CN106789950B - Information protection method, device and terminal - Google Patents

Information protection method, device and terminal Download PDF

Info

Publication number
CN106789950B
CN106789950B CN201611083920.XA CN201611083920A CN106789950B CN 106789950 B CN106789950 B CN 106789950B CN 201611083920 A CN201611083920 A CN 201611083920A CN 106789950 B CN106789950 B CN 106789950B
Authority
CN
China
Prior art keywords
information
encrypted
behavior
encryption
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611083920.XA
Other languages
Chinese (zh)
Other versions
CN106789950A (en
Inventor
王泽权
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Oppo Mobile Telecommunications Corp Ltd filed Critical Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority to CN201611083920.XA priority Critical patent/CN106789950B/en
Publication of CN106789950A publication Critical patent/CN106789950A/en
Application granted granted Critical
Publication of CN106789950B publication Critical patent/CN106789950B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal

Abstract

The embodiment of the invention discloses an information protection method, an information protection device and a terminal. The information protection method comprises the steps of obtaining behavior information of a user and current geographic position information of a terminal; encrypting the information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information; determining a first storage position of the encrypted information according to the current geographical position information; the encrypted information is stored to a first storage location. According to the scheme, the behavior information and the current geographic position information are used for encrypting the information to be encrypted to obtain the encrypted information, and then the storage position of the encrypted information is set according to the geographic position information, so that the safety of the terminal information is improved.

Description

Information protection method, device and terminal
Technical Field
The invention relates to the technical field of terminals, in particular to an information protection method, an information protection device and a terminal.
Background
With the continuous powerful functions of the intelligent mobile terminal, the intelligent mobile terminal becomes an indispensable part of the daily life of people.
In practical applications, since a user may involve privacy operations when using the smart mobile terminal, it is undesirable to see such privacy information when others use the terminal. Such as certain photos, certain records of visited web sites, friend information or communication records of instant messaging software, etc. In order to protect the private information, the private information may be encrypted by using a fingerprint, or a screen locking password may be set for the smart mobile terminal. However, these encryption methods have a single form and low information protection strength, which affects the security of the terminal information.
Disclosure of Invention
The embodiment of the invention provides an information protection method, an information protection device and a terminal, which can improve the security of terminal information.
The embodiment of the invention provides an information protection method, which comprises the following steps:
acquiring behavior information of a user and current geographic position information of a terminal;
encrypting information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information;
determining a first storage position of the encrypted information according to the current geographical position information;
storing the encrypted information to the first storage location.
An embodiment of the present invention further provides an information protection apparatus, including:
the acquisition module is used for acquiring the behavior information of the user and the current geographic position information of the terminal;
the first encryption module is used for encrypting information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information;
the first determining module is used for determining a first storage position of the encrypted information according to the current geographic position information;
and the first storage module is used for storing the encrypted information to the first storage position.
An embodiment of the present invention further provides a terminal, including:
a memory storing executable program code;
a processor coupled with the memory;
the processor calls the executable program code stored in the memory to execute part or all of the steps described in any information protection method of the embodiment of the invention.
The embodiment of the invention acquires the behavior information of the user and the current geographic position information of the terminal; encrypting the information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information; determining a first storage position of the encrypted information according to the current geographical position information; the encrypted information is stored to a first storage location. According to the scheme, the behavior information and the current geographic position information are used for encrypting the information to be encrypted to obtain the encrypted information, and then the storage position of the encrypted information is set according to the geographic position information, so that the safety of the terminal information is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of an information protection method according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a file stored in a first storage location according to an embodiment of the present invention.
Fig. 3 is a flowchart of another information protection method according to an embodiment of the present invention.
Fig. 4 is a schematic diagram of a file stored in a second storage location according to an embodiment of the present invention.
Fig. 5 is a schematic structural diagram of an information protection apparatus according to an embodiment of the present invention.
Fig. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first", "second", "third" and "fourth", etc. in the present invention are used for distinguishing different objects, not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The execution main body of the information protection method provided by the embodiment of the invention can be the information protection device provided by the embodiment of the invention or a terminal integrated with the information protection device, and the information protection device can be realized in a hardware or software mode; the terminal described in the embodiment of the present invention may be a Mobile device such as a smart phone (e.g., an Android phone, a windows phone, etc.), a tablet computer, a palm computer, a notebook computer, a Mobile internet device (MID, Mobile internet devices), or a wearable device, and the terminal is merely an example, and is not exhaustive and includes but is not limited to the terminal.
The embodiment of the invention provides an information protection method, an information protection device and a terminal. The details will be described below separately.
In a preferred embodiment, the description will be made from the perspective of an information protection device, and the information protection device may be specifically integrated in a terminal in the form of software or hardware, and the terminal may be a smart phone, a tablet computer, or the like.
Referring to fig. 1, fig. 1 is a flowchart of a first information protection method according to the preferred embodiment. The respective steps of the information protection method of the present preferred embodiment are explained in detail below.
S101, acquiring behavior information of a user and current geographical position information of a terminal.
The behavior information of the user includes an action type, a behavior pattern, and the like of the user, for example, information such as walking, running, playing a ball, and the like of the user. In a real application scene, some characterization data generated during user activities can be collected through a camera and a sensor integrated on a terminal, then the sampled data is processed, and the current behavior of the user is identified by using an identification model so as to acquire behavior information of the user. For example, a camera is used to record video information of user behavior, and then a visual processing method is used to analyze the current user behavior. The terminal includes an acceleration sensor, a gyro sensor, a light sensor, a proximity sensor, a GPS (Global Positioning System) device, and the like, and thus the user behavior information can be collected using these sensors. For example, acceleration value data generated when a user limb moves in a three-dimensional space is acquired through an acceleration sensor, and as long as any one dimension is changed, different sampling values are generated, so that the behavior of the user is identified.
The geographical location information may include a location where the terminal is located, an area (country, province, city, district, etc.) where the terminal is located, an altitude of the terminal, and the like. In practical application, the current geographical position information of the terminal can be acquired through a GPS, an altitude sensor or a sensor thereof.
When the information needs to be encrypted (for example, the information is encrypted by using a certain encryption strength), the current geographic position information of the terminal and the behavior information of the user can be obtained. For example, the geographic location information and the behavior information may be acquired when information such as a picture and a chat log is encrypted. The time sequence for acquiring the geographic position information and the behavior information may be multiple, for example, the geographic position information and the behavior information may be acquired simultaneously or sequentially.
S102, encrypting the information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information.
The information to be encrypted includes, but is not limited to, various information such as text information, video information, audio information, and the like. In some embodiments, an encryption parameter information may be determined according to the geographic location information and the behavior information, and then a corresponding target encryption algorithm is obtained based on the encryption parameter information to encrypt the information to be encrypted.
The encryption parameter information may be an encryption parameter required by an encryption algorithm to encrypt data. The encryption parameter information may further include: encryption strength, encrypted objects, encryption keys, and the like. The encryption strength may be the depth of encrypting data, which depends on the number of data bits to be encrypted, i.e., the length of the key used in encryption. Thus, the strength of encryption can be characterized by the number of data bits that are encrypted. Such as AES (Advanced Encryption Standard) -128, where the number of bits of encrypted data is 128bits, and the Encryption strength of the algorithm may be 128 bits.
There are various ways to determine the encryption parameter information according to the geographic location and the behavior information, for example, one encryption parameter information may be obtained according to the geographic location information, one encryption parameter information may be obtained according to the behavior information, and then, the corresponding encryption parameter information may be obtained according to the two encryption parameters. In actual operation, a geographic parameter mapping relationship set can be preset, the set comprises a mapping relationship between geographic position information and encryption parameter information, and at this time, corresponding first encryption parameter information can be obtained according to the geographic position information and the geographic parameter mapping relationship set; similarly, a behavior parameter mapping relationship set may also be preset, where the set includes a direct mapping relationship between the behavior information and the encryption parameter information, and the corresponding second encryption parameter information may be obtained according to the behavior information and the behavior parameter mapping relationship set.
The first encryption parameter information and the second encryption parameter information may be the same type of encryption parameter information, for example, both the first encryption parameter information and the second encryption parameter information are encryption strength, or encryption object information, and the like. The encryption parameter information may also be different types of encryption parameter information, for example, the first encryption parameter information is encryption strength, and the second encryption parameter information is an encryption object.
In some embodiments, it is also possible to determine one piece of encryption parameter information according to the geographic location and the behavior information, and then obtain a corresponding target encryption algorithm based on the two pieces of encryption parameter information to encrypt the information to be encrypted. Determining corresponding first encryption parameter information according to the geographical position information; determining corresponding second encryption parameter information according to the behavior information; and acquiring a required target encryption algorithm according to the first encryption parameter information and the second encryption parameter information. The first encryption parameter information and the second encryption parameter information are the same type of encryption parameter information, and can also be different types of encryption parameter information.
In some embodiments, an encryption algorithm may be determined according to the geographic location, and then the corresponding encryption information in the encryption algorithm is modified based on the behavior information to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the current location of the terminal is determined to be encryption algorithm 1, and then, the corresponding encryption parameters in the encryption algorithm can be changed according to the behavior information to obtain the target encryption algorithm. The encryption parameter information modified according to the behavior information may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
In some embodiments, an encryption algorithm may be determined according to the behavior information, and then, the corresponding encryption information in the encryption algorithm is modified based on the geographic location information, so as to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the behavior information is determined to be the encryption algorithm 1, and then, the corresponding encryption parameter in the encryption algorithm can be changed according to the geographic position information, so as to obtain the target encryption algorithm. The encryption parameter information modified according to the geographical location information may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
S103, determining a first storage position of the encrypted information according to the current geographic position information.
In this embodiment, on the basis of obtaining the encrypted information by encrypting the information to be encrypted through the current geographic position information of the terminal and the behavior information of the user, the information protection is further enhanced through the geographic position information of the terminal.
In practical applications, the geographical location information can be divided into an office place, a living place, an entertainment place, a common place, and the like according to the activity track of the user. For example, a company belongs to an office, a family belongs to a living place, and a market belongs to an entertainment place. Different encryption strengths may be employed for different locations. For example, since the entertainment venue personnel are complicated and the living venue personnel are single, when the terminal is located in the entertainment venue, the protection of the information should be enhanced, that is, the protection intensity of the entertainment venue is greater than that of the living venue. Thus, to further secure the information, the encrypted information may be transferred to a more covert storage location, such as a storage location with a deeper storage path, when the terminal is in a location where increased protection strength is required.
A correspondence table may be established in advance for the geographical location information and the encryption information storage location of the terminal, and as shown in table 1 below, the encryption information in the living place is stored in the first-level storage location, the encryption information in the office place is stored in the second-level storage location, the encryption information in the entertainment place is stored in the third-level storage location, and the encryption information in the general place is stored in the fourth-level storage location, where the secrecy of the first-level storage location, the second-level storage location, the third-level storage location, and the fourth-level storage location decreases in order. Therefore, after the current geographical position information of the terminal is acquired, the storage position corresponding to the geographical position information can be determined by inquiring the corresponding relation table.
TABLE 1
Geographical position of terminal Storage location
Living place First rank storage location
Office space Second level storage locations
Entertainment place Third level storage locations
General site Fourth level memory location
Firstly, searching whether target geographical position information matched with the current geographical position information exists in a corresponding relation table, and if so, determining a storage position corresponding to the target geographical position information, namely a first storage position. Taking table 1 as an example, if the current geographical location information is a company, the geographical location matched with the company in the correspondence table is an office location. And searching the storage position corresponding to the office as a second-level storage position from the table 1, so that the first storage position corresponding to the current geographical position information is the second-level storage position.
And S104, storing the encrypted information to a first storage position.
Assuming that the encrypted information is "guid. txt", in table 1, the storage path of the first-level storage location is "local: \ internal storage: \ a folder", the second-level storage location is "local: \ internal storage: \ a folder: \ B folder", the third-level storage location is "local: \ internal storage: \ a folder: \ B folder: \ C folder", and the fourth-level storage location is "local: \ internal storage: \ a folder: \ B folder: \ C folder: \ D folder". When the first storage location is obtained as the second-level storage location in step S104, the terminal stores the encryption information "guid. txt" into the B folder whose storage path is "local: \ internal storage: \ a folder: \ B folder", as shown in fig. 2.
The information protection method of the preferred embodiment encrypts the information to be encrypted by using the behavior information and the current geographic position information to obtain the encrypted information, and then sets the storage position of the encrypted information according to the geographic position information, thereby improving the security of the terminal information.
In a preferred embodiment, the information protection method of the present invention will be further described.
The preferred embodiment will be described from the perspective of an information protection device, which may be specifically integrated in a terminal in the form of software or hardware, where the terminal may be a smart phone, a tablet computer, or other devices.
Referring to fig. 3, fig. 3 is another flowchart of the information protection method according to the preferred embodiment. The respective steps of the information protection method of the present preferred embodiment are explained in detail below.
S201, acquiring the behavior information of the user and the current geographic position information of the terminal.
The behavior information of the user includes an action type, a behavior pattern, and the like of the user, for example, information such as walking, running, playing a ball, and the like of the user. In a real application scene, some characterization data generated during user activities can be collected through a camera and a sensor integrated on a terminal, then the sampled data is processed, and the current behavior of the user is identified by using an identification model so as to acquire behavior information of the user. For example, a camera is used to record video information of user behavior, and then a visual processing method is used to analyze the current user behavior. The terminal includes an acceleration sensor, a gyro sensor, a light sensor, a proximity sensor, a GPS (Global Positioning System) device, and the like, and thus the user behavior information can be collected using these sensors. For example, acceleration value data generated when a user limb moves in a three-dimensional space is acquired through an acceleration sensor, and as long as any one dimension is changed, different sampling values are generated, so that the behavior of the user is identified.
The geographical location information may include a location where the terminal is located, an area (country, province, city, district, etc.) where the terminal is located, an altitude of the terminal, and the like. In practical application, the current geographical position information of the terminal can be acquired through a GPS, an altitude sensor or a sensor thereof.
When the information needs to be encrypted (for example, the information is encrypted by using a certain encryption strength), the current geographic position information of the terminal and the behavior information of the user can be obtained. For example, the geographic location information and the behavior information may be acquired when information such as a picture and a chat log is encrypted. The time sequence for acquiring the geographic position information and the behavior information may be multiple, for example, the geographic position information and the behavior information may be acquired simultaneously or sequentially.
S202, analyzing the behavior information according to a preset analysis algorithm to obtain behavior characteristic parameters corresponding to the behavior information.
After behavior information of a user is acquired, behavior characteristic parameters are extracted to effectively represent the characteristics of the user behavior, and if the user behavior is running, the user behavior can be represented by the running distance and time; if the user behavior is walking, the user behavior may be characterized by the number of steps taken.
Wherein, the extracted behavior characteristic parameter may indicate encryption strength, an encrypted object, an encryption key, and the like. For example, the encryption strength is set to a first encryption level, a second encryption level, and a third encryption level, wherein the encryption strength increases in sequence. The running one kilometer may indicate that the information to be encrypted is encrypted to a first encryption level and the running two kilometers may indicate that the information to be encrypted is encrypted to a second encryption level. As another example, the walk indication encrypts text information and the jump indication encrypts audio information.
The behavior information can be analyzed according to a preset analysis algorithm to obtain an analysis result, and then behavior characteristic parameters are obtained according to the analysis result. Specifically, since the behavior information acquired in step S201 includes various noises, which may affect the behavior feature parameter extraction, the behavior information may be preprocessed to eliminate the influence of the noises, for example, preprocessing methods such as normalization and resampling are adopted. And then analyzing the preprocessed behavior information according to a related algorithm to extract behavior characteristic parameters.
It should be noted that the behavior information may include a plurality of user behaviors, and thus the corresponding extracted behavior feature parameter may also be a combination of a plurality of behavior features. For example, the behavior information includes both walking information and running information of the user, and the extracted behavior characteristic parameters may include both the number of steps taken and the running time. Therefore, the intensity of information encryption can be greatly improved, and the information security is improved.
S203, encrypting the information to be encrypted according to the behavior characteristic parameters and the current geographic position information to obtain encrypted information.
The information to be encrypted includes, but is not limited to, various information such as text information, video information, audio information, and the like. In some embodiments, an encryption parameter information may be determined according to the geographic location information and the behavior characteristic parameter, and then a corresponding target encryption algorithm is obtained based on the encryption parameter information to encrypt the information to be encrypted.
The encryption parameter information may be an encryption parameter required by an encryption algorithm to encrypt data. The encryption parameter information may further include: encryption strength, encrypted objects, encryption keys, and the like. The encryption strength may be the depth of encrypting data, which depends on the number of data bits to be encrypted, i.e., the length of the key used in encryption. Thus, the strength of encryption can be characterized by the number of data bits that are encrypted. Such as AES (Advanced Encryption Standard) -128, where the number of bits of encrypted data is 128bits, and the Encryption strength of the algorithm may be 128 bits.
There are various ways to determine the encryption parameter information according to the geographic location and the behavior characteristic parameter, for example, an encryption parameter may be obtained according to the geographic location information, and then the corresponding encryption parameter information may be obtained according to the encryption parameter and the behavior characteristic parameter. In actual operation, a geographic parameter mapping relationship set may be preset, where the set includes a mapping relationship between geographic location information and encryption parameter information, and at this time, corresponding first encryption parameter information may be obtained according to the geographic location information and the geographic parameter mapping relationship set.
In some embodiments, the encryption parameter and the behavior characteristic parameter are the same type of encryption parameter information, such as encryption strength, encryption object information, or the like. For example, the encryption strength is 128bits according to the geographical location information, and the encryption strength is 256bits according to the behavior characteristic parameter, so that at this time, one encryption strength, such as 128bits, can be selected from the two encryption strengths.
In other embodiments, the encryption parameter and the behavior characteristic parameter may also be different types of encryption parameters, such as encryption parameter information being encryption strength and behavior characteristic parameter being an encrypted object. At this time, the encryption parameter information is obtained according to the encryption parameter and the behavior characteristic parameter.
In some embodiments, an encryption algorithm may be determined according to the geographic location, and then, the corresponding encryption information in the encryption algorithm is modified based on the behavior characteristic parameter, so as to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the current location of the terminal is determined to be the encryption algorithm 1, and then, the corresponding encryption parameters in the encryption algorithm can be changed according to the behavior characteristic parameters to obtain the target encryption algorithm. The encryption parameter information modified according to the behavior characteristic parameter may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
In some embodiments, an encryption algorithm may be determined according to the behavior characteristic parameter, and then, the corresponding encryption information in the encryption algorithm is modified based on the geographic location information, so as to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the behavior characteristic parameter is determined to be the encryption algorithm 1, and then, the corresponding encryption parameter in the encryption algorithm can be changed according to the geographic position information to obtain the target encryption algorithm. The encryption parameter information modified according to the geographical location information may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
And S204, acquiring a corresponding relation table between the geographical position information and the storage position of the terminal.
In this embodiment, on the basis of obtaining the encrypted information by encrypting the information to be encrypted through the current geographic position information of the terminal and the behavior characteristic parameter of the user, the information protection is further enhanced through the geographic position information of the terminal.
In practical applications, the geographical location information can be divided into an office place, a living place, an entertainment place, a common place, and the like according to the activity track of the user. For example, a company belongs to an office, a family belongs to a living place, and a market belongs to an entertainment place. Different encryption strengths may be employed for different locations. For example, since the entertainment venue personnel are complicated and the living venue personnel are single, when the terminal is located in the entertainment venue, the protection of the information should be enhanced, that is, the protection intensity of the entertainment venue is greater than that of the living venue. Thus, to further secure the information, the encrypted information may be transferred to a more covert storage location, such as a storage location with a deeper storage path, when the terminal is in a location where increased protection strength is required.
A correspondence table may be established in advance for the geographical location information and the encrypted information storage location of the terminal, and as shown in table 1, the encrypted information in the living place is stored in the first-level storage location, the encrypted information in the office place is stored in the second-level storage location, the encrypted information in the entertainment place is stored in the third-level storage location, and the encrypted information in the general place is stored in the fourth-level storage location, where the secrecy of the first-level storage location, the second-level storage location, the third-level storage location, and the fourth-level storage location decreases in order. Therefore, after the current geographical position information of the terminal is acquired, the storage position corresponding to the geographical position information can be determined by inquiring the corresponding relation table.
S205, determining a first storage position corresponding to the current geographic position information according to the corresponding relation table.
Firstly, searching whether target geographical position information matched with the current geographical position information exists in a corresponding relation table, and if so, determining a storage position corresponding to the target geographical position information, namely a first storage position. Taking table 1 as an example, if the current geographical location information is a company, the geographical location matched with the company in the correspondence table is an office location. And searching the storage position corresponding to the office as a second-level storage position from the table 1, so that the first storage position corresponding to the current geographical position information is the second-level storage position.
S206, storing the encrypted information to a first storage position.
Assuming that the encrypted information is "guid. txt", in table 1, the storage path of the first-level storage location is "local: \ internal storage: \ a folder", the second-level storage location is "local: \ internal storage: \ a folder: \ B folder", the third-level storage location is "local: \ internal storage: \ a folder: \ B folder: \ C folder", and the fourth-level storage location is "local: \ internal storage: \ a folder: \ B folder: \ C folder: \ D folder". When the first storage location is obtained as the second-level storage location in step S205, the terminal stores the encryption information "guid. txt" into the B folder whose storage path is "local: \ internal storage: \ a folder: \ B folder", as shown in fig. 2.
And S207, re-acquiring the current geographic position information of the terminal.
When the geographical position of the terminal is changed, the storage position of the corresponding encryption information is also shifted. For example, when the user moves from an office to a living place, the encrypted information may be moved from a folder with a deeper storage path to a folder with a shallower storage path. Therefore, the current geographical location information of the terminal needs to be acquired again through the GPS, the altitude sensor or the sensor thereof, and then it is determined whether the geographical location information changes, if not, the current storage location is kept unchanged, and if so, the process proceeds to step S208.
And S208, determining a second storage position according to the newly acquired current geographic position information, and storing the encrypted information to the second storage position.
Similarly, the second storage location may also be determined according to the correspondence table between the geographic location information and the storage location information. As shown in table 1, assuming that the current geographic location obtained again is a mall, the geographic location corresponding to the mall in the correspondence table is an entertainment place, and the storage location corresponding to the entertainment place is a third-level storage location, so that the second storage location is the third-level storage location.
Next, the terminal will transfer the encryption information originally stored in the first storage location to the second storage location for storage. In this embodiment, the encrypted information is transferred from the second-level storage location to the third-level storage location for storage, that is, the encrypted information "guid.txt" is transferred from the B folder whose storage path is "local: \ a folder: \ B folder" to the C folder whose storage path is "local: \ a folder: \ B folder: \ C folder", that is, "guid.txt" is stored in subfolder C in the B folder, thereby storing "guid.txt" in the folder of a deeper path to enhance the protection strength. As shown in fig. 4.
S209, the behavior information of the user and the current geographic position information of the terminal are obtained again, and the encryption information is encrypted again according to the obtained behavior information and the current geographic position information.
Since the current geographical location information of the terminal is changed, the behavior information of the user and the current geographical location information of the terminal are re-acquired to re-encrypt the encrypted information. Step S201 may be referred to for a manner of acquiring the behavior information and the geographic location information, which is not described herein again.
Then, the encryption information is re-encrypted according to the re-acquired behavior information and the current geographic location information, and the specific encryption manner is as described in step S203, which is not described herein again.
The information protection method of the preferred embodiment encrypts the information to be encrypted by using the behavior characteristic parameters and the current geographic position information to obtain the encrypted information, and then sets the storage position of the encrypted information according to the geographic position information, thereby improving the security of the terminal information.
In order to better implement the above method, in a preferred embodiment, an information protection device is provided, which may be integrated in a terminal, specifically, a smart phone, a tablet computer, or the like. As shown in fig. 5, the information protection apparatus 30 includes an obtaining module 301, a first encrypting module 302, a first determining module 303, and a first storing module 304, which are described in detail as follows:
an obtaining module 301, configured to obtain behavior information of a user and current geographic location information of a terminal; the first encryption module 302 is configured to encrypt information to be encrypted according to the behavior information and the current geographic location information to obtain encrypted information; a first determining module 303, configured to determine a first storage location of the encrypted information according to the current geographic location information; a first storage module 304, configured to store the encrypted information to a first storage location.
Further, the first encryption module 302 includes a first obtaining sub-module 3021 and an encryption sub-module 3022, which are described in detail as follows:
the first obtaining submodule 3021 is configured to analyze the behavior information according to a preset analysis algorithm, and obtain a behavior feature parameter corresponding to the behavior information; and the encryption submodule 3022 is configured to encrypt the information to be encrypted according to the behavior feature parameter and the current geographic location information.
The first obtaining sub-module 3021 may be invoked to perform preprocessing on the behavior information to eliminate various noises in the behavior information, for example, by using preprocessing methods such as normalization and resampling. And then analyzing the preprocessed behavior information according to a related algorithm to extract behavior characteristic parameters.
In some embodiments, the encryption sub-module 3022 may be invoked to determine an encryption parameter information according to the geographic location information and the behavior characteristic parameter, and then obtain a corresponding target encryption algorithm based on the encryption parameter information to encrypt the information to be encrypted.
In some embodiments, the encryption sub-module 3022 may also be invoked to determine an encryption algorithm according to the geographic location, and then modify corresponding encryption information in the encryption algorithm based on the behavior characteristic parameter to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the current location of the terminal is determined to be the encryption algorithm 1, and then, the corresponding encryption parameters in the encryption algorithm can be changed according to the behavior characteristic parameters to obtain the target encryption algorithm. The encryption parameter information modified according to the behavior characteristic parameter may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
In some embodiments, the encryption sub-module 3022 may also be invoked to determine an encryption algorithm according to the behavior characteristic parameter, and then change the corresponding encryption information in the encryption algorithm based on the geographic location information to obtain a required target encryption algorithm to encrypt the information to be encrypted. For example, the encryption algorithm corresponding to the behavior characteristic parameter is determined to be the encryption algorithm 1, and then, the corresponding encryption parameter in the encryption algorithm can be changed according to the geographic position information to obtain the target encryption algorithm. The encryption parameter information modified according to the geographical location information may be set according to actual requirements, for example, the encryption strength, the encryption key, or the encrypted object may be modified.
Further, the first determining module 303 includes a second obtaining sub-module 3031 and a determining sub-module 3032, which are described in detail as follows:
a second obtaining submodule 3031, configured to obtain a correspondence table between the geographic location information of the terminal and the storage location; the determining submodule 3032 is configured to determine, according to the correspondence table, a first storage location corresponding to the current geographic location information.
A correspondence table may be established in advance for the geographical location information and the encrypted information storage location of the terminal, and as shown in table 1, the encrypted information in the living place is stored in the first-level storage location, the encrypted information in the office place is stored in the second-level storage location, the encrypted information in the entertainment place is stored in the third-level storage location, and the encrypted information in the general place is stored in the fourth-level storage location, where the secrecy of the first-level storage location, the second-level storage location, the third-level storage location, and the fourth-level storage location decreases in order. In this way, after the second obtaining sub-module 3031 obtains the current geographical location information of the terminal, the determining sub-module 3032 may query the corresponding relation table to determine the storage location corresponding to the geographical location information.
Further, the information protection apparatus 30 further includes a first obtaining module 305, a second determining module 306, and a second storing module 307, which are described in detail as follows:
a first obtaining module 305, configured to obtain current geographic location information of the terminal again; a second determining module 306, configured to determine a second storage location according to the retrieved current geographic location information; and a second storage module 307, configured to store the encrypted information in a second storage location.
Further, the information protection apparatus 30 further includes a second obtaining module 308 and a second encrypting module 309, which are described in detail as follows:
a second obtaining module 308, configured to obtain behavior information of the user and current geographic location information of the terminal again; and a second encryption module 309, configured to re-encrypt the encryption information according to the re-acquired behavior information and the current geographic location information.
The information protection device of the preferred embodiment encrypts the information to be encrypted by using the behavior information and the current geographic position information to obtain the encrypted information, and then sets the storage position of the encrypted information according to the geographic position information, so that the security of the terminal information is improved.
In a preferred embodiment, a terminal is provided, and in a preferred embodiment, a terminal 400 includes, as shown in fig. 6, a Radio Frequency (RF) circuit 401, a memory 402, an input unit 403, a display unit 404, a sensor 405, and a processor 406.
The rf circuit 401 is used for transmitting and receiving information, or receiving and transmitting signals during a call. Including but not limited to an antenna, at least one amplifier, a tuner, one or more oscillators, a transceiver, a coupler, a low noise amplifier, a duplexer, etc.
The memory 402 is used for storing software programs and modules, and mainly includes a program storage area and a data storage area, where the program storage area may store an operating system, a target application (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the terminal, etc.
The input unit 403 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control. In particular, in a particular embodiment, the input unit 403 may include a touch-sensitive surface as well as other input devices. The touch-sensitive surface, also referred to as a touch display screen or a touch pad, may collect touch operations by a user (e.g., operations by a user on or near the touch-sensitive surface using a finger, a stylus, or any other suitable object or attachment) thereon or nearby, and drive the corresponding connection device according to a predetermined program.
The display unit 404 serves to display information input by a user or information provided to the user and various graphic user interfaces of the terminal, which may be configured of graphics, text, icons, video, and any combination thereof.
The terminal also includes at least one sensor 405, such as a gravitational acceleration sensor, a motion sensor, and other sensors. Specifically, the gravity acceleration sensor can detect the magnitude of acceleration in each direction (generally three axes), can detect the magnitude and direction of gravity when the mobile phone is stationary, and can be used for applications of recognizing the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer and tapping) and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured in the terminal, detailed description is omitted here.
The processor 406 is a control center of the terminal, connects various parts of the entire terminal using various interfaces and lines, performs various functions of the terminal and processes data by operating or executing software programs and/or modules stored in the memory 402 and calling data stored in the memory 402, thereby performing overall monitoring of the terminal. Alternatively, processor 406 may include one or more processing cores; preferably, the processor 406 may integrate an application processor, which primarily handles operating systems, user interfaces, target applications, etc., and a modem processor, which primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 406.
Although not shown, the terminal may further include a bluetooth module, a camera, a sensor, a wireless fidelity module, and the like, which are not described herein.
Specifically, in this embodiment, the processor 406 first obtains the behavior information of the user and the current geographic position information of the terminal, then encrypts the information to be encrypted according to the behavior information and the current geographic position information to obtain encrypted information, then determines a first storage location of the encrypted information according to the current geographic position information, and finally stores the encrypted information in the first storage location.
Further, the processor 406 further analyzes the behavior information according to a preset analysis algorithm to obtain a behavior characteristic parameter corresponding to the behavior information, and then encrypts the information to be encrypted according to the behavior characteristic parameter and the current geographic position information.
Further, the processor 406 further obtains a correspondence table between the geographical location information of the terminal and the storage location, and determines a first storage location corresponding to the current geographical location information according to the correspondence table.
Further, the processor 406 further retrieves the current geographical location information of the terminal, determines a second storage location according to the retrieved current geographical location information, and finally stores the encrypted information in the second storage location.
Further, the processor 406 may further retrieve the behavior information of the user and the current geographic location information of the terminal, and then re-encrypt the encryption information according to the retrieved behavior information and the current geographic location information.
The terminal of the preferred embodiment encrypts the information to be encrypted by using the behavior information and the current geographic position information to obtain the encrypted information, and then sets the storage position of the encrypted information according to the geographic position information, so that the security of the terminal information is improved.
In specific implementation, the above modules may be implemented as independent entities, or may be combined arbitrarily to be implemented as the same or several entities, and specific implementation of the above modules may refer to the foregoing method embodiments, which are not described herein again.
It should be noted that, as one of ordinary skill in the art would understand, all or part of the steps in the various methods of the above embodiments may be implemented by relevant hardware instructed by a program, where the program may be stored in a computer-readable storage medium, such as a memory of a terminal, and executed by at least one processor in the terminal, and during the execution, the flow of the embodiments such as the information distribution method may be included. Among others, the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The information protection method, the information protection device and the terminal provided by the embodiment of the invention are described in detail above, and each functional module may be integrated in one processing chip, or each module may exist alone physically, or two or more modules are integrated in one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for those skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (11)

1. An information protection method, comprising:
when information needs to be encrypted, acquiring behavior information of a user and current geographical position information of a terminal, wherein the behavior information of the user comprises a motion type or a user behavior mode of the user;
determining first encryption parameter information according to the behavior information, and determining second encryption parameter information according to the current geographic position information;
obtaining a target encryption algorithm according to the first encryption parameter information and the second encryption parameter information, and encrypting information to be encrypted according to the target encryption algorithm to obtain encrypted information;
determining a first storage position of the encrypted information according to the current geographical position information;
and transferring the encrypted information to the first storage position for storage.
2. The information protection method according to claim 1, wherein the step of determining first encryption parameter information based on the behavior information includes:
analyzing the behavior information according to a preset analysis algorithm to obtain behavior characteristic parameters corresponding to the behavior information;
and determining first encryption parameter information according to the behavior characteristic parameters.
3. The information protection method according to claim 1 or 2, wherein the step of determining the first storage location of the encrypted information based on the current geographical location information comprises:
acquiring a corresponding relation table between the geographical position information and the storage position of the terminal;
and determining a first storage position corresponding to the current geographic position information according to the corresponding relation table.
4. The information protection method according to claim 1 or 2, wherein the step of storing the encrypted information to the first storage location further comprises, after the step of storing the encrypted information to the first storage location:
re-acquiring the current geographic position information of the terminal;
determining a second storage position according to the re-acquired current geographic position information;
storing the encrypted information to the second storage location.
5. The information protection method of claim 4, wherein the step of storing the encrypted information to the second storage location further comprises, after the step of storing the encrypted information to the second storage location:
re-acquiring the behavior information of the user and the current geographic position information of the terminal;
and re-encrypting the encrypted information according to the re-acquired behavior information and the current geographic position information.
6. An information protection apparatus, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring behavior information of a user and current geographical position information of a terminal when information needs to be encrypted, and the behavior information of the user comprises a motion type or a user behavior mode of the user;
the first encryption module is used for determining first encryption parameter information according to the behavior information, determining second encryption parameter information according to the current geographic position information, obtaining a target encryption algorithm according to the first encryption parameter information and the second encryption parameter information, and encrypting information to be encrypted according to the target encryption algorithm to obtain encrypted information;
the first determining module is used for determining a first storage position of the encrypted information according to the current geographic position information;
and the first storage module is used for transferring the encrypted information to the first storage position for storage.
7. The information protection apparatus according to claim 6, wherein the first encryption module includes:
the first obtaining submodule is used for analyzing the behavior information according to a preset analysis algorithm and obtaining behavior characteristic parameters corresponding to the behavior information;
and the encryption submodule is used for determining first encryption parameter information according to the behavior characteristic parameter.
8. The information protection apparatus according to claim 6 or 7, wherein the first determination module includes:
the second acquisition submodule is used for acquiring a corresponding relation table between the geographical position information of the terminal and the storage position;
and the determining submodule is used for determining a first storage position corresponding to the current geographic position information according to the corresponding relation table.
9. The information protection apparatus according to any one of claims 6 or 7, characterized in that the information protection apparatus further comprises:
the first acquisition module is used for acquiring the current geographic position information of the terminal again;
a second determining module, configured to determine a second storage location according to the re-acquired current geographic location information;
and the second storage module is used for storing the encrypted information to the second storage position.
10. A terminal, comprising:
a memory storing executable program code;
a processor coupled with the memory;
the processor calls the executable program code stored in the memory to perform the method of any of claims 1-5.
11. A computer-readable storage medium on which a computer program is stored, characterized in that the program, when executed by a processor, implements an information protection method according to any one of claims 1 to 5.
CN201611083920.XA 2016-11-30 2016-11-30 Information protection method, device and terminal Active CN106789950B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611083920.XA CN106789950B (en) 2016-11-30 2016-11-30 Information protection method, device and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611083920.XA CN106789950B (en) 2016-11-30 2016-11-30 Information protection method, device and terminal

Publications (2)

Publication Number Publication Date
CN106789950A CN106789950A (en) 2017-05-31
CN106789950B true CN106789950B (en) 2020-04-10

Family

ID=58913971

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611083920.XA Active CN106789950B (en) 2016-11-30 2016-11-30 Information protection method, device and terminal

Country Status (1)

Country Link
CN (1) CN106789950B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724034A (en) * 2012-05-17 2012-10-10 人民搜索网络股份公司 Encryption/decryption system and method based on space motion
CN104753669A (en) * 2015-03-24 2015-07-01 王运姣 Terminal secrecy system based on location information
CN104967992A (en) * 2015-05-11 2015-10-07 广东美晨通讯有限公司 Encrypting and decrypting method and device
CN105263119A (en) * 2015-11-18 2016-01-20 罗平 Geographical position information-based mobile intelligent terminal communication encryption method
CN105812339A (en) * 2014-12-31 2016-07-27 小米科技有限责任公司 Encryption and decryption method and device
CN106162625A (en) * 2015-04-16 2016-11-23 中兴通讯股份有限公司 Encryption method, decryption method and device thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1462949A (en) * 2002-05-31 2003-12-24 明日工作室股份有限公司 Method for cryptographic saving data
JP2014501015A (en) * 2010-12-22 2014-01-16 インテル コーポレイション System and method for protecting user privacy in multimedia uploaded to an internet site
US9710666B2 (en) * 2014-06-17 2017-07-18 Susan Olsen-Kreusch Methods and systems for user authentication in a computer system using multi-component log-ins, including image-based log-ins
US9514285B2 (en) * 2014-09-26 2016-12-06 Intel Corporation Creating stack position dependent cryptographic return address to mitigate return oriented programming attacks
KR101613146B1 (en) * 2015-03-24 2016-04-18 주식회사 티맥스데이터 Method for encrypting database
CN105975877B (en) * 2016-07-01 2019-06-21 中国联合网络通信有限公司重庆市分公司 A kind of sensitive document secure storage method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724034A (en) * 2012-05-17 2012-10-10 人民搜索网络股份公司 Encryption/decryption system and method based on space motion
CN105812339A (en) * 2014-12-31 2016-07-27 小米科技有限责任公司 Encryption and decryption method and device
CN104753669A (en) * 2015-03-24 2015-07-01 王运姣 Terminal secrecy system based on location information
CN106162625A (en) * 2015-04-16 2016-11-23 中兴通讯股份有限公司 Encryption method, decryption method and device thereof
CN104967992A (en) * 2015-05-11 2015-10-07 广东美晨通讯有限公司 Encrypting and decrypting method and device
CN105263119A (en) * 2015-11-18 2016-01-20 罗平 Geographical position information-based mobile intelligent terminal communication encryption method

Also Published As

Publication number Publication date
CN106789950A (en) 2017-05-31

Similar Documents

Publication Publication Date Title
CN106844484B (en) Information searching method and device and mobile terminal
CN105933904B (en) Network connection method and device
US9301082B2 (en) Mobile device sensor data subscribing and sharing
US11510033B2 (en) Creation and consumption of transient user profiles
EP2950231A1 (en) Context based data access control
US11274932B2 (en) Navigation method, navigation device, and storage medium
CN114912135A (en) Automatic authorization for access to electronic devices
EP2904537A2 (en) Secure identification of computing device and secure identification methods
CN106921791B (en) Multimedia file storage and viewing method and device and mobile terminal
CN111368290A (en) Data anomaly detection method and device and terminal equipment
CN104813715A (en) Cellular network scanning control based on ambient identifiable wireless signal sources
CN107908939B (en) Terminal alarm method and device and mobile terminal
JP2016194755A (en) Information processing device, information processing method, and program
CN114973351A (en) Face recognition method, device, equipment and storage medium
CN114694226B (en) Face recognition method, system and storage medium
CN111090877B (en) Data generation and acquisition methods, corresponding devices and storage medium
CN111510557A (en) Content processing method and electronic equipment
CN110052024A (en) Method of adjustment, adjustment device, mobile terminal and the storage medium of game vibration
CN106066953B (en) Fingerprint unlocking control method and terminal equipment
CN106603650B (en) Method for sharing position information and terminal equipment
CN106789950B (en) Information protection method, device and terminal
CN110737692A (en) data retrieval method, index database establishment method and device
CN106127004B (en) A kind of document handling method and terminal device
CN109450853B (en) Malicious website determination method and device, terminal and server
EP3092785B1 (en) Systems and methods for contextual caller identification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18

Applicant after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP., Ltd.

Address before: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18

Applicant before: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP., Ltd.

GR01 Patent grant
GR01 Patent grant