CN106909853A - One kind operation performs method and device - Google Patents

One kind operation performs method and device Download PDF

Info

Publication number
CN106909853A
CN106909853A CN201510974669.5A CN201510974669A CN106909853A CN 106909853 A CN106909853 A CN 106909853A CN 201510974669 A CN201510974669 A CN 201510974669A CN 106909853 A CN106909853 A CN 106909853A
Authority
CN
China
Prior art keywords
data
application software
space
feature
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510974669.5A
Other languages
Chinese (zh)
Inventor
王力
王鹏程
李旋
刘伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201510974669.5A priority Critical patent/CN106909853A/en
Publication of CN106909853A publication Critical patent/CN106909853A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Method and device is performed this application discloses one kind operation, for providing a kind of scheme for guaranteeing data security.Method includes:First application software determines the data for possessing specific characteristic of the second application software;By in the Data Migration for possessing specific characteristic to the data space for belonging to the first application software, and data to being stored in the data space perform pre-set for the operation that guarantees data security.

Description

One kind operation performs method and device
Technical field
The application is related to data security arts, more particularly to a kind of operation to perform method and device.
Background technology
With the prevalence of non-support cable, enterprise staff becomes more next using personal user terminal processes affairs It is more universal.Such as, enterprise staff may utilize personal mobile phone, and the work that installation enterprises are provided is special soft Part, such that it is able to use work special-purpose software, carry out that meeting room is predetermined and client carry out video calling or It is operated the affairs such as situation report-back.The data that those business process are produced or transmitted, often all have with work Close, be properly termed as operational data.
In addition to work special-purpose software can produce operational data, the part installed on the user terminal such as mobile phone should With software, such as Email, it is also possible to can produce or transmit operational data.
Due to the data of above-mentioned application software, it will usually by operating system storage is to the memory space specified or deposits Store up in the memory space of application software itself, these memory spaces are often easy to be visited by other application software Ask, replicate, transmit or change etc., if the other application software is the evil for expecting to steal operational data Meaning software, then operational data can face very big security risk.
At present, the security of those operational datas how is ensured, as problem demanding prompt solution.
The content of the invention
The embodiment of the present application provides a kind of operation execution method, is used to provide a kind of side for guaranteeing data security Case.
The embodiment of the present application also provides a kind of operation performs device, is used to provide a kind of side for guaranteeing data security Case.
The embodiment of the present application uses following technical proposals:
One kind operation execution method, including:
First application software determines the data for possessing specific characteristic of the second application software;
By in the Data Migration for possessing specific characteristic to the data space for belonging to the first application software, And the data that are stored in the data space are performed pre-set for guaranteeing data security Operation.
One kind operation performs device, including:
Processing module, the data for possessing specific characteristic for determining the second application software;
Performing module, Data Migration to the data for belonging to the first application software for processing module to be determined are deposited In storage space, and the data that are stored in the data space are performed pre-set for ensureing number According to the operation of safety.
Above-mentioned at least one technical scheme that the embodiment of the present application is used can reach following beneficial effect:
Due to the first application software can will possess specific characteristic data in the second application software, migrate to In the data space of one application software, and what is pre-set is performed to the data in this data space For the operation for guaranteeing data security, so as to ensure that the data for possessing specific characteristic of the second application software Security.
Brief description of the drawings
Accompanying drawing described herein is used for providing further understanding of the present application, constitutes of the application Point, the schematic description and description of the application is used to explain the application, does not constitute to the application not Work as restriction.In the accompanying drawings:
Fig. 1 is provided in an embodiment of the present invention a kind of to operate execution method to realize schematic flow sheet;
Fig. 2 is a kind of operation performs device schematic diagram provided in an embodiment of the present invention.
Specific embodiment
It is specifically real below in conjunction with the application to make the purpose, technical scheme and advantage of the application clearer Apply example and corresponding accompanying drawing is clearly and completely described to technical scheme.Obviously, it is described Embodiment is only some embodiments of the present application, rather than whole embodiments.Based on the implementation in the application Example, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made Example, belongs to the scope of the application protection.
Below in conjunction with accompanying drawing, the technical scheme that each embodiment of the application is provided is described in detail.
Embodiment 1
The embodiment of the present application provides a kind of operation execution method, is used to guarantee data security.Specifically, implement What a kind of operation that example 1 is provided performed method realizes schematic flow sheet as shown in figure 1, including following mainly walking Suddenly:
Step 11, the first application software determines the data for possessing specific characteristic of the second application software;
Wherein, the first application software, can be user terminal install it is soft for the application that guarantees data security Part.Can generally possess following characteristics:
Encryption measures can be taken to the data in the data space of the first application software;
During data in the data space of the application software of other application softward interview first, the first application is soft Part can be judged the access rights whether other application software possesses the memory space, and according to judgement As a result, it is determined whether allow described other application softward interview memory space.
Additionally, the first application software can also possess following function:
Monitoring accesses the application software of the data space of the first application software;
Data in the data space of the first application software are performed with periodic cleaning operation.
Second application software, generally refer to be provided with the user terminal of the first application software installed other The application software of meaning.Such as, when the user terminal is mobile device, the second application software can be short Letter application, phone application or mail applications etc..
The data of the second application software, such as can refer to that the second application software is obtained, generates, transmits or protected The data deposited.The data for possessing specific characteristic of the second application software, such as can be the second application software, Possess the data of operational data feature.
So that the second application software is " short message application " as an example, if the transmission of certain short message of short message application generation Square number or recipient's number, with the enterprise directory for pre-setting (equivalent to " operational data feature is clear Certain number in singly ") is identical, then illustrate that this short message possesses operational data feature, so that it is determined that this is short Believe the data to possess specific characteristic.By taking certain envelope Email that e-mail applications send as an example, if the envelope The suffix of recipient's mailbox of Email or the suffix of sender's mailbox, the enterprise got with monitoring software The suffix (equivalent to " operational data feature ") of industry mailbox is identical, then illustrate that the envelope Email possesses work Make data characteristics, so that it is determined that the envelope Email is the data for possessing specific characteristic.
In the embodiment of the present application, the first application software can be, but not limited to, using one of following manner, obtain and use In it is determined that possessing the specific characteristic of the data of specific characteristic:
1st, the first application software is obtained and is set in advance in the local specific characteristic.
Such as, the first application software can obtain be arranged on it is in the installation kit of the first application software, comprising institute State the feature list of specific characteristic.This feature list, such as can be the software development people of the first application software What member was set.
Or, the first application software can obtain the data space that the first application is saved in by operating system The interior specific characteristic.
2nd, the specific characteristic that the first application software the reception server sends.
Such as, the first application software can send special characteristic and obtain request to server, to trigger server The specific characteristic is sent to the first application software;Or, server can also be actively to the first application software Start the specific characteristic.
3rd, the first application software obtains the specific characteristic of user input.
First application software can directly pass through after above-mentioned at least one mode obtains the specific characteristic Application programming interface (the Application for calling the second application software to be opened to the first application software Programming Interface, API), the specific characteristic is sent to the second application software, to trigger second Application software determines the data for possessing the specific characteristic.
Or, the first application software can also be asked to access the data of the second application software by the API Storehouse.The access that first application software passes through the database to the second application software, it may be determined that the database In, if there are the data for possessing the specific characteristic.
So that the second application software is " e-mail applications " as an example, often sealing Email generally can all possess receipts Part people, sender, theme and body matter etc. element.If the specified spy that the first application software determines Levy as certain sender name, then, when being somebody's turn to do that the sender name of certain envelope Email and the first application determine When sender name is consistent, then the first application software determines that the envelope Email is possess the specific characteristic Data.
Step 12, the first application software is by by performing the number for possessing the specific characteristic that step 11 determines According to migrating into the data space for belonging to the first application software, and to being stored in the data space In data perform pre-set for the operation that guarantees data security.
Such as, the first application software can be by calling what the second application software was opened to the first application software API, obtains the data for possessing the specific characteristic of the second application software and migrates soft to the first application is belonged to In the data space of part;Or first application software receive by the second application software active migration, second The data for possessing the specific characteristic of application software.
In the embodiment of the present application, " migration " refers to from former memory space " shearing " to target by data Memory space, i.e., after data are transferred to target storage space from former memory space, being somebody's turn to do in former memory space Data are deleted.
By the number of the Data Migration for possessing the specific characteristic of the second application software to the first application software Before according to memory space, the first application software can send to operating system and ask, and request operating system is the One application software distributes the data space of the first application software, to store the other application of migration The data of software.Or, operating system can also be actively that the first application software distributes the data space, To store the data of the other application software of migration.
Possesses the finger when the residual memory space of the first application software is not enough to store the second application software When determining the data of feature, the first application software can be, but not limited to obtain more surplus using one of following manner Remaining memory space, such as:
1st, the first application software can be each data setting period of validity in data space, and according to Period of validity, the data to failing are deleted so as to discharge the part or all of sky of the data space Between.
2nd, the first application software can be that the data in data space set according to the significance level of data Weighted value is put, and when the weighted value of the weighted value higher than some data of data space of data to be stored When, then corresponding data can successively be deleted according to weighted value order from low to high, until number It is enough to store data to be stored according to the remaining space in memory space.
Such as:The data type of the first application software storage is respectively A, B, C, default weighted value relation It is A > B > C.If assuming, D classes data are data to be stored, and the data storage of the first application software is empty Between current residual storage space be not enough to store D class data, then the first application software determining D classes When the weighted value of data is higher than the weighted value of A, B, C class data, the first application software can delete C classes Data, delete C class data redundancy memory spaces be also not enough to store D class data, continue delete weight Relatively low B class data, the like, until D classes data can be stored in the memory space.If D The weighted value of class data is only above the weighted value of C class data, then deleted C class data, remaining empty Between be used to store D class data.If the power of A, B, C class data of the weighted value of D class data than having preserved Weight values will be low, then the first application software can abandon D class data.
3rd, the first application software can also send to operating system and ask, and request operating system is the first application The more memory spaces of software distribution.
First application software can effectively ensure that possess described specifying by the adjustment to data space The data storage of feature is in specified memory space.
The first application software is introduced further below how to the data that are stored in the data space Execution pre-set for the operation that guarantees data security.
Wherein, data safety, can be, but not limited to include the content of five aspects, that is, ensure data confidentiality, The security of authenticity, integrality, unauthorised copies and institute's parasitic system.The model that data safety includes in itself Enclose very big, including how to take precautions against the leakage of commercial enterprise secret, take precautions against teenager to the browsing of flame, Leakage of personal information etc..The present embodiment is mainly for the data space for being stored in the first application software The confidentiality of the data in (data space such as can be database), unauthorised copies are said It is bright.
In the embodiment of the present application, for the data of data space that ensure to be stored in the first application software Safety, the first application software performs what is pre-set for the data in the data space to be saved For the operation for guaranteeing data security, can specifically include:
First application software is to the total data in the data space or possesses the specific characteristic Data be encrypted.
In the embodiment of the present application, data are encrypted, can include will by AES and encryption key It is changed into ciphertext in plain text.This can cause that other application software is empty from the data storage of the first application software The interior data for possessing the specific characteristic for getting, are encryption datas, then, for not knowing decryption For the application software of method, it is impossible to the decryption for the encryption data is realized, so as to a certain extent Ensure that the security of the data for possessing the specific characteristic.
In the embodiment of the present application, the first application software can be predefined will not pacify to the first application of software data It is complete to produce the application software for threatening, and encryption key and decipherment algorithm are notified to those applications determined Software.The application software not being informed to, then cannot realize the encryption data to the data space Decryption.
In the present embodiment, the execution standard of the AES for being used to the data for possessing the specific characteristic can Be Advanced Encryption Standard (Advanced Encryption Standard, abbreviation:AES).The AES Basic demand be that using symmetric block ciphers system, the minimum support of key length is 128,192,256, Block length 128, algorithm should be easy to various hardware and softwares and realize.
First application software, can also be to the storage in addition to it can be encrypted to the data in memory space The database in space is encrypted and/or to store path encryption, etc..AES can also use AES.
First application software to the data being stored in the data space except that can perform institute above Outside the cryptographic operation stated, the first application software can also be in generation and the data space be monitored During the specified event of data correlation, the data to being stored in the data space perform what is pre-set For the operation for guaranteeing data security.
Above-mentioned specified event such as can be that data of the other application software to possessing the specific characteristic are carried out Access or call.
Perform the operation safe for ensureing application of software data to be monitored corresponding with the event, such as can be with Including:
Judge whether the event meets the access consideration of regulation;If it is not, then forbidding the hair of the request Access Events Play side and access the data for possessing the specific characteristic;If so, then allowing the initiator of the request Access Events to visit Ask possess the data of the specific characteristic.
Above-mentioned access consideration, can specifically include following at least one:
1st, the initiator of request Access Events possesses the authority for accessing the data for possessing the specific characteristic.
Such as, the first application software can preserve a " white list ", be provided with the white list and possessed Access the title of the application software of the data space of the first application software.Such as, in actual applications, Can predefine will not to the first application of software data safely produce threaten application software, and by determine Application software is used as trust software, the white list of title of the generation comprising trust software.
Based on the white list for pre-setting, the first application software is monitoring request Access Events (i.e. first Application software receives the data space access request of the first application software) when, it can be determined that the event Initiator (initiator of the access request) title whether in white list;If so, then judging to be somebody's turn to do Initiator possesses the authority of the data space for accessing the first application software, so as to allow the initiator to access The data space;If it is not, then judging that the initiator possesses the data storage sky for accessing the first application software Between authority, so as to forbid the initiator to access the data space.Such as, first application software can Inhibition request is sent with to operating system, it is empty for the data storage to intercept the initiator with trigger action system Between operational order.
Initiator mentioned here, it may be possible to server or other application software.
2nd, the time of origin of Access Events is asked, in preset time range.
Such as, the first application software can set time range " " at 7 points to 21 points, in the range of this time, Allow the first accessible with application software other application software or by other application softward interview.What the present embodiment was provided Time range only makees reference example, time range is not limited.Such as, in actual applications, may be used The application software for threatening will not be safely produced to the first application of software data to predefine, and should by what is set Time range, notifies to those application software determined.
As a example by accessing e-mail applications as initiator using short message application, if e-mail applications are used as first Application software, and it is 7 points that the first application software be provided with e-mail applications to allow to be accessed for time range To 21 points, then when short message application accesses the data space of e-mail applications as initiator, If the data space request Access Events occur the first application software setting 7 points to 21 points it Between, then short message application can be allowed to access the data space, and if outside this time range, forbid Short message application accesses e-mail applications.
In the embodiment of the present application, judge whether the initiator of request Access Events possesses the access consideration of regulation, Can also both judge that whether the data for asking the initiator of Access Events to possess the first application software of access are deposited The authority in space is stored up, judges to ask the time of origin of Access Events whether in preset time range again.If To judged result be then allow the request Access Events initiator access the first application software number According to memory space, otherwise, then forbid the data of initiator's first application software of access of the request Access Events Memory space.
In the embodiment of the present application, by the first application software to whether occurring to be deposited with the data of the first application software The related specified event of data in storage space carries out monitor in real time, and monitor there is to specify event when, With authority and/preset time range, as forbidding un-trusted application software for the phase of the first application software The foundation of operation is closed, so as to the Information Security of the data space of the first application software has been effectively ensured.
The method provided using the application, because the first application software can will possess finger in the second application software Determine the data of feature, migrate to the data space of the first application software, and to this data space Interior data perform pre-set for the operation that guarantees data security, so as to ensure that the second application software The data for possessing specific characteristic security.
Embodiment 2
The embodiment of the present application provides a kind of operation performs device, is used to guarantee data security.The device it is specific Structural representation as shown in Fig. 2 including:
Processing module 21, the data for possessing specific characteristic for determining the second application software;
Performing module 22, for the Data Migration that determines processing module 21 to belonging to the first application software In data space, and the data that are stored in the data space are performed with being used for of pre-setting The operation for guaranteeing data security.
Optionally, processing module 21 is determined for the feature of data to be protected;According to treating for determining The feature of the data of protection, determines the data for possessing the feature of the second application software.
Wherein, the feature of data to be protected can be determined by following at least one modes:
The feature of the data described to be protected that the reception server sends;
Acquisition pre-sets and is stored in the feature of local data described to be protected;
Obtain the feature of the data described to be protected of user input.
In one embodiment, performing module 22 can be determined processing module 21 by two ways In Data Migration to the data space for belonging to the first application software.
Specifically, performing module 22 can call the application programming interface API of the second application software, Possess the data of specific characteristic described in obtaining and migrate into the data space for belonging to the first application software; Or receive the data for possessing specific characteristic of the second application software migration.
In one embodiment, 22 pairs of data being stored in the data space of performing module are held Row pre-set for the operation that guarantees data security, following at least one can be included:
Data to being stored in data space are encrypted;
In the specified event that the data in monitoring generation and possessing specified data space are related, to guarantor Performed in the presence of the data in the data space pre-set for the operation that guarantees data security.
In one embodiment, described device can also include:
Memory space request module 23, deposits for asking operating system to distribute the data for the first application software Storage space.
The said apparatus provided using the application, due to that can will possess specific characteristic in the second application software Data, migrate to the data space of the first application software, and to the data in this data space Execution pre-set for the operation that guarantees data security, possess finger so as to ensure that the second application software Determine the security of the data of feature.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or meter Calculation machine program product.Therefore, the present invention can be using complete hardware embodiment, complete software embodiment or knot Close the form of the embodiment in terms of software and hardware.And, the present invention can be used and wherein wrapped at one or more Containing computer usable program code computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) on implement computer program product form.
The present invention is produced with reference to method according to embodiments of the present invention, equipment (system) and computer program The flow chart and/or block diagram of product is described.It should be understood that can by computer program instructions realize flow chart and / or block diagram in each flow and/or the flow in square frame and flow chart and/or block diagram and/ Or the combination of square frame.These computer program instructions to all-purpose computer, special-purpose computer, insertion can be provided The processor of formula processor or other programmable data processing devices is producing a machine so that by calculating The instruction of the computing device of machine or other programmable data processing devices is produced for realizing in flow chart one The device of the function of being specified in individual flow or multiple one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or the treatment of other programmable datas to set In the standby computer-readable memory for working in a specific way so that storage is in the computer-readable memory Instruction produce include the manufacture of command device, the command device realization in one flow of flow chart or multiple The function of being specified in one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices, made Obtain and series of operation steps is performed on computer or other programmable devices to produce computer implemented place Reason, so as to the instruction performed on computer or other programmable devices is provided for realizing in flow chart one The step of function of being specified in flow or multiple one square frame of flow and/or block diagram or multiple square frames.
In a typical configuration, computing device includes one or more processors (CPU), input/defeated Outgoing interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory And/or the form, such as read-only storage (ROM) or flash memory (flash RAM) such as Nonvolatile memory (RAM). Internal memory is the example of computer-readable medium.
Computer-readable medium includes that permanent and non-permanent, removable and non-removable media can be by appointing What method or technique realizes information Store.Information can be computer-readable instruction, data structure, program Module or other data.The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), dynamic random access memory (DRAM), its The random access memory (RAM) of his type, read-only storage (ROM), electrically erasable are read-only Memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read-only storage (CD-ROM), digital versatile disc (DVD) or other optical storages, magnetic cassette tape, tape magnetic Disk storage or other magnetic storage apparatus or any other non-transmission medium, can be used for storage can be calculated The information that equipment is accessed.Defined according to herein, computer-readable medium does not include temporary computer-readable matchmaker Body (transitory media), such as data-signal and carrier wave of modulation.
Also, it should be noted that term " including ", "comprising" or its any other variant be intended to it is non- It is exclusive to include, so that process, method, commodity or equipment including a series of key elements are not only wrapped Include those key elements, but also other key elements including being not expressly set out, or also include for this process, Method, commodity or the intrinsic key element of equipment.In the absence of more restrictions, by sentence " including One ... " key element that limits, it is not excluded that in the process including the key element, method, commodity or set Also there is other identical element in standby.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer journey Sequence product.Therefore, the application can using complete hardware embodiment, complete software embodiment or combine software and The form of the embodiment of hardware aspect.And, the application can be used and wherein include calculating at one or more Machine usable program code computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, Optical memory etc.) on implement computer program product form.
Embodiments herein is the foregoing is only, the application is not limited to.For this area skill For art personnel, the application can have various modifications and variations.All institutes within spirit herein and principle Any modification, equivalent substitution and improvements of work etc., within the scope of should be included in claims hereof.

Claims (10)

1. it is a kind of to operate execution method, it is characterised in that including:
First application software determines the data for possessing specific characteristic of the second application software;
By in the Data Migration for possessing specific characteristic to the data space for belonging to the first application software, And the data that are stored in the data space are performed pre-set for guaranteeing data security Operation.
2. the method for claim 1, it is characterised in that methods described also includes:
First application software request operating system is that the first application software distributes the data space.
3. the method for claim 1, it is characterised in that the first application software determines the second application The data for possessing specific characteristic of software, including:
First application software determines the feature of data to be protected;
According to the feature, the data for possessing the feature of the second application software are determined.
4. method as claimed in claim 3, it is characterised in that the first application software determines to be protected The feature of data, including following at least one:
The feature of the data described to be protected that the first application software the reception server sends;
First application software obtains the feature for pre-setting and being stored in local data described to be protected;
First application software obtains the feature of the data described to be protected of user input.
5. the method for claim 1, it is characterised in that to being stored in the data space In data perform pre-set for the operation that guarantees data security, including following at least one:
First application software is encrypted to the data being stored in the data space;
First application software is monitoring the generation specified thing related to the data in the data space During part, the data that are stored in the data space are performed pre-set for guaranteeing data security Operation.
6. the method for claim 1, it is characterised in that by the data for possessing specific characteristic Migrate into the data space for belonging to the first application software, including:
First application software obtains described by calling the application programming interface API of the second application software Possess the data of specific characteristic and migrate into the data space for belonging to the first application software;Or
First application software receives the data for possessing specific characteristic of the second application software migration.
7. it is a kind of to operate performs device, it is characterised in that including:
Processing module, the data for possessing specific characteristic for determining the second application software;
Performing module, Data Migration to the data for belonging to the first application software for processing module to be determined are deposited In storage space, and the data that are stored in the data space are performed pre-set for ensureing number According to the operation of safety.
8. device as claimed in claim 7, it is characterised in that described device also includes:
Memory space request module, for asking operating system to distribute the data space.
9. device as claimed in claim 6, it is characterised in that:
Processing module, the feature for determining data to be protected;According to the feature, the second application is determined The data for possessing the feature of software.
10. device as claimed in claim 9, it is characterised in that processing module, for by it is following extremely A kind of few mode determines the feature of data to be protected:
The feature of the data described to be protected that the reception server sends;
Acquisition pre-sets and is stored in the feature of local data described to be protected;
Obtain the feature of the data described to be protected of user input.
CN201510974669.5A 2015-12-22 2015-12-22 One kind operation performs method and device Pending CN106909853A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510974669.5A CN106909853A (en) 2015-12-22 2015-12-22 One kind operation performs method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510974669.5A CN106909853A (en) 2015-12-22 2015-12-22 One kind operation performs method and device

Publications (1)

Publication Number Publication Date
CN106909853A true CN106909853A (en) 2017-06-30

Family

ID=59201164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510974669.5A Pending CN106909853A (en) 2015-12-22 2015-12-22 One kind operation performs method and device

Country Status (1)

Country Link
CN (1) CN106909853A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102063500A (en) * 2011-01-04 2011-05-18 北京凯铭风尚网络技术有限公司 Data migration method and device
CN102411684A (en) * 2011-09-26 2012-04-11 奇智软件(北京)有限公司 Data protection method and device
CN102521138A (en) * 2011-11-28 2012-06-27 成都市华为赛门铁克科技有限公司 Method and device of data migration trigger
CN102999730A (en) * 2011-09-15 2013-03-27 微软公司 Securing data usage in computing devices
US20140373182A1 (en) * 2013-06-14 2014-12-18 Salesforce.Com, Inc. Systems and methods of automated compliance with data privacy laws
CN104881611A (en) * 2014-02-28 2015-09-02 国际商业机器公司 Method and apparatus for protecting sensitive data in software product
CN105095788A (en) * 2015-06-30 2015-11-25 北京奇虎科技有限公司 Method, device and system for private data protection

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102063500A (en) * 2011-01-04 2011-05-18 北京凯铭风尚网络技术有限公司 Data migration method and device
CN102999730A (en) * 2011-09-15 2013-03-27 微软公司 Securing data usage in computing devices
CN102411684A (en) * 2011-09-26 2012-04-11 奇智软件(北京)有限公司 Data protection method and device
CN102521138A (en) * 2011-11-28 2012-06-27 成都市华为赛门铁克科技有限公司 Method and device of data migration trigger
US20140373182A1 (en) * 2013-06-14 2014-12-18 Salesforce.Com, Inc. Systems and methods of automated compliance with data privacy laws
CN104881611A (en) * 2014-02-28 2015-09-02 国际商业机器公司 Method and apparatus for protecting sensitive data in software product
CN105095788A (en) * 2015-06-30 2015-11-25 北京奇虎科技有限公司 Method, device and system for private data protection

Similar Documents

Publication Publication Date Title
US11194921B2 (en) Data masking
CN101783801B (en) Software protection method based on network, client side and server
CN113240519A (en) Intelligent contract management method and device based on block chain and electronic equipment
US10491403B2 (en) Data loss prevention with key usage limit enforcement
Helil et al. CP‐ABE access control scheme for sensitive data set constraint with hidden access policy and constraint policy
US20200244437A1 (en) Method and device for security assessment of encryption models
CN110175466B (en) Security management method and device for open platform, computer equipment and storage medium
US11258580B2 (en) Instantaneous key invalidation in response to a detected eavesdropper
US9853811B1 (en) Optimistic key usage with correction
CN110502918A (en) A kind of electronic document access control method and system based on classification safety encryption
CN109697370A (en) Database data encipher-decipher method, device, computer equipment and storage medium
CN110276610A (en) The method and device of dynamic encryption is realized based on transaction offset
CN109379345A (en) Sensitive information transmission method and system
CN110263547A (en) Modification order based on contract state realizes the method and device of dynamic encryption
Liu et al. Ensuring data confidentiality in cloud computing: an encryption and trust-based solution
CN108400966B (en) File access method and equipment based on aging control and storage equipment
CN106909853A (en) One kind operation performs method and device
CN106230769B (en) Mobile cloud data staging connection control method based on mobile terminal degree of belief
CN106897613A (en) One kind operation performs method and device
US20210320791A1 (en) Systems and methods for adaptive recursive descent data redundancy
MONTANO Android sms and file manager encrypted application using aes-vigenere and aes/ecb/pkcs5/padding a hybrid encryption algorithm
Wadhwa et al. Practical implementation and analysis of MLBAAC model for cloud
CN111950002B (en) Encryption terminal management system based on power distribution network
US11205194B2 (en) Reliable user service system and method
Parab et al. Cloud based secure banking application

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170630

RJ01 Rejection of invention patent application after publication