CN107368736A - Information access method, device and computer-readable recording medium - Google Patents

Information access method, device and computer-readable recording medium Download PDF

Info

Publication number
CN107368736A
CN107368736A CN201710534001.8A CN201710534001A CN107368736A CN 107368736 A CN107368736 A CN 107368736A CN 201710534001 A CN201710534001 A CN 201710534001A CN 107368736 A CN107368736 A CN 107368736A
Authority
CN
China
Prior art keywords
target
application
access
interface
web
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710534001.8A
Other languages
Chinese (zh)
Other versions
CN107368736B (en
Inventor
周立辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Vidaa Netherlands International Holdings BV
Original Assignee
Qingdao Hisense Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao Hisense Electronics Co Ltd filed Critical Qingdao Hisense Electronics Co Ltd
Priority to CN201710534001.8A priority Critical patent/CN107368736B/en
Publication of CN107368736A publication Critical patent/CN107368736A/en
Application granted granted Critical
Publication of CN107368736B publication Critical patent/CN107368736B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of information access method, device and computer-readable recording medium, belong to field of terminal technology.This method includes:When receiving the access instruction of target information during operational objective web application, whether the target web application is detected with the access rights that the target information is accessed by target interface based on privilege application;Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, and the privilege application is used for the access rights for setting web application;When detecting the target web using having the access rights, the target information is accessed by the target interface.The present invention is when target web application is needed by target interface access target information, when only detecting that target web applies the authority with access target information based on privilege application, ability access target information, so as to avoid malicious web pages application from obtaining the information of terminal, the security of message reference is improved.

Description

Information access method, device and computer-readable recording medium
Technical field
The present invention relates to field of terminal technology, more particularly to a kind of information access method, device and computer-readable storage Medium.
Background technology
With the development of science and technology, the terminal such as television set increasingly tends to be intelligent, in these terminals also gradually Various web applications (WebApp) can be installed.Wherein, web application refers to operation in a browser, and passes through HTML (HyperText Markup Language, HTML) is come the application developed.Because HTML standard compares limitation, In order to realize the multi-functional of web application, most of terminal needs to expand various JS in HTML standard (JavaScript, literal translation formula script) expansion interface.Web application can be accessed each in terminal by JS expansion interfaces Kind information, so as to realize multiple functions.For example when terminal is intelligent television, the web application in intelligent television can pass through JS expansion interfaces call television shutdown function relevant information, so as to close intelligent television by the web application.
At present, the JS expansion interfaces in terminal are the browsers that installation is built into browser kernel itself compilation phase Intrinsic interface, or the Interface Expanding that browser is realized by some general extension mechanisms, such as, Plugin Mechanism NPAPI (Netscape Plugin Application Programming Interface, the programming of Netscape plug-in applications Interface) etc..When terminal is in the information in needing to access terminal during running any web application, the web application can be with JS expansion interfaces are directly invoked, and the information in terminal is accessed by the JS expansion interfaces.
But because JS expansion interfaces are typically the dynamic importing during browser starts, once it is loaded into clear Look in device, then all web applications can call JS expansion interfaces, and be accessed by the JS expansion interfaces of calling in terminal Information, therefore, if running into the web application of some third party's malice, the web application of these malice can also may be called JS expansion interfaces, so as to access the information in terminal, and terminal is controlled, so as to carry out hidden danger to the safety belt of terminal.
The content of the invention
In order to solve problem of the prior art, the embodiments of the invention provide a kind of information access method, device and calculating Machine readable storage medium storing program for executing.The technical scheme is as follows:
First aspect, there is provided a kind of information access method, methods described include:
When receiving the access instruction of target information during operational objective web application, based on privilege application inspection Survey whether the target web application has the access rights that the target information is accessed by target interface;
Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, institute State the access rights that privilege application is used to set web application;
When detecting the target web using having the access rights, the mesh is accessed by the target interface Mark information.
Alternatively, it is described that institute is accessed by target interface based on whether the privilege application detection target web application has The access rights of target information are stated, including:
Pull-up privilege application, and the first prompt message is shown by the privilege application, first prompt message is used for Whether prompting allows to continue to access the target information;
When receiving determination access instruction based on first prompt message, pass through the privilege application and the mesh is set The access rights of mark web application determine that the target web is applied to have and accessed by the target interface to allow to access The access rights of the target information.
Alternatively, after first prompt message by the franchise application display, in addition to:
When received based on first prompt message call off a visit instruction when, pass through the privilege application and the mesh be set The access rights of mark web application determine that the target web is applied not having and pass through the target interface not allow to access Access the access rights of the target information.
Alternatively, it is described that institute is accessed by target interface based on whether the privilege application detection target web application has The access rights of target information are stated, including:
Obtain the access strategy set by the privilege application to the target interface;
When the access strategy of the target interface is supports target interface described in the target web application call, it is determined that The target web, which is applied, has the access rights;
When the access strategy of the target interface is does not support target interface described in the target web application call, really The fixed target web, which is applied, does not have the access rights.
Alternatively, it is described that institute is accessed by target interface based on whether the privilege application detection target web application has The access rights of target information are stated, including:
Obtain the corresponding relation between the interface set by the privilege application and application identities;
When the application identities that target web application in the corresponding relation between the interface and application identities be present with During the corresponding record of the target interface, determine the target web using having the access rights;
When the application identities that target web application is not present in the corresponding relation between the interface and application identities During with the corresponding record of the target interface, determine the target web using not having the access rights.
Alternatively, after the determination target web is not using having the access rights, in addition to:
The second prompt message is shown, second prompt message, which is used for prompting, can not access the target information.
Second aspect, there is provided a kind of message reference device, described device include:
Detection module, for when receiving the access instruction of target information during operational objective web application, Whether the target web application is detected with the access right that the target information is accessed by target interface based on privilege application Limit;
Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, institute State the access rights that privilege application is used to set web application;
Access modules, for when detecting the target web using having the access rights, passing through the target Interface accesses the target information.
Alternatively, the detection module includes:
First display sub-module, applied for pull-up privilege, and the first prompt message, institute are shown by the privilege application State the first prompt message be used for prompt whether allow to continue to access the target information;
First determination sub-module, for when receiving determination access instruction based on first prompt message, passing through institute State privilege application and the access rights of target web application are set to allow to access, and determine that the target web is applied and had The access rights of the target information are accessed by the target interface.
Alternatively, the detection module also includes:
Second determination sub-module, for when received based on first prompt message call off a visit instruction when, pass through institute State privilege application and the access rights of the target web application are set not allow to access, and determine the target web application not With the access rights that the target information is accessed by the target interface.
Alternatively, the detection module includes:
First acquisition submodule, for obtaining the access strategy set by the privilege application to the target interface;
3rd determination sub-module, for being the support target web application call when the access strategy of the target interface During the target interface, determine the target web using having the access rights;
4th determination sub-module, for being not support the target web application to adjust when the access strategy of the target interface During with the target interface, determine the target web using not having the access rights.
Alternatively, the detection module includes:
Second acquisition submodule, it is corresponding between the interface set by the privilege application and application identities for obtaining Relation;
5th determination sub-module, for when the target network in the corresponding relation between the interface and application identities being present During the corresponding record of application identities and the target interface of page application, determine the target web using having the access right Limit;
6th determination sub-module, for when the target is not present in the corresponding relation between the interface and application identities During the corresponding record of the application identities of web application and the target interface, determine the target web using not having the visit Ask authority.
Alternatively, the detection module also includes:
Second display sub-module, for showing the second prompt message, second prompt message, which is used for prompting, to be accessed The target information.
The third aspect, there is provided a kind of computer-readable recording medium, the storage medium internal memory contain computer program, The computer program realizes above-mentioned first aspect any described method when being executed by processor.
The beneficial effect that technical scheme provided in an embodiment of the present invention is brought is:In embodiments of the present invention, in operation mesh During marking web application, it is determined that when needing by target interface access target information, privilege application can be based on and detect mesh The access rights of web application are marked, and when target web applies the authority with access target information, access target information, are kept away Malicious web pages are exempted from using the access to target information, so as to improve the security of message reference.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, make required in being described below to embodiment Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for For those of ordinary skill in the art, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings Accompanying drawing.
Fig. 1 is a kind of structural representation of information access system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of information access method provided in an embodiment of the present invention;
Fig. 3 A are a kind of structural representations of message reference device provided in an embodiment of the present invention;
Fig. 3 B are the structural representations of the first detection module provided in an embodiment of the present invention;
Fig. 3 C are the structural representations of second of detection module provided in an embodiment of the present invention;
Fig. 3 D are the structural representations of the third detection module provided in an embodiment of the present invention;
Fig. 3 E are the structural representations of the 4th kind of detection module provided in an embodiment of the present invention;
Fig. 3 F are the structural representations of the 5th kind of detection module provided in an embodiment of the present invention;
Fig. 4 is a kind of structural representation of terminal provided in an embodiment of the present invention.
Embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to embodiment party of the present invention Formula is described in further detail.
Before detailed explanation is carried out to the embodiment of the present invention, the first application to being related in the embodiment of the present invention Scene and system architecture are explained respectively.
First, to the present embodiments relate to application scenarios be introduced.
Due to application can be installed in increasing terminal, such as, web application can be installed in television set.Due to end The web application installed in end can be provided by third party, if third party provides the webpage with virus or attack information and answered With, then when third party provide web application access terminal in information when, may be threatened to the safety belt of terminal.It is based on Above-mentioned scene, access rights are set for web application the embodiments of the invention provide one kind, make to have the webpage of access rights should With the method for the information being able to access that in terminal.
Secondly, to the present embodiments relate to system architecture be introduced.
Fig. 1 is a kind of structural representation of information access system provided in an embodiment of the present invention, and referring to Fig. 1, the information is visited Ask that system includes browser window module 1, application management module 2, control of authority module 3, JS expansion connection modules 4 and privilege should With JS interface modules 5.Wherein, browser window module 1 respectively should with application management module 2, JS expansion connection modules 4 and privilege Connected with JS interface modules 5, control of authority module 3 is applied with application management module 2, JS expansion connection modules 4 and privilege respectively JS interface modules 5 connect.The browser window module 1 is the display of web application (target web is applied and privilege application) and held Capable environment, it is responsible for being loaded into and running the process of web application;Application management module 2 is used to control the webpage installed in terminal should With running or exit, and the application management module 2 can also control browser window module 1 to start browser;JS expansion interfaces Module 4 can provide JS expansion interfaces;Control of authority module 3 is used for the access rights for storing web application, and can notify JS Expansion connection module 4 is turned on and off JS expansion interfaces;Privilege is used to provide access right for privilege application using JS interface modules 5 The franchise JS expansion interfaces of control module are limited, such as, window.SetAppPrivilege (appid, APIgroup, Enabled), the access rights of the web application so as to which user is set by privilege application are sent to control of authority module 3。
Wherein, during the operational objective web application of browser window module 1, if target web application needs to visit The information in terminal is asked, then browser window module 1 can call the JS expansion interfaces provided in JS expansion connection modules 4, together When load and run franchise application.When browser window module 1 needs the visit to target web application based on privilege using determination When asking that authority is configured, the browser window module 1 can call the franchise JS extensions that privilege provides using JS interface modules 5 Interface, and the access rights that the target web that user is set by privilege application is applied are sent by the franchise JS expansion interfaces To control of authority module 3, control of authority module 3 can send the access rights to JS expansion connection modules 4, and JS extensions connect The access rights that mouth mold block 4 can be applied by the target web are turned on and off the JS extensions of current goal web application calling Interface.If JS expansion connection modules 4 close the JS expansion interfaces, target web is applied will by the JS expansion interfaces called The information in terminal can not be accessed, if JS expansion connection modules 4 open JS expansion interfaces, target web application passes through calling The information that can have access in terminal of JS expansion interfaces.
Fig. 2 is a kind of flow chart of information access method according to an example embodiments, referring to Fig. 2, this method Applied in terminal, specifically comprise the following steps.
Step 201:When receiving the access instruction of target information during operational objective web application, based on spy Power application detects whether target web application has the access rights that the target information is accessed by target interface.
Due to may be provided with terminal third party offer web application, if in these web applications carry virus or Information is attacked, then when target web application accesses the information in terminal, it is likely that terminal can be attacked, so as to bring peace to terminal It is complete to threaten.Therefore, in order to protect the safety of terminal, when terminal receives target information during operational objective web application Access instruction when, privilege application can be based on detect target web application and whether have by target interface to access the target The access rights of information.
It should be noted that the target interface is the JS expansion interfaces for accessing the target information, privilege application is used In the access rights for setting web application, the franchise application can be that application, the antivirus of the operating system of control terminal installation should With etc..In addition, the access instruction is used for access target information, and the access instruction can be triggered by user by assigned operation, The assigned operation can be clicking operation, slide, voice operating etc..
Such as when terminal is television set, and target web is using be instant messaging web application, if running IMU When receiving the access instruction on closing television machine during letter web application, IMU can be detected by privilege application Believe whether web application has the authority by target interface closing television machine.
Wherein, terminal be based on privilege application detect target web application whether have by target interface access the target letter The operation of the access rights of breath can include following three kinds of modes.
First way, terminal pull-up privilege application, and the first prompt message, the first prompting are shown by privilege application Whether information is used to prompt to allow to continue access target information;When receiving determination access instruction based on the first prompt message, The access rights that target web is applied are set to allow to access by privilege application, and determines that target web is applied to have and passes through The target interface accesses the access rights of the target information.
It should be noted that determine that access instruction is used to indicate to pass through target web application access target information, and this is true Determine access instruction to be triggered by assigned operation by user.
Wherein, when terminal sets the access rights that target web is applied by privilege application, above-mentioned Fig. 1 institutes can be called The franchise JS expansion interfaces that the privilege application JS interface modules shown provide.
For example television set receives during instant messaging web application is run and passes through target interface When window.TurnOffTV (_) accesses the access instruction of the information related to television set shut-off function, television set can be with pull-up Privilege application, and show that " instant messaging web application attempts closing television machine to the first display information, if allows", if electric Determination access instruction is received based on the first display information depending on machine, then calls franchise interface window.SetAppPrivilege (" instant messaging web application ", " TurnOffTV ", true) opens the interface, to set the access of instant messaging web application Authority is to allow to access.
Further, since user is in the consideration to terminal security, target web application may not be allowed to access in terminal Information, therefore, terminal may also can receive the instruction that calls off a visit based on the first prompt message, and now, terminal can pass through Privilege is not allow to access using the access rights that target web is applied are set, and determines that target web is applied not having and pass through mesh Tag splice mouth accesses the access rights of the target information.
It should be noted that this calls off a visit, instruction is used to indicate that being unable to access target by target Europe web application believes Breath, and the instruction that calls off a visit can be triggered by user by assigned operation.
For example if television set receives the instruction that calls off a visit based on the first display information, call franchise interface Window.SetAppPrivilege (" instant messaging web application ", " TurnOffTV ", false) closes the interface to set The access rights of instant messaging web application are not allow to access.
Visited what deserves to be explained is detecting target web application by above-mentioned first way and whether having by target interface When asking the access rights of the target information, due to that can determine whether that target web application access target is believed by user Breath, so as to add the interaction between terminal and user, improves Consumer's Experience effect.
Furthermore due to the web application for being installed in terminal, most of web application is safe application, when these peaces When full application accesses the information in terminal, the agreement of user can be needed not move through in practical application, therefore, can be in terminal Web application set interactive indicator (interactive indicator be used for indicate to need user same during target web application access target information Meaning, and the interactive indicator can be character, numeral etc.), when carrying interactive indicator in target web application, pass through above-mentioned the A kind of mode detects whether target web application has the access rights that the target information is accessed by target interface.When the target When not including the interactive indicator in web application, illustrate that target web application access target information does not need user to agree to, still, In order to improve the security of access information, terminal can also detect target web by following second way and the third mode Using whether with the access rights that the target information is accessed by target interface.
The second way, terminal, which obtains, passes through the access strategy that privilege application is set to target interface;When target interface When access strategy is supports target web application call target interface, determine target web using having access rights;Work as target The access strategy of interface is when not supporting target web application call target interface, determines target web using not having access right Limit.
It should be noted that the access strategy of target interface can be configured by privilege application in advance, the target connects Mouthful access strategy can be:Type with target interface is applied according to target web, determines the on off state of target interface, when When determining that target interface is opened, determine that target web using having access rights, when it is determined that target interface is closed, determines target Web application does not have access rights.
For example the target interface is accesses the interface of the picture stored in terminal, it is instant messaging net that target web, which is applied, During page application, determine that target interface is opened;The target interface is the interface of control termination function, and it is IMU that target web, which is applied, When believing web application, determine that target interface is closed.
Further, because after target web is not using having access rights, the target web application will not visit Target information in terminal is asked, and user and may not know about the authority of target web application, may think that the intended application Break down, therefore, in order that user recognize current goal application can not access target information the reason for, terminal can be shown Second prompt message, the second prompt message, which is used for prompting, can not access the target information.
The third mode, terminal, which obtains, passes through privilege using the corresponding relation between the interface and application identities set;When The application identities of target web application and the corresponding record of target interface in corresponding relation between interface and application identities be present When, determine target web using having access rights;When target network is not present in the corresponding relation between interface and application identities When the application identities of page application and the corresponding record of target interface, determine target web using not having access rights.
It should be noted that application identities are used for the unique mark target web application, such as, the application identities can be The title of target web application, version number etc..
Wherein, the corresponding relation between the interface and application identities can be set in advance, that is to say, terminal can be based on spy Power application, which receives, sets instruction (being triggered by user by assigned operation), and target interface and target web are carried in setting instruction The application identities of application, and the application identities that the target interface and target web are applied are stored between interface and application identities Corresponding relation in.
In addition, in corresponding relation between the interface and application identities, an interface can correspond to multiple application identities, It is that an interface can support that multiple web applications access the information in terminal or an application identities are corresponding more Individual interface, i.e. a web application can access information different in terminal by different interfaces.
For example it is instant messaging web application to be applied when target web, and the application identities of instant messaging web application are ID1, when target interface is window.TurnOffTV (), terminal can be obtained between interface as shown in table 1 and application identities Corresponding relation, terminal can from the corresponding relation between the interface shown in the table 1 and application identities, it is determined that exist application mark When knowing ID1 and window.TurnOffTV () corresponding record, determine that the instant messaging web application has access rights.
Table 1
It should be noted that pair only between the interface described in above-mentioned table 1 and application identities in embodiments of the present invention Illustrated exemplified by should being related to, the embodiment of the present invention is not formed and limited.
What deserves to be explained is detect whether target web application has by the above-mentioned second way and the third mode When the access rights of the target information are accessed by target interface, due to the access strategy and interface and application identities of target interface Between corresponding relation can be configured in advance by privilege application, so as to which terminal can be in target web application call target During interface access target information, directly judge whether target web application has access rights, save target web application The time of access target information, improve the efficiency and security of target web application access target information.
Step 202:When detecting the target web using having access rights, the target is accessed by the target interface Information.
For example it is instant messaging web application to be applied when target web, and target information is related to terminal closedown function Information when, if the instant messaging web application has access rights, the instant messaging web application is connect by the target Mouth can access the information related to terminal closedown function, so as to close a terminal.
In embodiments of the present invention, terminal is during operational objective web application, it is determined that needing to pass through target interface , can be based on the access rights that privilege application detection target web is applied during access target information, and only answered in target web During with authority with access target information, target information can be just had access to, malicious web pages is avoided and applies to target information Access, so as to improve the security of message reference, and then protect the information in terminal, avoid the leakage of information in terminal Or distort.
Fig. 3 A are a kind of block diagram of message reference device provided in an embodiment of the present invention, referring to Fig. 3 A, message reference dress Putting can be implemented in combination with by software, hardware or both.The device includes detection module 301 and access modules 302.
Detection module 301, for when the access instruction that target information is received during operational objective web application When, whether the target web application is detected with the access that the target information is accessed by target interface based on privilege application Authority;
Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, institute State the access rights that privilege application is used to set web application;
Access modules 302, for when detecting the target web using having the access rights, passing through the mesh Tag splice mouth accesses the target information.
Alternatively, include referring to Fig. 3 B, the detection module 301:
First display sub-module 3011, apply for pull-up privilege, and believed by the first prompting of the privilege application display Whether breath, first prompt message are used to prompt to allow to continue to access the target information;
First determination sub-module 3012, for when receiving determination access instruction based on first prompt message, leading to Cross the privilege application and the access rights of the target web application are set to allow to access, and determine the target web application With the access rights that the target information is accessed by the target interface.
Alternatively, also include referring to Fig. 3 C, the detection module 301:
Second determination sub-module 3013, for when received based on first prompt message call off a visit instruction when, lead to Cross the privilege application and the access rights of the target web application are set not allow to access, and determine that the target web should With without the access rights that the target information is accessed by the target interface.
Alternatively, include referring to Fig. 3 D, the detection module 301:
First acquisition submodule 3014, for obtaining the access plan set by the privilege application to the target interface Slightly;
3rd determination sub-module 3015, for being the support target web application when the access strategy of the target interface When calling the target interface, determine the target web using having the access rights;
4th determination sub-module 3016, for being not support the target web should when the access strategy of the target interface During with calling the target interface, determine the target web using not having the access rights.
Alternatively, include referring to Fig. 3 E, the detection module 301:
Second acquisition submodule 3017, for obtaining between the interface set by the privilege application and application identities Corresponding relation;
5th determination sub-module 3018, for when the mesh in the corresponding relation between the interface and application identities being present When marking the corresponding record of application identities and the target interface of web application, determine the target web using having the visit Ask authority;
6th determination sub-module 3019, for described when being not present in the corresponding relation between the interface and application identities During the corresponding record of application identities and the target interface of target web application, determine the target web using not having institute State access rights.
Alternatively, also include referring to Fig. 3 F, the detection module 301:
Second display sub-module 30110, for showing the second prompt message, second prompt message can not for prompting Access the target information.
In summary, in embodiments of the present invention, terminal is during operational objective web application, it is determined that needing to pass through During target interface access target information, the access rights of target web application can be detected based on privilege application, and only in mesh When mark web application has the authority of access target information, target information can be just had access to, malicious web pages is avoided and applies to mesh The access of information is marked, so as to improve the security of message reference, and then the information in terminal is protected, avoids in terminal and believe The leakage of breath is distorted.
It should be noted that:The message reference device that above-described embodiment provides is when carrying out message reference, only with above-mentioned each The division progress of functional module, can be as needed and by above-mentioned function distribution by different work(for example, in practical application Energy module is completed, i.e., the internal structure of device is divided into different functional modules, to complete whole described above or portion Divide function.In addition, the message reference device that above-described embodiment provides belongs to same design with information access method embodiment, it has Body implementation process refers to embodiment of the method, repeats no more here.
Fig. 4 is a kind of block diagram for terminal 400 according to an exemplary embodiment.For example, terminal 400 can be Mobile phone, computer, digital broadcast terminal, messaging devices, game console, tablet device, Medical Devices, body-building are set It is standby, personal digital assistant etc..
Reference picture 4, terminal 400 can include following one or more assemblies:Processing component 402, memory 404, power supply Component 406, multimedia groupware 408, audio-frequency assembly 410, the interface 412 of input/output (I/O), sensor cluster 414, and Communication component 416.
Processing component 402 generally controls the integrated operation of terminal 400, is such as communicated with display, call, data, phase The operation that machine operates and record operation is associated.Processing component 402 can refer to including one or more processors 420 to perform Order, to complete all or part of step of above-mentioned method.In addition, processing component 402 can include one or more modules, just Interaction between processing component 402 and other assemblies.For example, processing component 402 can include multi-media module, it is more to facilitate Interaction between media component 408 and processing component 402.
Memory 404 is configured as storing various types of data to support the operation in terminal 400.These data are shown Example includes the instruction of any application program or method for being operated in terminal 400, contact data, telephone book data, disappears Breath, picture, video etc..Memory 404 can be by any kind of volatibility or non-volatile memory device or their group Close and realize, as static RAM (SRAM), Electrically Erasable Read Only Memory (EEPROM) are erasable to compile Journey read-only storage (EPROM), programmable read only memory (PROM), read-only storage (ROM), magnetic memory, flash Device, disk or CD.
Power supply module 406 provides power supply for the various assemblies of terminal 400.Power supply module 406 can include power management system System, one or more power supplys, and other components associated with generating, managing and distributing power supply for terminal 400.
Multimedia groupware 408 is included in the screen of one output interface of offer between the terminal 400 and user.One In a little embodiments, screen can include liquid crystal display (LCD) and touch panel (TP).If screen includes touch panel, screen Curtain may be implemented as touch-screen, to receive the input signal from user.Touch panel includes one or more touch sensings Device is with the gesture on sensing touch, slip and touch panel.The touch sensor can not only sensing touch or sliding action Border, but also detect and touched or the related duration and pressure of slide with described.In certain embodiments, more matchmakers Body component 408 includes a front camera and/or rear camera.When terminal 400 is in operator scheme, such as screening-mode or During video mode, front camera and/or rear camera can receive outside multi-medium data.Each front camera and Rear camera can be a fixed optical lens system or have focusing and optical zoom capabilities.
Audio-frequency assembly 410 is configured as output and/or input audio signal.For example, audio-frequency assembly 410 includes a Mike Wind (MIC), when terminal 400 is in operator scheme, during such as call model, logging mode and speech recognition mode, microphone by with It is set to reception external audio signal.The audio signal received can be further stored in memory 404 or via communication set Part 416 is sent.In certain embodiments, audio-frequency assembly 410 also includes a loudspeaker, for exports audio signal.
I/O interfaces 412 provide interface between processing component 402 and peripheral interface module, and above-mentioned peripheral interface module can To be keyboard, click wheel, button etc..These buttons may include but be not limited to:Home button, volume button, start button and lock Determine button.
Sensor cluster 414 includes one or more sensors, and the state for providing various aspects for terminal 400 is commented Estimate.For example, sensor cluster 414 can detect opening/closed mode of terminal 400, and the relative positioning of component, for example, it is described Component is the display and keypad of terminal 400, and sensor cluster 414 can be with 400 1 components of detection terminal 400 or terminal Position change, the existence or non-existence that user contacts with terminal 400, the orientation of terminal 400 or acceleration/deceleration and terminal 400 Temperature change.Sensor cluster 414 can include proximity transducer, be configured to detect in no any physical contact The presence of neighbouring object.Sensor cluster 414 can also include optical sensor, such as CMOS or ccd image sensor, for into As being used in application.In certain embodiments, the sensor cluster 414 can also include acceleration transducer, gyro sensors Device, Magnetic Sensor, pressure sensor or temperature sensor.
Communication component 416 is configured to facilitate the communication of wired or wireless way between terminal 400 and other equipment.Terminal 400 can access the wireless network based on communication standard, such as WiFi, 2G or 3G, or combinations thereof.In an exemplary implementation In example, communication component 416 receives broadcast singal or broadcast related information from external broadcasting management system via broadcast channel. In one exemplary embodiment, the communication component 416 also includes near-field communication (NFC) module, to promote junction service.Example Such as, in NFC module radio frequency identification (RFID) technology can be based on, Infrared Data Association (IrDA) technology, ultra wide band (UWB) technology, Bluetooth (BT) technology and other technologies are realized.
In the exemplary embodiment, terminal 400 can be believed by one or more application specific integrated circuits (ASIC), numeral Number processor (DSP), digital signal processing appts (DSPD), PLD (PLD), field programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are realized, are carried for performing above-mentioned embodiment illustrated in fig. 2 The method of confession.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or its any combination real It is existing.When implemented in software, can realize in the form of a computer program product whole or in part.The computer program Product includes one or more computer instructions.It is all or part of when loading on computers and performing the computer instruction Ground is produced according to the flow or function described in the embodiment of the present invention.The computer can be all-purpose computer, special-purpose computer, Computer network or other programmable devices.The computer instruction can store in a computer-readable storage medium, or Person is transmitted from a computer-readable recording medium to another computer-readable recording medium, for example, the computer instruction Can from a web-site, computer, server or data center by it is wired (such as:Coaxial cable, optical fiber, data are used Family line (Digital Subscriber Line, DSL)) or wireless (such as:Infrared, wireless, microwave etc.) mode is to another net Website, computer, server or data center are transmitted.The computer-readable recording medium can be that computer can Any usable medium of access is either comprising data storages such as the integrated server of one or more usable mediums, data centers Equipment.The usable medium can be magnetic medium (such as:Floppy disk, hard disk, tape), optical medium (such as:Digital versatile disc (Digital Versatile Disc, DVD)) or semiconductor medium (such as:Solid state hard disc (Solid State Disk, SSD)) etc..
One of ordinary skill in the art will appreciate that hardware can be passed through by realizing all or part of step of above-described embodiment To complete, by program the hardware of correlation can also be instructed to complete, described program can be stored in a kind of computer-readable In storage medium, storage medium mentioned above can be read-only storage, disk or CD etc..
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and Within principle, any modification, equivalent substitution and improvements made etc., it should be included in the scope of the protection.

Claims (10)

1. a kind of information access method, it is characterised in that methods described includes:
When receiving the access instruction of target information during operational objective web application, based on privilege application detection institute State whether target web application has the access rights that the target information is accessed by target interface;
Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, the spy Power application is used for the access rights for setting web application;
When detecting the target web using having the access rights, the target is accessed by the target interface and believed Breath.
2. the method as described in claim 1, it is characterised in that described to be based on the privilege application detection target web application It is no have the access rights of the target information are accessed by target interface, including:
Pull-up privilege application, and the first prompt message is shown by the privilege application, first prompt message is used to prompt Whether allow to continue to access the target information;
When receiving determination access instruction based on first prompt message, pass through the privilege application and the target network is set The access rights that page is applied determine that the target web is applied with by described in target interface access to allow to access The access rights of target information.
3. method as claimed in claim 2, it is characterised in that it is described by it is described privilege application show the first prompt message it Afterwards, in addition to:
When received based on first prompt message call off a visit instruction when, pass through the privilege application and the target network be set The access rights of page application determine that the target web is applied not having and accessed by the target interface not allow to access The access rights of the target information.
4. the method as described in claim 1, it is characterised in that described to be based on the privilege application detection target web application It is no have the access rights of the target information are accessed by target interface, including:
Obtain the access strategy set by the privilege application to the target interface;
When the access strategy of the target interface is supports target interface described in the target web application call, it is determined that described Target web, which is applied, has the access rights;
When the access strategy of the target interface is does not support target interface described in the target web application call, institute is determined State target web and apply and do not have the access rights.
5. the method as described in claim 1, it is characterised in that described to be based on the privilege application detection target web application It is no have the access rights of the target information are accessed by target interface, including:
Obtain the corresponding relation between the interface set by the privilege application and application identities;
When the application identities that target web application in the corresponding relation between the interface and application identities be present with it is described During the corresponding record of target interface, determine the target web using having the access rights;
When application identities and institute that target web application is not present in the corresponding relation between the interface and application identities When stating the corresponding record of target interface, determine the target web using not having the access rights.
6. method as claimed in claim 4, it is characterised in that the determination target web, which is applied, does not have the access After authority, in addition to:
The second prompt message is shown, second prompt message, which is used for prompting, can not access the target information.
7. a kind of message reference device, it is characterised in that described device includes:
Detection module, for when receiving the access instruction of target information during operational objective web application, being based on Privilege application detects whether the target web application has the access rights that the target information is accessed by target interface;
Wherein, the target interface is the literal translation formula script JS expansion interfaces for accessing the target information, the spy Power application is used for the access rights for setting web application;
Access modules, for when detecting the target web using having the access rights, passing through the target interface Access the target information.
8. device as claimed in claim 7, it is characterised in that the detection module includes:
First display sub-module, applied for pull-up privilege, and the first prompt message is shown by the privilege application, described the Whether one prompt message is used to prompt to allow to continue to access the target information;
First determination sub-module, for when receiving determination access instruction based on first prompt message, passing through the spy Power application sets the access rights of the target web application to allow to access, and determines that the target web is applied to have and pass through The target interface accesses the access rights of the target information.
9. device as claimed in claim 8, it is characterised in that the detection module also includes:
Second determination sub-module, for when received based on first prompt message call off a visit instruction when, pass through the spy Power application sets the access rights of target web application not allow to access, and determines that the target web is applied and do not had The access rights of the target information are accessed by the target interface.
10. a kind of computer-readable recording medium, it is characterised in that the storage medium internal memory contains computer program, described Claim 1-6 any described methods are realized when computer program is executed by processor.
CN201710534001.8A 2017-07-03 2017-07-03 Information access method, device and computer readable storage medium Active CN107368736B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710534001.8A CN107368736B (en) 2017-07-03 2017-07-03 Information access method, device and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710534001.8A CN107368736B (en) 2017-07-03 2017-07-03 Information access method, device and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN107368736A true CN107368736A (en) 2017-11-21
CN107368736B CN107368736B (en) 2020-06-09

Family

ID=60305746

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710534001.8A Active CN107368736B (en) 2017-07-03 2017-07-03 Information access method, device and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN107368736B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110647739A (en) * 2019-07-26 2020-01-03 平安科技(深圳)有限公司 Software installation detection method, device, terminal and storage medium
CN111800426A (en) * 2020-07-07 2020-10-20 腾讯科技(深圳)有限公司 Method, device, equipment and medium for accessing native code interface in application program
CN112104671A (en) * 2020-11-12 2020-12-18 深圳壹账通智能科技有限公司 Interface authorization monitoring method and device, computer equipment and storage medium
CN112925589A (en) * 2019-12-06 2021-06-08 腾讯科技(深圳)有限公司 Calling method and device of expansion interface

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120131470A1 (en) * 2010-11-19 2012-05-24 Microsoft Corporation Integrated Application Feature Store
CN104751071A (en) * 2015-03-16 2015-07-01 联想(北京)有限公司 Information processing method and electronic equipment
CN105760217A (en) * 2016-03-23 2016-07-13 深圳森格瑞通信有限公司 Method for accessing shared memory
CN106603528A (en) * 2016-12-13 2017-04-26 北京小米移动软件有限公司 Method and apparatus for webpage invoking terminal local functions
CN106855921A (en) * 2015-12-09 2017-06-16 中国科学院声学研究所 Application rights management method when being run based on embedded television service-Engine Web

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120131470A1 (en) * 2010-11-19 2012-05-24 Microsoft Corporation Integrated Application Feature Store
CN104751071A (en) * 2015-03-16 2015-07-01 联想(北京)有限公司 Information processing method and electronic equipment
CN106855921A (en) * 2015-12-09 2017-06-16 中国科学院声学研究所 Application rights management method when being run based on embedded television service-Engine Web
CN105760217A (en) * 2016-03-23 2016-07-13 深圳森格瑞通信有限公司 Method for accessing shared memory
CN106603528A (en) * 2016-12-13 2017-04-26 北京小米移动软件有限公司 Method and apparatus for webpage invoking terminal local functions

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110647739A (en) * 2019-07-26 2020-01-03 平安科技(深圳)有限公司 Software installation detection method, device, terminal and storage medium
CN112925589A (en) * 2019-12-06 2021-06-08 腾讯科技(深圳)有限公司 Calling method and device of expansion interface
CN112925589B (en) * 2019-12-06 2023-10-17 深圳市雅阅科技有限公司 Calling method and device of expansion interface
CN111800426A (en) * 2020-07-07 2020-10-20 腾讯科技(深圳)有限公司 Method, device, equipment and medium for accessing native code interface in application program
CN112104671A (en) * 2020-11-12 2020-12-18 深圳壹账通智能科技有限公司 Interface authorization monitoring method and device, computer equipment and storage medium
CN112104671B (en) * 2020-11-12 2021-03-02 深圳壹账通智能科技有限公司 Interface authorization monitoring method and device, computer equipment and storage medium
WO2022100155A1 (en) * 2020-11-12 2022-05-19 深圳壹账通智能科技有限公司 Interface authorization monitoring method, apparatus, computer device, and storage medium

Also Published As

Publication number Publication date
CN107368736B (en) 2020-06-09

Similar Documents

Publication Publication Date Title
CN103891242B (en) System and method for profile based filtering of outgoing information in a mobile environment
CN106598630A (en) Key control method and apparatus, and terminal
CN107368736A (en) Information access method, device and computer-readable recording medium
CN104050266B (en) User behavior recording method, device and web browser
CN106792640A (en) The communication means of virtual SIM card, mobile terminal and server
CN104778405B (en) Ad blocking method and device
Haris et al. Evolution of android operating system: a review
CN105807873A (en) Temperature control method and device
CN104376273A (en) Data access control method and device
CN108595665A (en) The display methods and device of web page contents
CN107370772A (en) Account login method, device and computer-readable recording medium
CN105956026A (en) Webpage rendering method and apparatus
CN105930721B (en) A kind of method and apparatus managing application program
CN106528735A (en) Method and device for controlling browser to play media resources
EP3176719A1 (en) Methods and devices for acquiring certification document
CN106201610A (en) Web application accesses the method and device of the primary function of terminal
CN111600931A (en) Information sharing method and electronic equipment
CN106603528B (en) The method and device of webpage calling terminal local function
CN107562349A (en) A kind of method and apparatus for performing processing
CN106446653A (en) Application authority management method and device and electronic equipment
CN107911482A (en) Intended application deployment method and device
CN107608714A (en) Byte-aligned method, apparatus and computer-readable recording medium
CN105183571A (en) Function calling method and device
CN109558229A (en) Browser control method and device
CN105653320A (en) Loaded icon display method and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 266555 Qingdao economic and Technological Development Zone, Shandong, Hong Kong Road, No. 218

Applicant after: Hisense Video Technology Co.,Ltd.

Address before: 266555 Qingdao economic and Technological Development Zone, Shandong, Hong Kong Road, No. 218

Applicant before: QINGDAO HISENSE ELECTRONICS Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20221014

Address after: 83 Intekte Street, Devon, Netherlands

Patentee after: VIDAA (Netherlands) International Holdings Ltd.

Address before: 266555, No. 218, Bay Road, Qingdao economic and Technological Development Zone, Shandong

Patentee before: Hisense Video Technology Co.,Ltd.

TR01 Transfer of patent right