RF circuits 1105 convert electrical signals to electromagnetic signal or are converted to electromagnetic signal
Electric signal, and communicated with communication network and other equipment by the electromagnetic signal.RF circuits 1105 can include using
In the known circuit for performing these functions, it includes but is not limited to antenna system, RF transceivers, one or more amplifiers, tune
Humorous device, one or more oscillators, digital signal processor, CODEC (COder-DECoder, coder) chipset, user
Mark module (Subscriber Identity Module, SIM) etc..
Voicefrequency circuit 1106, is mainly used in receiving voice data from Peripheral Interface 1103, and the voice data is converted into electricity
Signal, and the electric signal is sent to loudspeaker 1111.
Loudspeaker 1111, for the voice signal for receiving mobile phone from wireless network by RF circuits 1105, is reduced to sound
Sound simultaneously plays the sound to user.
Power management chip 1108, for being supplied by the hardware that CPU1102, I/O subsystem and Peripheral Interface are connected
Electricity and power management.
The executable present invention of Intelligent terminal data storehouse access control apparatus and intelligent terminal provided in above-described embodiment appoints
The meaning Intelligent terminal data storehouse access control method that is provided of embodiment, possesses the execution corresponding functional module of the method and beneficial
Effect.Not ins and outs of detailed description in the above-described embodiments, reference can be made to the intelligence that any embodiment of the present invention is provided is eventually
Client database access control method.
Note, above are only presently preferred embodiments of the present invention and institute's application technology principle.It will be appreciated by those skilled in the art that
The invention is not restricted to specific embodiment described here, can carry out for a person skilled in the art various obvious changes,
Readjust and substitute without departing from protection scope of the present invention.Therefore, although the present invention is carried out by above example
It is described in further detail, but the present invention is not limited only to above example, without departing from the inventive concept, also
More other Equivalent embodiments can be included, and the scope of the present invention is determined by scope of the appended claims.
Claims (13)
1. a kind of Access and control strategy of database method, it is characterised in that including:
Judge whether application program accesses database using system debug process;
If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, wherein, it is described quick
Sense database includes the database and/or the database for storage service data for storing permissions data;
Determine whether that the system debug process accesses the database according to judged result.
2. method according to claim 1, it is characterised in that determining whether that the system is adjusted according to judged result
Before examination process accesses the database, also include:
The progress information of the system debug process is obtained by process call-by mechanism;
Judge whether the caller of the system debug process is legal according to the progress information;
It is described to determine whether that the system debug process accesses the database according to judged result, including:
Whether the database accessed according to the system debug process belongs to the judged result of sensitive database and described
The whether legal judged result of the caller of system debug process, it is determined whether allow the system debug process to access the number
According to storehouse.
3. method according to claim 1, it is characterised in that also include:
Record the number of times in the application program access sensitive data storehouse within the unit interval;
Judge the application program whether running background, the application program access sensitive data storehouse number of times whether more than
Whether the number of the sensitive database that one threshold value and the application program are accessed exceedes Second Threshold;
If the application program be running background, the application program access sensitive data storehouse number of times exceed first threshold,
And the number of the sensitive database of the application program access exceedes Second Threshold, then add name single-row the application program
Table, so that the follow-up application program directly refused in the list list accesses database.
4. method according to claim 2, it is characterised in that described that the system debug is judged according to the progress information
Whether the caller of process is legal, including:
Whether the caller that the system debug process is judged according to the progress information is mobile phone assistance application, if so, then true
The caller of the fixed system debug process is illegal, otherwise, it determines the caller of the system debug process is legal.
5. method according to claim 1, it is characterised in that determining whether that the system is adjusted according to judged result
Before examination process accesses the database, also include:
Whether the current value according to the terminal attribute for preserving judges intelligent terminal currently under debugging mode;
It is described to determine whether that the system debug process accesses the database according to judged result, including:
Whether the database accessed according to the system debug process belongs to the judged result of sensitive database and described
Whether intelligent terminal is currently in the judged result under debugging mode, it is determined whether allow the system debug process to access described
Database.
6. the method according to any one of claim 1-5, it is characterised in that determined whether according to judged result
Before the system debug process accesses the database, also include:
The order that the application program accesses database is converted into the recognizable information of user, and the recognizable information of user is carried out
It has been shown that, to point out user to whether allowing the application program access database to select;
It is described to determine whether that the system debug process accesses the database according to judged result, including:
According to judged result and the selection instruction of the user input for receiving, it is determined whether allow the system debug process to access
The database.
7. a kind of Access and control strategy of database device, it is characterised in that including:
First application program judge module, for judging application program whether using system debug process access database;
Database judge module, for if so, then judging whether the database that the system debug process is accessed belongs to quick
Sense database, wherein, the sensitive database is included for storing the database of permissions data and/or for storage service data
Database;
Database access determining module, for determining whether that the system debug process accesses the number according to judged result
According to storehouse.
8. device according to claim 7, it is characterised in that also include:
Progress information acquisition module, for determining whether that the system debug process accesses the number according to judged result
Before according to storehouse, the progress information of the system debug process is obtained by process call-by mechanism;
Whether the legal judge module of caller, the caller for judging the system debug process according to the progress information is
It is no legal;
Accordingly, the database access determining module, is used for:
Whether the database accessed according to the system debug process belongs to the judged result of sensitive database and described
The whether legal judged result of the caller of system debug process, it is determined whether allow the system debug process to access the number
According to storehouse.
9. device according to claim 7, it is characterised in that also include:
Access times logging modle, the number of times for recording the application program access sensitive data storehouse within the unit interval;
Second application program judge module, for judging whether the application program accesses in running background, the application program
Whether the number whether number of times of sensitive database exceedes the sensitive database that first threshold and the application program are accessed surpasses
Cross Second Threshold;
Application program adds module, if being in running background, the application program access sensitive data for the application program
The number that the number of times in storehouse exceedes the sensitive database that first threshold and the application program are accessed exceedes Second Threshold, then will
The application program adds list list, so that the follow-up application program directly refused in the list list accesses database.
10. whether device according to claim 8, it is characterised in that the legal judge module of the caller, is used for:
Whether the caller that the system debug process is judged according to the progress information is mobile phone assistance application, if so, then true
The caller of the fixed system debug process is illegal, otherwise, it determines the caller of the system debug process is legal.
11. devices according to claim 7, it is characterised in that also include:
Intelligent terminal judge module, for determining whether that the system debug process accesses the number according to judged result
Before according to storehouse, whether the current value according to the terminal attribute for preserving judges intelligent terminal currently under debugging mode;
Accordingly, the database access determining module, is used for:
Whether the database accessed according to the system debug process belongs to the judged result of sensitive database and described
Whether intelligent terminal is currently in the judged result under debugging mode, it is determined whether allow the system debug process to access described
Database.
12. device according to any one of claim 7-11, it is characterised in that also include:
Order conversion module, for determining whether that the system debug process accesses the database according to judged result
Before, the order that the application program accesses database is converted into the recognizable information of user, and the recognizable information of user is entered
Row display, to point out user to whether allowing the application program access database to select;
Accordingly, the database access determining module, is used for:
According to judged result and the selection instruction of the user input for receiving, it is determined whether allow the system debug process to access
The database.
13. a kind of intelligent terminals, it is characterised in that including memory, processor and storage on a memory and can be in processor
The computer program of upper operation, it is characterised in that realize following steps during computer program described in the computing device:
Judge whether application program accesses database using system debug process;
If so, then judge whether the database that the system debug process is accessed belongs to sensitive database, wherein, it is described quick
Sense database includes the database and/or the database for storage service data for storing permissions data;
Determine whether that the system debug process accesses the database according to judged result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710076712.5A CN106777381A (en) | 2017-02-13 | 2017-02-13 | A kind of Access and control strategy of database method, device and intelligent terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710076712.5A CN106777381A (en) | 2017-02-13 | 2017-02-13 | A kind of Access and control strategy of database method, device and intelligent terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106777381A true CN106777381A (en) | 2017-05-31 |
Family
ID=58956018
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710076712.5A Pending CN106777381A (en) | 2017-02-13 | 2017-02-13 | A kind of Access and control strategy of database method, device and intelligent terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106777381A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112513850A (en) * | 2020-09-16 | 2021-03-16 | 华为技术有限公司 | Electronic control unit and data access method and device thereof |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103065083A (en) * | 2013-01-31 | 2013-04-24 | 晨风云(北京)科技有限公司 | Method and system for monitoring application program interface of intelligent mobile terminal |
CN103116716A (en) * | 2013-01-25 | 2013-05-22 | 复旦大学 | Immediate access conferring method aiming at low interference of mobile platform |
CN103136472A (en) * | 2011-11-29 | 2013-06-05 | 腾讯科技(深圳)有限公司 | Method and mobile device of stopping application program to steal privacy |
CN103368904A (en) * | 2012-03-27 | 2013-10-23 | 百度在线网络技术(北京)有限公司 | Mobile terminal, and system and method for suspicious behavior detection and judgment |
CN105930721A (en) * | 2016-04-28 | 2016-09-07 | 北京小米移动软件有限公司 | Method and device for managing application program |
-
2017
- 2017-02-13 CN CN201710076712.5A patent/CN106777381A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103136472A (en) * | 2011-11-29 | 2013-06-05 | 腾讯科技(深圳)有限公司 | Method and mobile device of stopping application program to steal privacy |
CN103368904A (en) * | 2012-03-27 | 2013-10-23 | 百度在线网络技术(北京)有限公司 | Mobile terminal, and system and method for suspicious behavior detection and judgment |
CN103116716A (en) * | 2013-01-25 | 2013-05-22 | 复旦大学 | Immediate access conferring method aiming at low interference of mobile platform |
CN103065083A (en) * | 2013-01-31 | 2013-04-24 | 晨风云(北京)科技有限公司 | Method and system for monitoring application program interface of intelligent mobile terminal |
CN105930721A (en) * | 2016-04-28 | 2016-09-07 | 北京小米移动软件有限公司 | Method and device for managing application program |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112513850A (en) * | 2020-09-16 | 2021-03-16 | 华为技术有限公司 | Electronic control unit and data access method and device thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11036840B2 (en) | Fingerprint recognition method and apparatus, and touchscreen terminal | |
CN103634109B (en) | Operation right authentication method and device | |
CN107992728B (en) | Face verification method and device | |
US20160241589A1 (en) | Method and apparatus for identifying malicious website | |
CN107944259A (en) | Using the management-control method of startup, device and storage medium and mobile terminal | |
CN104765993A (en) | Anti-addiction method and device | |
KR100966073B1 (en) | Apparatus and method for managing terminal users | |
CN109085975A (en) | Screenshotss method, apparatus, storage medium and electronic device | |
CN104754136A (en) | Method and system for managing account numbers relevant to mobile phone numbers on basis of intelligent terminals | |
CN107729538A (en) | comment information processing method, device, terminal device and storage medium | |
CN104766008A (en) | Application program installation package safety detection method and server | |
CN104573437B (en) | Information authentication method, device and terminal | |
CN108021816B (en) | Electronic device test method and device, storage medium and electronic device | |
CN108718271A (en) | Processing method, device, storage medium and the terminal of good friend's request | |
CN106815534A (en) | A kind of method for protecting privacy of user, device and mobile terminal | |
CN106487789A (en) | A kind of method of the password of modification application account, device and mobile terminal | |
CN108984265B (en) | Method and device for detecting virtual machine environment | |
CN106777381A (en) | A kind of Access and control strategy of database method, device and intelligent terminal | |
CN108664389B (en) | Test method, test device and terminal | |
CN112463266A (en) | Execution policy generation method and device, electronic equipment and storage medium | |
CN115600213A (en) | Vulnerability management method, device, medium and equipment based on application program | |
CN107516024B (en) | Method and device for unlocking electronic equipment and electronic equipment | |
CN110856173B (en) | Network access method and device and electronic equipment | |
CN108694314A (en) | A kind of computer security login management system and method | |
CN107317908A (en) | A kind of method of user's identification, terminal and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |
|
RJ01 | Rejection of invention patent application after publication |